@RequestMapping("logout.form") public String logoutUser( ModelMap model, HttpSession session, HttpServletRequest request, HttpServletResponse response) { try { Context.logout(); session.removeAttribute(WebConstants.OPENMRS_USER_CONTEXT_HTTPSESSION_ATTR); session.setAttribute(WebConstants.OPENMRS_MSG_ATTR, "auth.logged.out"); session.setAttribute( WebConstants.OPENMRS_LOGIN_REDIRECT_HTTPSESSION_ATTR, request.getContextPath()); session.invalidate(); return "redirect:login.form"; } catch (Exception e) { // TODO log.error("Uexpected auth error", e); } return "redirect:login.form"; }
/** * @verifies return unauthorized if not logged in * @see BaseRestController#apiAuthenticationExceptionHandler(Exception, * javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Test public void apiAuthenticationExceptionHandler_shouldReturnUnauthorizedIfNotLoggedIn() throws Exception { Context.logout(); controller.apiAuthenticationExceptionHandler( new APIAuthenticationException(), request, response); assertThat(response.getStatus(), is(HttpServletResponse.SC_UNAUTHORIZED)); }
/** * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) */ @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession httpSession = request.getSession(); Context.logout(); response.sendRedirect(request.getContextPath() + "/index.htm?noredirect=true"); // clears attributes and makes sure that no one can access this session httpSession.invalidate(); }
public void logout() { Context.logout(); }