问题描述
以下配置代码不适用于注销。注销后我仍然可以访问受限制的网址。
@Autowired ClientRegistrationRepository clientRegistrationRepository;
OidcclientinitiatedlogoutSuccessHandler oidclogoutSuccessHandler() {
OidcclientinitiatedlogoutSuccessHandler successHandler = new OidcclientinitiatedlogoutSuccessHandler(clientRegistrationRepository);
//successHandler.setPostlogoutRedirectUri(URI.create("http://localhost:8081/"));
successHandler.setPostlogoutRedirectUri("{baseUrl}");
return successHandler;
}
@Override
public void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.authorizeRequests()
.antMatchers("/","/error").permitAll()
.anyRequest().authenticated()
.and().logout().logoutSuccessHandler(oidclogoutSuccessHandler())
.and().logout().invalidateHttpSession(true) .clearauthentication(true).logoutSuccessUrl("/").deleteCookies("JSESSIONID").permitAll().and().csrf().csrftokenRepository(CookieCsrftokenRepository.withHttpOnlyFalse())
.and().oauth2Login()
.redirectionEndpoint()
.baseUri("/api/v1/oauth/callback");
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)