gstackoverflow gstackoverflow - 1 year ago 149
Java Question

How to revoke auth token in spring security?

In logout controller I tryed to write a lot of combination of code. Now I have this:

final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null)
new SecurityContextLogoutHandler().logout(request, response, auth);

But after it this token is valid.

What Do I wrong?

What new can I to try ?

Answer Source

I'm little late here, but anyway... The class you're looking for is DefaultServices, method revokeToken(String tokenValue).

Here an exemple of a controller that revokes token, and here the oauth2 configuration with the DefaultServices bean.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download