Spring Security Logout Example

In this tutorial, we will discuss about adding spring security logout functionality in Spring Security Application.
Before go ahead , you must aware of Spring Security login. Click here if you are not well aware of it.

There are some following changes you should made to implement for logout functionality :

1. Adding the following line of code to the welcome.jsp page for the logout link.

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>WELCOME TO SECURE AREA</title>
</head>
<body>
 <h1>Message : ${message}</h1> 
 <h1>Author : ${author}</h1> 
 <a href='<c:url value="/j_spring_security_logout" />' > Logout</a>
</body>
</html>

 

2. In the Spring Security configuration XML file, add the <logout logout-success-url=”/logout” /> under the <http> tag as follows 

sdnext-security.xml
 

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns:p="http://www.springframework.org/schema/p" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-3.1.xsd">

   <security:http auto-config="true">
  <security:intercept-url pattern="/index*" access="ROLE_USER" />
  <security:form-login login-page="/login" default-target-url="/index"
   authentication-failure-url="/fail2login" />
  <security:logout logout-success-url="/logout" />
 </security:http>

    <security:authentication-manager>
   <security:authentication-provider>
     <security:user-service>
   <security:user name="dineshonjava" password="sweety" authorities="ROLE_USER" />
     </security:user-service>
   </security:authentication-provider>
 </security:authentication-manager>

</beans>

All files are same as the previous example for login page as following derctory structure.

Spring Security Logout Example

 

Running the example

Export the example as war and deploy it Tomcat 7 server. While browsing the project you will get the following screen for loging:

Access URL “http://localhost:8080/sdnext/index“, Spring will redirect to your custom login form.
URL : http://localhost:8080/sdnext/login

Logout Example

If username/password is correct, authentication success, display requested page.

URL : http://localhost:8080/sdnext/index

Security Logout Example

 

 

If username/password is correct, authentication success, display requested page.
on requested page click on Logout link.

URL : http://localhost:8080/sdnext/logout

Spring Security Logout

 

Download Source Code-
SpringSecurityLogoutExample.zip

References-
https://www.dineshonjava.com/spring-security-form-based-login-example/
Spring Security

 

 

                             <<previous<<             || index  ||         >>next>>
Previous
Next