private LogoutSuccessHandler createDefaultSuccessHandler() { SimpleUrlLogoutSuccessHandler urlLogoutHandler = new SimpleUrlLogoutSuccessHandler(); urlLogoutHandler.setDefaultTargetUrl(logoutSuccessUrl); if (defaultLogoutSuccessHandlerMappings.isEmpty()) { return urlLogoutHandler; } DelegatingLogoutSuccessHandler successHandler = new DelegatingLogoutSuccessHandler(defaultLogoutSuccessHandlerMappings); successHandler.setDefaultLogoutSuccessHandler(urlLogoutHandler); return successHandler; }
public void doLogout( HttpServletRequest request, HttpServletResponse response, String... skipHandlerName) throws IOException, ServletException { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null) { List<LogoutHandler> logoutHandlers = calculateActiveLogoutHandlers(skipHandlerName); for (LogoutHandler h : logoutHandlers) { h.logout(request, response, authentication); } RememberMeServices rms = securityManager.getRememberMeService(); ((LogoutHandler) rms).logout(request, response, authentication); logoutHandler.logout(request, response, authentication); } String redirectUrl = (String) request.getAttribute(LOGOUT_REDIRECT_ATTR); if (StringUtils.hasLength(redirectUrl)) { SimpleUrlLogoutSuccessHandler h = new SimpleUrlLogoutSuccessHandler(); h.setDefaultTargetUrl(redirectUrl); h.onLogoutSuccess(request, response, authentication); return; } logoutSuccessHandler.onLogoutSuccess(request, response, authentication); }
@Override protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) { String targetUrl = super.determineTargetUrl(request, response); return targetUrl; }
@Override protected void configure(HttpSecurity http) throws Exception { SimpleUrlLogoutSuccessHandler logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); logoutSuccessHandler.setDefaultTargetUrl("http://www.google.com"); logoutSuccessHandler.setRedirectStrategy(new CustomRedirectStrategy()); //... http .logout() .logoutSuccessHandler(logoutSuccessHandler); }
SamlLogoutSuccessHandler(LogoutSuccessHandler successHandler, LogoutHandler... delegates) { this.successHandler = ofNullable(successHandler).orElse(new SimpleUrlLogoutSuccessHandler()); this.delegates = delegates == null ? emptyList() : new LinkedList<>(asList(delegates)); }
@Override public void onLogoutSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException, ServletException { removeLoginCookie(request, response, authentication); logoutSuccessHandler.setDefaultTargetUrl(buildDefaultTargetUrl()); logoutSuccessHandler.onLogoutSuccess(request, response, authentication); }
@Override protected void configure(final HttpSecurity http) throws Exception { // workaround regex: we need to exclude the URL /UI/HEARTBEAT here // because we bound the vaadin application to /UI and not to root, // described in vaadin-forum: // https://vaadin.com/forum#!/thread/3200565. HttpSecurity httpSec = http.regexMatcher("(?!.*HEARTBEAT)^.*\\/UI.*$") // disable as CSRF is handled by Vaadin .csrf().disable(); if (hawkbitSecurityProperties.isRequireSsl()) { httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and(); } else { LOG.info( "\"******************\\n** Requires HTTPS Security has been disabled for UI, should only be used for developing purposes **\\n******************\""); } if (!StringUtils.isEmpty(hawkbitSecurityProperties.getContentSecurityPolicy())) { httpSec.headers().contentSecurityPolicy(hawkbitSecurityProperties.getContentSecurityPolicy()); } final SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); simpleUrlLogoutSuccessHandler.setTargetUrlParameter("login"); httpSec // UI .authorizeRequests().antMatchers("/UI/login/**").permitAll().antMatchers("/UI/UIDL/**").permitAll() .anyRequest().authenticated().and() // UI login / logout .exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/UI/login/#/")) .and().logout().logoutUrl("/UI/logout").logoutSuccessHandler(simpleUrlLogoutSuccessHandler); }
@Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { if (authentication != null) { userDirectoryService.invalidate(authentication.getName()); logger.trace("Logging out user {} ...", authentication.getName()); } else { logger.trace("Logout after session expiration"); } super.onLogoutSuccess(request, response, authentication); }
SimpleUrlLogoutSuccessHandler successLogoutHandler = createDefaultSuccessHandler(); defaultTargetURL = Optional.ofNullable(defaultTargetURL).orElseGet(config::getDefaultTargetUrl); successLogoutHandler.setDefaultTargetUrl(defaultTargetURL); endpoints.setDefaultTargetURL(defaultTargetURL); successHandler = postProcess(successLogoutHandler);
public TenantLoginLogoutSuccessHandler() { loginSuccessHandler.setRedirectStrategy(redirectStrategy); logoutSuccessHandler.setRedirectStrategy(redirectStrategy); }
@VisibleForTesting protected SimpleUrlLogoutSuccessHandler createDefaultSuccessHandler() { return new SimpleUrlLogoutSuccessHandler(); }
@Override protected void configure(final HttpSecurity http) throws Exception { // workaround regex: we need to exclude the URL /UI/HEARTBEAT here // because we bound the vaadin application to /UI and not to root, // described in vaadin-forum: // https://vaadin.com/forum#!/thread/3200565. HttpSecurity httpSec = http.regexMatcher("(?!.*HEARTBEAT)^.*\\/UI.*$") // disable as CSRF is handled by Vaadin .csrf().disable(); if (springSecurityProperties.isRequireSsl()) { httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and(); } else { LOG.info( "\"******************\\n** Requires HTTPS Security has been disabled for UI, should only be used for developing purposes **\\n******************\""); } if (!StringUtils.isEmpty(hawkbitSecurityProperties.getContentSecurityPolicy())) { httpSec.headers().contentSecurityPolicy(hawkbitSecurityProperties.getContentSecurityPolicy()); } final SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); simpleUrlLogoutSuccessHandler.setTargetUrlParameter("login"); httpSec // UI .authorizeRequests().antMatchers("/UI/login/**").permitAll().antMatchers("/UI/UIDL/**").permitAll() .anyRequest().authenticated().and() // UI login / logout .exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/UI/login/#/")) .and().logout().logoutUrl("/UI/logout").logoutSuccessHandler(simpleUrlLogoutSuccessHandler); }
/** * Clears the security context. This is necessary when cookie based storage is used. * * @param request {@code HttpServletRequest} * @param response {@code HttpServletResponse} * @param authentication {@code Authentication} * @throws IOException only from call to super class * @throws ServletException only from call to super class */ @Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { securityContextService.clearSecurityContext(request, response); super.onLogoutSuccess(request, response, authentication); } }
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.headers().frameOptions().sameOrigin(); http.authorizeRequests() .antMatchers("/openapi/**", "/vendor/**", "/styles/**", "/scripts/**", "/views/**", "/img/**").permitAll() .antMatchers("/**").authenticated(); http.formLogin().loginPage("/signin").permitAll().failureUrl("/signin?#/error").and().httpBasic(); SimpleUrlLogoutSuccessHandler urlLogoutHandler = new SimpleUrlLogoutSuccessHandler(); urlLogoutHandler.setDefaultTargetUrl("/signin?#/logout"); http.logout().logoutUrl("/user/logout").invalidateHttpSession(true).clearAuthentication(true) .logoutSuccessHandler(urlLogoutHandler); http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin")); }
@Override public void onLogoutSuccess( HttpServletRequest request, HttpServletResponse response, Authentication authentication ) throws IOException, ServletException { SimpleUrlLogoutSuccessHandler logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); //TODO: indicate logout and present special logout site logoutSuccessHandler.setDefaultTargetUrl( "/" ); logoutSuccessHandler.onLogoutSuccess( request, response, authentication ); }
public Filter spSamlLogoutFilter() { return new SamlProviderLogoutFilter<>( getSamlProvisioning(), new ServiceProviderLogoutHandler(getSamlProvisioning()), new SimpleUrlLogoutSuccessHandler(), new SecurityContextLogoutHandler() ); }
@Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { if (browserHtmlRequestMatcher.matches(request)) { super.onLogoutSuccess(request, response, authentication); } else if (restLogoutRequestMatcher.matches(request)) { // forward the request on to its usual destination (e.g. /rest/v1/logout) so the correct response is returned request.getRequestDispatcher(request.getRequestURI()).forward(request, response); } else { response.setStatus(HttpStatus.OK.value()); response.getWriter().flush(); } }
@Override protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) { String targetUrl = super.determineTargetUrl(request, response); if(isInternalRedirect(targetUrl, request)) { return targetUrl; } String defaultTargetUrl = getDefaultTargetUrl(); if (targetUrl.equals(defaultTargetUrl)) { return targetUrl; } Set<String> clientWhitelist = getClientWhitelist(request); Set<String> combinedWhitelist = combineSets(whitelist, clientWhitelist); String whiteListRedirect = findMatchingRedirectUri(combinedWhitelist, targetUrl, defaultTargetUrl); return whiteListRedirect; }
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.headers().frameOptions().sameOrigin(); http.authorizeRequests() .antMatchers("/openapi/**", "/vendor/**", "/styles/**", "/scripts/**", "/views/**", "/img/**").permitAll() .antMatchers("/**").hasAnyRole(USER_ROLE); http.formLogin().loginPage("/signin").permitAll().failureUrl("/signin?#/error").and().httpBasic(); SimpleUrlLogoutSuccessHandler urlLogoutHandler = new SimpleUrlLogoutSuccessHandler(); urlLogoutHandler.setDefaultTargetUrl("/signin?#/logout"); http.logout().logoutUrl("/user/logout").invalidateHttpSession(true).clearAuthentication(true) .logoutSuccessHandler(urlLogoutHandler); http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin")); }
new SimpleUrlLogoutSuccessHandler(); logoutSuccessHandler.setDefaultTargetUrl(logoutSuccessUrl.toString()); logoutSuccessHandler.onLogoutSuccess(req, res, auth); }) .and()