Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Logout functionality in Publish

Avatar

Level 1
Level 1
10/5/21 6:40:13 AM

Calling "/system/sling/logout" clears jackrabbit repo token, which can be validated in "/system/console/tokenmgr". But what is the way to implement this programmatically, without calling the redirect to "/system/sling/logout", since I need to do more processing, namely redirect the user to the proper page after logging out.

Tried injecting org.apache.sling.api.auth.Authenticator and calling logout - that did not drop CRX login token. Also tried calling javax.jcr.Session.logout() - this did not clear repo token either.

 

Thanks in advance!

Views

1.3K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
10/7/21 9:41:26 AM

Hi,

You can do logout similar to

@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
  private volatile Authenticator authenticator;

doLogout(){
// Logout AEM session
      removeAllSessionCookies(request, response);
      final org.apache.sling.api.auth.Authenticator currentThreadAuthenticator = this.authenticator;
      if (currentThreadAuthenticator != null) {
        String postLogoutRedirectUrl = /custom-logout-page.html;
          org.apache.sling.auth.core.AuthUtil.setLoginResourceAttribute(request, postLogoutRedirectUrl);
          currentThreadAuthenticator.logout(request, response);
      }
}

The above code is just for reference, you have to handle errors if you is it for production



Arun Patidar

View solution in original post

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Community Advisor
Community Advisor
10/5/21 11:16:31 AM

@parabellumium have you tried resource query parameter which will redirect to target page after performing login/logout functionality. It works for both login and logout pages.

 

{aemdomain}/system/sling/logout.html?resource=/abcd.html

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
10/7/21 5:10:43 AM

@parabellumium 

Cookies play a important role to maintain the login session. So in case for AEM ( Author or Publisher) you can simply remove the "login-token" which makes user logout.

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
10/7/21 9:41:26 AM

Hi,

You can do logout similar to

@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
  private volatile Authenticator authenticator;

doLogout(){
// Logout AEM session
      removeAllSessionCookies(request, response);
      final org.apache.sling.api.auth.Authenticator currentThreadAuthenticator = this.authenticator;
      if (currentThreadAuthenticator != null) {
        String postLogoutRedirectUrl = /custom-logout-page.html;
          org.apache.sling.auth.core.AuthUtil.setLoginResourceAttribute(request, postLogoutRedirectUrl);
          currentThreadAuthenticator.logout(request, response);
      }
}

The above code is just for reference, you have to handle errors if you is it for production



Arun Patidar

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Reading excel using apache poi in maven project

Views

39

Likes

0

Replies

0
How to restrict number of items that can be added in carousel?

Views

51

Likes

0

Replies

2
How to mask the image in AEM?

Views

79

Likes

0

Replies

2
Pipeline-free URL Redirects is not working in AEM Cloud Dispatcher

Views

126

Likes

0

Replies

5
[AEM6.5]Add custom JS functionality to OOB ACS Commons Notification.

Views

139

Likes

0

Replies

4