diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/webapp/WEB-INF/web.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/webapp/WEB-INF/web.xml
index 3a900cd914d..823bf51d731 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/webapp/WEB-INF/web.xml
@@ -59,6 +59,43 @@
ApiPermissionFilter
org.wso2.carbon.apimgt.application.extension.api.filter.ApiPermissionFilter
+
+
+ HttpHeaderSecurityFilter
+ org.apache.catalina.filters.HttpHeaderSecurityFilter
+
+ hstsEnabled
+ false
+
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter
+
+ patterns
+ text/html" ,application/json" ,text/plain
+
+
+ filterAction
+ enforce
+
+
+ httpHeaders
+ Cache-Control: no-store, no-cache, must-revalidate, private
+
+
+
+
+ HttpHeaderSecurityFilter
+ /*
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ /*
+
+
ApiPermissionFilter
/*
diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/webapp/WEB-INF/web.xml
index 58aa02917c4..6fd45f33b32 100644
--- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/webapp/WEB-INF/web.xml
@@ -52,4 +52,40 @@
true
+
+ HttpHeaderSecurityFilter
+ org.apache.catalina.filters.HttpHeaderSecurityFilter
+
+ hstsEnabled
+ false
+
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter
+
+ patterns
+ text/html" ,application/json" ,text/plain
+
+
+ filterAction
+ enforce
+
+
+ httpHeaders
+ Cache-Control: no-store, no-cache, must-revalidate, private
+
+
+
+
+ HttpHeaderSecurityFilter
+ /*
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ /*
+
+
diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/webapp/WEB-INF/web.xml b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/webapp/WEB-INF/web.xml
index 1d59c04b173..ca08169c8c5 100644
--- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/webapp/WEB-INF/web.xml
@@ -16,7 +16,9 @@
~ specific language governing permissions and limitations
~ under the License.
-->
-
+
Certificate-Webapp
JAX-WS/JAX-RS Certificate Management Endpoint
@@ -52,10 +54,10 @@
managed-api-owner
admin
-
- isSharedWithAllTenants
- true
-
+
+ isSharedWithAllTenants
+ true
+
@@ -71,6 +73,43 @@
ApiOriginFilter
org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.ApiOriginFilter
+
+
+ HttpHeaderSecurityFilter
+ org.apache.catalina.filters.HttpHeaderSecurityFilter
+
+ hstsEnabled
+ false
+
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter
+
+ patterns
+ text/html" ,application/json" ,text/plain
+
+
+ filterAction
+ enforce
+
+
+ httpHeaders
+ Cache-Control: no-store, no-cache, must-revalidate, private
+
+
+
+
+ HttpHeaderSecurityFilter
+ /*
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ /*
+
+
ApiOriginFilter
/*
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
index f384efe6f52..7de0e8c3375 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
@@ -161,7 +161,7 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
private boolean isAuthenticationSupported(Request request) {
String param = request.getContext().findParameter("basicAuth");
- return (param == null || !Boolean.parseBoolean(param));
+ return (param != null && Boolean.parseBoolean(param));
}
}