Show TOC

Avoid Caching of Confidential DataLocate this document in the navigation structure

Some services may return confidential or person related data, where the User Agent is involved, and this data might implicitly be cached depending on the user's setting.

To remove this behavior, SAP Gateway can instruct the User Agent not to cache specific data if needed.

To avoid caching of confidential data, all GET methods returning such data must set the Cache-Control-Header using the method, /IWBEP/IF_MGW_CONV_SRV_RUNTIME~SET_HEADER().

You can do this either directly or in a private method, such as, no_cache() which is called whenever necessary.

Example

data: ls_header type ihttpnvp.

ls_header-name = 'Cache-Control'.

ls_header-value = 'no-cache, no-store'. set_header( ls_header ).

ls_header-name = 'Pragma'.

ls_header-value = 'no-cache'. set_header( ls_header ).

Check the methods in the data provider classes (in Service Builder) of the applications that inherit from the following:

  • /IWBEP/CL_MGW_ABS_DATA

  • /IWBEP/IF_MGW_APPL_SRV_RUNTIME~GET_ENTITY

  • /IWBEP/IF_MGW_APPL_SRV_RUNTIME~GET_ENTITYSET