List of usage examples for javax.servlet.http HttpServletRequest logout
public void logout() throws ServletException;
null
as the value returned when getUserPrincipal
, getRemoteUser
, and getAuthType
is called on the request. From source file:de.interseroh.report.controller.LoginController.java
@RequestMapping(value = "/login", method = RequestMethod.GET) public ModelAndView login(@RequestParam(value = "error", required = false) String error, @RequestParam(value = "logout", required = false) String logout, @RequestParam(value = "autherror", required = false) String authError, HttpServletRequest request) throws ServletException { logger.debug("Login executing..."); ModelAndView modelAndView = new ModelAndView(); if (error != null) { modelAndView.addObject("error", "Benutzername und/oder Passwort falsch!"); }/*from w w w. j ava 2 s . c o m*/ if (logout != null) { request.logout(); modelAndView.addObject("msg", "Logout war erfolgreich."); } if (authError != null) { request.logout(); modelAndView.addObject("error", "Sie haben keinen Zugriff auf dieser Anwendung."); } modelAndView.setViewName("/login"); configSetter.setBranding(modelAndView); configSetter.setVersion(modelAndView); return modelAndView; }
From source file:io.hops.hopsworks.api.user.AuthService.java
private void logoutAndInvalidateSession(HttpServletRequest req) throws UserException { Users user = userFacade.findByEmail(req.getRemoteUser()); try {//from w w w. ja v a 2 s. c o m req.getSession().invalidate(); req.logout(); if (user != null) { authController.registerLogout(user, req); //remove zeppelin ticket for user TicketContainer.instance.invalidate(user.getEmail()); } } catch (ServletException e) { accountAuditFacade.registerLoginInfo(user, UserAuditActions.LOGOUT.name(), UserAuditActions.FAILED.name(), req); throw new UserException(RESTCodes.UserErrorCode.LOGOUT_FAILURE, Level.SEVERE, null, e.getMessage(), e); } }
From source file:com.jivesoftware.os.upena.deployable.UpenaEndpoints.java
@GET @Path("/logout") @Produces(MediaType.TEXT_HTML)//from w w w . j a v a2 s . c o m public Response logout(@Context HttpServletRequest httpRequest, @Context UriInfo uriInfo) throws ServletException { httpRequest.logout(); String rendered = soyService.render(httpRequest.getRemoteUser(), uriInfo.getAbsolutePath() + "propagator/download", amzaClusterName.name); return Response.ok(rendered).build(); }
From source file:nc.noumea.mairie.organigramme.core.authentification.AuthentificationFilter.java
private ProfilAgentDto recupereProfilAgent(HttpServletRequest request, Integer employeeNumber) throws ServletException { ProfilAgentDto profilAgent = null;/*from w ww . ja v a2 s . c om*/ try { profilAgent = sirhWSConsumer.getAgent(employeeNumber); } catch (Exception e) { // le SIRH-WS ne semble pas repondre LOGGER.debug("L'application SIRH-WS ne semble pas rpondre."); request.logout(); return null; } if (null == profilAgent) { LOGGER.debug("ProfilAgent not exist in SIRH WS with EmployeeNumber : " + employeeNumber); request.logout(); return null; } return profilAgent; }
From source file:photosharing.api.LoginServlet.java
/** * Manages the authorization for a given user, creates a session or returns session invalid * // w w w. ja v a 2 s . c o m * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { /* * Checks to see if the User is logged in forces logout for any existing user, you wouldn't actually do this in production */ Principal user = request.getUserPrincipal(); if (user != null) { HttpSession session = request.getSession(false); if (session != null) { session.invalidate(); } request.logout(); } /* * Authorizes the User */ String auth = request.getHeader("Authorization"); if (auth != null && !auth.isEmpty()) { auth = auth.replace("Basic ", ""); String authDecoded = new String(Base64.decodeBase64(auth)); String[] creds = authDecoded.split(":"); String username = creds[0]; String password = creds[1]; try { request.login(username, password); request.getSession(true); } catch (Exception e) { response.setStatus(HttpStatus.SC_UNAUTHORIZED); } } else { response.setStatus(HttpStatus.SC_BAD_REQUEST); } }
From source file:nc.noumea.mairie.organigramme.core.authentification.AuthentificationFilter.java
private AccessRightOrganigrammeDto recupereAccessRightOrganigramme(HttpServletRequest request, Integer employeeNumber) throws ServletException { AccessRightOrganigrammeDto accessRightOrganigrammeDto = null; try {//from w w w . ja v a2 s.com accessRightOrganigrammeDto = sirhWSConsumer.getAutorisationOrganigramme(employeeNumber); } catch (Exception e) { // le SIRH-WS ne semble pas repondre LOGGER.debug("L'application SIRH-WS ne semble pas rpondre."); request.logout(); return null; } if (null == accessRightOrganigrammeDto) { LOGGER.debug("ProfilAgent not exist in SIRH WS with EmployeeNumber : " + employeeNumber); request.logout(); return null; } return accessRightOrganigrammeDto; }
From source file:dk.dma.msinm.user.security.SecurityServletFilter.java
/** * Main filter method/*w w w . j a va 2 s . c om*/ */ @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; // As of Wildfly 8.1, once a request has executed a successful request.login(), // subsequent requests will stay logged in. Surely this is an error(?). // Hence, we ensure that the request is logged out by default: try { request.logout(); } catch (ServletException e) { log.debug("Failed logging request out"); } // Check if the security filter needs to process this requested resource if (securityConf.checkResource(request)) { // Handle JWT if (securityConf.supportsJwtAuth()) { // Check if the request is a user-pwd or auth token login attempt if (securityConf.isJwtAuthEndpoint(request)) { handleJwtUserCredentialsOrAuthTokenLogin(request, response); return; } // If the request contains a JWT token header, attempt a login on the request request = attemptJwtAuthLogin(request, response); } // Handle Basic Authentication if (securityConf.supportsBasicAuth()) { // If the request contains a Basic authentication header, attempt a login request = attemptBasicAuthLogin(request); } // Check if the request resource specifies a required role CheckedResource errorResource = securityConf.lacksRequiredRole(request); if (errorResource != null) { log.error("User must have role " + errorResource.getRequiredRoles() + " for resource " + errorResource.getUri()); if (StringUtils.isNotBlank(errorResource.getRedirect())) { response.sendRedirect(errorResource.getRedirect()); } else { response.setStatus(getErrorStatusCode(request, HttpServletResponse.SC_UNAUTHORIZED)); } return; } } // Propagate the request chain.doFilter(request, response); }
From source file:fr.lepellerin.ecole.web.controller.IndexController.java
@RequestMapping(value = "/", method = RequestMethod.GET) public String welcomePage(final Model model, final HttpServletRequest request, final HttpServletResponse response) throws ServletException { final ParametreDto p = this.gpService.getIdActiviteCantine(); boolean paramCantine = false; boolean user = false; boolean admin = false; if (p == null) { Collection<? extends GrantedAuthority> authorities = SecurityContextHolder.getContext() .getAuthentication().getAuthorities(); for (GrantedAuthority grantedAuthority : authorities) { if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) { admin = true;//from w ww. ja v a 2 s . c o m } else if (grantedAuthority.getAuthority().equals("ROLE_FAMILLE")) { user = true; } } if (admin) { paramCantine = true; } else if (user) { request.logout(); return "redirect:/login?missingParam"; } } model.addAttribute(MODEL_PARAM_CANT, paramCantine); return "accueil/home"; }
From source file:io.apiman.common.servlet.AuthenticationFilter.java
/** * Handle BASIC authentication. Delegates this to the container by invoking 'login' * on the inbound http servlet request object. * @param credentials// www . j a va2 s. c o m * @param request * @param response * @param chain * @throws IOException * @throws ServletException */ protected void doBasicAuth(Creds credentials, HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { try { if (credentials.username.equals(request.getRemoteUser())) { // Already logged in as this user - do nothing. This can happen // in some app servers if the app server processes the BASIC auth // credentials before this filter gets a crack at them. WildFly 8 // works this way, for example (despite the web.xml not specifying // any login config!). } else if (request.getRemoteUser() != null) { // switch user request.logout(); request.login(credentials.username, credentials.password); } else { request.login(credentials.username, credentials.password); } } catch (Exception e) { // TODO log this error? e.printStackTrace(); sendAuthResponse((HttpServletResponse) response); return; } doFilterChain(request, response, chain, null); }
From source file:io.zipi.common.servlet.AuthenticationFilter.java
/** * Handle BASIC authentication. Delegates this to the container by invoking 'login' * on the inbound http servlet request object. * @param credentials the credentials/* w w w . j a va 2 s. com*/ * @param request the http servlet request * @param response the http servlet respose * @param chain the filter chain * @throws IOException when I/O failure occurs in filter chain * @throws ServletException when servlet exception occurs during auth */ protected void doBasicAuth(Creds credentials, HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { try { if (credentials.username.equals(request.getRemoteUser())) { // Already logged in as this user - do nothing. This can happen // in some app servers if the app server processes the BASIC auth // credentials before this filter gets a crack at them. WildFly 8 // works this way, for example (despite the web.xml not specifying // any login config!). } else if (request.getRemoteUser() != null) { // switch user request.logout(); request.login(credentials.username, credentials.password); } else { request.login(credentials.username, credentials.password); } } catch (Exception e) { // TODO log this error? e.printStackTrace(); sendAuthResponse(response); return; } doFilterChain(request, response, chain, null); }