Package org.springframework.security.config.web.server

Class ServerHttpSecurity.LogoutSpec

java.lang.Object

org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec

Enclosing class:

ServerHttpSecurity

public final class ServerHttpSecurity.LogoutSpec
extends Object

Configures log out

Since:

5.0

See Also:

• ServerHttpSecurity.logout()

Method Summary

Modifier and Type	Method	Description
ServerHttpSecurity	and()	Deprecated, for removal: This API element is subject to removal in a future version. For removal in 7.0.
protected void	configure(ServerHttpSecurity http)
ServerHttpSecurity	disable()	Disables log out
ServerHttpSecurity.LogoutSpec	logoutHandler(ServerLogoutHandler logoutHandler)	Configures the logout handler.
ServerHttpSecurity.LogoutSpec	logoutSuccessHandler(ServerLogoutSuccessHandler handler)
ServerHttpSecurity.LogoutSpec	logoutUrl(String logoutUrl)	Configures what URL a POST to will trigger a log out.
ServerHttpSecurity.LogoutSpec	requiresLogout(ServerWebExchangeMatcher requiresLogout)	Configures when the log out will be triggered.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

logoutHandler

public ServerHttpSecurity.LogoutSpec logoutHandler(ServerLogoutHandler logoutHandler)

Configures the logout handler. Default is SecurityContextServerLogoutHandler

Parameters:

logoutHandler -

Returns:

the ServerHttpSecurity.LogoutSpec to configure

logoutUrl

public ServerHttpSecurity.LogoutSpec logoutUrl(String logoutUrl)

Configures what URL a POST to will trigger a log out.

Parameters:

logoutUrl - the url to trigger a log out (i.e. "/signout" would mean a POST to "/signout" would trigger log out)

Returns:

the ServerHttpSecurity.LogoutSpec to configure

requiresLogout

public ServerHttpSecurity.LogoutSpec requiresLogout(ServerWebExchangeMatcher requiresLogout)

Configures when the log out will be triggered.

Parameters:

requiresLogout - the matcher to determine when log out is triggered

Returns:

the ServerHttpSecurity.LogoutSpec to configure

logoutSuccessHandler

public ServerHttpSecurity.LogoutSpec logoutSuccessHandler(ServerLogoutSuccessHandler handler)

and

@Deprecated(since="6.1",
            forRemoval=true)
public ServerHttpSecurity and()

Deprecated, for removal: This API element is subject to removal in a future version.

For removal in 7.0. Use ServerHttpSecurity.logout(Customizer) or logout(Customizer.withDefaults()) to stick with defaults. See the documentation for more details.

Allows method chaining to continue configuring the ServerHttpSecurity

Returns:

the ServerHttpSecurity to continue configuring

disable

public ServerHttpSecurity disable()

Disables log out

Returns:

the ServerHttpSecurity to continue configuring

configure

protected void configure(ServerHttpSecurity http)