Reputation: 5314
Spring Boot - How to kill current Spring Security session?
Currently I know that my setup is working because I was able to login properly using the basic HTTP authentication.
I used these properties:
security.basic.enabled=true
security.user.name=user
security.user.password=1qaz2wsx
security.user.role=USER
However, I want to relogin again. I tried clearing cookies (I assumed it was saved there), I checked my local/session storage and cookies in Chrome dev tools but it was blank.
I tried accessing my site in incognito and it asks me to login (for the first time since I only logged in to Chrome non-incognito).
How do I "kill" my session in Spring Security?
Upvotes: 1
Views: 3131
Answers (1)
Reputation: 44545
If you use basic authentication, the browser stores the authentication until you close it (or exit the incognito mode, if you used it). There is no possibility to delete the session on server side, since the browser would just reauthenticate. If you want to be able to logout, use form login.
Upvotes: 3
Related Questions
- How to manually log out a user with spring security?
- Spring Boot + Spring Security - unable to log out
- Spring security delete user - session still active
- Spring Boot Security Logout Does Not Invalidate Session
- How do you log out all logged in users in spring-security?
- Spring Security: Not able to logout/invalidate session
- How to log out using spring-security?
- Clear Spring Session on Login?
- Removing Session in Spring Security
- Is it possible to invalidate a spring security session?