我正在使用教程来描述如何使用Spring Boot,Spring Security和AngularJS编写简单的单页应用程序:https://spring.io/guides/tutorials/spring-security-and-angular-js/
我无法注销当前登录的用户 – 当我执行POST请求到“/ logout”时,我得到“404 not found” – 来自Google Chrome调试器的屏幕:
为什么要GET?我进行了POST.为什么“/ login?logout”,而不是“/ logout”?以下是用户单击注销按钮时调用的代码:
$scope.logout = function() {
$http.post('logout',{}).success(function() {
$rootScope.authenticated = false;
$location.path("/");
}).error(function(data) {
console.log("Logout failed")
$rootScope.authenticated = false;
});
}
春天代码:
@SpringBootApplication
@RestController
public class UiApplication {
@RequestMapping("/user")
public Principal user(Principal user) {
return user;
}
@RequestMapping("/resource")
public Map整个AngularJS代码:
angular.module('hello',[ 'ngRoute' ]).config(function($routeProvider,$httpProvider) {
$routeProvider
.when('/',{templateUrl : 'home.html',controller : 'home' })
.when('/login',{ templateUrl : 'login.html',controller : 'navigation' })
.otherwise('/');
$httpProvider.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
}).controller('navigation',function($rootScope,$scope,$http,$location,$route) {
$scope.tab = function(route) {
return $route.current && route === $route.current.controller;
};
var authenticate = function(credentials,callback) {
var headers = credentials ? {
authorization : "Basic "
+ btoa(credentials.username + ":"
+ credentials.password)
} : {};
$http.get('user',{
headers : headers
}).success(function(data) {
if (data.name) {
$rootScope.authenticated = true;
} else {
$rootScope.authenticated = false;
}
callback && callback($rootScope.authenticated);
}).error(function() {
$rootScope.authenticated = false;
callback && callback(false);
});
}
authenticate();
$scope.credentials = {};
$scope.login = function() {
authenticate($scope.credentials,function(authenticated) {
if (authenticated) {
console.log("Login succeeded")
$location.path("/");
$scope.error = false;
$rootScope.authenticated = true;
} else {
console.log("Login failed")
$location.path("/login");
$scope.error = true;
$rootScope.authenticated = false;
}
})
};
$scope.logout = function() {
$http.post('logout',{}).success(function() {
$rootScope.authenticated = false;
$location.path("/");
}).error(function(data) {
console.log("Logout failed")
$rootScope.authenticated = false;
});
}
}).controller('home',function($scope,$http) {
$http.get('/resource/').success(function(data) {
$scope.greeting = data; }) });
我是春天的新手.这是教程中的全部代码 – 也不起作用:
https://github.com/dsyer/spring-security-angular/tree/master/single
最佳答案
实际上你需要的只是添加一个注销成功处理程序
@Component
public class LogoutSuccess implements LogoutSuccessHandler {
@Override
public void onLogoutSuccess(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,Authentication authentication)
throws IOException,ServletException {
if (authentication != null && authentication.getDetails() != null) {
try {
httpServletRequest.getSession().invalidate();
// you can add more codes here when the user successfully logs
// out,// such as updating the database for last active.
} catch (Exception e) {
e.printStackTrace();
e = null;
}
}
httpServletResponse.setStatus(HttpServletResponse.SC_OK);
}
}
并在安全配置中添加成功处理程序
http.authorizeRequests().anyRequest().authenticated().and().logout().logoutSuccessHandler(logoutSuccess).deleteCookies("JSESSIONID").invalidateHttpSession(false).permitAll();
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。