| | |
|---|
| | | package com.gitblit.wicket.pages;
|
|---|
| | |
|
|---|
| | | import org.apache.wicket.markup.html.WebPage;
|
|---|
| | | import org.apache.wicket.protocol.http.WebRequest;
|
|---|
| | | import org.apache.wicket.protocol.http.WebResponse;
|
|---|
| | |
|
|---|
| | | import com.gitblit.GitBlit;
|
|---|
| | | import com.gitblit.models.UserModel;
|
|---|
| | | import com.gitblit.wicket.GitBlitWebSession;
|
|---|
| | |
|
|---|
| | | public class LogoutPage extends WebPage {
|
|---|
| | | public class LogoutPage extends BasePage {
|
|---|
| | |
|
|---|
| | | public LogoutPage() {
|
|---|
| | | super();
|
|---|
| | | GitBlitWebSession session = GitBlitWebSession.get();
|
|---|
| | | UserModel user = session.getUser();
|
|---|
| | | GitBlit.self().setCookie((WebResponse) getResponse(), null);
|
|---|
| | | GitBlit.self().logout(user);
|
|---|
| | | session.invalidate();
|
|---|
| | | setRedirect(true);
|
|---|
| | | setResponsePage(getApplication().getHomePage());
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | /*
|
|---|
| | | * Now check whether the authentication was realized via the Authorization in the header.
|
|---|
| | | * If so, it is likely to be cached by the browser, and cannot be undone. Effectively, this means
|
|---|
| | | * that you cannot log out...
|
|---|
| | | */
|
|---|
| | | if ( ((WebRequest)getRequest()).getHttpServletRequest().getHeader("Authorization") != null ) {
|
|---|
| | | // authentication will be done via this route anyway, show a page to close the browser:
|
|---|
| | | // this will be done by Wicket.
|
|---|
| | | setupPage(null, getString("gb.logout"));
|
|---|
| | | |
|---|
| | | } else {
|
|---|
| | | setRedirect(true);
|
|---|
| | | setResponsePage(getApplication().getHomePage());
|
|---|
| | | } // not via WWW-Auth
|
|---|
| | | } // LogoutPage
|
|---|
| | | } |
|---|
