Immediate signing in after logout causes redirection to home page
I have a common login and logout screen. When i logout after signing in... I come to signin page. Default behavior of spring security invalidates the session on logout so if i try to sign-in using the same screen, i get redirected to home page as there is no session available at that point. The desired behavior should be able to sign-in immediately after sign-out, which is not happening due to session invalidation
If you refer to the xml, you will see /secured/user/sign-in is used for both sign-in and sign-outCode:<http use-expressions="true" access-denied-page="/access-denied"> <intercept-url pattern="/secured/user/sign-up" access="hasAnyRole('ROLE_USER','ROLE_ANONYMOUS')" /> <intercept-url pattern="/secured/user/sign-in" access="hasRole('ROLE_ANONYMOUS')" /> <intercept-url pattern="/secured/**" requires-channel="https" /> <intercept-url pattern="/user/dashboard/**" access="hasAnyRole('ROLE_IC')" /> <intercept-url pattern="/**" access="permitAll" requires-channel="http" /> <form-login login-page="/secured/user/sign-in" authentication-success-handler-ref="authenticationSuccessHandler" authentication-failure-url="/secured/user/sign-in" /> <logout logout-success-url="/secured/user/sign-in?loggedout=true" logout-url="/secured/logout"/> <security:session-management session-fixation-protection="none"> </security:session-management> </http>
How can I handle this issue ?
Reply With Quote
