View Forum Topic

Forums
CS520
To pass parameter at the time of logout in spring security

Author	Message
cshah6 Posts: 19	Posted 10:25 May 31, 2014 \| Hello Professor, I want to pass two request parameters at the time of click on logout button in spring security. I want to do like below line : <a href="j_spring_security_logout?m=NewGame&type=FirstTime">Logout</a> How can I do it?
cysun Posts: 2935	Posted 10:42 May 31, 2014 \| You should be able to do it. On the client side just use the link with the request parameters. On the server side you can create a logout success handler (see AfterLogoutHandler.java and applicationContext.xml in the Who's Online example). This handler will be called automatically after a user logs out. In the handler you have access to `request` and `authentication`. You can use request.getParameter() to get the request parameters, and authentication.getPrincipal().getUsername() to get the username.
cysun Posts: 2935	Posted 10:45 May 31, 2014 \| BTW, because implementing 2-player game is already fairly complex, you don't need to worry about some special cases, including the case where a user logs out in the middle of a game.
cshah6 Posts: 19	Posted 10:52 May 31, 2014 \| So Is it ok that I will put the springsecurity logout only there where I havn't used request parameters and not the place where I have passed the request parameter [for ex middle of game ] ?
cysun Posts: 2935	Posted 11:02 May 31, 2014 \| cshah6 wrote: So Is it ok that I will put the springsecurity logout only there where I havn't used request parameters and not the place where I have passed the request parameter [for ex middle of game ] ? I don't understand the question.
hhuang30 Posts: 40	Posted 11:07 May 31, 2014 \| what I did is leads the user to another url , for example, "mylogout.html?parameter=.....", and then some process with these parameters in this mapping method, then at the end of this method, return "redirect:/j_spring_security_logout" using spring security logout funtion to do logout Is that Ok to do like this?
cysun Posts: 2935	Posted 11:09 May 31, 2014 \| hhuang30 wrote: what I did is leads the user to another url , for example, "mylogout.html?parameter=.....", and then some process with these parameters in this mapping method, then at the end of this method, return "redirect:/j_spring_security_logout" using spring security logout funtion to do logout Is that Ok to do like this? I guess you created your own pre-logout handler instead of using a post-logout handler. Looks fine to me.
cshah6 Posts: 19	Posted 11:10 May 31, 2014 \| case 1 : login -> Game Home page -> click Logout [I am not passing any request parameter ] case 2 : Login -> Game Home -> play Game with AI -> start the game -> Click logout [I am using request parameter for identify interrupt and game type] so my question is that Is it ok that I only use Spring Security logout (j_spring_security_logout) in case 1 and not use spring security in case 2 ?
cysun Posts: 2935	Posted 11:14 May 31, 2014 \| cshah6 wrote: case 1 : login -> Game Home page -> click Logout [I am not passing any request parameter ] case 2 : Login -> Game Home -> play Game with AI -> start the game -> Click logout [I am using request parameter for identify interrupt and game type] so my question is that Is it ok that I only use Spring Security logout (j_spring_security_logout) in case 1 and not use spring security in case 2 ? You can still use Spring Security for case 2 as I described. If you want to do what hhuang30 did, that's fine too.