java - How do you log out all logged in users in spring-security? -
i want able log out logged in users programmatically. how forcefulness logout users on event?
first define httpsessioneventpublisher in web.xml
<listener> <listener-class>org.springframework.security.web.session.httpsessioneventpublisher</listener-class> </listener> then define <session-management> in spring security.xml file.
now, utilize sessionregistry in controller method invalidate sessions. below code retrieves active sessions.
list<sessioninformation> activesessions = new arraylist<sessioninformation>(); (object principal : sessionregistry.getallprincipals()) { (sessioninformation session : sessionregistry.getallsessions(principal, false)) { activesessions.add(session); } } on each active session, can phone call expirenow() method expire or invalidate them.
java spring authentication spring-security logout
No comments:
Post a Comment