org.springframework.security.saml.SAMLLogoutFilter Java Examples
The following examples show how to use
org.springframework.security.saml.SAMLLogoutFilter.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SAMLConfigurer.java From spring-security-saml-dsl with MIT License | 6 votes |
|
private FilterChainProxy samlFilter(SAMLEntryPoint samlEntryPoint, SAMLLogoutFilter samlLogoutFilter,
SAMLLogoutProcessingFilter samlLogoutProcessingFilter, SAMLContextProvider contextProvider) {
List<SecurityFilterChain> chains = new ArrayList<>();
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
samlEntryPoint));
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
samlLogoutFilter));
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/metadata/**"),
metadataDisplayFilter(contextProvider)));
try {
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
samlWebSSOProcessingFilter(samlAuthenticationProvider, contextProvider, samlProcessor)));
} catch (Exception e) {
e.printStackTrace();
}
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"),
samlLogoutProcessingFilter));
SAMLDiscovery samlDiscovery = new SAMLDiscovery();
samlDiscovery.setMetadata(cachingMetadataManager);
samlDiscovery.setContextProvider(contextProvider);
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
samlDiscovery));
return new FilterChainProxy(chains);
}
Example #2
| Source File: InsightsSecurityConfigurationAdapterSAML.java From Insights with Apache License 2.0 | 5 votes |
|
/**
* used to initialize logout Handler
*
* @return
*/
@Bean
@Conditional(InsightsSAMLBeanInitializationCondition.class)
public SAMLLogoutFilter samlLogoutFilter() {
LOG.debug(" Inside samlLogoutFilter ==== ");
return new SAMLLogoutFilter(successLogoutHandler(), new LogoutHandler[] { logoutHandler() },
new LogoutHandler[] { logoutHandler() });
}
Example #3
| Source File: LogoutConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_defaults() throws Exception {
LogoutConfigurer configurer = spy(new LogoutConfigurer());
SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
configurer.init(builder);
configurer.configure(builder);
ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
verify(logoutProperties).getDefaultTargetUrl();
verify(logoutProperties, times(2)).isInvalidateSession();
verify(logoutProperties, times(2)).isClearAuthentication();
verify(logoutProperties).getLogoutUrl();
verify(logoutProperties).getSingleLogoutUrl();
verify(successHandler).setDefaultTargetUrl(eq(logoutProperties.getDefaultTargetUrl()));
verify(localHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
verify(localHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
verify(globalHandler).setClearAuthentication(eq(logoutProperties.isClearAuthentication()));
verify(globalHandler).setInvalidateHttpSession(eq(logoutProperties.isInvalidateSession()));
SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
assertThat(logoutFilter).isNotNull();
assertThat(logoutProcessingFilter).isNotNull();
assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
Example #4
| Source File: LogoutConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_handlers_defaults() throws Exception {
LogoutConfigurer configurer = new LogoutConfigurer();
SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
configurer
.successHandler(successHandler)
.localHandler(localHandler)
.globalHandler(globalHandler);
configurer.init(builder);
configurer.configure(builder);
ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
verify(logoutProperties, never()).getDefaultTargetUrl();
verify(logoutProperties, never()).isInvalidateSession();
verify(logoutProperties, never()).isClearAuthentication();
verify(logoutProperties).getLogoutUrl();
verify(logoutProperties).getSingleLogoutUrl();
verifyZeroInteractions(successHandler, localHandler, globalHandler);
SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
assertThat(logoutFilter).isNotNull();
assertThat(logoutProcessingFilter).isNotNull();
assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getLogoutUrl());
assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo(logoutProperties.getSingleLogoutUrl());
assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo(logoutProperties.getLogoutUrl());
assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo(logoutProperties.getSingleLogoutUrl());
}
Example #5
| Source File: LogoutConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_arguments() throws Exception {
LogoutConfigurer configurer = spy(new LogoutConfigurer());
SimpleUrlLogoutSuccessHandler successHandler = mock(SimpleUrlLogoutSuccessHandler.class);
SecurityContextLogoutHandler localHandler = mock(SecurityContextLogoutHandler.class);
SecurityContextLogoutHandler globalHandler = mock(SecurityContextLogoutHandler.class);
when(configurer.createDefaultSuccessHandler()).thenReturn(successHandler);
when(configurer.createDefaultLocalHandler()).thenReturn(localHandler);
when(configurer.createDefaultGlobalHandler()).thenReturn(globalHandler);
configurer
.defaultTargetURL("/default")
.clearAuthentication(false)
.invalidateSession(true)
.logoutURL("/lo")
.singleLogoutURL("/slo");
configurer.init(builder);
configurer.configure(builder);
ArgumentCaptor<SAMLLogoutFilter> logoutFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutFilter.class);
ArgumentCaptor<SAMLLogoutProcessingFilter> logoutProcessingFilterCaptor = ArgumentCaptor.forClass(SAMLLogoutProcessingFilter.class);
verify(builder).setSharedObject(eq(SAMLLogoutFilter.class), logoutFilterCaptor.capture());
verify(builder).setSharedObject(eq(SAMLLogoutProcessingFilter.class), logoutProcessingFilterCaptor.capture());
verify(logoutProperties, never()).getDefaultTargetUrl();
verify(logoutProperties, never()).isInvalidateSession();
verify(logoutProperties, never()).isClearAuthentication();
verify(logoutProperties, never()).getLogoutUrl();
verify(logoutProperties, never()).getSingleLogoutUrl();
verify(successHandler).setDefaultTargetUrl(eq("/default"));
verify(localHandler).setClearAuthentication(eq(false));
verify(localHandler).setInvalidateHttpSession(eq(true));
verify(globalHandler).setClearAuthentication(eq(false));
verify(globalHandler).setInvalidateHttpSession(eq(true));
SAMLLogoutFilter logoutFilter = logoutFilterCaptor.getValue();
SAMLLogoutProcessingFilter logoutProcessingFilter = logoutProcessingFilterCaptor.getValue();
assertThat(logoutFilter).isNotNull();
assertThat(logoutProcessingFilter).isNotNull();
assertThat(logoutFilter.getFilterProcessesUrl()).isEqualTo("/lo");
assertThat(logoutProcessingFilter.getFilterProcessesUrl()).isEqualTo("/slo");
assertThat(serviceProviderEndpoints.getLogoutURL()).isEqualTo("/lo");
assertThat(serviceProviderEndpoints.getSingleLogoutURL()).isEqualTo("/slo");
}
Example #6
| Source File: AuthenticationHandler.java From blackduck-alert with Apache License 2.0 | 4 votes |
|
@Bean
public SAMLLogoutFilter samlLogoutFilter() {
return new SAMLLogoutFilter(successLogoutHandler(),
new LogoutHandler[] { logoutHandler() },
new LogoutHandler[] { logoutHandler() });
}
Example #7
| Source File: WebSecurityConfig.java From spring-boot-security-saml-sample with Apache License 2.0 | 4 votes |
|
@Bean
public SAMLLogoutFilter samlLogoutFilter() {
return new SAMLLogoutFilter(successLogoutHandler(),
new LogoutHandler[] { logoutHandler() },
new LogoutHandler[] { logoutHandler() });
}
