스프링 시큐리티 로그아웃 하기
먼저
생성한다
그다음
customLogout.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>Logout Page</h1>
<form action="/customLogout" method="post">
<input type="hidden" name="${_csrf.parameterName }" value="${_csrf.token }"/>
<button>로그아웃</button>
</form>
</body>
</html>
CommonController.java
package org.conan.controller;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import lombok.extern.log4j.Log4j;
@Controller
@Log4j
public class CommonController {
@GetMapping("/accessError")
public void accessDenied(Authentication auth, Model model) {
log.info("access Denied : "+auth);
model.addAttribute("msg", "Access Denied");
}
@GetMapping("/customLogin")
public void loginInput(String error, String logout, Model model) {
log.info("error : "+error);
log.info("logout : "+error);
if(error != null) {
model.addAttribute("error", "Login Error Check Your Account");
}
if(logout != null) {
model.addAttribute("logout", "LogOut!");
}
}
@GetMapping("/customLogout")
public void logoutGET() {
log.info("custom logout~");
}
}
security-context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security-5.2.xsd
http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/sample/all" access="permitAll" />
<security:intercept-url pattern="/sample/member" access="hasRole('ROLE_MEMBER')" />
<security:intercept-url pattern="/sample/admin" access="hasRole('ROLE_ADMIN')" />
<security:form-login login-page="/customLogin" authentication-success-handler-ref="customLoginSuccess"/>
<!-- 내가 만든 로그인 페이지(/customLogin) 를 쓰겠다고 하는거 -->
<security:logout logout-url="/customLogout" invalidate-session="true"/>
<security:access-denied-handler ref="customAccessDenied"/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="member" password="{noop}member" authorities="ROLE_MEMBER"/>
<security:user name="admin" password="{noop}admin" authorities="ROLE_MEMBER, ROLE_ADMIN"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<bean id="customAccessDenied" class="org.conan.security.CustomAccessDeniedHandler"></bean>
<bean id="customLoginSuccess" class="org.conan.security.CustomLoginSuccessHandler"></bean>
<bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
</beans>
이렇게하면 로그아웃이 되고 로그아웃이 되면
로그인 페이지에서 로그아웃이 됐다고 뜬다
Author And Source
이 문제에 관하여(스프링 시큐리티 로그아웃 하기), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://velog.io/@tkaqhcjstk/로그아웃-하기저자 귀속: 원작자 정보가 원작자 URL에 포함되어 있으며 저작권은 원작자 소유입니다.
우수한 개발자 콘텐츠 발견에 전념 (Collection and Share based on the CC Protocol.)