Index: FormAuthenticator.java
===================================================================
--- FormAuthenticator.java	(revision 586983)
+++ FormAuthenticator.java	(working copy)
@@ -313,6 +313,9 @@
             context.getServletContext().getRequestDispatcher
             (config.getLoginPage());
         try {
+            // Disallow caching the login page as the actual page. BZ 43687
+            response.setHeader("Pragma", "No-cache");
+            response.setHeader("Cache-Control", "no-cache");
             disp.forward(request.getRequest(), response.getResponse());
             response.finishResponse();
         } catch (Throwable t) {
@@ -334,6 +337,9 @@
             context.getServletContext().getRequestDispatcher
             (config.getErrorPage());
         try {
+            // Disallow caching the error page as the actual page. BZ 43687
+            response.setHeader("Pragma", "No-cache");
+            response.setHeader("Cache-Control", "no-cache");
             disp.forward(request.getRequest(), response.getResponse());
         } catch (Throwable t) {
             log.warn("Unexpected error forwarding to error page", t);