首頁 探索 說明
註冊 登入
github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security
2
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

Apply DefaultLoginPageConfigurer before logout

If they are not applied in this order, then the LogoutConfigurer cannot
set the logoutSuccessUrl, because the DefaultLoginPageGeneratingFilter
does not exist yet.
This impacts users that inject the default HttpSecurity bean.

Closes gh-9973
Eleftheria Stein 4 年之前
父節點
5137a653ff
當前提交
e313e6b89a
共有 2 個文件被更改,包括 13 次插入1 次删除
分割檢視 顯示文件統計
  1. 1 1
      config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
  2. 12 0
      config/src/test/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfigurationTests.java

+ 1 - 1
config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
查看文件 

@@ -94,8 +94,8 @@ class HttpSecurityConfiguration {
 
 			.requestCache(withDefaults())
 
 			.anonymous(withDefaults())
 
 			.servletApi(withDefaults())
 
-			.logout(withDefaults())
 
 			.apply(new DefaultLoginPageConfigurer<>());
 
+		http.logout(withDefaults());
 
 		// @formatter:on
 
 		return http;
 
 	}

+ 12 - 0
config/src/test/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfigurationTests.java
查看文件 

@@ -187,6 +187,18 @@ public class HttpSecurityConfigurationTests {
 
 		this.mockMvc.perform(get("/login")).andExpect(status().isOk());
 
 	}
 
 
+	@Test
 
+	public void loginWhenUsingDefaultsThenDefaultLoginFailurePageGenerated() throws Exception {
 
+		this.spring.register(SecurityEnabledConfig.class).autowire();
 
+		this.mockMvc.perform(get("/login?error")).andExpect(status().isOk());
 
+	}
 
+
 
+	@Test
 
+	public void loginWhenUsingDefaultsThenDefaultLogoutSuccessPageGenerated() throws Exception {
 
+		this.spring.register(SecurityEnabledConfig.class).autowire();
 
+		this.mockMvc.perform(get("/login?logout")).andExpect(status().isOk());
 
+	}
 
+
 
 	@RestController
 
 	static class NameController {