Example 1 with LogoutFilter
use of org.springframework.security.web.authentication.logout.LogoutFilter in project spring-security by spring-projects.
the class LogoutConfigurer method createLogoutFilter.
/**
* Creates the {@link LogoutFilter} using the {@link LogoutHandler} instances, the
* {@link #logoutSuccessHandler(LogoutSuccessHandler)} and the
* {@link #logoutUrl(String)}.
* @param http the builder to use
* @return the {@link LogoutFilter} to use.
*/
private LogoutFilter createLogoutFilter(H http) {
this.logoutHandlers.add(this.contextLogoutHandler);
this.logoutHandlers.add(postProcess(new LogoutSuccessEventPublishingLogoutHandler()));
LogoutHandler[] handlers = this.logoutHandlers.toArray(new LogoutHandler[0]);
LogoutFilter result = new LogoutFilter(getLogoutSuccessHandler(), handlers);
result.setLogoutRequestMatcher(getLogoutRequestMatcher(http));
result = postProcess(result);
return result;
}
Also used :
LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler)
LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler)
SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)
CookieClearingLogoutHandler(org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler)
LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler)
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
Example 2 with LogoutFilter
use of org.springframework.security.web.authentication.logout.LogoutFilter in project spring-security by spring-projects.
the class ServletApiConfigurerTests method checkSecurityContextAwareAndLogoutFilterHasSameSizeAndHasLogoutSuccessEventPublishingLogoutHandler.
@Test
public void checkSecurityContextAwareAndLogoutFilterHasSameSizeAndHasLogoutSuccessEventPublishingLogoutHandler() {
this.spring.register(ServletApiWithLogoutConfig.class);
SecurityContextHolderAwareRequestFilter scaFilter = getFilter(SecurityContextHolderAwareRequestFilter.class);
LogoutFilter logoutFilter = getFilter(LogoutFilter.class);
LogoutHandler lfLogoutHandler = getFieldValue(logoutFilter, "handler");
assertThat(lfLogoutHandler).isInstanceOf(CompositeLogoutHandler.class);
List<LogoutHandler> scaLogoutHandlers = getFieldValue(scaFilter, "logoutHandlers");
List<LogoutHandler> lfLogoutHandlers = getFieldValue(lfLogoutHandler, "logoutHandlers");
assertThat(scaLogoutHandlers).hasSameSizeAs(lfLogoutHandlers);
assertThat(scaLogoutHandlers).hasAtLeastOneElementOfType(LogoutSuccessEventPublishingLogoutHandler.class);
assertThat(lfLogoutHandlers).hasAtLeastOneElementOfType(LogoutSuccessEventPublishingLogoutHandler.class);
}
Also used :
SecurityContextHolderAwareRequestFilter(org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter)
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler)
LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler)
CompositeLogoutHandler(org.springframework.security.web.authentication.logout.CompositeLogoutHandler)
Test(org.junit.jupiter.api.Test)
Example 3 with LogoutFilter
use of org.springframework.security.web.authentication.logout.LogoutFilter in project wombat by PLOS.
the class SpringSecurityConfiguration method requestLogoutFilter.
private LogoutFilter requestLogoutFilter() {
// This filter redirects to the CAS Server to signal Single Logout should be performed
SecurityContextLogoutHandler logoutHandler = new SecurityContextLogoutHandler();
logoutHandler.setClearAuthentication(true);
logoutHandler.setInvalidateHttpSession(true);
LogoutFilter logoutFilter = new LogoutFilter(getLogoutSuccessHandler(), logoutHandler);
logoutFilter.setFilterProcessesUrl(CAS_LOGOUT_URI);
return logoutFilter;
}
Also used :
SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
Example 4 with LogoutFilter
use of org.springframework.security.web.authentication.logout.LogoutFilter in project motech by motech.
the class SecurityRuleBuilder method addLogoutFilter.
private void addLogoutFilter(List<Filter> filters, MotechURLSecurityRule securityRule) {
if (securityRule.isRest()) {
return;
}
LogoutHandler springLogoutHandler = new SecurityContextLogoutHandler();
LogoutFilter logoutFilter = new LogoutFilter("/module/server/login", motechLogoutHandler, springLogoutHandler);
logoutFilter.setFilterProcessesUrl("/module/server/j_spring_security_logout");
filters.add(logoutFilter);
}
Also used :
SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)
LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler)
SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
Example 5 with LogoutFilter
use of org.springframework.security.web.authentication.logout.LogoutFilter in project esup-papercut by EsupPortail.
the class CasConfig method logoutFilter.
@Bean
public LogoutFilter logoutFilter() {
LogoutFilter logoutFilter = new LogoutFilter(url + "/logout?service=" + service, securityContextLogoutHandler());
logoutFilter.setFilterProcessesUrl("/logout");
return logoutFilter;
}
Also used :
LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter)
Bean(org.springframework.context.annotation.Bean)
Aggregations
LogoutFilter (org.springframework.security.web.authentication.logout.LogoutFilter)9
LogoutHandler (org.springframework.security.web.authentication.logout.LogoutHandler)5
LogoutSuccessEventPublishingLogoutHandler (org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler)4
SecurityContextLogoutHandler (org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)4
Test (org.junit.jupiter.api.Test)2
Bean (org.springframework.context.annotation.Bean)2
CompositeLogoutHandler (org.springframework.security.web.authentication.logout.CompositeLogoutHandler)2
Saml2RelyingPartyInitiatedLogoutSuccessHandler (org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler)1
CookieClearingLogoutHandler (org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler)1
CsrfLogoutHandler (org.springframework.security.web.csrf.CsrfLogoutHandler)1
SecurityContextHolderAwareRequestFilter (org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter)1
ConcurrentSessionFilter (org.springframework.security.web.session.ConcurrentSessionFilter)1
