Logout

We logged in to the application and now we can access the content as per the role. Once we complete our browsing, it's time to leave the application. However, we cannot leave the application just by closing the browser as it's unsafe. We have to log out safely from the application. The standard configuration to configure logout in <http> is shown in the following configuration:

<security:logout logout-success-url="name_of_page_to_redirect"  
  delete-cookies="delete_cookies_or_not"  
  invalidate-session="invalidate_the_session_or_not"/>

The attributes used in the configuration are as follows:

  • logout-success-url: This is the name of the page where the user will redirect
  • delete-cookies: This is the value that specifies to delete the cookies saved to the client or not after logging out
  • invalidate-session: This is the attribute used to invalidate the session after logging out

/logout is the end of one browsing process, which provides the information to the framework that the user had asked for the logout. Now, the framework invokes the specific LogoutHandler. Once the user is logged out, the framework redirects the user to another page that we configured by the logout-success-url attribute in the XML file. Let's configure logout in our application to understand it better.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.14.6.194