Package org.apereo.cas.web.flow.logout

Class TerminateSessionAction

  • All Implemented Interfaces:
    org.springframework.beans.factory.InitializingBean, org.springframework.webflow.execution.Action
    public class TerminateSessionAction
extends org.springframework.webflow.action.AbstractAction
    Terminates the CAS SSO session by destroying all SSO state data (i.e. TGT, cookies).
    Since:
    4.0.0

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected org.springframework.context.ConfigurableApplicationContext applicationContext
      Application context.
      protected org.apereo.cas.CentralAuthenticationService centralAuthenticationService
      The authentication service.
      protected org.springframework.webflow.action.EventFactorySupport eventFactorySupport
      The event factory.
      protected org.apereo.cas.logout.LogoutManager logoutManager
      Logout manager.
      protected org.apereo.cas.configuration.model.core.logout.LogoutProperties logoutProperties
      The logout properties.
      static java.lang.String REQUEST_PARAM_LOGOUT_REQUEST_CONFIRMED
      Parameter to indicate logout request is confirmed.
      protected org.apereo.cas.web.cookie.CasCookieBuilder ticketGrantingTicketCookieGenerator
      The TGT cookie generator.
      protected org.apereo.cas.web.cookie.CasCookieBuilder warnCookieGenerator
      The warn cookie generator.

      • Fields inherited from class org.springframework.webflow.action.AbstractAction

        logger

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected static void destroyApplicationSession​(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Destroy application session.
      org.springframework.webflow.execution.Event doExecute​(org.springframework.webflow.execution.RequestContext requestContext)  
      protected java.lang.String getTicketGrantingTicket​(org.springframework.webflow.execution.RequestContext context)
      Retrieve the TGT identifier.
      protected java.util.List<org.apereo.cas.logout.slo.SingleLogoutRequestContext> initiateSingleLogout​(java.lang.String ticketGrantingTicketId, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Initiate single logout.
      protected static boolean isLogoutRequestConfirmed​(org.springframework.webflow.execution.RequestContext requestContext)
      Check if the logout must be confirmed.
      protected org.springframework.webflow.execution.Event terminate​(org.springframework.webflow.execution.RequestContext context)
      Terminates the CAS SSO session by destroying the TGT (if any) and removing cookies related to the SSO session.

      • Methods inherited from class org.springframework.webflow.action.AbstractAction

        afterPropertiesSet, doPostExecute, doPreExecute, error, error, execute, getActionNameForLogging, getEventFactorySupport, initAction, no, result, result, result, result, success, success, yes

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • REQUEST_PARAM_LOGOUT_REQUEST_CONFIRMED

        public static final java.lang.String REQUEST_PARAM_LOGOUT_REQUEST_CONFIRMED
        Parameter to indicate logout request is confirmed.
        See Also:
        Constant Field Values

      • eventFactorySupport

        protected final org.springframework.webflow.action.EventFactorySupport eventFactorySupport
        The event factory.

      • centralAuthenticationService

        protected final org.apereo.cas.CentralAuthenticationService centralAuthenticationService
        The authentication service.

      • ticketGrantingTicketCookieGenerator

        protected final org.apereo.cas.web.cookie.CasCookieBuilder ticketGrantingTicketCookieGenerator
        The TGT cookie generator.

      • warnCookieGenerator

        protected final org.apereo.cas.web.cookie.CasCookieBuilder warnCookieGenerator
        The warn cookie generator.

      • logoutProperties

        protected final org.apereo.cas.configuration.model.core.logout.LogoutProperties logoutProperties
        The logout properties.

      • logoutManager

        protected final org.apereo.cas.logout.LogoutManager logoutManager
        Logout manager.

      • applicationContext

        protected final org.springframework.context.ConfigurableApplicationContext applicationContext
        Application context.

    • Constructor Detail

      • TerminateSessionAction

        public TerminateSessionAction()

    • Method Detail

      • doExecute

        public org.springframework.webflow.execution.Event doExecute​(org.springframework.webflow.execution.RequestContext requestContext)
        Specified by:
        doExecute in class org.springframework.webflow.action.AbstractAction

      • getTicketGrantingTicket

        protected java.lang.String getTicketGrantingTicket​(org.springframework.webflow.execution.RequestContext context)
        Retrieve the TGT identifier.
        Parameters:
        context - the action context
        Returns:
        the TGT identifier

      • terminate

        protected org.springframework.webflow.execution.Event terminate​(org.springframework.webflow.execution.RequestContext context)
        Terminates the CAS SSO session by destroying the TGT (if any) and removing cookies related to the SSO session.
        Parameters:
        context - Request context.
        Returns:
        "success"

      • isLogoutRequestConfirmed

        protected static boolean isLogoutRequestConfirmed​(org.springframework.webflow.execution.RequestContext requestContext)
        Check if the logout must be confirmed.
        Parameters:
        requestContext - the request context
        Returns:
        if the logout must be confirmed

      • destroyApplicationSession

        protected static void destroyApplicationSession​(javax.servlet.http.HttpServletRequest request,
                                                javax.servlet.http.HttpServletResponse response)
        Destroy application session. Also kills all delegated authn profiles via pac4j.
        Parameters:
        request - the request
        response - the response

      • initiateSingleLogout

        protected java.util.List<org.apereo.cas.logout.slo.SingleLogoutRequestContext> initiateSingleLogout​(java.lang.String ticketGrantingTicketId,
                                                                                                    javax.servlet.http.HttpServletRequest request,
                                                                                                    javax.servlet.http.HttpServletResponse response)
        Initiate single logout.
        Parameters:
        ticketGrantingTicketId - the ticket granting ticket id
        request - the request
        response - the response
        Returns:
        the list