I was wondering if someone could figure what am I doing wrong here:
I am using Spring MVC and Spring Security (3.1.0.RELEASE) with multiple http tag definitions:
<security:http use-expressions="true" authentication-manager-ref="supervisorAuthenticationManager" pattern="/supervisor/**">
<security:intercept-url pattern="/supervisor/maintenance/**" access="hasRole('supervisor')" />
<security:form-login login-page="/supervisor/login" login-processing-url="/supervisor/j_spring_security_check"
<security:logout logout-success-url="/supervisor/logout" />
<security:http use-expressions="true" authentication-manager-ref="clientAuthenticationManager">
<security:intercept-url pattern="/maintenance/**" access="hasRole('client')" />
<security:intercept-url pattern="/booking/**" access="hasRole('client')" />
<security:form-login login-page="/login" authentication-failure-url="/login?authfailed=true" default-target-url="/maintenance" />
<security:logout logout-success-url="/logout" />
the problem is with a logout
returns 404, while the root one
(used by the second definition below the one on top) works fine.
Now what makes me curious is that login for supervisor works as intended for example:
works fine (I have left out authentication provider definitions to minimise the clutter) so the setup is aware of the 'supervisor' portion, yet when it comes to logout, it cannot find it.
my web.xml only has one filter defined
Any ideas are welcome.