Expand my Community achievements bar.

SOLVED

Logout functionality in Publish

Avatar

Level 1
Level 1
10/5/21 6:40:13 AM

Calling "/system/sling/logout" clears jackrabbit repo token, which can be validated in "/system/console/tokenmgr". But what is the way to implement this programmatically, without calling the redirect to "/system/sling/logout", since I need to do more processing, namely redirect the user to the proper page after logging out.

Tried injecting org.apache.sling.api.auth.Authenticator and calling logout - that did not drop CRX login token. Also tried calling javax.jcr.Session.logout() - this did not clear repo token either.

 

Thanks in advance!

Views

1.3K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
10/7/21 9:41:26 AM

Hi,

You can do logout similar to

@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
  private volatile Authenticator authenticator;

doLogout(){
// Logout AEM session
      removeAllSessionCookies(request, response);
      final org.apache.sling.api.auth.Authenticator currentThreadAuthenticator = this.authenticator;
      if (currentThreadAuthenticator != null) {
        String postLogoutRedirectUrl = /custom-logout-page.html;
          org.apache.sling.auth.core.AuthUtil.setLoginResourceAttribute(request, postLogoutRedirectUrl);
          currentThreadAuthenticator.logout(request, response);
      }
}

The above code is just for reference, you have to handle errors if you is it for production



Arun Patidar

View solution in original post

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Community Advisor
Community Advisor
10/5/21 11:16:31 AM

@parabellumium have you tried resource query parameter which will redirect to target page after performing login/logout functionality. It works for both login and logout pages.

 

{aemdomain}/system/sling/logout.html?resource=/abcd.html

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
10/7/21 5:10:43 AM

@parabellumium 

Cookies play a important role to maintain the login session. So in case for AEM ( Author or Publisher) you can simply remove the "login-token" which makes user logout.

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
10/7/21 9:41:26 AM

Hi,

You can do logout similar to

@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
  private volatile Authenticator authenticator;

doLogout(){
// Logout AEM session
      removeAllSessionCookies(request, response);
      final org.apache.sling.api.auth.Authenticator currentThreadAuthenticator = this.authenticator;
      if (currentThreadAuthenticator != null) {
        String postLogoutRedirectUrl = /custom-logout-page.html;
          org.apache.sling.auth.core.AuthUtil.setLoginResourceAttribute(request, postLogoutRedirectUrl);
          currentThreadAuthenticator.logout(request, response);
      }
}

The above code is just for reference, you have to handle errors if you is it for production



Arun Patidar

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
The dynamic table previews correctly in HTML, but when converted to PDF, the page is cut off.

Views

52

Likes

0

Replies

0
How to Render the different version of Header for Specific Pages Using Experience Fragments in AEM?

Views

98

Likes

0

Replies

3
How to fix "Cannot read properties of undefined (reading 'registerLayer')" in Authoring?

Views

416

Likes

0

Replies

2
How to skip childnode in rollout

Views

95

Likes

0

Replies

5
How to customize paraformat plugin in aem

Views

113

Likes

0

Replies

3