001    package org.trails.security;
002    
003    import java.io.IOException;
004    import java.util.HashMap;
005    import java.util.List;
006    
007    import javax.servlet.http.Cookie;
008    import javax.servlet.http.HttpServletResponse;
009    
010    import org.apache.log4j.Logger;
011    import org.apache.tapestry.IRequestCycle;
012    import org.apache.tapestry.engine.IEngineService;
013    import org.apache.tapestry.engine.ILink;
014    import org.apache.tapestry.services.LinkFactory;
015    import org.hibernate.criterion.DetachedCriteria;
016    import org.hibernate.criterion.Restrictions;
017    import org.trails.persistence.HibernatePersistenceService;
018    
019    public class LogoutService implements IEngineService {
020            private static final Logger log = Logger.getLogger(LogoutService.class);
021            
022            private HibernatePersistenceService persistenceService;
023            private IEngineService restartService;
024            private HttpServletResponse response;
025    
026            private LinkFactory linkFactory;
027            
028            public ILink getLink(boolean post, Object parameter) {
029                    return linkFactory.constructLink(this, post, new HashMap(), false);
030            }
031    
032            public void service(IRequestCycle cycle) throws IOException {
033                    String username = cycle.getInfrastructure().getRequest().getRemoteUser();
034                    if (username != null)
035                    {
036                            Cookie cookie = new Cookie("remembermetoken", "");
037                            cookie.setPath("/");
038                            cookie.setMaxAge(0);
039                            response.addCookie(cookie);
040    
041                            // Hmm.. now this requires two queries, is there any way to delete all with criteria api
042                            // without obtaining a collection?
043                            try
044                            {
045                                    DetachedCriteria detachedCriteria = DetachedCriteria.forClass(ExpiringKey.class);
046                                    detachedCriteria.add(Restrictions.eq("name", username));
047                                    List<ExpiringKey> credentials = persistenceService.getInstances(ExpiringKey.class, detachedCriteria);
048                                    if (credentials.size() > 0) persistenceService.removeAll(credentials);
049                            }
050                            catch (Exception e)
051                            {
052                                    log.warn("Couldn't clean up persistent credentials because of: " + e.getMessage());
053                            }
054                    }
055                            
056                    restartService.service(cycle);
057            }
058            
059            public void setLinkFactory(LinkFactory factory) {
060                    linkFactory = factory;
061            }
062            
063            public void setPersistenceService(HibernatePersistenceService persistenceService) {
064                    this.persistenceService = persistenceService;
065            }
066            
067            public void setRestartService(IEngineService restartService) {
068                    this.restartService = restartService;
069            }
070            
071            public String getName() {
072                    return "logout";
073            }
074    
075            public void setResponse(HttpServletResponse response) {
076                    this.response = response;
077            }
078    }