From 5253d264440ab2a0e501cadbd75713f943d6da3c Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Mon, 23 Jul 2018 17:12:37 -0600 Subject: [PATCH 1/5] Add option to prevent entity stream consumption If someone's app cannot handle the SingleSignOutFilter's consumption of entity streams (via a `request.getParameter()` call) on all requests, they can use this option in conjunction with setting up a service logout URL at the CAS server. The filter will now only consume the stream on requests to this path. Fixes https://github.com/apereo/java-cas-client/issues/210. --- README.md | 1 + .../configuration/ConfigurationKeys.java | 1 + .../client/session/SingleSignOutFilter.java | 5 ++++ .../client/session/SingleSignOutHandler.java | 27 +++++++++++++++++-- .../session/SingleSignOutHandlerTests.java | 27 +++++++++++++++++-- .../client/tomcat/v6/SingleSignOutValve.java | 4 +++ .../client/tomcat/v7/SingleSignOutValve.java | 4 +++ .../client/tomcat/v8/SingleSignOutValve.java | 4 +++ .../client/tomcat/v85/SingleSignOutValve.java | 4 +++ 9 files changed, 73 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 399e268..e00dd48 100644 --- a/README.md +++ b/README.md @@ -663,6 +663,7 @@ The `SingleSignOutFilter` can affect character encoding. This becomes most obvio | `relayStateParameterName` | Defaults to `RelayState` | No | `eagerlyCreateSessions` | Defaults to `true` | No | `artifactParameterOverPost` | Defaults to `false` | No +| `logoutPath` | The path which will receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every request for a logout parameter. | No | `casServerUrlPrefix` | URL to root of CAS Web application context. | Yes diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java index 109aadd..682dffb 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java @@ -78,4 +78,5 @@ public interface ConfigurationKeys { ConfigurationKey> TICKET_VALIDATOR_CLASS = new ConfigurationKey>("ticketValidatorClass", null); ConfigurationKey PROXY_CALLBACK_URL = new ConfigurationKey("proxyCallbackUrl", null); ConfigurationKey RELAY_STATE_PARAMETER_NAME = new ConfigurationKey("relayStateParameterName", "RelayState"); + ConfigurationKey LOGOUT_PATH = new ConfigurationKey("logoutPath", null); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java index 25d645c..87f2895 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java @@ -48,6 +48,7 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { setLogoutParameterName(getString(ConfigurationKeys.LOGOUT_PARAMETER_NAME)); setRelayStateParameterName(getString(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME)); setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX)); + setLogoutPath(getString(ConfigurationKeys.LOGOUT_PATH)); HANDLER.setArtifactParameterOverPost(getBoolean(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST)); HANDLER.setEagerlyCreateSessions(getBoolean(ConfigurationKeys.EAGERLY_CREATE_SESSIONS)); } @@ -71,6 +72,10 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { HANDLER.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + HANDLER.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { HANDLER.setSessionMappingStorage(storage); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index 26932db..ace2745 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -66,6 +66,9 @@ public final class SingleSignOutHandler { /** The prefix url of the CAS server */ private String casServerUrlPrefix = ""; + /** The logout path configured at the CAS server, if there is one */ + private String logoutPath; + private boolean artifactParameterOverPost = false; private boolean eagerlyCreateSessions = true; @@ -106,7 +109,14 @@ public final class SingleSignOutHandler { public void setCasServerUrlPrefix(final String casServerUrlPrefix) { this.casServerUrlPrefix = casServerUrlPrefix; } - + + /** + * @param logoutPath The logout path configured at the CAS server. + */ + public void setLogoutPath(String logoutPath) { + this.logoutPath = logoutPath; + } + /** * @param name Name of parameter containing the state of the CAS server webflow. */ @@ -163,6 +173,7 @@ public final class SingleSignOutHandler { private boolean isLogoutRequest(final HttpServletRequest request) { if ("POST".equalsIgnoreCase(request.getMethod())) { return !isMultipartRequest(request) + && pathMatches(request) && CommonUtils.isNotBlank(CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters)); } @@ -172,7 +183,19 @@ public final class SingleSignOutHandler { } return false; } - + + private boolean pathMatches(HttpServletRequest request) { + return logoutPath == null || logoutPath.equals(getPath(request)); + } + + private String getPath(HttpServletRequest request) { + return request.getServletPath() + nullToEmpty(request.getPathInfo()); + } + + private String nullToEmpty(String string) { + return string == null ? "" : string; + } + /** * Process a request regarding the SLO process: record the session or destroy it. * diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java index 164a362..64d837f 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java @@ -116,13 +116,36 @@ public final class SingleSignOutHandlerTests { @Test public void backChannelLogoutOK() { + final MockHttpSession session = doBackChannelLogout(); + assertFalse(handler.process(request, response)); + assertTrue(session.isInvalid()); + } + + @Test + public void backChannelLogoutDoesDoesNotRunIfLogoutPathDoesNotMatch() { + handler.setLogoutPath("/logout"); + request.setServletPath("/not-a-logout"); + final MockHttpSession session = doBackChannelLogout(); + assertTrue(handler.process(request, response)); + assertFalse(session.isInvalid()); + } + + @Test + public void backChannelLogoutRunsWhenLogoutPathDoesMatch() { + handler.setLogoutPath("/logout"); + request.setServletPath("/logout"); + final MockHttpSession session = doBackChannelLogout(); + assertFalse(handler.process(request, response)); + assertTrue(session.isInvalid()); + } + + private MockHttpSession doBackChannelLogout() { final String logoutMessage = LogoutMessageGenerator.generateBackChannelLogoutMessage(TICKET); request.setParameter(LOGOUT_PARAMETER_NAME, logoutMessage); request.setMethod("POST"); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); - assertFalse(handler.process(request, response)); - assertTrue(session.isInvalid()); + return session; } @Test diff --git a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java index 00c63dc..c752052 100644 --- a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java @@ -60,6 +60,10 @@ public class SingleSignOutValve extends AbstractLifecycleValve implements Sessio this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } diff --git a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java index e7cd85d..364db7b 100644 --- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java @@ -64,6 +64,10 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } diff --git a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java index de77527..e4dcee4 100644 --- a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java @@ -64,6 +64,10 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } diff --git a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java index 18aca7a..1dd127d 100644 --- a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java @@ -64,6 +64,10 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } + public void setLogoutPath(String logoutPath) { + this.handler.setLogoutPath(logoutPath); + } + public void setSessionMappingStorage(final SessionMappingStorage storage) { this.handler.setSessionMappingStorage(storage); } From f915f559e87043081ffc50a306af69b6af2b6cd7 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Tue, 24 Jul 2018 08:35:18 -0600 Subject: [PATCH 2/5] Move utility method to CommonUtils --- .../cas/client/session/SingleSignOutHandler.java | 6 +----- .../java/org/jasig/cas/client/util/CommonUtils.java | 11 +++++++++++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index ace2745..2023268 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -189,11 +189,7 @@ public final class SingleSignOutHandler { } private String getPath(HttpServletRequest request) { - return request.getServletPath() + nullToEmpty(request.getPathInfo()); - } - - private String nullToEmpty(String string) { - return string == null ? "" : string; + return request.getServletPath() + CommonUtils.nullToEmpty(request.getPathInfo()); } /** diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java b/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java index 82c95d3..32ebb5c 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java @@ -719,4 +719,15 @@ public final class CommonUtils { } } + /** + * Returns the string as-is, unless it's null; + * in this case an empty string is returned. + * + * @param string a possibly null string + * @return a non-null string + */ + public static String nullToEmpty(String string) { + return string == null ? "" : string; + } + } From f59544c14b6cc8901f9ab50e26d9f55739844b26 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Tue, 24 Jul 2018 16:07:44 -0600 Subject: [PATCH 3/5] Stop using "matches" terminology --- .../org/jasig/cas/client/session/SingleSignOutHandler.java | 4 ++-- .../jasig/cas/client/session/SingleSignOutHandlerTests.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index 2023268..e1803c5 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -173,7 +173,7 @@ public final class SingleSignOutHandler { private boolean isLogoutRequest(final HttpServletRequest request) { if ("POST".equalsIgnoreCase(request.getMethod())) { return !isMultipartRequest(request) - && pathMatches(request) + && pathEligibleForLogout(request) && CommonUtils.isNotBlank(CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters)); } @@ -184,7 +184,7 @@ public final class SingleSignOutHandler { return false; } - private boolean pathMatches(HttpServletRequest request) { + private boolean pathEligibleForLogout(HttpServletRequest request) { return logoutPath == null || logoutPath.equals(getPath(request)); } diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java index 64d837f..109fd4b 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java @@ -122,7 +122,7 @@ public final class SingleSignOutHandlerTests { } @Test - public void backChannelLogoutDoesDoesNotRunIfLogoutPathDoesNotMatch() { + public void backChannelLogoutDoesNotRunIfPathIsNotEligibleForLogout() { handler.setLogoutPath("/logout"); request.setServletPath("/not-a-logout"); final MockHttpSession session = doBackChannelLogout(); @@ -131,7 +131,7 @@ public final class SingleSignOutHandlerTests { } @Test - public void backChannelLogoutRunsWhenLogoutPathDoesMatch() { + public void backChannelLogoutRunsIfPathEqualsLogoutPath() { handler.setLogoutPath("/logout"); request.setServletPath("/logout"); final MockHttpSession session = doBackChannelLogout(); From 6e5be5b2db3f2f0a3e5a4d6a573b2246facbfb42 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Tue, 24 Jul 2018 16:08:48 -0600 Subject: [PATCH 4/5] Tweak logoutPath docs --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e00dd48..bf216bc 100644 --- a/README.md +++ b/README.md @@ -663,7 +663,7 @@ The `SingleSignOutFilter` can affect character encoding. This becomes most obvio | `relayStateParameterName` | Defaults to `RelayState` | No | `eagerlyCreateSessions` | Defaults to `true` | No | `artifactParameterOverPost` | Defaults to `false` | No -| `logoutPath` | The path which will receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every request for a logout parameter. | No +| `logoutPath` | The path which is expected to receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every form post for a logout parameter. | No | `casServerUrlPrefix` | URL to root of CAS Web application context. | Yes From a61f7f28d1c0ee773f091f4af8e7d44ee6ef2915 Mon Sep 17 00:00:00 2001 From: Matt Drees Date: Wed, 25 Jul 2018 13:05:42 -0600 Subject: [PATCH 5/5] Rename logoutPath to logoutCallbackPath --- README.md | 2 +- .../cas/client/configuration/ConfigurationKeys.java | 2 +- .../cas/client/session/SingleSignOutFilter.java | 6 +++--- .../cas/client/session/SingleSignOutHandler.java | 12 ++++++------ .../client/session/SingleSignOutHandlerTests.java | 4 ++-- .../cas/client/tomcat/v6/SingleSignOutValve.java | 4 ++-- .../cas/client/tomcat/v7/SingleSignOutValve.java | 4 ++-- .../cas/client/tomcat/v8/SingleSignOutValve.java | 4 ++-- .../cas/client/tomcat/v85/SingleSignOutValve.java | 4 ++-- 9 files changed, 21 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index b77766c..7000b21 100644 --- a/README.md +++ b/README.md @@ -665,7 +665,7 @@ The `SingleSignOutFilter` can affect character encoding. This becomes most obvio | `relayStateParameterName` | Defaults to `RelayState` | No | `eagerlyCreateSessions` | Defaults to `true` | No | `artifactParameterOverPost` | Defaults to `false` | No -| `logoutPath` | The path which is expected to receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every form post for a logout parameter. | No +| `logoutCallbackPath` | The path which is expected to receive logout callback requests from the CAS server. This is necessary if your app needs access to the raw input stream when handling form posts. If not configured, the default behavior will check every form post for a logout parameter. | No | `casServerUrlPrefix` | URL to root of CAS Web application context. | Yes diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java index 682dffb..d9b6ea6 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java @@ -78,5 +78,5 @@ public interface ConfigurationKeys { ConfigurationKey> TICKET_VALIDATOR_CLASS = new ConfigurationKey>("ticketValidatorClass", null); ConfigurationKey PROXY_CALLBACK_URL = new ConfigurationKey("proxyCallbackUrl", null); ConfigurationKey RELAY_STATE_PARAMETER_NAME = new ConfigurationKey("relayStateParameterName", "RelayState"); - ConfigurationKey LOGOUT_PATH = new ConfigurationKey("logoutPath", null); + ConfigurationKey LOGOUT_CALLBACK_PATH = new ConfigurationKey("logoutCallbackPath", null); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java index 87f2895..ae511ba 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java @@ -48,7 +48,7 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { setLogoutParameterName(getString(ConfigurationKeys.LOGOUT_PARAMETER_NAME)); setRelayStateParameterName(getString(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME)); setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX)); - setLogoutPath(getString(ConfigurationKeys.LOGOUT_PATH)); + setLogoutCallbackPath(getString(ConfigurationKeys.LOGOUT_CALLBACK_PATH)); HANDLER.setArtifactParameterOverPost(getBoolean(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST)); HANDLER.setEagerlyCreateSessions(getBoolean(ConfigurationKeys.EAGERLY_CREATE_SESSIONS)); } @@ -72,8 +72,8 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter { HANDLER.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - HANDLER.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + HANDLER.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index e1803c5..e1b15bc 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -66,8 +66,8 @@ public final class SingleSignOutHandler { /** The prefix url of the CAS server */ private String casServerUrlPrefix = ""; - /** The logout path configured at the CAS server, if there is one */ - private String logoutPath; + /** The logout callback path configured at the CAS server, if there is one */ + private String logoutCallbackPath; private boolean artifactParameterOverPost = false; @@ -111,10 +111,10 @@ public final class SingleSignOutHandler { } /** - * @param logoutPath The logout path configured at the CAS server. + * @param logoutCallbackPath The logout callback path configured at the CAS server. */ - public void setLogoutPath(String logoutPath) { - this.logoutPath = logoutPath; + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.logoutCallbackPath = logoutCallbackPath; } /** @@ -185,7 +185,7 @@ public final class SingleSignOutHandler { } private boolean pathEligibleForLogout(HttpServletRequest request) { - return logoutPath == null || logoutPath.equals(getPath(request)); + return logoutCallbackPath == null || logoutCallbackPath.equals(getPath(request)); } private String getPath(HttpServletRequest request) { diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java index 109fd4b..e80e31d 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/session/SingleSignOutHandlerTests.java @@ -123,7 +123,7 @@ public final class SingleSignOutHandlerTests { @Test public void backChannelLogoutDoesNotRunIfPathIsNotEligibleForLogout() { - handler.setLogoutPath("/logout"); + handler.setLogoutCallbackPath("/logout"); request.setServletPath("/not-a-logout"); final MockHttpSession session = doBackChannelLogout(); assertTrue(handler.process(request, response)); @@ -132,7 +132,7 @@ public final class SingleSignOutHandlerTests { @Test public void backChannelLogoutRunsIfPathEqualsLogoutPath() { - handler.setLogoutPath("/logout"); + handler.setLogoutCallbackPath("/logout"); request.setServletPath("/logout"); final MockHttpSession session = doBackChannelLogout(); assertFalse(handler.process(request, response)); diff --git a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java index c752052..ac6f26b 100644 --- a/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v6/src/main/java/org/jasig/cas/client/tomcat/v6/SingleSignOutValve.java @@ -60,8 +60,8 @@ public class SingleSignOutValve extends AbstractLifecycleValve implements Sessio this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java index 364db7b..77711bc 100644 --- a/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v7/src/main/java/org/jasig/cas/client/tomcat/v7/SingleSignOutValve.java @@ -64,8 +64,8 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java index e4dcee4..e7196f5 100644 --- a/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v8/src/main/java/org/jasig/cas/client/tomcat/v8/SingleSignOutValve.java @@ -64,8 +64,8 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) { diff --git a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java index 1dd127d..ccbdcc5 100644 --- a/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java +++ b/cas-client-integration-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/SingleSignOutValve.java @@ -64,8 +64,8 @@ public class SingleSignOutValve extends ValveBase implements SessionListener { this.handler.setCasServerUrlPrefix(casServerUrlPrefix); } - public void setLogoutPath(String logoutPath) { - this.handler.setLogoutPath(logoutPath); + public void setLogoutCallbackPath(String logoutCallbackPath) { + this.handler.setLogoutCallbackPath(logoutCallbackPath); } public void setSessionMappingStorage(final SessionMappingStorage storage) {