Class SpringAddonsLogoutSuccessHandler
java.lang.Object
org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
com.c4_soft.springaddons.security.oidc.starter.synchronised.client.SpringAddonsLogoutSuccessHandler
- All Implemented Interfaces:
org.springframework.security.web.authentication.logout.LogoutSuccessHandler
public class SpringAddonsLogoutSuccessHandler
extends org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
Provide with RP-Initiated
Logout for authorization-servers fully compliant with OIDC standard as well as those "almost"
implementing the spec. It is (auto)configured with SpringAddonsOidcClientProperties.
This implementation is not multi-tenant ready. It will terminate the user session on this application as well as on a single authorization-server (the one which emitted the access-token with which the logout request is made).
This bean is auto-configured by SpringAddonsOidcClientWithLoginBeans as
@ConditionalOnMissingBean of type
LogoutSuccessHandler. Usage:
SecurityFilterChain uiFilterChain(HttpSecurity http, LogoutSuccessHandler logoutSuccessHandler) {
http.logout().logoutSuccessHandler(logoutSuccessHandler);
}
- Author:
- Jerome Wacongne ch4mp@c4-soft.com
- See Also:
-
Field Summary
Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
logger -
Constructor Summary
ConstructorsConstructorDescriptionSpringAddonsLogoutSuccessHandler(LogoutRequestUriBuilder uriBuilder, org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository, SpringAddonsOidcProperties addonsProperties) -
Method Summary
Modifier and TypeMethodDescriptionprotected StringdetermineTargetUrl(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) voidonLogoutSuccess(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer
-
Constructor Details
-
SpringAddonsLogoutSuccessHandler
public SpringAddonsLogoutSuccessHandler(LogoutRequestUriBuilder uriBuilder, org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository, SpringAddonsOidcProperties addonsProperties)
-
-
Method Details
-
determineTargetUrl
protected String determineTargetUrl(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) - Overrides:
determineTargetUrlin classorg.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
onLogoutSuccess
public void onLogoutSuccess(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) throws IOException, jakarta.servlet.ServletException - Specified by:
onLogoutSuccessin interfaceorg.springframework.security.web.authentication.logout.LogoutSuccessHandler- Overrides:
onLogoutSuccessin classorg.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler- Throws:
IOExceptionjakarta.servlet.ServletException
-