Package jakarta.security.enterprise.authentication.mechanism.http.openid

Annotation Interface LogoutDefinition

@Retention(RUNTIME)
public @interface LogoutDefinition

LogoutDefinition annotation defines logout and RP session management configuration in openid connect client.

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element	Description
boolean	accessTokenExpiry	Session timeout on the expiry of Access Token.
String	accessTokenExpiryExpression	Allow the session timeout definition using a Jakarta Expression Language expression.
boolean	identityTokenExpiry	Session timeout on the expiry of Identity Token.
String	identityTokenExpiryExpression	Allow the session timeout using the Jakarta Expression Language expression.
boolean	notifyProvider	Optional.
String	notifyProviderExpression	Optional.
String	redirectURI	Optional.

Element Details

notifyProvider

boolean notifyProvider

Optional. Notify the OIDC provider (OP) that the user has logged out of the application and might want to log out of the OP as well. If true then after having logged out the user from RP, redirects the End-User's User Agent to the OP's logout endpoint URL. This URL is normally obtained via the end_session_endpoint element of the OP's metadata or can be customized via OpenIdProviderMetadata#endSessionEndpoint.

Returns:

true when OIDC provider is notified of logout.

Default:

false

notifyProviderExpression

String notifyProviderExpression

Optional. Allows the OIDC provider (OP) notification that the user has logged using the Jakarta Expression Language expression. If set, overrides the value set by notifyProvider.

Default:

""

redirectURI

String redirectURI

Optional. The post logout redirect URI to which the RP is requesting that the End-User's User Agent be redirected after a logout has been performed. If redirect URI is empty then redirect to OpenID connect provider authorization_endpoint for re-authentication. *

Returns:

URL after logout is performed on the client.

Default:

""

accessTokenExpiry

boolean accessTokenExpiry

Session timeout on the expiry of Access Token.

Returns:

Default:

false

accessTokenExpiryExpression

String accessTokenExpiryExpression

Allow the session timeout definition using a Jakarta Expression Language expression. If set, overrides the value defined with accessTokenExpiry.

Returns:

Default:

""

identityTokenExpiry

boolean identityTokenExpiry

Session timeout on the expiry of Identity Token.

Returns:

Default:

false

identityTokenExpiryExpression

String identityTokenExpiryExpression

Allow the session timeout using the Jakarta Expression Language expression. If set, overrides the identityTokenExpiry value.

Returns:

Default:

""