如何在Spring Boot中启用HTTP响应缓存

时间:2014-06-11 13:19:20

标签: java spring spring-mvc spring-security spring-boot

我使用Spring Boot 1.0.2实现了一个REST服务器。我无法阻止Spring设置禁用HTTP缓存的HTTP标头。

我的控制器如下:

@Controller
public class MyRestController {
    @RequestMapping(value = "/someUrl", method = RequestMethod.GET)
    public @ResponseBody ResponseEntity<String> myMethod(
            HttpServletResponse httpResponse) throws SQLException {
        return new ResponseEntity<String>("{}", HttpStatus.OK);
    }
}

所有HTTP响应都包含以下标题:

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0
Pragma: no-cache

我已尝试以下方法删除或更改这些标题:

  1. 在控制器中调用setCacheSeconds(-1)
  2. 在控制器中调用httpResponse.setHeader("Cache-Control", "max-age=123")
  3. 定义@Bean,返回WebContentInterceptor,我称之为setCacheSeconds(-1)
  4. 将属性spring.resources.cache-period设置为-1或application.properties中的正值。

    5. 以上都没有任何影响。如何在Spring Boot中为所有或单个请求禁用或更改这些标头?

9 个答案:

答案 0 :(得分:49)

原则上,Spring Security设置了无缓存HTTP标头。这在http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#headers中进行了讨论。

以下禁用HTTP响应标头Pragma: no-cache,但不能解决问题:

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;

@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // Prevent the HTTP response header of "Pragma: no-cache".
        http.headers().cacheControl().disable();
    }
}

我最终完全禁用了Spring Security for public static resources,如下所示(与上面相同的类):

@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring().antMatchers("/static/public/**");
}

这需要配置两个资源处理程序才能正确获取缓存控制标头:

@Configuration
public class MvcConfigurer extends WebMvcConfigurerAdapter
        implements EmbeddedServletContainerCustomizer {
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        // Resources without Spring Security. No cache control response headers.
        registry.addResourceHandler("/static/public/**")
            .addResourceLocations("classpath:/static/public/");

        // Resources controlled by Spring Security, which
        // adds "Cache-Control: must-revalidate".
        registry.addResourceHandler("/static/**")
            .addResourceLocations("classpath:/static/")
            .setCachePeriod(3600*24);
    }
}

另见Serving static web resources in Spring Boot & Spring Security application

答案 1 :(得分:5)

我找到了这个Spring扩展名:https://github.com/foo4u/spring-mvc-cache-control

你只需要做三个步骤。

第1步(pom.xml):

<dependency>
    <groupId>net.rossillo.mvc.cache</groupId>
    <artifactId>spring-mvc-cache-control</artifactId>
    <version>1.1.1-RELEASE</version>
    <scope>compile</scope>
</dependency>

第2步(WebMvcConfiguration.java):

@Configuration
public class WebMvcConfig extends WebMvcConfigurerAdapter implements WebMvcConfigurer {
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new CacheControlHandlerInterceptor());
    }
}

步骤3(控制器):

@Controller
public class MyRestController {

    @CacheControl(maxAge=31556926)
    @RequestMapping(value = "/someUrl", method = RequestMethod.GET)
    public @ResponseBody ResponseEntity<String> myMethod(
            HttpServletResponse httpResponse) throws SQLException {
        return new ResponseEntity<String>("{}", HttpStatus.OK);
    }
}

答案 2 :(得分:4)

spring boot中有很多方法可以进行http缓存。使用Spring Boot 2.1.1和额外的Spring Security 5.1.1。

1。对于在代码中使用resourcehandler的资源:

您可以通过这种方式添加自定义资源扩展。

registry.addResourceHandler

用于将uri路径添加到获取资源的位置

.addResourceLocations

用于设置文件系统中资源所在的位置( 给出的是具有classpath的相对路径,但也可以使用file :: //的绝对路径。)

.setCacheControl

用于设置缓存头(说明)。

Resourcechain和resolver是可选的(在这种情况下,与默认值完全相同)。

@Configuration
public class CustomWebMVCConfig implements WebMvcConfigurer {

@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry.addResourceHandler("/*.js", "/*.css", "/*.ttf", "/*.woff", "/*.woff2", "/*.eot",
            "/*.svg")
            .addResourceLocations("classpath:/static/")
            .setCacheControl(CacheControl.maxAge(365, TimeUnit.DAYS)
                    .cachePrivate()
                    .mustRevalidate())
            .resourceChain(true)
            .addResolver(new PathResourceResolver());
    }
}

2。对于使用应用程序属性配置文件的资源

与上面相同,减去了特定的模式,但现在是config。 此配置将应用于列出的静态位置中的所有资源。 

spring.resources.cache.cachecontrol.cache-private=true
spring.resources.cache.cachecontrol.must-revalidate=true
spring.resources.cache.cachecontrol.max-age=31536000
spring.resources.static-locations=classpath:/static/

3。在控制器级别

这里的响应是作为参数注入到控制器方法中的HttpServletResponse。

no-cache, must-revalidate, private

getHeaderValue将缓存选项输出为字符串。例如

response.setHeader(HttpHeaders.CACHE_CONTROL,
            CacheControl.noCache()
                    .cachePrivate()
                    .mustRevalidate()
                    .getHeaderValue());

答案 3 :(得分:4)

可以通过以下方式覆盖特定方法的默认缓存行为:

@Controller
public class MyRestController {
    @RequestMapping(value = "/someUrl", method = RequestMethod.GET)
    public @ResponseBody ResponseEntity<String> myMethod(
            HttpServletResponse httpResponse) throws SQLException {
        return new ResponseEntity.ok().cacheControl(CacheControl.maxAge(100, TimeUnit.SECONDS)).body(T)
    }
}

答案 4 :(得分:2)

CacheControl 类是一个流畅的构建器,它使我们可以轻松创建不同类型的缓存:

@GetMapping("/users/{name}")
public ResponseEntity<UserDto> getUser(@PathVariable String name) { 
    return ResponseEntity.ok()
      .cacheControl(CacheControl.maxAge(60, TimeUnit.SECONDS))
      .body(new UserDto(name));
}

让我们在测试中点击这个端点,并断言我们已经更改了标头:

given()
  .when()
  .get(getBaseUrl() + "/users/Michael")
  .then()
  .header("Cache-Control", "max-age=60");

答案 5 :(得分:0)

我遇到了类似的问题。我想获得一些在浏览器中缓存的动态资源(图像)。如果图像改变(不经常),我改变了uri的部分...这是我的解决方案

    http.headers().cacheControl().disable();
    http.headers().addHeaderWriter(new HeaderWriter() {

        CacheControlHeadersWriter originalWriter = new CacheControlHeadersWriter();

        @Override
        public void writeHeaders(HttpServletRequest request, HttpServletResponse response) {
            Collection<String> headerNames = response.getHeaderNames();
            String requestUri = request.getRequestURI();
            if(!requestUri.startsWith("/web/eventImage")) {
                originalWriter.writeHeaders(request, response);
            } else {
               //write header here or do nothing if it was set in the code
            }       
        }
    });

答案 6 :(得分:0)

@Configuration
@EnableAutoConfiguration
public class WebMvcConfiguration extends WebMvcConfigurerAdapter {

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {

        registry.addResourceHandler("/resources/**")
                .addResourceLocations("/resources/")
                .setCachePeriod(31556926);

    }
}

答案 7 :(得分:0)

如果您不希望对静态资源进行身份验证,则可以执行以下操作:

import static org.springframework.boot.autoconfigure.security.servlet.PathRequest.toStaticResources;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
...
    @Override
    public void configure(WebSecurity webSecurity) throws Exception {
        webSecurity
                .ignoring()
                .requestMatchers(toStaticResources().atCommonLocations());
    }
...
}

并在您的application.properties中:

spring.resources.cache.cachecontrol.max-age=43200

请参阅ResourceProperties.java,以了解更多可以设置的属性。

答案 8 :(得分:0)

我在控制器的下面几行使用了

ResponseEntity.ok().cacheControl(CacheControl.maxAge(secondWeWantTobeCached, TimeUnit.SECONDS)).body(objToReturnInResponse);

请注意,Response将具有标题Cache-Control,其值为secondWeWantTobeCached。但是,如果我们在地址栏中输入url并按Enter,则请求将始终从Chrome发送到服务器。但是,如果我们从某个链接中访问url,浏览器将不会发送新请求,而是从缓存中获取。

相关问题
最新问题