25 May
2006
25 May
'06
4:34 p.m.
leandros van den berg wrote at 2006-5-24 14:56 +0200:
... Situation II: - User with Bobo-role logs in and opens the PDF-file by entering its URL in the browser and the file is being displayed. - Close browser. - User without Bobo-role logs in and opens the PDF-file by entering its URL in the browser and the file is being displayed.
This is standard caching behaviour. HTTP 1.1 specified the "vary" header to prevent this caching effect. Depending on how you login, you would set "vary" either to "Authorization" (HTTP authentication) or "Cookie" (cookie authentication). -- Dieter