Use LogoutFilter to execute some logic, cleanup when user logs out

In the Creating loginfilter for WebSphere Portal document i mentioned steps for creating and configuring filter that lets you execute some code during the login process.

Similarly there could be requirement to extend the logout filter, Ex. you might want to cleanup the user related or user's session related entries from the DynaCache, if that's the case then you should create a LogoutFilter

Take a look at the SampleExplicitLogoutFilter that i created, which prints name of the user who is login out from the portal

package com.webspherenotes.auth;

import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.ibm.portal.auth.ExplicitLogoutFilter;
import com.ibm.portal.auth.FilterChainContext;
import com.ibm.portal.auth.LogoutFilterChain;
import com.ibm.portal.auth.exceptions.LogoutException;
import com.ibm.portal.security.SecurityFilterConfig;
import com.ibm.portal.security.exceptions.SecurityFilterInitException;

public class SampleExplicitLogoutFilter implements ExplicitLogoutFilter{

@Override
public void destroy() {

}

@Override
public void init(SecurityFilterConfig arg0)
throws SecurityFilterInitException {
}

@Override
public void logout(HttpServletRequest request, HttpServletResponse response,
FilterChainContext filterChainContext, LogoutFilterChain filterChain)
throws LogoutException, LoginException {
System.out.println("Inside SampleExplicitLogoutFilter.LoutoutFilter() RemoteUser"
+ request.getRemoteUser());
filterChain.logout(request, response, filterChainContext);

}

}


In order to create a LogoutFilter you will have to implement ExplicitLogoutFilter interface and then the logic that you want to execute during logout phase should go to logout() method.

The class file for filter should go to the shared library of the server. Dont forget to register your logout filter with by portal using WS_AuthenticationService

1 comment: