Why aren't you clearing SecurityContext
andsamp opened this issue · 1 comments
andsamp commented
The last thing you do in JwtAuthorizationTokenFilter
is call chain.doFilter(request, response)
. I'm curious to know why you aren't calling SecurityContext.clearContext()
or the context.setAuthentication(null) I
've seen in other examples?
Is the sessionCreationPolicy
effectively taking care of that?
szerhusenBC commented
Closed, because I published a complete new version.