org.springframework.security.web.csrf
Class CsrfLogoutHandler
java.lang.Object
org.springframework.security.web.csrf.CsrfLogoutHandler
- All Implemented Interfaces:
- LogoutHandler
public final class CsrfLogoutHandler
- extends Object
- implements LogoutHandler
CsrfLogoutHandler is in charge of removing the CsrfToken upon
logout. A new CsrfToken will then be generated by the framework upon
the next request.
- Since:
- 3.2
|
Method Summary |
void |
logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Authentication authentication)
Clears the CsrfToken |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
CsrfLogoutHandler
public CsrfLogoutHandler(CsrfTokenRepository csrfTokenRepository)
- Creates a new instance
- Parameters:
csrfTokenRepository - the CsrfTokenRepository to use
logout
public void logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Authentication authentication)
- Clears the
CsrfToken
- Specified by:
logout in interface LogoutHandler
- Parameters:
request - the HTTP requestresponse - the HTTP responseauthentication - the current principal details- See Also:
LogoutHandler.logout(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication)