Spring Security Logout Example

In this tutorial, we will discuss about adding logout functionality in Spring Security Application.

Before go ahead , you must aware of Spring Security login. Click here if you are not well aware of it.

There are some following changes you should made to implement for logout functionality :

1. Adding the following line of code to the welcome.jsp page for the logout link.

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>WELCOME TO SECURE AREA</title>
</head>
<body>
 <h1>Message : ${message}</h1> 
 <h1>Author : ${author}</h1> 
 <a href='<c:url value="/j_spring_security_logout" />' > Logout</a>
</body>
</html>

2. In the Spring Security configuration XML file, add the <logout logout-success-url="/logout" /> under the <http> tag as follows 

sdnext-security.xml
 
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns:p="http://www.springframework.org/schema/p" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-3.1.xsd">

   <security:http auto-config="true">
  <security:intercept-url pattern="/index*" access="ROLE_USER" />
  <security:form-login login-page="/login" default-target-url="/index"
   authentication-failure-url="/fail2login" />
  <security:logout logout-success-url="/logout" />
 </security:http>

    <security:authentication-manager>
   <security:authentication-provider>
     <security:user-service>
   <security:user name="dineshonjava" password="sweety" authorities="ROLE_USER" />
     </security:user-service>
   </security:authentication-provider>
 </security:authentication-manager>

</beans>


All files are same as the previous example for login page as following derctory structure.


Running the example

Export the example as war and deploy it Tomcat 7 server. While browsing the project you will get the following screen for loging:

Access URL "http://localhost:8080/sdnext/index", Spring will redirect to your custom login form.
URL : http://localhost:8080/sdnext/login


If username/password is correct, authentication success, display requested page.

URL : http://localhost:8080/sdnext/index
 

If username/password is correct, authentication success, display requested page.
on requested page click on Logout link.

URL : http://localhost:8080/sdnext/logout



Download Source Code-
SpringSecurityLogoutExample.zip


References-
http://www.dineshonjava.com/2013/02/spring-security-form-based-login-example.html
Spring Security



                             <<previous<<             || index  ||         >>next>>


No comments:

Post a Comment