@Override
protected void configure(HttpSecurity http) throws Exception {
SimpleUrlLogoutSuccessHandler redirectHandler = new SimpleUrlLogoutSuccessHandler();
redirectHandler.setTargetUrlParameter("redirect_uri");
// http://stackoverflow.com/questions/22886186/how-to-setup-access-control-allow-origin-filter-problematically-in-spring-securi
// @formatter:off
http.addFilterBefore(new CORSFilter(), ChannelProcessingFilter.class)
.csrf()
.ignoringAntMatchers("/logout")
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.logout()
.logoutSuccessHandler(redirectHandler)
.permitAll();
// @formatter:on
}
// Handler for successful logout
@Bean
public SimpleUrlLogoutSuccessHandler successLogoutHandler() {
SimpleUrlLogoutSuccessHandler successLogoutHandler = new SimpleUrlLogoutSuccessHandler();
successLogoutHandler.setDefaultTargetUrl("/");
return successLogoutHandler;
}
