java.lang.Object

org.springframework.security.web.csrf.CsrfLogoutHandler

All Implemented Interfaces:: LogoutHandler

public final class CsrfLogoutHandler extends Object implements LogoutHandler

CsrfLogoutHandler is in charge of removing the CsrfToken upon logout. A new CsrfToken will then be generated by the framework upon the next request.

Since:: 3.2

Constructor Summary

Constructors

Constructor

Description

CsrfLogoutHandler(CsrfTokenRepository csrfTokenRepository)

Creates a new instance
Method Summary

Modifier and Type

Method

Description

void

logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, @Nullable Authentication authentication)

Clears the CsrfToken

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- CsrfLogoutHandler
  
  public CsrfLogoutHandler(CsrfTokenRepository csrfTokenRepository)
  
  Creates a new instance
  
  Parameters:
  
  csrfTokenRepository - the CsrfTokenRepository to use
Method Details
- logout
  
  public void logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, @Nullable Authentication authentication)
  
  Clears the CsrfToken
  Specified by:
  
  logout in interface LogoutHandler
  
  Parameters:
  
  request - the HTTP request
  
  response - the HTTP response
  
  authentication - the current principal details
  
  See Also:
  
  LogoutHandler.logout(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication)

Class CsrfLogoutHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

CsrfLogoutHandler

Method Details

logout