Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1554: Logout event should be fired #1795

spring-issuemaster opened this Issue Sep 2, 2010 · 3 comments


None yet
1 participant

Alex (Migrated from SEC-1554) said:

I'm using a listener for InteractiveAuthenticationSuccessEvent to handle application logic to do when the user logs in (e.g.: increment his logins), and it would be great to have an equivalent event on logout, for example a InteractiveAuthenticationLogoutEvent.

Now the solution is a little cumbersome and includes developing a custom logoutfilter

Luke Taylor said:

Can you explain the actual use case, please? In most cases a SessionDestroyedEvent would be used since it is more reliable, covering both logouts and the situation where the user forgets to logout and the session expires.

Alex said:

Actually that was exactly what I was looking for, I made a lot of research but I was unable to find any mention of it, even now that I know his existence I'm unable to find a complete example on the web.

Please accept my apology and close the bug as invalid.

Luke Taylor said:

The basic functionality is provided by the servlet spec - you can add a listener in your web.xml which will allow you to detect sesson-related events. Spring Security has a class called HttpSessionEventPublisher which translates these events into ApplicationContext events.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M2 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment