春季安全註銷不起作用

Question

這裏是我的配置文件 當我點擊註銷按鈕時，這不會重定向回登錄頁面。 基本上我使用JSF和Webflow的

我已經定義了這樣的

<h:commandLink href="/certs/j_spring_security_logout" >Certificate </h:commandLink> 

webconfig文件

<bean id="CltSearch_signonRq" class="com.csc.exceed.certificate.domain.SignonRq"> 
    <property name="clientApp" ref="CltSearch_clientApp" /> 
</bean> 

<bean id="CltSearch_clientApp" class="com.csc.exceed.certificate.domain.ClientApp"> 
    <property name="name" value="S3" /> 
</bean> 

<bean id="custId" class="com.csc.exceed.certificate.domain.CustId" > 
</bean> 
<bean id="custPswd" class="com.csc.exceed.certificate.domain.CustPswd" > 
</bean> 


<bean id="clientApp" class="com.csc.exceed.certificate.domain.ClientApp" > 
    <property name="name" value="XCA" /> 
</bean> 


<bean id="signonPswd" class="com.csc.exceed.certificate.domain.SignonPswd" > 
    <property name="custId" ref="custId" /> 
    <property name="custPswd" ref="custPswd" /> 
</bean> 

<bean id="signonRq" class="com.csc.exceed.certificate.domain.SignonRq"> 
    <property name="clientApp" ref="clientApp" /> 
    <property name="signonPswd" ref="signonPswd" /> 
</bean> 

<bean id="oXMapper" class="com.csc.exceed.util.OXMapper" scope="session"> 
    <property name="unmarshaller" ref="unmarshaller" /> 
    <property name="marshaller" ref="marshaller" /> 
    <property name="acordRequest" ref="acordRequest" /> 
    <property name="acordResponse" ref="acordResponse" /> 
</bean> 

<bean id="oXMapper2" class="com.csc.exceed.util.OXMapper" > 
    <property name="unmarshaller" ref="unmarshaller" /> 
    <property name="marshaller" ref="marshaller" /> 
    <property name="acordRequest" ref="acordRequest2" /> 
    <property name="acordResponse" ref="acordResponse" /> 
</bean> 

<bean id="unmarshaller" class="org.springframework.oxm.castor.CastorMarshaller"> 
    <property name="mappingLocation" 
     value="classpath:/templates/mapping/ACORD_Response_Mapping.xml" /> 
</bean> 

<bean id="marshaller" class="org.springframework.oxm.castor.CastorMarshaller"> 
    <property name="mappingLocation" 
     value="classpath:/templates/mapping/ACORD_Request_Mapping.xml" /> 
</bean> 

<bean id="acordRequest" class="com.csc.exceed.certificate.domain.ACORD" scope="session"> 
    <property name="insuranceSvcRq" ref="insuranceSvcRq" /> 
    <property name="signonRq" ref="CltSearch_signonRq" /> 
</bean> 
<bean id="acordRequest2" class="com.csc.exceed.certificate.domain.ACORD"> 
    <property name="signonRq" ref="signonRq" /> 
</bean> 


<bean id="insuranceSvcRq" class="com.csc.exceed.certificate.domain.InsuranceSvcRq" scope="session"> 
    <property name="com_csc_ClientSearchRq" ref="com_csc_ClientSearchRq" /> 
</bean> 

<bean id="com_csc_ClientSearchRq" 
    class="com.csc.exceed.certificate.domain.Com_csc_ClientSearchRq" scope="session"> 
    <property name="com_csc_SearchInfo" ref="com_csc_SearchInfo" /> 
</bean> 

<bean id="com_csc_SearchInfo" class="com.csc.exceed.certificate.domain.Com_csc_SearchInfo" scope="session"> 
    <property name="com_csc_SearchCriteria" ref="com_csc_SearchCriteria" /> 
</bean> 

<bean id="com_csc_SearchCriteria" 
    class="com.csc.exceed.certificate.domain.Com_csc_SearchCriteria" scope="session"> 
    <property name="com_csc_ClientSearch" ref="com_csc_ClientSearch" /> 
</bean> 

<bean id="com_csc_ClientSearch" class="com.csc.exceed.certificate.domain.Com_csc_ClientSearch" scope="session"> 

</bean> 

<bean id="acordResponse" class="com.csc.exceed.certificate.domain.AcordResponse" /> 

<bean id="postXmlToUrl" class="com.csc.exceed.util.PostXmlToUrl" /> 

<bean id="supportData" class="com.csc.exceed.util.SupportDataUtility" /> 

<bean id="logging" class="com.csc.exceed.aspect.logging.LoggingAspect"> 
</bean> 

<bean id="searchHandler" class="com.csc.exceed.certificate.web.AccountSearchHandler" scope="session"> 
    <property name="oXMapper" ref="oXMapper" /> 
    <property name="applicationProperties" ref="applicationProperties" /> 
    <property name="messageProperties" ref="messageProperties" /> 
</bean> 

<bean id="exceptionHandling" class="com.csc.exceed.aspect.exception.ExceptionHandling"> 
</bean> 

<bean id="applicationProperties" 
    class="org.springframework.beans.factory.config.PropertiesFactoryBean"> 
    <property name="location"> 
     <value>classpath:/config/application.properties</value> 
    </property> 
</bean> 

<bean id="messageProperties" 
    class="org.springframework.beans.factory.config.PropertiesFactoryBean"> 
    <property name="location"> 
     <value>classpath:/config/MessageResources.properties 
     </value> 
    </property> 
</bean> 

<bean id="xmlReader" class="com.csc.exceed.util.Validator" scope="session"> 
    <property name="messageProperties" ref="messageProperties" /> 
    <property name="applicationProperties" ref="applicationProperties" /> 
    <property name="validationXml" value="classpath:/rules/validation-rules.xml" /> 
    <property name="oXMapper" ref="oXMapper" /> 
</bean> 

<bean id="login" class="com.csc.exceed.certificate.domain.ACORD"> 
    <property name="signonRq" ref="signonRq" /> 
</bean> 
<bean id="login2" class="com.csc.exceed.certificate.domain.ACORD"> 
    <property name="signonRq" ref="signonRq" /> 
</bean> 

<bean id="userManagerService" class="com.csc.exceed.aspect.security.UserManagerService" /> 
<bean id="customAuthenticationProvider" 
    class="com.csc.exceed.aspect.security.CustomAuthenticationProvider" scope="session"> 

    <property name="userManagerService" ref="userManagerService"></property> 
    <property name="oXMapper" ref="oXMapper" /> 
    <property name="oXMapper2" ref="oXMapper2" /> 
    <property name="applicationProperties" ref="applicationProperties" /> 
    <property name="messageProperties" ref="messageProperties" /> 
    <property name="login2" ref="login2" /> 
</bean> 

<bean id="customAuthenticationManager" 
    class="com.csc.exceed.aspect.security.CustomAuthenticationManager" scope="session"> 
    <aop:scoped-proxy/> 
    <property name="authenticationProvider" ref="customAuthenticationProvider" /> 
    <property name="oXMapper" ref="oXMapper" /> 
    <property name="login" ref="login" /> 
</bean> 

<cache:annotation-driven /> 
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager"> 
    <property name="cacheManager" ref="ehcache" /> 
</bean> 

<bean id="ehcache" 
    class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"> 
    <property name="configLocation" value="classpath:/config/ehcache.xml" /> 
</bean> 

<bean id="checkSession" class="com.csc.exceed.util.CheckSession"> 
    <property name="messageProperties" ref="messageProperties" /> 
</bean> 


<security:http entry-point-ref="CMSAuthenticationEntryPoint" > 
    <security:custom-filter position="FORM_LOGIN_FILTER" 
     ref="customizedFormLoginFilter" /> 

    <security:intercept-url pattern="/certs/signin/**" 
     access="IS_AUTHENTICATED_ANONYMOUSLY" /> 

    <security:intercept-url pattern="/certs/AccountSearch" 
     access="ROLE_ADMIN,ROLE_GUEST,ROLE_USER" /> 
    <security:session-management 
     session-fixation-protection="migrateSession" > 
     <security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/certificates_presentation/certs/signin?"/> 
     </security:session-management> 

    <security:logout logout-success-url="/certificates_presentation/certs/signin?" invalidate-session="true" /> 

</security:http> 


<bean id="CMSAuthenticationEntryPoint" 
    class="com.csc.exceed.aspect.accesscontrol.CMSAuthenticationEntryPoint"> 
    <property name="loginFormUrl" value="/certs/signin" /> 
    <property name="forceHttps" value="false" /> 
</bean> 

<bean id="customizedFormLoginFilter" 
    class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" > 
    <property name="authenticationManager" ref="customAuthenticationManager" /> 
    <property name="filterProcessesUrl" value="/certs/j_spring_security_check" /> 
    <property name="authenticationSuccessHandler" ref="simpleURLSuccessHandler" /> 
    <property name="authenticationFailureHandler" ref="simpleURLFailureHandler" /> 

</bean> 


<bean id="simpleURLFailureHandler" 
    class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> 
    <property name="defaultFailureUrl" value="/certs/signin" /> 
    <!-- <property name="allowSessionCreation" value="true" /> --> 
</bean> 

<bean id="simpleURLSuccessHandler" 
    class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"> 
    <property name="defaultTargetUrl" value="/certs/AccountSearch" /> 
    <property name="alwaysUseDefaultTargetUrl" value="true" /> 


</bean> 
<security:authentication-manager alias="authenticationManager"> 
</security:authentication-manager> 

webxml文件

註銷鏈接的春天一起

Answer 1

我已經找到answer.this是正確的解決方案的

<h:outputLink value="${request.contextPath}/j_spring_security_logout">logout</h:outputLink> 

，而不是命令鏈接