Java Code Examples for org.springframework.security.saml.SAMLLogoutProcessingFilter

The following examples show how to use org.springframework.security.saml.SAMLLogoutProcessingFilter. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: spring-security-saml-dsl   Source File: SAMLConfigurer.java    License: MIT License 6 votes vote down vote up
private FilterChainProxy samlFilter(SAMLEntryPoint samlEntryPoint, SAMLLogoutFilter samlLogoutFilter,
									SAMLLogoutProcessingFilter samlLogoutProcessingFilter, SAMLContextProvider contextProvider) {
	List<SecurityFilterChain> chains = new ArrayList<>();
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
		samlEntryPoint));
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
		samlLogoutFilter));
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/metadata/**"),
		metadataDisplayFilter(contextProvider)));
	try {
		chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
			samlWebSSOProcessingFilter(samlAuthenticationProvider, contextProvider, samlProcessor)));
	} catch (Exception e) {
		e.printStackTrace();
	}
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"),
			samlLogoutProcessingFilter));
	SAMLDiscovery samlDiscovery = new SAMLDiscovery();
	samlDiscovery.setMetadata(cachingMetadataManager);
	samlDiscovery.setContextProvider(contextProvider);
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
		samlDiscovery));
	return new FilterChainProxy(chains);
}
 
Example 2
/**
 * used to initialize logout processing filter
 * 
 * @return
 */
@Bean
@Conditional(InsightsSAMLBeanInitializationCondition.class)
public SAMLLogoutProcessingFilter samlLogoutProcessingFilter() {
	LOG.debug(" Inside samlLogoutProcessingFilter ==== ");
	return new SAMLLogoutProcessingFilter(successLogoutHandler(), logoutHandler());
}
 
Example 3
Source Project: spring-boot-security-saml   Source File: LogoutConfigurerTest.java    License: MIT License 5 votes vote down vote up
@Test
public void configure_defaults() throws Exception {
    LogoutConfigurer configurer = spy(new LogoutConfigurer());
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
    when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
    when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties).getDefaultTargetUrl();
    verify(logoutProperties, times(2)).isInvalidateSession();
    verify(logoutProperties, times(2)).isClearAuthentication();
    verify(logoutProperties).getLogoutUrl();
    verify(logoutProperties).getSingleLogoutUrl();
    verify(successHandler).setDefaultTargetUrl(eq(logoutProperties.getDefaultTargetUrl()));
    verify(localHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
    verify(localHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
    verify(globalHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
    verify(globalHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
 
Example 4
Source Project: spring-boot-security-saml   Source File: LogoutConfigurerTest.java    License: MIT License 5 votes vote down vote up
@Test
public void configure_handlers_defaults() throws Exception {
    LogoutConfigurer configurer = new LogoutConfigurer();
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    configurer
            .successHandler(successHandler)
            .localHandler(localHandler)
            .globalHandler(globalHandler);
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties, never()).getDefaultTargetUrl();
    verify(logoutProperties, never()).isInvalidateSession();
    verify(logoutProperties, never()).isClearAuthentication();
    verify(logoutProperties).getLogoutUrl();
    verify(logoutProperties).getSingleLogoutUrl();
    verifyZeroInteractions(successHandler, localHandler, globalHandler);
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
 
Example 5
Source Project: spring-boot-security-saml   Source File: LogoutConfigurerTest.java    License: MIT License 5 votes vote down vote up
@Test
public void configure_arguments() throws Exception {
    LogoutConfigurer configurer = spy(new LogoutConfigurer());
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
    when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
    when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
    configurer
            .defaultTargetURL("/default")
            .clearAuthentication(false)
            .invalidateSession(true)
            .logoutURL("/lo")
            .singleLogoutURL("/slo");
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties, never()).getDefaultTargetUrl();
    verify(logoutProperties, never()).isInvalidateSession();
    verify(logoutProperties, never()).isClearAuthentication();
    verify(logoutProperties, never()).getLogoutUrl();
    verify(logoutProperties, never()).getSingleLogoutUrl();
    verify(successHandler).setDefaultTargetUrl(eq("/default"));
    verify(localHandler).setClearAuthentication(eq(false));
    verify(localHandler).setInvalidateHttpSession(eq(true));
    verify(globalHandler).setClearAuthentication(eq(false));
    verify(globalHandler).setInvalidateHttpSession(eq(true));
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo("/lo");
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo("/slo");
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo("/lo");
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo("/slo");
}
 
Example 6
Source Project: blackduck-alert   Source File: AuthenticationHandler.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
public SAMLLogoutProcessingFilter samlLogoutProcessingFilter() {
    return new SAMLLogoutProcessingFilter(successLogoutHandler(), logoutHandler());
}
 
Example 7
@Bean
public SAMLLogoutProcessingFilter samlLogoutProcessingFilter() {
    return new SAMLLogoutProcessingFilter(successLogoutHandler(),
            logoutHandler());
}