LogoutConfigurer (Spring Boot Security SAML 1.16 API)

java.lang.Object
- org.springframework.security.config.annotation.SecurityConfigurerAdapter<Void,ServiceProviderBuilder>
- - com.github.ulisesbocchio.spring.boot.security.saml.configurer.builder.LogoutConfigurer

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityConfigurer<Void,ServiceProviderBuilder>
```
public class LogoutConfigurer
extends org.springframework.security.config.annotation.SecurityConfigurerAdapter<Void,ServiceProviderBuilder>
```
Builder configurer that takes care of configuring/customizing the SAMLLogoutFilter bean and SAMLLogoutProcessingFilter bean.

This configurer always instantiates its own SAMLLogoutFilter and SAMLLogoutProcessingFilter based on the specified configuration.

This configurer also reads the values from SAMLSSOProperties#getLogout() for some the DSL methods if they are not used. In other words, the user is able to configure the filters through the following properties:
```
     saml.sso.logout.default-target-url
     saml.sso.logout.logout-url
     saml.sso.logout.single-logout-url
     saml.sso.logout.clear-authentication
     saml.sso.logout.invalidate-session
 
```
Author:

Ulises Bocchio

Constructor Summary

Constructors
Constructor and Description

LogoutConfigurer()

Constructors
Constructor and Description
`LogoutConfigurer()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`LogoutConfigurer`	`clearAuthentication(Boolean value)` If true, removes the Authentication from the SecurityContext to prevent issues with concurrent requests.
`void`	`configure(ServiceProviderBuilder builder)`
`protected org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler`	`createDefaultGlobalHandler()`
`protected org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler`	`createDefaultLocalHandler()`
`protected org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler`	`createDefaultSuccessHandler()`
`LogoutConfigurer`	`defaultTargetURL(String url)` Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true.
`LogoutConfigurer`	`globalHandler(org.springframework.security.web.authentication.logout.LogoutHandler handler)` Handler to be invoked when global logout is selected.
`void`	`init(ServiceProviderBuilder builder)`
`LogoutConfigurer`	`invalidateSession(Boolean value)` Causes the HttpSession to be invalidated when this LogoutHandler is invoked.
`LogoutConfigurer`	`localHandler(org.springframework.security.web.authentication.logout.LogoutHandler handler)` Handler to be invoked when local logout is selected.
`LogoutConfigurer`	`logoutURL(String url)` Sets the URL used to determine if the `SAMLLogoutFilter` is invoked.
`LogoutConfigurer`	`singleLogoutURL(String url)` Sets the URL used to determine if the `SAMLLogoutProcessingFilter` is invoked.
`LogoutConfigurer`	`successHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler handler)` Handler to be invoked upon successful logout.

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - LogoutConfigurer
```
public LogoutConfigurer()
```
- Method Detail
  - init
```
public void init(ServiceProviderBuilder builder)
          throws Exception
```
    Specified by:
    
    init in interface org.springframework.security.config.annotation.SecurityConfigurer<Void,ServiceProviderBuilder>
    
    Overrides:
    
    init in class org.springframework.security.config.annotation.SecurityConfigurerAdapter<Void,ServiceProviderBuilder>
    
    Throws:
    
    Exception
  - configure
```
public void configure(ServiceProviderBuilder builder)
               throws Exception
```
    Specified by:
    
    configure in interface org.springframework.security.config.annotation.SecurityConfigurer<Void,ServiceProviderBuilder>
    
    Overrides:
    
    configure in class org.springframework.security.config.annotation.SecurityConfigurerAdapter<Void,ServiceProviderBuilder>
    
    Throws:
    
    Exception
  - createDefaultLocalHandler
```
protected org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler createDefaultLocalHandler()
```
  - createDefaultGlobalHandler
```
protected org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler createDefaultGlobalHandler()
```
  - createDefaultSuccessHandler
```
protected org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler createDefaultSuccessHandler()
```
  - defaultTargetURL
```
public LogoutConfigurer defaultTargetURL(String url)
```
    Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true. If not set, defaults to /. It will be treated as relative to the web-app's context path, and should include the leading /. Alternatively, inclusion of a scheme name (such as "http://" or "https://") as the prefix will denote a fully-qualified URL and this is also supported. Default is "/". Not relevant if successHandler(LogoutSuccessHandler) is used.
    Alternatively use property:
```
      saml.sso.logout.default-target-url
 
```
    Parameters:
    
    url - the default target URL
    
    Returns:
    
    this configurer for further customization
  - logoutURL
```
public LogoutConfigurer logoutURL(String url)
```
    Sets the URL used to determine if the SAMLLogoutFilter is invoked. Default is "/saml/logout".
    Alternatively use property:
```
      saml.sso.logout.logout-url
 
```
    Parameters:
    
    url - the url used to invoke the SAMLLogoutFilter.
    
    Returns:
    
    this configurer for further customization
  - singleLogoutURL
```
public LogoutConfigurer singleLogoutURL(String url)
```
    Sets the URL used to determine if the SAMLLogoutProcessingFilter is invoked. Default is "/saml/SingleLogout".
    Alternatively use property:
```
      saml.sso.logout.single-logout-url
 
```
    Parameters:
    
    url - the url used to invoke the SAMLLogoutProcessingFilter.
    
    Returns:
    
    this configurer for further customization
  - clearAuthentication
```
public LogoutConfigurer clearAuthentication(Boolean value)
```
    If true, removes the Authentication from the SecurityContext to prevent issues with concurrent requests. Default is true. Not relevant if localHandler(LogoutHandler) is used.
    Alternatively use property:
```
      saml.sso.logout.clear-authentication
 
```
    Parameters:
    
    value - true if you wish to clear the Authentication from the SecurityContext (default) or false if the Authentication should not be removed.
    
    Returns:
    
    this configurer for further customization
  - invalidateSession
```
public LogoutConfigurer invalidateSession(Boolean value)
```
    Causes the HttpSession to be invalidated when this LogoutHandler is invoked. Defaults to true. Default is false. Not relevant if localHandler(LogoutHandler) is used.
    Alternatively use property:
```
      saml.sso.logout.invalidate-session
 
```
    Parameters:
    
    value - true if you wish the session to be invalidated or false (default) if it should not be.
    
    Returns:
    
    this configurer for further customization
  - successHandler
```
public LogoutConfigurer successHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler handler)
```
    Handler to be invoked upon successful logout. Overrides value set by defaultTargetURL(String).
    
    Parameters:
    
    handler - the handler to invoke upon successful logout.
    
    Returns:
    
    this configurer for further customization
  - localHandler
```
public LogoutConfigurer localHandler(org.springframework.security.web.authentication.logout.LogoutHandler handler)
```
    Handler to be invoked when local logout is selected. Overrides values set by clearAuthentication and invalidateSession for local logout.
    
    Parameters:
    
    handler - the handler to be invoked.
    
    Returns:
    
    this configurer for further customization
  - globalHandler
```
public LogoutConfigurer globalHandler(org.springframework.security.web.authentication.logout.LogoutHandler handler)
```
    Handler to be invoked when global logout is selected. Overrides values set by clearAuthentication and invalidateSession for global logout.
    
    Parameters:
    
    handler - the handler to be invoked.
    
    Returns:
    
    this configurer for further customization

Class LogoutConfigurer

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter

Methods inherited from class java.lang.Object

Constructor Detail

LogoutConfigurer

Method Detail

init

configure

createDefaultLocalHandler

createDefaultGlobalHandler

createDefaultSuccessHandler

defaultTargetURL

logoutURL

singleLogoutURL

clearAuthentication

invalidateSession

successHandler

localHandler

globalHandler