WildFly 10上的JAX-RS REST服务+ EJB始终在响应中添加无缓存HTTP标头 [英] JAX-RS REST service + EJB on WildFly 10, always adds no-cache HTTP header in responses
问题描述
我写了一个提供休息服务的无状态EJB. 我正在使用Wildfly 10应用程序服务器,并正在使用Netbeans IDE进行开发.
我试图通过在服务方法的http响应中添加max-age标头来将几个方法的返回值缓存几个小时.请考虑这是我的bean的简化版本:
@Stateless
@DeclareRoles({"role1","role2"})
@RolesAllowed({"role1","role2"})
@Path("api-dummy")
public class DummyApiREST {
@EJB
private StuffFacade stuffFacade;
@GET
@Path("get-stuff")
@Produces({MediaType.APPLICATION_JSON})
public Response findStuff() {
Stuff stuff = stuffFacade.getStuff();
Response.ResponseBuilder builder = Response.status(Response.Status.OK).entity(stuff);
Utils.setCacheHeader(maxAgeSeconds, builder);
return builder.build();
}
}
和setCacheHeader方法:
private static Response.ResponseBuilder setCacheHeader(int maxAgeSeconds, Response.ResponseBuilder builder) {
CacheControl cc = new CacheControl();
cc.setNoCache(false);
cc.setNoStore(false);
cc.setMaxAge(maxAgeSeconds);
cc.setPrivate(true);
builder.cacheControl(cc);
return builder;
}
但是返回的"get-stuff"响应始终包含Cache-Control标头的重复项;重复标头包含no-cache指令(这也是Pragma标头):
HTTP/1.1 200 OK
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Cache-Control: no-transform, max-age=60, private
X-Powered-By: Undertow/1
Server: WildFly/10
Pragma: no-cache
Date: Thu, 13 Apr 2017 15:11:17 GMT
Connection: keep-alive
Content-Type: application/json
我认为问题是由EJB中JAX-RS服务的默认行为(或过滤器)引起的.我的问题是:
- 是否有更好的方法来设置max-age并在JAX-RS + EJB中启用缓存?
- 是否有办法禁用此无缓存默认行为? (或者换句话说,通常在哪里配置?)
- .. and ..我的解决方案出了什么问题? :-)
注意:也许没有关系,我已经配置了一个jdbc安全域,并且用户身份验证和主体工作正常.
致谢
我找到了解决方案. 默认情况下,Wildfly(我也认为JBoss也是)将 no-cache 指令添加到 all 私有资源(需要身份验证的资源)中. /p>
您必须通过在 server-container 中添加属性 disable-caching -*来更改 standalone.xml 文件中的配置.标签:
<servlet-container name="default" disable-caching-for-secured-pages="false">
<jsp-config/>
<websockets/>
</servlet-container>
通过这种方式,不再将 Pragma 和 nocache 指令添加到响应中,并且我在问题中发布的代码也按预期工作.
编辑:提醒一下,当在同一URL上请求私有资源时,必须将不同的内容返回给必须具有的不同用户:
- 在该响应中添加 private 标头,以使您的反向代理能够 不会缓存该内容,或者替代..
- ..在其中留下 nocache 标头以获取响应
I have wrote a stateless EJB that provides a rest service. I am working with the Wildfly 10 application server and developing with the Netbeans IDE.
I have tried to cache the return values of few methods for few hours by adding a max-age header in the http-response of the service methods. Please consider this is a simplified version of my bean:
@Stateless
@DeclareRoles({"role1","role2"})
@RolesAllowed({"role1","role2"})
@Path("api-dummy")
public class DummyApiREST {
@EJB
private StuffFacade stuffFacade;
@GET
@Path("get-stuff")
@Produces({MediaType.APPLICATION_JSON})
public Response findStuff() {
Stuff stuff = stuffFacade.getStuff();
Response.ResponseBuilder builder = Response.status(Response.Status.OK).entity(stuff);
Utils.setCacheHeader(maxAgeSeconds, builder);
return builder.build();
}
}
And the setCacheHeader method:
private static Response.ResponseBuilder setCacheHeader(int maxAgeSeconds, Response.ResponseBuilder builder) {
CacheControl cc = new CacheControl();
cc.setNoCache(false);
cc.setNoStore(false);
cc.setMaxAge(maxAgeSeconds);
cc.setPrivate(true);
builder.cacheControl(cc);
return builder;
}
But the returned response of "get-stuff" always contains a duplicate of the Cache-Control header; the duplicate header contains no-cache directives (the is also a Pragma header):
HTTP/1.1 200 OK
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Cache-Control: no-transform, max-age=60, private
X-Powered-By: Undertow/1
Server: WildFly/10
Pragma: no-cache
Date: Thu, 13 Apr 2017 15:11:17 GMT
Connection: keep-alive
Content-Type: application/json
I suppose the problem is caused by a default behaviour--or filter-- for the JAX-RS services in my EJBs. My questions are:
- Is there a better way to set the max-age and enable caching in JAX-RS + EJB?
- Is there a way to disable this no-cache default behaviour? (OR in other words, where is this usually configured?)
- ..and..what is wrong in my solution? :-)
NOTE: Perhaps it is not related, I have configured a jdbc security-domain and users authenticate and principal(s) work well.
Regards
I have found the solution. By default Wildfly (and I think JBoss too) adds the no-cache directives to all the private resources (resources that needs authentication).
You have to change the configuration in standalone.xml file, by adding an attribute disable-caching-* to the server-container tag:
<servlet-container name="default" disable-caching-for-secured-pages="false">
<jsp-config/>
<websockets/>
</servlet-container>
In this way no more Pragma and nocache directives will be added to responses and the code I posted in my question, it simply works as expected.
EDIT: Remind, when requests for private resources, at the same URL, have to return different contents to different users you have to:
- add the private header to that responses, for your reverse proxy to not cache that content OR in alternative..
- ..left the nocache header there for that responses
这篇关于WildFly 10上的JAX-RS REST服务+ EJB始终在响应中添加无缓存HTTP标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!