我已经查看了SO中列出的所有解决方案,但似乎无法使其正常工作。我有一个简单的spring-security xml文件 -
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">
<http auto-config='true' use-expressions="true">
<intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="user" authorities="ROLE_USER"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
我的退出页面如下所示 -
<form action="j_spring_security_logout" method="post" id="logoutForm">
<input type="hidden"
name="${_csrf.parameterName}"
value="${_csrf.token}" />
</form>
<script>
function formSubmit() {
document.getElementById("logoutForm").submit();
}
</script>
<c:if test="${pageContext.request.userPrincipal.name != null}">
<h2>
Welcome : ${pageContext.request.userPrincipal.name} |
<a href="javascript:formSubmit()"> Logout</a>
</h2>
</c:if>
但是当我进行HTTP POST时,我收到404错误; Spring提供以下错误消息 -
WARNING: No mapping found for HTTP request with URI [/j_spring_security_logout] in DispatcherServlet with name 'spring-dispatcher'
我做错了什么?
Spring版本(来自pom.xml) -
<spring-core-version>4.1.6.RELEASE</spring-core-version>
<spring-security-version>4.0.1.RELEASE</spring-security-version>
答案 0 :(得分:7)
根据the docs,Spring Security 4中的注销URL只是/logout,因此如果您更改表单操作,它应该可以正常工作。
我还会删除auto-config属性,并按照手册中的示例设置您要明确使用的内容。