@Test @SuppressWarnings("unchecked") public void Can_add_a_logout_handler() { final LogoutFilter filter = mock(LogoutFilter.class); final CaptureHandlers handlers = new CaptureHandlers(); // Given willAnswer(handlers).given(mutator).update(eq(filter), eq("handlers"), eq(List.class), any(Updater.class)); // When logoutHandlerAdder.modify(filter); // Then assertThat(handlers, contains((LogoutHandler) logoutHandler)); }
/** * Instantiates a new logout filter. * * @param logoutSuccessUrl * the logout success url * @param handlers * the handlers */ public CommunoteLogoutFilter(final String logoutSuccessUrl, LogoutHandler[] handlers) { super(new SimpleUrlLogoutSuccessHandler() { { setDefaultTargetUrl(logoutSuccessUrl); setRedirectStrategy(new DefaultRedirectStrategy() { @Override public void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url) throws java.io.IOException { if (url.startsWith("http://") || url.startsWith("https://")) { throw new IllegalArgumentException( "could not add client id to this uri: '" + url + "'"); } // reset session values SessionHandler.instance().resetOverriddenCurrentUserLocale(request); ControllerHelper.sendInternalRedirect(request, response, url); }; }); } }, handlers); }
@Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; if (requiresLogout(request, response)) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (logger.isDebugEnabled()) { logger.debug("Logging out user '" + auth + "' and transferring to logout destination"); } for (LogoutHandler handler : handlers) { handler.logout(request, response, auth); } response.setStatus(200); jsonResponseHelper.writeResponseBody("Logged out", response); return; } chain.doFilter(request, response); }
@SuppressWarnings("unchecked") @Override public void modify(final LogoutFilter filter) { mutator.update(filter, "handlers", List.class, new Updater<List>() { @Override public List update(List oldHandlers) { final List<LogoutHandler> handlers = new ArrayList<>(oldHandlers); handlers.add(0, logoutHandler); return asList(handlers.toArray(new LogoutHandler[handlers.size()])); } }); }
/** * Instantiates a new api logout filter. * * @param handlers * the handlers */ public ApiLogoutFilter(LogoutHandler[] handlers) { super(new SimpleUrlLogoutSuccessHandler() { @Override protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { response.getWriter().write( "{\"message\":\"User logged out successfully.\",\"status\":\"OK\"}"); super.handle(request, response, authentication); } }, handlers); }
@Override public void execute(ArtifactoryRestRequest request, RestResponse response) { try { Map<String, LogoutHandler> logoutHandlers = ContextHelper.get().beansForType(LogoutHandler.class); tryToLogoutFromProviders(request, response, logoutHandlers); }catch (Exception e){ log.debug("failed to perform session logout" , e); } }
/** * iterate security providers and try to logout * * @param artifactoryRequest - encapsulate data related to request * @param artifactoryResponse - encapsulate data require for response * @param logoutHandlers - map of logout handlers */ private void tryToLogoutFromProviders(ArtifactoryRestRequest artifactoryRequest, RestResponse artifactoryResponse, Map<String, LogoutHandler> logoutHandlers) { HttpServletRequest servletRequest = artifactoryRequest.getServletRequest(); HttpServletResponse servletResponse = artifactoryResponse.getServletResponse(); Authentication authentication = AuthenticationHelper.getAuthentication(); // logout from all providers for (LogoutHandler logoutHandler : logoutHandlers.values()) { logoutHandler.logout(servletRequest, servletResponse, authentication); } }
private void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { final String servletPath = RequestUtils.getServletPathFromRequest(request); // add no cache header to web app request RequestUtils.addNoCacheToWebAppRequest(servletPath, response); String method = request.getMethod(); if ((servletPath == null || "/".equals(servletPath) || servletPath.length() == 0) && "get".equalsIgnoreCase(method)) { //We were called with an empty path - redirect to the app main page response.sendRedirect(HttpUtils.ANGULAR_WEBAPP + "/"); return; } //Reuse the authentication if it exists Authentication authentication = RequestUtils.getAuthentication(request); boolean isAuthenticated = authentication != null && authentication.isAuthenticated(); // Make sure this is called only once boolean reAuthRequired = reAuthenticationRequired(request, authentication); if (reAuthRequired) { /** * A re-authentication is required but we might still have data that needs to be invalidated (like the * Wicket session) */ Map<String, LogoutHandler> logoutHandlers = ContextHelper.get().beansForType(LogoutHandler.class); for (LogoutHandler logoutHandler : logoutHandlers.values()) { logoutHandler.logout(request, response, authentication); } } boolean authenticationRequired = !isAuthenticated || reAuthRequired; SecurityContext securityContext = SecurityContextHolder.getContext(); if (authenticationRequired) { if (authFilter.acceptFilter(request)) { authenticateAndExecute(request, response, chain, securityContext); } else { useAnonymousIfPossible(request, response, chain, securityContext); } } else { log.debug("Using authentication {} from Http session.", authentication); useAuthentication(request, response, chain, authentication, securityContext); } }
@Override protected void init() { HttpServletRequest servletRequest = WicketUtils.getHttpServletRequest(); HttpServletResponse servletResponse = WicketUtils.getHttpServletResponse(); Authentication authentication = AuthenticationHelper.getAuthentication(); Map<String, LogoutHandler> logoutHandlers = ContextHelper.get().beansForType(LogoutHandler.class); for (LogoutHandler logoutHandler : logoutHandlers.values()) { logoutHandler.logout(servletRequest, servletResponse, authentication); } super.init(); }
private void addLogoutFilter(List<Filter> filters, MotechURLSecurityRule securityRule) { if (securityRule.isRest()) { return; } LogoutHandler springLogoutHandler = new SecurityContextLogoutHandler(); LogoutFilter logoutFilter = new LogoutFilter("/module/server/login", motechLogoutHandler, springLogoutHandler); logoutFilter.setFilterProcessesUrl("/module/server/j_spring_security_logout"); filters.add(logoutFilter); }
@Bean public LogoutHandler logoutHandler() { return new SecurityContextLogoutHandler(); }
public Collection<LogoutHandler> getObject() throws Exception { return logoutHandlers; }
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException { logoutHandlers=applicationContext.getBeansOfType(LogoutHandler.class).values(); }
@Bean public SAMLLogoutFilter samlLogoutFilter() { return new SAMLLogoutFilter(successLogoutHandler(), new LogoutHandler[]{logoutHandler()}, new LogoutHandler[]{logoutHandler()}); }
@Bean public SAMLLogoutFilter samlLogoutFilter() { return new SAMLLogoutFilter(successLogoutHandler(), new LogoutHandler[] { logoutHandler() }, new LogoutHandler[] { logoutHandler() }); }
@Bean public SAMLLogoutFilter samlLogoutFilter() { SAMLLogoutFilter filter = new SAMLLogoutFilter(successLogoutHandler(), new LogoutHandler[]{logoutHandler()}, new LogoutHandler[]{logoutHandler()}); filter.setFilterProcessesUrl("/saml/logout"); return filter; }
public PentahoSamlLogoutFilter( String successUrl, LogoutHandler[] localHandler, LogoutHandler[] globalHandlers ) { super( successUrl, localHandler, globalHandlers ); }
public PentahoSamlLogoutFilter( LogoutSuccessHandler logoutSuccessHandler, LogoutHandler[] localHandler, LogoutHandler[] globalHandlers ) { super( logoutSuccessHandler, localHandler, globalHandlers ); }
public PentahoSamlLogoutProcessingFilter( String logoutSuccessUrl, LogoutHandler... handlers ) { super( logoutSuccessUrl, handlers ); }
public PentahoSamlLogoutProcessingFilter( LogoutSuccessHandler logoutSuccessHandler, LogoutHandler... handlers ) { super( logoutSuccessHandler, handlers ); }
public List<LogoutHandler> getHandlers() { return handlers; }
public void setHandlers(List<LogoutHandler> handlers) { this.handlers = handlers; }
@Bean public SAMLLogoutFilter samlLogoutFilter() { return new SAMLLogoutFilter(successfulLogoutRedirectHandler(), new LogoutHandler[] { logoutHandler() }, new LogoutHandler[] { logoutHandler() }); }
public OAuth2LogoutFilter(String logoutSuccessUrl, LogoutHandler... handlers) { super(logoutSuccessUrl, handlers); }
/** * Handler to be invoked when local logout is selected. Overrides values set by {@link #clearAuthentication} and * {@link #invalidateSession} for local logout. * * @param handler the handler to be invoked. * @return this configurer for further customization */ public LogoutConfigurer localHandler(LogoutHandler handler) { localHandler = handler; return this; }
/** * Handler to be invoked when global logout is selected. Overrides values set by {@link #clearAuthentication} and * {@link #invalidateSession} for global logout. * * @param handler the handler to be invoked. * @return this configurer for further customization */ public LogoutConfigurer globalHandler(LogoutHandler handler) { globalHandler = handler; return this; }
/** * Constructor. * * @param logoutSuccessHandler * The logout success handler. * @param handlers * The handlers. */ public CommunoteLogoutFilter(LogoutSuccessHandler logoutSuccessHandler, LogoutHandler[] handlers) { super(logoutSuccessHandler, handlers); }