1 /**
2 * This file Copyright (c) 2003-2010 Magnolia International
3 * Ltd. (http://www.magnolia-cms.com). All rights reserved.
4 *
5 *
6 * This file is dual-licensed under both the Magnolia
7 * Network Agreement and the GNU General Public License.
8 * You may elect to use one or the other of these licenses.
9 *
10 * This file is distributed in the hope that it will be
11 * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12 * implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14 * Redistribution, except as permitted by whichever of the GPL
15 * or MNA you select, is prohibited.
16 *
17 * 1. For the GPL license (GPL), you can redistribute and/or
18 * modify this file under the terms of the GNU General
19 * Public License, Version 3, as published by the Free Software
20 * Foundation. You should have received a copy of the GNU
21 * General Public License, Version 3 along with this program;
22 * if not, write to the Free Software Foundation, Inc., 51
23 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24 *
25 * 2. For the Magnolia Network Agreement (MNA), this file
26 * and the accompanying materials are made available under the
27 * terms of the MNA which accompanies this distribution, and
28 * is available at http://www.magnolia-cms.com/mna.html
29 *
30 * Any modifications to this file must keep this entire header
31 * intact.
32 *
33 */
34 package info.magnolia.cms.security;
35
36 import info.magnolia.cms.filters.MgnlFilterChain;
37 import info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter;
38 import info.magnolia.context.Context;
39 import info.magnolia.context.MgnlContext;
40 import info.magnolia.context.UserContext;
41 import info.magnolia.logging.AuditLoggingUtil;
42
43 import javax.servlet.FilterChain;
44 import javax.servlet.FilterConfig;
45 import javax.servlet.ServletContext;
46 import javax.servlet.ServletException;
47 import javax.servlet.http.HttpServletRequest;
48 import javax.servlet.http.HttpServletResponse;
49
50 import org.slf4j.Logger;
51 import org.slf4j.LoggerFactory;
52
53 import java.io.IOException;
54
55 /**
56 * @author Sameer Charles
57 * @author Fabrizio Giustina $Id: LogoutFilter.java 32667 2010-03-13 00:37:06Z gjoseph $
58 */
59 public class LogoutFilter extends OncePerRequestAbstractMgnlFilter {
60 private static final Logger log = LoggerFactory.getLogger(LogoutFilter.class);
61
62 public static final String PARAMETER_LOGOUT = "mgnlLogout";
63
64 private ServletContext servletContext;
65
66 public void init(FilterConfig filterConfig) throws ServletException {
67 this.servletContext = filterConfig.getServletContext();
68 }
69
70 /**
71 * Check if a request parameter PARAMETER_LOGOUT is set. If so logout user,
72 * unset the context and restart the filter chain.
73 */
74 public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
75 if (null != request.getParameter(PARAMETER_LOGOUT)) {
76 Context ctx = MgnlContext.getInstance();
77 if (ctx instanceof UserContext) {
78 // log before actual op, to preserve username for logging
79 AuditLoggingUtil.log((UserContext)ctx);
80 ((UserContext) ctx).logout();
81 }
82 //MgnlContext.initAsAnonymousContext(request, response, servletContext);
83
84 if (chain instanceof MgnlFilterChain) {
85 ((MgnlFilterChain) chain).reset();
86 }
87 }
88
89 chain.doFilter(request, response);
90 }
91
92
93 }