Announcement Announcement Module
Collapse
No announcement yet.
Wrong redirect when logout Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wrong redirect when logout

    Hi to everybody.
    (Sorry for my english)
    I have problems with logout and I dont know why.
    Always redirect to invalidSession.html.
    I understand that, the application logout right but logout-success-url doesnt work.

    The application-context-security is:
    Code:
    	<security:http auto-config="true" use-expressions="true">
    		<security:port-mappings>
    			<security:port-mapping http="8080" https="8081"/>
    		</security:port-mappings>
    				
    		<security:intercept-url pattern="/css/**" access="permitAll"/>
    		<security:intercept-url pattern="/js/**" access="permitAll"/>
    		<security:intercept-url pattern="/images/**" access="permitAll"/>
    		<security:intercept-url pattern="/jsp/**" access="permitAll"/>
    		
    		<security:intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')"/>
    		<security:intercept-url pattern="/users/**" access="hasRole('ROLE_USER')"/>
    		<security:intercept-url pattern="/contents/**" filters="none"/>
    
    		<security:session-management 
    			invalid-session-url="/invalidSession.html" 
    			session-authentication-error-url="/authentication_required.html">
    			<security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/authentication_required.html"/>
    		</security:session-management>
    					
    		<security:form-login 
    			login-page="/home.html"						
    			default-target-url="/loginOn.html"
    			always-use-default-target="true"
    			authentication-failure-url="/authentication_failure.html"/>
    			
    		<security:logout 
    			invalidate-session="true" 
    			logout-url="/logout.html" 
    			logout-success-url="/home.html"/>
    		
    	</security:http>
    What is wrong? Thanks in advance.

  • #2
    Hi,

    logout work fine and session-managent work fine too, the problem is that when you use logout the session will invalidated then session-managent come into play. I think that there isnt a official soluttion, in this foro I have seen two fixed:

    1- In logout invalidate-session="false"
    2- In logout and session-manager redirect to same view with a get parameter /view.xhtml?invalid=true|false

    I have the same problem and in this moment I am searching a possible solution. If I find something I will post the solution hear.

    Regards.

    Comment

    Working...
    X