6 Replies Latest reply on Sep 16, 2010 6:34 AM by igor_ti

    Richfaces Cache-Control settings, need 'public'

      Hi All,


      I'm running into a problem with my webapp which uses Richfaces (3.3.3.Final).  I've read the various articles on the internet about setting the Cache-Control http header, but none of them solve my problem.


      I'm running Apache httpd in front of Tomcat.  Apache serves most of the static content, and I have those cache settings the way I want them.


      The RichFaces resources though just get Cache-Control: <value>, and I've set the <value> to what I want.


      The problem is I'm running the app over ssl, and in order for browsers to cache the css/js files of RichFaces , the Cache-Control header needs to be:


      Cache-Control: <value>, public


      I've tried a custom Filter  in my webapp that replaces the http header, but it seems to have no effect on the Richfaces generated headers.

      I've also tried using mod_headers in Apache directly, but mod_headers can't replace content returned by mod_jk according to the tomcat forums.


      I can provide the Filter source if necessary, but it's pretty basic.


      Is there a solution to this?




        • 1. Re: Richfaces Cache-Control settings, need 'public'

          please check this issue comments. https://jira.jboss.org/jira/browse/RF-7452


          Also, please do not leave comments in different places in order not to search where we answered

          • 2. Re: Richfaces Cache-Control settings, need 'public'



            Thanks for the reply, and sorry for the cross posts.


            I did check the  issue comments, but they don't apply in this case, as I'm not using Tomcat for authentication, and in fact the Pragma header is not present.


            I think there should be an option to include 'public' in the Cache-Control header, since without it browsers will not cache files over ssl.  In my case tomcat isn't in ssl mode, it's running on the regular 8080 port, talking to httpd over the ajp protocol, and http is handle all the ssl computations.



            public void sendHeaders(ResourceContext context) {
                    boolean cached = context.isCacheEnabled() && isCacheable(context);
                    if (log.isDebugEnabled()) {
                    // context.setHeader("Content-Type",getContentType());
                    Date lastModified = getLastModified(context);
                    if (lastModified != null) {
                        context.setDateHeader("Last-Modified", lastModified.getTime());
                    int contentLength = getContentLength(context);
                    if (cached) {
                        if (contentLength > 0) {
                        long expired = getExpired(context);
                        if (expired < 0) {
                            expired = DEFAULT_EXPIRE;
                        context.setDateHeader("Expires", System.currentTimeMillis() + expired);
                        context.setHeader("Cache-control", "public, max-age=" + (expired / 1000L));  <--- I've modified this line to add public, which fixes the issue
                    } else {
                        if (contentLength > 0) {
                            // } else {
                            // context.setHeader("Transfer-Encoding", "chunked");
                        context.setHeader("Cache-control", "max-age=0, no-store, no-cache");
                        context.setHeader("Pragma", "no-cache");
                        context.setIntHeader("Expires", 0);
            For now I think I will pull the js and css files from the RichFaces jars and serve them from apache directly, unless somebody has a better workaround, as I'd like to avoid compiling a custom version of RichFaces.
            Should I open a Jira issue for inclusion of a 'public' option for the Cache-Control header?
            • 3. Re: Richfaces Cache-Control settings, need 'public'

              Well, that didn't paste properly, although it looked fine while editing:


              The line that I have to change in order for caching to work correctly is:


              context.setHeader("Cache-control", "public, max-age=" + (expired / 1000L));
              With this, Firefox and IE will correctly cache static files over ssl.
              • 4. Re: Richfaces Cache-Control settings, need 'public'

                Hi Ian,


                I am having the same problem, I need to do the caching of Richfaces resources over HTTPS  and to do that Richfaces needed to add the "public" directrix on Cache-Control header.

                Ian Have you opened the JIRA issue for this problem? Ilya Shaikovsky should we do that?

                I'll really patch Richfaces on my own, because we have a application that will process millions of requests/day on a huge national network (115.000 workstations); and this application need's to run under https.

                • 5. Re: Richfaces Cache-Control settings, need 'public'

                  I think the reason for "public" parameter was not well explained by me. So...


                  Without the "public" parameter on Cache-control header tag, under a HTTPS connection, the browser will NOT perform disk cache, this is important because that means that every time my user restart the browser and come into my web application all of my Richfaces resources's will be sent to him again, that way no matters what I set on "org.ajax4jsf.DEFAULT_EXPIRE" context parameter, the maximum time for the cache will be determined by the browser restart.


                  With the "public" parameter the browser will do the disk cache and if I want that the Richfaces resources be cached for 6 months, they will be.

                  • 6. Re: Richfaces Cache-Control settings, need 'public'



                    I have created this issue on JIRA, about this feature request: