0
我在項目中使用:如何解決使用Spring Security成功註銷後的後退按鈕問題
- Maven的
- 休眠
- JSF
- 春
- 春季安全
我註銷成功,但當我點擊後退按鈕時,它顯示上一頁,這是我不喜歡的東西。任何建議來解決這個問題?
我已經嘗試了一些解決方案,但他們不工作:
<bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
<property name="cacheSeconds" value="0" />
</bean>
或
<mvc:interceptors>
<bean id="webContentInterceptor" class="org.springframework.web.servlet.mvc.WebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="false"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
</mvc:interceptors>
我還發現功能doFilter一個解決方案,但我不知道在哪裏我可以把它。
這是我的驗證碼:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<global-method-security pre-post-annotations="enabled" />
<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/login.jsp" access="permitAll" />
<intercept-url pattern="/ressources/**" access="permitAll" />
<intercept-url pattern="/images/**" access="permitAll" />
<intercept-url pattern="/pages/ajouterUser.xhtml" access="permitAll" />
<intercept-url pattern="/pages/userListe.xhtml" access="permitAll" />
<intercept-url pattern="/pages/index.xhtml" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/**" access="hasRole('ROLE_ADMIN')" />
<!-- access denied page -->
<access-denied-handler error-page="/login" />
<form-login
login-page="/login"
authentication-success-handler-ref="myAuthenticationSuccessHandler"
authentication-failure-url="/login?error"
username-parameter="username"
password-parameter="password" />
<logout logout-success-url="/login.jsp?logout"/>
<!-- enable csrf protection -->
</http>
<beans:bean id="myAuthenticationSuccessHandler"
class="inventory.security.MySimpleUrlAuthenticationSuccessHandler" />
<!-- Select users and user_roles from database -->
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="userDetailsService"></beans:property>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="daoAuthenticationProvider"/>
</beans:list>
</beans:property>
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService">
<password-encoder hash="md5"></password-encoder>
</authentication-provider>
</authentication-manager>
<beans:bean id="authenticationFailureHandler" class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
<beans:property name="exceptionMappings">
<beans:props>
<beans:prop key="org.springframework.security.core.userdetails.UsernameNotFoundException">/login.action?error=1</beans:prop>
</beans:props>
</beans:property>
</beans:bean>