@Override public void logout( HttpServletRequest request, HttpServletResponse response, Authentication authentication) { RememberMeServices rms = rms(); if (rms instanceof LogoutHandler) { ((LogoutHandler) rms).logout(request, response, authentication); } }
public void doLogout( HttpServletRequest request, HttpServletResponse response, String... skipHandlerName) throws IOException, ServletException { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null) { List<LogoutHandler> logoutHandlers = calculateActiveLogoutHandlers(skipHandlerName); for (LogoutHandler h : logoutHandlers) { h.logout(request, response, authentication); } RememberMeServices rms = securityManager.getRememberMeService(); ((LogoutHandler) rms).logout(request, response, authentication); logoutHandler.logout(request, response, authentication); } String redirectUrl = (String) request.getAttribute(LOGOUT_REDIRECT_ATTR); if (StringUtils.hasLength(redirectUrl)) { SimpleUrlLogoutSuccessHandler h = new SimpleUrlLogoutSuccessHandler(); h.setDefaultTargetUrl(redirectUrl); h.onLogoutSuccess(request, response, authentication); return; } logoutSuccessHandler.onLogoutSuccess(request, response, authentication); }
@Override public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { for (LogoutHandler handler : this.logoutHandlers) { handler.logout(request, response, authentication); } } }
private void doLogout(HttpServletRequest request, HttpServletResponse response) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); this.handlers.logout(request, response, auth); }
@Autowired List<LogoutHandler> logoutHandlers; @Autwired LogoutSuccessHandler logoutSuccessHandler; private void doLogout() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); for (LogoutHandler handler : handlers) handler.logout(request, response, auth); logoutSuccessHandler.onLogoutSuccess(request, response, auth); }
@Override public void logout() throws ServletException { LogoutHandler handler = HttpServlet3RequestFactory.this.logoutHandler; if (handler == null) { HttpServlet3RequestFactory.this.logger.debug( "logoutHandlers is null, so allowing original HttpServletRequest to handle logout"); super.logout(); return; } Authentication authentication = SecurityContextHolder.getContext() .getAuthentication(); handler.logout(this, this.response, authentication); }
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; if (requiresLogout(request, response)) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (logger.isDebugEnabled()) { logger.debug("Logging out user '" + auth + "' and transferring to logout destination"); } this.handler.logout(request, response, auth); logoutSuccessHandler.onLogoutSuccess(request, response, auth); return; } chain.doFilter(request, response); }
@Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { if (LogoutStatus.REDIRECT.equals(request.getAttribute(RUN_SUCCESS))) { for (LogoutHandler handler : ofNullable(delegates).orElse(emptyList())) { handler.logout(request, response, authentication); } } else if (LogoutStatus.SUCCESS.equals(request.getAttribute(RUN_SUCCESS))) { for (LogoutHandler handler : ofNullable(delegates).orElse(emptyList())) { handler.logout(request, response, authentication); } if (successHandler != null) { successHandler.onLogoutSuccess(request, response, authentication); } } } }
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { if (requiresLogout(request, response)) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (logger.isDebugEnabled()) { logger.debug("Logging out user '" + auth + "' and redirecting to logout page"); } for (int i = 0; i < handlers.length; i++) { handlers[i].logout(request, response, auth); } String targetUrl = determineTargetUrl(request, response); sendRedirect(request, response, targetUrl); return; } chain.doFilter(request, response); }
public class MyAccessDeniedExceptionHandler implements AccessDeniedHandler { @Autowired private List<LogoutHandler> logoutHandlers; @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException { for(LogoutHandler lh : logoutHandlers) { lh.logout(request, response, SecurityContextHolder.getContext().getAuthentication()); } SecurityContextLogoutHandler logoutHandler = new SecurityContextLogoutHandler(); logoutHandler.setInvalidateHttpSession(true); logoutHandler.logout(request, response, SecurityContextHolder.getContext().getAuthentication()); response.sendRedirect(request.getRequestURL().toString()); } }
/** * * {@inheritDoc} */ public boolean logout(Principal principal) { HttpServletRequest request = FlexContext.getHttpRequest(); HttpServletResponse response = FlexContext.getHttpResponse(); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (request != null && response != null) { for (LogoutHandler handler : logoutHandlers) { handler.logout(request, response, auth); } } else { SecurityContextHolder.clearContext(); } return true; }
public class MyApplicationErrorResolver extends SimpleMappingExceptionResolver { @Autowired private List<LogoutHandler> logoutHandlers; @Override protected ModelAndView doResolveException(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) { if(ex instanceof AccessDeniedException) { for(LogoutHandler lh : logoutHandlers) { lh.logout(request, response, SecurityContextHolder.getContext().getAuthentication()); } // Not present as a bean. So create it manually. SecurityContextLogoutHandler logoutHandler = new SecurityContextLogoutHandler(); logoutHandler.setInvalidateHttpSession(true); logoutHandler.logout(request, response, SecurityContextHolder.getContext().getAuthentication()); return new ModelAndView(new RedirectView(request.getRequestURL().toString())); } return super.doResolveException(request, response, handler, ex); } }
handler.logout(request, response, auth);
log.debug("Performing local logout after receiving logout request from {}", context.getPeerEntityId()); for (LogoutHandler handler : handlers) { handler.logout(request, response, auth);