Merge pull request #1111 from mogronalol/BAEL-542

Bael 542

pom.xml

@@ -147,6 +147,7 @@
         <module>spring-rest-docs</module>
         <module>spring-rest</module>
         <module>spring-security-basic-auth</module>
+        <module>spring-security-cache-control</module>
         <module>spring-security-client/spring-security-jsp-authentication</module>
         <module>spring-security-client/spring-security-jsp-authorize</module>
         <module>spring-security-client/spring-security-jsp-config</module>

spring-security-cache-control/pom.xml

@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.baeldung</groupId>
+    <artifactId>spring-security-cache-control</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>1.4.3.RELEASE</version>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+            <version>${javax.servlet-api.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.hamcrest</groupId>
+            <artifactId>hamcrest-core</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.hamcrest</groupId>
+            <artifactId>hamcrest-library</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-core</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-test</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>com.jayway.restassured</groupId>
+            <artifactId>rest-assured</artifactId>
+            <version>${rest-assured.version}</version>
+        </dependency>
+    </dependencies>
+
+    <properties>
+        <javax.servlet-api.version>3.1.0</javax.servlet-api.version>
+        <rest-assured.version>2.9.0</rest-assured.version>
+    </properties>
+
+</project>

spring-security-cache-control/src/main/java/com/baeldung/cachecontrol/AppRunner.java

@@ -0,0 +1,12 @@
+package com.baeldung.cachecontrol;
+
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class AppRunner {
+    public static void main(String[] args) {
+        SpringApplication.run(AppRunner.class, args);
+    }
+}

spring-security-cache-control/src/main/java/com/baeldung/cachecontrol/ResourceEndpoint.java

@@ -0,0 +1,44 @@
+package com.baeldung.cachecontrol;
+
+
+import com.baeldung.cachecontrol.model.TimestampDto;
+import com.baeldung.cachecontrol.model.UserDto;
+import org.springframework.http.CacheControl;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import java.time.LocalDateTime;
+import java.time.ZoneOffset;
+import java.util.concurrent.TimeUnit;
+
+@Controller
+public class ResourceEndpoint {
+
+    @RequestMapping(value = "/default/users/{name}", method = RequestMethod.GET)
+    public ResponseEntity<UserDto> getUserWithDefaultCaching(@PathVariable(value = "name") String name) {
+        return ResponseEntity.ok(new UserDto(name));
+    }
+
+    @RequestMapping(value = "/users/{name}", method = RequestMethod.GET)
+    public ResponseEntity<UserDto> getUser(@PathVariable(value = "name") String name) {
+        return ResponseEntity.ok()
+                .cacheControl(CacheControl.maxAge(60, TimeUnit.SECONDS))
+                .body(new UserDto(name));
+    }
+
+    @RequestMapping(value = "/timestamp", method = RequestMethod.GET)
+    public ResponseEntity<TimestampDto> getServerTimestamp() {
+        return ResponseEntity.ok()
+                .cacheControl(CacheControl.noStore())
+                .body(new TimestampDto(LocalDateTime.now().toInstant(ZoneOffset.UTC).toEpochMilli()));
+    }
+
+    @RequestMapping(value = "/private/users/{name}", method = RequestMethod.GET)
+    public ResponseEntity<UserDto> getUserNotCached(@PathVariable("name") String name) {
+        return ResponseEntity.ok()
+                .body(new UserDto(name));
+    }
+}

spring-security-cache-control/src/main/java/com/baeldung/cachecontrol/config/SpringSecurityConfig.java

@@ -0,0 +1,17 @@
+package com.baeldung.cachecontrol.config;
+
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {}
+}

spring-security-cache-control/src/main/java/com/baeldung/cachecontrol/model/TimestampDto.java

@@ -0,0 +1,10 @@
+package com.baeldung.cachecontrol.model;
+
+
+public class TimestampDto {
+    public final Long timestamp;
+
+    public TimestampDto(Long timestamp) {
+        this.timestamp = timestamp;
+    }
+}

spring-security-cache-control/src/main/java/com/baeldung/cachecontrol/model/UserDto.java

@@ -0,0 +1,11 @@
+package com.baeldung.cachecontrol.model;
+
+
+public class UserDto {
+    public final String name;
+
+    public UserDto(String name) {
+        this.name = name;
+    }
+
+}

spring-security-cache-control/src/test/java/com/baeldung/cachecontrol/ResourceEndpointLiveTest.java

@@ -0,0 +1,72 @@
+package com.baeldung.cachecontrol;
+
+import com.jayway.restassured.http.ContentType;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.context.embedded.LocalServerPort;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import static com.jayway.restassured.RestAssured.given;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = AppRunner.class)
+public class ResourceEndpointLiveTest {
+
+    @LocalServerPort
+    private int serverPort;
+
+    @Test
+    public void whenGetRequestForUser_shouldRespondWithDefaultCacheHeaders() {
+        given()
+          .when()
+          .get(getBaseUrl() + "/default/users/Michael")
+          .then()
+          .headers("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate")
+          .header("Pragma", "no-cache");
+    }
+
+    @Test
+    public void whenGetRequestForUser_shouldRespondMaxAgeCacheControl() {
+        given()
+          .when()
+          .get(getBaseUrl() + "/users/Michael")
+          .then()
+          .header("Cache-Control", "max-age=60");
+    }
+
+    @Test
+    public void givenServiceEndpoint_whenGetRequestForUser_shouldResponseWithCacheControlMaxAge() {
+        given()
+                .when()
+                .get(getBaseUrl() + "/users/Michael")
+                .then()
+                .contentType(ContentType.JSON).and().statusCode(200).and()
+                .header("Cache-Control", "max-age=60");
+    }
+
+    @Test
+    public void givenServiceEndpoint_whenGetRequestForNotCacheableContent_shouldResponseWithCacheControlNoCache() {
+        given()
+                .when()
+                .get(getBaseUrl() + "/timestamp")
+                .then()
+                .contentType(ContentType.JSON).and().statusCode(200).and()
+                .header("Cache-Control", "no-store");
+    }
+
+    @Test
+    public void givenServiceEndpoint_whenGetRequestForPrivateUser_shouldResponseWithSecurityDefaultCacheControl() {
+        given()
+                .when()
+                .get(getBaseUrl() + "/private/users/Michael")
+                .then()
+                .contentType(ContentType.JSON).and().statusCode(200).and()
+                .header("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
+    }
+
+    private String getBaseUrl() {
+        return "http://localhost:" + serverPort;
+    }
+
+}