Hi,
I had handled this using a servlet [LogoutServlet]. This website I am working is a multi lingual one and the user should remain on the same page where logout is called.
So while generating the logout link I add one selector to the logout url so that LogoutServlet can pick that request.
e.g. http://<server>/en/home.logout.html?resource=%2Fen%2Fhome.logout.html
The "resource" query parameter is used the the SlingAuthenticator for redirecting the user after logout. I have some other requirements as well and code for which I have removed here.
Now here is the minimal LogoutServlet that could work for you.
/** * This servlet calls the SlingAuthenticator's logout method which deletes the * login-token cookie and ultimately logout the user. * * @author Rakesh.Kumar * */ @SlingServlet(description = "This servlet calls the SlingAuthenticator's logout method.", resourceTypes = { "sling:resourceType of the page you are on" }, selectors = { "logout" }, extensions = { "html" }, methods = { HttpConstants.METHOD_GET }) public class LogoutServlet extends SlingSafeMethodsServlet { /** * serialVersionUID for this class. */ private static final long serialVersionUID = 2948831032750262626L; /** * SlingAuthenticator reference Injected by the OSGi system. */ @Reference private Authenticator slingAuthenticator; /** * HTTP GET implementation for calling SlingAuthenticator's logout method . * * @param request * {@link SlingHttpServletRequest} * @param response * {@link SlingHttpServletResponse} */ @Override protected void doGet(final SlingHttpServletRequest request, final SlingHttpServletResponse response) throws ServletException, IOException { this.slingAuthenticator.logout(request, response); // May be some handling for moving from HTTPS to HTTP } }Hope this helps,
Rakesh
