I am authenticating the loggedin user using UserNamePasswordAuthentictionToken
.
But after that on some condition i want to log out manually. Inside if condition I have put the below code. I am getting authenticated=false
, but principal object still remains there..
SecurityContextHolder.getContext().getAuthentication()
.setAuthenticated(false);
SecurityContextHolder.clearContext();
SecurityContextHolder.getContext().setAuthentication(null)
.
authenticated
is just a boolean flag beside the principal object.
I don't know your version of Spring, but still you can also add:
SecurityContextLogoutHandler logoutHandler = new SecurityContextLogoutHandler();
if( currentUser == null ) {
logoutHandler.logout(request, response, auth);
}
next after to call of clearContext();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.