Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
reg-app
Regapp
Commits
ce41a1a8
Commit
ce41a1a8
authored
May 11, 2021
by
michael.simon
Browse files
Add logout consume stub for HTTP-Redirect protocol
parent
d9b721d6
Changes
3
Hide whitespace changes
Inline
Side-by-side
bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlSpLogoutService.java
View file @
ce41a1a8
...
...
@@ -3,9 +3,14 @@ package edu.kit.scc.webreg.service.saml;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
edu.kit.scc.webreg.entity.SamlSpConfigurationEntity
;
public
interface
SamlSpLogoutService
{
void
redirectLogout
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Long
userId
)
throws
Exception
;
void
consumeRedirectLogout
(
HttpServletRequest
request
,
HttpServletResponse
response
,
SamlSpConfigurationEntity
spConfig
)
throws
Exception
;
}
bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlSpLogoutServiceImpl.java
View file @
ce41a1a8
...
...
@@ -20,10 +20,13 @@ import org.opensaml.saml.common.messaging.context.SAMLEndpointContext;
import
org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
;
import
org.opensaml.saml.common.xml.SAMLConstants
;
import
org.opensaml.saml.criterion.RoleDescriptorCriterion
;
import
org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder
;
import
org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder
;
import
org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder
;
import
org.opensaml.saml.saml2.core.Issuer
;
import
org.opensaml.saml.saml2.core.LogoutRequest
;
import
org.opensaml.saml.saml2.core.NameID
;
import
org.opensaml.saml.saml2.core.Response
;
import
org.opensaml.saml.saml2.metadata.EntityDescriptor
;
import
org.opensaml.saml.saml2.metadata.SingleLogoutService
;
import
org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver
;
...
...
@@ -45,6 +48,7 @@ import edu.kit.scc.webreg.entity.SamlSpConfigurationEntity;
import
edu.kit.scc.webreg.entity.SamlUserEntity
;
import
edu.kit.scc.webreg.entity.UserEntity
;
import
edu.kit.scc.webreg.service.saml.exc.SamlAuthenticationException
;
import
edu.kit.scc.webreg.service.saml.exc.SamlInvalidPostException
;
import
edu.kit.scc.webreg.session.SessionManager
;
import
net.shibboleth.utilities.java.support.resolver.CriteriaSet
;
...
...
@@ -77,7 +81,20 @@ public class SamlSpLogoutServiceImpl implements SamlSpLogoutService {
@Inject
private
SessionManager
session
;
@Override
public
void
consumeRedirectLogout
(
HttpServletRequest
request
,
HttpServletResponse
response
,
SamlSpConfigurationEntity
spConfig
)
throws
Exception
{
HTTPRedirectDeflateDecoder
decoder
=
new
HTTPRedirectDeflateDecoder
();
decoder
.
setHttpServletRequest
(
request
);
decoder
.
initialize
();
decoder
.
decode
();
SAMLObject
obj
=
decoder
.
getMessageContext
().
getMessage
();
logger
.
debug
(
"Message decoded: {}"
,
obj
);
}
@Override
public
void
redirectLogout
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Long
userId
)
throws
Exception
{
...
...
bwreg-webapp/src/main/java/edu/kit/scc/webreg/sec/Saml2SpLogoutHandler.java
0 → 100644
View file @
ce41a1a8
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package
edu.kit.scc.webreg.sec
;
import
java.io.IOException
;
import
javax.inject.Inject
;
import
javax.inject.Named
;
import
javax.servlet.Servlet
;
import
javax.servlet.ServletConfig
;
import
javax.servlet.ServletException
;
import
javax.servlet.ServletRequest
;
import
javax.servlet.ServletResponse
;
import
javax.servlet.annotation.WebServlet
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.slf4j.Logger
;
import
edu.kit.scc.webreg.entity.SamlSpConfigurationEntity
;
import
edu.kit.scc.webreg.service.SamlSpConfigurationService
;
import
edu.kit.scc.webreg.service.saml.SamlSpLogoutService
;
import
edu.kit.scc.webreg.session.SessionManager
;
@Named
@WebServlet
(
urlPatterns
=
{
"/Shibboleth.sso/SLO/Redirect"
,
"/saml/sp/logout/redirect"
})
public
class
Saml2SpLogoutHandler
implements
Servlet
{
@Inject
private
Logger
logger
;
@Inject
private
SessionManager
session
;
@Inject
private
SamlSpConfigurationService
spConfigService
;
@Inject
private
SamlSpLogoutService
samlLogoutService
;
@Override
public
void
service
(
ServletRequest
servletRequest
,
ServletResponse
servletResponse
)
throws
ServletException
,
IOException
{
HttpServletRequest
request
=
(
HttpServletRequest
)
servletRequest
;
HttpServletResponse
response
=
(
HttpServletResponse
)
servletResponse
;
String
context
=
request
.
getServletContext
().
getContextPath
();
String
path
=
request
.
getRequestURI
().
substring
(
context
.
length
());
logger
.
debug
(
"Dispatching request context '{}' path '{}'"
,
context
,
path
);
SamlSpConfigurationEntity
spConfig
=
spConfigService
.
findByHostname
(
request
.
getServerName
());
if
(
spConfig
!=
null
)
{
logger
.
debug
(
"Executing POST Handler for entity {}"
,
spConfig
.
getEntityId
());
service
(
request
,
response
,
spConfig
);
}
}
private
void
service
(
HttpServletRequest
request
,
HttpServletResponse
response
,
SamlSpConfigurationEntity
spConfig
)
throws
ServletException
,
IOException
{
if
(
session
==
null
||
session
.
getIdpId
()
==
null
||
session
.
getSpId
()
==
null
)
{
logger
.
debug
(
"Client session from {} not established. Sending client back to welcome page"
,
request
.
getRemoteAddr
());
response
.
sendRedirect
(
"/welcome/index.xhtml"
);
return
;
}
logger
.
debug
(
"attemp Logout, Consuming SAML Logout Request"
);
try
{
samlLogoutService
.
consumeRedirectLogout
(
request
,
response
,
spConfig
);
}
catch
(
Exception
e
)
{
throw
new
ServletException
(
"Authentication problem"
,
e
);
}
}
@Override
public
void
init
(
ServletConfig
config
)
throws
ServletException
{
}
@Override
public
ServletConfig
getServletConfig
()
{
return
null
;
}
@Override
public
String
getServletInfo
()
{
return
null
;
}
@Override
public
void
destroy
()
{
}
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment