From ba5982e1eb11e804a6b7d5892d7610c610e3ebe7 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Mon, 23 Jul 2018 17:12:37 -0600 Subject: [PATCH 1/5] Add option to prevent entity stream consumption If someone's app cannot handle the SingleSignOutFilter's consumption of entity streams (via a `request.getParameter()` call) on all requests, they can use this option in conjunction with setting up a service logout URL at the CAS server. The filter will now only consume the stream on requests to this path. Fixes https://github.com/apereo/java-cas-client/issues/210. --- README.md | 1 + .../configuration/ConfigurationKeys.java | 1 + .../client/session/SingleSignOutFilter.java | 5 ++++ .../client/session/SingleSignOutHandler.java | 27 +++++++++++++++++-- .../session/SingleSignOutHandlerTests.java | 27 +++++++++++++++++-- .../client/tomcat/v6/SingleSignOutValve.java | 4 +++ .../client/tomcat/v7/SingleSignOutValve.java | 4 +++ .../client/tomcat/v8/SingleSignOutValve.java | 4 +++ .../client/tomcat/v85/SingleSignOutValve.java | 4 +++ 9 files changed, 73 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 399e268..e00dd48 100644 --- a/README.md +++ b/README.md @@ -663,6 +663,7 @@ The `SingleSignOutFilter` can affect character encoding. This becomes most obvio | `relayStateParameterName` | Defaults to `RelayState` | No | `eagerlyCreateSessions` | Defaults to `true` | No | `artifactParameterOverPost` | Defaults to `false` | No +| `logoutPath` | The path which will receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every request for a logout parameter. | No | `casServerUrlPrefix` | URL to root of CAS Web application context. | Yes diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java index 109aadd..682dffb 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java @@ -78,4 +78,5 @@ public interface ConfigurationKeys { ConfigurationKey> TICKET_VALIDATOR_CLASS = new ConfigurationKey>("ticketValidatorClass", null); ConfigurationKey PROXY_CALLBACK_URL = new ConfigurationKey("proxyCallbackUrl", null); ConfigurationKey RELAY_STATE_PARAMETER_NAME = new ConfigurationKey("relayStateParameterName", "RelayState"); + ConfigurationKey LOGOUT_PATH = new ConfigurationKey("logoutPath", null); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java index 25d645c..87f2895 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java @@ -48,6 +48,7 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { setLogoutParameterName(getString(ConfigurationKeys.LOGOUT_PARAMETER_NAME)); setRelayStateParameterName(getString(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME)); setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX)); + setLogoutPath(getString(ConfigurationKeys.LOGOUT_PATH)); HANDLER.setArtifactParameterOverPost(getBoolean(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST)); HANDLER.setEagerlyCreateSessions(getBoolean(ConfigurationKeys.EAGERLY_CREATE_SESSIONS)); } @@ -71,6 +72,10 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { HANDLER.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + HANDLER.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { HANDLER.setSessionMappingStorage(storage); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index 26932db..ace2745 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -66,6 +66,9 @@ public final class SingleSignOutHandler { /** The prefix url of the CAS server */ private String casServerUrlPrefix = ""; + /** The logout path configured at the CAS server, if there is one */ + private String logoutPath; + private boolean artifactParameterOverPost = false; private boolean eagerlyCreateSessions = true; @@ -106,7 +109,14 @@ public final class SingleSignOutHandler { public void setCasServerUrlPrefix(final String casServerUrlPrefix) { this.casServerUrlPrefix = casServerUrlPrefix; } - + + /** + * @param logoutPath The logout path configured at the CAS server. + */ + public void setLogoutPath(String logoutPath) { + this.logoutPath = logoutPath; + } + /** * @param name Name of parameter containing the state of the CAS server webflow. */ @@ -163,6 +173,7 @@ public final class SingleSignOutHandler { private boolean isLogoutRequest(final HttpServletRequest request) { if ("POST".equalsIgnoreCase(request.getMethod())) { return !isMultipartRequest(request) + && pathMatches(request) && CommonUtils.isNotBlank(CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters)); } @@ -172,7 +183,19 @@ public final class SingleSignOutHandler { } return false; } - + + private boolean pathMatches(HttpServletRequest request) { + return logoutPath == null || logoutPath.equals(getPath(request)); + } + + private String getPath(HttpServletRequest request) { + return request.getServletPath() + nullToEmpty(request.getPathInfo()); + } + + private String nullToEmpty(String string) { + return string == null ? "" : string; + } + /** * Process a request regarding the SLO process: record the session or destroy it. * diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java index 164a362..64d837f 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java @@ -116,13 +116,36 @@ public final class SingleSignOutHandlerTests { @Test public void backChannelLogoutOK() { + final MockHttpSession session = doBackChannelLogout(); + assertFalse(handler.process(request, response)); + assertTrue(session.isInvalid()); + } + + @Test + public void backChannelLogoutDoesDoesNotRunIfLogoutPathDoesNotMatch() { + handler.setLogoutPath("/logout"); + request.setServletPath("/not-a-logout"); + final MockHttpSession session = doBackChannelLogout(); + assertTrue(handler.process(request, response)); + assertFalse(session.isInvalid()); + } + + @Test + public void backChannelLogoutRunsWhenLogoutPathDoesMatch() { + handler.setLogoutPath("/logout"); + request.setServletPath("/logout"); + final MockHttpSession session = doBackChannelLogout(); + assertFalse(handler.process(request, response)); + assertTrue(session.isInvalid()); + } + + private MockHttpSession doBackChannelLogout() { final String logoutMessage = LogoutMessageGenerator.generateBackChannelLogoutMessage(TICKET); request.setParameter(LOGOUT_PARAMETER_NAME, logoutMessage); request.setMethod("POST"); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); - assertFalse(handler.process(request, response)); - assertTrue(session.isInvalid()); + return session; } @Test diff --git a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java index 00c63dc..c752052 100644 --- a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java @@ -60,6 +60,10 @@ public class SingleSignOutValve extends AbstractLifecycleValve implements Sessio this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } diff --git a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java index e7cd85d..364db7b 100644 --- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java @@ -64,6 +64,10 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } diff --git a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java index de77527..e4dcee4 100644 --- a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java @@ -64,6 +64,10 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } diff --git a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java index 18aca7a..1dd127d 100644 --- a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java @@ -64,6 +64,10 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } From 40dcc8b34ad07054146921be438c7b9f5addd66d Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Tue, 24 Jul 2018 08:35:18 -0600 Subject: [PATCH 2/5] Move utility method to CommonUtils --- .../cas/client/session/SingleSignOutHandler.java | 6 +----- .../java/org/jasig/cas/client/util/CommonUtils.java | 11 +++++++++++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index ace2745..2023268 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -189,11 +189,7 @@ public final class SingleSignOutHandler { } private String getPath(HttpServletRequest request) { - return request.getServletPath() + nullToEmpty(request.getPathInfo()); - } - - private String nullToEmpty(String string) { - return string == null ? "" : string; + return request.getServletPath() + CommonUtils.nullToEmpty(request.getPathInfo()); } /** diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java b/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java index 82c95d3..32ebb5c 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java @@ -719,4 +719,15 @@ public final class CommonUtils { } } + /** + * Returns the string as-is, unless it's null; + * in this case an empty string is returned. + * + * @param string a possibly null string + * @return a non-null string + */ + public static String nullToEmpty(String string) { + return string == null ? "" : string; + } + } From c5d1b1ef84f4b42569d778f73ef74c4a27fcf90b Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Tue, 24 Jul 2018 16:07:44 -0600 Subject: [PATCH 3/5] Stop using "matches" terminology --- .../org/jasig/cas/client/session/SingleSignOutHandler.java | 4 ++-- .../jasig/cas/client/session/SingleSignOutHandlerTests.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index 2023268..e1803c5 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -173,7 +173,7 @@ public final class SingleSignOutHandler { private boolean isLogoutRequest(final HttpServletRequest request) { if ("POST".equalsIgnoreCase(request.getMethod())) { return !isMultipartRequest(request) - && pathMatches(request) + && pathEligibleForLogout(request) && CommonUtils.isNotBlank(CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters)); } @@ -184,7 +184,7 @@ public final class SingleSignOutHandler { return false; } - private boolean pathMatches(HttpServletRequest request) { + private boolean pathEligibleForLogout(HttpServletRequest request) { return logoutPath == null || logoutPath.equals(getPath(request)); } diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java index 64d837f..109fd4b 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java @@ -122,7 +122,7 @@ public final class SingleSignOutHandlerTests { } @Test - public void backChannelLogoutDoesDoesNotRunIfLogoutPathDoesNotMatch() { + public void backChannelLogoutDoesNotRunIfPathIsNotEligibleForLogout() { handler.setLogoutPath("/logout"); request.setServletPath("/not-a-logout"); final MockHttpSession session = doBackChannelLogout(); @@ -131,7 +131,7 @@ public final class SingleSignOutHandlerTests { } @Test - public void backChannelLogoutRunsWhenLogoutPathDoesMatch() { + public void backChannelLogoutRunsIfPathEqualsLogoutPath() { handler.setLogoutPath("/logout"); request.setServletPath("/logout"); final MockHttpSession session = doBackChannelLogout(); From 72e9aa9378eed1a7799d877898885eedf707e386 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Tue, 24 Jul 2018 16:08:48 -0600 Subject: [PATCH 4/5] Tweak logoutPath docs --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e00dd48..bf216bc 100644 --- a/README.md +++ b/README.md @@ -663,7 +663,7 @@ The `SingleSignOutFilter` can affect character encoding. This becomes most obvio | `relayStateParameterName` | Defaults to `RelayState` | No | `eagerlyCreateSessions` | Defaults to `true` | No | `artifactParameterOverPost` | Defaults to `false` | No -| `logoutPath` | The path which will receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every request for a logout parameter. | No +| `logoutPath` | The path which is expected to receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every form post for a logout parameter. | No | `casServerUrlPrefix` | URL to root of CAS Web application context. | Yes From 1d4312b64fa677b98fa051f9253af409f9a5bb00 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Wed, 25 Jul 2018 13:05:42 -0600 Subject: [PATCH 5/5] Rename logoutPath to logoutCallbackPath --- README.md | 2 +- .../cas/client/configuration/ConfigurationKeys.java | 2 +- .../cas/client/session/SingleSignOutFilter.java | 6 +++--- .../cas/client/session/SingleSignOutHandler.java | 12 ++++++------ .../client/session/SingleSignOutHandlerTests.java | 4 ++-- .../cas/client/tomcat/v6/SingleSignOutValve.java | 4 ++-- .../cas/client/tomcat/v7/SingleSignOutValve.java | 4 ++-- .../cas/client/tomcat/v8/SingleSignOutValve.java | 4 ++-- .../cas/client/tomcat/v85/SingleSignOutValve.java | 4 ++-- 9 files changed, 21 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index b77766c..7000b21 100644 --- a/README.md +++ b/README.md @@ -665,7 +665,7 @@ The `SingleSignOutFilter` can affect character encoding. This becomes most obvio | `relayStateParameterName` | Defaults to `RelayState` | No | `eagerlyCreateSessions` | Defaults to `true` | No | `artifactParameterOverPost` | Defaults to `false` | No -| `logoutPath` | The path which is expected to receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every form post for a logout parameter. | No +| `logoutCallbackPath` | The path which is expected to receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every form post for a logout parameter. | No | `casServerUrlPrefix` | URL to root of CAS Web application context. | Yes diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java index 682dffb..d9b6ea6 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java @@ -78,5 +78,5 @@ public interface ConfigurationKeys { ConfigurationKey> TICKET_VALIDATOR_CLASS = new ConfigurationKey>("ticketValidatorClass", null); ConfigurationKey PROXY_CALLBACK_URL = new ConfigurationKey("proxyCallbackUrl", null); ConfigurationKey RELAY_STATE_PARAMETER_NAME = new ConfigurationKey("relayStateParameterName", "RelayState"); - ConfigurationKey LOGOUT_PATH = new ConfigurationKey("logoutPath", null); + ConfigurationKey LOGOUT_CALLBACK_PATH = new ConfigurationKey("logoutCallbackPath", null); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java index 87f2895..ae511ba 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java @@ -48,7 +48,7 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { setLogoutParameterName(getString(ConfigurationKeys.LOGOUT_PARAMETER_NAME)); setRelayStateParameterName(getString(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME)); setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX)); - setLogoutPath(getString(ConfigurationKeys.LOGOUT_PATH)); + setLogoutCallbackPath(getString(ConfigurationKeys.LOGOUT_CALLBACK_PATH)); HANDLER.setArtifactParameterOverPost(getBoolean(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST)); HANDLER.setEagerlyCreateSessions(getBoolean(ConfigurationKeys.EAGERLY_CREATE_SESSIONS)); } @@ -72,8 +72,8 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { HANDLER.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - HANDLER.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + HANDLER.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index e1803c5..e1b15bc 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -66,8 +66,8 @@ public final class SingleSignOutHandler { /** The prefix url of the CAS server */ private String casServerUrlPrefix = ""; - /** The logout path configured at the CAS server, if there is one */ - private String logoutPath; + /** The logout callback path configured at the CAS server, if there is one */ + private String logoutCallbackPath; private boolean artifactParameterOverPost = false; @@ -111,10 +111,10 @@ public final class SingleSignOutHandler { } /** - * @param logoutPath The logout path configured at the CAS server. + * @param logoutCallbackPath The logout callback path configured at the CAS server. */ - public void setLogoutPath(String logoutPath) { - this.logoutPath = logoutPath; + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.logoutCallbackPath = logoutCallbackPath; } /** @@ -185,7 +185,7 @@ public final class SingleSignOutHandler { } private boolean pathEligibleForLogout(HttpServletRequest request) { - return logoutPath == null || logoutPath.equals(getPath(request)); + return logoutCallbackPath == null || logoutCallbackPath.equals(getPath(request)); } private String getPath(HttpServletRequest request) { diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java index 109fd4b..e80e31d 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java @@ -123,7 +123,7 @@ public final class SingleSignOutHandlerTests { @Test public void backChannelLogoutDoesNotRunIfPathIsNotEligibleForLogout() { - handler.setLogoutPath("/logout"); + handler.setLogoutCallbackPath("/logout"); request.setServletPath("/not-a-logout"); final MockHttpSession session = doBackChannelLogout(); assertTrue(handler.process(request, response)); @@ -132,7 +132,7 @@ public final class SingleSignOutHandlerTests { @Test public void backChannelLogoutRunsIfPathEqualsLogoutPath() { - handler.setLogoutPath("/logout"); + handler.setLogoutCallbackPath("/logout"); request.setServletPath("/logout"); final MockHttpSession session = doBackChannelLogout(); assertFalse(handler.process(request, response)); diff --git a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java index c752052..ac6f26b 100644 --- a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java @@ -60,8 +60,8 @@ public class SingleSignOutValve extends AbstractLifecycleValve implements Sessio this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java index 364db7b..77711bc 100644 --- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java @@ -64,8 +64,8 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java index e4dcee4..e7196f5 100644 --- a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java @@ -64,8 +64,8 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java index 1dd127d..ccbdcc5 100644 --- a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java @@ -64,8 +64,8 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) {