I cant logout with spring boot

Question

I am facing a issue with spring boot logout.

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .defaultSuccessUrl("/", true)
            .permitAll()
            .and()
            .httpBasic();

    // Logout
    http.logout().deleteCookies("remove")
            .invalidateHttpSession(false)
            .logoutUrl("/logout").permitAll()
            .logoutSuccessUrl("/login").permitAll();

}

After login, if I try to access 'http://localhost:8080/logout', it fails with:

Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback.

Mon Jan 04 17:40:21 BRT 2021 There was an unexpected error (type=Not Found, status=404). No message available

--Edit Attempting now to access logout via POST, causes error 403 and sometimes 401.

Javascript:

function logout() {
    $.post("/logout", {});
}

HTML:

<li class="nav-item">
    <a href="javascript:logout()" class="nav-link">Sair</a>
</li>

please post your debug logs – Toerktumlare Jan 04 '21 at 21:12 — Toerktumlare, Jan 04 '21 at 21:12

score 1 · Answer 1 · answered Jan 04 '21 at 22:10

Since you are using HTTP Basic, try clearing the browser history. Another alternative is to use a incognito mode.

The reason is that HTTP Basic does not have an effective way of logging out. It will persist until you close the window or clear your browser cache.

It is less of a problem with Spring, more of a problem in how HTTP Basic works.

Related question about Basic Auth. How to log out user from web site using BASIC authentication?

I cant logout with spring boot

1 Answers1