Author: anil.saldhana(a)jboss.com
Date: 2011-07-28 14:57:30 -0400 (Thu, 28 Jul 2011)
New Revision: 1142
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
Log:
merge in r1141
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp
___________________________________________________________________
Added: svn:mergeinfo
+
/federation/trunk/picketlink-bindings/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp:1138-1141
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-28
18:23:56 UTC (rev 1141)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/BaseFormAuthenticator.java 2011-07-28
18:57:30 UTC (rev 1142)
@@ -34,11 +34,14 @@
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
+import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import org.apache.catalina.LifecycleException;
+import org.apache.catalina.Session;
import org.apache.catalina.authenticator.AuthenticatorBase;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.connector.Request;
@@ -114,6 +117,8 @@
protected String canonicalizationMethod =
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS;
+ protected final String logOutPage = GeneralConstants.LOGOUT_PAGE_NAME;
+
/**
* Servlet3 related changes forced Tomcat to change the authenticate method
* signature in the FormAuthenticator. For now, we use reflection for forward
@@ -454,6 +459,28 @@
chainConfigOptions.put(GeneralConstants.ROLE_VALIDATOR_IGNORE, "false");
//No validator as tomcat realm does validn
}
+ protected void sendToLogoutPage(Request request, Response response, Session session)
throws IOException,
+ ServletException
+ {
+ //we are invalidated.
+ RequestDispatcher dispatch =
context.getServletContext().getRequestDispatcher(this.logOutPage);
+ if (dispatch == null)
+ log.error("Cannot dispatch to the logout page: no request dispatcher:"
+ this.logOutPage);
+ else
+ {
+ session.expire();
+ try
+ {
+ dispatch.forward(request, response);
+ }
+ catch (Exception e)
+ {
+ //JBAS5.1 and 6 quirkiness
+ dispatch.forward(request.getRequest(), response);
+ }
+ }
+ }
+
private Class<?> getAuthenticatorBaseClass()
{
Class<?> myClass = getClass();
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2011-07-28
18:23:56 UTC (rev 1141)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2011-07-28
18:57:30 UTC (rev 1142)
@@ -29,7 +29,7 @@
import java.util.List;
import java.util.Set;
-import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Session;
@@ -77,8 +77,6 @@
private boolean jbossEnv = false;
- private final String logOutPage = GeneralConstants.LOGOUT_PAGE_NAME;
-
protected boolean supportSignatures = false;
protected TrustKeyManager keyManager;
@@ -118,8 +116,27 @@
@Override
public boolean authenticate(Request request, Response response, LoginConfig
loginConfig) throws IOException
{
+ Session session = request.getSessionInternal(true);
+
SPUtil spUtil = new SPUtil();
+ //Eagerly look for Local LogOut
+ String lloStr = request.getParameter(GeneralConstants.LOCAL_LOGOUT);
+ boolean localLogout = isNotNull(lloStr) &&
"true".equalsIgnoreCase(lloStr);
+ if (localLogout)
+ {
+ try
+ {
+ sendToLogoutPage(request, response, session);
+ }
+ catch (ServletException e)
+ {
+ log.error("Exception in logout::", e);
+ throw new IOException(e);
+ }
+ return false;
+ }
+
//Eagerly look for Global LogOut
String gloStr = request.getParameter(GeneralConstants.GLOBAL_LOGOUT);
boolean logOutRequest = isNotNull(gloStr) &&
"true".equalsIgnoreCase(gloStr);
@@ -133,7 +150,6 @@
if (principal != null && !(logOutRequest || isNotNull(samlRequest) ||
isNotNull(samlResponse)))
return true;
- Session session = request.getSessionInternal(true);
String relayState = request.getParameter(GeneralConstants.RELAY_STATE);
boolean willSendRequest = false;
@@ -244,23 +260,7 @@
boolean sessionValidity = session.isValid();
if (!sessionValidity)
{
- //we are invalidated.
- RequestDispatcher dispatch =
context.getServletContext().getRequestDispatcher(this.logOutPage);
- if (dispatch == null)
- log.error("Cannot dispatch to the logout page: no request
dispatcher:" + this.logOutPage);
- else
- {
- session.expire();
- try
- {
- dispatch.forward(request, response);
- }
- catch (Exception e)
- {
- //JBAS5.1 and 6 quirkiness
- dispatch.forward(request.getRequest(), response);
- }
- }
+ sendToLogoutPage(request, response, session);
return false;
}
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2011-07-28
18:23:56 UTC (rev 1141)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2011-07-28
18:57:30 UTC (rev 1142)
@@ -31,7 +31,6 @@
import java.util.Set;
import java.util.StringTokenizer;
-import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
@@ -81,8 +80,6 @@
protected boolean jbossEnv = false;
- private final String logOutPage = GeneralConstants.LOGOUT_PAGE_NAME;
-
public SPRedirectFormAuthenticator()
{
super();
@@ -112,6 +109,25 @@
@Override
public boolean authenticate(Request request, Response response, LoginConfig
loginConfig) throws IOException
{
+ Session session = request.getSessionInternal(true);
+
+ //Eagerly look for Local LogOut
+ String lloStr = request.getParameter(GeneralConstants.LOCAL_LOGOUT);
+ boolean localLogout = isNotNull(lloStr) &&
"true".equalsIgnoreCase(lloStr);
+ if (localLogout)
+ {
+ try
+ {
+ sendToLogoutPage(request, response, session);
+ }
+ catch (ServletException e)
+ {
+ log.error("Exception in logout::", e);
+ throw new IOException(e);
+ }
+ return false;
+ }
+
//Eagerly look for Global LogOut
String gloStr = request.getParameter(GeneralConstants.GLOBAL_LOGOUT);
boolean logOutRequest = isNotNull(gloStr) &&
"true".equalsIgnoreCase(gloStr);
@@ -125,7 +141,6 @@
if (principal != null && !(logOutRequest || isNotNull(samlRequest) ||
isNotNull(samlResponse)))
return true;
- Session session = request.getSessionInternal(true);
String relayState = request.getParameter(GeneralConstants.RELAY_STATE);
HTTPContext httpContext = new HTTPContext(request, response,
context.getServletContext());
@@ -278,23 +293,7 @@
boolean sessionValidity = session.isValid();
if (!sessionValidity)
{
- //we are invalidated.
- RequestDispatcher dispatch =
context.getServletContext().getRequestDispatcher(this.logOutPage);
- if (dispatch == null)
- log.error("Cannot dispatch to the logout page: no request
dispatcher:" + this.logOutPage);
- else
- {
- session.expire();
- try
- {
- dispatch.forward(request, response);
- }
- catch (Exception e)
- {
- //JBAS5.1 and 6 quirkiness
- dispatch.forward(request.getRequest(), response);
- }
- }
+ sendToLogoutPage(request, response, session);
return false;
}
Modified:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
===================================================================
---
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-07-28
18:23:56 UTC (rev 1141)
+++
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java 2011-07-28
18:57:30 UTC (rev 1142)
@@ -48,6 +48,8 @@
String CONFIG_FILE_LOCATION = "/WEB-INF/picketlink-idfed.xml";
+ String LOCAL_LOGOUT = "LLO";
+
String GLOBAL_LOGOUT = "GLO";
String HANDLER_CONFIG_FILE_LOCATION = "/WEB-INF/picketlink-handlers.xml";
@@ -60,6 +62,8 @@
String KEYPAIR = "KEYPAIR";
+ String LOGIN_TYPE = "LOGIN_TYPE";
+
String LOGOUT_PAGE = "LOGOUT_PAGE";
String LOGOUT_PAGE_NAME = "/logout.jsp";
Property changes on:
product/trunk/picketlink-core/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java
___________________________________________________________________
Added: svn:mergeinfo
+
/federation/trunk/picketlink-web/src/main/java/org/picketlink/identity/federation/web/constants/GeneralConstants.java:1138-1141