File tree Expand file tree Collapse file tree 2 files changed +8
-2
lines changed
samples/xml/openid/src/main/webapp Expand file tree Collapse file tree 2 files changed +8
-2
lines changed Original file line number Diff line number Diff line change 16
16
<intercept-url pattern =" /css/*" access =" permitAll" />
17
17
<intercept-url pattern =" /js/*" access =" permitAll" />
18
18
<intercept-url pattern =" /**" access =" authenticated" />
19
- <logout />
19
+ <logout logout-success-url = " / " />
20
20
<openid-login login-page =" /openidlogin.jsp" user-service-ref =" registeringUserService"
21
21
authentication-failure-url=" /openidlogin.jsp?login_error=true" >
22
22
<attribute-exchange identifier-match =" https://www.google.com/.*" >
Original file line number Diff line number Diff line change
1
+ <%@ page import =" org.springframework.security.web.csrf.CsrfToken" %>
1
2
<%@ taglib prefix =" c" uri =" http://java.sun.com/jsp/jstl/core" %>
2
3
<%@ taglib prefix =" sec" uri =" http://www.springframework.org/security/tags" %>
3
4
@@ -27,6 +28,11 @@ by the application and will be recognized if you return.
27
28
<p >
28
29
Your principal object is....: <%= request. getUserPrincipal() % >
29
30
</p >
30
- <p ><a href =" logout" >Logout</a >
31
+ <% CsrfToken token = (CsrfToken ) request. getAttribute(CsrfToken . class. getName()); % >
32
+ <form id =" logout" method =" post" action =" logout" >
33
+ <input type =" hidden" name =" <%= token. getParameterName() % >"
34
+ value =" <%= token. getToken() % >" />
35
+ </form >
36
+ <p ><a href =" #" onclick =" document.forms[0].submit()" >Logout</a ></p >
31
37
</body >
32
38
</html >
You can’t perform that action at this time.
0 commit comments