public class LogoutUtil extends Object
LogoutRequest and executes
the required processing logic for sending LogoutRequest
from SP to IDP.| Constructor and Description |
|---|
LogoutUtil() |
| Modifier and Type | Method and Description |
|---|---|
static StringBuffer |
doLogout(String metaAlias,
String recipientEntityID,
List<EndpointType> recipientSLOList,
List extensionsList,
String binding,
String relayState,
String sessionIndex,
NameID nameID,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Map paramsMap,
BaseConfigType config)
Builds the
LogoutRequest and executes
the required processing logic for sending LogoutRequest
from SP to IDP. |
static StringBuffer |
doLogout(String metaAlias,
String recipientEntityID,
List extensionsList,
EndpointType logoutEndpoint,
String relayState,
String sessionIndex,
NameID nameID,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Map paramsMap,
BaseConfigType config) |
static LogoutResponse |
generateResponse(Status status,
String inResponseTo,
Issuer issuer,
String realm,
String hostRole,
String remoteEntity)
Builds the
LogoutResponse to be sent to IDP. |
static List |
getExtensionsList(Map paramsMap)
Returns the extensions list
|
static SingleLogoutServiceElement |
getIDPSLOConfig(String realm,
String entityId,
String binding)
Returns first SingleLogout configuration in an entity under
the realm.
|
static SingleLogoutServiceElement |
getMostAppropriateSLOServiceLocation(List<SingleLogoutServiceElement> sloList,
String preferredBinding)
Based on the preferred SAML binding this method tries to choose the most appropriate
SingleLogoutServiceElement that can be used to send the logout request to. |
static String |
getSLOBindingInfo(javax.servlet.http.HttpServletRequest request,
String metaAlias,
String hostEntityRole,
String remoteEntityID)
Returns binding information of SLO Service for remote entity
from request or meta configuration.
|
static String |
getSLOResponseServiceLocation(List sloList,
String desiredBinding)
Gets Single Logout Response Service location URL.
|
static String |
getSLOServiceLocation(List sloList,
String desiredBinding)
Gets Single Logout Service location URL.
|
static SingleLogoutServiceElement |
getSPSLOConfig(String realm,
String entityId,
String binding)
Returns first SingleLogout configuration in an entity under
the realm.
|
static void |
sendSLOResponse(javax.servlet.http.HttpServletResponse response,
javax.servlet.http.HttpServletRequest request,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity,
String binding) |
static void |
sendSLOResponse(javax.servlet.http.HttpServletResponse response,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity) |
static void |
sendSLOResponsePost(javax.servlet.http.HttpServletResponse response,
javax.servlet.http.HttpServletRequest request,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity) |
static void |
sendSLOResponseRedirect(javax.servlet.http.HttpServletResponse response,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity) |
static void |
setNameIDForSLORequest(LogoutRequest request,
NameID nameID,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity) |
static void |
signSLORequest(LogoutRequest sloRequest,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity)
Sign LogoutRequest.
|
static void |
signSLOResponse(LogoutResponse sloResponse,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity)
Sign LogoutResponse.
|
static boolean |
verifySLORequest(LogoutRequest sloRequest,
String realm,
String remoteEntity,
String hostEntity,
String hostEntityRole)
Verify the signature in LogoutRequest.
|
static boolean |
verifySLOResponse(LogoutResponse sloResponse,
String realm,
String remoteEntity,
String hostEntity,
String hostEntityRole)
Verify the signature in LogoutResponse.
|
public static StringBuffer doLogout(String metaAlias, String recipientEntityID, List<EndpointType> recipientSLOList, List extensionsList, String binding, String relayState, String sessionIndex, NameID nameID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Map paramsMap, BaseConfigType config) throws SAML2Exception, SessionException
LogoutRequest and executes
the required processing logic for sending LogoutRequest
from SP to IDP.metaAlias - the requester's metaAlais.recipientEntityID - the recipient's entity ID.recipientSLOList - recipient's Single Logout Service location
URL list.extensionsList - Extension list for request.binding - binding used for this request.relayState - the target URL on successful Single Logout.sessionIndex - sessionIndex of the Assertion generated by the
Identity Provider or Service Provider.nameID - NameID of the Provider.response - the HttpServletResponse.paramsMap - Map of all other parameters.
Following parameters names with their respective
String values are allowed in this paramsMap.
"realm" - MetaAlias for Service Provider. The format of
this parameter is /realm_name/SP name.
"RelayState" - the target URL on successful Single Logout
"Destination" - A URI Reference indicating the address to
which the request has been sent.
"Consent" - Specifies a URI a SAML defined identifier
known as Consent Identifiers.config - entity base config for basic auth.SAML2Exception - if error initiating request to IDP.SessionException - if error initiating request to IDP.public static StringBuffer doLogout(String metaAlias, String recipientEntityID, List extensionsList, EndpointType logoutEndpoint, String relayState, String sessionIndex, NameID nameID, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Map paramsMap, BaseConfigType config) throws SAML2Exception, SessionException
SAML2ExceptionSessionExceptionpublic static SingleLogoutServiceElement getMostAppropriateSLOServiceLocation(List<SingleLogoutServiceElement> sloList, String preferredBinding)
SingleLogoutServiceElement that can be used to send the logout request to. The algorithm itself is
simple:
sloList - The list of SLO endpoints for a given entity.preferredBinding - The binding that was used to initiate the logout request.public static String getSLOServiceLocation(List sloList, String desiredBinding)
sloList - list of configured SingleLogoutElement.desiredBinding - desired binding of SingleLogout.public static String getSLOResponseServiceLocation(List sloList, String desiredBinding)
sloList - list of configured SingleLogoutElement.desiredBinding - desired binding of SingleLogout.public static LogoutResponse generateResponse(Status status, String inResponseTo, Issuer issuer, String realm, String hostRole, String remoteEntity)
LogoutResponse to be sent to IDP.status - status of the response.inResponseTo - inResponseTo.issuer - issuer of the response, which is SP.realm - inResponseTo.hostRole - issuer of the response, which is SP.remoteEntity - will get this response.LogoutResponsepublic static void signSLORequest(LogoutRequest sloRequest, String realm, String hostEntity, String hostEntityRole, String remoteEntity) throws SAML2Exception
sloRequest - SLO request will be signed.realm - realm of host entity.hostEntity - entity ID of host entity.hostEntityRole - role of host entity.remoteEntity - entity ID of remote host entity.SAML2Exception - if error in signing the request.public static boolean verifySLORequest(LogoutRequest sloRequest, String realm, String remoteEntity, String hostEntity, String hostEntityRole) throws SAML2Exception, SessionException
sloRequest - SLO request will be verified.realm - realm of host entity.remoteEntity - entity ID of remote host entity.hostEntity - entity ID of host entity.hostEntityRole - role of host entity.SAML2Exception - if error in verifying the signature.SessionException - if error in verifying the signature.public static void signSLOResponse(LogoutResponse sloResponse, String realm, String hostEntity, String hostEntityRole, String remoteEntity) throws SAML2Exception
sloResponse - SLO response will be signed.realm - realm of host entity.hostEntity - entity ID of host entity.hostEntityRole - role of host entity.remoteEntity - entity ID of remote host entity.SAML2Exception - if error in signing the request.public static boolean verifySLOResponse(LogoutResponse sloResponse, String realm, String remoteEntity, String hostEntity, String hostEntityRole) throws SAML2Exception, SessionException
sloResponse - SLO response will be verified.realm - realm of host entity.remoteEntity - entity ID of remote host entity.hostEntity - entity ID of host entity.hostEntityRole - role of host entity.SAML2Exception - if error in verifying the signature.SessionException - if error in verifying the signature.public static void setNameIDForSLORequest(LogoutRequest request, NameID nameID, String realm, String hostEntity, String hostEntityRole, String remoteEntity) throws SAML2Exception, SessionException
SAML2ExceptionSessionExceptionpublic static void sendSLOResponse(javax.servlet.http.HttpServletResponse response,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity)
throws SAML2Exception
SAML2Exceptionpublic static void sendSLOResponse(javax.servlet.http.HttpServletResponse response,
javax.servlet.http.HttpServletRequest request,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity,
String binding)
throws SAML2Exception
SAML2Exceptionpublic static void sendSLOResponsePost(javax.servlet.http.HttpServletResponse response,
javax.servlet.http.HttpServletRequest request,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity)
throws SAML2Exception
SAML2Exceptionpublic static void sendSLOResponseRedirect(javax.servlet.http.HttpServletResponse response,
LogoutResponse sloResponse,
String sloURL,
String relayState,
String realm,
String hostEntity,
String hostEntityRole,
String remoteEntity)
throws SAML2Exception
SAML2Exceptionpublic static String getSLOBindingInfo(javax.servlet.http.HttpServletRequest request, String metaAlias, String hostEntityRole, String remoteEntityID) throws SAML2Exception
request - the HttpServletRequest.metaAlias - entityID of hosted entity.hostEntityRole - Role of hosted entity.remoteEntityID - entityID of remote entity.SAML2Exception - if no binding information is configured.public static SingleLogoutServiceElement getIDPSLOConfig(String realm, String entityId, String binding) throws SAML2MetaException, SessionException
realm - The realm under which the entity resides.entityId - ID of the entity to be retrieved.binding - bind type need to has to be matched.SingleLogoutServiceElement for the entity or nullSAML2MetaException - if unable to retrieve the first identity
provider's SSO configuration.SessionException - invalid or expired single-sign-on sessionpublic static SingleLogoutServiceElement getSPSLOConfig(String realm, String entityId, String binding) throws SAML2MetaException, SessionException
realm - The realm under which the entity resides.entityId - ID of the entity to be retrieved.binding - bind type need to has to be matched.SingleLogoutServiceElement for the entity or nullSAML2MetaException - if unable to retrieve the first identity
provider's SSO configuration.SessionException - invalid or expired single-sign-on sessionCopyright © 2010–2025 Open Identity Platform Community. All rights reserved.