web - Spring Security 3.2.2 Logout Redirecting to Wrong Page -
web - Spring Security 3.2.2 Logout Redirecting to Wrong Page -
i have logout button created set , works, it's redirecting invalid-session-url reason. relevant bit of security.xml:
<http use-expressions="true"> <form-login login-page="/login" login-processing-url="/j_spring_security_check" default-target-url="/view" always-use-default-target="true" authentication-failure-url="/login?redirect=login_error" /> <logout logout-success-url="/login?redirect=logout" delete-cookies="jsessionid"/> <session-management invalid-session-url="/login?redirect=session_timeout" /> <intercept-url pattern="/login" access="isanonymous()" /> <intercept-url pattern="/**" access="isauthenticated()" /> </http> not sure why happening. have session-timeout in web.xml set 5.
when logout first thing spring security invalidates session, invalid-session-url used. can set invalidate-session="false" on logout element or remove <session-management invalid-session-url="/login?redirect=session_timeout" />.
spring web spring-security
Comments
Post a Comment