de.hska.ld.core.config.security.AjaxLogoutSuccessHandler.java Source code

Java tutorial

  1. HOME
  2. Java
  3. de.hska.ld.core.config.security.AjaxLogoutSuccessHandler.java

Introduction

Here is the source code for de.hska.ld.core.config.security.AjaxLogoutSuccessHandler.java

Source

/**
 * Code contributed to the Learning Layers project
 * http://www.learning-layers.eu
 * Development is partly funded by the FP7 Programme of the European
 * Commission under Grant Agreement FP7-ICT-318209.
 * Copyright (c) 2014, Karlsruhe University of Applied Sciences.
 * For a list of contributors see the AUTHORS file at the top-level directory
 * of this distribution.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package de.hska.ld.core.config.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class AjaxLogoutSuccessHandler extends AbstractAuthenticationTargetUrlRequestHandler
        implements LogoutSuccessHandler {

    @Autowired
    private Environment env;

    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
            Authentication authentication) throws IOException, ServletException {

        //
        // To delete a cookie, we need to create a cookie that has the same
        // name with the cookie that we want to delete. We also need to set
        // the max age of the cookie to 0 and then add it to the Servlet's
        // response method.
        //
        javax.servlet.http.Cookie cookie = new Cookie("sessionID", "");
        cookie.setPath("/");
        if (!"localhost".equals(env.getProperty("module.core.oidc.server.endpoint.main.domain"))) {
            cookie.setDomain(env.getProperty("module.core.oidc.server.endpoint.main.domain"));
        }
        cookie.setMaxAge(0);
        response.addCookie(cookie);

        // TODO destory session in etherpad

        response.setStatus(HttpServletResponse.SC_OK);
    }
}