Search code examples
ejbjax-rswildflycache-controlhttp-caching

JAX-RS REST service + EJB on WildFly 10, always adds no-cache HTTP header in responses

I have wrote a stateless EJB that provides a rest service. I am working with the Wildfly 10 application server and developing with the Netbeans IDE.

I have tried to cache the return values of few methods for few hours by adding a max-age header in the http-response of the service methods. Please consider this is a simplified version of my bean:

    @Stateless
    @DeclareRoles({"role1","role2"})
    @RolesAllowed({"role1","role2"})
    @Path("api-dummy")
    public class DummyApiREST {

        @EJB
        private StuffFacade stuffFacade;

        @GET
        @Path("get-stuff")
        @Produces({MediaType.APPLICATION_JSON})
        public Response findStuff() {
            Stuff stuff = stuffFacade.getStuff();
            Response.ResponseBuilder builder = Response.status(Response.Status.OK).entity(stuff);
            Utils.setCacheHeader(maxAgeSeconds, builder);
            return builder.build();
        }
   }

And the setCacheHeader method:

private static Response.ResponseBuilder setCacheHeader(int maxAgeSeconds, Response.ResponseBuilder builder) {
        CacheControl cc = new CacheControl();
        cc.setNoCache(false);
        cc.setNoStore(false);
        cc.setMaxAge(maxAgeSeconds);
        cc.setPrivate(true);
        builder.cacheControl(cc);
        return builder;
 }

But the returned response of "get-stuff" always contains a duplicate of the Cache-Control header; the duplicate header contains no-cache directives (the is also a Pragma header):

HTTP/1.1 200 OK
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Cache-Control: no-transform, max-age=60, private
X-Powered-By: Undertow/1
Server: WildFly/10
Pragma: no-cache
Date: Thu, 13 Apr 2017 15:11:17 GMT
Connection: keep-alive
Content-Type: application/json

I suppose the problem is caused by a default behaviour--or filter-- for the JAX-RS services in my EJBs. My questions are:

  • Is there a better way to set the max-age and enable caching in JAX-RS + EJB?
  • Is there a way to disable this no-cache default behaviour? (OR in other words, where is this usually configured?)
  • ..and..what is wrong in my solution? :-)

NOTE: Perhaps it is not related, I have configured a jdbc security-domain and users authenticate and principal(s) work well.

Regards

Solution

  • I have found the solution. By default Wildfly (and I think JBoss too) adds the no-cache directives to all the private resources (resources that needs authentication).

    You have to change the configuration in standalone.xml file, by adding an attribute disable-caching-* to the server-container tag:

    <servlet-container name="default" disable-caching-for-secured-pages="false">
                    <jsp-config/>
                    <websockets/>
</servlet-container>

    In this way no more Pragma and nocache directives will be added to responses and the code I posted in my question, it simply works as expected.

    EDIT: Remind, when requests for private resources, at the same URL, have to return different contents to different users you have to:

    • add the private header to that responses, for your reverse proxy to not cache that content OR in alternative..
    • ..left the nocache header there for that responses