SingleLogoutProfile (Spring Security SAML 1.0.10.RELEASE API)

All Known Implementing Classes:

SingleLogoutProfileImpl
```
public interface SingleLogoutProfile
```
Implementing class must contain SAML Single Logout functionality according to SAML 2.0 Profiles specification.

Author:

Vladimir Schaefer

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`processLogoutRequest(SAMLMessageContext context, SAMLCredential credential)` Implementer must ensure that the incoming LogoutRequest stored in the context is verified and return true if local logout should be executed.
`void`	`processLogoutResponse(SAMLMessageContext context)` Implementer is responsible for processing of LogoutResponse message present in the context.
`void`	`sendLogoutRequest(SAMLMessageContext context, SAMLCredential credential)` Call to the method must ensure that LogoutRequest SAML message is sent to the IDP requesting global logout of all known sessions.
`void`	`sendLogoutResponse(SAMLMessageContext context, String statusCode, String statusMessage)` Method sends logout response message constructed with the given status code to the peer entity.

- Method Detail
  - sendLogoutRequest
```
void sendLogoutRequest(SAMLMessageContext context,
                       SAMLCredential credential)
                throws org.opensaml.common.SAMLException,
                       org.opensaml.saml2.metadata.provider.MetadataProviderException,
                       org.opensaml.ws.message.encoder.MessageEncodingException
```
    Call to the method must ensure that LogoutRequest SAML message is sent to the IDP requesting global logout of all known sessions.
    
    Parameters:
    
    context - processing context
    
    credential - credential of the currently logged user
    
    Throws:
    
    org.opensaml.common.SAMLException - in case logout request can't be created
    
    org.opensaml.saml2.metadata.provider.MetadataProviderException - in case idp metadata can't be resolved
    
    org.opensaml.ws.message.encoder.MessageEncodingException - in case message can't be sent using given binding
  - sendLogoutResponse
```
void sendLogoutResponse(SAMLMessageContext context,
                        String statusCode,
                        String statusMessage)
                 throws org.opensaml.saml2.metadata.provider.MetadataProviderException,
                        org.opensaml.common.SAMLException,
                        org.opensaml.ws.message.encoder.MessageEncodingException
```
    Method sends logout response message constructed with the given status code to the peer entity.
    
    Parameters:
    
    context - processing context
    
    statusCode - status code to respond with
    
    statusMessage - status message to respond with
    
    Throws:
    
    org.opensaml.common.SAMLException - in case logout request can't be created
    
    org.opensaml.saml2.metadata.provider.MetadataProviderException - in case idp metadata can't be resolved
    
    org.opensaml.ws.message.encoder.MessageEncodingException - in case message can't be sent using given binding
  - processLogoutRequest
```
boolean processLogoutRequest(SAMLMessageContext context,
                             SAMLCredential credential)
                      throws org.opensaml.common.SAMLException
```
    Implementer must ensure that the incoming LogoutRequest stored in the context is verified and return true if local logout should be executed. Method either returns true, in case local logout should be performed or false when local logout should be skipped. In both cases system should respond with successful logout response. In case an exception is raised system should reply with logout response with an error status code.
    
    Parameters:
    
    context - context containing SAML message being processed
    
    credential - credential of the currently authenticated user
    
    Returns:
    
    true if local logout should be performed, false if it should be skipped
    
    Throws:
    
    org.opensaml.common.SAMLException - in case message is invalid
  - processLogoutResponse
```
void processLogoutResponse(SAMLMessageContext context)
                    throws org.opensaml.common.SAMLException,
                           org.opensaml.xml.security.SecurityException,
                           org.opensaml.xml.validation.ValidationException
```
    Implementer is responsible for processing of LogoutResponse message present in the context. In case the message is invalid exception should be raised, although this doesn't mean any problem to the processing, as logout has already been executed.
    
    Parameters:
    
    context - context containing processed SAML message
    
    Throws:
    
    org.opensaml.common.SAMLException - in case the received SAML message is malformed or invalid
    
    org.opensaml.xml.security.SecurityException - in case the signature of the message is not trusted
    
    org.opensaml.xml.validation.ValidationException - in case the signature of the message is invalid

Interface SingleLogoutProfile

Method Summary

Method Detail

sendLogoutRequest

sendLogoutResponse

processLogoutRequest

processLogoutResponse