Announcement Announcement Module
Collapse
No announcement yet.
External logout Spring security Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • External logout Spring security

    Hi,
    I have following requirement. I am using Spring security
    My client's application will fire logout URL with a user token. My application should intercept the logout URL and should invalidate all the active sessions associated with the user token as part of logout. SecurityContextLogoutHandler is able to invalidate the user if the new logout is fired on another tab of the browser. When logout URL is fired in a new browser window with a given user token, the application opened in other browser windows for that user token should have there session invalidated

  • #2
    Works by using HTTPSessionAttributeListener

    We need to check whether this works on Load Balancer environment

    Comment


    • #3
      I think the same session would get continued and active while a webrequest is redirected form one browser to another one.

      Comment

      Working...
      X