aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java43
1 files changed, 24 insertions, 19 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index caf2e4490..8dc5d7469 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -83,29 +83,34 @@ public class LogOutServlet extends AuthServlet {
SSOManager ssomanager = SSOManager.getInstance();
- //get SSO token from request
- String ssoid = ssomanager.getSSOSessionID(req);
-
- if (ssomanager.isValidSSOSession(ssoid, req)) {
-
- //TODO: Single LogOut Implementation
+ try {
+ //get SSO token from request
+ String ssoid = ssomanager.getSSOSessionID(req);
- //delete SSO session and MOA session
- AuthenticationManager authmanager = AuthenticationManager.getInstance();
- String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
-
- authmanager.logout(req, resp, moasessionid);
- Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
- } else {
- Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);
- }
+ if (ssomanager.isValidSSOSession(ssoid, req)) {
- //Remove SSO token
- ssomanager.deleteSSOSessionID(req, resp);
+ //TODO: Single LogOut Implementation
- //invalidate Session
- req.getSession().invalidate();
+ //delete SSO session and MOA session
+ AuthenticationManager authmanager = AuthenticationManager.getInstance();
+ String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
+ RequestStorage.removePendingRequest(RequestStorage.getPendingRequest(req.getSession()),
+ AuthenticationSessionStoreage.getPendingRequestID(moasessionid));
+
+ authmanager.logout(req, resp, moasessionid);
+ Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
+ } else {
+ Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);
+ }
+
+ //Remove SSO token
+ ssomanager.deleteSSOSessionID(req, resp);
+
+ } catch (Exception e) {
+ Logger.warn(LogOutServlet.class.getName() + " has an LogOut Error. Redirect to Applikation " + redirectUrl, e);
+ }
+
//Redirect to Application
resp.setStatus(301);
resp.addHeader("Location", redirectUrl);
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 10:26:34 +0000