问题栏

用户名:lxd01

悬赏金:60鼠币

SpringBoot+Security登出无法跳转指定页面

使用springboot 2.1.3 +springsecurity,按照网上教程设置logoutsuccessurl为跳转的index路径,但是无法正常跳转,根据查看,页面发起请求/logout随后转向/index,但又被重定向至/login

websecurityconfig配置如下

@override
protected void configure(httpsecurity http) throws exception {
//允许基于httpservletrequest使用限制访问
http.authorizeRequests()
//不需要身份验证
.antmatchers("/js/**","/css/**","**/images/**","/fonts/**","/doc/**","/static/**").permitall()
.antmatchers("/login.html","/login").permitall()
.antmatchers("/index","/","/index.html").permitall()
.antmatchers("/register/**","/register.html").permitall()
.antmatchers("/developer_center/**","/price_list/**").permitall()
.antmatchers("/contact","/contact.html").permitall()
.anyrequest().authenticated()
//自定义登陆界面
.and().formlogin()
.loginpage("/login").permitall()
.loginprocessingurl("/login")
.failureurl("/login?error=1")
.permitall().defaultsuccessurl("/index")
.and().logout().logouturl("/logout").logoutsuccessurl("/index")
.and().headers().frameoptions().disable()
.and().exceptionhandling().accessdeniedpage("/login")
.and().httpbasic()
.and().sessionmanagement().invalidsessionurl("/login")
.and().rememberme()
.and().csrf().disable();
}
controller中的index请求如下:

@requestmapping(value = {"index",""},method = RequestMethod.GET)
public string getindexhtml(httpservletrequest httpservletrequest){
httpsession httpsession = httpServletRequest.getSession(true);
if (httpSession.getAttribute("company_email")==null){
httpSession.setAttribute("company_serial_number",companyConfig.getSerial_number());
httpSession.setAttribute("company_email",companyConfig.getEmail());
}
if(iAuthenticationFacade.getAuthentication().getname()!="anonymoususer") {
httpSession.setAttribute("flag",1);
httpSession.setAttribute("userinfo",userMapper.findByLoginName(iAuthenticationFacade.getAuthentication().getname()));
}
else
httpSession.setAttribute("flag",0);
return "index";
}

发布时间:2019-04-12
解答栏
  • 用户名:MASHEN

    logout以后会失效session然后走到invalidsessionurl也就是/login

    发布时间:2019-04-12



撰写答案
请登录后再回答