Jan 18th, 2011, 12:28 AM
Lout Url interception not happening.
I wrote a servlet(filter) which should intercept logout url and audit the messag in database. but spring is ignoring logout but intercepting all other urls.
this is my config.(i have removed other tags just to avoid consudtion)
<security:http auto-config="true" >
<security:custom-filter position="LOGOUT_FILTER" ref="ifmLogoutFilter"/>
i am agetting following error because of (http auto-config="true" ), but i want to user auto config to tue;
basically my queation is , how would i intercept logout url and audit the message in db.
Context initialization failed org.springframework.beans.factory.parsing.BeanDefi nitionParsingException: Configuration problem: Failed to import bean definitions from relative location [./wap-security.xml]
Offending resource: ServletContext resource [/WEB-INF/classes/wap-rs.xml]; nested exception is org.springframework.beans.factory.parsing.BeanDefi nitionParsingException: Configuration problem: Filter beans '<ifmLogoutFilter>' and 'Root bean: class [org.springframework.security.web.authentication.lo gout.LogoutFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null' have the same 'order' value. When using custom filters, please make sure the positions do not conflict with default filters. Alternatively you can disable the default filters by removing the corresponding child elements from <http> and avoiding the use of <http auto-config='true'>.
Jan 18th, 2011, 07:15 AM
Well, you can't or you will get the error you have here. It automatically adds a logout filter so if you want to use a custom one instead then you will need to remove the auto-config.
Originally Posted by email@example.com
Why do you want to use it? Since 3.0, it doesn't do a great deal anyway. I'd recommend not using it at all and just using adding the additional configuration (e.g. form-login) explicitly.