Class CasAuthenticationProvider
- java.lang.Object
-
- org.springframework.security.cas.authentication.CasAuthenticationProvider
-
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.MessageSourceAware
,AuthenticationProvider
public class CasAuthenticationProvider extends java.lang.Object implements AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
AnAuthenticationProvider
implementation that integrates with JA-SIG Central Authentication Service (CAS).This
AuthenticationProvider
is capable of validatingUsernamePasswordAuthenticationToken
requests which contain aprincipal
name equal to eitherCasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER
orCasAuthenticationFilter.CAS_STATELESS_IDENTIFIER
. It can also validate a previously createdCasAuthenticationToken
.
-
-
Field Summary
Fields Modifier and Type Field Description protected org.springframework.context.support.MessageSourceAccessor
messages
-
Constructor Summary
Constructors Constructor Description CasAuthenticationProvider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
afterPropertiesSet()
Authentication
authenticate(Authentication authentication)
Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication)
.protected java.lang.String
getKey()
StatelessTicketCache
getStatelessTicketCache()
protected org.jasig.cas.client.validation.TicketValidator
getTicketValidator()
protected UserDetails
loadUserByAssertion(org.jasig.cas.client.validation.Assertion assertion)
Template method for retrieving the UserDetails based on the assertion.void
setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService)
void
setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)
void
setKey(java.lang.String key)
void
setMessageSource(org.springframework.context.MessageSource messageSource)
void
setServiceProperties(ServiceProperties serviceProperties)
void
setStatelessTicketCache(StatelessTicketCache statelessTicketCache)
void
setTicketValidator(org.jasig.cas.client.validation.TicketValidator ticketValidator)
void
setUserDetailsService(UserDetailsService userDetailsService)
boolean
supports(java.lang.Class<?> authentication)
Returnstrue
if thisAuthenticationProvider
supports the indicatedAuthentication
object.
-
-
-
Method Detail
-
afterPropertiesSet
public void afterPropertiesSet()
- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
-
authenticate
public Authentication authenticate(Authentication authentication) throws AuthenticationException
Description copied from interface:AuthenticationProvider
Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication)
.- Specified by:
authenticate
in interfaceAuthenticationProvider
- Parameters:
authentication
- the authentication request object.- Returns:
- a fully authenticated object including credentials. May return
null
if theAuthenticationProvider
is unable to support authentication of the passedAuthentication
object. In such a case, the nextAuthenticationProvider
that supports the presentedAuthentication
class will be tried. - Throws:
AuthenticationException
- if authentication fails.
-
loadUserByAssertion
protected UserDetails loadUserByAssertion(org.jasig.cas.client.validation.Assertion assertion)
Template method for retrieving the UserDetails based on the assertion. Default is to call configured userDetailsService and pass the username. Deployers can override this method and retrieve the user based on any criteria they desire.- Parameters:
assertion
- The CAS Assertion.- Returns:
- the UserDetails.
-
setUserDetailsService
public void setUserDetailsService(UserDetailsService userDetailsService)
-
setAuthenticationUserDetailsService
public void setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService)
-
setServiceProperties
public void setServiceProperties(ServiceProperties serviceProperties)
-
getKey
protected java.lang.String getKey()
-
setKey
public void setKey(java.lang.String key)
-
getStatelessTicketCache
public StatelessTicketCache getStatelessTicketCache()
-
getTicketValidator
protected org.jasig.cas.client.validation.TicketValidator getTicketValidator()
-
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource)
- Specified by:
setMessageSource
in interfaceorg.springframework.context.MessageSourceAware
-
setStatelessTicketCache
public void setStatelessTicketCache(StatelessTicketCache statelessTicketCache)
-
setTicketValidator
public void setTicketValidator(org.jasig.cas.client.validation.TicketValidator ticketValidator)
-
setAuthoritiesMapper
public void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)
-
supports
public boolean supports(java.lang.Class<?> authentication)
Description copied from interface:AuthenticationProvider
Returnstrue
if thisAuthenticationProvider
supports the indicatedAuthentication
object.Returning
true
does not guarantee anAuthenticationProvider
will be able to authenticate the presented instance of theAuthentication
class. It simply indicates it can support closer evaluation of it. AnAuthenticationProvider
can still returnnull
from theAuthenticationProvider.authenticate(Authentication)
method to indicate anotherAuthenticationProvider
should be tried.Selection of an
AuthenticationProvider
capable of performing authentication is conducted at runtime theProviderManager
.- Specified by:
supports
in interfaceAuthenticationProvider
- Returns:
true
if the implementation can more closely evaluate theAuthentication
class presented
-
-