mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-05-30 00:32:14 +00:00
Add Spring MVC Links
Issue gh-13062
This commit is contained in:
parent
c79f04cd11
commit
3f6f01ce20
@ -76,7 +76,7 @@ http {
|
||||
and no authorization changes are necessary since it simply adjusts the `LogoutFilter`.
|
||||
|
||||
[[permit-logout-endpoints]]
|
||||
However, if you stand up your own logout success endpoint (or in a rare case, <<creating-custom-logout-endpoint, your own logout endpoint>>), say using Spring MVC, you will need permit it in Spring Security.
|
||||
However, if you stand up your own logout success endpoint (or in a rare case, <<creating-custom-logout-endpoint, your own logout endpoint>>), say using {spring-framework-reference-url}web.html#spring-web[Spring MVC], you will need permit it in Spring Security.
|
||||
This is because Spring MVC processes your request after Spring Security does.
|
||||
|
||||
You can do this using `authorizeHttpRequests` or `<intercept-url>` like so:
|
||||
@ -327,7 +327,7 @@ Since {security-api-url}org/springframework/security/web/authentication/logout/L
|
||||
It is strongly recommended that you use the provided `logout` DSL to configure logout.
|
||||
One reason is that its easy to forget to call the needed Spring Security components to ensure a proper and complete logout.
|
||||
|
||||
In fact, it is often simpler to <<add-logout-handler, register a custom `LogoutHandler`>> than create a Spring MVC endpoint for performing logout.
|
||||
In fact, it is often simpler to <<add-logout-handler, register a custom `LogoutHandler`>> than create a {spring-framework-reference-url}web.html#spring-web[Spring MVC] endpoint for performing logout.
|
||||
|
||||
That said, if you find yourself in a circumstance where a custom logout endpoint is needed, like the following one:
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user