});
List<String> rolesList = new ArrayList<String>();
rolesList.add("manager");
session.setAttribute(GeneralConstants.ROLES_ID, rolesList);
MockHttpServletRequest request = new MockHttpServletRequest(session, "POST");
request.addHeader("Referer", sales);
String samlMessage = Base64.encodeBytes(createLogOutRequest(sales).getBytes());
session.setAttribute("SAMLRequest", samlMessage);
MockHttpServletResponse response = new MockHttpServletResponse();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
response.setOutputStream(baos);
// The IDP is preloaded with 2 participants : "http://localhost:8080/sales/"
// and "http://localhost:8080/employee"
// Lets start the workflow with post
idp.testPost(request, response);
String idpResponse = new String(baos.toByteArray());
assertNotNull(idpResponse);
Document htmlResponse = DocumentUtil.getDocument(idpResponse);
assertNotNull(htmlResponse);
NodeList nodes = htmlResponse.getElementsByTagName("INPUT");
Element inputElement = (Element) nodes.item(0);
String logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
String relayState = null;
if (nodes.getLength() > 1)
relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
String logoutResponse = new String(Base64.decode(logoutOrigResponse));
SAML2Request samlRequest = new SAML2Request();
ByteArrayInputStream bis = new ByteArrayInputStream(logoutResponse.getBytes());
SAML2Object samlObject = samlRequest.getSAML2ObjectFromStream(bis);
assertTrue(samlObject instanceof LogoutRequestType);
// Let us feed the LogOutRequest to the SPFilter
MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
Thread.currentThread().setContextClassLoader(mclSPEmp);
SPFilter spEmpl = new SPFilter();
MockFilterConfig filterConfig = new MockFilterConfig(servletContext);
filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true");
spEmpl.init(filterConfig);
MockHttpSession filterSession = new MockHttpSession();
MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST");
filterRequest.addParameter("SAMLResponse", logoutOrigResponse);
filterRequest.addParameter("RelayState", relayState);
MockHttpServletResponse filterResponse = new MockHttpServletResponse();
ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
filterResponse.setOutputStream(filterbaos);
spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain());
String spResponse = new String(filterbaos.toByteArray());
Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
nodes = spHTMLResponse.getElementsByTagName("INPUT");
inputElement = (Element) nodes.item(0);
logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
relayState = null;
if (nodes.getLength() > 1)
relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
// Now the SP (employee app) has logged out and sending a status response to IDP
Thread.currentThread().setContextClassLoader(mclIDP);
session.setAttribute("SAMLResponse", logoutOrigResponse);
session.setAttribute("RelayState", relayState);
idp.testPost(request, response);
idpResponse = new String(filterbaos.toByteArray());
assertNotNull(idpResponse);
htmlResponse = DocumentUtil.getDocument(idpResponse);
assertNotNull(htmlResponse);
nodes = htmlResponse.getElementsByTagName("INPUT");
inputElement = (Element) nodes.item(0);
logoutOrigResponse = inputElement.getAttributeNode("VALUE").getValue();
relayState = null;
if (nodes.getLength() > 1)
relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();
// Now we should have got a full success report from IDP
MockContextClassLoader mclSPSales = setupTCL(profile + "/sp/employee");
Thread.currentThread().setContextClassLoader(mclSPSales);
SPFilter spSales = new SPFilter();
spSales.init(filterConfig);
filterRequest.addParameter("SAMLResponse", logoutOrigResponse);
filterRequest.addParameter("RelayState", relayState);
spSales.doFilter(filterRequest, filterResponse, new MockFilterChain());
spResponse = new String(filterbaos.toByteArray());