[Java EE][Security] - Understanding Security Realms - Logout

本文介绍了在容器级别管理的不安全会话领域的会话管理机制,并详细解释了两种注销操作的方法:一是针对单一应用程序的会话注销,二是涉及多个共享会话的应用程序注销过程。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

In security realms session is managed on container level, and it's transparent to application. The logout operation to an application is application tell container to clean out according session.

1. Logout single application (single session)

    session.invalidate();

2. Logout application which shares session with other applications (WebLogic)

public static boolean logout(HttpServletRequest req)
This "logs out" the user in the session by removing the pertinent data from the sessions the user has logged into and also from the webserver, without losing other session data.
Parameters:
req - HttpServletRequest
invalidateAll

public static boolean invalidateAll(HttpServletRequest req)
Invalidate all the sessions for the current user only (ie. current cookie) and since the cookie is no more required, kill the cookie too.
Parameters:
req - HttpServletRequest
killCookie

public static void killCookie(HttpServletRequest req)
Kills the current cookie
Parameters:
req - HttpServletRequest which contains the session



评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值