You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/02/10 12:23:12 UTC
cxf-fediz git commit: FEDIZ-189 - Add support for absolute URLs in
the logoutRedirectTo parameter
Repository: cxf-fediz
Updated Branches:
refs/heads/master 2bcb3b328 -> f7380a4ad
FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f7380a4a
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f7380a4a
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f7380a4a
Branch: refs/heads/master
Commit: f7380a4adae3dd8499328243d54de3763b51fe90
Parents: 2bcb3b3
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 10 12:08:20 2017 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 10 12:08:20 2017 +0000
----------------------------------------------------------------------
.../core/processor/FederationProcessorImpl.java | 2 +-
.../core/federation/FederationLogoutTest.java | 24 ++++++++++++++
.../test/resources/fediz_test_config_logout.xml | 34 ++++++++++++++++++++
3 files changed, 59 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
index 88e8da1..41a0865 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
@@ -531,7 +531,7 @@ public class FederationProcessorImpl extends AbstractFedizProcessor {
if (logoutRedirectTo.startsWith("/")) {
logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
- } else {
+ } else if (!logoutRedirectTo.startsWith("http") && !logoutRedirectTo.startsWith("https")) {
logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
index 67c01a5..09842dd 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
@@ -185,6 +185,30 @@ public class FederationLogoutTest {
}
@org.junit.Test
+ public void testSignoutWithAbsoluteURL() throws Exception {
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT4");
+
+ HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class);
+ EasyMock.expect(req.getParameter(FederationConstants.PARAM_ACTION)).andReturn(null).anyTimes();
+ EasyMock.expect(req.getParameter(FederationConstants.PARAM_REPLY)).andReturn(null);
+ EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer(LOGOUT_URL));
+ EasyMock.expect(req.getRequestURI()).andReturn(LOGOUT_URI);
+ EasyMock.expect(req.getContextPath()).andReturn(LOGOUT_URI);
+ EasyMock.replay(req);
+
+ LogoutHandler logoutHandler = new LogoutHandler(config);
+ Assert.assertTrue(logoutHandler.canHandleRequest(req));
+
+ HttpServletResponse resp = EasyMock.createMock(HttpServletResponse.class);
+ String expectedRedirectToIdP =
+ "http://url_to_the_issuer?wa=wsignout1.0&wreply=https%3A%2F%2Flocalhost%2Fsecure%2Flogout%2Findex.html";
+ resp.sendRedirect(expectedRedirectToIdP);
+ EasyMock.expectLastCall();
+ EasyMock.replay(resp);
+ logoutHandler.handleRequest(req, resp);
+ }
+
+ @org.junit.Test
public void testSignoutAction() throws Exception {
FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/resources/fediz_test_config_logout.xml
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/resources/fediz_test_config_logout.xml b/plugins/core/src/test/resources/fediz_test_config_logout.xml
index 8e8f5c0..0c7831e 100644
--- a/plugins/core/src/test/resources/fediz_test_config_logout.xml
+++ b/plugins/core/src/test/resources/fediz_test_config_logout.xml
@@ -120,4 +120,38 @@
<logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
</contextConfig>
+ <contextConfig name="ROOT4">
+ <audienceUris>
+ <audienceItem>http://host_one:port/url</audienceItem>
+ </audienceUris>
+ <certificateStores>
+ <trustManager>
+ <keyStore file="ststrust.jks" password="storepass"
+ type="JKS" />
+ </trustManager>
+ </certificateStores>
+ <trustedIssuers>
+ <issuer certificateValidation="PeerTrust" />
+ </trustedIssuers>
+
+ <maximumClockSkew>1000</maximumClockSkew>
+ <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="federationProtocolType" version="1.2">
+ <realm>target realm</realm>
+ <issuer>http://url_to_the_issuer</issuer>
+ <roleDelimiter>;</roleDelimiter>
+ <roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
+ <authenticationType value="some auth type" type="String" />
+ <freshness>10000</freshness>
+ <reply>reply value</reply>
+ <request>REQUEST</request>
+ <claimTypesRequested>
+ <claimType type="a particular claim type" optional="true" />
+ </claimTypesRequested>
+ </protocol>
+ <logoutURL>secure/logout</logoutURL>
+ <logoutRedirectTo>https://localhost/secure/logout/index.html</logoutRedirectTo>
+ <logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
+ </contextConfig>
+
</FedizConfig>