英文:
Springboot Custom logout controller returns response 204
问题
我编写了以下控制器以注销用户:
@RestController
@RequestMapping("/auth/api/access/login/")
public class SignoutController implements LogoutHandler
{
@GetMapping("signout")
public ResponseEntity<String> viewlogout(HttpServletRequest request, HttpServletResponse response)
{
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
this.logout(request, response, authentication);
return new ResponseEntity<>("signed-out", HttpStatus.OK);
}
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
{
if (authentication != null)
{
new SecurityContextLogoutHandler().logout(request, response, authentication);
}
}
}
在使用 PostMan 测试该函数后,我获得了"204 no content"作为响应。
编辑:根据回答#1的建议尝试后,我从控制器中删除了HttpServletResponse。我还尝试在logout方法内设置响应。
@RestController
@RequestMapping("/auth/api/access/login/")
public class SignoutController implements LogoutHandler
{
@GetMapping("signout")
public ResponseEntity<String> viewlogout(HttpServletRequest request)
{
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
this.logout(request, null, authentication);
return new ResponseEntity<>("signed-out", HttpStatus.OK);
}
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
{
if (authentication != null)
{
new SecurityContextLogoutHandler().logout(request, response, authentication);
}
}
}
英文:
I writed the following controller to logut a user:
@RestController
@RequestMapping("/auth/api/access/login/")
public class SignoutController implements LogoutHandler
{
@GetMapping("signout")
public ResponseEntity<String> viewlogout(HttpServletRequest request, HttpServletResponse response)
{
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
this.logout(request, response, authentication);
return new ResponseEntity<>("signed-out", HttpStatus.OK);
}
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
{
if (authentication != null)
{
new SecurityContextLogoutHandler().logout(request, response, authentication);
}
}
}
Testing the function with PostMan I obtain as response "204 no content".
Edit. Attempt after suggestion of answer #1. I removed the HttpServeletResponse from controller.I also tried to set the response within the logout method.
@RestController
@RequestMapping("/auth/api/access/login/")
public class SignoutController implements LogoutHandler
{
@GetMapping("signout")
public ResponseEntity<String> viewlogout(HttpServletRequest request)
{
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
this.logout(request, null, authentication);
return new ResponseEntity<>("signed-out", HttpStatus.OK);
}
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
{
if (authentication != null)
{
new SecurityContextLogoutHandler().logout(request, response, authentication);
}
}
}
答案1
得分: 1
我相信通过传递 HttpServletResponse response,Spring 将其用作您的响应,而不是返回值。
我建议要么:
- 手动设置状态代码:
response.setStatusCode(HttpStatusCode.OK) - 或者从方法签名中移除
HttpServletResponse,并只传递null到安全上下文.logout(request, null, authentication)。
英文:
I believe that by passing in HttpServletResponse response Spring uses that as your response, instead of the return value.
I would suggest either:
- Set the status code manually:
response.setStatusCode(HttpStatusCode.OK) - Or remove the
HttpServletResponsefrom the method signature and only pass innullto the security context.logout(request, null, authentication).
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论