org.jasig.cas.client.validation.Cas20ServiceTicketValidator Java Examples

The following examples show how to use org.jasig.cas.client.validation.Cas20ServiceTicketValidator. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 6 votes vote down vote up
@Test
public void testDoGetBadTicket() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET, TICKET, "false");
    final HttpServletResponse response = createMockHttpServletResponse();
    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION)).thenThrow(new TicketValidationException("Invalid Ticket"));

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willThrow(new ExternalAuthenticationException());

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Standard request/response - bad ticket
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("false");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).getRequestDispatcher("/no-conversation-state.jsp");
    verify(response).setStatus(404);
}
 
Example #2
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 6 votes vote down vote up
@Test
public void testDoGetBadTicket() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET, TICKET, "false");
    final HttpServletResponse response = createMockHttpServletResponse();
    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION)).thenThrow(new TicketValidationException("Invalid Ticket"));

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willThrow(new ExternalAuthenticationException());

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Standard request/response - bad ticket
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("false");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).getRequestDispatcher("/no-conversation-state.jsp");
    verify(response).setStatus(404);
}
 
Example #3
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetPassiveAndForced() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET_GATEWAY_ATTEMPTED, TICKET, "true");
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas30ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION_GATEWAY_ATTEMPTED)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas30TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Passive and forced request/response
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("true");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("true");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #4
Source File: SpringWebConfig.java    From we-cmdb with Apache License 2.0 5 votes vote down vote up
@Bean
public CasAuthenticationProvider casAuthenticationProvider() {
    CasAuthenticationProvider provider = new CasAuthenticationProvider();
    provider.setTicketValidator(new Cas20ServiceTicketValidator(securityProperties.getCasServerUrl()));
    provider.setServiceProperties(serviceProperties());
    provider.setKey("casAuthProviderKey");
    provider.setUserDetailsService(userDetailsService);
    return provider;
}
 
Example #5
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetForced() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET, TICKET, null);
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Forced request/response
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("true");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("false");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #6
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetPassiveNotAuthenticated() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest("conversation=e1s1&gatewayAttempted=true", null, "true");
    final HttpServletResponse response = createMockHttpServletResponse();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Passive request/response with no user
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("true");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request, never()).setAttribute(eq(ExternalAuthentication.PRINCIPAL_NAME_KEY), any());
    verify(request).setAttribute(ExternalAuthentication.AUTHENTICATION_ERROR_KEY, "NoPassive");
    verify(ticketValidator, never()).validate(anyString(), anyString());
}
 
Example #7
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetPassiveAuthenticated() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET + "&gatewayAttempted=true", TICKET, "true");
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION_GATEWAY_ATTEMPTED)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Passive request/response with authenticated user
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("true");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #8
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetStandard() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET, TICKET, null);
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Standard request/response
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("false");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #9
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetPassiveAndForced() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET_GATEWAY_ATTEMPTED, TICKET, "true");
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas30ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION_GATEWAY_ATTEMPTED)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas30TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Passive and forced request/response
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("true");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("true");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #10
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetForced() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET, TICKET, null);
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Forced request/response
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("true");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("false");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #11
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetPassiveNotAuthenticated() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest("conversation=e1s1&gatewayAttempted=true", null, "true");
    final HttpServletResponse response = createMockHttpServletResponse();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Passive request/response with no user
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("true");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request, never()).setAttribute(eq(ExternalAuthentication.PRINCIPAL_NAME_KEY), any());
    verify(request).setAttribute(ExternalAuthentication.AUTHENTICATION_ERROR_KEY, "NoPassive");
    verify(ticketValidator, never()).validate(anyString(), anyString());
}
 
Example #12
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetPassiveAuthenticated() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET + "&gatewayAttempted=true", TICKET, "true");
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION_GATEWAY_ATTEMPTED)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Passive request/response with authenticated user
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("true");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #13
Source File: ShibcasAuthServletTest.java    From shib-cas-authn3 with Apache License 2.0 5 votes vote down vote up
@Test
public void testDoGetStandard() throws Exception {
    //Mock some objects.
    final HttpServletRequest request = createDoGetHttpServletRequest(CONVERSATION_TICKET, TICKET, null);
    final HttpServletResponse response = createMockHttpServletResponse();
    final Assertion assertion = createMockAssertion();

    final Cas20ServiceTicketValidator ticketValidator = PowerMockito.mock(Cas20ServiceTicketValidator.class);
    PowerMockito.when(ticketValidator.validate(TICKET, URL_WITH_CONVERSATION)).thenReturn(assertion);

    PowerMockito.mockStatic(ExternalAuthentication.class);
    BDDMockito.given(ExternalAuthentication.startExternalAuthentication(request)).willReturn(E1S1);

    //Prep our object
    final ShibcasAuthServlet shibcasAuthServlet = createShibcasAuthServlet();

    //Override the internal Cas20TicketValidator because we don't want it to call a real server
    MemberModifier.field(ShibcasAuthServlet.class, "ticketValidator").set(shibcasAuthServlet, ticketValidator);

    //Standard request/response
    BDDMockito.given(request.getAttribute(ExternalAuthentication.FORCE_AUTHN_PARAM)).willReturn("false");
    BDDMockito.given(request.getAttribute(ExternalAuthentication.PASSIVE_AUTHN_PARAM)).willReturn("false");
    shibcasAuthServlet.doGet(request, response);

    //Verify
    verify(request).setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, JDOE);
}
 
Example #14
Source File: CasSsoContextConfig.java    From onetwo with Apache License 2.0 5 votes vote down vote up
@Bean
@ConditionalOnMissingBean(CasAuthenticationProvider.class)
public CasAuthenticationProvider casAuthenticationProvider(){
	CasAuthenticationProvider casProvider = new CasAuthenticationProvider();
	casProvider.setAuthenticationUserDetailsService(new UserDetailsByNameServiceWrapper<>(userDetailsService));
	casProvider.setServiceProperties(serviceProperties());
	casProvider.setTicketValidator(new Cas20ServiceTicketValidator(bootSecurityConfig.getCas().getCasServerUrl()));
	casProvider.setKey(bootSecurityConfig.getCas().getKey());
	return casProvider;
}
 
Example #15
Source File: WebSecurityConfig.java    From shepher with Apache License 2.0 5 votes vote down vote up
public Cas20ProxyReceivingTicketValidationFilter getCas20ProxyReceivingTicketValidationFilter() {
    Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter();
    cas20ProxyReceivingTicketValidationFilter.setServerName(serverUrl);
    cas20ProxyReceivingTicketValidationFilter.setTicketValidator(new Cas20ServiceTicketValidator(casServerUrlPrefix));
    cas20ProxyReceivingTicketValidationFilter.setRedirectAfterValidation(true);
    return cas20ProxyReceivingTicketValidationFilter;
}
 
Example #16
Source File: CasTicketValidatorUtils.java    From shiro-cas-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
protected static <T> T createNewTicketValidator(final Class<? extends Cas20ServiceTicketValidator> ticketValidatorClass,
		final String casServerUrlPrefix, final Class<T> clazz) {
	if (ticketValidatorClass == null) {
		return ReflectUtils.newInstance(clazz, casServerUrlPrefix);
	}
	return (T) ReflectUtils.newInstance(ticketValidatorClass, casServerUrlPrefix);
}
 
Example #17
Source File: CasTicketValidatorUtils.java    From shiro-cas-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
protected static TicketValidator buildCas20TicketValidator(final ShiroCasProperties casProperties) {
      
      final boolean allowAnyProxy = casProperties.isAcceptAnyProxy();
final String allowedProxyChains = casProperties.getAllowedProxyChains();
final String casServerUrlPrefix = casProperties.getCasServerUrlPrefix();

final Class<? extends Cas20ServiceTicketValidator> ticketValidatorClass = StringUtils.hasText(casProperties.getTicketValidatorClass()) ? ReflectUtils.loadClass(casProperties.getTicketValidatorClass()) : null; 
final Cas20ServiceTicketValidator validator;

if (allowAnyProxy || CommonUtils.isNotBlank(allowedProxyChains)) {
	final Cas20ProxyTicketValidator v = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas20ProxyTicketValidator.class);
	v.setAcceptAnyProxy(allowAnyProxy);
	v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains));
	validator = v;
} else {
	validator = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas20ServiceTicketValidator.class);
}
validator.setProxyCallbackUrl(casProperties.getProxyCallbackUrl());
validator.setProxyGrantingTicketStorage(proxyGrantingTicketStorage);

HttpURLConnectionFactory factory = new HttpsURLConnectionFactory( HttpsURLConnection.getDefaultHostnameVerifier(), getSSLConfig(casProperties));

validator.setURLConnectionFactory(factory);

validator.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix, casProperties.getEncoding(), factory));
validator.setRenew(casProperties.isRenew());
validator.setEncoding(casProperties.getEncoding());

      return validator;
  }
 
Example #18
Source File: CasTicketValidatorUtils.java    From shiro-cas-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
protected static TicketValidator buildCas30TicketValidator(final ShiroCasProperties casProperties) {
      
      final boolean allowAnyProxy = casProperties.isAcceptAnyProxy();
final String allowedProxyChains = casProperties.getAllowedProxyChains();
final String casServerUrlPrefix = casProperties.getCasServerUrlPrefix();

final Class<? extends Cas20ServiceTicketValidator> ticketValidatorClass = StringUtils.hasText(casProperties.getTicketValidatorClass()) ? ReflectUtils.loadClass(casProperties.getTicketValidatorClass()) : null; 
final Cas20ServiceTicketValidator validator;

if (allowAnyProxy || CommonUtils.isNotBlank(allowedProxyChains)) {
	final Cas20ProxyTicketValidator v = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas30ProxyTicketValidator.class);
	v.setAcceptAnyProxy(allowAnyProxy);
	v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains));
	validator = v;
} else {
	validator = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas30ServiceTicketValidator.class);
}
validator.setProxyCallbackUrl(casProperties.getProxyCallbackUrl());
validator.setProxyGrantingTicketStorage(proxyGrantingTicketStorage);

HttpURLConnectionFactory factory = new HttpsURLConnectionFactory( HttpsURLConnection.getDefaultHostnameVerifier(), getSSLConfig(casProperties));

validator.setURLConnectionFactory(factory);

validator.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix, casProperties.getEncoding(), factory));
validator.setRenew(casProperties.isRenew());
validator.setEncoding(casProperties.getEncoding());

      return validator;
      
  }
 
Example #19
Source File: SecurityConfiguration.java    From cymbal with Apache License 2.0 5 votes vote down vote up
@Bean
public CasAuthenticationProvider casAuthenticationProvider(final CasUserDetailService casUserDetailService,
        final ServiceProperties serviceProperties, final Cas20ServiceTicketValidator ticketValidator) {
    CasAuthenticationProvider provider = new CasAuthenticationProvider();
    provider.setKey("casProvider");
    provider.setServiceProperties(serviceProperties);
    provider.setTicketValidator(ticketValidator);
    provider.setAuthenticationUserDetailsService(casUserDetailService);
    return provider;
}
 
Example #20
Source File: CasConfiguration.java    From cymbal with Apache License 2.0 5 votes vote down vote up
@Bean
public CasAuthenticationProvider casAuthenticationProvider(CasUserDetailService casUserDetailService,
        ServiceProperties serviceProperties, Cas20ServiceTicketValidator ticketValidator) {
    CasAuthenticationProvider provider = new CasAuthenticationProvider();
    provider.setKey("casProvider");
    provider.setServiceProperties(serviceProperties);
    provider.setTicketValidator(ticketValidator);
    provider.setAuthenticationUserDetailsService(casUserDetailService);
    return provider;
}
 
Example #21
Source File: SecurityConfiguration.java    From demo-spring-security-cas with Apache License 2.0 4 votes vote down vote up
@Bean
public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
	return new Cas20ServiceTicketValidator(env.getRequiredProperty(CAS_URL_PREFIX));
}
 
Example #22
Source File: SecurityConfiguration.java    From cymbal with Apache License 2.0 4 votes vote down vote up
@Bean
public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
    return new Cas20ServiceTicketValidator(this.casProperties.getServerUrlPrefix());
}
 
Example #23
Source File: CasConfiguration.java    From cymbal with Apache License 2.0 4 votes vote down vote up
@Bean
public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
    return new Cas20ServiceTicketValidator(this.casProperties.getServerUrlPrefix());
}
 
Example #24
Source File: WebSecurityConfig.java    From dubbo-postman with MIT License 4 votes vote down vote up
private Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
    Cas20ServiceTicketValidator validator = new Cas20ServiceTicketValidator(SSO_URL);
    return validator;
}