Skip to content
January 31, 2010 / edeustace

Disabling JBoss cache control so IE6 doesn’t fail serving secure pages

This is in a few places on the internet, but here’s another page that may be useful if you come across this problem.

JBoss adds a no-cache header to all secured resources that it serves, something that IE6 can’t handle over secure connections.

To disable it you need to add a context.xml file with the following:

<Valve className="org.apache.catalina.authenticator.FormAuthenticator"

or, if you’re using BASIC HTTP authentication:

<Valve className="org.apache.catalina.authenticator.BasicAuthenticator"

More details:

This was causing a problem for us with a Flex application that was making a HttpService request, it worked fine on all other browsers but IE would barf out everytime.



Leave a Comment
  1. Adrian / Jun 7 2011 12:30 am


    I’m running jboss server 2.7.2, my version doesn’t seem to add any context.xml in my web application. I tried adding it, but the problem persisted.

    Where do I add those lines??


  2. edeustace / Jun 7 2011 6:03 pm

    I think the context.xml feature is available since JBoss 3.2.6. I’m assuming you can’t upgrade your JBoss?

    Beyond that, not sure – maybe investigate creating a filter in your webapp.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: