/** Invalidate authenticated user */ public void signOut() { AuthUser user = getAuthUser(); getSession().clear(); setAuthentication(null); setUserSelectedCriteria(null); super.signOut(); auditService.doAudit( new Audit() .setAuditActionType(AuditActionType.LOGOUT) .setUser(((user != null) ? user.getUser() : null)) .setUserFullName(((user != null) ? user.getUser().getFullName() : "N/A")) .setDate(new Date()) .setSuccess(Boolean.TRUE)); Session.get().replaceSession(); }