Before the Servlet 3.0 specification, the session.invalidate() method was provided to clear out session data and was
frequently used for a programmatic logout.
Starting with the Java EE 6 Servlet 3.0 specification, the HttpServletRequest.logout() method was added to invalidate
the security context.
Use both of these methods to clear the session data and the security context when doing a programmatic logout.
This rule has an automated fix to replace the deprecated method. Copy the custom configuration to your application build file to enable the fix automation.
For more information, see HttpServletRequest.