org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler Java Examples

The following examples show how to use org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: LogoutController.java    From SpringSecurity-JWT-Vue-Deom with MIT License 7 votes vote down vote up
@GetMapping("/api/logout")
public ResultDetails logout(HttpServletRequest request, HttpServletResponse response) {
    Cookie cookie = WebUtils.getCookie(request, TokenAuthenticationHelper.COOKIE_TOKEN);
    Authentication authentication = TokenAuthenticationHelper.getAuthentication(request);
    if (cookie != null) {
        new SecurityContextLogoutHandler().logout(request, response, authentication);
        cookie.setValue(null);
        cookie.setMaxAge(0);
        cookie.setPath("/");
        cookie.setHttpOnly(true);
        response.addCookie(cookie);
    }
    ResultDetails resultDetails = new ResultDetails();
    resultDetails.setStatus(HttpStatus.OK.value());
    resultDetails.setMessage("退出成功!");
    resultDetails.setTimestamp(LocalDateTime.now());
    return resultDetails;
}
 
Example #2
Source File: AccoutJwtResource.java    From albedo with GNU Lesser General Public License v3.0 7 votes vote down vote up
/**
 * @return org.springframework.http.ResponseEntity
 * @description 登出
 * @Param: [authHeader, request, response]
 * @author somewhere
 * @date 2020/5/30
 */
@AnonymousAccess
@GetMapping(value = "/logout")
@ApiOperation("登出")
public ResponseEntity logout(@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false) String authHeader,
							 HttpServletRequest request, HttpServletResponse response) {
	String tokenValue = authHeader.replace("Bearer ", StrUtil.EMPTY).trim();
	RedisUtil.delete(tokenValue);
	Authentication auth = SecurityContextHolder.getContext().getAuthentication();
	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
	}
	WebUtil.removeCookie(response, HttpHeaders.AUTHORIZATION);
	request.getSession().invalidate();
	return ResponseEntityBuilder.buildOk("退出登录成功");

}
 
Example #3
Source File: SimpleSecurityConfiguration.java    From tutorials with MIT License 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .antMatcher("/cookies/**")
        .authorizeRequests(authz -> authz.anyRequest().permitAll())
        .logout(logout -> logout
            .logoutUrl("/cookies/cookielogout")
            .addLogoutHandler(new SecurityContextLogoutHandler())
            .addLogoutHandler((request, response, auth) -> {
                for (Cookie cookie : request.getCookies()) {
                    String cookieName = cookie.getName();
                    Cookie cookieToDelete = new Cookie(cookieName, null);
                    cookieToDelete.setMaxAge(0);
                    response.addCookie(cookieToDelete);
                }
            })
        );
}
 
Example #4
Source File: SecurityConfig.java    From Spring with Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests()
            //	.regexMatchers("/chief/.*").hasRole("CHIEF")
            //	.regexMatchers("/agent/.*").access("hasRole('USER') and principal.name='James Bond'")
            .anyRequest().authenticated()
            .and().httpBasic()
            .and().requiresChannel().anyRequest().requiresSecure();

    http.formLogin().loginPage("/login").permitAll();

    http.exceptionHandling().accessDeniedPage("/accessDenied");

    http
            .logout()
            .logoutUrl("/customlogout")
            .logoutSuccessUrl("/")
            .logoutSuccessHandler(new CustomLogoutSuccessHandler())
            .invalidateHttpSession(true) //true by default
            .addLogoutHandler(new SecurityContextLogoutHandler())
            .deleteCookies("JSESSIONID");
}
 
Example #5
Source File: SecurityConfig.java    From Spring with Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests()
            .regexMatchers("/chief/.*").hasRole("CHIEF")
            .regexMatchers("/agent/.*").access("hasRole('USER') and principal.name='James Bond'")
            .anyRequest().authenticated()
            .and().httpBasic()
            .and().requiresChannel().anyRequest().requiresSecure();

    http.formLogin().loginPage("/login").permitAll();

    http.exceptionHandling().accessDeniedPage("/accessDenied");

    http
            .logout()
            .logoutUrl("/customlogout")
            .logoutSuccessUrl("/")
            .logoutSuccessHandler(new CustomLogoutSuccessHandler())
            .invalidateHttpSession(true) //true by default
            .addLogoutHandler(new SecurityContextLogoutHandler())
            .deleteCookies("JSESSIONID");
}
 
Example #6
Source File: SecurityConfig.java    From Spring with Apache License 2.0 6 votes vote down vote up
@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
				.regexMatchers("/chief/.*").hasRole("CHIEF")
				.regexMatchers("/agent/.*").access("hasRole('USER') and principal.name='James Bond'")
				.anyRequest().authenticated()
				.and().httpBasic()
				.and().requiresChannel().anyRequest().requiresSecure();

		http.formLogin()
				.loginPage("/login").permitAll();
		
		http.exceptionHandling().accessDeniedPage("/accessDenied");
		
//		http.logout();
		
		http.logout()
			.logoutUrl("/customlogout")                                           
			.logoutSuccessUrl("/")                              
			.logoutSuccessHandler(new CustomLogoutSuccessHandler())                              
			.invalidateHttpSession(true) //true by default                              
			.addLogoutHandler(new SecurityContextLogoutHandler())                                      
			.deleteCookies("JSESSIONID");    
	}
 
Example #7
Source File: LogoutConfigurerTest.java    From spring-boot-security-saml with MIT License 5 votes vote down vote up
@Test
public void configure_defaults() throws Exception {
    LogoutConfigurer configurer = spy(new LogoutConfigurer());
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
    when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
    when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties).getDefaultTargetUrl();
    verify(logoutProperties, times(2)).isInvalidateSession();
    verify(logoutProperties, times(2)).isClearAuthentication();
    verify(logoutProperties).getLogoutUrl();
    verify(logoutProperties).getSingleLogoutUrl();
    verify(successHandler).setDefaultTargetUrl(eq(logoutProperties.getDefaultTargetUrl()));
    verify(localHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
    verify(localHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
    verify(globalHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
    verify(globalHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
 
Example #8
Source File: LogoutController.java    From Mastering-Spring-5.0 with MIT License 5 votes vote down vote up
@RequestMapping(value = "/secure/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext()
			.getAuthentication();

	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/secure/welcome";
}
 
Example #9
Source File: CasConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example #10
Source File: CasConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example #11
Source File: CasConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example #12
Source File: CasConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example #13
Source File: CasConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * Request single point exit filter
 */
@Bean
public LogoutFilter casLogoutFilter() {
    LogoutFilter logoutFilter = new LogoutFilter(
            casServerLogout,
            new SecurityContextLogoutHandler());
    logoutFilter.setFilterProcessesUrl("/logout");
    return logoutFilter;
}
 
Example #14
Source File: AbsController.java    From jeesupport with MIT License 5 votes vote down vote up
@RequestMapping( "/${jees.webs.logout}" )
public String logout( HttpServletRequest _request, HttpServletResponse _response ){
    log.debug( "--用户登出" );

    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if( auth != null )
        new SecurityContextLogoutHandler().logout( _request, _response, auth );

    sessionRegistry.removeSessionInformation( _request.getSession().getId() );

    return "redirect:/";
}
 
Example #15
Source File: BaseWebSecurityConfig.java    From jump-the-queue with Apache License 2.0 5 votes vote down vote up
/**
 * Create a simple filter that allows logout on a REST Url /services/rest/logout and returns a simple HTTP status 200
 * ok.
 *
 * @return the filter.
 */
protected Filter getSimpleRestLogoutFilter() {

  LogoutFilter logoutFilter = new LogoutFilter(new LogoutSuccessHandlerReturningOkHttpStatusCode(),
      new SecurityContextLogoutHandler());

  // configure logout for rest logouts
  logoutFilter.setLogoutRequestMatcher(new AntPathRequestMatcher("/services/rest/logout"));

  return logoutFilter;
}
 
Example #16
Source File: AppController.java    From template-spring-boot-oauth2-wso2-is with Apache License 2.0 5 votes vote down vote up
/**
 * NOTE that this method assumes that the user performing this action is authenticated.
 * This is implied by the implementation, noting it here in addition to this.
 */
@RequestMapping(value="/logout", method = RequestMethod.GET)
public String logoutPage (HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null) {
        new SecurityContextLogoutHandler().logout(request, response, auth);
    }
    return "redirect:/";
}
 
Example #17
Source File: LogoutController.java    From Mastering-Spring-5.1 with MIT License 5 votes vote down vote up
@RequestMapping(value = "/secure/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext()
			.getAuthentication();

	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/secure/welcome";
}
 
Example #18
Source File: LogoutConfigurerTest.java    From spring-boot-security-saml with MIT License 5 votes vote down vote up
@Test
public void configure_handlers_defaults() throws Exception {
    LogoutConfigurer configurer = new LogoutConfigurer();
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    configurer
            .successHandler(successHandler)
            .localHandler(localHandler)
            .globalHandler(globalHandler);
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties, never()).getDefaultTargetUrl();
    verify(logoutProperties, never()).isInvalidateSession();
    verify(logoutProperties, never()).isClearAuthentication();
    verify(logoutProperties).getLogoutUrl();
    verify(logoutProperties).getSingleLogoutUrl();
    verifyZeroInteractions(successHandler, localHandler, globalHandler);
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
 
Example #19
Source File: LogoutConfigurerTest.java    From spring-boot-security-saml with MIT License 5 votes vote down vote up
@Test
public void configure_arguments() throws Exception {
    LogoutConfigurer configurer = spy(new LogoutConfigurer());
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
    when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
    when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
    configurer
            .defaultTargetURL("/default")
            .clearAuthentication(false)
            .invalidateSession(true)
            .logoutURL("/lo")
            .singleLogoutURL("/slo");
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties, never()).getDefaultTargetUrl();
    verify(logoutProperties, never()).isInvalidateSession();
    verify(logoutProperties, never()).isClearAuthentication();
    verify(logoutProperties, never()).getLogoutUrl();
    verify(logoutProperties, never()).getSingleLogoutUrl();
    verify(successHandler).setDefaultTargetUrl(eq("/default"));
    verify(localHandler).setClearAuthentication(eq(false));
    verify(localHandler).setInvalidateHttpSession(eq(true));
    verify(globalHandler).setClearAuthentication(eq(false));
    verify(globalHandler).setInvalidateHttpSession(eq(true));
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo("/lo");
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo("/slo");
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo("/lo");
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo("/slo");
}
 
Example #20
Source File: LogoutController.java    From SpringMvcStepByStep with MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext()
			.getAuthentication();

	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/";
}
 
Example #21
Source File: SAMLConfig.java    From spring-boot-security-saml-samples with MIT License 5 votes vote down vote up
@Bean
public SecurityContextLogoutHandler logoutHandler() {
    SecurityContextLogoutHandler handler = new SecurityContextLogoutHandler();
    //handler.setInvalidateHttpSession(true);
    handler.setClearAuthentication(true);
    return handler;
}
 
Example #22
Source File: LogoutController.java    From SpringMvcStepByStep with MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext()
			.getAuthentication();

	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
		request.getSession().invalidate();
	}
	return "redirect:/";
}
 
Example #23
Source File: SecurityConfiguration.java    From demo-spring-security-cas with Apache License 2.0 5 votes vote down vote up
@Bean
public LogoutFilter requestCasGlobalLogoutFilter() {
	LogoutFilter logoutFilter = new LogoutFilter(env.getRequiredProperty(CAS_URL_LOGOUT) + "?service="
			+ env.getRequiredProperty(APP_SERVICE_HOME), new SecurityContextLogoutHandler());
	// logoutFilter.setFilterProcessesUrl("/logout");
	// logoutFilter.setFilterProcessesUrl("/j_spring_cas_security_logout");
	logoutFilter.setLogoutRequestMatcher(new AntPathRequestMatcher("/logout", "POST"));
	return logoutFilter;
}
 
Example #24
Source File: UserRestController.java    From jakduk-api with MIT License 5 votes vote down vote up
@DeleteMapping("")
public EmptyJsonResponse deleteUser(
        HttpServletRequest request,
        HttpServletResponse response) {

    SessionUser sessionUser = AuthUtils.getSessionProfile();

    userService.deleteUser(sessionUser.getId());

    // 참고 @{link http://websystique.com/spring-security/spring-security-4-logout-example/}
    new SecurityContextLogoutHandler().logout(request, response, SecurityContextHolder.getContext().getAuthentication());

    return EmptyJsonResponse.newInstance();
}
 
Example #25
Source File: AuthController.java    From tutorials with MIT License 5 votes vote down vote up
@GetMapping("/logout")
public String logout(HttpServletRequest request, HttpServletResponse response, SecurityContextLogoutHandler logoutHandler) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    CookieClearingLogoutHandler cookieClearingLogoutHandler = new CookieClearingLogoutHandler(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
    cookieClearingLogoutHandler.logout(request, response, auth);
    logoutHandler.logout(request, response, auth);
    return "auth/logout";
}
 
Example #26
Source File: LoginController.java    From itweet-boot with Apache License 2.0 5 votes vote down vote up
/**
 * This method handles logout requests.
 * Toggle the handlers if you are RememberMe functionality is useless in your app.
 */
@RequestMapping(value="/admin/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request, HttpServletResponse response) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth != null){
        new SecurityContextLogoutHandler().logout(request, response, auth);
        SecurityContextHolder.getContext().setAuthentication(null);
    }
    return "redirect:/admin/login";
}
 
Example #27
Source File: LoginController.java    From cola with MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logoutPage(HttpServletRequest request, HttpServletResponse response) {
	Authentication auth = SecurityContextHolder.getContext().getAuthentication();
	if (auth != null) {
		new SecurityContextLogoutHandler().logout(request, response, auth);
	}
	return "redirect:/login?logout";
}
 
Example #28
Source File: CustomSpringSecurityFilterChain.java    From Spring with Apache License 2.0 5 votes vote down vote up
private static List<SecurityFilterChain> filterChains() {
    final List<SecurityFilterChain> filterChain = new ArrayList<>();

    final LogoutFilter customLogoutFilter =
            new LogoutFilter(new CustomLogoutSuccessHandler(), new SecurityContextLogoutHandler());
    customLogoutFilter.setFilterProcessesUrl("/customlogout");
    filterChain.add(new DefaultSecurityFilterChain(
            new AntPathRequestMatcher("/customlogout**"), customLogoutFilter));
    return filterChain;
}
 
Example #29
Source File: LogoutController.java    From kubernetes-crash-course with MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}
 
Example #30
Source File: LogoutController.java    From kubernetes-crash-course with MIT License 5 votes vote down vote up
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request,
		HttpServletResponse response) {
	
	Authentication authentication = SecurityContextHolder.getContext()
			.getAuthentication();
	
	if (authentication != null) {
		new SecurityContextLogoutHandler().logout(request, response,
				authentication);
	}

	return "redirect:/";
}