SEC-937: Added CAS logout filter to sample application

samples/cas/client/src/main/webapp/WEB-INF/applicationContext-security.xml

@@ -8,7 +8,7 @@
     <sec:http entry-point-ref="casProcessingFilterEntryPoint">
         <sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR" requires-channel="https"/>
         <sec:intercept-url pattern="/secure/**" access="ROLE_USER" />
-        <sec:logout />
+        <sec:logout logout-success-url="/cas-logout.jsp"/>
     </sec:http>
 
     <sec:authentication-manager alias="authenticationManager"/>
@@ -17,8 +17,8 @@
         <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
         <property name="authenticationManager" ref="authenticationManager"/>
         <property name="authenticationFailureUrl" value="/casfailed.jsp"/>
-        <property name="defaultTargetUrl" value="/"/>
-        <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
+        <property name="defaultTargetUrl" value="/"/>
+        <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
         <property name="proxyReceptorUrl" value="/secure/receptor" />
     </bean>
 
@@ -33,14 +33,14 @@
         <property name="serviceProperties" ref="serviceProperties" />
         <property name="ticketValidator">
         	<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
-        		<constructor-arg index="0" value="https://localhost:9443/cas" />
-        		<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
+        		<constructor-arg index="0" value="https://localhost:9443/cas" />
+        		<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
         		<property name="proxyCallbackUrl" value="https://localhost:8443/cas-sample/secure/receptor" />
             </bean>
         </property>
-        <property name="key" value="an_id_for_this_auth_provider_only"/>
-    </bean>
-    
+        <property name="key" value="an_id_for_this_auth_provider_only"/>
+    </bean>
+    
     <bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
 
     <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">

samples/cas/client/src/main/webapp/WEB-INF/web.xml

@@ -27,11 +27,21 @@
         <param-value>/WEB-INF/classes/log4j.properties</param-value>
     </context-param>
 
+	<filter>
+	   <filter-name>CAS Single Sign Out Filter</filter-name>
+	   <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
+	</filter>
+
     <filter>
         <filter-name>springSecurityFilterChain</filter-name>
         <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
     </filter>
 
+	<filter-mapping>
+	   <filter-name>CAS Single Sign Out Filter</filter-name>
+	   <url-pattern>/*</url-pattern>
+	</filter-mapping>
+
     <filter-mapping>
       <filter-name>springSecurityFilterChain</filter-name>
       <url-pattern>/*</url-pattern>
@@ -42,6 +52,10 @@
 	  - The application context is then available via
 	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
     -->
+	<listener>
+		<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
+	</listener>
+
 	<listener>
 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 	</listener>

samples/cas/client/src/main/webapp/cas-logout.jsp

@@ -0,0 +1,15 @@
+
+<html>
+<head>
+    <title>Single-sign out?</title>
+</head>
+
+<body>
+<h2>Do you want to log out of CAS?</h2>
+
+<p>You have logged out of this application, but may still have an active single-sign on session with CAS.</p>
+
+<p><a href="https://localhost:9443/cas/logout">Logout of CAS</a></p>
+
+</body>
+</html>