Spring Security Java注销配置

时间:2016-12-18 21:21:11

标签: java spring spring-boot spring-security

在我的Spring Boot项目中,我正在尝试为Spring Security配置注销处理程序。

这是我的配置:

        http
            .csrf().ignoringAntMatchers("/v1.0/**")             
        .and()
            .authorizeRequests()

            .antMatchers("/oauth/authorize").authenticated()
            //Anyone can access the urls
            .antMatchers("/v1.0/**").permitAll()
            .antMatchers("/auth/**").permitAll()
            .antMatchers("/actuator/health").permitAll()
            .antMatchers("/actuator/**").hasAuthority("READ_ACTUATOR_DATA")
            .antMatchers("/login").permitAll()
            .anyRequest().authenticated()
        .and()
            .formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/login")
                .failureUrl("/login?error=true")
                .usernameParameter("username")
                .passwordParameter("password")
                .permitAll()
            .and()
                .logout()
                    .clearAuthentication(true)
                    .logoutSuccessUrl("/")
                    .deleteCookies("JSESSIONID")
                    .invalidateHttpSession(true)
                    .permitAll()
        //Adds the SocialAuthenticationFilter to Spring Security's filter chain.
        .and()
            // apply the configuration from the socialConfigurer (adds the SocialAuthenticationFilter)
            .apply(socialConfigurer);
        // @formatter:on

这是我的应用程序上下文根:/api

/ api / login按预期工作,但当我尝试访问/api/logout时,它显示错误:

There was an unexpected error (type=Not Found, status=404).
/api/logout

我做错了什么以及如何解决?

0 个答案:

没有答案