/* * Copyright (C) 2008-2012 Open Wide SA * * This program is FREE software. You can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your opinion) any later version. * * This program is distributed in the HOPE that it will be USEFUL, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, write to the Free Software Foundation, * Inc. ,59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * More information at http://knowledge.openwide.fr/bin/view/Main/AlfrescoETLConnector/ * */ package fr.openwide.talendalfresco.rest.server.command; import java.util.Map; import javax.faces.context.FacesContext; import javax.servlet.http.HttpSession; import javax.xml.stream.XMLStreamException; import org.alfresco.web.app.Application; import org.alfresco.web.app.servlet.AuthenticationHelper; import org.alfresco.web.bean.repository.User; import fr.openwide.talendalfresco.rest.RestConstants; import fr.openwide.talendalfresco.rest.server.processor.RestCommandBase; /** * TODO remove command or FacesContext * * @author Marc Dutoo - Open Wide SA * */ public class LogoutCommand extends RestCommandBase { private static final String[] PROPERTIES = new String[] { }; public String[] getPropertyNames() { return PROPERTIES; } public LogoutCommand() { super(RestConstants.CMD_LOGOUT); } @SuppressWarnings("unchecked") public void executeImpl() throws XMLStreamException { // Invalidate Session for this user. if (Application.inPortalServer() == false) { // This causes the sessionDestroyed() event to be processed by ContextListener // which is responsible for invalidating the ticket and clearing the security context HttpSession session = httpRequest.getSession(false); session.invalidate(); // session exists, since this command requires login } else if (FacesContext.getCurrentInstance() != null) { // explicit security cleanup so the HTTP session will still be alive Map sessionMap = FacesContext.getCurrentInstance().getExternalContext().getSessionMap(); User user = (User) sessionMap.get(AuthenticationHelper.AUTHENTICATION_USER); if (user != null) { // invalidate ticket and clear the Security context for this thread authenticationService.invalidateTicket(user.getTicket()); authenticationService.clearCurrentSecurityContext(); } // remove all objects from our session by hand // we do this as invalidating the Portal session would invalidate all other portlets! for (Object key : sessionMap.keySet()) { sessionMap.remove(key); } // set language to last used String language = "fr_FR"; //TODO better if (language != null && language.length() != 0) { Application.setLanguage(FacesContext.getCurrentInstance(), language); } // Request that the username cookie state is removed - this is not // possible from JSF - so instead we setup a session variable // which will be detected by the login.jsp/Portlet as appropriate. sessionMap.put(AuthenticationHelper.SESSION_INVALIDATED, true); } } }