[Zope-CMF] user identity crisis - proxy server cache problem?

Jo Meder jo@meder.de
Wed, 25 Jun 2003 22:36:03 +0200


Am 25.06.2003, 22:17 Uhr
	schrob Kari-Hans Kommonen <khk@uiah.fi>:

> Could it be that there is a proxy server in their network somehow 
> messing things up? 

Definitely.

> Is it something else? Is there a way to fight these kinds of problems
> from the zope server side?

We had moderate success by using the following snippet for all pages
whenever they are delivered to logged in users:

if not context.portal_membership.isAnonymousUser():
    setHeader =  container.REQUEST.RESPONSE.setHeader
    z=context.ZopeTime()
    setHeader('Pragma','no-cache')
    setHeader('Expires',z)
    setHeader('Last-Modified',z)

This should strongly discourage caching except for proxies and
browsers explicitly configured to cache anything.

Note that this indiscriminately discourages client side caching
regardless whether a page is updated or not, so your server load may
rise significantly.

Another way would be to go for https for editing purposes, since
encrypted pages should never be cached.

	Jo.


-- 
Internetmanufaktur Jo Meder ---------------------- Berlin, Germany
http://www.meder.de/ ------------------- fon: ++49-30-417 17 63 33
Kollwitzstr. 75 ------------------------ fax: ++49-30-417 17 63 45
10435 Berlin --------------------------- mob: ++49-170- 2 98 89 97
Public GnuPG-Key ---------- http://www.meder.de/keys/jo-pubkey.txt