RE: [cas-user] Kill all CAS sessions

Thu, 16 Apr 2009 05:23:31 -0700 

Yes it is possible, and also probed you need to has access to the registry
ticket implementation but there are two possible ways, by
ticketGrantingTicketId, and by username, the first choice is the best I
think, otherwise you should have your own authentication in CAS server and
authorities. Killing sessions by ticketGrantingTicketId may have
authentication in CAS server and authorities but I think that the
ticketGrantingTicketId its has its own security, make your choice.

Take an example, with the two options



public void logoutUserTicket(String ticketGrantingTicketId){
                String user = null;
                
                Ticket exp =
ticketRegistry.getTicket(ticketGrantingTicketId); 
                if(exp != null){
                if(exp instanceof TicketGrantingTicketImpl){
                                user =
((TicketGrantingTicketImpl)exp).getAuthentication().getPrincipal().toString(
);              
                }
                        else{
                                user =
exp.getGrantingTicket().getAuthentication().getPrincipal().toString();
                        }       
                }
                if(user != null){
                        logoutUser(user);
                }
        }
        
        
        public void logoutUser(String user){
                
                Iterator<Ticket> tickets =
ticketRegistry.getTickets().iterator();
                
                while(tickets.hasNext()){                       
                        Ticket next = tickets.next();
                        if(next instanceof TicketGrantingTicketImpl){
        
if(((TicketGrantingTicketImpl)next).getAuthentication().getPrincipal().toStr
ing().equals(usuario) || 
                                                (next.getGrantingTicket() !=
null &&
next.getGrantingTicket().getAuthentication().getPrincipal().toString().equal
s(usuario))){
        
if(!((TicketGrantingTicketImpl)next).isExpired()){
        
((TicketGrantingTicketImpl)next).expire();
                                        }
                                        if(next.getGrantingTicket() != null
){
        
if(!next.getGrantingTicket().isExpired()){
        
next.getGrantingTicket().expire();
                                                }
        
ticketRegistry.deleteTicket(next.getGrantingTicket().getId());
                                        }
                                
        
ticketRegistry.deleteTicket(next.getId());
                                }
                        }
                        else
        
if(next.getGrantingTicket().getAuthentication().getPrincipal().toString().eq
uals(usuario)){
                                if(!next.getGrantingTicket().isExpired()){
                                        next.getGrantingTicket().expire();
        
if(next.getGrantingTicket().getGrantingTicket() != null ){
        
if(!next.getGrantingTicket().getGrantingTicket().isExpired()){
        
next.getGrantingTicket().getGrantingTicket().expire();

                                                }
        
ticketRegistry.deleteTicket(next.getGrantingTicket().getGrantingTicket().get
Id());
                                        }
        
ticketRegistry.deleteTicket(next.getGrantingTicket().getId());
                                }
                                ticketRegistry.deleteTicket(next.getId());
                        }                       
                }



-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to