Environment
NetIQ Access Manager 4.0
NetIQ Access Manager 4.1
NetIQ Access Manager 4.2
Situation
- Howto disable HTTP caching for any pages delivered by the NIDP server.
Resolution
- ssh into your nidp server
- modify the: "/opt/novell/nids/lib/webapp/WEB-INF/web.xml" using the editor of your choice
- add the following tomcat filter configuration below any existing filter configurations
<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
<init-param>
<param-name>ExpiresDefault</param-name>
<param-value>access plus 0 minutes</param-value>
</init-param>
</filter> - restart your nidp service using "/etc/init.d/novell-idp restart"
- Use a browser header trace tool in order to check if the required "X-Frame-Options" header has been added
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
strict-transport-security: max-age=0
X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
via-ESP: null,NIDPLOGGING.600105004 session33-6BFEFA9E07391A2EEE9E170BCB7BF5A4, null,NIDPLOGGING.600105004 session33-6BFEFA9E07391A2EEE9E170BCB7BF5A4,NIDPLOGGING.600105002 session220-6BFEFA9E07391A2EEE9E170BCB7BF5A4
Pragma: No-cache
Cache-Control: no-cache, max-age=0
Expires: Thu, 28 Apr 2016 12:19:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 28 Apr 2016 12:19:19 GMT