Reformatted LogoutFilter.

2007-08-27 16:56:33 +00:00 · 2007-08-27 16:56:33 +00:00 · 82599a72ba
parent f8689b18b2
commit 82599a72ba
1 changed files with 105 additions and 115 deletions
--- a/core/src/main/java/org/acegisecurity/ui/logout/LogoutFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/logout/LogoutFilter.java
@ -35,145 +35,135 @@ import org.springframework.util.Assert;
 /**
 * Logs a principal out.
 * <p>
- * Polls a series of {@link LogoutHandler}s. The handlers should be specified
- * in the order they are required. Generally you will want to call logout
- * handlers <code>TokenBasedRememberMeServices</code> and
+ * Polls a series of {@link LogoutHandler}s. The handlers should be specified in the order they are required.
+ * Generally you will want to call logout handlers <code>TokenBasedRememberMeServices</code> and
 * <code>SecurityContextLogoutHandler</code> (in that order).
 * </p>
 * <p>
 * After logout, the URL specified by {@link #logoutSuccessUrl} will be shown.
 * </p>
 * <p>
- * <b>Do not use this class directly.</b> Instead configure
- * <code>web.xml</code> to use the {@link
- * org.acegisecurity.util.FilterToBeanProxy}.
+ * <b>Do not use this class directly.</b> Instead configure <code>web.xml</code> to use the
+ * {@link org.acegisecurity.util.FilterToBeanProxy}.
 * </p>
- * 
+ *
 * @author Ben Alex
 * @version $Id$
 */
 public class LogoutFilter implements Filter {
-	// ~ Static fields/initializers
-	// =====================================================================================
+    //~ Static fields/initializers =====================================================================================

-	private static final Log logger = LogFactory.getLog(LogoutFilter.class);
+    private static final Log logger = LogFactory.getLog(LogoutFilter.class);

-	// ~ Instance fields
-	// ================================================================================================
+    //~ Instance fields ================================================================================================

-	private String filterProcessesUrl = "/j_acegi_logout";
+    private String filterProcessesUrl = "/j_acegi_logout";
+    private String logoutSuccessUrl;
+    private LogoutHandler[] handlers;

-	private String logoutSuccessUrl;
+    //~ Constructors ===================================================================================================

-	private LogoutHandler[] handlers;
+    public LogoutFilter(String logoutSuccessUrl, LogoutHandler[] handlers) {
+        Assert.hasText(logoutSuccessUrl, "LogoutSuccessUrl required");
+        Assert.notEmpty(handlers, "LogoutHandlers are required");
+        this.logoutSuccessUrl = logoutSuccessUrl;
+        this.handlers = handlers;
+    }

-	// ~ Constructors
-	// ===================================================================================================
+    //~ Methods ========================================================================================================

-	public LogoutFilter(String logoutSuccessUrl, LogoutHandler[] handlers) {
-		Assert.hasText(logoutSuccessUrl, "LogoutSuccessUrl required");
-		Assert.notEmpty(handlers, "LogoutHandlers are required");
-		this.logoutSuccessUrl = logoutSuccessUrl;
-		this.handlers = handlers;
+    /**
+     * Not used. Use IoC container lifecycle methods instead.
+     */
+    public void destroy() {
+    }
+
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
+            ServletException {
+        if (!(request instanceof HttpServletRequest)) {
+            throw new ServletException("Can only process HttpServletRequest");
+        }
+
+        if (!(response instanceof HttpServletResponse)) {
+            throw new ServletException("Can only process HttpServletResponse");
+        }
+
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+
+        if (requiresLogout(httpRequest, httpResponse)) {
+            Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+
+            if (logger.isDebugEnabled()) {
+                logger.debug("Logging out user '" + auth + "' and redirecting to logout page");
+            }
+
+            for (int i = 0; i < handlers.length; i++) {
+                handlers[i].logout(httpRequest, httpResponse, auth);
+            }
+
+            sendRedirect(httpRequest, httpResponse, logoutSuccessUrl);
+
+            return;
+        }
+
+        chain.doFilter(request, response);
+    }
+
+    /**
+     * Not used. Use IoC container lifecycle methods instead.
+     *
+     * @param arg0 ignored
+     *
+     * @throws ServletException ignored
+     */
+    public void init(FilterConfig arg0) throws ServletException {
 	}

-	// ~ Methods
-	// ========================================================================================================
+    /**
+     * Allow subclasses to modify when a logout should take place.
+     *
+     * @param request the request
+     * @param response the response
+     *
+     * @return <code>true</code> if logout should occur, <code>false</code> otherwise
+     */
+    protected boolean requiresLogout(HttpServletRequest request, HttpServletResponse response) {
+        String uri = request.getRequestURI();
+        int pathParamIndex = uri.indexOf(';');

-	/**
-	 * Not used. Use IoC container lifecycle methods instead.
-	 */
-	public void destroy() {
-	}
+        if (pathParamIndex > 0) {
+            // strip everything after the first semi-colon
+            uri = uri.substring(0, pathParamIndex);
+        }

-	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
-			ServletException {
-		if (!(request instanceof HttpServletRequest)) {
-			throw new ServletException("Can only process HttpServletRequest");
-		}
+        if ("".equals(request.getContextPath())) {
+            return uri.endsWith(filterProcessesUrl);
+        }

-		if (!(response instanceof HttpServletResponse)) {
-			throw new ServletException("Can only process HttpServletResponse");
-		}
+        return uri.endsWith(request.getContextPath() + filterProcessesUrl);
+    }

-		HttpServletRequest httpRequest = (HttpServletRequest) request;
-		HttpServletResponse httpResponse = (HttpServletResponse) response;
+    /**
+     * Allow subclasses to modify the redirection message.
+     *
+     * @param request  the request
+     * @param response the response
+     * @param url      the URL to redirect to
+     *
+     * @throws IOException in the event of any failure
+     */
+    protected void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url)
+            throws IOException {
+        if (!url.startsWith("http://") && !url.startsWith("https://")) {
+            url = request.getContextPath() + url;
+        }

-		if (requiresLogout(httpRequest, httpResponse)) {
-			Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-
-			if (logger.isDebugEnabled()) {
-				logger.debug("Logging out user '" + auth + "' and redirecting to logout page");
-			}
-
-			for (int i = 0; i < handlers.length; i++) {
-				handlers[i].logout(httpRequest, httpResponse, auth);
-			}
-
-			sendRedirect(httpRequest, httpResponse, logoutSuccessUrl);
-
-			return;
-		}
-
-		chain.doFilter(request, response);
-	}
-
-	/**
-	 * Not used. Use IoC container lifecycle methods instead.
-	 * 
-	 * @param arg0 ignored
-	 * 
-	 * @throws ServletException ignored
-	 */
-	public void init(FilterConfig arg0) throws ServletException {
-	}
-
-	/**
-	 * Allow subclasses to modify when a logout should tak eplace.
-	 * 
-	 * @param request the request
-	 * @param response the response
-	 * 
-	 * @return <code>true</code> if logout should occur, <code>false</code>
-	 * otherwise
-	 */
-	protected boolean requiresLogout(HttpServletRequest request, HttpServletResponse response) {
-		String uri = request.getRequestURI();
-		int pathParamIndex = uri.indexOf(';');
-
-		if (pathParamIndex > 0) {
-			// strip everything after the first semi-colon
-			uri = uri.substring(0, pathParamIndex);
-		}
-
-		if ("".equals(request.getContextPath())) {
-			return uri.endsWith(filterProcessesUrl);
-		}
-
-		return uri.endsWith(request.getContextPath() + filterProcessesUrl);
-	}
-
-	/**
-	 * Allow subclasses to modify the redirection message.
-	 * 
-	 * @param request the request
-	 * @param response the response
-	 * @param url the URL to redirect to
-	 * 
-	 * @throws IOException in the event of any failure
-	 */
-	protected void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url)
-			throws IOException {
-		if (!url.startsWith("http://") && !url.startsWith("https://")) {
-			url = request.getContextPath() + url;
-		}
-
-		response.sendRedirect(response.encodeRedirectURL(url));
-	}
-
-	public void setFilterProcessesUrl(String filterProcessesUrl) {
-		Assert.hasText(filterProcessesUrl, "FilterProcessesUrl required");
-		this.filterProcessesUrl = filterProcessesUrl;
-	}
+        response.sendRedirect(response.encodeRedirectURL(url));
+    }

+    public void setFilterProcessesUrl(String filterProcessesUrl) {
+        Assert.hasText(filterProcessesUrl, "FilterProcessesUrl required");
+        this.filterProcessesUrl = filterProcessesUrl;
+    }
 }