1
您好,我在我的彈簧啓動應用程序中加強了彈簧安全性。但是在點擊註銷時,它需要一些重定向url。如何避免它?在彈簧安全中註銷,無需重定向到任何地方
我WebSecurityConfig是
@Override
protected void configure(HttpSecurity http) throws Exception
{
http.csrf().disable()
.authorizeRequests()
.antMatchers(HttpMethod.POST, "/rest/auth/**").permitAll()
.antMatchers("/login").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/dist/**").permitAll()
.antMatchers("/node_modules/**").permitAll()
.antMatchers("/src/**").permitAll()
.anyRequest().authenticated()
.and()
.logout().addLogoutHandler(logoutHandler)
.and()
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
.addFilter(new JWTAuthorizationFilter(authenticationManager()));
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
我LogoutHandler是
@Override
public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
Authentication authentication)
{
try
{
SecurityContextHolder.getContext().setAuthentication(null);
SecurityContextHolder.clearContext();
String responseValue = new ObjectMapper().writeValueAsString("success");
httpServletResponse.setStatus(HttpServletResponse.SC_ACCEPTED);
httpServletResponse.addHeader("Content-Type", "application/json");
httpServletResponse.getWriter().print(responseValue);
}
catch(Exception e)
{
LOGGER.error("Error", e);
String responseValue;
try
{
responseValue = new ObjectMapper().writeValueAsString("failed");
httpServletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
httpServletResponse.addHeader("Content-Type", "application/json");
httpServletResponse.getWriter().print(responseValue);
}
catch(IOException e1)
{
LOGGER.error("Error", e1);
}
}
}
我只是想在LogoutHandler配置的響應被髮送到客戶端。但成功註銷後,它將重定向到/login。我不希望它被重定向到任何其他網址。我只是想將響應發送給客戶端。如何實現這一目標?