From 6b96d8ba8330dff9b25cb3e00c75c6ea20134ca8 Mon Sep 17 00:00:00 2001 From: Alexander Alexeev Date: Wed, 5 Apr 2017 19:14:12 +0700 Subject: remove old cookies on logout --- .../main/java/com/juick/www/configuration/WebSecurityConfig.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'juick-www/src/main/java/com/juick/www/configuration') diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java index d3aa9e81..dde67aa1 100644 --- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java +++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java @@ -55,7 +55,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .and() .sessionManagement().invalidSessionUrl("/") .and() - .logout().invalidateHttpSession(true).logoutUrl("/logout").logoutSuccessUrl("/login?logout") + .logout() + .invalidateHttpSession(true) + .logoutUrl("/logout") + .logoutSuccessUrl("/login?logout") + .deleteCookies("hash", "remember-me") .and() .formLogin() .loginPage("/login") -- cgit v1.2.3