我有 Spring Boot 3.0.4 应用程序,我尝试了很多方法来添加无存储的 Cache-Control,但要么什么也没有发生,要么它说 headers 或某些东西既启用又禁用,并给我错误。我已尝试以下方法,但它没有在响应中显示 Cache-Control 标头。
import java.util.List;
@Configuration
@EnableWebSecurity
public class ResourceServerConfig {
private final List<String> protectedPaths = List.of(
"/users/*/**",
"/api/**",
"/admin/**",
);
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.headers(headers -> headers.defaultsDisabled().disable()) // <-- I have added this line without help
.csrf().disable()
.securityMatcher(protectedPaths.toArray(new String[0]))
.authorizeHttpRequests(requests -> requests.anyRequest().authenticated())
.oauth2ResourceServer()
.jwt(customizer -> customizer.jwtAuthenticationConverter(new UserAuthenticationTokenConverter()));
return http.build();
}
}
我做错了什么?
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.util.ContentCachingResponseWrapper;
import java.io.IOException;
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class LogRequestHandler implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
ContentCachingResponseWrapper responseCacheWrapperObject = new ContentCachingResponseWrapper((HttpServletResponse) servletResponse);
filterChain.doFilter(servletRequest, responseCacheWrapperObject);
responseCacheWrapperObject.addHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
responseCacheWrapperObject.copyBodyToResponse();
}
}