[英]Spring + CAS Redirect to login page after logout
I'm using Spring(3.2.8) + CAS (4.0.0) and I'd like to redirect to the login page after logout (instead of displaying the logout confirm page). 我使用的是Spring(3.2.8)+ CAS(4.0.0),我想在注销后重定向到登录页面(而不是显示注销确认页面)。
I tried to add cas.logout.followServiceRedirects=true
in my cas.properties but nothing happens. 我尝试添加
cas.logout.followServiceRedirects=true
在我的cas.properties但没有任何反应。
On the client-side when a User wants to logout, he accesses: APP_URL/j_spring_cas_security_logout 在客户端上,当用户要注销时,他访问: APP_URL / j_spring_cas_security_logout
My logout-webflow.xml looks like: 我的logout-webflow.xml看起来像:
<flow xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.springframework.org/schema/webflow"
xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd">
<action-state id="terminateSession">
<on-entry>
<evaluate expression="cryptoServerLogoutInterceptor.terminateCryptoSession(flowRequestContext)"/>
</on-entry>
<evaluate expression="terminateSessionAction.terminate(flowRequestContext)"/>
<transition to="doLogout"/>
</action-state>
<action-state id="doLogout">
<evaluate expression="logoutAction"/>
<transition on="finish" to="finishLogout"/>
<transition on="front" to="frontLogout"/>
</action-state>
<action-state id="frontLogout">
<evaluate expression="frontChannelLogoutAction"/>
<transition on="finish" to="finishLogout"/>
<transition on="redirectApp" to="redirectToFrontApp"/>
</action-state>
<view-state id="redirectToFrontApp"
view="externalRedirect:#{currentEvent.attributes.logoutUrl}&RelayState=#{flowExecutionContext.key}">
<transition on="next" to="frontLogout"/>
</view-state>
<decision-state id="finishLogout">
<if test="flowScope.logoutRedirectUrl != null" then="redirectView" else="logoutView"/>
</decision-state>
<end-state id="redirectView" view="externalRedirect:#{flowScope.logoutRedirectUrl}"/>
<view-state id="logoutView" view="casLogoutView"/>
On the other way when a User accesses the app without being authenticated , he is redirected to: CAS_URL/login?service=APP_URL%2Fj_spring_cas_security_check 另一方面,当用户未经身份验证访问应用程序时,会将其重定向到: CAS_URL / login?service = APP_URL%2Fj_spring_cas_security_check
So I will probably need to add/keep somewhere: service=APP_URL 因此,我可能需要在以下位置添加/保留: service = APP_URL
Thx for helping. 感谢帮助。
EDIT 编辑
When I try: 当我尝试:
<end-state id="logoutView" view="flowRedirect:login"/>
I end up to: 我最终得出:
This webpage has a redirect loop
此网页有重定向循环
ERR_TOO_MANY_REDIRECTS
ERR_TOO_MANY_REDIRECTS
but it works with: 但它适用于:
<end-state id="logoutView" view="externalRedirect:contextRelative:login"/>
As you told cas.logout.followServiceRedirects=true
is not enough. 正如您告诉
cas.logout.followServiceRedirects=true
那样还不够。 Because you should define the service that it should redirect after logout: 因为您应该定义退出后重定向的服务,所以:
<bean id="requestSingleLogoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-arg
value="${cas.server.address}/logout?service=${cas.server.address}" />
<constructor-arg>
<bean
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
</constructor-arg>
<property name="filterProcessesUrl" value="/j_spring_cas_security_logout" />
</bean>
And you should add this filter to springSecurityFilterChain
: 并且您应该将此过滤器添加到
springSecurityFilterChain
:
<sec:filter-chain pattern="/j_spring_cas_security_logout*"
filters="requestSingleLogoutFilter" />
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.