Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/304.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/11.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java spring安全自定义注销处理程序_Java_Spring_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java spring安全自定义注销处理程序

Java spring安全自定义注销处理程序

java spring spring-security

Java spring安全自定义注销处理程序,java,spring,spring-security,Java,Spring,Spring Security,如何在SpringSecurity中将自己的注销处理程序添加到LogoutFilter? 谢谢 您应该使用元素的成功处理程序ref属性: <security:logout invalidate-session="true" success-handler-ref="myLogoutHandler" logout-url="/logout" /> 作为替代解决方案,您可以在注销URL上配置自己的过滤器。请参阅Spring Security

如何在SpringSecurity中将自己的注销处理程序添加到LogoutFilter?
谢谢

您应该使用
元素的
成功处理程序ref
属性:

<security:logout invalidate-session="true"
          success-handler-ref="myLogoutHandler"
          logout-url="/logout" />
作为替代解决方案,您可以在注销URL上配置自己的过滤器。

请参阅Spring Security Forum中的答案:

XML定义:
以下解决方案适合我,可能会有所帮助:

  • 扩展或实现:

  • 添加到Spring安全配置中:

    <security:logout logout-url="/logout" success-handler-ref="logoutSuccessHandler" />
<bean id="logoutSuccessHandler" class="your.package.name.LogoutSuccessHandler" >
    <constructor-arg value="/putInYourDefaultTargetURLhere" />
</bean>
    • 您可以像这样使用java配置解决方案

    
@配置
@启用Web安全性
公共类SpringSecurity2Config扩展了WebSecurity配置适配器{
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
//您可以通过调用http.XXX()来设置其他安全配置
http
.logout()
.addLogoutHandler(新的CustomLogoutHandler())
.logoutUrl(“/logout”)
.logoutSuccessHandler(…)
.permitAll();
}
静态类CustomLogoutHandler实现LogoutHandler{
@凌驾
公共无效注销(HttpServletRequest请求、HttpServletResponse响应、身份验证){
//...
}
}
}
    myLogoutHandler必须从哪个类扩展?@Neuquino,您应该实现
    org.springframework.security.web.authentication.logout.LogoutHandler
    您不能同时使用logout url和success handler ref。successHandler和LogoutHandler是两件不同的事情。有时您需要一个自定义LogoutHandler(因为它在LogoutSuccessHandler之前运行)。构造函数不是必需的。他要求的是
    LogoutHandler
    而不是
    LogoutSuccessHandler
    无需定义协同构造函数,只需使用
    而不是
    public class CustomLogoutHandler implements LogoutHandler {
    private UserCache userCache;

    public void logout(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) {
        // ....
    }

    @Required
    public void setUserCache(final UserCache userCache) {
        this.userCache = userCache;
    }
}

    public class LogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {

   // Just for setting the default target URL
   public LogoutSuccessHandler(String defaultTargetURL) {
        this.setDefaultTargetUrl(defaultTargetURL);
   }

   @Override
   public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {

        // do whatever you want
        super.onLogoutSuccess(request, response, authentication);
   }
}

    <security:logout logout-url="/logout" success-handler-ref="logoutSuccessHandler" />
<bean id="logoutSuccessHandler" class="your.package.name.LogoutSuccessHandler" >
    <constructor-arg value="/putInYourDefaultTargetURLhere" />
</bean>