com.nec.harvest.security.handler.HarvestLogoutSuccessHandler.java Source code

Introduction

Here is the source code for com.nec.harvest.security.handler.HarvestLogoutSuccessHandler.java

Source

/*
 * Copyright(C) 2014
 * NEC Corporation All rights reserved.
 * 
 * No permission to use, copy, modify and distribute this software
 * and its documentation for any purpose is granted.
 * This software is provided under applicable license agreement only.
 */
package com.nec.harvest.security.handler;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import com.nec.harvest.http.HttpServletContentType;
import com.nec.harvest.userdetails.AuthenticatedUserDetails;

public class HarvestLogoutSuccessHandler implements LogoutHandler, LogoutSuccessHandler {

    private static final Logger logger = LoggerFactory.getLogger(HarvestLogoutSuccessHandler.class);

    @Override
    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
        try {
            onLogout(request, response, authentication);
        } catch (Exception ex) {
            logger.warn(ex.getMessage(), ex);
        }
    }

    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
            Authentication authentication) throws IOException, ServletException {
        onLogout(request, response, authentication);
    }

    /**
     * Causes a logout to be completed. The method must complete successfully
     * 
     * @param request
     * @param response
     * @param authentication
     * @throws IOException
     * @throws ServletException
     */
    protected void onLogout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
            throws IOException, ServletException {
        final HttpSession session = request.getSession();
        if (session != null) {
            // ??????????
            session.invalidate();

            // Invalidates this session then unbinds any objects bound to it
            logger.info(
                    "??????????");
        }

        // Remove from LRU Cache
        AuthenticatedUserDetails.removeUserPrincipal();

        // The {} successfully logged out...
        String username = authentication != null ? authentication.getName() : "HARVEST SYSTEM";
        logger.info("The {} successfully logged out...", username);

        // Empty authentication
        SecurityContextHolder.getContext().setAuthentication(null);

        // Redirect to LOGIN
        response.setStatus(HttpServletResponse.SC_OK);
        response.setContentType(HttpServletContentType.PLAN_TEXT);
        response.sendRedirect(request.getContextPath() + "/login");
        response.flushBuffer();
    }
}