I use Spring Data REST and Spring Security in my project. AM using Persistent Token Based. Remember that Spring security services are stored in all registered users, and I'm trying to invalidate the session and remove data from the repository and cookie for the request programmatically. I tried the following code, but worked only for this request, and again, if another request is raised, it becomes authenticated again. How to remove cookies from the database and browser after canceling the session.
Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth != null){ new SecurityContextLogoutHandler().logout(request, response, auth); new PersistentTokenBasedRememberMeServices().logout(request, response, auth); } SecurityContextHolder.getContext().setAuthentication(null);
Is it possible to cancel and delete a session that uses PersistentTokenBasedRememberme services for Spring security? Should I use anything else to delete the cookie or something else?
source share