I am trying to add login functionality to my app with spring security v.4. Login works fine, but when I am trying to logout an error 404 appears. Spring Security reference says that default logout URL is /logout. My app is deployed under /app URL and I tried following URL's localhost:8080/app/logout and localhost:8080/app/json/logout. I found some similar issues on stack but they are about case when CSRF protection is used and I'm not using it. Here is part of my my web.xml file
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/json-servlet.xml,
/WEB-INF/applicationContext.xml</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>json</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>json</servlet-name>
<url-pattern>/json/*</url-pattern>
</servlet-mapping>
and my json-servlet.xml where is spring security configuration:
<context:component-scan base-package="test" />
<mvc:annotation-driven />
<security:http>
<security:intercept-url pattern="/**" access="hasRole('USER')" />
<security:form-login />
<security:logout />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="test" password="1" authorities="ROLE_USER, ROLE_ADMIN" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
Thanks in advance.
Aucun commentaire:
Enregistrer un commentaire