public abstract class ADFServletAuthenticator
extends java.lang.Object
Constructor and Description |
---|
ADFServletAuthenticator() |
Modifier and Type | Method and Description |
---|---|
protected abstract void |
internalLogout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
boolean cleanSession) |
static void |
logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
boolean cleanSession)
This api logs the user out and invalidates the session for the current user if
cleanSession
is set to true . |
public static void logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, boolean cleanSession)
cleanSession
is set to true
. Note that cleanSession
flag set to true
is honored
only for Weblogic. Should the session need to be invalidated for other containers, invoke
HttpSession.invalidate()
after logging the user out.
After logging the user out, current JEE user (HttpServletRequest.getRemoteUser()
)
and the runAs subject of the current thread is or is not cleared. This is application server dependent.
Current JEE user and runAs subject will be cleared when the http client (for example, the browser)
visits the web application next time.
request
- the Http servlet requestresponse
- the Http servlet responsecleanSession
- set to true to indicate that the sessions for the current user needs to be invalidated,
false other wise. This flag is currently only used by weblogic application server, for
other application servers, it is always false
protected abstract void internalLogout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, boolean cleanSession)