如何在 Spring Boot 中启用 HTTP 响应缓存 [英] How to enable HTTP response caching in Spring Boot
问题描述
我已经使用 Spring Boot 1.0.2 实现了一个 REST 服务器.我无法阻止 Spring 设置禁用 HTTP 缓存的 HTTP 标头.
I have implemented a REST server using Spring Boot 1.0.2. I'm having trouble preventing Spring from setting HTTP headers that disable HTTP caching.
我的控制器如下:
@Controller
public class MyRestController {
@RequestMapping(value = "/someUrl", method = RequestMethod.GET)
public @ResponseBody ResponseEntity<String> myMethod(
HttpServletResponse httpResponse) throws SQLException {
return new ResponseEntity<String>("{}", HttpStatus.OK);
}
}
所有 HTTP 响应都包含以下标头:
All HTTP responses contain the following headers:
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0
Pragma: no-cache
我尝试了以下方法来删除或更改这些标题:
I've tried the following to remove or change those headers:
- 在控制器中调用
setCacheSeconds(-1)
. - 在控制器中调用
httpResponse.setHeader("Cache-Control", "max-age=123")
. - 定义返回
WebContentInterceptor
的@Bean
,我为其调用了setCacheSeconds(-1)
. - 在
application.properties
中将属性spring.resources.cache-period
设置为 -1 或正值.
- Call
setCacheSeconds(-1)
in the controller. - Call
httpResponse.setHeader("Cache-Control", "max-age=123")
in the controller. - Define
@Bean
that returnsWebContentInterceptor
for which I've calledsetCacheSeconds(-1)
. - Set property
spring.resources.cache-period
to -1 or a positive value inapplication.properties
.
以上都没有任何影响.如何在 Spring Boot 中为所有或单个请求禁用或更改这些标头?
None of the above have had any effect. How do I disable or change these headers for all or individual requests in Spring Boot?
推荐答案
原来无缓存 HTTP 标头是由 Spring Security 设置的.这在 http://docs.spring 中讨论.io/spring-security/site/docs/current/reference/htmlsingle/#headers.
Turns out the no-cache HTTP headers are set by Spring Security. This is discussed in http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#headers.
以下内容禁用了 HTTP 响应标头 Pragma: no-cache
,但不能以其他方式解决问题:
The following disables the HTTP response header Pragma: no-cache
, but doesn't otherwise solve the problem:
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// Prevent the HTTP response header of "Pragma: no-cache".
http.headers().cacheControl().disable();
}
}
我最终为公共静态资源完全禁用了 Spring Security,如下所示(在与上面相同的类中):
I ended up disabling Spring Security completely for public static resources as following (in the same class as above):
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/static/public/**");
}
这需要配置两个资源处理程序才能正确获取缓存控制标头:
This requires configuring two resource handlers to get cache control headers right:
@Configuration
public class MvcConfigurer extends WebMvcConfigurerAdapter
implements EmbeddedServletContainerCustomizer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
// Resources without Spring Security. No cache control response headers.
registry.addResourceHandler("/static/public/**")
.addResourceLocations("classpath:/static/public/");
// Resources controlled by Spring Security, which
// adds "Cache-Control: must-revalidate".
registry.addResourceHandler("/static/**")
.addResourceLocations("classpath:/static/")
.setCachePeriod(3600*24);
}
}
另见 在 Spring Boot 中提供静态 Web 资源&Spring Security 应用程序.
这篇关于如何在 Spring Boot 中启用 HTTP 响应缓存的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!