Invalidating session in spring
But with all our cookie lifecycle and session management being performed by Spring, it would be easy to let Spring manage the logout flow too.Accordingly I created a simple signout page and named it "out.html" The next step would be to tell Spring that on logout, my new HTML page should be displayed.For multiple cookies provided a comma separated list.
We have seen how to configure login behavior for our application.
How to let Spring manage authentication, session creation, authorization etc. A normal logout would involve releasing any resources, destroying sessions etc - and a logout page.
In a default servlet environment this is unnoticed since the Http Session is stored in memory.
This means the set Authentication(null)) updates the object in Http Session.
We have specified here that when the logout action completes, the user should be redirected to Well you could put a sign out link on your page yes, but what should the URL be ?