Example 1 with SamlSingleLogout
use of org.maxkey.authz.singlelogout.SamlSingleLogout in project MaxKey by dromara.
the class LogoutEndpoint method logoutModelAndView.
private ModelAndView logoutModelAndView(HttpServletRequest request, HttpServletResponse response, String viewName, String reLoginUrl) {
ModelAndView modelAndView = new ModelAndView();
authenticationRealm.logout(response);
if (reLoginUrl == null || reLoginUrl.equals("")) {
SavedRequest firstSavedRequest = (SavedRequest) WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
reLoginUrl = "/login";
if (firstSavedRequest != null) {
reLoginUrl = firstSavedRequest.getRedirectUrl();
WebContext.removeAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
}
}
// not start with http or https
if (reLoginUrl != null && !reLoginUrl.toLowerCase().startsWith("http")) {
if (reLoginUrl.startsWith("/")) {
reLoginUrl = request.getContextPath() + reLoginUrl;
} else {
reLoginUrl = request.getContextPath() + "/" + reLoginUrl;
}
}
_logger.debug("re Login URL : " + reLoginUrl);
modelAndView.addObject("reloginUrl", reLoginUrl);
// if logined in have onlineTicket ,need remove or logout back
if (WebContext.getAuthentication() != null) {
String onlineTicketId = ((SigninPrincipal) WebContext.getAuthentication().getPrincipal()).getOnlineTicket().getTicketId();
OnlineTicket onlineTicket = onlineTicketServices.get(onlineTicketId);
if (onlineTicket != null) {
Set<Entry<String, Apps>> entrySet = onlineTicket.getAuthorizedApps().entrySet();
Iterator<Entry<String, Apps>> iterator = entrySet.iterator();
while (iterator.hasNext()) {
Entry<String, Apps> mapEntry = iterator.next();
_logger.debug("App Id : " + mapEntry.getKey() + " , " + mapEntry.getValue());
if (mapEntry.getValue().getLogoutType() == LogoutType.BACK_CHANNEL) {
SingleLogout singleLogout;
if (mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)) {
singleLogout = new SamlSingleLogout();
} else {
singleLogout = new DefaultSingleLogout();
}
singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue());
}
}
onlineTicketServices.remove(onlineTicketId);
}
}
// remove ONLINE_TICKET cookie
WebContext.expiryCookie(WebContext.getResponse(), this.applicationConfig.getBaseDomainName(), WebConstants.ONLINE_TICKET_NAME, UUID.randomUUID().toString());
request.getSession().invalidate();
// for(String removeAttribute : WebContext.logoutAttributeNameList) {
// request.getSession().removeAttribute(removeAttribute);
// }
SecurityContextHolder.clearContext();
modelAndView.setViewName(viewName);
return modelAndView;
}
Also used :
Entry(java.util.Map.Entry)
OnlineTicket(org.maxkey.authn.online.OnlineTicket)
ModelAndView(org.springframework.web.servlet.ModelAndView)
DefaultSingleLogout(org.maxkey.authz.singlelogout.DefaultSingleLogout)
SamlSingleLogout(org.maxkey.authz.singlelogout.SamlSingleLogout)
SingleLogout(org.maxkey.authz.singlelogout.SingleLogout)
DefaultSingleLogout(org.maxkey.authz.singlelogout.DefaultSingleLogout)
Apps(org.maxkey.entity.apps.Apps)
SamlSingleLogout(org.maxkey.authz.singlelogout.SamlSingleLogout)
SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)
Aggregations
Entry (java.util.Map.Entry)1
OnlineTicket (org.maxkey.authn.online.OnlineTicket)1
DefaultSingleLogout (org.maxkey.authz.singlelogout.DefaultSingleLogout)1
SamlSingleLogout (org.maxkey.authz.singlelogout.SamlSingleLogout)1
SingleLogout (org.maxkey.authz.singlelogout.SingleLogout)1
Apps (org.maxkey.entity.apps.Apps)1
SavedRequest (org.springframework.security.web.savedrequest.SavedRequest)1
ModelAndView (org.springframework.web.servlet.ModelAndView)1
