Crafting Spring Boot REST APIs with Custom Headers

3 min readFeb 25, 2024

Introduction

Spring Boot has revolutionized the way Java developers create web applications. Its convention-over-configuration approach simplifies the deployment and development process, making it an excellent choice for building RESTful APIs. However, as REST APIs become more complex, the necessity to handle more sophisticated operations arises, particularly in managing HTTP headers. This article delves into how Spring Boot can be utilized to handle custom headers in REST API requests, enhancing security, personalization, and communication between client and server.

Understanding HTTP Headers

HTTP headers are key-value pairs sent between the client and server in the request and response messages. They provide essential information about the request or response, or about the object sent in the message body. While some headers are standard and widely used (such as Content-Type and Authorization), applications often require custom headers for various purposes like API versioning, language settings, or custom authentication schemes.

Setting Up Spring Boot

Before diving into headers, ensure you have a Spring Boot project set up. Spring Initializr (start.spring.io) is a quick way to scaffold a new Spring Boot application. Choose your preferred project metadata and add dependencies such as Spring Web and Spring Security, if needed.

Handling Custom Headers in Spring Boot

Receiving Custom Headers

To access custom headers in Spring Boot, you can use the @RequestHeader annotation in your controller methods. This annotation binds a method parameter to a request header.

import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api")
public class CustomHeaderController {

    @GetMapping("/greet")
    public ResponseEntity<String> greet(@RequestHeader(name = "X-Custom-Header", required = false) String customHeader) {
        String greeting = "Hello, ";
        if (customHeader != null) {
            greeting += customHeader;
        } else {
            greeting += "Guest";
        }
        return ResponseEntity.ok().body(greeting);
    }
}

In this example, the greet method extracts the X-Custom-Header from the incoming request. If the header is present, its value is used in the greeting; otherwise, a default greeting is used.

Sending Custom Headers

Spring Boot also allows you to add custom headers to your responses. This can be done using the HttpHeaders class, which provides methods to set and manipulate HTTP headers.

import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;

@GetMapping("/farewell")
public ResponseEntity<String> farewell() {
    HttpHeaders responseHeaders = new HttpHeaders();
    responseHeaders.set("X-Custom-Header", "Goodbye");

    return ResponseEntity.ok()
            .headers(responseHeaders)
            .body("Farewell, client!");
}

In the farewell method, a custom header X-Custom-Header is added to the response with the value "Goodbye".

Advanced Usage: Interceptors

For more complex scenarios, such as applying a custom header to multiple endpoints or manipulating headers for logging or auditing, you can define a Spring HandlerInterceptor. This allows you to process requests and responses before and after they are handled by the controller.

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.util.ContentCachingResponseWrapper;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
public class CustomHeaderInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
        // Add or check headers before the controller method is called
        return true; // Continue with the execution chain
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) {
        // Manipulate response after controller method has been executed
        response.addHeader("X-Post-Header", "Processed");
    }
}

Remember to register your interceptor in the application’s configuration to activate it.

Conclusion

Handling custom headers in Spring Boot REST APIs allows developers to build more flexible, secure, and feature-rich applications. Whether you’re passing authentication tokens, versioning your API, or simply customizing responses, Spring Boot makes it straightforward. By leveraging the @RequestHeader annotation, response entities, and interceptors, you can manage HTTP headers effectively to meet your API's specific needs.

As with any development task, consider the security implications of exposing sensitive information through headers and ensure your API adheres to best practices and industry standards.