Package org.dspace.app.rest.security

Class CustomLogoutHandler

java.lang.Object

org.dspace.app.rest.security.CustomLogoutHandler

All Implemented Interfaces:

org.springframework.security.web.authentication.logout.LogoutHandler

@Component
public class CustomLogoutHandler
extends Object
implements org.springframework.security.web.authentication.logout.LogoutHandler

Custom logout handler to support stateless sessions

Author:

Frederic Van Reet (frederic dot vanreet at atmire dot com), Tom Desair (tom dot desair at atmire dot com)

Constructor Summary

Constructors

Constructor	Description
CustomLogoutHandler()

Method Summary

Modifier and Type	Method	Description
void	logout(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, org.springframework.security.core.Authentication authentication)	This method removes the session salt from an eperson, this way the token won't be verified anymore

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CustomLogoutHandler

public CustomLogoutHandler()

Method Details

logout

public void logout(javax.servlet.http.HttpServletRequest httpServletRequest,
 javax.servlet.http.HttpServletResponse httpServletResponse,
 org.springframework.security.core.Authentication authentication)

This method removes the session salt from an eperson, this way the token won't be verified anymore

Specified by:

logout in interface org.springframework.security.web.authentication.logout.LogoutHandler

Parameters:

httpServletRequest -

httpServletResponse -

authentication -