dineshonjava

Spring Security Logout Example

In this tutorial, we will discuss about adding logout functionality in Spring Security Application.

Before go ahead , you must aware of Spring Security login. Click here if you are not well aware of it.

There are some following changes you should made to implement for logout functionality :

1. Adding the following line of code to the welcome.jsp page for the logout link.

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>WELCOME TO SECURE AREA</title>
</head>
<body>
 <h1>Message : ${message}</h1> 
 <h1>Author : ${author}</h1> 
 <a href='<c:url value="/j_spring_security_logout" />' > Logout</a>
</body>
</html>

2. In the Spring Security configuration XML file, add the <logout logout-success-url="/logout" /> under the <http> tag as follows 
sdnext-security.xml
 
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns:p="http://www.springframework.org/schema/p" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-3.1.xsd">

   <security:http auto-config="true">
  <security:intercept-url pattern="/index*" access="ROLE_USER" />
  <security:form-login login-page="/login" default-target-url="/index"
   authentication-failure-url="/fail2login" />
  <security:logout logout-success-url="/logout" />
 </security:http>

    <security:authentication-manager>
   <security:authentication-provider>
     <security:user-service>
   <security:user name="dineshonjava" password="sweety" authorities="ROLE_USER" />
     </security:user-service>
   </security:authentication-provider>
 </security:authentication-manager>

</beans>


All files are same as the previous example for login page as following derctory structure.
Spring Security Logout Example


Running the example

Export the example as war and deploy it Tomcat 7 server. While browsing the project you will get the following screen for loging:

Access URL "http://localhost:8080/sdnext/index", Spring will redirect to your custom login form.
URL : http://localhost:8080/sdnext/login

Logout Example

If username/password is correct, authentication success, display requested page.

URL : http://localhost:8080/sdnext/index
Security Logout Example
 

If username/password is correct, authentication success, display requested page.
on requested page click on Logout link.

URL : http://localhost:8080/sdnext/logout
Spring Security Logout



Download Source Code-
SpringSecurityLogoutExample.zip


References-
http://www.dineshonjava.com/2013/02/spring-security-form-based-login-example.html
Spring Security



                             <<previous<<             || index  ||         >>next>>


No comments:

Post a Comment