We will change the applicationContext-security.xml of our login example, to configure logout.
we will add logout tag in the http Section.
we will add logout tag in the http Section.
<http auto-config="true" access-denied-page="/deniedPage.jsp"> <intercept-url pattern="/securePage**" access="ROLE_ADMIN" /> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <form-login login-processing-url="/j_spring_security_check" login-page="/login.jsp" default-target-url="/securePage.jsp" authentication-failure-url="/login.jsp" /> <logout logout-url="/j_spring_security_logout" invalidate-session="true" logout-success-url="/login.jsp" /> </http>It is obvious from the configuration that session will be invalidated and login page will be displayed after logout.
No comments:
Post a Comment