Tomcat - No caching of RESTlet resources for Firefox
One problem that we’ve been trying to solve today is how to make a RESTlet resource non cacheable.
The reason for this is that when a user logs out of the system and then hits the back button they shouldn’t be able to see that page, but instead should see the login form.
After several hours of trawling Google and trying out various different suggestions we came across the idea of setting 'cache-control' with the value 'no-store' in the response headers.
The code to make this happen is as follows (use inside a class which extends Resource):
HttpResponse response = (HttpResponse) getResponse();
Series<Parameter> headers = response.getHttpCall().getResponseHeaders();
headers.add("cache-control", "no-store");The important part in this example is the last line. As long as it’s added to the Http Response Headers that response should no longer be cached.
A bit of research revealed that Internet Explorer may change the 'no-store' value to 'no-cache' so I’m not sure if this will work for that browser.
About the author
I'm currently working on short form content at ClickHouse. I publish short 5 minute videos showing how to solve data problems on YouTube @LearnDataWithMark. I previously worked on graph analytics at Neo4j, where I also co-authored the O'Reilly Graph Algorithms Book with Amy Hodler.