From 5790865dba3ccf2f8ab1cf83ff8bde129f1e7438 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A5=9E=E7=A0=81-=E6=96=B9=E6=99=93=E8=BE=89?= Date: Mon, 2 Feb 2026 09:22:55 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E7=A6=81=E7=94=A8=20Spring=20Security?= =?UTF-8?q?=20=E9=BB=98=E8=AE=A4=20logout=20=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在 SecurityConfig 中添加 .logout().disable() - 解决自定义 /logout 接口被 Security 拦截导致 302 重定向问题 - 现在可以正常调用 LoginController.logout() 返回 JSON --- .../main/java/com/pangu/framework/config/SecurityConfig.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pangu-framework/src/main/java/com/pangu/framework/config/SecurityConfig.java b/pangu-framework/src/main/java/com/pangu/framework/config/SecurityConfig.java index eaefb01..01e30d3 100644 --- a/pangu-framework/src/main/java/com/pangu/framework/config/SecurityConfig.java +++ b/pangu-framework/src/main/java/com/pangu/framework/config/SecurityConfig.java @@ -41,8 +41,10 @@ public class SecurityConfig { // 不创建 Session .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and() - // 开发阶段允许所有请求(后续添加 JWT 认证) + // 禁用默认的 logout 处理,使用自定义 Controller + .logout().disable() .authorizeRequests() + // 开发阶段允许所有请求(后续添加 JWT 认证) .anyRequest().permitAll(); return http.build();