Source code

001/*
002 *  (C) Copyright 2000-2003 Yale University. All rights reserved.
003 *
004 *  THIS SOFTWARE IS PROVIDED "AS IS," AND ANY EXPRESS OR IMPLIED
005 *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
006 *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ARE EXPRESSLY
007 *  DISCLAIMED. IN NO EVENT SHALL YALE UNIVERSITY OR ITS EMPLOYEES BE
008 *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
009 *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED, THE COSTS OF
010 *  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA OR
011 *  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
012 *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
013 *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
014 *  SOFTWARE, EVEN IF ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH
015 *  DAMAGE.
016 *
017 *  Redistribution and use of this software in source or binary forms,
018 *  with or without modification, are permitted, provided that the
019 *  following conditions are met:
020 *
021 *  1. Any redistribution must include the above copyright notice and
022 *  disclaimer and this list of conditions in any related documentation
023 *  and, if feasible, in the redistributed software.
024 *
025 *  2. Any redistribution must include the acknowledgment, "This product
026 *  includes software developed by Yale University," in any related
027 *  documentation and, if feasible, in the redistributed software.
028 *
029 *  3. The names "Yale" and "Yale University" must not be used to endorse
030 *  or promote products derived from this software.
031 */
032
033package edu.yale.its.tp.cas.client.taglib;
034
035import java.io.IOException;
036
037import javax.servlet.http.HttpServletResponse;
038import javax.servlet.jsp.JspException;
039import javax.servlet.jsp.JspTagException;
040import javax.servlet.jsp.PageContext;
041import javax.servlet.jsp.tagext.TagSupport;
042
043/**
044 * <p>
045 * Logout tag for use with the Yale Central Authentication Service. Clears the indicated attribute and, if 'scope' is
046 * 'session', also invalidates the session. Finally, redirects to CAS's logout URL.
047 * </p>
048 *
049 * @author Shawn Bayern
050 */
051public class LogoutTag extends TagSupport {
052
053    // *********************************************************************
054    // Internal state
055
056    private static final long serialVersionUID = 1L;
057
058    private String var; // tag attribute
059
060    private String logoutUrl; // tag attribute
061
062    private int scope; // tag attribute
063
064    // *********************************************************************
065    // Tag logic
066
067    @Override
068    public int doStartTag() throws JspException {
069        try {
070
071            // retrieve the response object
072            HttpServletResponse response = (HttpServletResponse) pageContext.getResponse();
073
074            // kill the authentication information
075            pageContext.removeAttribute(var, scope);
076
077            // if scope is SESSION_SCOPE, invalidate the session
078            if (scope == PageContext.SESSION_SCOPE)
079                pageContext.getSession().invalidate();
080
081            // send the redirect
082            response.sendRedirect(logoutUrl);
083
084            return SKIP_BODY;
085
086        } catch (IOException ex) {
087            throw new JspTagException(ex.getMessage());
088        }
089    }
090
091    @Override
092    public int doEndTag() {
093        return SKIP_PAGE;
094    }
095
096    // *********************************************************************
097    // Accessors
098
099    public void setVar(String var) {
100        this.var = var;
101    }
102
103    public void setScope(String scope) {
104        if (scope.equals("page"))
105            this.scope = PageContext.PAGE_SCOPE;
106        else if (scope.equals("request"))
107            this.scope = PageContext.REQUEST_SCOPE;
108        else if (scope.equals("session"))
109            this.scope = PageContext.SESSION_SCOPE;
110        else if (scope.equals("application"))
111            this.scope = PageContext.APPLICATION_SCOPE;
112        else
113            throw new IllegalArgumentException("invalid scope");
114    }
115
116    public void setLogoutUrl(String logoutUrl) {
117        this.logoutUrl = logoutUrl;
118    }
119
120    // *********************************************************************
121    // Constructor and lifecycle management
122
123    public LogoutTag() {
124        super();
125        init();
126    }
127
128    // Releases any resources we may have (or inherit)
129    @Override
130    public void release() {
131        super.release();
132        init();
133    }
134
135    // clears any internal state we might have
136    private void init() {
137        var = logoutUrl = null;
138        scope = PageContext.PAGE_SCOPE;
139    }
140}