Stale Request

Steve Herrera sherrera at
Tue Nov 3 22:19:57 UTC 2020

The header that I removed for testing is:  Header set Cache-Control "private,
The apache version is 2.4.18. When that header is set in apache Web
configuration under /etc/apache2/conf-enabled it will send me to the Stale
Request. The logs in idp.process.log only show the same error as when the
back button is used.

How can I check for the IDP setting the header correctly to not cache?

Steve Herrera
System Administration
Information Security
Bradley University
Phone: 309 / 677-2336
FAX: 309 / 677-3460
Email:  *sherrera at <sherrera at>*

On Tue, Nov 3, 2020 at 3:28 PM Cantor, Scott <cantor.2 at> wrote:

> On 11/3/20, 3:58 PM, "Steve Herrera" <sherrera at> wrote:
> >    So what I found was one of our web headers was the issue. In apache,
> we had set our Cache-Control directive. As a test,
> > I removed it and it is working as expected. I will work on reducing that
> timeout.
> I'm not sure what you mean. The IdP should be setting the appropriate "by
> all means, don't cache this" headers to keep that from happening too much,
> though it can be a black art. There shouldn't be any sort of timeout, you
> absolutely can't cache anything the IdP returns with the exception of
> static material.
> -- Scott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list