diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java | 43 |
1 files changed, 24 insertions, 19 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index caf2e4490..8dc5d7469 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -83,29 +83,34 @@ public class LogOutServlet extends AuthServlet { SSOManager ssomanager = SSOManager.getInstance(); - //get SSO token from request - String ssoid = ssomanager.getSSOSessionID(req); - - if (ssomanager.isValidSSOSession(ssoid, req)) { - - //TODO: Single LogOut Implementation + try { + //get SSO token from request + String ssoid = ssomanager.getSSOSessionID(req); - //delete SSO session and MOA session - AuthenticationManager authmanager = AuthenticationManager.getInstance(); - String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid); - - authmanager.logout(req, resp, moasessionid); - Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); - } else { - Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl); - } + if (ssomanager.isValidSSOSession(ssoid, req)) { - //Remove SSO token - ssomanager.deleteSSOSessionID(req, resp); + //TODO: Single LogOut Implementation - //invalidate Session - req.getSession().invalidate(); + //delete SSO session and MOA session + AuthenticationManager authmanager = AuthenticationManager.getInstance(); + String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid); + RequestStorage.removePendingRequest(RequestStorage.getPendingRequest(req.getSession()), + AuthenticationSessionStoreage.getPendingRequestID(moasessionid)); + + authmanager.logout(req, resp, moasessionid); + Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); + } else { + Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl); + } + + //Remove SSO token + ssomanager.deleteSSOSessionID(req, resp); + + } catch (Exception e) { + Logger.warn(LogOutServlet.class.getName() + " has an LogOut Error. Redirect to Applikation " + redirectUrl, e); + } + //Redirect to Application resp.setStatus(301); resp.addHeader("Location", redirectUrl); |