Weird behavior when using form based authentication with AngularJS in Websphere

I am working on AngularJS project with a form based authentication and have sometimes unexpected behaviour which I couldn't track.

The application running on Websphere 8.0.0.10, session management is done by cookies.

The required workflow is following:

open application, trying to get restricted resources

app is being redirected to login.html by Websphere, there's web.xml security constraint:

  <security-constraint>
        <display-name>userConstraint</display-name>
        <web-resource-collection>
            <web-resource-name>userResource</web-resource-name>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <description>user</description>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Allowed resources</web-resource-name>
        <url-pattern>/js/*</url-pattern> 
        <url-pattern>/css/*</url-pattern> 
        <url-pattern>/myStyle/*</url-pattern>

        </web-resource-collection>
    </security-constraint> 
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>Example Form-Based Authentication Area</realm-name>
        <form-login-config>
            <form-login-page>/login.html</form-login-page>
            <form-error-page>/login.html?retry=true</form-error-page>
        </form-login-config>
    </login-config>
    <security-role>
        <role-name>user</role-name>
    </security-role>

user enter login/password
Websphere redirect to welcome-page (index.html)

This is desired behaviour but sometimes it behaves differently. After I have entered the application and then closed a browser, and reopened it again it goes to '/page' as defined by $routerProvider, you can see this code below:

$routeProvider.when('/pages', {
        templateUrl: 'pages.html',
        controller: 'pagesCtrl'
     });

      $routeProvider.when('/page', {
          templateUrl: 'page.html',
        controller: 'pageCtrl'
      })

    .otherwise({redirectTo: '/page'});

It goes to '/page' but application doesn't work, throws various exception that it can't initiate this or that module even if I've deleted cookies manually or even If I open application in a Chrome incognito window when session should be expired and Websphere should redirect it to login.html. Only if I refresh it once again it goes to login.html

If I understand correctly it's partially cached by browser and some modules of the application loaded from the cache, even more, when I load application with developer console opened and disabling cache it works flawlessly but when console is closed it doesn't work.

I've tried to disable the cache by adding the following code to my index.html but it didn't help:

    <meta http-equiv="cache-control" content="max-age=0" />
    <meta http-equiv="cache-control" content="no-cache" />
    <meta http-equiv="expires" content="0" />
    <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
    <meta http-equiv="pragma" content="no-cache" />

Thank you in advance.

Solution

problem solved. I used @WebFilter with the following lines:

HttpServletResponse response = (HttpServletResponse) res;
response.addHeader("Pragma", "no-cache");
response.addHeader("Cache-Control", "no-cache");
response.addHeader("Cache-Control", "no-store");
response.addHeader("Cache-Control", "must-revalidate");
response.addHeader("Expires", "Tue, 01 Jan 1980 1:00:00 GMT");