In this tutorial, we will discuss about adding spring security logout functionality in Spring Security Application.
Before go ahead , you must aware of Spring Security login. Click here if you are not well aware of it.
1. Adding the following line of code to the welcome.jsp page for the logout link.
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>WELCOME TO SECURE AREA</title> </head> <body> <h1>Message : ${message}</h1> <h1>Author : ${author}</h1> <a href='<c:url value="/j_spring_security_logout" />' > Logout</a> </body> </html>
2. In the Spring Security configuration XML file, add the <logout logout-success-url=”/logout” /> under the <http> tag as follows
sdnext-security.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <security:http auto-config="true"> <security:intercept-url pattern="/index*" access="ROLE_USER" /> <security:form-login login-page="/login" default-target-url="/index" authentication-failure-url="/fail2login" /> <security:logout logout-success-url="/logout" /> </security:http> <security:authentication-manager> <security:authentication-provider> <security:user-service> <security:user name="dineshonjava" password="sweety" authorities="ROLE_USER" /> </security:user-service> </security:authentication-provider> </security:authentication-manager> </beans>
All files are same as the previous example for login page as following derctory structure.
Running the example
Export the example as war and deploy it Tomcat 7 server. While browsing the project you will get the following screen for loging:
Access URL “http://localhost:8080/sdnext/index“, Spring will redirect to your custom login form.
URL : http://localhost:8080/sdnext/login
If username/password is correct, authentication success, display requested page.
URL : http://localhost:8080/sdnext/index
If username/password is correct, authentication success, display requested page.
on requested page click on Logout link.
URL : http://localhost:8080/sdnext/logout
Download Source Code-
SpringSecurityLogoutExample.zip
References-
https://www.dineshonjava.com/spring-security-form-based-login-example/
Spring Security
- Spring Security Interview Questions and Answers
- Spring Security Java Based Configuration with Example
- Spring Security XML Namespace Configuration Example
- Spring Security XML Based Hello World Example
- Spring Security form-based login example
- Spring Security Login Form Based Example Using Database
- Spring Security Authentication Example Using HTTP Basic
- Spring Security Authorized Access Control Example
- Spring Security Customized Access Denied Page
- Spring Security Custom Error Message
- Spring Security Logout Example
- Spring Security Fetch Logged in Username
- Spring Security Password Hashing