hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-07 18:14:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Invalidate authorization cookie on logout

Browse Source
This commit is contained in:
Giuseppe Digilio
2020-01-09 16:29:55 +01:00
parent bbfc373bdc
commit bf1e9780d4
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/JWTTokenRestAuthenticationServiceImpl.java
View File

@@ -113,6 +113,7 @@ public class JWTTokenRestAuthenticationServiceImpl implements RestAuthentication
String token = getToken(request); String token = getToken(request);
Cookie cookie = new Cookie(AUTHORIZATION_COOKIE, ""); Cookie cookie = new Cookie(AUTHORIZATION_COOKIE, "");
cookie.setHttpOnly(true); cookie.setHttpOnly(true);
cookie.setMaxAge(0);
response.addCookie(cookie); response.addCookie(cookie);
jwtTokenHandler.invalidateToken(token, request, context); jwtTokenHandler.invalidateToken(token, request, context);
} }