Stale Request
Steve Herrera
sherrera at fsmail.bradley.edu
Tue Nov 3 22:19:57 UTC 2020
The header that I removed for testing is: Header set Cache-Control "private,
max-age=900"
The apache version is 2.4.18. When that header is set in apache Web
configuration under /etc/apache2/conf-enabled it will send me to the Stale
Request. The logs in idp.process.log only show the same error as when the
back button is used.
How can I check for the IDP setting the header correctly to not cache?
Steve Herrera
System Administration
Information Security
Bradley University
Phone: 309 / 677-2336
FAX: 309 / 677-3460
Email: *sherrera at fsmail.bradley.edu <sherrera at fsmail.bradley.edu>*
On Tue, Nov 3, 2020 at 3:28 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 11/3/20, 3:58 PM, "Steve Herrera" <sherrera at fsmail.bradley.edu> wrote:
>
> > So what I found was one of our web headers was the issue. In apache,
> we had set our Cache-Control directive. As a test,
> > I removed it and it is working as expected. I will work on reducing that
> timeout.
>
> I'm not sure what you mean. The IdP should be setting the appropriate "by
> all means, don't cache this" headers to keep that from happening too much,
> though it can be a black art. There shouldn't be any sort of timeout, you
> absolutely can't cache anything the IdP returns with the exception of
> static material.
>
> -- Scott
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20201103/d51c15dd/attachment.htm>
More information about the users
mailing list