1. 技术文章
  2. Spring security : Redirect to previous url after logout

Spring security : Redirect to previous url after logout

爱⌒轻易说出口 提交于 2020-01-02 05:01:09

问题


I've got a web app that uses spring security. I'm wanting to redirect the user back to the same page they were on before log out when they log out.

Is there an easy way to do this?


回答1:


You can add a new filter in the filter chain of the spring security. That new filer will be applied to the /logout URL. When going trough this filter you can save the current page in a field variable. And when returning through the filter. You can redirect the request to the saved URL. I think this can help. You can get the current page URL by Using. Referer header in the Request object.




回答2:


Not sure which Spring version this question was referring to - but there is a useReferer property on the standard org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler since Spring 3.0.

So all you need to do is configure it like this and the logout will redirect to wherever the user came from:

<bean id="logoutSuccessHandler" class="org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler">
    <property name="useReferer" value="true"/>
</bean>

<security:http>
    <security:logout logout-url="/logout" success-handler-ref="logoutSuccessHandler" />
</security:http>



回答3:


What you need is a Simple LogoutSuccessHandler

@Component
  public class CustomLogoutSuccessHandler extends 
  SimpleUrlLogoutSuccessHandler implements LogoutSuccessHandler {

@Override
 public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse 
     response, Authentication authentication)
        throws IOException, ServletException {
    if (authentication != null) {
        System.out.println(authentication.getName());
    }
    response.setStatus(HttpStatus.OK.value());
    response.sendRedirect(request.getHeader("referer"));
}

And later call it in your configure method i.e

.logout().logoutSuccessHandler(customLogoutSuccessHandler)

This will redirect you to referer URL.




回答4:


Just a thought:

How about we keep a stack of visited pages. may be at max 3 entries. and redirects user from logout.

  • Configure a Filter or extend spring security filter to maintain a stack in session about last two visited URLs

  • On logout configure a servlet as logout-success-url .

  • Now get the URL from session stack and now invalidate the session and redirect user to that page

Also you can make use of referrer header as Vijay has mentioned



来源:https://stackoverflow.com/questions/6120239/spring-security-redirect-to-previous-url-after-logout

标签
spring-security
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!