如何防止在spring rest控制器中创建httpsession

在我们的项目中,我们使用spring实现了一些rest服务 @RestController . 问题是当我使用rest客户机测试它们时,在响应头中存在 JSESSIONID ,所以我相信服务器会创建 HTTPSession 对于每个请求,但是服务是无状态的,它们不需要 HttpSession公司 .

是否有任何方法可以阻止在此控制器中创建新会话?

这是restcontroller的来源

@RestController
@RequestMapping("/customs/customs")
public class CustomsRestController {

    @Autowired
    private CustomsWebService customsWebService;

    @Autowired
    private CustomsSecurityContextInitializer securityContextInitializer;

    @RequestMapping(path = "/customsPorts", method = RequestMethod.GET,
            consumes = MediaType.APPLICATION_JSON_UTF8_VALUE,
            produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
    public Collection<CustomsPort> getActiveCustomsPorts() {
        try {
            securityContextInitializer.initSecurityContext();
            return customsWebService.getActiveCustomsPorts();
        } finally {
            securityContextInitializer.clearSecurityContext();
        }
    }

    @RequestMapping(path = "/registerCustomsRequest", method = RequestMethod.POST,
            consumes = MediaType.APPLICATION_JSON_UTF8_VALUE,
            produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
    public CustomsDeclarationInfo registerCustomsRequest(@RequestBody CustomsDeclarationRequest requestKey) {
        try {
            securityContextInitializer.initSecurityContext();
            requestKey.validate();
            return customsWebService.registerCustomsRequest(requestKey);
        } catch (BusinessException e) {
            return CustomsDeclarationInfo.builder().errorMessage(e.getMessage()).build();
        } finally {
            securityContextInitializer.clearSecurityContext();
        }
    }

}