1 package org.codehaus.plexus.redback.struts2.action;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import org.apache.struts2.ServletActionContext;
23 import org.apache.struts2.dispatcher.SessionMap;
24 import org.codehaus.plexus.cache.Cache;
25 import org.codehaus.redback.integration.interceptor.SecureActionBundle;
26 import org.codehaus.redback.integration.interceptor.SecureActionException;
27 import org.codehaus.redback.integration.util.AutoLoginCookies;
28 import org.springframework.context.annotation.Scope;
29 import org.springframework.stereotype.Controller;
31 import javax.inject.Inject;
32 import javax.inject.Named;
37 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
40 @Controller( "redback-logout" )
42 public class LogoutAction
43 extends AbstractSecurityAction
46 private static final String LOGOUT = "security-logout";
49 * cache used for user assignments
51 * role-hint="userAssignments"
54 @Named( value = "cache#userAssignments" )
55 private Cache userAssignmentsCache;
58 * cache used for user permissions
60 * role-hint="userPermissions"
63 @Named( value = "cache#userPermissions" )
64 private Cache userPermissionsCache;
67 * Cache used for users
72 @Named( value = "cache#users" )
73 private Cache usersCache;
79 private AutoLoginCookies autologinCookies;
81 public String logout()
83 if ( getSecuritySession().getUser() == null )
88 String currentUser = (String) getSecuritySession().getUser().getPrincipal();
90 if ( getSecuritySession() != null )
92 // [PLXREDBACK-65] this is a bit of a hack around the cached managers since they don't have the ability to
93 // purge their caches through the API. Instead try and bring them in here and invalidate
94 // the keys directly. This will not be required once we move to a different model for pre-calculated
95 // permission sets since that will not have the overhead that required these caches in the first place.
96 Object principal = (String) getSecuritySession().getUser().getPrincipal();
97 if ( userAssignmentsCache != null )
99 userAssignmentsCache.remove( principal );
101 if ( userPermissionsCache != null )
103 userPermissionsCache.remove( principal );
105 if ( usersCache != null )
107 usersCache.remove( principal );
111 autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
112 ServletActionContext.getRequest() );
113 autologinCookies.removeSignonCookie( ServletActionContext.getResponse(), ServletActionContext.getRequest() );
115 setAuthTokens( null );
117 if ( session != null )
119 ( (SessionMap) session ).invalidate();
122 AuditEvent event = new AuditEvent( getText( "log.logout.success" ) );
123 event.setAffectedUser( currentUser );
129 public SecureActionBundle initSecureActionBundle()
130 throws SecureActionException
132 return SecureActionBundle.OPEN;