package com.github.ebnew.ki4so.web.action; import java.io.IOException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.github.ebnew.ki4so.core.authentication.KnightCredential; import com.github.ebnew.ki4so.core.service.KnightService; import org.apache.log4j.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.view.RedirectView; import com.github.ebnew.ki4so.client.web.filters.Ki4soClientFilter; import com.github.ebnew.ki4so.core.authentication.Credential; import com.github.ebnew.ki4so.core.service.Ki4soService; import com.github.ebnew.ki4so.web.utils.WebConstants; /** * 登出web控制器,处理登出的请求。 * @author burgess yang * */ @Controller public class LogoutAction { private static final Logger LOGGER = Logger.getLogger(LogoutAction.class); @Autowired protected KnightCredentialResolver credentialResolver; @Autowired protected KnightService ki4soService; public void setKi4soService(KnightService ki4soService) { this.ki4soService = ki4soService; } /** * 设置用户凭据解析器。 * @param credentialResolver */ public void setCredentialResolver(KnightCredentialResolver credentialResolver) { this.credentialResolver = credentialResolver; } /** * 处理登出ki4so服务器的请求。 * 1.清除用户登录的状态信息,即用户登录了那些应用。 * 2.清除sso服务端的cookie。 * 3.统一登出用户登出过的所有应用。 * @param request 请求对象。 * @param response 响应对象。 * 如果参数servcie有合法的值,则跳转到该地址。否则返回到默认的登出成功页面。 * @throws IOException */ @RequestMapping("/logout") public ModelAndView logout(HttpServletRequest request, HttpServletResponse response,HttpSession session) throws IOException { ModelAndView modelAndView = new ModelAndView(); //获得service. String service = request.getParameter(WebConstants.SERVICE_PARAM_NAME); LOGGER.info("the service of logout is "+service); //解析用户凭据。 KnightCredential credential = credentialResolver.resolveCredential(request); //调用servie统一登出所有的应用。 this.ki4soService.logout(credential, service); //清除cookie值。 Cookie[] cookies = request.getCookies(); if(cookies!=null && cookies.length>0){ for(Cookie cookie:cookies){ if(WebConstants.KI4SO_SERVER_ENCRYPTED_CREDENTIAL_COOKIE_KEY.equals(cookie.getName())){ //设置过期时间为立即。 cookie.setMaxAge(0); response.addCookie(cookie); LOGGER.info("clear up the cookie "+WebConstants.KI4SO_SERVER_ENCRYPTED_CREDENTIAL_COOKIE_KEY); } } } if(!StringUtils.isEmpty(service)){ //跳转到service对应的URL地址 modelAndView.setView(new RedirectView(service)); session.setAttribute(Ki4soClientFilter.USER_STATE_IN_SESSION_KEY,null); } else{ //返回默认的登出成功页面。 modelAndView.setViewName("logoutSucess"); } return modelAndView; } }