Spring Security Logout When CSRF Enabled


Custom Logout and Logout Success URL:

  <logout logout-url="/logout"

Note: /logout url is used by Spring Security. This url doesn't refer to any .jsp pages, so you can set any value.

index.jsp page:

<c:url var="logoutUrl" value="/problemSolution/logout"/>
<form action="${logoutUrl}" id="logout" method="post">
    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
<a href="#" onclick="document.getElementById('logout').submit();">Logout</a>

© 2019 All rights reserved. Codesenior.COM