Class CasAuthenticationEntryPoint
java.lang.Object
org.springframework.security.cas.web.CasAuthenticationEntryPoint
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean
,AuthenticationEntryPoint
public class CasAuthenticationEntryPoint
extends Object
implements AuthenticationEntryPoint, org.springframework.beans.factory.InitializingBean
Used by the
ExceptionTranslationFilter
to commence authentication via the
JA-SIG Central Authentication Service (CAS).
The user's browser will be redirected to the JA-SIG CAS enterprise-wide login page.
This page is specified by the loginUrl
property. Once login is complete,
the CAS login page will redirect to the page indicated by the service
property. The service
is a HTTP URL belonging to the current application.
The service
URL is monitored by the CasAuthenticationFilter
, which
will validate the CAS login was successful.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
final void
commence
(jakarta.servlet.http.HttpServletRequest servletRequest, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authenticationException) Commences an authentication scheme.protected String
createRedirectUrl
(String serviceUrl) Constructs the Url for Redirection to the CAS server.protected String
createServiceUrl
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Constructs a new Service Url.protected boolean
Sets whether to encode the service url with the session id or not.final String
The enterprise-wide CAS login URL.final ServiceProperties
protected void
preCommence
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Template method for you to do your own pre-processing before the redirect occurs.final void
setEncodeServiceUrlWithSessionId
(boolean encodeServiceUrlWithSessionId) Sets whether to encode the service url with the session id or not.final void
setLoginUrl
(String loginUrl) final void
setServiceProperties
(ServiceProperties serviceProperties)
-
Constructor Details
-
CasAuthenticationEntryPoint
public CasAuthenticationEntryPoint()
-
-
Method Details
-
afterPropertiesSet
public void afterPropertiesSet()- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
-
commence
public final void commence(jakarta.servlet.http.HttpServletRequest servletRequest, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authenticationException) throws IOException Description copied from interface:AuthenticationEntryPoint
Commences an authentication scheme.ExceptionTranslationFilter
will populate theHttpSession
attribute namedAbstractAuthenticationProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY
with the requested target URL before calling this method.Implementations should modify the headers on the
ServletResponse
as necessary to commence the authentication process.- Specified by:
commence
in interfaceAuthenticationEntryPoint
- Parameters:
servletRequest
- that resulted in anAuthenticationException
response
- so that the user agent can begin authenticationauthenticationException
- that caused the invocation- Throws:
IOException
-
createServiceUrl
protected String createServiceUrl(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Constructs a new Service Url. The default implementation relies on the CAS client to do the bulk of the work.- Parameters:
request
- the HttpServletRequestresponse
- the HttpServlet Response- Returns:
- the constructed service url. CANNOT be NULL.
-
createRedirectUrl
Constructs the Url for Redirection to the CAS server. Default implementation relies on the CAS client to do the bulk of the work.- Parameters:
serviceUrl
- the service url that should be included.- Returns:
- the redirect url. CANNOT be NULL.
-
preCommence
protected void preCommence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Template method for you to do your own pre-processing before the redirect occurs.- Parameters:
request
- the HttpServletRequestresponse
- the HttpServletResponse
-
getLoginUrl
The enterprise-wide CAS login URL. Usually something likehttps://www.mycompany.com/cas/login
.- Returns:
- the enterprise-wide CAS login URL
-
getServiceProperties
-
setLoginUrl
-
setServiceProperties
-
setEncodeServiceUrlWithSessionId
public final void setEncodeServiceUrlWithSessionId(boolean encodeServiceUrlWithSessionId) Sets whether to encode the service url with the session id or not.- Parameters:
encodeServiceUrlWithSessionId
- whether to encode the service url with the session id or not.
-
getEncodeServiceUrlWithSessionId
protected boolean getEncodeServiceUrlWithSessionId()Sets whether to encode the service url with the session id or not.- Returns:
- whether to encode the service url with the session id or not.
-