Spring security logout goes to j_spring_security_logout

后端未结

关注

 2  1847

In my web application when I tries to logout it goes to j_spring_security_logout instead of the given page. In my spring-security.xml page i have a

相关标签:

2条回答

难免孤独

2021-01-02 19:58

A better approach to use default logout url would be

<c:url var="logoutUrl" value="j_spring_security_logout"/>
<form action="${logoutUrl}" method="post">
  <input type="submit" value="Log out" />
  <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>

0 讨论(0)

[愿得一人]

2021-01-02 20:03

When you have Spring Security CSRF protection enabled, you must logout with POST:

<c:url var="logoutUrl" value="/logout"/>
<form action="${logoutUrl}" method="post">
  <input type="submit" value="Log out" />
  <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>

0 讨论(0)