/* * Copyright 2007 The JA-SIG Collaborative. All rights reserved. See license * distributed with this file and available online at * http://www.ja-sig.org/products/cas/overview/license/index.html */ package com.agiletec.plugins.jpcasclient.aps.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.jasig.cas.client.session.HashMapBackedSessionMappingStorage; import org.jasig.cas.client.session.SessionMappingStorage; import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.util.XmlUtils; import com.agiletec.aps.system.ApsSystemUtils; import com.agiletec.aps.util.ApsWebApplicationUtils; import com.agiletec.plugins.jpcasclient.CasClientPluginSystemCostants; import com.agiletec.plugins.jpcasclient.aps.system.services.config.ICasClientConfigManager; import org.slf4j.Logger; /** * Implements the Single Sign Out protocol. It handles registering the session and destroying the session. * Zuanni's change setting encodnig to UTF8 and minor refactorings like managing plugin disactivation config * parameter and jAPs style logs. * @author Scott Battaglia * @author zuanni * @version $Revision$ $Date$ * @since 3.1 */ public class CasSingleSignOutFilter implements Filter { @Override public void init(final FilterConfig filterConfig) throws ServletException { _log = ApsSystemUtils.getLogger(); } @Override public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) servletRequest; request.setCharacterEncoding("UTF-8"); ICasClientConfigManager configManager = (ICasClientConfigManager) ApsWebApplicationUtils.getBean(CasClientPluginSystemCostants.JPCASCLIENT_CONFIG_MANAGER, request); boolean isActive = configManager.getClientConfig().isActive(); if (isActive) { if ("POST".equals(request.getMethod())) { final String logoutRequest = request.getParameter("logoutRequest"); if (CommonUtils.isNotBlank(logoutRequest)) { _log.debug("Logout request=[" + logoutRequest + "]"); final String sessionIdentifier = XmlUtils.getTextForElement(logoutRequest, "SessionIndex"); if (CommonUtils.isNotBlank(sessionIdentifier)) { final HttpSession session = SESSION_MAPPING_STORAGE.removeSessionByMappingId(sessionIdentifier); if (session != null) { String sessionID = session.getId(); _log.debug("Invalidating session [" + sessionID + "] for ST [" + sessionIdentifier + "]"); try { session.invalidate(); } catch (final IllegalStateException e) { ApsSystemUtils.logThrowable(e, this, "doFilter"); } } return; } } } else { final String artifact = request.getParameter(this._artifactParameterName); final HttpSession session = request.getSession(); if (session != null) { _log.debug("Storing session identifier for " + session.getId()); } if (CommonUtils.isNotBlank(artifact)) { try { SESSION_MAPPING_STORAGE.removeBySessionById(session.getId()); } catch (final Exception e) { // ignore if the session is already marked as invalid. Nothing we can do! } SESSION_MAPPING_STORAGE.addSessionById(artifact, session); } } } filterChain.doFilter(servletRequest, servletResponse); } public void setSessionMappingStorage(final SessionMappingStorage storage) { SESSION_MAPPING_STORAGE = storage; } public static SessionMappingStorage getSessionMappingStorage() { return SESSION_MAPPING_STORAGE; } @Override public void destroy() { // nothing to do } /** * The name of the artifact parameter. This is used to capture the session identifier. */ private final static String _artifactParameterName = "ticket"; private static SessionMappingStorage SESSION_MAPPING_STORAGE = new HashMapBackedSessionMappingStorage(); private static Logger _log; }