Class WSFederationSingleLogoutHandler

  • All Implemented Interfaces:
    SingleLogoutHandler

    public class WSFederationSingleLogoutHandler
    extends Object
    implements SingleLogoutHandler
    The WSFederationSingleLogoutHandler class is an implementation of the SingleLogoutHandler for the WS-Federation protocol.
    • Constructor Detail

      • WSFederationSingleLogoutHandler

        public WSFederationSingleLogoutHandler()
        Creates a new instance of WSFederationSingleLogoutHandler
    • Method Detail

      • doIDPSingleLogout

        public int doIDPSingleLogout​(Set userSession,
                                     String userID,
                                     jakarta.servlet.http.HttpServletRequest request,
                                     jakarta.servlet.http.HttpServletResponse response,
                                     boolean isSOAPInitiated,
                                     boolean isIDPInitiated,
                                     String protocol,
                                     String realm,
                                     String idpEntityID,
                                     String spEntityID,
                                     String relayState,
                                     String singleLogoutRequestXML,
                                     String singleLogoutResponseXML,
                                     int currentStatus)
                              throws Exception
        Performs single logout for a specific protocol. This method need to be implemented by each federation protocol, and will be invoked by other protocol to achieve cross federation protocol single logout. The local session shall not be destroyed by the SPI implementation. In cases of IDP proxying configuration, the implementation need to do single logout for the entity acting as both SP and IDP. Normally, there are three types of single logout to be supported: - logout single session (specified by userSession parameter) - logout a list of session (specified by userSession parameter) - logout all sessions for a specific user (specified by userID oarameter) As a single instance of the implementation class will be used internally in the SingleLogoutManager class, implementation of the method shall not maintain any states.
        Specified by:
        doIDPSingleLogout in interface SingleLogoutHandler
        Parameters:
        userSession - Set of user session objects (java.lang.Object) to be logout.
        userID - Universal identifier of the user to be logout.
        request - HTTP servlet request object of the request.
        response - HTTP servlet response object of the request.
        isSOAPInitiated - True means original single logout request is initiated using SOAP binding, false means the original single logout request is initiated using HTTP binding.
        isIDPInitiated - True means this is identity provider initiated single logout, false means this is service provider initiated single logout.
        protocol - The protocol of the original single logout. Possible values for this parameter: SingleLogoutManager.SAML2 - single logout initiated using SAMLv2 protocol SingleLogoutManager.IDFF - single logout initiated using ID-FF protocol SingleLogoutManager.WS-FED - single logout initiated using WS-Federation protocol
        realm - Realm of the hosted entity.
        idpEntityID - EntityID of the hosted identity provider in the original Single Logout request.
        spEntityID - EntityID of the remote service provider in the original Single Logout request.
        relayState - A state information to be relayed back in response.
        singleLogoutRequestXML - Original single logout request in XML string.
        singleLogoutResponseXML - Logout response to be sent back to SP. This only apply to the case of SP initiated Single Logout, it will be null in case of IDP initiated single logout.
        currentStatus - Current logout status, this is the accumulative single logout status for all protocols processed so far. Possible values: SingleLogoutManager.LOGOUT_SUCCEEDED_STATUS SingleLogoutManager.LOGOUT_FAILED_STATUS SingleLogoutManager.LOGOUT_PARTIAL_STATUS
        Returns:
        the single logout status for this protocol, possible values: SingleLogoutManager.LOGOUT_SUCCEEDED_STATUS SingleLogoutManager.LOGOUT_FAILED_STATUS SingleLogoutManager.LOGOUT_PARTIAL_STATUS SingleLogoutManager.LOGOUT_REDIRECTED_STATUS
        Throws:
        Exception - if error occurs when processing the protocol.