aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2018-11-19 18:39:30 +0300
committerGravatar Vitaly Takmazov2018-11-19 18:39:30 +0300
commite7433a03bb056ec7de2e281304ef44fc4351d49d (patch)
treec9f620d7c96f4baffc4518b6afe1f8ff61611c7e /src
parentf454457aa999ac5a84b8305f5df647cac4ec14e0 (diff)
remove invalid logout url
Diffstat (limited to 'src')
-rw-r--r--src/main/java/com/juick/server/configuration/SecurityConfig.java4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index f02083d5..37007f09 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -40,6 +40,7 @@ import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@@ -185,9 +186,10 @@ public class SecurityConfig {
.sessionManagement().invalidSessionUrl("/")
.and()
.logout()
+ .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.invalidateHttpSession(true)
.logoutUrl("/logout")
- .logoutSuccessUrl("/login?logout")
+ .logoutSuccessUrl("/")
.deleteCookies("hash", COOKIE_NAME)
.and()
.formLogin()