Java 在spring security中禁用特定url的缓存
在我的情况下,我有四种方法来解决我的问题:Java 在spring security中禁用特定url的缓存,java,spring-security,cache-control,Java,Spring Security,Cache Control,在我的情况下,我有四种方法来解决我的问题: 在我的index.html中写入元配置并禁用缓存(对我不起作用) 将index.html更改为index.jsp并禁用缓存(对我有用,但我的客户组需要index.html) 在web.xml中使用过滤器,区分所需的请求并禁用缓存 春季安全 我的问题是如何使用Spring安全性禁用index.html (可能在http标记中使用intercept url)您可以使用Spring Security xml配置有选择地将无缓存头添加到index.html,如
index.htmlindex.htmlindex.jspweb.xmlindex.html(可能在
httpintercept url<security:http>
[intercept-url, etc omitted...]
<security:headers>
<!-- selectively applied to dynamic pages only via pattern matching, -->
<security:header ref="noCacheHeaders"/>
</security:headers>
</security:http>
<bean id="noCacheHeaders" class="org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter">
<constructor-arg>
<bean class="org.springframework.security.web.util.matcher.AntPathRequestMatcher">
<constructor-arg value="/index.html"/>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="org.springframework.security.web.header.writers.CacheControlHeadersWriter"/>
</constructor-arg>
</bean>
您可以使用Spring Security xml配置有选择地向index.html添加无缓存头,如下所示:
<security:http>
[intercept-url, etc omitted...]
<security:headers>
<!-- selectively applied to dynamic pages only via pattern matching, -->
<security:header ref="noCacheHeaders"/>
</security:headers>
</security:http>
<bean id="noCacheHeaders" class="org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter">
<constructor-arg>
<bean class="org.springframework.security.web.util.matcher.AntPathRequestMatcher">
<constructor-arg value="/index.html"/>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="org.springframework.security.web.header.writers.CacheControlHeadersWriter"/>
</constructor-arg>
</bean>
您的可能副本通常不会使用Spring Security来调整内容的缓存头。
index.htmlindex.html