private SingleSignOutFilter singleSignOutFilter() { SingleSignOutFilter singleLogoutFilter = new SingleSignOutFilter(); singleLogoutFilter.setCasServerUrlPrefix(env.getProperty("login.cas.casHome")); return singleLogoutFilter; }
/** * Obtains a {@link SessionMappingStorage} object. Assumes this method will always return the same * instance of the object. It assumes this because it generally lazily calls the method. * * @return the SessionMappingStorage */ protected static SessionMappingStorage getSessionMappingStorage() { return SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage(); } }
public void init(final FilterConfig filterConfig) throws ServletException { super.init(filterConfig); if (!isIgnoreInitConfiguration()) { setArtifactParameterName(getString(ConfigurationKeys.ARTIFACT_PARAMETER_NAME)); setLogoutParameterName(getString(ConfigurationKeys.LOGOUT_PARAMETER_NAME)); setRelayStateParameterName(getString(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME)); setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX)); setLogoutCallbackPath(getString(ConfigurationKeys.LOGOUT_CALLBACK_PATH)); HANDLER.setArtifactParameterOverPost(getBoolean(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST)); HANDLER.setEagerlyCreateSessions(getBoolean(ConfigurationKeys.EAGERLY_CREATE_SESSIONS)); } HANDLER.init(); handlerInitialized.set(true); }
void configure(SingleSignOutFilter filter) { if (sessionMappingStorage != null) { filter.setSessionMappingStorage(sessionMappingStorage); } if (StringUtils.hasText(relayStateParameterName)) { filter.setRelayStateParameterName(relayStateParameterName); } if (StringUtils.hasText(frontLogoutParameterName)) { filter.setFrontLogoutParameterName(frontLogoutParameterName); } if (StringUtils.hasText(logoutParameterName)) { filter.setLogoutParameterName(logoutParameterName); } if (StringUtils.hasText(artifactParameterName)) { filter.setArtifactParameterName(artifactParameterName); } } }
/** * SingleSignOutFilter 登出过滤器 * 该过滤器用于实现单点登出功能,可选配置 * * @return */ @Bean public FilterRegistrationBean filterSingleRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new SingleSignOutFilter()); // 设定匹配的路径 registration.addUrlPatterns("/*"); Map<String, String> initParameters = new HashMap(); initParameters.put("casServerUrlPrefix", CasConfig.CAS_SERVER_LOGIN_PATH); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
@Before public void setUp() throws Exception { filter = new SingleSignOutFilter(); filter.setCasServerUrlPrefix(CAS_SERVER_URL_PREFIX); filter.setIgnoreInitConfiguration(true); filter.init(new MockFilterConfig()); request = new MockHttpServletRequest(); response = new MockHttpServletResponse(); filterChain = new MockFilterChain(); }
@Test public void backChannelRequest() throws IOException, ServletException { request.setParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue(), LogoutMessageGenerator.generateBackChannelLogoutMessage(TICKET)); request.setMethod("POST"); final MockHttpSession session = new MockHttpSession(); SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().addSessionById(TICKET, session); filter.doFilter(request, response, filterChain); assertNull(SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().removeSessionByMappingId(TICKET)); }
public void init(final FilterConfig filterConfig) throws ServletException { if (!isIgnoreInitConfiguration()) { handler.setArtifactParameterName(getPropertyFromInitParams(filterConfig, "artifactParameterName", "ticket")); handler.setLogoutParameterName(getPropertyFromInitParams(filterConfig, "logoutParameterName", "logoutRequest")); } handler.init(); }
/** * SingleSignOutFilter 登出过滤器 * 该过滤器用于实现单点登出功能,可选配置 * * @return */ @Bean public FilterRegistrationBean filterSingleRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new SingleSignOutFilter()); // 设定匹配的路径 registration.addUrlPatterns("/*"); Map<String, String> initParameters = new HashMap(); initParameters.put("casServerUrlPrefix", CasConfig.CAS_SERVER_LOGIN_PATH); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
@Test public void tokenRequest() throws IOException, ServletException { request.setParameter(Protocol.CAS2.getArtifactParameterName(), TICKET); request.setQueryString(Protocol.CAS2.getArtifactParameterName() + "=" + TICKET); final MockHttpSession session = new MockHttpSession(); request.setSession(session); filter.doFilter(request, response, filterChain); assertEquals(session, SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().removeSessionByMappingId(TICKET)); }
/** * SingleSignOutFilter 登出过滤器 * 该过滤器用于实现单点登出功能,可选配置 * * @return */ @Bean public FilterRegistrationBean filterSingleRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new SingleSignOutFilter()); // 设定匹配的路径 registration.addUrlPatterns("/*"); Map<String, String> initParameters = new HashMap(); initParameters.put("casServerUrlPrefix", CasConfig.CAS_SERVER_LOGIN_PATH); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
@Bean public SingleSignOutFilter singleSignOutFilter() { SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter(); singleSignOutFilter.setCasServerUrlPrefix(env.getRequiredProperty(CAS_URL_PREFIX)); return singleSignOutFilter; }
@Test public void frontChannelRequest() throws IOException, ServletException { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue(), logoutMessage); request.setQueryString(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue() + "=" + logoutMessage); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().addSessionById(TICKET, session); filter.doFilter(request, response, filterChain); assertNull(SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().removeSessionByMappingId(TICKET)); assertNull(response.getRedirectedUrl()); }
/** * Obtains a {@link SessionMappingStorage} object. Assumes this method will always return the same * instance of the object. It assumes this because it generally lazily calls the method. * * @return the SessionMappingStorage */ protected static SessionMappingStorage getSessionMappingStorage() { return SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage(); } }
/** * SingleSignOutFilter 登出过滤器 * 该过滤器用于实现单点登出功能,可选配置 * * @return */ @Bean public FilterRegistrationBean filterSingleRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new SingleSignOutFilter()); // 设定匹配的路径 registration.addUrlPatterns("/*"); Map<String, String> initParameters = new HashMap(); initParameters.put("casServerUrlPrefix", CasConfig.CAS_SERVER_LOGIN_PATH); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
@Test public void frontChannelRequestRelayState() throws IOException, ServletException { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue(), logoutMessage); request.setParameter(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getDefaultValue(), RELAY_STATE); request.setQueryString(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue() + "=" + logoutMessage + "&" + ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getDefaultValue() + "=" + RELAY_STATE); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().addSessionById(TICKET, session); filter.doFilter(request, response, filterChain); assertNull(SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().removeSessionByMappingId(TICKET)); } }
/** * SingleSignOutFilter 登出过滤器 * 该过滤器用于实现单点登出功能,可选配置 * * @return */ @Bean public FilterRegistrationBean filterSingleRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new SingleSignOutFilter()); // 设定匹配的路径 registration.addUrlPatterns("/*"); Map<String, String> initParameters = new HashMap(); initParameters.put("casServerUrlPrefix", CasConfig.CAS_SERVER_LOGIN_PATH); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
/** * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前 */ @Bean public FilterRegistrationBean singleSignOutFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new SingleSignOutFilter()); filterRegistration.setEnabled(casEnabled); if(autoconfig.getSignOutFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters()); else filterRegistration.addUrlPatterns("/*"); filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix()); filterRegistration.addInitParameter("serverName", autoconfig.getServerName()); filterRegistration.setOrder(3); return filterRegistration; }
@Override public void init(HttpSecurity http) throws Exception { CasAuthenticationFilter filter = new CasAuthenticationFilter(); filter.setAuthenticationManager(authenticationManager()); filter.setRequiresAuthenticationRequestMatcher(getAuthenticationRequestMatcher()); filter.setServiceProperties(serviceProperties); filterConfigurer.configure(filter); SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter(); singleSignOutFilterConfigurer.configure(singleSignOutFilter); if (securityProperties.isRequireSsl()) { http.requiresChannel().anyRequest().requiresSecure(); } if (!securityProperties.isEnableCsrf()) { http.csrf().disable(); } SpringBootWebSecurityConfiguration.configureHeaders(http.headers(), securityProperties.getHeaders()); http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint) .and() .addFilterBefore(singleSignOutFilter, CsrfFilter.class) .addFilter(filter); if (securityProperties.getBasic().isEnabled()) { BasicAuthenticationFilter basicAuthFilter = new BasicAuthenticationFilter( http.getSharedObject(ApplicationContext.class).getBean(AuthenticationManager.class)); http.addFilterBefore(basicAuthFilter, CasAuthenticationFilter.class); } }