override remote logout url

apps/dnet-orgs-database-application/src/main/java/eu/dnetlib/organizations/OAuth2WebSecurityConfig.java

@@ -46,6 +46,9 @@ public class OAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter {
 	@Value("${openaire.api.valid.subnet}")
 	private String openaireApiValidSubnet;
 
+	@Value("${openaire.override.logout.url}")
+	private String openaireLogoutUrl;
+
 	private static Logger logger = LoggerFactory.getLogger(OAuth2WebSecurityConfig.class);
 
 	@Override
@@ -69,6 +72,9 @@ public class OAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter {
 			.and()
 			.logout()
 			.logoutSuccessHandler(oidcLogoutSuccessHandler())
+			.invalidateHttpSession(true)
+			.clearAuthentication(true)
+			.deleteCookies("JSESSIONID")
 			.and()
 			.oauth2Login(oauth2 -> oauth2.userInfoEndpoint(userInfo -> userInfo.oidcUserService(this.oidcUserService())));
 	}
@@ -95,7 +101,17 @@ public class OAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter {
 		// NB:
 		// The same URL must be configured server side:
 		// Manage Clients > Edit Client > Other > Post-Logout Redirect
+
 		handler.setPostLogoutRedirectUri("{baseUrl}");
+		handler.setRedirectStrategy((req, res, url) -> {
+			if (StringUtils.isNotBlank(openaireLogoutUrl)) {
+				logger.info("Performing remote logout: " + openaireLogoutUrl);
+				res.sendRedirect(openaireLogoutUrl);
+			} else {
+				logger.info("Performing remote logout: " + url);
+				res.sendRedirect(url);
+			}
+		});
 		return handler;
 
 	}

apps/dnet-orgs-database-application/src/main/resources/application.properties

@@ -3,20 +3,20 @@ server.port=8480
 #spring.profiles.active=dev
 
 spring.main.banner-mode = off
+
 logging.level.root      = INFO
+#logging.level.org.springframework = DEBUG
 
 spring.datasource.url=jdbc:postgresql://localhost:5432/oa_organizations
 spring.datasource.username=oa_organizations
 spring.datasource.password=
 
-spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.PostgreSQLDialect
-
 # Hibernate ddl auto (create, create-drop, validate, update)
 spring.jpa.hibernate.ddl-auto = validate
+spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.PostgreSQLDialect
 spring.jpa.properties.hibernate.hbm2dll.extra_physical_table_types = MATERIALIZED VIEW
 spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
 spring.jpa.open-in-view=true
-
 spring.jpa.properties.hibernate.show_sql=false
 spring.jpa.properties.hibernate.use_sql_comments=false
 spring.jpa.properties.hibernate.format_sql=false
@@ -36,3 +36,5 @@ spring.security.oauth2.client.provider.oidc.authorization-uri = http://localhost
 spring.security.oauth2.client.provider.oidc.jwk-set-uri       = http://localhost:8080/openid-connect-server-webapp/jwk
 spring.security.oauth2.client.provider.oidc.token-uri         = http://localhost:8080/openid-connect-server-webapp/token
 spring.security.oauth2.client.provider.oidc.user-info-uri     = http://localhost:8080/openid-connect-server-webapp/userinfo
+
+openaire.override.logout.url =