|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B> org.springframework.security.config.annotation.web.configurers.LogoutConfigurer<H>
public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
Adds logout support. Other SecurityConfigurer
instances may invoke
addLogoutHandler(LogoutHandler)
in the
#init(HttpSecurity)
phase.
RememberMeConfigurer
Constructor Summary | |
---|---|
LogoutConfigurer()
Creates a new instance |
Method Summary | |
---|---|
LogoutConfigurer<H> |
addLogoutHandler(LogoutHandler logoutHandler)
Adds a LogoutHandler . |
void |
configure(H http)
Configure the SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
LogoutConfigurer<H> |
deleteCookies(String... cookieNamesToClear)
Allows specifying the names of cookies to be removed on logout success. |
B |
disable()
Disables the AbstractHttpConfigurer by removing it. |
void |
init(H http)
Initialize the SecurityBuilder . |
LogoutConfigurer<H> |
invalidateHttpSession(boolean invalidateHttpSession)
Configures SecurityContextLogoutHandler to invalidate the HttpSession at the time of logout. |
LogoutConfigurer<H> |
logoutRequestMatcher(RequestMatcher logoutRequestMatcher)
The RequestMatcher that triggers logout to occur on HTTP POST. |
LogoutConfigurer<H> |
logoutSuccessHandler(LogoutSuccessHandler logoutSuccessHandler)
Sets the LogoutSuccessHandler to use. |
LogoutConfigurer<H> |
logoutSuccessUrl(String logoutSuccessUrl)
The URL to redirect to after logout has occurred. |
LogoutConfigurer<H> |
logoutUrl(String logoutUrl)
The URL that triggers logout to occur on HTTP POST. |
LogoutConfigurer<H> |
permitAll()
A shortcut for permitAll(boolean) with true as an argument. |
LogoutConfigurer<H> |
permitAll(boolean permitAll)
Grants access to the logoutSuccessUrl(String) and the logoutUrl(String) for every user. |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter |
---|
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public LogoutConfigurer()
HttpSecurity.logout()
Method Detail |
---|
public LogoutConfigurer<H> addLogoutHandler(LogoutHandler logoutHandler)
LogoutHandler
. The SecurityContextLogoutHandler
is
added as the last LogoutHandler
by default.
logoutHandler
- the LogoutHandler
to add
LogoutConfigurer
for further customizationpublic LogoutConfigurer<H> invalidateHttpSession(boolean invalidateHttpSession)
SecurityContextLogoutHandler
to invalidate the HttpSession
at the time of logout.
invalidateHttpSession
- true if the HttpSession
should be invalidated (default), or false otherwise.
LogoutConfigurer
for further customizationpublic LogoutConfigurer<H> logoutUrl(String logoutUrl)
logoutUrl
- the URL that will invoke logout.
LogoutConfigurer
for further customizationpublic LogoutConfigurer<H> logoutRequestMatcher(RequestMatcher logoutRequestMatcher)
logoutRequestMatcher
- the RequestMatcher used to determine if logout should occur.
LogoutConfigurer
for further customizationpublic LogoutConfigurer<H> logoutSuccessUrl(String logoutSuccessUrl)
logoutSuccessHandler(LogoutSuccessHandler)
with a
SimpleUrlLogoutSuccessHandler
.
logoutSuccessUrl
- the URL to redirect to after logout occurred
LogoutConfigurer
for further customizationpublic LogoutConfigurer<H> permitAll()
permitAll(boolean)
with true
as an argument.
LogoutConfigurer
for further customizationspublic LogoutConfigurer<H> deleteCookies(String... cookieNamesToClear)
addLogoutHandler(LogoutHandler)
with a
CookieClearingLogoutHandler
.
cookieNamesToClear
- the names of cookies to be removed on logout success.
LogoutConfigurer
for further customizationpublic LogoutConfigurer<H> logoutSuccessHandler(LogoutSuccessHandler logoutSuccessHandler)
LogoutSuccessHandler
to use. If this is specified,
logoutSuccessUrl(String)
is ignored.
logoutSuccessHandler
- the LogoutSuccessHandler
to use after a user has been
logged out.
LogoutConfigurer
for further customizationspublic LogoutConfigurer<H> permitAll(boolean permitAll)
logoutSuccessUrl(String)
and the logoutUrl(String)
for every user.
permitAll
- if true grants access, else nothing is done
LogoutConfigurer
for further customization.public void init(H http) throws Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be
created and modified, but not properties on the SecurityBuilder
used for building the object. This ensures that the
SecurityConfigurer.configure(SecurityBuilder)
method uses the correct shared
objects when building.
init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
public void configure(H http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.
configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
public B disable()
AbstractHttpConfigurer
by removing it. After doing
so a fresh version of the configuration can be applied.
HttpSecurityBuilder
for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |