Environment
- NetIQ Access Manager 4.0
- NetIQ Access Manager 4.1
- NetIQ Access Manager 4.2
Situation
- Howto disable HTTP caching for any pages delivered by the Access Gateway Embedded Service provider ( nesp )
Resolution
- ssh into your nidp server
- modify the: "/opt/novell/nids/lib/webapp/WEB-INF/web.xml" using the editor of your choice
- add the following tomcat filter configuration below any existing filter configurations
<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
<init-param>
<param-name>ExpiresDefault</param-name>
<param-value>access plus 0 minutes</param-value>
</init-param>
</filter>
Cause
- - ssh into your Access Gateway server
- modify the: "/opt/novell/nesp/lib/webapp/WEB-INF/web.xml using the editor of your choice
- add the following tomcat filter configuration below any existing filter configurations
<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
<init-param>
<param-name>ExpiresDefault</param-name>
<param-value>access plus 0 minutes</param-value>
</init-param>
</filter>
- restart your embedded service provider: "/etc/init.d/novell-mag restart" - Use the Apache "mod_header" module to add the required header
- open the "/etc/opt/novell/apache2/conf/httpd.conf" on your Access Gateway with an editor of you choice
- remove the "#" in front of "LoadModule headers_module libexec/mod_headers.so" in order to enable loading the module
- Add the following Apache directives from with iManager on your global "Advanced Options" menu
<LocationMatch "/nesp">
Header Set Cache-Control: "no-cache, no-store, must-revalidate, max-age=0"
</LocationMatch> - Note: you can combine this with the option to disable cross frame scripting (XFS) which would result in
<LocationMatch "/nesp">
Header always append X-Frame-Options SAMEORIGIN
Header Set Cache-Control: "no-cache, no-store, must-revalidate, max-age=0"
</LocationMatch>