Class ProcessLogoutRequest
java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.saml.saml2.profile.impl.ProcessLogoutRequest
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
Profile action that processes a
LogoutRequest by resolving matching sessions, and destroys them,
populating the associated SPSession objects (excepting the one initiating the logout) into a
LogoutContext.
A SubjectContext is also populated. If and only if a single IdPSession is resolved,
a SessionContext is also populated.
Each SPSession is also assigned a unique number and inserted into the map
returned by LogoutContext.getKeyedSessionMap().
- Event:
EventIds.PROCEED_EVENT_ID,EventIds.INVALID_PROFILE_CTX,EventIds.INVALID_MESSAGE,EventIds.IO_ERROR,SAMLEventIds.SESSION_NOT_FOUND- Postcondition:
- If at least one
IdPSessionwas found, then aSubjectContextandLogoutContextwill be populated., If a singleIdPSessionwas found, then aSessionContextwill be populated.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate StringCached lookup of assertingParty name.private Function<ProfileRequestContext,String> Optional lookup function for obtaining default NameQualifier.private final org.slf4j.LoggerClass logger.private Function<ProfileRequestContext,LogoutContext> Creation/lookup function for LogoutContext.private LogoutRequestLogoutRequest to process.private Function<ProfileRequestContext,LogoutRequest> Lookup strategy forLogoutRequestto process.NameIDFormats allowing defaulted qualifiers.private Function<ProfileRequestContext,Collection<String>> Lookup strategy for obtaining qualifier-defaultable NameID Formats.private StringCached lookup of relyingParty name.private Function<ProfileRequestContext,String> Optional lookup function for obtaining default SPNameQualifier.private Function<ProfileRequestContext,SessionContext> Creation/lookup function for SessionContext.private SessionResolverSession resolver.private Function<ProfileRequestContext,CriteriaSet> Function to returnCriteriaSetto give to session resolver.private Function<ProfileRequestContext,SubjectContext> Creation/lookup function for SubjectContext. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoExecute(ProfileRequestContext profileRequestContext) protected voidprotected booleandoPreExecute(ProfileRequestContext profileRequestContext) private booleansessionMatches(ProfileRequestContext profileRequestContext, IdPSession session) Check if the session contains aSAML2SPSessionwith the appropriate service ID and SessionIndex.private booleansessionMatches(ProfileRequestContext profileRequestContext, SPSession session) Check if theSPSessionhas the appropriate service ID and SessionIndex.voidSet the lookup strategy to obtain the default IdP NameQualifier.voidSet the creation/lookup strategy for theLogoutContextto populate.voidSet the lookup strategy for theLogoutRequestto process.voidsetQualifiedNameIDFormatsLookupStrategy(Function<ProfileRequestContext, Collection<String>> strategy) Set the lookup strategy for theNameIDFormats to allow defaulted qualifiers.voidSet the lookup strategy to obtain the default SPNameQualifier.voidSet the creation/lookup strategy for theSessionContextto populate.voidsetSessionResolver(SessionResolver resolver) Set theSessionResolverto use.voidSet the strategy for building theCriteriaSetto feed into theSessionResolver.voidSet the creation/lookup strategy for theSubjectContextto populate.Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategyMethods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationConditionMethods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponseMethods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
sessionResolver
Session resolver. -
subjectContextCreationStrategy
Creation/lookup function for SubjectContext. -
sessionContextCreationStrategy
Creation/lookup function for SessionContext. -
logoutContextCreationStrategy
Creation/lookup function for LogoutContext. -
sessionResolverCriteriaStrategy
Function to returnCriteriaSetto give to session resolver. -
logoutRequestLookupStrategy
Lookup strategy forLogoutRequestto process. -
qualifiedNameIDFormatsLookupStrategy
@Nonnull private Function<ProfileRequestContext,Collection<String>> qualifiedNameIDFormatsLookupStrategyLookup strategy for obtaining qualifier-defaultable NameID Formats. -
assertingPartyLookupStrategy
Optional lookup function for obtaining default NameQualifier. -
relyingPartyLookupStrategy
Optional lookup function for obtaining default SPNameQualifier. -
logoutRequest
LogoutRequest to process. -
qualifiedNameIDFormats
NameIDFormats allowing defaulted qualifiers. -
assertingParty
Cached lookup of assertingParty name. -
relyingParty
Cached lookup of relyingParty name.
-
-
Constructor Details
-
ProcessLogoutRequest
public ProcessLogoutRequest()Constructor.
-
-
Method Details
-
setSessionResolver
Set theSessionResolverto use.- Parameters:
resolver- session resolver to use
-
setSubjectContextCreationStrategy
public void setSubjectContextCreationStrategy(@Nonnull Function<ProfileRequestContext, SubjectContext> strategy) Set the creation/lookup strategy for theSubjectContextto populate.- Parameters:
strategy- creation/lookup strategy
-
setSessionContextCreationStrategy
public void setSessionContextCreationStrategy(@Nonnull Function<ProfileRequestContext, SessionContext> strategy) Set the creation/lookup strategy for theSessionContextto populate.- Parameters:
strategy- creation/lookup strategy
-
setLogoutContextCreationStrategy
public void setLogoutContextCreationStrategy(@Nonnull Function<ProfileRequestContext, LogoutContext> strategy) Set the creation/lookup strategy for theLogoutContextto populate.- Parameters:
strategy- creation/lookup strategy
-
setSessionResolverCriteriaStrategy
public void setSessionResolverCriteriaStrategy(@Nonnull Function<ProfileRequestContext, CriteriaSet> strategy) Set the strategy for building theCriteriaSetto feed into theSessionResolver.- Parameters:
strategy- building strategy
-
setLogoutRequestLookupStrategy
public void setLogoutRequestLookupStrategy(@Nonnull Function<ProfileRequestContext, LogoutRequest> strategy) Set the lookup strategy for theLogoutRequestto process.- Parameters:
strategy- lookup strategy
-
setQualifiedNameIDFormatsLookupStrategy
public void setQualifiedNameIDFormatsLookupStrategy(@Nonnull Function<ProfileRequestContext, Collection<String>> strategy) Set the lookup strategy for theNameIDFormats to allow defaulted qualifiers.- Parameters:
strategy- lookup strategy- Since:
- 3.4.0
-
setAssertingPartyLookupStrategy
public void setAssertingPartyLookupStrategy(@Nullable Function<ProfileRequestContext, String> strategy) Set the lookup strategy to obtain the default IdP NameQualifier.- Parameters:
strategy- lookup strategy- Since:
- 3.4.0
-
setRelyingPartyLookupStrategy
public void setRelyingPartyLookupStrategy(@Nullable Function<ProfileRequestContext, String> strategy) Set the lookup strategy to obtain the default SPNameQualifier.- Parameters:
strategy- lookup strategy- Since:
- 3.4.0
-
doInitialize
- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
doPreExecute
- Overrides:
doPreExecutein classAbstractConditionalProfileAction
-
doExecute
- Overrides:
doExecutein classAbstractProfileAction
-
sessionMatches
private boolean sessionMatches(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull IdPSession session) Check if the session contains aSAML2SPSessionwith the appropriate service ID and SessionIndex.- Parameters:
profileRequestContext- current profile request contextsession-IdPSessionto check- Returns:
- true iff the set of
SPSessions includes one applicable to the logout request
-
sessionMatches
private boolean sessionMatches(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull SPSession session) Check if theSPSessionhas the appropriate service ID and SessionIndex.
-