About CAS SLO

[ifeengwd2012]

My cas version: 4.2.x

cas-server-util.jar  

【SimpleHttpClientFactoryBean.java】

@Override
public boolean sendMessageToEndPoint(final HttpMessage message) {
    Assert.notNull(this.httpClient);

    try {
        final HttpPost request = new HttpPost(message.getUrl().toURI());
        request.addHeader("Content-Type", message.getContentType());
        
        final StringEntity entity = new StringEntity(message.getMessage(), ContentType.create(message.getContentType()));
        request.setEntity(entity);

        final ResponseHandler<Boolean> handler = new ResponseHandler<Boolean>() {
            @Override
            public Boolean handleResponse(final HttpResponse response) throws IOException {
                return response.getStatusLine().getStatusCode() == HttpStatus.SC_OK;
            }
        };
        
        final HttpRequestFutureTask<Boolean> task = this.requestExecutorService.execute(request,
                HttpClientContext.create(), handler);

        if (message.isAsynchronous()) {
            return true;                        //【？？？while asynchronous，how and where judge logout request success in LogoutManagerImpl?????】
        }
        
        return task.get();
    } catch (final RejectedExecutionException e) {
        LOGGER.warn(e.getMessage(), e);
        return false;
    } catch (final Exception e) {
        LOGGER.debug(e.getMessage(), e);
        return false;
    }
}

cas-server-core-logout-4.2.7.jar

【LogoutManagerImpl.java】


private LogoutRequest handleLogoutForSloService(final SingleLogoutService singleLogoutService, final String ticketId) {

    if (!singleLogoutService.isLoggedOutAlready()) {

        final RegisteredService registeredService = servicesManager.findServiceBy(singleLogoutService);
        if (serviceSupportsSingleLogout(registeredService)) {

            final URL logoutUrl = determineLogoutUrl(registeredService, singleLogoutService);
            final DefaultLogoutRequest logoutRequest = new DefaultLogoutRequest(ticketId, singleLogoutService, logoutUrl);
            final LogoutType type = registeredService.getLogoutType() == null
                    ? LogoutType.BACK_CHANNEL : registeredService.getLogoutType();

            switch (type) {
                case BACK_CHANNEL:
                    if (performBackChannelLogout(logoutRequest)) {                          //
                        logoutRequest.setStatus(LogoutRequestStatus.SUCCESS);
                    } else {
                        logoutRequest.setStatus(LogoutRequestStatus.FAILURE);
                        LOGGER.warn("Logout message not sent to [{}]; Continuing processing...", singleLogoutService.getId());
                    }
                    break;
                default:
                    logoutRequest.setStatus(LogoutRequestStatus.NOT_ATTEMPTED);
                    break;
            }
            return logoutRequest;
        }

    }
    return null;
}

private boolean performBackChannelLogout(final LogoutRequest request) {
    try {
        final String logoutRequest = this.logoutMessageBuilder.create(request);
        final SingleLogoutService logoutService = request.getService();
        logoutService.setLoggedOutAlready(true);

        LOGGER.debug("Sending logout request for: [{}]", logoutService.getId());
        final LogoutHttpMessage msg = new LogoutHttpMessage(request.getLogoutUrl(), logoutRequest);
        LOGGER.debug("Prepared logout message to send is [{}]", msg);
        return this.httpClient.sendMessageToEndPoint(msg);                      //
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return false;
}