diff options
author | Vitaly Takmazov | 2018-11-19 18:39:30 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2018-11-19 18:39:30 +0300 |
commit | e7433a03bb056ec7de2e281304ef44fc4351d49d (patch) | |
tree | c9f620d7c96f4baffc4518b6afe1f8ff61611c7e | |
parent | f454457aa999ac5a84b8305f5df647cac4ec14e0 (diff) |
remove invalid logout url
-rw-r--r-- | src/main/java/com/juick/server/configuration/SecurityConfig.java | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java index f02083d5..37007f09 100644 --- a/src/main/java/com/juick/server/configuration/SecurityConfig.java +++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java @@ -40,6 +40,7 @@ import org.springframework.security.web.authentication.HttpStatusEntryPoint; import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices; import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; @@ -185,9 +186,10 @@ public class SecurityConfig { .sessionManagement().invalidSessionUrl("/") .and() .logout() + .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .invalidateHttpSession(true) .logoutUrl("/logout") - .logoutSuccessUrl("/login?logout") + .logoutSuccessUrl("/") .deleteCookies("hash", COOKIE_NAME) .and() .formLogin() |