stackoom
  简体   繁体   中英

How to logout user(not current) by login?

 原文  2017-09-07 14:16:47       java/ authentication/ spring-boot/ spring-security

Question

I have 2 roles in my system: user and admin

admin can logout any user by name.

How can I do this? I need something like this:

service.logoutUser(anotherUserName)

config looks like this: 

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers
                 ....
                .formLogin()
                .loginProcessingUrl("/api/login")
                .successHandler(authenticationSuccessHandler)
                .failureHandler(new SimpleUrlAuthenticationFailureHandler())
                .and()
            .rememberMe()
                .key("...")
                .rememberMeCookieName("...")
                .userDetailsService(userDetailsService)
                .and()
            .csrf()
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                .and()
            .logout()
                .deleteCookies("JSESSIONID")
                .logoutUrl("/logout")
                .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
                .permitAll();

1 answers

solution1
 2 ACCPTED  2017-09-07 15:22:11

Something like this: 

import org.springframework.security.core.userdetails.User;
...
...
Set<SimpleGrantedAuthority> userRoles = new HashSet<>();
userRoles.add(new SimpleGrantedAuthority("ROLE_USER"));
User user = new User(anotherUserName, "", userRoles);
List<SessionInformation> sessions = sessionRegistry.getAllSessions(u, false);

for(SessionInformation info : infos) {
   info.expireNow();
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to logout current user from Spring Security? how to invoke a function in user login and logout in CAS logout from current jsp page to a login page How to get current login user information in LDAP Android save user login logout state How to close current and previous one activity when user logout from app in android? how to add current login user to welcome.java How to get current user status and presence when login? SMACK XMPP How to change the login name for the current user with Spring Security 3.1? How to redirect on login page after logout
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM