目前,我的JSF应用程序已与SAML身份验证过程集成。它在登录和注销时正常工作。当我退出我的应用程序时,它会注销到默认页面。但是,当我登录到我的应用程序,然后转到另一个连接了相同SSO的应用程序,并注销该远程应用程序时,我希望我的应用程序能够注销并重定向到默认页面,这在我的情况下是index.xhtml。它没有这样做而是保持静止并且手动刷新将我带到错误页面,并且日志显示错误消息:
2017-09-25 16:27:31,887 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.springframework.security.saml.SAMLLogoutFilter - Logging out user 'null' and transferring to logout destination
以下是我的Spring security XML doc的一部分:
<bean id="samlFilter" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain
pattern="/saml/logout/**"
filters="samlLogoutFilter"/>
<sec:filter-chain
pattern="/saml/SSO/**"
filters="samlWebSSOProcessingFilter"/>
<sec:filter-chain
pattern="/saml/SingleLogout/**"
filters="samlLogoutProcessingFilter"/>
</sec:filter-chain-map>
</bean>
<bean id="successLogoutHandler"
class="org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler">
<property name="defaultTargetUrl" value="/index.xhtml"/>
</bean>
<bean id="logoutHandler"
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler">
<property name="invalidateHttpSession" value="true"/>
<property name="clearAuthentication" value="true"/>
</bean>
<!-- Override default logout processing filters with the one processing SAML
messages -->
<bean id="samlLogoutFilter" class="org.springframework.security.saml.SAMLLogoutFilter">
<constructor-arg index="0" ref="successLogoutHandler"/>
<constructor-arg index="1" ref="logoutHandler"/>
<constructor-arg index="2" ref="logoutHandler"/>
</bean>
<!-- Filter processing incoming logout messages -->
<!-- First argument determines URL user will be redirected to after successful
global logout -->
<bean id="samlLogoutProcessingFilter" class="org.springframework.security.saml.SAMLLogoutProcessingFilter">
<constructor-arg ref="successLogoutHandler"/>
<constructor-arg>
<list>
<ref bean="logoutHandler"/>
</list>
</constructor-arg>
</bean>
根据samlLogoutProcessingFilter中的SAML引用doc处理程序,默认重定向到logout.jsp,但是我没有logout.jsp。此外,我的Spring安全bean中的successLogoutHandler bean已经重定向到index.xhtml。
是samlLogoutProcessingFilter覆盖successLogoutHandler的默认路径并重定向到logout.jsp。如果是这样,我如何在此处设置重定向路径?我是否必须覆盖过滤器才能执行此操作。
如果有帮助,这是远程注销后的日志
2017-09-25 16:17:48,034 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.springframework.security.saml.storage.HttpSessionStorage - Storing message a3b826i8h616186339b11di025ade3c to session J1LGZJkLMbL8C0phmmrVRQXKQQPxdTdGHRZc8cQwdH8C0yDgKy4m!-1886365667!1506370667067
2017-09-25 16:17:48,034 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.springframework.security.saml.storage.HttpSessionStorage - Storing message a3b826i8h616186339b11di025ade3c to session J1LGZJkLMbL8C0phmmrVRQXKQQPxdTdGHRZc8cQwdH8C0yDgKy4m!-1886365667!1506370667067
2017-09-25 16:17:48,034 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.springframework.security.saml.storage.HttpSessionStorage - Storing message a3b826i8h616186339b11di025ade3c to session J1LGZJkLMbL8C0phmmrVRQXKQQPxdTdGHRZc8cQwdH8C0yDgKy4m!-1886365667!1506370667067
2017-09-25 16:17:48,034 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.security.saml.log.SAMLDefaultLogger - AuthNRequest;SUCCESS;fe80:0:0:0:81d7:2959:a2ab:891e%12;t2ua40620y5.com.dept-myApp;https://login-dev.dtd.org/osp/a/t1/auth/saml2/metadata;;;
2017-09-25 16:17:48,034 [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] INFO org.springframework.security.saml.log.SAMLDefaultLogger - AuthNRequest;SUCCESS;fe80:0:0:0:81d7:2959:a2ab:891e%12;t2ua40620y5.com.dept-myApp;https://login-dev.dtd.org/osp/a/t1/auth/saml2/metadata;;;
似乎app正在得到正确的响应,我认为它没有重定向到正确的位置。
先谢谢。