Java Spring HttpSecurity覆盖响应头_Java_Spring_Spring Security

Java Spring HttpSecurity覆盖响应头

java spring spring-security

Java Spring HttpSecurity覆盖响应头,java,spring,spring-security,Java,Spring,Spring Security,您可以通过执行以下操作将标题添加到响应中 @EnableWebSecurity public class CacheControl extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http .headers() .addHeaderWriter(new StaticHeadersWr

您可以通过执行以下操作将标题添加到响应中

@EnableWebSecurity
public class CacheControl extends WebSecurityConfigurerAdapter {
  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http
      .headers()
      .addHeaderWriter(new StaticHeadersWriter("Cache-Control", "private, max-age=43200"));
  }
}

如果响应已具有缓存控件属性，则只需向其添加具有相同名称的第二个属性：

Cache-Control: original content
Cache-Control: added content

是否有简单的方法覆盖现有属性

我找到的最简单的解决方案是禁用缓存控制，然后再次添加缓存控制头

@Configuration
@EnableWebSecurity
public class CacheControlAdapter extends WebSecurityConfigurerAdapter {
  public CacheControlAdapter() {}

  @Override
  @RequestMapping("/app/")
  protected void configure(HttpSecurity http) throws Exception {
    StaticHeadersWriter writer = new StaticHeadersWriter("Cache-Control", "value");
    http
      .headers()
      .cacheControl()
      .disable()
      .addHeaderWriter(writer);
  }
}