From 06d8a3f25ddc6b27618e679d052d1051aa71d177 Mon Sep 17 00:00:00 2001 From: Mirco Nasuti <mirco.nasuti@chuv.ch> Date: Mon, 23 May 2016 16:18:27 +0200 Subject: [PATCH] bugfix - same as last commit but this time should work --- src/main/java/org/hbp/mip/MIPApplication.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/hbp/mip/MIPApplication.java b/src/main/java/org/hbp/mip/MIPApplication.java index 25c00d025..5a00a3a7d 100644 --- a/src/main/java/org/hbp/mip/MIPApplication.java +++ b/src/main/java/org/hbp/mip/MIPApplication.java @@ -225,8 +225,8 @@ public class MIPApplication extends WebSecurityConfigurerAdapter { .anyRequest().authenticated() .and().exceptionHandling().authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint("/login/hbp")) .and().logout().logoutSuccessUrl("/login/hbp").permitAll() - .and().logout().permitAll() - .and().csrf().csrfTokenRepository(csrfTokenRepository()) + .and().logout().logoutUrl("/logout").permitAll() + .and().csrf().ignoringAntMatchers("/logout").csrfTokenRepository(csrfTokenRepository()) .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class) .addFilterBefore(hbpFilter, BasicAuthenticationFilter.class); } -- GitLab