BecomSSOLogoutFilter.java :  » MVC » nestframework » org » nestframework » commons » acegi » becomsso » Java Open Source

Java Open Source » MVC » nestframework 
nestframework » org » nestframework » commons » acegi » becomsso » BecomSSOLogoutFilter.java
/**
 * 
 */
package org.nestframework.commons.acegi.becomsso;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.acegisecurity.ui.AbstractProcessingFilter;
import org.acegisecurity.ui.logout.LogoutFilter;
import org.acegisecurity.ui.logout.LogoutHandler;
import org.nestframework.commons.utils.EncodeUtil;
import org.nestframework.commons.utils.RSA_Encrypt;

/**
 * @author audin
 *
 */
public class BecomSSOLogoutFilter extends LogoutFilter {

  protected String logoutUrl;
  protected boolean deleteSession = true;
  
  public BecomSSOLogoutFilter(String logoutSuccessUrl,
      LogoutHandler[] handlers) {
    super(logoutSuccessUrl, handlers);
  }

  @Override
  public void doFilter(ServletRequest request, ServletResponse response,
      FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;
        if (requiresLogout(req, res)) {
          String ssoLogoutTag = req.getParameter("sso_logout");
        if (null == ssoLogoutTag) {
          String thisUrl = req.getRequestURL().toString();
          
          if (thisUrl.indexOf('?') != -1) {
            thisUrl += "&sso_logout=1";
          } else {
            thisUrl += "?sso_logout=1";
          }
          try {
            thisUrl = URLEncoder.encode(thisUrl, "UTF-8");
          } catch (UnsupportedEncodingException e) {}
          String key = req.getSession().getId();
          
          String redirectUrl = logoutUrl + "?authlogout_url=" + thisUrl + "&authlogout_key=" + key;
          
          res.sendRedirect(redirectUrl);
          return;
        } else {
          String remoteKey = req.getParameter("authlogout_key");
          String redirectUrl = (String)req.getSession().getAttribute("redirectUrl");
          if (RSA_Encrypt.verify(req.getSession().getId(),remoteKey)) {
            // successfull logout
            if (deleteSession) {
              req.getSession().invalidate();
            }
            if(redirectUrl==null){
              super.doFilter(request, response, chain);
            }else{
              res.sendRedirect(redirectUrl);
            }
            return;
          } else {
            String url = AbstractProcessingFilter.obtainFullRequestUrl(req);
            res.sendRedirect(url);
            return;
          }
          
        }
        }
    
        chain.doFilter(request, response);
  }

  public void setLogoutUrl(String logoutUrl) {
    this.logoutUrl = logoutUrl;
  }

  public void setDeleteSession(boolean deleteSession) {
    this.deleteSession = deleteSession;
  }

}
java2s.com  | Contact Us | Privacy Policy
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.