Examples of org.apache.shiro.subject.Subject.logout()

org.apache.shiro.subject.Subject.logout()
Logs out this Subject and invalidates and/or removes any associated entities, such as a {@link Session Session} and authorization data. After this method is called, the Subject isconsidered 'anonymous' and may continue to be used for another log-in if desired.
Web Environment Warning
Calling this method in web environments will usually remove any associated session cookie as part of session invalidation. Because cookies are part of the HTTP header, and headers can only be set before the response body (html, image, etc) is sent, this method in web environments must be called before any content has been rendered.
The typical approach most applications use in this scenario is to redirect the user to a different location (e.g. home page) immediately after calling this method. This is an effect of the HTTP protocol itself and not a reflection of Shiro's implementation.
Non-HTTP environments may of course use a logged-out subject for login again if desired.

    public void logout() {
        Subject subject = ThreadContext.getSubject();
        if (subject == null) {
            return;
        }
        subject.logout();
    }


    @Override
    public Object getAuthenticatedPrincipal() {
        Subject subject = ThreadContext.getSubject();

View Full Code Here

        Subject newsubject = new Subject.Builder().buildSubject();
        newsubject.login(new RootAuthenticationToken());
        try {
            return newsubject.execute(contextAwareCallable);
        } finally {
            newsubject.logout();
        }
    }


    /**
     * wraps an existing ExecutorService to handle context- and security-related threadlocal variables

View Full Code Here

        Subject newsubject = new Subject.Builder().buildSubject();
        newsubject.login(new RootAuthenticationToken());
        try {
            newsubject.execute(contextAwaretask);
        } finally {
            newsubject.logout();
        }
    }


    /**
     * Wrap the given executor so that it takes authentication-information and context are inherited to tasks when they

View Full Code Here

    setResponsePage(pageClass);


    // this should remove the cookie and invalidate session
    final Subject subject = SecurityUtils.getSubject();
    LOG.info("logout: " + subject);
    subject.logout();
    
    return;
  }

View Full Code Here

    setStatelessHint(true);


    // this should remove the cookie and invalidate session
    final Subject subject = SecurityUtils.getSubject();
    LOG.info("logout: " + subject);
    subject.logout();


    final WebMarkupContainer redirect = new WebMarkupContainer("redirect");
    final String content = waitBeforeRedirectInSeconds + ";URL=" + url;
    redirect.add(new AttributeModifier("content", new Model<String>(content)));
    add(redirect);

View Full Code Here

  private static Logger log = LoggerFactory.getLogger(LogOutServlet.class);
  
  protected void doGet(HttpServletRequest request, HttpServletResponse response) {
    Subject currentUser = SecurityUtils.getSubject();
    if (currentUser.isAuthenticated()) {
      currentUser.logout();
    }
    
    String redirect = request.getContextPath();
    if (redirect.isEmpty()) redirect = "/";

View Full Code Here

  private static Logger log = LoggerFactory.getLogger(LogOutServlet.class);
  
  protected void doGet(HttpServletRequest request, HttpServletResponse response) {
    Subject currentUser = SecurityUtils.getSubject();
    if (currentUser.isAuthenticated()) {
      currentUser.logout();
    }
    
    String redirect = request.getContextPath();
    if (redirect.isEmpty()) redirect = "/";

View Full Code Here

    Subject subject = getSubject(request, response);
    String redirectUrl = getRealRedirectUrl(request, subject);
    //try/catch added for SHIRO-298:
    try {
      if (subject != null && subject.getPrincipal() != null) {
        subject.logout();
      }
    } catch (SessionException ise) {
      log.debug("Encountered session exception during logout.  This can generally safely be ignored.", ise);
    }
    if (ThreadLocalUtil.isJson()) {

View Full Code Here

    setResponsePage( pageClass );


    // this should remove the cookie...
    Subject subject = SecurityUtils.getSubject();
    log.info( "logout: "+subject );
    subject.logout();
    Session.get().invalidateNow(); // invalidate the wicket session
    return;
  }


  public LogoutPage( Class<? extends Page> pageClass ) {

View Full Code Here

    this.setStatelessHint( true );


    // this should remove the cookie...
    Subject subject = SecurityUtils.getSubject();
    log.info( "logout: "+subject );
    subject.logout();


    final WebMarkupContainer redirect = new WebMarkupContainer("redirect");
    final String content = waitBeforeRedirectInSeconds + ";URL=" + url;
    redirect.add(new AttributeModifier("content", new Model<String>(content)));
    add(redirect);

View Full Code Here

0 1 2 3 4 5 6 7

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.

Examples of org.apache.shiro.subject.Subject.logout()

Web Environment Warning