Class Saml2LogoutResponseFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.web.filter.OncePerRequestFilter
-
- org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter
-
- All Implemented Interfaces:
javax.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public final class Saml2LogoutResponseFilter extends org.springframework.web.filter.OncePerRequestFilterA filter for handling a <saml2:LogoutResponse> sent from the asserting party. A <saml2:LogoutResponse> is sent in response to a <saml2:LogoutRequest> already sent by the relying party. Note that before a <saml2:LogoutRequest> is sent, the user is logged out. Given that, this implementation should not use anyLogoutSuccessHandlerthat relies on the user being logged in.- Since:
- 5.6
- See Also:
Saml2LogoutRequestRepository,Saml2LogoutResponseValidator
-
-
Constructor Summary
Constructors Constructor Description Saml2LogoutResponseFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver, Saml2LogoutResponseValidator logoutResponseValidator, org.springframework.security.web.authentication.logout.LogoutSuccessHandler logoutSuccessHandler)Constructs aSaml2LogoutResponseFilterfor accepting SAML 2.0 Logout Responses from the asserting party
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain)voidsetLogoutRequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher logoutRequestMatcher)voidsetLogoutRequestRepository(Saml2LogoutRequestRepository logoutRequestRepository)Use thisSaml2LogoutRequestRepositoryfor retrieving the SAML 2.0 Logout Request associated with the request'sRelayState-
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
-
-
-
-
Constructor Detail
-
Saml2LogoutResponseFilter
public Saml2LogoutResponseFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver, Saml2LogoutResponseValidator logoutResponseValidator, org.springframework.security.web.authentication.logout.LogoutSuccessHandler logoutSuccessHandler)
Constructs aSaml2LogoutResponseFilterfor accepting SAML 2.0 Logout Responses from the asserting party- Parameters:
relyingPartyRegistrationResolver- the strategy for resolving aRelyingPartyRegistrationlogoutResponseValidator- authenticates the SAML 2.0 Logout ResponselogoutSuccessHandler- the action to perform now that logout has succeeded
-
-
Method Detail
-
doFilterInternal
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws javax.servlet.ServletException, java.io.IOException- Specified by:
doFilterInternalin classorg.springframework.web.filter.OncePerRequestFilter- Throws:
javax.servlet.ServletExceptionjava.io.IOException
-
setLogoutRequestMatcher
public void setLogoutRequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher logoutRequestMatcher)
-
setLogoutRequestRepository
public void setLogoutRequestRepository(Saml2LogoutRequestRepository logoutRequestRepository)
Use thisSaml2LogoutRequestRepositoryfor retrieving the SAML 2.0 Logout Request associated with the request'sRelayState- Parameters:
logoutRequestRepository- theSaml2LogoutRequestRepositoryto use
-
-