You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/12/07 12:13:19 UTC
[3/6] cxf-fediz git commit: Support logging out via WS-Federation for
the CXF plugin
Support logging out via WS-Federation for the CXF plugin
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/34713e37
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/34713e37
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/34713e37
Branch: refs/heads/master
Commit: 34713e3717689d4ea2a29ab54b65cd27d94558af
Parents: d938eea
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Dec 6 17:59:23 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Dec 6 17:59:23 2016 +0000
----------------------------------------------------------------------
.../cxf/plugin/FedizRedirectBindingFilter.java | 73 +++++++++++---------
1 file changed, 41 insertions(+), 32 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/34713e37/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
----------------------------------------------------------------------
diff --git a/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java b/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
index 832d7bb..b7e9d7a 100644
--- a/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
+++ b/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
@@ -90,11 +90,6 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
return;
}
- // See if it is a Logout request
- if (isLogoutRequest(context, m, fedConfig)) {
- return;
- }
-
String httpMethod = context.getMethod();
MultivaluedMap<String, String> params = null;
@@ -110,6 +105,11 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
throw ExceptionUtils.toInternalServerErrorException(ex, null);
}
+ // See if it is a Logout request
+ if (isLogoutRequest(context, m, fedConfig, params)) {
+ return;
+ }
+
if (isSignoutCleanupRequest(fedConfig, m, params)) {
return;
} else if (checkSecurityContext(fedConfig, m)) {
@@ -289,39 +289,48 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
}
private boolean isLogoutRequest(ContainerRequestContext context, Message message,
- FedizContext fedConfig) {
- //logout
+ FedizContext fedConfig, MultivaluedMap<String, String> params) {
+
+ boolean signout = false;
String logoutUrl = fedConfig.getLogoutURL();
- if (logoutUrl != null && !logoutUrl.isEmpty()) {
+ if (params != null && fedConfig.getProtocol() instanceof FederationProtocol
+ && FederationConstants.ACTION_SIGNOUT.equals(
+ params.getFirst(FederationConstants.PARAM_ACTION))) {
+ signout = true;
+ } else if (logoutUrl != null && !logoutUrl.isEmpty()) {
String requestPath = "/" + context.getUriInfo().getPath();
if (requestPath.equals(logoutUrl) || requestPath.equals(logoutUrl + "/")) {
- cleanupContext(message);
-
- try {
- FedizProcessor processor =
- FedizProcessorFactory.newFedizProcessor(fedConfig.getProtocol());
-
- HttpServletRequest request = messageContext.getHttpServletRequest();
- RedirectionResponse redirectionResponse =
- processor.createSignOutRequest(request, null, fedConfig); //TODO
- String redirectURL = redirectionResponse.getRedirectionURL();
- if (redirectURL != null) {
- ResponseBuilder response = Response.seeOther(new URI(redirectURL));
- Map<String, String> headers = redirectionResponse.getHeaders();
- if (!headers.isEmpty()) {
- for (Entry<String, String> entry : headers.entrySet()) {
- response.header(entry.getKey(), entry.getValue());
- }
+ signout = true;
+ }
+ }
+
+ if (signout) {
+ cleanupContext(message);
+
+ try {
+ FedizProcessor processor =
+ FedizProcessorFactory.newFedizProcessor(fedConfig.getProtocol());
+
+ HttpServletRequest request = messageContext.getHttpServletRequest();
+ RedirectionResponse redirectionResponse =
+ processor.createSignOutRequest(request, null, fedConfig); //TODO
+ String redirectURL = redirectionResponse.getRedirectionURL();
+ if (redirectURL != null) {
+ ResponseBuilder response = Response.seeOther(new URI(redirectURL));
+ Map<String, String> headers = redirectionResponse.getHeaders();
+ if (!headers.isEmpty()) {
+ for (Entry<String, String> entry : headers.entrySet()) {
+ response.header(entry.getKey(), entry.getValue());
}
-
- context.abortWith(response.build());
-
- return true;
}
- } catch (Exception ex) {
- LOG.debug(ex.getMessage(), ex);
- throw ExceptionUtils.toInternalServerErrorException(ex, null);
+
+ context.abortWith(response.build());
+
+ return true;
}
+ } catch (Exception ex) {
+ LOG.debug(ex.getMessage(), ex);
+ throw ExceptionUtils.toInternalServerErrorException(ex, null);
}
}