Examples with LogoutHandler org.springframework.security.web.authentication.logout.LogoutHandler used on opensource projects

Search in sources :

Example 11 with LogoutHandler

use of org.springframework.security.web.authentication.logout.LogoutHandler in project spring-security by spring-projects.

the class Saml2LogoutConfigurer method createRelyingPartyLogoutFilter.

private LogoutFilter createRelyingPartyLogoutFilter(RelyingPartyRegistrationResolver registrations) {
    LogoutHandler[] logoutHandlers = this.logoutHandlers.toArray(new LogoutHandler[0]);
    Saml2RelyingPartyInitiatedLogoutSuccessHandler logoutRequestSuccessHandler = createSaml2LogoutRequestSuccessHandler(registrations);
    LogoutFilter logoutFilter = new LogoutFilter(logoutRequestSuccessHandler, logoutHandlers);
    logoutFilter.setLogoutRequestMatcher(createLogoutMatcher());
    return postProcess(logoutFilter);
}
Also used : CsrfLogoutHandler(org.springframework.security.web.csrf.CsrfLogoutHandler) LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler) SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter) Saml2RelyingPartyInitiatedLogoutSuccessHandler(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler)

Example 12 with LogoutHandler

use of org.springframework.security.web.authentication.logout.LogoutHandler in project spring-security by spring-projects.

the class SessionManagementConfigurer method createConcurrencyFilter.

private ConcurrentSessionFilter createConcurrencyFilter(H http) {
    SessionInformationExpiredStrategy expireStrategy = getExpiredSessionStrategy();
    SessionRegistry sessionRegistry = getSessionRegistry(http);
    ConcurrentSessionFilter concurrentSessionFilter = (expireStrategy != null) ? new ConcurrentSessionFilter(sessionRegistry, expireStrategy) : new ConcurrentSessionFilter(sessionRegistry);
    LogoutConfigurer<H> logoutConfigurer = http.getConfigurer(LogoutConfigurer.class);
    if (logoutConfigurer != null) {
        List<LogoutHandler> logoutHandlers = logoutConfigurer.getLogoutHandlers();
        if (!CollectionUtils.isEmpty(logoutHandlers)) {
            concurrentSessionFilter.setLogoutHandlers(logoutHandlers);
        }
    }
    return concurrentSessionFilter;
}
Also used : SessionInformationExpiredStrategy(org.springframework.security.web.session.SessionInformationExpiredStrategy) SimpleRedirectSessionInformationExpiredStrategy(org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy) SessionRegistry(org.springframework.security.core.session.SessionRegistry) ConcurrentSessionFilter(org.springframework.security.web.session.ConcurrentSessionFilter) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler)

Example 13 with LogoutHandler

use of org.springframework.security.web.authentication.logout.LogoutHandler in project spring-security by spring-projects.

the class Saml2LogoutConfigurerTests method saml2LogoutWhenDefaultsThenLogsOutAndSendsLogoutRequest.

@Test
public void saml2LogoutWhenDefaultsThenLogsOutAndSendsLogoutRequest() throws Exception {
    this.spring.register(Saml2LogoutDefaultsConfig.class).autowire();
    MvcResult result = this.mvc.perform(post("/logout").with(authentication(this.user)).with(csrf())).andExpect(status().isFound()).andReturn();
    String location = result.getResponse().getHeader("Location");
    LogoutHandler logoutHandler = this.spring.getContext().getBean(LogoutHandler.class);
    assertThat(location).startsWith("https://ap.example.org/logout/saml2/request");
    verify(logoutHandler).logout(any(), any(), any());
}
Also used : Matchers.containsString(org.hamcrest.Matchers.containsString) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) MvcResult(org.springframework.test.web.servlet.MvcResult) Test(org.junit.jupiter.api.Test)

Example 14 with LogoutHandler

use of org.springframework.security.web.authentication.logout.LogoutHandler in project spring-security by spring-projects.

the class SessionManagementConfigTests method checkConcurrencyAndLogoutFilterHasSameSizeAndHasLogoutSuccessEventPublishingLogoutHandler.

/**
 * SEC-2680
 */
@Test
public void checkConcurrencyAndLogoutFilterHasSameSizeAndHasLogoutSuccessEventPublishingLogoutHandler() {
    this.spring.configLocations(xml("ConcurrencyControlLogoutAndRememberMeHandlers")).autowire();
    ConcurrentSessionFilter concurrentSessionFilter = getFilter(ConcurrentSessionFilter.class);
    LogoutFilter logoutFilter = getFilter(LogoutFilter.class);
    LogoutHandler csfLogoutHandler = getFieldValue(concurrentSessionFilter, "handlers");
    LogoutHandler lfLogoutHandler = getFieldValue(logoutFilter, "handler");
    assertThat(csfLogoutHandler).isInstanceOf(CompositeLogoutHandler.class);
    assertThat(lfLogoutHandler).isInstanceOf(CompositeLogoutHandler.class);
    List<LogoutHandler> csfLogoutHandlers = getFieldValue(csfLogoutHandler, "logoutHandlers");
    List<LogoutHandler> lfLogoutHandlers = getFieldValue(lfLogoutHandler, "logoutHandlers");
    assertThat(csfLogoutHandlers).hasSameSizeAs(lfLogoutHandlers);
    assertThat(csfLogoutHandlers).hasAtLeastOneElementOfType(LogoutSuccessEventPublishingLogoutHandler.class);
    assertThat(lfLogoutHandlers).hasAtLeastOneElementOfType(LogoutSuccessEventPublishingLogoutHandler.class);
}
Also used : ConcurrentSessionFilter(org.springframework.security.web.session.ConcurrentSessionFilter) LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter) LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) CompositeLogoutHandler(org.springframework.security.web.authentication.logout.CompositeLogoutHandler) Test(org.junit.jupiter.api.Test)

Example 15 with LogoutHandler

use of org.springframework.security.web.authentication.logout.LogoutHandler in project spring-security by spring-projects.

the class ConcurrentSessionFilterTests method setLogoutHandlersWhenEmptyThenThrowsException.

@Test
public void setLogoutHandlersWhenEmptyThenThrowsException() {
    ConcurrentSessionFilter filter = new ConcurrentSessionFilter(new SessionRegistryImpl());
    assertThatIllegalArgumentException().isThrownBy(() -> filter.setLogoutHandlers(new LogoutHandler[0]));
}
Also used : SessionRegistryImpl(org.springframework.security.core.session.SessionRegistryImpl) ConcurrentSessionFilter(org.springframework.security.web.session.ConcurrentSessionFilter) SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) Test(org.junit.jupiter.api.Test)

Aggregations

LogoutHandler (org.springframework.security.web.authentication.logout.LogoutHandler)15 Test (org.junit.jupiter.api.Test)7 SecurityContextLogoutHandler (org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)6 LogoutFilter (org.springframework.security.web.authentication.logout.LogoutFilter)5 LogoutSuccessEventPublishingLogoutHandler (org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler)5 ConcurrentSessionFilter (org.springframework.security.web.session.ConcurrentSessionFilter)4 Matchers.containsString (org.hamcrest.Matchers.containsString)3 MvcResult (org.springframework.test.web.servlet.MvcResult)3 SessionRegistry (org.springframework.security.core.session.SessionRegistry)2 CompositeLogoutHandler (org.springframework.security.web.authentication.logout.CompositeLogoutHandler)2 CsrfLogoutHandler (org.springframework.security.web.csrf.CsrfLogoutHandler)2 Date (java.util.Date)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 ApplicationContext (org.springframework.context.ApplicationContext)1 MockFilterChain (org.springframework.mock.web.MockFilterChain)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1 MockHttpSession (org.springframework.mock.web.MockHttpSession)1 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial