Class Saml2LogoutResponseFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.web.filter.OncePerRequestFilter
-
- org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public final class Saml2LogoutResponseFilter extends org.springframework.web.filter.OncePerRequestFilter
A filter for handling a <saml2:LogoutResponse> sent from the asserting party. A <saml2:LogoutResponse> is sent in response to a <saml2:LogoutRequest> already sent by the relying party. Note that before a <saml2:LogoutRequest> is sent, the user is logged out. Given that, this implementation should not use anyLogoutSuccessHandler
that relies on the user being logged in.- Since:
- 5.6
- See Also:
Saml2LogoutRequestRepository
,Saml2LogoutResponseValidator
-
-
Constructor Summary
Constructors Constructor Description Saml2LogoutResponseFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver, Saml2LogoutResponseValidator logoutResponseValidator, LogoutSuccessHandler logoutSuccessHandler)
Constructs aSaml2LogoutResponseFilter
for accepting SAML 2.0 Logout Responses from the asserting party
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain)
void
setLogoutRequestMatcher(RequestMatcher logoutRequestMatcher)
void
setLogoutRequestRepository(Saml2LogoutRequestRepository logoutRequestRepository)
Use thisSaml2LogoutRequestRepository
for retrieving the SAML 2.0 Logout Request associated with the request'sRelayState
-
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
-
-
-
-
Constructor Detail
-
Saml2LogoutResponseFilter
public Saml2LogoutResponseFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver, Saml2LogoutResponseValidator logoutResponseValidator, LogoutSuccessHandler logoutSuccessHandler)
Constructs aSaml2LogoutResponseFilter
for accepting SAML 2.0 Logout Responses from the asserting party- Parameters:
relyingPartyRegistrationResolver
- the strategy for resolving aRelyingPartyRegistration
logoutResponseValidator
- authenticates the SAML 2.0 Logout ResponselogoutSuccessHandler
- the action to perform now that logout has succeeded
-
-
Method Detail
-
doFilterInternal
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws javax.servlet.ServletException, java.io.IOException
- Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
javax.servlet.ServletException
java.io.IOException
-
setLogoutRequestMatcher
public void setLogoutRequestMatcher(RequestMatcher logoutRequestMatcher)
-
setLogoutRequestRepository
public void setLogoutRequestRepository(Saml2LogoutRequestRepository logoutRequestRepository)
Use thisSaml2LogoutRequestRepository
for retrieving the SAML 2.0 Logout Request associated with the request'sRelayState
- Parameters:
logoutRequestRepository
- theSaml2LogoutRequestRepository
to use
-
-