Skip to content

Commit

Permalink
KEYCLOAK-7094 Support redirect to external logout page for saml filte…
Browse files Browse the repository at this point in the history 
…r adapter
  • Loading branch information
@vramik @hmlnarik
vramik authored and hmlnarik committed Jun 19, 2018
1 parent e638391 commit 2fcfa5c
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 5 deletions.
16 changes: 12 additions & 4 deletions ...ters/saml/servlet-filter/src/main/java/org/keycloak/adapters/saml/servlet/SamlFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@
import java.io.InputStream;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;

/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
Expand All @@ -61,6 +62,7 @@ public class SamlFilter implements Filter {
protected SamlDeploymentContext deploymentContext;
protected SessionIdMapper idMapper;
private final static Logger log = Logger.getLogger("" + SamlFilter.class);
private static final Pattern PROTOCOL_PATTERN = Pattern.compile("^[a-zA-Z][a-zA-Z0-9+.-]*:");

@Override
public void init(final FilterConfig filterConfig) throws ServletException {
Expand Down Expand Up @@ -137,7 +139,7 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
}
FilterSamlSessionStore tokenStore = new FilterSamlSessionStore(request, facade, 100000, idMapper);
boolean isEndpoint = request.getRequestURI().substring(request.getContextPath().length()).endsWith("/saml");
SamlAuthenticator authenticator = null;
SamlAuthenticator authenticator;
if (isEndpoint) {
authenticator = new SamlAuthenticator(facade, deployment, tokenStore) {
@Override
Expand Down Expand Up @@ -176,9 +178,15 @@ protected SamlAuthenticationHandler createBrowserHandler(HttpFacade facade, Saml
}
if (outcome == AuthOutcome.LOGGED_OUT) {
tokenStore.logoutAccount();
if (deployment.getLogoutPage() != null) {
RequestDispatcher disp = req.getRequestDispatcher(deployment.getLogoutPage());
disp.forward(req, res);
String logoutPage = deployment.getLogoutPage();
if (logoutPage != null) {
if (PROTOCOL_PATTERN.matcher(logoutPage).find()) {
response.sendRedirect(logoutPage);
log.log(Level.FINE, "Redirected to logout page {0}", logoutPage);
} else {
RequestDispatcher disp = req.getRequestDispatcher(logoutPage);
disp.forward(req, res);
}
return;
}
chain.doFilter(req, res);
Expand Down
2 changes: 1 addition & 1 deletion ...ests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -271,7 +271,7 @@ protected void modifyWebXml(Archive<?> archive, TestClass testClass) {
"org.keycloak.adapters.saml.jbossweb.infinispan.InfinispanSessionCacheIdMapperUpdater");
}

if (testClass.getJavaClass().isAnnotationPresent(UseServletFilter.class)) {
if (testClass.getJavaClass().isAnnotationPresent(UseServletFilter.class) && archive.contains(JBOSS_DEPLOYMENT_XML_PATH)) {

addFilterDependencies(archive, testClass);

Expand Down

0 comments on commit 2fcfa5c

Please sign in to comment.