org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler Java Examples

The following examples show how to use org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SecurityConfig.java    From pizzeria with MIT License 6 votes vote down vote up
@Bean
public LogoutSuccessHandler logoutSuccessHandler() {
    ContentNegotiationStrategy contentNegotiationStrategy = new HeaderContentNegotiationStrategy();

    MediaTypeRequestMatcher jsonMediaTypeRequestMatcher = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_JSON);
    jsonMediaTypeRequestMatcher.setUseEquals(true);

    LinkedHashMap<RequestMatcher, LogoutSuccessHandler> matcherToHandler = new LinkedHashMap<>();
    matcherToHandler.put(jsonMediaTypeRequestMatcher, new HttpStatusReturningLogoutSuccessHandler());

    DelegatingLogoutSuccessHandler delegatingLogoutSuccessHandler = new DelegatingLogoutSuccessHandler(matcherToHandler);

    SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
    simpleUrlLogoutSuccessHandler.setUseReferer(true);
    simpleUrlLogoutSuccessHandler.setDefaultTargetUrl("/");

    delegatingLogoutSuccessHandler.setDefaultLogoutSuccessHandler(simpleUrlLogoutSuccessHandler);

    return delegatingLogoutSuccessHandler;
}
 
Example #2
Source File: AuthenticationHandler.java    From blackduck-alert with Apache License 2.0 5 votes vote down vote up
@Bean
public SimpleUrlLogoutSuccessHandler successLogoutHandler() {
    SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler =
        new SimpleUrlLogoutSuccessHandler();
    simpleUrlLogoutSuccessHandler.setDefaultTargetUrl("/");
    simpleUrlLogoutSuccessHandler.setAlwaysUseDefaultTargetUrl(true);
    return simpleUrlLogoutSuccessHandler;
}
 
Example #3
Source File: InsightsSecurityConfigurationAdapterSAML.java    From Insights with Apache License 2.0 5 votes vote down vote up
/**
 * used to initialize successLogoutHandler and it also redirect to insights
 * Application API when SSO logout is successful
 * 
 * @return
 */
@Bean
@Conditional(InsightsSAMLBeanInitializationCondition.class)
public SimpleUrlLogoutSuccessHandler successLogoutHandler() {
	LOG.debug(" Inside successLogoutHandler ==== ");
	SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
	simpleUrlLogoutSuccessHandler.setDefaultTargetUrl("/user/insightsso/logout");
	simpleUrlLogoutSuccessHandler.setAlwaysUseDefaultTargetUrl(true);
	return simpleUrlLogoutSuccessHandler;
}
 
Example #4
Source File: LogoutConfigurerTest.java    From spring-boot-security-saml with MIT License 5 votes vote down vote up
@Test
public void configure_defaults() throws Exception {
    LogoutConfigurer configurer = spy(new LogoutConfigurer());
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
    when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
    when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties).getDefaultTargetUrl();
    verify(logoutProperties, times(2)).isInvalidateSession();
    verify(logoutProperties, times(2)).isClearAuthentication();
    verify(logoutProperties).getLogoutUrl();
    verify(logoutProperties).getSingleLogoutUrl();
    verify(successHandler).setDefaultTargetUrl(eq(logoutProperties.getDefaultTargetUrl()));
    verify(localHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
    verify(localHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
    verify(globalHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
    verify(globalHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
 
Example #5
Source File: LogoutConfigurerTest.java    From spring-boot-security-saml with MIT License 5 votes vote down vote up
@Test
public void configure_handlers_defaults() throws Exception {
    LogoutConfigurer configurer = new LogoutConfigurer();
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    configurer
            .successHandler(successHandler)
            .localHandler(localHandler)
            .globalHandler(globalHandler);
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties, never()).getDefaultTargetUrl();
    verify(logoutProperties, never()).isInvalidateSession();
    verify(logoutProperties, never()).isClearAuthentication();
    verify(logoutProperties).getLogoutUrl();
    verify(logoutProperties).getSingleLogoutUrl();
    verifyZeroInteractions(successHandler, localHandler, globalHandler);
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
 
Example #6
Source File: LogoutConfigurerTest.java    From spring-boot-security-saml with MIT License 5 votes vote down vote up
@Test
public void configure_arguments() throws Exception {
    LogoutConfigurer configurer = spy(new LogoutConfigurer());
    SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
    SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
    SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
    when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
    when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
    when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
    configurer
            .defaultTargetURL("/default")
            .clearAuthentication(false)
            .invalidateSession(true)
            .logoutURL("/lo")
            .singleLogoutURL("/slo");
    configurer.init(builder);
    configurer.configure(builder);
    ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
    ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
    verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
    verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
    verify(logoutProperties, never()).getDefaultTargetUrl();
    verify(logoutProperties, never()).isInvalidateSession();
    verify(logoutProperties, never()).isClearAuthentication();
    verify(logoutProperties, never()).getLogoutUrl();
    verify(logoutProperties, never()).getSingleLogoutUrl();
    verify(successHandler).setDefaultTargetUrl(eq("/default"));
    verify(localHandler).setClearAuthentication(eq(false));
    verify(localHandler).setInvalidateHttpSession(eq(true));
    verify(globalHandler).setClearAuthentication(eq(false));
    verify(globalHandler).setInvalidateHttpSession(eq(true));
    SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
    SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
    assertThat(logoutFilter).isNotNull();
    assertThat(logoutProcessingFilter).isNotNull();
    assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo("/lo");
    assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo("/slo");
    assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo("/lo");
    assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo("/slo");
}
 
Example #7
Source File: SecurityAutoConfiguration.java    From hawkbit with Eclipse Public License 1.0 5 votes vote down vote up
/**
 * @return {@link LogoutSuccessHandler} bean
 */
@Bean
@ConditionalOnMissingBean
public LogoutSuccessHandler logoutSuccessHandler() {
    final SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
    simpleUrlLogoutSuccessHandler.setTargetUrlParameter("login");
    return simpleUrlLogoutSuccessHandler;
}
 
Example #8
Source File: LogoutConfigurer.java    From spring-boot-security-saml with MIT License 4 votes vote down vote up
@VisibleForTesting
protected SimpleUrlLogoutSuccessHandler createDefaultSuccessHandler() {
    return new SimpleUrlLogoutSuccessHandler();
}
 
Example #9
Source File: SAMLConfigurer.java    From spring-security-saml-dsl with MIT License 4 votes vote down vote up
private SimpleUrlLogoutSuccessHandler successLogoutHandler() {
	SimpleUrlLogoutSuccessHandler logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
	logoutSuccessHandler.setDefaultTargetUrl("/");
	return logoutSuccessHandler;
}
 
Example #10
Source File: SAMLConfig.java    From spring-boot-security-saml-samples with MIT License 4 votes vote down vote up
@Bean
public SimpleUrlLogoutSuccessHandler successLogoutHandler() {
    SimpleUrlLogoutSuccessHandler handler = new SimpleUrlLogoutSuccessHandler();
    handler.setDefaultTargetUrl("/");
    return handler;
}
 
Example #11
Source File: WallRideSecurityConfiguration.java    From wallride with Apache License 2.0 4 votes vote down vote up
@Override
		protected void configure(HttpSecurity http) throws Exception {
			RedirectStrategy redirectStrategy = new BlogLanguageRedirectStrategy();

			SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
			successHandler.setRedirectStrategy(redirectStrategy);
			successHandler.setDefaultTargetUrl("/");

			SimpleUrlAuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler("/login?failed");
			failureHandler.setRedirectStrategy(redirectStrategy);

			SimpleUrlLogoutSuccessHandler logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
			logoutSuccessHandler.setRedirectStrategy(redirectStrategy);
			logoutSuccessHandler.setDefaultTargetUrl("/");

			// @formatter:off
			http.antMatcher("/**")
				.authorizeRequests()
					.accessDecisionManager(accessDecisionManager)
//		            .expressionHandler(securityExpressionHandler)
					.antMatchers("/settings/**").hasRole("VIEWER")
					.antMatchers("/comments/**").hasRole("VIEWER")
					.and()
				.formLogin()
					.loginPage("/login").permitAll()
					.loginProcessingUrl("/login")
					.successHandler(successHandler)
					.failureHandler(failureHandler)
					.and()
				.logout()
					.logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET"))
					.logoutSuccessHandler(logoutSuccessHandler)
					.and()
				.rememberMe()
					.tokenRepository(persistentTokenRepository)
					.and()
				.headers()
					.frameOptions().disable()
					.cacheControl().disable()
					.httpStrictTransportSecurity().disable()
					.and()
				.csrf()
					.disable()
				.exceptionHandling()
					.accessDeniedPage("/login");
			// @formatter:on
		}