public void sendLogoutRequest(SAMLMessageContext context, SAMLCredential credential)
throws SAMLException, MetadataProviderException, MessageEncodingException {
// If no user is logged in we do not initialize the protocol.
if (credential == null) {
return;
}
IDPSSODescriptor idpDescriptor = (IDPSSODescriptor) context.getPeerEntityRoleMetadata();
SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
String binding = SAMLUtil.getLogoutBinding(idpDescriptor, spDescriptor);
SingleLogoutService logoutServiceIDP =
SAMLUtil.getLogoutServiceForBinding(idpDescriptor, binding);
LogoutRequest logoutRequest = getLogoutRequest(context, credential, logoutServiceIDP);
context.setCommunicationProfileId(getProfileIdentifier());
context.setOutboundMessage(logoutRequest);
context.setOutboundSAMLMessage(logoutRequest);
context.setPeerEntityEndpoint(logoutServiceIDP);
boolean signMessage = context.getPeerExtendedMetadata().isRequireLogoutRequestSigned();
sendMessage(context, signMessage);
SAMLMessageStorage messageStorage = context.getMessageStorage();
if (messageStorage != null) {
messageStorage.storeMessage(logoutRequest.getID(), logoutRequest);
}
}
protected void sendLogoutResponse(Status status, SAMLMessageContext context)
throws MetadataProviderException, SAMLException, MessageEncodingException {
SAMLObjectBuilder<LogoutResponse> responseBuilder =
(SAMLObjectBuilder<LogoutResponse>)
builderFactory.getBuilder(LogoutResponse.DEFAULT_ELEMENT_NAME);
LogoutResponse logoutResponse = responseBuilder.buildObject();
IDPSSODescriptor idpDescriptor = SAMLUtil.getIDPDescriptor(metadata, context.getPeerEntityId());
SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata();
String binding = SAMLUtil.getLogoutBinding(idpDescriptor, spDescriptor);
SingleLogoutService logoutService = SAMLUtil.getLogoutServiceForBinding(idpDescriptor, binding);
logoutResponse.setID(generateID());
logoutResponse.setIssuer(getIssuer(context.getLocalEntityId()));
logoutResponse.setVersion(SAMLVersion.VERSION_20);
logoutResponse.setIssueInstant(new DateTime());
logoutResponse.setInResponseTo(context.getInboundSAMLMessageId());
logoutResponse.setDestination(logoutService.getLocation());
logoutResponse.setStatus(status);
context.setCommunicationProfileId(getProfileIdentifier());
context.setOutboundMessage(logoutResponse);
context.setOutboundSAMLMessage(logoutResponse);
context.setPeerEntityEndpoint(logoutService);
context.setPeerEntityId(idpDescriptor.getID());
context.setPeerEntityRoleMetadata(idpDescriptor);
boolean signMessage = context.getPeerExtendedMetadata().isRequireLogoutResponseSigned();
sendMessage(context, signMessage);
}
/**
* The filter will be used in case the URL of the request contains the DEFAULT_FILTER_URL.
*
* @param request request used to determine whether to enable this filter
* @return true if this filter should be used
*/
@Override
protected boolean requiresLogout(HttpServletRequest request, HttpServletResponse response) {
return SAMLUtil.processFilter(getFilterProcessesUrl(), request);
}