Java Code Examples for org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler

The following examples show how to use org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: SpringSecurity-JWT-Vue-Deom   Source File: LogoutController.java    License: MIT License 6 votes vote down vote up
@GetMapping("/api/logout")
public ResultDetails logout(HttpServletRequest request, HttpServletResponse response) {
    Cookie cookie = WebUtils.getCookie(request, TokenAuthenticationHelper.COOKIE_TOKEN);
    Authentication authentication = TokenAuthenticationHelper.getAuthentication(request);
    if (cookie != null) {
        new SecurityContextLogoutHandler().logout(request, response, authentication);
        cookie.setValue(null);
        cookie.setMaxAge(0);
        cookie.setPath("/");
        cookie.setHttpOnly(true);
        response.addCookie(cookie);
    }
    ResultDetails resultDetails = new ResultDetails();
    resultDetails.setStatus(HttpStatus.OK.value());
    resultDetails.setMessage("退出成功!");
    resultDetails.setTimestamp(LocalDateTime.now());
    return resultDetails;
}
 
Example 2
Source Project: Spring   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
				.regexMatchers("/chief/.*").hasRole("CHIEF")
				.regexMatchers("/agent/.*").access("hasRole('USER') and principal.name='James Bond'")
				.anyRequest().authenticated()
				.and().httpBasic()
				.and().requiresChannel().anyRequest().requiresSecure();

		http.formLogin()
				.loginPage("/login").permitAll();
		
		http.exceptionHandling().accessDeniedPage("/accessDenied");
		
//		http.logout();
		
		http.logout()
			.logoutUrl("/customlogout")                                           
			.logoutSuccessUrl("/")                              
			.logoutSuccessHandler(new CustomLogoutSuccessHandler())                              
			.invalidateHttpSession(true) //true by default                              
			.addLogoutHandler(new SecurityContextLogoutHandler())                                      
			.deleteCookies("JSESSIONID");    
	}
 
Example 3
Source Project: Spring   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests()
            .regexMatchers("/chief/.*").hasRole("CHIEF")
            .regexMatchers("/agent/.*").access("hasRole('USER') and principal.name='James Bond'")
            .anyRequest().authenticated()
            .and().httpBasic()
            .and().requiresChannel().anyRequest().requiresSecure();

    http.formLogin().loginPage("/login").permitAll();

    http.exceptionHandling().accessDeniedPage("/accessDenied");

    http
            .logout()
            .logoutUrl("/customlogout")
            .logoutSuccessUrl("/")
            .logoutSuccessHandler(new CustomLogoutSuccessHandler())
            .invalidateHttpSession(true) //true by default
            .addLogoutHandler(new SecurityContextLogoutHandler())
            .deleteCookies("JSESSIONID");
}
 
Example 4
Source Project: Spring   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests()
            //	.regexMatchers("/chief/.*").hasRole("CHIEF")
            //	.regexMatchers("/agent/.*").access("hasRole('USER') and principal.name='James Bond'")
            .anyRequest().authenticated()
            .and().httpBasic()
            .and().requiresChannel().anyRequest().requiresSecure();

    http.formLogin().loginPage("/login").permitAll();

    http.exceptionHandling().accessDeniedPage("/accessDenied");

    http
            .logout()
            .logoutUrl("/customlogout")
            .logoutSuccessUrl("/")
            .logoutSuccessHandler(new CustomLogoutSuccessHandler())
            .invalidateHttpSession(true) //true by default
            .addLogoutHandler(new SecurityContextLogoutHandler())
            .deleteCookies("JSESSIONID");
}
 
Example 5
/**
 * @return org.springframework.http.ResponseEntity
 * @description 登出
 * @Param: [authHeader, request, response]
 * @author somewhere
 * @date 2020/5/30
 */
@AnonymousAccess
@GetMapping(value = "/logout")
@ApiOperation("登出")
public ResponseEntity logout(@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false) String authHeader,
							 HttpServletRequest request, HttpServletResponse response) {
	String tokenValue = authHeader.replace("Bearer ", StrUtil.EMPTY).trim();
	RedisUtil.delete(tokenValue);
	Authentication auth = SecurityContextHolder.getContext().getAuthentication();
	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
	}
	WebUtil.removeCookie(response, HttpHeaders.AUTHORIZATION);
	request.getSession().invalidate();
	return ResponseEntityBuilder.buildOk("退出登录成功");

}
 
Example 6
Source Project: tutorials   Source File: SimpleSecurityConfiguration.java    License: MIT License 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .antMatcher("/cookies/**")
        .authorizeRequests(authz -> authz.anyRequest().permitAll())
        .logout(logout -> logout
            .logoutUrl("/cookies/cookielogout")
            .addLogoutHandler(new SecurityContextLogoutHandler())
            .addLogoutHandler((request, response, auth) -> {
                for (Cookie cookie : request.getCookies()) {
                    String cookieName = cookie.getName();
                    Cookie cookieToDelete = new Cookie(cookieName, null);
                    cookieToDelete.setMaxAge(0);
                    response.addCookie(cookieToDelete);
                }
            })
        );
}
 
Example 7
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example 8
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example 9
Source Project: kubernetes-crash-course   Source File: LogoutController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example 10
Source Project: kubernetes-crash-course   Source File: LogoutController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example 11
Source Project: Mastering-Spring-5.1   Source File: LogoutController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/secure/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext()
			.getAuthentication();

	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/secure/welcome";
}
 
Example 12
Source Project: docker-crash-course   Source File: LogoutController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example 13
Source Project: docker-crash-course   Source File: LogoutController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example 14
Source Project: cola   Source File: LoginController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logoutPage(HttpServletRequest request, HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext().getAuthentication();
	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
	}
	return "redirect:/login?logout";
}
 
Example 15
Source Project: Spring   Source File: CustomSpringSecurityFilterChain.java    License: Apache License 2.0 5 votes vote down vote up
private static List<SecurityFilterChain> filterChains() {
    final List<SecurityFilterChain> filterChain = new ArrayList<>();

    final LogoutFilter customLogoutFilter =
            new LogoutFilter(new CustomLogoutSuccessHandler(), new SecurityContextLogoutHandler());
    customLogoutFilter.setFilterProcessesUrl("/customlogout");
    filterChain.add(new DefaultSecurityFilterChain(
            new AntPathRequestMatcher("/customlogout**"), customLogoutFilter));
    return filterChain;
}
 
Example 16
@PostMapping("/logout")
public String logout(HttpServletRequest request, HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext().getAuthentication();
	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/login";
}
 
Example 17
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logoutPage(HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null) {
        new SecurityContextLogoutHandler().logout(request, response, auth);
    }
    return "guest/logout";
}
 
Example 18
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logoutPage(HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null) {
        new SecurityContextLogoutHandler().logout(request, response, auth);
    }
    return "guest/logout";
}
 
Example 19
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logoutPage(HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null) {
        new SecurityContextLogoutHandler().logout(request, response, auth);
    }
    return "guest/logout";
}
 
Example 20
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logoutPage(HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null) {
        new SecurityContextLogoutHandler().logout(request, response, auth);
    }
    return "guest/logout";
}
 
Example 21
Source Project: Taroco   Source File: TokenController.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 退出
 */
@GetMapping("/exit")
public void removeToken(HttpServletRequest request, HttpServletResponse response) {
    new SecurityContextLogoutHandler().logout(request, null, null);
    try {
        //sending back to client app
        response.sendRedirect(request.getHeader("referer"));
    } catch (IOException e) {
        e.printStackTrace();
    }
}
 
Example 22
Source Project: itweet-boot   Source File: LoginController.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * This method handles logout requests.
 * Toggle the handlers if you are RememberMe functionality is useless in your app.
 */
@RequestMapping(value="/admin/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null){
        new SecurityContextLogoutHandler().logout(request, response, auth);
        SecurityContextHolder.getContext().setAuthentication(null);
    }
    return "redirect:/admin/login";
}
 
Example 23
Source Project: Mastering-Spring-5.0   Source File: LogoutController.java    License: MIT License 5 votes vote down vote up
@RequestMapping(value = "/secure/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext()
			.getAuthentication();

	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/secure/welcome";
}
 
Example 24
Source Project: Spring-Security-Third-Edition   Source File: CasConfig.java    License: MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example 25
Source Project: Spring-Security-Third-Edition   Source File: CasConfig.java    License: MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example 26
Source Project: Spring-Security-Third-Edition   Source File: CasConfig.java    License: MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example 27
Source Project: Spring-Security-Third-Edition   Source File: CasConfig.java    License: MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example 28
Source Project: Spring-Security-Third-Edition   Source File: CasConfig.java    License: MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example 29
Source Project: jeesupport   Source File: AbsController.java    License: MIT License 5 votes vote down vote up
@RequestMapping( "/${jees.webs.logout}" )
public String logout( HttpServletRequest _request, HttpServletResponse _response ){
    log.debug( "--用户登出" );

    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if( auth != null )
        new SecurityContextLogoutHandler().logout( _request, _response, auth );

    sessionRegistry.removeSessionInformation( _request.getSession().getId() );

    return "redirect:/";
}
 
Example 30
Source Project: jump-the-queue   Source File: BaseWebSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Create a simple filter that allows logout on a REST Url /services/rest/logout and returns a simple HTTP status 200
 * ok.
 *
 * @return the filter.
 */
protected Filter getSimpleRestLogoutFilter() {

  LogoutFilter logoutFilter = new LogoutFilter(new LogoutSuccessHandlerReturningOkHttpStatusCode(),
      new SecurityContextLogoutHandler());

  // configure logout for rest logouts
  logoutFilter.setLogoutRequestMatcher(new AntPathRequestMatcher("/services/rest/logout"));

  return logoutFilter;
}