Package com.sun.identity.saml2.profile

Class SPSingleLogout

  • public class SPSingleLogout
extends Object
    This class reads the required data from HttpServletRequest and initiates the LogoutRequest from SP to IDP.

    • Method Detail

      • initiateLogoutRequest

        public static void initiateLogoutRequest​(jakarta.servlet.http.HttpServletRequest request,
                                         jakarta.servlet.http.HttpServletResponse response,
                                         PrintWriter out,
                                         String binding,
                                         Map paramsMap,
                                         SAML2EventLogger auditor)
                                  throws SAML2Exception
        Parses the request parameters and initiates the Logout Request to be sent to the IDP.
        Parameters:
        request - the HttpServletRequest.
        response - the HttpServletResponse.
        out - The print writer for writing out presentation.
        binding - binding used for this request.
        paramsMap - Map of all other parameters. Following parameters names with their respective String values are allowed in this paramsMap. "RelayState" - the target URL on successful Single Logout "Destination" - A URI Reference indicating the address to which the request has been sent. "Consent" - Specifies a URI a SAML defined identifier known as Consent Identifiers. "Extension" - Specifies a list of Extensions as list of String objects.
        auditor - the auditor for logging SAML2 Events - may be null
        Throws:
        SAML2Exception - if error initiating request to IDP.

      • initiateLogoutRequest

        public static void initiateLogoutRequest​(jakarta.servlet.http.HttpServletRequest request,
                                         jakarta.servlet.http.HttpServletResponse response,
                                         PrintWriter out,
                                         String binding,
                                         Map paramsMap,
                                         LogoutRequest origLogoutRequest,
                                         jakarta.xml.soap.SOAPMessage msg,
                                         Object newSession,
                                         SAML2EventLogger audit)
                                  throws SAML2Exception
        Parses the request parameters and initiates the Logout Request to be sent to the IDP.
        Parameters:
        request - the HttpServletRequest.
        response - the HttpServletResponse.
        out - The print writer for writing out presentation.
        binding - binding used for this request.
        paramsMap - Map of all other parameters. Following parameters names with their respective String values are allowed in this paramsMap. "RelayState" - the target URL on successful Single Logout "Destination" - A URI Reference indicating the address to which the request has been sent. "Consent" - Specifies a URI a SAML defined identifier known as Consent Identifiers. "Extension" - Specifies a list of Extensions as list of String objects.
        origLogoutRequest - original LogoutRequest
        msg - SOAPMessage
        newSession - Session object for IDP Proxy
        audit - the auditor for logging SAML2 Events - may be null
        Throws:
        SAML2Exception - if error initiating request to IDP.

      • processLogoutResponse

        public static Map<String,​String> processLogoutResponse​(jakarta.servlet.http.HttpServletRequest request,
                                                             jakarta.servlet.http.HttpServletResponse response,
                                                             String samlResponse,
                                                             String relayState)
                                                      throws SAML2Exception,
                                                             SessionException
        Gets and processes the Single LogoutResponse from IDP, destroys the local session, checks response's issuer and inResponseTo.
        Parameters:
        request - the HttpServletRequest.
        response - the HttpServletResponse.
        samlResponse - LogoutResponse in the XML string format.
        relayState - the target URL on successful LogoutResponse.
        Throws:
        SAML2Exception - if error processing LogoutResponse.
        SessionException - if error processing LogoutResponse.

      • processLogoutRequest

        public static void processLogoutRequest​(jakarta.servlet.http.HttpServletRequest request,
                                        jakarta.servlet.http.HttpServletResponse response,
                                        PrintWriter out,
                                        String samlRequest,
                                        String relayState)
                                 throws SAML2Exception,
                                        SessionException
        Gets and processes the Single LogoutRequest from IDP.
        Parameters:
        request - the HttpServletRequest.
        response - the HttpServletResponse.
        out - the print writer for writing out presentation
        samlRequest - LogoutRequest in the XML string format.
        relayState - the target URL on successful LogoutRequest.
        Throws:
        SAML2Exception - if error processing LogoutRequest.
        SessionException - if error processing LogoutRequest.

      • processLogoutRequest

        public static LogoutResponse processLogoutRequest​(LogoutRequest logoutReq,
                                                  String spEntityID,
                                                  String realm,
                                                  jakarta.servlet.http.HttpServletRequest request,
                                                  jakarta.servlet.http.HttpServletResponse response,
                                                  boolean isLBReq,
                                                  String binding,
                                                  boolean isVerified)
        Gets and processes the Single LogoutRequest from IDP and return LogoutResponse.
        Parameters:
        logoutReq - LogoutRequest from IDP
        spEntityID - name of host entity ID.
        realm - name of host entity.
        request - HTTP servlet request.
        response - HTTP servlet response.
        isLBReq - true if the request is for load balancing.
        binding - value of SAML2Constants.HTTP_REDIRECT or SAML2Constants.SOAP.
        isVerified - true if the request is verified already.
        Returns:
        LogoutResponse the target URL on successful LogoutRequest.

      • processLogoutRequest

        public static LogoutResponse processLogoutRequest​(LogoutRequest logoutReq,
                                                  String spEntityID,
                                                  String realm,
                                                  jakarta.servlet.http.HttpServletRequest request,
                                                  jakarta.servlet.http.HttpServletResponse response,
                                                  boolean isLBReq,
                                                  boolean destroySession,
                                                  String binding,
                                                  boolean isVerified)
        Gets and processes the Single LogoutRequest from IDP and return LogoutResponse.
        Parameters:
        logoutReq - LogoutRequest from IDP
        spEntityID - name of host entity ID.
        realm - name of host entity.
        request - HTTP servlet request.
        response - HTTP servlet response.
        isLBReq - true if the request is for load balancing.
        binding - value of SAML2Constants.HTTP_REDIRECT or SAML2Constants.SOAP.
        isVerified - true if the request is verified already.
        Returns:
        LogoutResponse the target URL on successful LogoutRequest.