堆栈内存溢出
  简体   繁体   English

Spring Security + Google App Engine + UserService:注销的正确方法是什么?

[英]Spring Security + Google App Engine + UserService: What is the correct way to logout?

 原文  2013-10-17 04:27:10       java/ spring/ google-app-engine/ spring-mvc/ spring-security

问题描述

Sorry if this question is very obvious. 抱歉,这个问题很明显。

I am very confused about how to logout from web app using Google App Engine (UserService) and Spring MVC/Spring Security. 我对如何使用Google App Engine(UserService)和Spring MVC / Spring Security从Web应用程序注销感到非常困惑。

By example, there is a way to do it just putting a link pointing to 'j_spring_security_logout' as is explained on mkyong . 例如,有一种方法可以像mkyong所述,仅放置指向' j_spring_security_logout '的链接。

And there is the way described in the basic Google App Engine tutorial , putting a link to URL returned by 'createLoginURL(...)' method. 在基本的Google App Engine教程中有介绍的方法,该方法放置指向'createLoginURL(...)'方法返回的URL的链接。

I have tried both, and google user keep logged in. 我都尝试过,并且google用户保持登录状态。

So, what is the correct way accomplish this simple task? 那么,完成此简单任务的正确方法是什么?

Thanks. 谢谢。

2 个解决方案

解决方案1
 0  2014-01-12 09:25:56

  1. By pointing to j_spring_security_logout , user's current session will be invalidated but he will not be logged out from Google accounts. 通过指向j_spring_security_logout ,用户的当前会话将无效,但不会从Google帐户中注销。 So when user comes back to URL or link where you are expecting user to be logged in using Google account will work as he is not logged out from Google. 因此,当用户返回到您希望用户使用Google帐户登录的URL或链接时,由于他未从Google注销,因此可以使用。

  2. When you redirect user to the link created by userService.createLogoutUrl , user will be logged out from Google accounts. 当您将用户重定向到userService.createLogoutUrl创建的链接时,该用户将从Google帐户中注销。

Depending upon your requirement you can use single or combine these two steps to log out user from current session and Google accounts as well. 根据您的要求,您可以使用单个步骤,也可以结合使用这两个步骤来从当前会话和Google帐户中注销用户。

解决方案2
 0  2015-11-04 07:59:35

UserService works with a Google account, so userService.createLogoutUrl will actually log you out of a Google account. UserService使用Google帐户,因此userService.createLogoutUrl实际上将使您退出Google帐户。

And Logout feature of Spring Security is related to session so, j_spring_security_logout will destroy the session. 而且Spring Security的注销功能与会话有关,因此j_spring_security_logout将破坏会话。

Now depending upon how you are determining someone is considered logged out you can choose in between them. 现在,根据您确定某人被认为已注销的方式,您可以在他们之间进行选择。

You may wanna go through this article : 您可能想阅读这篇文章:

http://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Google App Engine上的UserService问题 - Problems with UserService on google app engine Google App Engine上的Spring security openid - Spring security openid on Google App Engine UserService.getCurrentUser()在Google App Engine上返回null - UserService.getCurrentUser() returns null on Google App Engine Google App Engine-Spring安全性问题(java.security.AccessControlException) - Google App Engine - Spring Security Issue (java.security.AccessControlException) App Engine中的UserService,OAuth和AJAX - UserService, OAuth, and AJAX in App Engine 403重定向错误-Spring Google App Engine安全 - 403 Redirect Error - Spring Google App Engine Security Google App Engine + Spring +域对象实例安全性 - Google App Engine + Spring + Domain Object Instance Security 通过spring security(angularjs)获取登录用户的正确方法是什么 - What is the correct way to get the logged user via spring security (angularjs) 登录后如何使用Java在应用引擎上保留查询字符串(使用Google的`userService`)? - How to preserve a Query String after Login(using Google's `userService`) on app engine using Java? Google App Engine中的安全性错误 - Security Error in google app Engine
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM