Class SecurityContextLogoutHandler

    • Field Detail

      • logger

        protected final org.apache.commons.logging.Log logger
    • Constructor Detail

      • SecurityContextLogoutHandler

        public SecurityContextLogoutHandler()
    • Method Detail

      • logout

        public void logout​(javax.servlet.http.HttpServletRequest request,
                           javax.servlet.http.HttpServletResponse response,
                           Authentication authentication)
        Requires the request to be passed in.
        Specified by:
        logout in interface LogoutHandler
        request - from which to obtain a HTTP session (cannot be null)
        response - not used (can be null)
        authentication - not used (can be null)
      • isInvalidateHttpSession

        public boolean isInvalidateHttpSession()
      • setInvalidateHttpSession

        public void setInvalidateHttpSession​(boolean invalidateHttpSession)
        Causes the HttpSession to be invalidated when this LogoutHandler is invoked. Defaults to true.
        invalidateHttpSession - true if you wish the session to be invalidated (default) or false if it should not be.
      • setClearAuthentication

        public void setClearAuthentication​(boolean clearAuthentication)
        If true, removes the Authentication from the SecurityContext to prevent issues with concurrent requests.
        clearAuthentication - true if you wish to clear the Authentication from the SecurityContext (default) or false if the Authentication should not be removed.