Caching in Spring Boot with Spring Security

In this post, I’d like to share a lesson learned by one of the teams at O&B. They were using Spring Boot with Spring Security.By default, anything that is protected by Spring Security is sent to the browser with the following HTTP header:Cache-Control: no-cache, no-store, max-age=0, must-revalidateEssentially, the response will never be cached by the browser. While this may seem inefficient, there is actually