From a1cccbd2dc83ab083428bcfd57ca2d86649c0c8e Mon Sep 17 00:00:00 2001
From: Zhenlei Huang <zlei.huang@gmail.com>
Date: Mon, 2 Jul 2018 16:05:07 +0800
Subject: [PATCH] JENKINS-52306 Improve SSO logout, continuous fix for
 JENKINS-11507

---
 .../java/de/theit/jenkins/crowd/CrowdServletFilter.java  | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/main/java/de/theit/jenkins/crowd/CrowdServletFilter.java b/src/main/java/de/theit/jenkins/crowd/CrowdServletFilter.java
index 9984302f..7b69d107 100644
--- a/src/main/java/de/theit/jenkins/crowd/CrowdServletFilter.java
+++ b/src/main/java/de/theit/jenkins/crowd/CrowdServletFilter.java
@@ -178,6 +178,15 @@ public void doFilter(ServletRequest request, ServletResponse response,
                         if (null != auth) {
                             LOG.log(Level.FINE, "User successfully logged in");
                             sc.setAuthentication(auth);
+                        } else { // Auto login failed.
+                            if (LOG.isLoggable(Level.FINE)) {
+                                LOG.fine("User failed to log in");
+                            }
+                            HttpSession session = req.getSession(false);
+                            if (session != null) {
+                                session.invalidate();
+                            }
+                            SecurityContextHolder.clearContext();
                         }
                     }
                 }