security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/LogoutEntryPoint.java

   1 /*
   2  * Copyright (C) 2007-2012 Mathieu Baudier
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.ui.rap;
  17
  18 import javax.security.auth.login.LoginException;
  19
  20 import org.apache.commons.logging.Log;
  21 import org.apache.commons.logging.LogFactory;
  22 import org.eclipse.equinox.security.auth.ILoginContext;
  23 import org.eclipse.rwt.RWT;
  24 import org.eclipse.rwt.lifecycle.IEntryPoint;
  25 import org.eclipse.ui.PlatformUI;
  26 import org.springframework.security.context.SecurityContextHolder;
  27
  28 /**
  29  * RAP entry point which logs out the currently authenticated user
  30  */
  31 public class LogoutEntryPoint implements IEntryPoint {
  32         private final static Log log = LogFactory.getLog(LogoutEntryPoint.class);
  33
  34         /**
  35          * From org.springframework.security.context.
  36          * HttpSessionContextIntegrationFilter
  37          */
  38         protected static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";
  39
  40         @Override
  41         public int createUI() {
  42                 // create display
  43                 PlatformUI.createDisplay();
  44
  45                 final ILoginContext loginContext = SecureRapActivator
  46                                 .createLoginContext(SecureRapActivator.CONTEXT_SPRING);
  47                 try {
  48                         loginContext.logout();
  49                 } catch (LoginException e) {
  50                         e.printStackTrace();
  51                 }
  52
  53                 RWT.getRequest().getSession()
  54                                 .removeAttribute(SPRING_SECURITY_CONTEXT_KEY);
  55                 SecurityContextHolder.clearContext();
  56                 RWT.getRequest().getSession().setMaxInactiveInterval(1);
  57
  58                 if (log.isDebugEnabled())
  59                         log.debug("Logged out session " + RWT.getSessionStore().getId());
  60                 return 0;
  61         }
  62 }