Update logout.adoc

typos Signed-off-by: Juha-1 <52188855+Juha-1@users.noreply.github.com>
10 months ago · 19a5a9c970
1 changed files with 2 additions and 2 deletions
--- a/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc
@ -242,7 +242,7 @@ This means that it will only terminate sessions whose Client matches the `aud` c
				@@ -242,7 +242,7 @@ This means that it will only terminate sessions whose Client matches the `aud` c
 One notable part of this architecture's implementation is that it propagates the incoming back-channel request internally for each corresponding session.
 Initially, this may seem unnecessary.
 However, recall that the Servlet API does not give direct access to the `HttpSession` store.
-By making an internal logout call, the corresponding session can now be validated.
+By making an internal logout call, the corresponding session can now be invalidated.

 Additionally, forging a logout call internally allows for each set of ``LogoutHandler``s to be run against that session and corresponding `SecurityContext`.

@ -299,7 +299,7 @@ Java::
				@@ -299,7 +299,7 @@ Java::
 [source=java,role="primary"]
 ----
@Bean
-OidcBackChannelLogoutHandler oidcLogoutHandler(OidcSessionRegistry sessionRegistry) {
+OidcBackChannelLogoutHandler oidcLogoutHandler(OidcSessionRegistry oidcSessionRegistry) {
    OidcBackChannelLogoutHandler logoutHandler = new OidcBackChannelLogoutHandler(oidcSessionRegistry);
    logoutHandler.setSessionCookieName("SESSION");
    return logoutHandler;