春季安全註銷失敗HTTP-BIO-8080「-exec-5」 java.lang.StackOverflowError的

Question

我已經看到了春天的註銷的幾個例子，它似乎有點抽象我。我有一個與href =「appcontext_path/auth/logout.html」的鏈接。我見過的例子在auth文件夾中沒有心理logout.html。所以我認爲這是一個幕後任務。我希望能夠點擊無效的會話和任何相關的cookies和瀏覽到登錄頁面（AUTH/login.html的）一個註銷鏈接。當我嘗試下面的配置，我得到線索 「」 HTTP-BIO-8080 「一個異常-exec-5」 java.lang.StackOverflowError的

<global-method-security secured-annotations="enabled"> 
</global-method-security> 
<http security="none" pattern="/javax.faces.resource/**" /> 
<http security="none" pattern="/services/rest-api/1.0/**" /> 
<http security="none" pattern="/preregistered/**" /> 
<http access-denied-page="/auth/denied.html"> 
    <intercept-url 
     pattern="/**/*.xhtml" 
     access="ROLE_NONE_GETS_ACCESS" /> 
    <intercept-url 
     pattern="/auth/*" 
     access="ROLE_ANONYMOUS" /> 
    <intercept-url 
     pattern="/registered/*" 
     access="ROLE_USER" /> 
    <form-login 
     login-processing-url="/j_spring_security_check.html" 
     login-page="/auth/login.html" 
     default-target-url="/registered/home.html" 
     authentication-failure-url="/auth/login.html" /> 
    <logout logout-url="/auth/logout.html" 
      logout-success-url="/auth/login.html" /> 
    <anonymous username="guest" granted-authority="ROLE_ANONYMOUS"/> 
    <remember-me user-service-ref="userManager" key="ddddd23aferq3f3qrf"/> 
</http> 
<!-- Configure the authentication provider --> 
<authentication-manager> 
    <authentication-provider user-service-ref="userManager"> 
      <password-encoder ref="passwordEncoder" /> 
    </authentication-provider> 
</authentication-manager> 

Answer 1

只需刪除標籤<logout/>並使用j_spring_security_logout作爲註銷功能的鏈接。

Answer 2

您在配置<logout logout-url="/auth/logout.html" logout-success-url="/auth/login.html" />導致春天有錯誤映入logout.html請求logout.html（即本身）註銷濾波器 - 並且這導致SOE。

你應該使用不同的網址logout-url和logout-success-url。