<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class=""><br class=""></div><div class="">Spring typically registers any beans implementing HttpSessionListener with the servlet container. This may be an application server specific issue. What application server are you using?</div><div class=""><br class=""></div><br class=""><div class="">
<div class="">Scott Rossillo</div><div class="">Smartling | Senior Software Engineer</div><div class=""><a href="mailto:srossillo@smartling.com" class="">srossillo@smartling.com</a></div><div class=""><br class=""></div><div class=""><span style="color: rgb(169, 169, 169); font-family: gesta, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20px; widows: 1; background-color: rgb(255, 255, 255);" class=""></span><div id="watermark" style="box-sizing: border-box; color: rgb(169, 169, 169); font-family: gesta, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 20px; widows: 1; background-color: rgb(255, 255, 255);" class=""><a href="http://www.sigstr.com/" style="box-sizing: border-box; color: rgb(0, 124, 194); text-decoration: none; background-color: transparent; outline: 0px !important;" class=""><img alt="Powered by Sigstr" border="0" src="https://app.sigstr.com/uc/55e5d41c6533390d03580000/watermark" style="box-sizing: border-box; border: 0px; vertical-align: top; max-width: 100%; height: auto; width: inherit; color: rgb(99, 99, 99); font-family: Helvetica; font-size: 11px;" class=""></a></div></div>
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On Dec 16, 2015, at 6:40 AM, Andy Yar <<a href="mailto:andyyar66@gmail.com" class="">andyyar66@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class=""><div class=""><div class="">Hello,<br class=""></div>I'm using 1.7.0 final integrated with
Spring Security (which itself is integrated into Grails) using OpenID
Connect method. I've been kind of stuck with single (back-channel,
k_logout) logout for a while.<br class=""><br class="">It seems it's handled by the
preAuthActions filter which simply invalidates local sessions via a call
to an injected HttpSessionManager. This manager stores active sessions
in its instance and puts/removes them as a reaction on HttpSessionEvent.<br class=""><br class="">It
looks like the HttpSessionManager has to be registered as JEE Listener
in order to receive HttpSessionEvents. However, then you end up with two
different instances - the listener and the bean in preAuthActions. Thus
invalidation process can't reach the sessions stored in listener's
instance and can't invalidate them at all.<br class=""><br class=""></div>A big sorry if I miss something very obvious.<div class=""><div id=":ax" class="" tabindex="0"><img class="" src="https://ssl.gstatic.com/ui/v1/icons/mail/images/cleardot.gif"><br class=""></div><div id=":ax" class="" tabindex="0">Andy<br class=""></div></div></div></div>
_______________________________________________<br class="">keycloak-user mailing list<br class=""><a href="mailto:keycloak-user@lists.jboss.org" class="">keycloak-user@lists.jboss.org</a><br class="">https://lists.jboss.org/mailman/listinfo/keycloak-user</div></blockquote></div><br class=""></body></html>