Hello All...
I am new to Spring Web MVC..
Can I get some example or online link that shows me how to implement logout feature using spring web mvc ?
I don't want to use the in built feature of spring security (i.e. ACEGI)..
Thanks in advance...
+4
A:
You only have to invalidate the session and the user is logged out. This is directly supported by the servlet api: HttpSession.invalidate(). You can write one controller that does only call invalidate.
class Logout implements Controller{
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response){
ModelAndView view = //?;
request.getSession().invalidate();
return view;
}
}
Thomas Jung
2009-11-18 10:48:01
but this way, still my sample URL will display the pages after logout..
Nirmal
2009-11-18 11:05:01
You can check with getSession (http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html#getSession%28boolean%29) if a session is still active. Or you look after your authentication information in the session. You have to do this in an interceptor or every controller.
Thomas Jung
2009-11-18 11:53:01
You may also need to clear any cookies you may have set in order to support "remember me" functionality. Otherwise you'll log right back in the next time you visit the site.
David
2009-11-18 15:32:46