com.sun.identity.saml2.profile

Class SPSingleLogout

java.lang.Object

com.sun.identity.saml2.profile.SPSingleLogout

public class SPSingleLogout
extends Object

This class reads the required data from HttpServletRequest and initiates the LogoutRequest from SP to IDP.

Method Summary

Modifier and Type	Method and Description
static void	initiateLogoutRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, PrintWriter out, String binding, Map paramsMap, LogoutRequest origLogoutRequest, SOAPMessage msg, Object newSession, SAML2EventLogger audit) Parses the request parameters and initiates the Logout Request to be sent to the IDP.
static void	initiateLogoutRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, PrintWriter out, String binding, Map paramsMap, SAML2EventLogger auditor) Parses the request parameters and initiates the Logout Request to be sent to the IDP.
static void	processLogoutRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, PrintWriter out, String samlRequest, String relayState) Gets and processes the Single LogoutRequest from IDP.
static LogoutResponse	processLogoutRequest(LogoutRequest logoutReq, String spEntityID, String realm, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, boolean isLBReq, boolean destroySession, String binding, boolean isVerified) Gets and processes the Single LogoutRequest from IDP and return LogoutResponse.
static LogoutResponse	processLogoutRequest(LogoutRequest logoutReq, String spEntityID, String realm, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, boolean isLBReq, String binding, boolean isVerified) Gets and processes the Single LogoutRequest from IDP and return LogoutResponse.
static Map<String,String>	processLogoutResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String samlResponse, String relayState) Gets and processes the Single LogoutResponse from IDP, destroys the local session, checks response's issuer and inResponseTo.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

initiateLogoutRequest

public static void initiateLogoutRequest(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response,
                                         PrintWriter out,
                                         String binding,
                                         Map paramsMap,
                                         SAML2EventLogger auditor)
                                  throws SAML2Exception

Parses the request parameters and initiates the Logout Request to be sent to the IDP.

Parameters:

request - the HttpServletRequest.

response - the HttpServletResponse.

out - The print writer for writing out presentation.

binding - binding used for this request.

paramsMap - Map of all other parameters. Following parameters names with their respective String values are allowed in this paramsMap. "RelayState" - the target URL on successful Single Logout "Destination" - A URI Reference indicating the address to which the request has been sent. "Consent" - Specifies a URI a SAML defined identifier known as Consent Identifiers. "Extension" - Specifies a list of Extensions as list of String objects.

auditor - the auditor for logging SAML2 Events - may be null

Throws:

SAML2Exception - if error initiating request to IDP.

initiateLogoutRequest

public static void initiateLogoutRequest(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response,
                                         PrintWriter out,
                                         String binding,
                                         Map paramsMap,
                                         LogoutRequest origLogoutRequest,
                                         SOAPMessage msg,
                                         Object newSession,
                                         SAML2EventLogger audit)
                                  throws SAML2Exception

Parses the request parameters and initiates the Logout Request to be sent to the IDP.

Parameters:

request - the HttpServletRequest.

response - the HttpServletResponse.

out - The print writer for writing out presentation.

binding - binding used for this request.

paramsMap - Map of all other parameters. Following parameters names with their respective String values are allowed in this paramsMap. "RelayState" - the target URL on successful Single Logout "Destination" - A URI Reference indicating the address to which the request has been sent. "Consent" - Specifies a URI a SAML defined identifier known as Consent Identifiers. "Extension" - Specifies a list of Extensions as list of String objects.

origLogoutRequest - original LogoutRequest

msg - SOAPMessage

newSession - Session object for IDP Proxy

audit - the auditor for logging SAML2 Events - may be null

Throws:

SAML2Exception - if error initiating request to IDP.

processLogoutResponse

public static Map<String,String> processLogoutResponse(javax.servlet.http.HttpServletRequest request,
                                                       javax.servlet.http.HttpServletResponse response,
                                                       String samlResponse,
                                                       String relayState)
                                                throws SAML2Exception,
                                                       SessionException

Gets and processes the Single LogoutResponse from IDP, destroys the local session, checks response's issuer and inResponseTo.

Parameters:

request - the HttpServletRequest.

response - the HttpServletResponse.

samlResponse - LogoutResponse in the XML string format.

relayState - the target URL on successful LogoutResponse.

Throws:

SAML2Exception - if error processing LogoutResponse.

SessionException - if error processing LogoutResponse.

processLogoutRequest

public static void processLogoutRequest(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        PrintWriter out,
                                        String samlRequest,
                                        String relayState)
                                 throws SAML2Exception,
                                        SessionException

Gets and processes the Single LogoutRequest from IDP.

Parameters:

request - the HttpServletRequest.

response - the HttpServletResponse.

out - the print writer for writing out presentation

samlRequest - LogoutRequest in the XML string format.

relayState - the target URL on successful LogoutRequest.

Throws:

SAML2Exception - if error processing LogoutRequest.

SessionException - if error processing LogoutRequest.

processLogoutRequest

public static LogoutResponse processLogoutRequest(LogoutRequest logoutReq,
                                                  String spEntityID,
                                                  String realm,
                                                  javax.servlet.http.HttpServletRequest request,
                                                  javax.servlet.http.HttpServletResponse response,
                                                  boolean isLBReq,
                                                  String binding,
                                                  boolean isVerified)

Gets and processes the Single LogoutRequest from IDP and return LogoutResponse.

Parameters:

logoutReq - LogoutRequest from IDP

spEntityID - name of host entity ID.

realm - name of host entity.

request - HTTP servlet request.

response - HTTP servlet response.

isLBReq - true if the request is for load balancing.

binding - value of SAML2Constants.HTTP_REDIRECT or SAML2Constants.SOAP.

isVerified - true if the request is verified already.

Returns:

LogoutResponse the target URL on successful LogoutRequest.

processLogoutRequest

public static LogoutResponse processLogoutRequest(LogoutRequest logoutReq,
                                                  String spEntityID,
                                                  String realm,
                                                  javax.servlet.http.HttpServletRequest request,
                                                  javax.servlet.http.HttpServletResponse response,
                                                  boolean isLBReq,
                                                  boolean destroySession,
                                                  String binding,
                                                  boolean isVerified)

Gets and processes the Single LogoutRequest from IDP and return LogoutResponse.

Parameters:

logoutReq - LogoutRequest from IDP

spEntityID - name of host entity ID.

realm - name of host entity.

request - HTTP servlet request.

response - HTTP servlet response.

isLBReq - true if the request is for load balancing.

binding - value of SAML2Constants.HTTP_REDIRECT or SAML2Constants.SOAP.

isVerified - true if the request is verified already.

Returns:

LogoutResponse the target URL on successful LogoutRequest.