I'm integrating Xwiki with OAuth2. I managed to login but now I'm struggling
with logging out from the server when I click on 'logout' in Xwiki. This is
the code snippet that performs the redirection to the server to logout from
it:
else if ("logout".equals(context.getAction())
&& wrappedRequest.getUserPrincipal() != null) {
// redirect to the OAuth2 logout page
wrappedRequest.setUserPrincipal(null);
try {
context.getResponse().sendRedirect(
configuration.getOAuth2Param(
LOGOUT_URL.replace(".", "_"), LOGOUT_URL,
"logouturl",
context));
} catch (IOException e) {
throw new
XWikiException(XWikiException.MODULE_XWIKI_USER,
XWikiException.ERROR_XWIKI_USER_INIT,
"Can't redirect to the OAuth2
logout page", e);
}
return null;
}
I wrote a XWikiOAuth2Authenticator class that extends XWikiAuthServiceImpl
and overrides checkAuth.
The code works since I get redirected to LOGOUT_URL but I also get the
following stacktrace due to the calling of other Xwiki classes out of my
control:
2017-04-28 17:05:31,155
[http://localhost:8080/xwiki/bin/logout/XWiki/XWikiLogout?xredirect=%2Fxwiki%2Fbin%2Fview%2FMain
%2F] WARN c.x.x.w.XWikiAction - Uncaught exception: Error number
0 in 11: Uncaught exception
com.xpn.xwiki.XWikiException: Error number 0 in 11: Uncaught exception
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:474)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:210)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
at
org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:112)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.j
ava:208)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.j
ava:111)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:136)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:957)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:620)
at
org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2476)
at
org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2465)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: Cannot create a session after
the response has been committed
at
org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
at
org.apache.catalina.connector.Request.getSession(Request.java:2384)
at
org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:897)
at
javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
at
javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
at com.xpn.xwiki.web.LogoutAction.action(LogoutAction.java:57)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:446)
... 46 common frames omitted
I'm obviously doing something wrong and I couldn't find an example of how to
logout from a server. What's the correct way and where is the correct place
to do that? Or...how can I avoid this exception? Thank you.
--
View this message in context:
http://xwiki.475771.n2.nabble.com/OAuth2-Logout-tp7603692.html
Sent from the XWiki- Users mailing list archive at Nabble.com.
