Reputation: 1213
How cancel a cookie in spring security?
i am using spring security for authentication and if i have 2 servers (server1, server2) using the same file war.
the User A make login in server 1, saving data on persistent_logins table. If the user A makes refresh on server 2, is automatically logged. This is correct but if the u*ser A (server1)* makes logout, the data of table persistent_logins is removed and the user A(server 2) when makes refresh, still connect.
What i can do to user A(server 2) change to logout mode?
thanks
Upvotes: 1
Views: 283
Answers (2)
Reputation: 2425
If you know how to catch the moment when you need to make user_A log out, you may consider using filters and clearing the current session.
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// skip non-http requests
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
HttpServletRequest httpRequest = (HttpServletRequest) request;
httpRequest.getSession().invalidate();
...
If you need to inject some beans using spring, you may have a look at DelegatingFilterProxy
Upvotes: 2
Related Questions
- How to make spring boot never issue session cookie?
- Spring security: Delete cookie for logout
- clear cookies while logout in spring security or in angular
- How to delete a cookie from backend upon an error
- Logout and clear cookies programatically from controller in spring boot
- Remove JSESSIONID cookie from Spring Application
- Delete cookie from a servlet response
- How to login by cookie with Spring Security?
- how to delete remember me cookie in spring security
- Spring Security: How to clear `remember me` cookie programmatically?