org.springframework.security.web.authentication.logout
Class SecurityContextLogoutHandler
java.lang.Object
org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
- All Implemented Interfaces:
- LogoutHandler
public class SecurityContextLogoutHandler
- extends java.lang.Object
- implements LogoutHandler
Performs a logout by modifying the SecurityContextHolder
.
Will also invalidate the HttpSession
if isInvalidateHttpSession()
is true
and the
session is not null
.
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SecurityContextLogoutHandler
public SecurityContextLogoutHandler()
logout
public void logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Authentication authentication)
- Requires the request to be passed in.
- Specified by:
logout
in interface LogoutHandler
- Parameters:
request
- from which to obtain a HTTP session (cannot be null)response
- not used (can be null
)authentication
- not used (can be null
)
isInvalidateHttpSession
public boolean isInvalidateHttpSession()
setInvalidateHttpSession
public void setInvalidateHttpSession(boolean invalidateHttpSession)
- Causes the
HttpSession
to be invalidated when this LogoutHandler
is invoked. Defaults to true.
- Parameters:
invalidateHttpSession
- true if you wish the session to be invalidated (default) or false if it should
not be.