@Override public void handleRequest(HttpServerExchange exchange) throws Exception { final SecurityContext securityContext = (SecurityContext)exchange.getSecurityContext(); final Session currentSession = securityContext.getCurrentSession(); securityConfiguration.getSessionStore().invalidateSession( currentSession ); securityContext.setCurrentSession( null ); if ( securityContext.authenticate() && !exchange.isResponseStarted() ) BodyResponseSender .response( exchange,200, "plain/text","AUTHENTICATED" ); } }