5
我已經實現了我自己的LogoutHandler,我試圖在春季安全xml中配置它,但由於某種原因它沒有在註銷時被調用(註銷成功,但我的代碼isn沒有執行)。春季安全自定義LogoutHandler不叫
這是我的security.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http use-expressions="true">
<security:intercept-url pattern="/logoutSuccess"
access="permitAll" />
<security:logout logout-url="/logout"
logout-success-url="/logoutSuccess" />
</security:http>
<bean id="logoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-arg index="0" value="/logoutSuccess" />
<constructor-arg index="1">
<list>
<bean id="securityContextLogoutHandler"
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
<bean id="myLogoutHandler" class="my.package.MyLogoutHandler" />
</list>
</constructor-arg>
<property name="filterProcessesUrl" value="/logout" />
</bean>
MyLogoutHandler - 這是我想在註銷執行什麼,但它沒有被稱爲:
import org.springframework.security.web.authentication.logout.LogoutHandler;
public class MyLogoutHandler implements LogoutHandler {
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
System.out.println("logout!");
}
}
沒有人有任何想法爲什麼它不工作?謝謝!
謝謝,但是當我把它添加到註銷過濾豆,我得到以下錯誤: CVC-複雜type.2.4.a:在有效內容從元素'custom-filter'開始發現 當我嘗試安全配置時,運行tomcat時出現以下錯誤: 配置問題:過濾bean''和'Root bean:class [ org.springframework.security.web.authentication.logout.LogoutFilter]; ...具有相同的「訂單」價值。 –
Ayelet
你可以發佈錯誤的詳細信息,也請嘗試,即在自定義過濾器標籤之前添加安全名稱空間 –
coder
我嘗試了在bean內部,但得到此錯誤: 配置問題:安全名稱空間不支持修飾元素[custom-filter] – Ayelet