add timeout to frontchannel SLO

1 files changed, 8 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 9dddce4b0..8f9417096 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -59,6 +59,7 @@ import org.opensaml.ws.soap.common.SOAPException;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.security.SecurityException;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
 import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder;
 import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
@@ -103,6 +104,7 @@ public class AuthenticationManager extends AuthServlet {
 	public static final String MOA_SESSION = "MoaAuthenticationSession";
 	public static final String MOA_AUTHENTICATED = "MoaAuthenticated";
 
+	public static final int SLOTIMEOUT = 30 * 1000; //30 sec
 	
 	public static AuthenticationManager getInstance() {
 		if (instance == null) {
@@ -244,8 +246,14 @@ public class AuthenticationManager extends AuthServlet {
 				
 				AssertionStorage.getInstance().put(relayState, sloContainer);
 				
+				String timeOutURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix()
+						+ "/idpSingleLogout"
+						+ "?restart=" + relayState;
+				
 		        VelocityContext context = new VelocityContext();
 		        context.put("redirectURLs", sloReqList);
+		        context.put("$timeoutURL", timeOutURL);
+		        context.put("$timeout", SLOTIMEOUT);
 		        ssomanager.printSingleLogOutInfo(context, httpResp);