KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > atlassian > seraph > logout > LogoutServlet


1 package com.atlassian.seraph.logout;
2
3 import com.atlassian.seraph.config.SecurityConfigImpl;
4 import com.atlassian.seraph.config.SecurityConfig;
5 import com.atlassian.seraph.config.SecurityConfigFactory;
6 import com.atlassian.seraph.auth.AuthenticatorException;
7 import com.atlassian.seraph.auth.Authenticator;
8
9 import javax.servlet.http.HttpServlet JavaDoc;
10 import javax.servlet.http.HttpServletRequest JavaDoc;
11 import javax.servlet.http.HttpServletResponse JavaDoc;
12 import javax.servlet.http.HttpSession JavaDoc;
13 import javax.servlet.ServletException JavaDoc;
14 import javax.servlet.ServletConfig JavaDoc;
15 import java.io.IOException JavaDoc;
16
17 /**
18  * Seraph logout servlet. Configured via the 'logout.url' init param in seraph-config.xml. This servlet supports two
19  * logout behaviours:
20  * <ul>
21  * <li>If 'logout.url' is a relative path (e.g. <code>/logout.jsp</code> or <code>/logout.action<code>, this servlet
22  * simply redirects to it. The redirected-to page is responsible for calling {@link Authenticator#logout(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}.</li>
23  * <li>If 'logout.url' is absolute, this servlet logs the user out with {@link Authenticator#logout(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}
24  * and then redirects to the absolute URL.</li>
25  * </ul>
26  */
27 public class LogoutServlet extends HttpServlet JavaDoc
28 {
29     private SecurityConfig securityConfig;
30
31     public void init() throws ServletException JavaDoc
32     {
33         super.init();
34         securityConfig = SecurityConfigFactory.getInstance();
35     }
36
37     public void init(ServletConfig JavaDoc servletConfig) throws ServletException JavaDoc
38     {
39         super.init(servletConfig);
40         securityConfig = (SecurityConfig) servletConfig.getServletContext().getAttribute(SecurityConfigImpl.STORAGE_KEY);
41     }
42
43     protected void service(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws ServletException JavaDoc, IOException JavaDoc
44     {
45         if (isRelativeRedirect())
46         {
47             // Internal logout page; we rely on it to execute the logout logic in its own good time (eg., if the user confirms logout)
48 response.sendRedirect(request.getContextPath() + getSecurityConfig().getLogoutURL());
49         }
50         else
51         {
52             // External logout page; we execute logout logic immediately, and redirect to the external page.
53 try
54             {
55                 final Authenticator authenticator = getAuthenticator();
56                 authenticator.logout(request, response);
57             }
58             catch (AuthenticatorException e)
59             {
60                 throw new ServletException JavaDoc("Seraph authenticator couldn't log out", e);
61             }
62             response.sendRedirect(getSecurityConfig().getLogoutURL());
63         }
64     }
65
66     private boolean isRelativeRedirect()
67     {
68         return getSecurityConfig().getLogoutURL().indexOf("://") == -1;
69     }
70
71     protected SecurityConfig getSecurityConfig() {
72         return securityConfig;
73     }
74
75     protected Authenticator getAuthenticator() {
76         return getSecurityConfig().getAuthenticator();
77     }
78 }
79
Popular Tags