java.lang.Object

org.springframework.security.web.csrf.CsrfLogoutHandler

All Implemented Interfaces:: LogoutHandler

public final class CsrfLogoutHandler extends Object implements LogoutHandler

CsrfLogoutHandler is in charge of removing the CsrfToken upon logout. A new CsrfToken will then be generated by the framework upon the next request.

Since:: 3.2

Constructor Summary

Constructors

Constructor

Description

CsrfLogoutHandler(CsrfTokenRepository csrfTokenRepository)

Creates a new instance
Method Summary

Modifier and Type

Method

Description

void

logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Authentication authentication)

Clears the CsrfToken

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- CsrfLogoutHandler
  
  public CsrfLogoutHandler(CsrfTokenRepository csrfTokenRepository)
  
  Creates a new instance
  
  Parameters:
  
  csrfTokenRepository - the CsrfTokenRepository to use
Method Details
- logout
  
  public void logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Authentication authentication)
  
  Clears the CsrfToken
  Specified by:
  
  logout in interface LogoutHandler
  
  Parameters:
  
  request - the HTTP request
  
  response - the HTTP response
  
  authentication - the current principal details
  
  See Also:
  
  LogoutHandler.logout(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication)

Class CsrfLogoutHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

CsrfLogoutHandler

Method Details

logout