Module jakarta.security
Annotation Interface LogoutDefinition
LogoutDefinition
annotation defines logout and RP session management
configuration in openid connect client.
Expressions in attributes of type String
are evaluated.
-
Optional Element Summary
Modifier and TypeOptional ElementDescriptionboolean
Session timeout on the expiry of Access Token.Allow the session timeout definition using a Jakarta Expression Language expression.boolean
Session timeout on the expiry of Identity Token.Allow the session timeout using the Jakarta Expression Language expression.boolean
Optional.Optional.Optional.
-
Element Details
-
notifyProvider
boolean notifyProviderOptional. Notify the OIDC provider (OP) that the user has logged out of the application and might want to log out of the OP as well. If true then after having logged out the user from RP, redirects the End-User's User Agent to the OP's logout endpoint URL. This URL is normally obtained via the end_session_endpoint element of the OP's metadata or can be customized viaOpenIdProviderMetadata#endSessionEndpoint
.- Returns:
- true when OIDC provider is notified of logout.
- Default:
false
-
notifyProviderExpression
String notifyProviderExpressionOptional. Allows the OIDC provider (OP) notification that the user has logged using the Jakarta Expression Language expression. If set, overrides the value set by notifyProvider.- Default:
""
-
redirectURI
String redirectURIOptional. The post logout redirect URI to which the RP is requesting that the End-User's User Agent be redirected after a logout has been performed. If redirect URI is empty then redirect to OpenID connect provider authorization_endpoint for re-authentication. *- Returns:
- URL after logout is performed on the client.
- Default:
""
-
accessTokenExpiry
boolean accessTokenExpirySession timeout on the expiry of Access Token.- Returns:
- Default:
false
-
accessTokenExpiryExpression
String accessTokenExpiryExpressionAllow the session timeout definition using a Jakarta Expression Language expression. If set, overrides the value defined with accessTokenExpiry.- Returns:
- Default:
""
-
identityTokenExpiry
boolean identityTokenExpirySession timeout on the expiry of Identity Token.- Returns:
- Default:
false
-
identityTokenExpiryExpression
String identityTokenExpiryExpressionAllow the session timeout using the Jakarta Expression Language expression. If set, overrides the identityTokenExpiry value.- Returns:
- Default:
""
-