Class OidcBackChannelServerLogoutHandler
java.lang.Object
org.springframework.security.config.web.server.OidcBackChannelServerLogoutHandler
- All Implemented Interfaces:
ServerLogoutHandler
A
ServerLogoutHandler that locates the sessions associated with a given OIDC
Back-Channel Logout Token and invalidates each one.- Since:
- 6.4
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionOidcBackChannelServerLogoutHandler(ReactiveOidcSessionRegistry sessionRegistry) -
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<Void>logout(WebFilterExchange exchange, Authentication authentication) Invoked when log out is requestedvoidsetLogoutUri(String logoutUri) Use this logout URI for performing per-session logout.voidsetSessionCookieName(String sessionCookieName) Use this cookie name for the session identifier.
-
Constructor Details
-
OidcBackChannelServerLogoutHandler
-
-
Method Details
-
logout
public reactor.core.publisher.Mono<Void> logout(WebFilterExchange exchange, Authentication authentication) Description copied from interface:ServerLogoutHandlerInvoked when log out is requested- Specified by:
logoutin interfaceServerLogoutHandler- Parameters:
exchange- the exchangeauthentication- theAuthentication- Returns:
- a completion notification (success or error)
-
setLogoutUri
Use this logout URI for performing per-session logout. Defaults to/logoutsince that is the default URI forLogoutFilter.- Parameters:
logoutUri- the URI to use
-
setSessionCookieName
Use this cookie name for the session identifier. Defaults toJSESSIONID.Note that if you are using Spring Session, this likely needs to change to SESSION.
- Parameters:
sessionCookieName- the cookie name to use
-