退出登陆
- 如何退出登录
- security默认退出登录处理逻辑
- 自定义退出登录
默认是/logout退出登录。
security默认退出登录处理逻辑
- 使当前session失效
- 清除与当前用户相关的remember-me记录
- 清空当前的SecurityContext
- 重定向到登录页
自定义退出登录
com.rui.tiger.auth.browser.config.BrowserSecurityConfig#configure
.expiredSessionStrategy(sessionInformationExpiredStrategy)//并发策略
.and()
.and()
.logout()
.logoutUrl("/loginOut") //默认logout
//.logoutSuccessUrl("") url和Handler只能配置一个
.logoutSuccessHandler(tigerLogoutSuccessHandler)
.deleteCookies("JSESSIONID")//清楚cook键值
自定义失败处理器
-
package com.rui.tiger.auth.browser.loginout;
-
-
import com.alibaba.fastjson.JSON;
-
import com.rui.tiger.auth.core.properties.BrowserProperties;
-
import com.rui.tiger.auth.core.properties.SecurityProperties;
-
import com.rui.tiger.auth.core.support.SimpleResponse;
-
import org.apache.commons.lang.StringUtils;
-
import org.springframework.security.core.Authentication;
-
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
-
-
import javax.servlet.ServletException;
-
import javax.servlet.http.HttpServletRequest;
-
import javax.servlet.http.HttpServletResponse;
-
import java.io.IOException;
-
-
/**
-
* 退出登录处理Handler
-
*
-
* @author CaiRui
-
* @date 2019-03-12 08:31
-
*/
-
public
class TigerLogoutSuccessHandler implements LogoutSuccessHandler {
-
-
-
private SecurityProperties securityProperties;
-
-
public TigerLogoutSuccessHandler(SecurityProperties securityProperties) {
-
this.securityProperties = securityProperties;
-
}
-
-
@Override
-
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-
String loginOutUrl = securityProperties.getBrowser().getLoginOut();
-
-
if (StringUtils.isBlank(loginOutUrl)) {
-
response.setContentType(
"application/json;charset=UTF-8");
-
response.getWriter().write(JSON.toJSONString(
new SimpleResponse(
"退出成功")));
-
}
else {
-
response.sendRedirect(loginOutUrl);
-
}
-
-
-
}
-
}
bean可配置
-
package com.rui.tiger.auth.browser.config;
-
-
import com.rui.tiger.auth.browser.loginout.TigerLogoutSuccessHandler;
-
import com.rui.tiger.auth.browser.session.TigerExpiredSessionStrategy;
-
import com.rui.tiger.auth.browser.session.TigerInvalidSessionStrategy;
-
import com.rui.tiger.auth.core.properties.SecurityProperties;
-
import org.springframework.beans.factory.annotation.Autowired;
-
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
-
import org.springframework.context.annotation.Bean;
-
import org.springframework.context.annotation.Configuration;
-
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
-
import org.springframework.security.web.session.InvalidSessionStrategy;
-
import org.springframework.security.web.session.SessionInformationExpiredStrategy;
-
-
/**
-
* 失效默认实现
-
* 自定义重写可以覆盖此实现
-
* @author CaiRui
-
* @date 2019-02-27 12:15
-
*/
-
@Configuration
-
public
class BrowserSecurityBeanConfig {
-
@Autowired
-
private SecurityProperties securityProperties;
-
-
@Bean
-
@ConditionalOnMissingBean(InvalidSessionStrategy.class)
-
public InvalidSessionStrategy invalidSessionStrategy(){
-
return
new TigerInvalidSessionStrategy(securityProperties.getBrowser().getSession().getInvalidSessionUrl());
-
}
-
-
@Bean
-
@ConditionalOnMissingBean(SessionInformationExpiredStrategy.class)
-
public SessionInformationExpiredStrategy sessionInformationExpiredStrategy(){
-
return
new TigerExpiredSessionStrategy(securityProperties.getBrowser().getSession().getInvalidSessionUrl());
-
}
-
-
//退出
-
@Bean
-
@ConditionalOnMissingBean(LogoutSuccessHandler.class)
-
public LogoutSuccessHandler tigerLogoutSuccessHandler(){
-
return
new TigerLogoutSuccessHandler(securityProperties);
-
}
-
}
退出项可配置
ok 我们在首页界面添加个退出测下
-
<!DOCTYPE html>
-
<html lang="en">
-
<head>
-
<meta charset="UTF-8">
-
<title>首页
</title>
-
</head>
-
<body>
-
<h2>你好
</h2>
-
<h3>欢迎你
</h3>
-
-
<a href="/loginOut">退出登录
</a>
-
-
</body>
-
</html>
文章转载至:https://blog.csdn.net/ahcr1026212/article/details/88418239
3630
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
