Logout

Spring Security provides features to enable a user to log out and be redirected to a specified page. The URI of the LogoutController is typically mapped to the Logout link in the UI. The complete listing of LogoutController is as follows:

    @Controller 
    public class LogoutController { 
      @RequestMapping(value = "/secure/logout",  
      method = RequestMethod.GET) 
      public String logout(HttpServletRequest request, 
      HttpServletResponse response) { 
        Authentication auth =  
        SecurityContextHolder.getContext() 
        .getAuthentication(); 
        if (auth != null) { 
            new SecurityContextLogoutHandler() 
           .logout(request, response, auth); 
            request.getSession().invalidate(); 
          } 
        return "redirect:/secure/welcome"; 
       } 
     }

Things to note are as follows:

  • if (auth != null): If there is a valid authentication, then end the session
  • new SecurityContextLogoutHandler().logout(request, response, auth): SecurityContextLogoutHandler performs a logout by removing the authentication information from SecurityContextHolder
  • return "redirect:/secure/welcome": Redirects to the secure welcome page
本周热推:
算法训练营:入门篇(全彩版)Delphi程序设计基础:教程、实验、习题Django实战:Python Web典型模块与项目开发C/C++程序设计教程Visual Basic学习手册
上一章目录下一章