Class SAMLLogoutFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.logout.LogoutFilter
de.hybris.platform.samlsinglesignon.security.SAMLLogoutFilter
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class SAMLLogoutFilter extends org.springframework.security.web.authentication.logout.LogoutFilter
Logout filter leveraging Saml2RelyingPartyInitiatedLogoutSuccessHandler. Upon invocation of the filter URL it is determined whether Single Logout (termination of all participating sessions) or local (termination of only session running within Spring Security) logout is requested based on request attribute.

In case Single Logout is in question a LogoutRequest is sent to the IDP.

  • Field Summary

    Fields inherited from class org.springframework.web.filter.GenericFilterBean

    logger
  • Constructor Summary

    Constructors
    Constructor
    Description
    SAMLLogoutFilter(org.springframework.security.web.authentication.logout.LogoutSuccessHandler singleLogoutSuccessHandler, org.springframework.security.web.authentication.logout.LogoutSuccessHandler localLogoutSuccessHandler, org.springframework.security.web.authentication.logout.LogoutHandler[] singleLogoutHandlers, org.springframework.security.web.authentication.logout.LogoutHandler[] localLogoutHandlers)
    Default constructor.
  • Method Summary

    Modifier and Type
    Method
    Description
    void
    doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
     
    void
    doSamlLogoutFilter(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain)
    In case request parameter of name "local" is set to true also when is not provided or there is no authenticated user only local logout will be performed and user will be redirected to the success page.
    protected org.springframework.security.core.Authentication
     
    protected boolean
    isSaml2Authentication(org.springframework.security.core.Authentication auth)
     

    Methods inherited from class org.springframework.security.web.authentication.logout.LogoutFilter

    requiresLogout, setFilterProcessesUrl, setLogoutRequestMatcher

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Constructor Details

    • SAMLLogoutFilter

      public SAMLLogoutFilter(org.springframework.security.web.authentication.logout.LogoutSuccessHandler singleLogoutSuccessHandler, org.springframework.security.web.authentication.logout.LogoutSuccessHandler localLogoutSuccessHandler, org.springframework.security.web.authentication.logout.LogoutHandler[] singleLogoutHandlers, org.springframework.security.web.authentication.logout.LogoutHandler[] localLogoutHandlers)
      Default constructor.
      Parameters:
      singleLogoutSuccessHandler - handler to invoke upon successful Single Logout
      localLogoutSuccessHandler - handler to invoke upon successful local logout
      singleLogoutHandlers - handlers to be invoked when Single Logout is selected
      localLogoutHandlers - handlers to be invoked when local logout is selected
  • Method Details

    • doFilter

      public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
      Specified by:
      doFilter in interface javax.servlet.Filter
      Overrides:
      doFilter in class org.springframework.security.web.authentication.logout.LogoutFilter
      Throws:
      IOException
      javax.servlet.ServletException
    • doSamlLogoutFilter

      public void doSamlLogoutFilter(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws javax.servlet.ServletException, IOException
      In case request parameter of name "local" is set to true also when is not provided or there is no authenticated user only local logout will be performed and user will be redirected to the success page. Otherwise, Single Logout procedure is initialized.
      Parameters:
      request - http request
      response - http response
      chain - chain
      Throws:
      IOException - error
      javax.servlet.ServletException - error
    • getAuthentication

      protected org.springframework.security.core.Authentication getAuthentication()
    • isSaml2Authentication

      protected boolean isSaml2Authentication(org.springframework.security.core.Authentication auth)