szerhusenBC/jwt-spring-security-demo

Why aren't you clearing SecurityContext

andsamp opened this issue · 1 comments

The last thing you do in JwtAuthorizationTokenFilter is call chain.doFilter(request, response). I'm curious to know why you aren't calling SecurityContext.clearContext() or the context.setAuthentication(null) I've seen in other examples?

Is the sessionCreationPolicy effectively taking care of that?

Closed, because I published a complete new version.