How to force a programmatic logout using Grails / Spring Security Core?

4
votes

How can i force a programmatic logout for a logged in user using Spring Security Core? I do not want to redirect to the logout page etc.. but need to do it in a service.

2
grailsspring-security

2 Answers

5
votes

This is another approach. I get the logout handlers from bean "logoutHandlers" and do logout in each one of then: 

def logoutHandlers
def logout(request,response) {
    Authentication auth = SecurityContextHolder.context.authentication
    if (auth) {
        logoutHandlers.each  { handler->
            handler.logout(request,response,auth)
        }
    }

}
0
votes

I used the following code to achieve my goal:

Authentication auth = SecurityContextHolder.context.authentication
new SecurityContextLogoutHandler().logout(request, response, auth);
new PersistentTokenBasedRememberMeServices().logout(request, response, auth);