Java Code Examples for org.jasig.cas.web.support.WebUtils#getTicketGrantingTicketId()
The following examples show how to use
org.jasig.cas.web.support.WebUtils#getTicketGrantingTicketId() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: TicketGrantingTicketCheckAction.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
|
/**
* Determines whether the TGT in the flow request context is valid.
*
* @param requestContext Flow request context.
*
* @throws Exception in case ticket cannot be retrieved from the service layer
* @return {@link #NOT_EXISTS}, {@link #INVALID}, or {@link #VALID}.
*/
@Override
protected Event doExecute(final RequestContext requestContext) throws Exception {
final String tgtId = WebUtils.getTicketGrantingTicketId(requestContext);
if (!StringUtils.hasText(tgtId)) {
return new Event(this, NOT_EXISTS);
}
String eventId = INVALID;
try {
final Ticket ticket = this.centralAuthenticationService.getTicket(tgtId, Ticket.class);
if (ticket != null && !ticket.isExpired()) {
eventId = VALID;
}
} catch (final TicketException e) {
logger.trace("Could not retrieve ticket id {} from registry.", e);
}
return new Event(this, eventId);
}
Example 2
| Source File: TerminateSessionAction.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
|
/**
* Terminates the CAS SSO session by destroying the TGT (if any) and removing cookies related to the SSO session.
*
* @param context Request context.
*
* @return "success"
*/
public Event terminate(final RequestContext context) {
// in login's webflow : we can get the value from context as it has already been stored
String tgtId = WebUtils.getTicketGrantingTicketId(context);
// for logout, we need to get the cookie's value
if (tgtId == null) {
final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
tgtId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
}
if (tgtId != null) {
WebUtils.putLogoutRequests(context, this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId));
}
final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
this.ticketGrantingTicketCookieGenerator.removeCookie(response);
this.warnCookieGenerator.removeCookie(response);
return this.eventFactorySupport.success(this);
}
Example 3
| Source File: OpenIdSingleSignOnAction.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
|
@Override
protected Credential constructCredentialsFromRequest(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String userName = this.extractor
.extractLocalUsernameFromUri(context.getRequestParameters()
.get("openid.identity"));
final Service service = WebUtils.getService(context);
context.getExternalContext().getSessionMap().put("openIdLocalId", userName);
// clear the service because otherwise we can fake the username
if (service instanceof OpenIdService && userName == null) {
context.getFlowScope().remove("service");
}
if (ticketGrantingTicketId == null || userName == null) {
return null;
}
return new OpenIdCredential(
ticketGrantingTicketId, userName);
}
Example 4
| Source File: GenerateServiceTicketAction.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
|
@Override
protected Event doExecute(final RequestContext context) {
final Service service = WebUtils.getService(context);
final String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
try {
final String serviceTicketId = this.centralAuthenticationService
.grantServiceTicket(ticketGrantingTicket,
service);
WebUtils.putServiceTicketInRequestScope(context,
serviceTicketId);
return success();
} catch (final TicketException e) {
if (isGatewayPresent(context)) {
return result("gateway");
}
}
return error();
}
Example 5
| Source File: SendTicketGrantingTicketAction.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
|
@Override
protected Event doExecute(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String ticketGrantingTicketValueFromCookie = (String) context.getFlowScope().get("ticketGrantingTicketId");
if (ticketGrantingTicketId == null) {
return success();
}
this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context), WebUtils
.getHttpServletResponse(context), ticketGrantingTicketId);
if (ticketGrantingTicketValueFromCookie != null && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
this.centralAuthenticationService
.destroyTicketGrantingTicket(ticketGrantingTicketValueFromCookie);
}
return success();
}
Example 6
| Source File: TerminateSessionAction.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
|
/**
* Terminates the CAS SSO session by destroying the TGT (if any) and removing cookies related to the SSO session.
*
* @param context Request context.
*
* @return "success"
*/
public Event terminate(final RequestContext context) {
// in login's webflow : we can get the value from context as it has already been stored
String tgtId = WebUtils.getTicketGrantingTicketId(context);
// for logout, we need to get the cookie's value
if (tgtId == null) {
final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
tgtId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
}
if (tgtId != null) {
WebUtils.putLogoutRequests(context, this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId));
}
final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
this.ticketGrantingTicketCookieGenerator.removeCookie(response);
this.warnCookieGenerator.removeCookie(response);
return this.eventFactorySupport.success(this);
}
Example 7
| Source File: SendTicketGrantingTicketAction.java From cas-mfa with Apache License 2.0 | 6 votes |
|
@Override
protected Event doExecute(final RequestContext context) {
final MultiFactorCredentials mfa = MultiFactorRequestContextUtils.getMfaCredentials(context);
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String ticketGrantingTicketValueFromCookie = (String) context.getFlowScope().get("ticketGrantingTicketId");
if (ticketGrantingTicketId == null) {
return success();
}
this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context), WebUtils
.getHttpServletResponse(context), ticketGrantingTicketId);
if ((mfa == null || this.destroyPreviousSSOSession)
&& ticketGrantingTicketValueFromCookie != null
&& !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
logger.debug("Destroying the previous SSO session mapped to [{}] because, this is not an MFA request,"
+ " or configuration dictated destroying the SSO session.", ticketGrantingTicketValueFromCookie);
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketValueFromCookie);
}
return success();
}
Example 8
| Source File: AuthenticationViaFormAction.java From taoshop with Apache License 2.0 | 5 votes |
|
/**
* Is request asking for service ticket?
*
* @param context the context
* @return true, if both service and tgt are found, and the request is not asking to renew.
* @since 4.1.0
*/
protected boolean isRequestAskingForServiceTicket(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final Service service = WebUtils.getService(context);
return (StringUtils.isNotBlank(context.getRequestParameters().get(CasProtocolConstants.PARAMETER_RENEW))
&& ticketGrantingTicketId != null
&& service != null);
}
Example 9
| Source File: OpenIdSingleSignOnAction.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
@Override
protected Credential constructCredentialsFromRequest(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String openidIdentityParameter = context.getRequestParameters().get(OpenIdConstants.OPENID_IDENTITY);
String userName = null;
if (OpenIdConstants.OPENID_IDENTIFIERSELECT.equals(openidIdentityParameter)) {
userName = OpenIdConstants.OPENID_IDENTIFIERSELECT;
context.getExternalContext().getSessionMap().remove(OpenIdConstants.OPENID_LOCALID);
// already authenticated: retrieve the username from the authentication
if (ticketGrantingTicketId != null) {
try {
final TicketGrantingTicket tgt = getCentralAuthenticationService()
.getTicket(ticketGrantingTicketId, TicketGrantingTicket.class);
userName = tgt.getAuthentication().getPrincipal().getId();
} catch (final InvalidTicketException e) {
logger.error("Cannot get TGT", e);
}
}
} else {
userName = this.extractor.extractLocalUsernameFromUri(openidIdentityParameter);
context.getExternalContext().getSessionMap().put(OpenIdConstants.OPENID_LOCALID, userName);
}
final Service service = WebUtils.getService(context);
// clear the service because otherwise we can fake the username
if (service instanceof OpenIdService && userName == null) {
context.getFlowScope().remove("service");
}
if (ticketGrantingTicketId == null || userName == null) {
return null;
}
return new OpenIdCredential(
ticketGrantingTicketId, userName);
}
Example 10
| Source File: AuthenticationViaFormAction.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
/**
* Is request asking for service ticket?
*
* @param context the context
* @return true, if both service and tgt are found, and the request is not asking to renew.
* @since 4.1.0
*/
protected boolean isRequestAskingForServiceTicket(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final Service service = WebUtils.getService(context);
return (StringUtils.isNotBlank(context.getRequestParameters().get(CasProtocolConstants.PARAMETER_RENEW))
&& ticketGrantingTicketId != null
&& service != null);
}
Example 11
| Source File: SendTicketGrantingTicketAction.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
@Override
protected Event doExecute(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String ticketGrantingTicketValueFromCookie = (String) context.getFlowScope().get("ticketGrantingTicketId");
if (ticketGrantingTicketId == null) {
return success();
}
if (isAuthenticatingAtPublicWorkstation(context)) {
LOGGER.info("Authentication is at a public workstation. "
+ "SSO cookie will not be generated. Subsequent requests will be challenged for authentication.");
} else if (!this.createSsoSessionCookieOnRenewAuthentications && isAuthenticationRenewed(context)) {
LOGGER.info("Authentication session is renewed but CAS is not configured to create the SSO session. "
+ "SSO cookie will not be generated. Subsequent requests will be challenged for authentication.");
} else {
this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context), WebUtils
.getHttpServletResponse(context), ticketGrantingTicketId);
}
if (ticketGrantingTicketValueFromCookie != null && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
this.centralAuthenticationService
.destroyTicketGrantingTicket(ticketGrantingTicketValueFromCookie);
}
return success();
}
Example 12
| Source File: TicketGrantingTicketCheckAction.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
|
/**
* Determines whether the TGT in the flow request context is valid.
*
* @param requestContext Flow request context.
*
* @return {@link #NOT_EXISTS}, {@link #INVALID}, or {@link #VALID}.
*/
public Event checkValidity(final RequestContext requestContext) {
final String tgtId = WebUtils.getTicketGrantingTicketId(requestContext);
if (!StringUtils.hasText(tgtId)) {
return new Event(this, NOT_EXISTS);
}
final Ticket ticket = this.ticketRegistry.getTicket(tgtId);
return new Event(this, ticket != null && !ticket.isExpired() ? VALID : INVALID);
}
Example 13
| Source File: InitiatingMultiFactorAuthenticationViaFormAction.java From cas-mfa with Apache License 2.0 | 5 votes |
|
@Override
protected final Event doAuthentication(final RequestContext context, final Credential credentials,
final MessageContext messageContext, final String id) throws Exception {
final String tgt = WebUtils.getTicketGrantingTicketId(context);
if (!StringUtils.isBlank(tgt)) {
logger.debug("Attempting to remove the pre-existing TGT from the context [{}]", tgt);
this.cas.destroyTicketGrantingTicket(tgt);
MultiFactorRequestContextUtils.setTicketGrantingTicketId(context, null);
}
final Event primaryAuthnEvent = this.wrapperAuthenticationAction.submit(context, credentials, messageContext);
if (!success().getId().equals(primaryAuthnEvent.getId())) {
logger.debug("Returning event id [{}]", primaryAuthnEvent);
return primaryAuthnEvent;
}
MultiFactorRequestContextUtils.setTicketGrantingTicketId(context, WebUtils.getTicketGrantingTicketId(context));
final List<MultiFactorAuthenticationRequestContext> mfaRequests =
getMfaRequestOrNull(this.authenticationSupport.getAuthenticationFrom(WebUtils.getTicketGrantingTicketId(context)),
WebUtils.getService(context), context);
if (mfaRequests != null) {
MultiFactorRequestContextUtils.setMultifactorWebApplicationService(context,
addToMfaTransactionAndGetHighestRankedMfaRequest(mfaRequests, context));
return doMultiFactorAuthentication(context, credentials, messageContext, id);
}
return primaryAuthnEvent;
}
