fiftyfive.wicket.shiro.markup.LogoutPage.java Source code

Java tutorial

  1. HOME
  2. Java
  3. fiftyfive.wicket.shiro.markup.LogoutPage.java

Introduction

Here is the source code for fiftyfive.wicket.shiro.markup.LogoutPage.java

Source

/**
 * Copyright 2013 55 Minutes (http://www.55minutes.com)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package fiftyfive.wicket.shiro.markup;

import fiftyfive.wicket.shiro.ShiroWicketPlugin;
import org.apache.shiro.SecurityUtils;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.request.flow.RedirectToUrlException;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.apache.wicket.util.string.StringValue;

/**
 * This page is never rendered; it simply performs logout logic and redirects to the
 * home page or other URI as specified in the page parameters.
 * 
 * @author Matt Brictson
 * @since 3.0
 */
public class LogoutPage extends WebPage {
    /**
     * Bookmarkable constructor. If a {@code "to"} parameter is provided, assume it is a URI
     * and redirect to that URI upon logout. Otherwise redirect to the home page.
     */
    public LogoutPage(PageParameters params) {
        super(params);
    }

    /**
     * Interrupt the rendering process and perform the logout, then redirect to a different page
     * by throwing an exception. The {@code LogoutPage} itself will therefore never be rendered.
     */
    @Override
    protected void onBeforeRender() throws RedirectToUrlException {
        logout();
        redirectAfterLogout();
    }

    /**
     * Called by {@link #onBeforeRender} to instruct Shiro to log the current user out, then
     * delegate to {@link ShiroWicketPlugin#onLoggedOut} to place a feedback message in the
     * session.
     */
    protected void logout() {
        // Perform Shiro logout
        SecurityUtils.getSubject().logout();

        // Delegate to plugin to perform any futher logout tasks
        ShiroWicketPlugin.get().onLoggedOut();
    }

    /**
     * Called by {@link #onBeforeRender} after {@link #logout} to redirect to another page.
     * By default this is the application home page. However if a {@code "to"} page parameter
     * was provided, assume it is a URI and redirect to that URI instead. For security reasons,
     * full URLs (i.e. something starting with {@code http}) are ignored.
     *
     * @throws RedirectToUrlException to cause Wicket to perform a 302 redirect
     */
    protected void redirectAfterLogout() throws RedirectToUrlException {
        StringValue to = getPageParameters().get("to");

        // If "to" param was not specified, or was erroneously set to
        // an absolute URL (i.e. containing a ":" like "http://blah"), then fall back
        // to the home page.
        if (null == to || to.isNull() || to.toString().indexOf(":") >= 0) {
            to = StringValue.valueOf(urlFor(getApplication().getHomePage(), null));
        }

        throw new RedirectToUrlException(to.toString(), 302);
    }
}