diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-26 07:47:08 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-26 07:47:08 +0200 |
commit | 59fd2c0ea0649c94340d67b735a2d53696065e4c (patch) | |
tree | 43722934ecabd4694c7675686c5541f857392cd9 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java | |
parent | cfb70f755c45a2cad582e8030b1542add9949efb (diff) | |
download | moa-id-spss-59fd2c0ea0649c94340d67b735a2d53696065e4c.tar.gz moa-id-spss-59fd2c0ea0649c94340d67b735a2d53696065e4c.tar.bz2 moa-id-spss-59fd2c0ea0649c94340d67b735a2d53696065e4c.zip |
Bugfixes:
- handle Error if more then one authentication is started for one Online-Application
- handle MultiThread error if more then one authentication process is active in one user session
Add:
- Add UserData database. (is required for the web-based configuration tool)
- Add additional OA parameter in MOA-ID 2.x configuration scheme to set OAs active or not
TODO: change 'searchOAWith....' to only get results with active=true
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java | 43 |
1 files changed, 24 insertions, 19 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index caf2e4490..8dc5d7469 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -83,29 +83,34 @@ public class LogOutServlet extends AuthServlet { SSOManager ssomanager = SSOManager.getInstance(); - //get SSO token from request - String ssoid = ssomanager.getSSOSessionID(req); - - if (ssomanager.isValidSSOSession(ssoid, req)) { - - //TODO: Single LogOut Implementation + try { + //get SSO token from request + String ssoid = ssomanager.getSSOSessionID(req); - //delete SSO session and MOA session - AuthenticationManager authmanager = AuthenticationManager.getInstance(); - String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid); - - authmanager.logout(req, resp, moasessionid); - Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); - } else { - Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl); - } + if (ssomanager.isValidSSOSession(ssoid, req)) { - //Remove SSO token - ssomanager.deleteSSOSessionID(req, resp); + //TODO: Single LogOut Implementation - //invalidate Session - req.getSession().invalidate(); + //delete SSO session and MOA session + AuthenticationManager authmanager = AuthenticationManager.getInstance(); + String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid); + RequestStorage.removePendingRequest(RequestStorage.getPendingRequest(req.getSession()), + AuthenticationSessionStoreage.getPendingRequestID(moasessionid)); + + authmanager.logout(req, resp, moasessionid); + Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); + } else { + Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl); + } + + //Remove SSO token + ssomanager.deleteSSOSessionID(req, resp); + + } catch (Exception e) { + Logger.warn(LogOutServlet.class.getName() + " has an LogOut Error. Redirect to Applikation " + redirectUrl, e); + } + //Redirect to Application resp.setStatus(301); resp.addHeader("Location", redirectUrl); |