com.sun.identity.federation.services.logout

Class FSLogoutUtil

java.lang.Object

com.sun.identity.federation.services.logout.FSLogoutUtil

public class FSLogoutUtil
extends Object

Utility class for single logout.

Constructor Summary

Constructors

Constructor and Description
FSLogoutUtil()

Method Summary

Modifier and Type	Method and Description
protected static boolean	cleanSessionMap(String userDn, String metaAlias, FSSession session) Cleans the FSSessionManager maintained session for the given principal.
static void	cleanSessionMapPartnerList(String userDN, String currentEntityId, String metaAlias, FSSession session) Cleans the FSSessionManager maintained session for the given principal, provider Id and removes all references to the provider since logout notification has already been sent to that provider.
protected static boolean	cleanSessionMapProviders(String userID, Vector sessionList, String metaAlias) Cleans the FSSessionManager maintained session information for the user for the given list of sessions.
protected static boolean	destroyLocalSession(Object ssoToken, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Destroys local session.
protected static boolean	destroyPrincipalSession(String userID, String metaAlias, String sessionIndex, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Destroys the principal's session.
protected static HashMap	getCurrentProvider(String userID, String metaAlias) Returns the information for the given principal and one of the live connections (provider that received/issued assertion for this user) including sessionIndex, provider Id etc.
static HashMap	getCurrentProvider(String userID, String metaAlias, Object ssoToken)
static HashMap	getCurrentProvider(String userID, String metaAlias, Object ssoToken, FSSession curSession)
protected static FSAccountFedInfo	getCurrentWorkingAccount(String userID, String entityID, String metaAlias) Returns the FSAccountFedInfo object for the given principal and provider Id.
protected static HashMap	getLogoutGETProviders(String userID, String entityId, String sessionIndex, String realm, String metaAlias) Returns the list of all providers who want to be notified of logout using HTTP GET profile.
protected static Vector	getSessionObjectList(String userDn, String metaAlias, String sessionIndex) Gets the list of the principal's active sessionID that is maintained by FSSessionManager.
static String	getUserFromRequest(FSLogoutNotification reqLogout, String realm, String hostedEntityId, String hostedRole, com.sun.identity.federation.jaxb.entityconfig.BaseConfigType hostedConfig, String metaAlias) Determines the user name from the logout request.
protected static Object	getValidToken(javax.servlet.http.HttpServletRequest request) Retrieves the session token from the Http Request, and validates the token with the OpenAM session manager.
static boolean	isIDPInitiatedProfile(String profile) Returns true if this is IDP initiated profiles, false otherwise.
static boolean	liveConnectionsExist(String userID, String metaAlias) Finds out if there is at least one more partner who should be notified of logout
static void	removeCurrentSessionPartner(String metaAlias, String remoteEntityId, Object ssoToken, String userID) Removes current session partner from the session partner list.
static void	removeTokenFromSession(Object token, String metaAlias)
protected static void	returnToSource(javax.servlet.http.HttpServletResponse response, com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType remoteDescriptor, String bLogoutStatus, String commonErrorPage, int minorVersion, com.sun.identity.federation.jaxb.entityconfig.BaseConfigType hostedConfig, String hostedEntityId, String userID) Determines the return location and redirects based on logout Return URL of the provider that sent the logout request.
protected static void	sendErrorPage(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String providerAlias) Returns the hosted provider's failure page to the user.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

FSLogoutUtil

public FSLogoutUtil()

Method Detail

destroyPrincipalSession

protected static boolean destroyPrincipalSession(String userID,
                                                 String metaAlias,
                                                 String sessionIndex,
                                                 javax.servlet.http.HttpServletRequest request,
                                                 javax.servlet.http.HttpServletResponse response)

Destroys the principal's session. In order to destroy the user's session the following things need to be done 1. Destroy the Federation Session cookie (eg. iPlanetDirectoryPro) 2. Clean the Session manager (FSSessionManager related API call)

Parameters:

userID - the principal whose session needs to be destroyed

metaAlias - the hostedProvider's meta alias.

sessionIndex - Session Index of the user session.

request - HTTP Request Object.

response - HTTP Response Object.

Returns:

true if session cleanup was successful; false otherwise.

destroyLocalSession

protected static boolean destroyLocalSession(Object ssoToken,
                                             javax.servlet.http.HttpServletRequest request,
                                             javax.servlet.http.HttpServletResponse response)

Destroys local session.

Parameters:

ssoToken - session of the principal

Returns:

true if the local session is deleted; false otherwise.

getSessionObjectList

protected static Vector getSessionObjectList(String userDn,
                                             String metaAlias,
                                             String sessionIndex)

Gets the list of the principal's active sessionID that is maintained by FSSessionManager.

Parameters:

userDn - the principal whose session needs to be destroyed

metaAlias - the hosted Entity doing logout cleanup

sessionIndex - index of the user's session

Returns:

Vector list of active Session IDs

cleanSessionMapPartnerList

public static void cleanSessionMapPartnerList(String userDN,
                                              String currentEntityId,
                                              String metaAlias,
                                              FSSession session)

Cleans the FSSessionManager maintained session for the given principal, provider Id and removes all references to the provider since logout notification has already been sent to that provider.

Parameters:

userDN - the principal whose session needs to be destroyed

currentEntityId - the provider to whom logout notification is about to be sent

metaAlias - the hostedProvider doing logout cleanup

session - Liberty session.

cleanSessionMap

protected static boolean cleanSessionMap(String userDn,
                                         String metaAlias,
                                         FSSession session)

Cleans the FSSessionManager maintained session for the given principal. Logout notification has already been sent to all providers that had live connections for this user If FSSession is null, then it cleans up the user's all sessions.

Parameters:

userDn - the principal whose session needs to be destroyed

metaAlias - the hostedProvider doing logout cleanup

session - Liberty session.

Returns:

true if session map cleaning was successful; false otherwise.

getValidToken

protected static Object getValidToken(javax.servlet.http.HttpServletRequest request)

Retrieves the session token from the Http Request, and validates the token with the OpenAM session manager.

Parameters:

request - HTTPServletRequest object containing the session cookie information

Returns:

session token if request contained valid session info; false otherwise.

getCurrentWorkingAccount

protected static FSAccountFedInfo getCurrentWorkingAccount(String userID,
                                                           String entityID,
                                                           String metaAlias)

Returns the FSAccountFedInfo object for the given principal and provider Id.

Parameters:

userID - principal whose working account we want to retrieve

entityID - the provider Id to whom logout notification needs to be sent

metaAlias - hosted provider's meta alias

Returns:

account object for the given user, provider

getCurrentProvider

protected static HashMap getCurrentProvider(String userID,
                                            String metaAlias)

Returns the information for the given principal and one of the live connections (provider that received/issued assertion for this user) including sessionIndex, provider Id etc.

Parameters:

userID - principal who needs to be logged out

metaAlias - the hostedProvider doing logout cleanup

Returns:

HashMap information about live connection provider

getCurrentProvider

public static HashMap getCurrentProvider(String userID,
                                         String metaAlias,
                                         Object ssoToken)

getCurrentProvider

public static HashMap getCurrentProvider(String userID,
                                         String metaAlias,
                                         Object ssoToken,
                                         FSSession curSession)

liveConnectionsExist

public static boolean liveConnectionsExist(String userID,
                                           String metaAlias)

Finds out if there is at least one more partner who should be notified of logout

Parameters:

userID - principal who needs to be logged out

metaAlias - ther provider performing logout

Returns:

true if any provider exists; false otherwise.

cleanSessionMapProviders

protected static boolean cleanSessionMapProviders(String userID,
                                                  Vector sessionList,
                                                  String metaAlias)

Cleans the FSSessionManager maintained session information for the user for the given list of sessions.

Parameters:

userID - principal who needs to be logged out

sessionList - is the list of session Ids to be cleaned for the user

metaAlias - the provider performing logout

Returns:

always return true

getLogoutGETProviders

protected static HashMap getLogoutGETProviders(String userID,
                                               String entityId,
                                               String sessionIndex,
                                               String realm,
                                               String metaAlias)

Returns the list of all providers who want to be notified of logout using HTTP GET profile.

Parameters:

userID - principal who needs to be logged out

entityId - current provider who uses HTTP GET profile for logout

sessionIndex - for the current provider

realm - the realm in which the provider resides

metaAlias - the hosted provider performing logout

Returns:

HashMap list of providers who indicate preference to be notified of logout using GET profile

getUserFromRequest

public static String getUserFromRequest(FSLogoutNotification reqLogout,
                                        String realm,
                                        String hostedEntityId,
                                        String hostedRole,
                                        com.sun.identity.federation.jaxb.entityconfig.BaseConfigType hostedConfig,
                                        String metaAlias)

Determines the user name from the logout request.

Parameters:

reqLogout - the logout rerquest received

realm - the realm under which the entity resides

hostedEntityId - the hosted provider performing logout

hostedRole - the role of the hosted provider

hostedConfig - extended meta config for hosted provider

metaAlias - hosted provider's meta alias

Returns:

user id if the user is found; null otherwise.

removeTokenFromSession

public static void removeTokenFromSession(Object token,
                                          String metaAlias)

returnToSource

protected static void returnToSource(javax.servlet.http.HttpServletResponse response,
                                     com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType remoteDescriptor,
                                     String bLogoutStatus,
                                     String commonErrorPage,
                                     int minorVersion,
                                     com.sun.identity.federation.jaxb.entityconfig.BaseConfigType hostedConfig,
                                     String hostedEntityId,
                                     String userID)

Determines the return location and redirects based on logout Return URL of the provider that sent the logout request.

sendErrorPage

protected static void sendErrorPage(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    String providerAlias)

Returns the hosted provider's failure page to the user.

Parameters:

request - the HttpServletRequest object

response - the HttpServletResponse object

providerAlias - the provider alias corresponding to the hosted provider

removeCurrentSessionPartner

public static void removeCurrentSessionPartner(String metaAlias,
                                               String remoteEntityId,
                                               Object ssoToken,
                                               String userID)

Removes current session partner from the session partner list.

Parameters:

metaAlias - meta alias of the hosted provider

remoteEntityId - id of the remote provider

ssoToken - session object of the principal who presently login

userID - id of the principal

isIDPInitiatedProfile

public static boolean isIDPInitiatedProfile(String profile)

Returns true if this is IDP initiated profiles, false otherwise.

Parameters:

profile - profile to be checked.

Returns:

true if specified profile is IDP initiated, false otherwise.