cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf-fediz git commit: Default to logging out without confirmation for the signoutcleanup case + added a configuration option
Date Sun, 12 Apr 2015 11:53:06 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master a8160e688 -> ccb7a08e8


Default to logging out without confirmation for the signoutcleanup case + added a configuration
option


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/ccb7a08e
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/ccb7a08e
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/ccb7a08e

Branch: refs/heads/master
Commit: ccb7a08e83b632125edb398fd7de060fe33539e3
Parents: a8160e6
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Sun Apr 12 12:31:59 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Sun Apr 12 12:31:59 2015 +0100

----------------------------------------------------------------------
 .../org/apache/cxf/fediz/service/idp/domain/Idp.java   | 13 ++++++++++++-
 .../fediz/service/idp/service/jpa/IdpDAOJPAImpl.java   |  3 ++-
 .../cxf/fediz/service/idp/service/jpa/IdpEntity.java   | 10 ++++++++++
 .../webapp/WEB-INF/federation-validate-request.xml     |  3 ++-
 .../idp/src/main/webapp/WEB-INF/idp-config-realma.xml  |  2 +-
 5 files changed, 27 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/ccb7a08e/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
index 1d8d0b3..389348b 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
@@ -35,7 +35,7 @@ import javax.xml.bind.annotation.XmlType;
 @XmlType(propOrder = {"realm", "uri", "serviceDisplayName", "serviceDescription", "idpUrl",
"stsUrl",
                      "certificate", "certificatePassword", "provideIdpList", "useCurrentIdp",
"hrds",
                      "rpSingleSignOutConfirmation", "supportedProtocols", "tokenTypesOffered",
"claimTypesOffered",
-                     "authenticationURIs", "applications", "trustedIdps", "id" })
+                     "authenticationURIs", "applications", "trustedIdps", "id", "rpSingleSignOutCleanupConfirmation"
})
 public class Idp implements Serializable {
 
     private static final long serialVersionUID = -5570301342547139039L;
@@ -115,6 +115,9 @@ public class Idp implements Serializable {
     // The user/browser must explicitly confirm to logout from all applications
     private boolean rpSingleSignOutConfirmation;
     
+    // Is explicit confirmation required when the "cleanup" URL is called
+    private boolean rpSingleSignOutCleanupConfirmation;
+    
     @XmlAttribute
     public int getId() {
         return id;
@@ -290,4 +293,12 @@ public class Idp implements Serializable {
         this.rpSingleSignOutConfirmation = rpSingleSignOutConfirmation;
     }
 
+    public boolean isRpSingleSignOutCleanupConfirmation() {
+        return rpSingleSignOutCleanupConfirmation;
+    }
+
+    public void setRpSingleSignOutCleanupConfirmation(boolean rpSingleSignOutCleanupConfirmation)
{
+        this.rpSingleSignOutCleanupConfirmation = rpSingleSignOutCleanupConfirmation;
+    }
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/ccb7a08e/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPAImpl.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPAImpl.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPAImpl.java
index b27ce24..c8ec6ad 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPAImpl.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPAImpl.java
@@ -293,6 +293,7 @@ public class IdpDAOJPAImpl implements IdpDAO {
         entity.setUri(idp.getUri());
         entity.setUseCurrentIdp(idp.isUseCurrentIdp());
         entity.setRpSingleSignOutConfirmation(idp.isRpSingleSignOutConfirmation());
+        entity.setRpSingleSignOutCleanupConfirmation(idp.isRpSingleSignOutCleanupConfirmation());
         
         entity.getAuthenticationURIs().clear();
         for (Map.Entry<String, String> item : idp.getAuthenticationURIs().entrySet())
{
@@ -326,7 +327,7 @@ public class IdpDAOJPAImpl implements IdpDAO {
         idp.setUri(entity.getUri());
         idp.setUseCurrentIdp(entity.isUseCurrentIdp());
         idp.setRpSingleSignOutConfirmation(entity.isRpSingleSignOutConfirmation());
-        
+        idp.setRpSingleSignOutCleanupConfirmation(entity.isRpSingleSignOutCleanupConfirmation());
         
         if (expandList != null && (expandList.contains("all") || expandList.contains("applications")))
{
             for (ApplicationEntity item : entity.getApplications()) {

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/ccb7a08e/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpEntity.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpEntity.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpEntity.java
index 95035fa..1eda135 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpEntity.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpEntity.java
@@ -134,6 +134,8 @@ public class IdpEntity {
 
     // ServiceDescription
     private String serviceDescription;
+    
+    private boolean rpSingleSignOutCleanupConfirmation;
 
 
     public int getId() {
@@ -288,4 +290,12 @@ public class IdpEntity {
         this.rpSingleSignOutConfirmation = rpSingleSignOutConfirmation;
     }
 
+    public boolean isRpSingleSignOutCleanupConfirmation() {
+        return rpSingleSignOutCleanupConfirmation;
+    }
+
+    public void setRpSingleSignOutCleanupConfirmation(boolean rpSingleSignOutCleanupConfirmation)
{
+        this.rpSingleSignOutCleanupConfirmation = rpSingleSignOutCleanupConfirmation;
+    }
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/ccb7a08e/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml b/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
index e22f95a..9184f7b 100644
--- a/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
@@ -69,7 +69,8 @@
             <evaluate expression="@org.apache.cxf.fediz.service.idp.util.WebUtils@getHttpHeader(flowRequestContext,
'Referer')" result="flowScope.wreply"/>
         </on-entry>
         <if
-            test="flowScope.idpConfig.rpSingleSignOutConfirmation == true"
+            test="requestParameters.wa == 'wsignout1.0' and flowScope.idpConfig.rpSingleSignOutConfirmation
== true
+            or requestParameters.wa == 'wsignoutcleanup1.0' and flowScope.idpConfig.rpSingleSignOutCleanupConfirmation
== true"
             then="viewSignoutConfirmation" else="invalidateSessionAction" />
     </decision-state>
 

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/ccb7a08e/services/idp/src/main/webapp/WEB-INF/idp-config-realma.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/idp-config-realma.xml b/services/idp/src/main/webapp/WEB-INF/idp-config-realma.xml
index 0faf1fe..07c9a44 100644
--- a/services/idp/src/main/webapp/WEB-INF/idp-config-realma.xml
+++ b/services/idp/src/main/webapp/WEB-INF/idp-config-realma.xml
@@ -91,8 +91,8 @@
         </property>
         <property name="serviceDisplayName" value="REALM A" />
         <property name="serviceDescription" value="IDP of Realm A" />
-        <property name="localSingleSignOutConfirmation" value="true"/>
         <property name="rpSingleSignOutConfirmation" value="true"/>
+        <property name="rpSingleSignOutCleanupConfirmation" value="false"/>
     </bean>
 
     <bean id="trusted-idp-realmB"


Mime
View raw message