Grails Spring Security plugin: logout not working

3
votes

I just add the spring-security-plugin to my grails project. everything looks working fine. but when I try to logout the app shows me the logout message, however the application is still logged-in!

My Config files is the following:

// Added by the Spring Security Core plugin:
grails.plugins.springsecurity.useBasicAuth = true
grails.plugins.springsecurity.userLookup.userDomainClassName = 'malibu.server.User'
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'malibu.server.UserRole'
grails.plugins.springsecurity.authority.className = 'malibu.server.Role'

cheers

2
grailsspring-securitygrails-pluginbasic-authentication

2 Answers

6
votes

Since you're using Basic auth, your browser must be caching your credentials and logging you back in.

4
votes

Just session.invalidate() before redirect.

class LogoutController {
    /**
     * Index action. Redirects to the Spring security logout uri.
     */
    def index = {
            session.invalidate()
            redirect [whatever]
    }
}