Nirmal Nirmal - 1 year ago 60
Java Question

How to implement Logout feature using Spring Web Mvc

I am new to Spring Web MVC..

Can I get some example or online link that shows me how to implement logout feature using spring web mvc ?

I don't want to use the in built feature of spring security (i.e. ACEGI)..

Thanks in advance...

Answer Source

The trick with the session invalidation doesn't work. It seems the Spring authentication buffers the session ID somewhere and accept the COOKIE even, if the session was invalidated.

Another solution is to clear the Spring security context manually:

public void manualLogout() {

Here is the code, how to log in user manually (if somebody needs):

public void doManualLogin(HttpServletRequest request, String u, String p) {
    UsernamePasswordAuthenticationToken token = 
            new UsernamePasswordAuthenticationToken(u, p);
    token.setDetails(new WebAuthenticationDetails(request));
    Authentication auth = authenticationProvider.authenticate(token);

where the authenticationProvider is the bean from you spring configuration which implements