Examples of org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler

• org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
  Performs a logout by modifying the {@link org.springframework.security.core.context.SecurityContextHolder}.

  Will also invalidate the {@link HttpSession} if {@link #isInvalidateHttpSession()} is {@code true} and thesession is not {@code null}.

  Will also remove the {@link Authentication} from the current {@link SecurityContext} if {@link #clearAuthentication}is set to true (default). @author Ben Alex @author Rob Winch

    public static void contributeLogoutService(
            final OrderedConfiguration<LogoutHandler> cfg,
            @Inject RequestGlobals globals,
            @InjectService( "RememberMeLogoutHandler" ) final LogoutHandler rememberMeLogoutHandler ) {

        cfg.add( "securityContextLogoutHandler", new SecurityContextLogoutHandler() );
        cfg.add( "rememberMeLogoutHandler", rememberMeLogoutHandler );
        cfg.add( "tapestryLogoutHandler", new TapestryLogoutHandler( globals ) ,new String[0]);
    }

    public static void contributeLogoutService(
            final OrderedConfiguration<LogoutHandler> cfg,
            @Inject RequestGlobals globals,
            @InjectService( "RememberMeLogoutHandler" ) final LogoutHandler rememberMeLogoutHandler ) {

        cfg.add( "securityContextLogoutHandler", new SecurityContextLogoutHandler() );
        cfg.add( "rememberMeLogoutHandler", rememberMeLogoutHandler );
        cfg.add( "tapestryLogoutHandler", new TapestryLogoutHandler( globals ) ,new String[0]);
    }

 */
public class LogoutHandlerTests extends TestCase {
    LogoutFilter filter;

    protected void setUp() throws Exception {
        filter = new LogoutFilter("/success", new SecurityContextLogoutHandler());
    }

        MockHttpServletResponse response = new MockHttpServletResponse();

        // Setup our test fixture and registry to want this session to be expired
        ConcurrentSessionFilter filter = new ConcurrentSessionFilter();
        filter.setRedirectStrategy(new DefaultRedirectStrategy());
        filter.setLogoutHandlers(new LogoutHandler[] {new SecurityContextLogoutHandler()});

        SessionRegistry registry = new SessionRegistryImpl();
        registry.registerNewSession(session.getId(), "principal");
        registry.getSessionInformation(session.getId()).expireNow();
        filter.setSessionRegistry(registry);

        if (!StringUtils.hasText(invalidateSession)) {
            invalidateSession = DEF_INVALIDATE_SESSION;
        }

        ManagedList handlers = new ManagedList();
        SecurityContextLogoutHandler sclh = new SecurityContextLogoutHandler();
        if ("true".equals(invalidateSession)) {
            sclh.setInvalidateHttpSession(true);
        } else {
            sclh.setInvalidateHttpSession(false);
        }
        handlers.add(sclh);

        if (rememberMeServices != null) {
            handlers.add(new RuntimeBeanReference(rememberMeServices));

    @Override
    public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException {
        super.initializeFromConfig(config);

        logoutHandler = new SecurityContextLogoutHandler();
        redirectUrl= ((LogoutFilterConfig) config).getRedirectURL();
        logoutSuccessHandler=new SimpleUrlLogoutSuccessHandler();
        if (StringUtils.hasLength(redirectUrl))
            logoutSuccessHandler.setDefaultTargetUrl(redirectUrl);
        pathInfos=GeoServerSecurityFilterChain.FORM_LOGOUT_CHAIN.split(",");

        return exceptionTranslationFilter;
    }

    @Bean
    public Filter logoutFilter() {
        SecurityContextLogoutHandler logoutHandler = new SecurityContextLogoutHandler();
        logoutHandler.setInvalidateHttpSession(false);
        LogoutFilter logoutFilter = new LogoutFilter(applicationUrl("/"), logoutHandler);
        logoutFilter.setFilterProcessesUrl(applicationUrl("/logout"));
        return logoutFilter;
    }