Spring Security Logout
In this section, you will learn about adding logout in Spring Security Application.
In this section, you will learn about adding logout in Spring Security Application.Spring Security Logout
In this section, you will learn about adding logout in Spring Security Application.
Before going forward , you must aware of Spring Security login. Click here if you are not well aware of it.
Following changes you should made to implement logout feature :
- In the Spring Security configuration XML file, add the <logout logout-success-url="/logoff" /> under the <http> tag as follows :
<http auto-config="true"> <intercept-url pattern="/welcome*" access="ROLE_USER" /> <logout logout-success-url="/logoff" /> </http>
- Add following <a href> tag in the welcome.jsp :
<a href="<c:url value="/j_spring_security_logout" />" > Logoff</a>
Complete code is given below :
The project structure and jar file used is given below :
CODE
The complete code of the application is given below :
web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>SpringSecurityLogout</display-name> <!-- Spring MVC --> <servlet> <servlet-name>Dispatcher</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Dispatcher</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/Dispatcher-servlet.xml, /WEB-INF/spring-security.xml </param-value> </context-param> <!-- Spring Security --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>
spring-security.xml
<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.3.xsd"> <http auto-config="true"> <intercept-url pattern="/index*" access="ROLE_USER" /> <logout logout-success-url="/index" /> </http> <authentication-manager> <authentication-provider> <user-service> <user name="user" password="roseindia" authorities="ROLE_USER" /> </user-service> </authentication-provider> </authentication-manager> </beans:beans>
Dispatcher-servlet.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd"> <context:component-scan base-package="net.roseindia" /> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="prefix"> <value>/WEB-INF/views/</value> </property> <property name="suffix"> <value>.jsp</value> </property> </bean> </beans>
LoginMsg.properties
AbstractUserDetailsAuthenticationProvider.badCredentials=Wrong username\ /\ password
ProjectController.java
package net.roseindia;
import java.security.Principal;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@Controller
@RequestMapping("/index")
public class ProjectController {
@RequestMapping(method = RequestMethod.GET)
public String printMessage(ModelMap model, Principal principal) {
String username = principal.getName();
model.addAttribute("user", username);
model.addAttribute("msg", "Spring Security Custom Login Form");
return "welcome";
}
}
welcome.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<body>
<h3>${msg}</h3>
<h3>Username : ${user}</h3>
<a href="<c:url value="/j_spring_security_logout" />" > Logoff</a>
</body>
</html>
OUTPUT
Call the following URL :
http://localhost:9090/SpringSecurityLogout/index
You will get the following page :
If you provide the correct login credential(username: user, password: roseindia), you will get the below page :
After you click Logoff , you will be redirected to the following page :
