I have an application running on Tomcat 6, that (from Tomcat perspective) doesn't have any authentication. Also, it needs to run over SSL. Last, one of the pages allows you to save an Excel file. Saving file fails with an error described here: Pragma No-Cache prevents the file from being saved, and then browser complains about connection lost. This happens on IE 7 and 8; doesn't happen in Firefox or IE 9 (unfortunately most of the users have IE7).
Tomcat has attributes disableProxyCaching
and securePagesWithPragma
that work around caching issues in some browsers however, these are attributes for various authenticator valves.
My question is, how can I prevent Tomcat from adding a Pragma: no-cache header when there is SSL, but no authentication?
EDIT: I tried nonloginauthenticator valve - but it doesn't seem to make any difference, and I don't see it in Tomcat 6 configuration administration anyway (although I see it in APIs)
It turns out that no-cache was added by F5 load balancer. Once networking guys put an iRule to not do it - the problem went away. Tomcat was not adding anything inappropriate.
Shouldn't adding it to the SSLAuthenticator valve work?
I had same problem, and solved it adding this
in CATALINA_HOME/conf/context.xml.
Thanks