Re: [keycloak-user] Spring Boot Adapter - change Cache-Control : private header

Have you disabled cache control headers via Spring Security? @Override protected void configure( HttpSecurity http ) throws Exception { // @formatter:off http .cors().and() .headers() .cacheControl().disable() Then enabled via your controller? return ResponseEntity.ok().cacheControl( CacheControl.maxAge( 600, TimeUnit.SECONDS) ).body( response) ); -- Christopher Savory Software Engineer | EdLogics On 4/6/18, 11:59 AM, &quot;keycloak-user-bounces(a)lists.jboss.org on behalf of Scott Hezzell" <keycloak-user-bounces(a)lists.jboss.org on behalf of Scotthezzell(a)benefex.co.uk&gt; wrote: Hi Spring Boot Version: 1.5.10.RELEASE Keycloak Spring Boot Adapter Version: 3.4.3.Final Is there any way to update the Cache-Control header set to private? Any Cache-Control headers set in my controller are always overridden by the settings set by the keycloak adapter. Thanks Scott [Benefex Logo] Scott Hezzell Senior Developer hellobenefex.com<https://www.benefex.co.uk> [https://bfx-media.com/img/social%20LinkedIn.png]<https://www.linkedin.... [Twitter] <https://twitter.com/hellobenefex> Benefex Ltd, Mountbatten House, Grosvenor Square, Southampton, SO15 2JU. Registered Number: 04768546 As the sender of this email, we hope that you are the intended addressee and that you are having a nice day. Please take a moment to note that this message may contain information that is confidential or privileged and exempt from disclosure under applicable law. If this wasn't meant for your eyes, please do take the time to let us know and delete this message from all data storage systems. You should also note that the disclosure or copying of this email, or the use of its contents, is prohibited. Thank you! This message has been scanned for malware by Websense. www.websense.com _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user