Class Saml2LogoutResponseFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public final class Saml2LogoutResponseFilter
extends org.springframework.web.filter.OncePerRequestFilter
A filter for handling a <saml2:LogoutResponse> sent from the asserting party. A
<saml2:LogoutResponse> is sent in response to a <saml2:LogoutRequest>
already sent by the relying party.
Note that before a <saml2:LogoutRequest> is sent, the user is logged out. Given
that, this implementation should not use any
LogoutSuccessHandler
that relies
on the user being logged in.- Since:
- 5.6
- See Also:
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
-
Constructor Summary
ConstructorDescriptionSaml2LogoutResponseFilter
(RelyingPartyRegistrationRepository registrations, Saml2LogoutResponseValidator logoutResponseValidator, LogoutSuccessHandler logoutSuccessHandler) Saml2LogoutResponseFilter
(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver, Saml2LogoutResponseValidator logoutResponseValidator, LogoutSuccessHandler logoutSuccessHandler) Constructs aSaml2LogoutResponseFilter
for accepting SAML 2.0 Logout Responses from the asserting party -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) void
setLogoutRequestMatcher
(RequestMatcher logoutRequestMatcher) void
setLogoutRequestRepository
(Saml2LogoutRequestRepository logoutRequestRepository) Use thisSaml2LogoutRequestRepository
for retrieving the SAML 2.0 Logout Request associated with the request'sRelayState
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
Saml2LogoutResponseFilter
public Saml2LogoutResponseFilter(RelyingPartyRegistrationRepository registrations, Saml2LogoutResponseValidator logoutResponseValidator, LogoutSuccessHandler logoutSuccessHandler) -
Saml2LogoutResponseFilter
public Saml2LogoutResponseFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver, Saml2LogoutResponseValidator logoutResponseValidator, LogoutSuccessHandler logoutSuccessHandler) Constructs aSaml2LogoutResponseFilter
for accepting SAML 2.0 Logout Responses from the asserting party- Parameters:
relyingPartyRegistrationResolver
- the strategy for resolving aRelyingPartyRegistration
logoutResponseValidator
- authenticates the SAML 2.0 Logout ResponselogoutSuccessHandler
- the action to perform now that logout has succeeded
-
-
Method Details
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
jakarta.servlet.ServletException
IOException
-
setLogoutRequestMatcher
-
setLogoutRequestRepository
Use thisSaml2LogoutRequestRepository
for retrieving the SAML 2.0 Logout Request associated with the request'sRelayState
- Parameters:
logoutRequestRepository
- theSaml2LogoutRequestRepository
to use
-