Grails Spring Security Plugin – Logout postOnly setting

I had a question come in about a setting in Spring Security so I thought I would take a quick minute and explain it in case anyone else also has the same question. There is a setting

‘grails.plugin.springsecurity.logout.postOnly = true’

that is true by default. If you look at the LogoutController’s index action this make a little more sense.

All this is saying is that to Logout we must have that request made in the form of a post. An easy way to do that is create a link to the logout controller (remember index is our default action).

If you try and just visit the URL http://localhost:8080/{your_context}/logout you can tell by the code that this should throw a 405 error, and it does.

Categories: Uncategorized

About The Author

My name is Dan Vega and I am a Software Developer based out of Cleveland OH. I love to play with new technologies and write about my experiences here. When I am not busy being a full time geek I love to lift heavy weights and hang out with friends and family. If you have any questions please don't hesitate to contact me.

Follow me on: