Announcement Announcement Module
Collapse
No announcement yet.
spring security log-out not working for me. Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • spring security log-out not working for me.

    Hi All,

    I am having an issue with spring security logout.

    IN JSP I had written...
    Code:
    	<c:url var="url" value="/j_spring_security_logout"></c:url>
    	<b> <a href="${url}">Logout</a> </b>
    and in security.xml
    Code:
    	<http auto-config="true" access-denied-page="/unauthorized">
    		<custom-filter position="PRE_AUTH_FILTER" ref="siteminderFilter" />
    		<intercept-url pattern="/login" filters="none" />
    		<intercept-url pattern="/" access="ROLE_USER,ROLE_ADMIN" />
    		<intercept-url pattern="/landingPage" access="ROLE_USER,ROLE_ADMIN"
    			requires-channel="any" />
    		<intercept-url pattern="/admin" access='ROLE_ADMIN' />
    		
    		<form-login login-page="/login"			
    			authentication-success-handler-ref="authenticationSuccessHandler"
    			authentication-failure-url="/login?login_error=1" />
    		
    		<logout logout-url="/j_spring_security_logout"  invalidate-session="true" logout-success-url="/login" /> 
    				
    	</http>
    when I click on logout link it is coming to login page. but when I click on back button and click some other link in the page... it is working..

    Where am I wrong..?

    Please help..

  • #2
    Are you sure the page you are seeing is not cached by your browser?

    Comment


    • #3
      Thanks for your reply,

      I am sure it is not from browser cache.
      When I click back button in browser (comes back to home page) and click on any link, it is actually been invoked by the controller itself..


      Any further clue..

      Comment


      • #4
        Judging from your configuration nothing but /admin and /landingpage is secured everything else is open for anyone. So I doubt it is the fact that thelogout isn't working....

        Comment


        • #5
          Actually I am able to goto Admin page too...

          Thanks

          Comment


          • #6
            As stated ONLY /admin and /landingpage are protected... If you have /admin/user (or whatever) it isn't secured... So as I stated I doubt it is your logout not working it is your mapping.

            Comment

            Working...
            X