Skip to content

Logout configuration

Jump to bottom Edit New page
LELEU Jérôme edited this page Nov 14, 2018 · 3 revisions

The LogoutFilter can handle:

  • the local logout by removing the pac4j profiles from the session (it can be used for the front-channel logout from the identity provider in case of a central logout)
  • the central logout by calling the identity provider logout endpoint.

It has the following behaviour:

  1. If the localLogout property is true, the pac4j profiles are removed from the web session (and the web session is destroyed if the destroySession property is true)

  2. A post logout action is computed as the redirection to the url request parameter if it matches the logoutUrlPattern or to the defaultUrl if it is defined or as a blank page otherwise

  3. If the centralLogout property is true, the user is redirected to the identity provider for a central logout and then optionally to the post logout redirection URL (if it's supported by the identity provider and if it's an absolute URL). If no central logout is defined, the post logout action is performed directly.

The following parameters are available:

  1. defaultUrl (optional): the default logout url if no url request parameter is provided or if the url does not match the logoutUrlPattern (not defined by default)

  2. logoutUrlPattern (optional): the logout url pattern that the url parameter must match (only relative urls are allowed by default)

  3. localLogout (optional): whether a local logout must be performed (true by default)

  4. destroySession (optional): whether we must destroy the web session during the local logout (false by default)

  5. centralLogout (optional): whether a central logout must be performed (false by default).

Example:

get("/logout", new LogoutRoute(config, "/?defaulturlafterlogout"));
Add a custom footer
Add a custom sidebar
Clone this wiki locally