Class CasAuthenticationProvider
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.MessageSourceAware
,AuthenticationProvider
AuthenticationProvider
implementation that integrates with JA-SIG Central
Authentication Service (CAS).
This AuthenticationProvider
is capable of validating
CasServiceTicketAuthenticationToken
requests which contain a
principal
name equal to either
CasServiceTicketAuthenticationToken.CAS_STATEFUL_IDENTIFIER
or
CasServiceTicketAuthenticationToken.CAS_STATELESS_IDENTIFIER
. It can also
validate a previously created CasAuthenticationToken
.
-
Field Summary
Modifier and TypeFieldDescriptionprotected org.springframework.context.support.MessageSourceAccessor
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
authenticate
(Authentication authentication) Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication)
.protected String
getKey()
protected org.apereo.cas.client.validation.TicketValidator
protected UserDetails
loadUserByAssertion
(org.apereo.cas.client.validation.Assertion assertion) Template method for retrieving the UserDetails based on the assertion.void
setAuthenticationUserDetailsService
(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService) void
setAuthoritiesMapper
(GrantedAuthoritiesMapper authoritiesMapper) void
void
setMessageSource
(org.springframework.context.MessageSource messageSource) void
setServiceProperties
(ServiceProperties serviceProperties) void
setStatelessTicketCache
(StatelessTicketCache statelessTicketCache) void
setTicketValidator
(org.apereo.cas.client.validation.TicketValidator ticketValidator) void
setUserDetailsService
(UserDetailsService userDetailsService) boolean
Returnstrue
if thisAuthenticationProvider
supports the indicatedAuthentication
object.
-
Field Details
-
messages
protected org.springframework.context.support.MessageSourceAccessor messages
-
-
Constructor Details
-
CasAuthenticationProvider
public CasAuthenticationProvider()
-
-
Method Details
-
afterPropertiesSet
public void afterPropertiesSet()- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
-
authenticate
Description copied from interface:AuthenticationProvider
Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication)
.- Specified by:
authenticate
in interfaceAuthenticationProvider
- Parameters:
authentication
- the authentication request object.- Returns:
- a fully authenticated object including credentials. May return
null
if theAuthenticationProvider
is unable to support authentication of the passedAuthentication
object. In such a case, the nextAuthenticationProvider
that supports the presentedAuthentication
class will be tried. - Throws:
AuthenticationException
- if authentication fails.
-
loadUserByAssertion
Template method for retrieving the UserDetails based on the assertion. Default is to call configured userDetailsService and pass the username. Deployers can override this method and retrieve the user based on any criteria they desire.- Parameters:
assertion
- The CAS Assertion.- Returns:
- the UserDetails.
-
setUserDetailsService
-
setAuthenticationUserDetailsService
public void setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService) -
setServiceProperties
-
getKey
-
setKey
-
getStatelessTicketCache
-
getTicketValidator
protected org.apereo.cas.client.validation.TicketValidator getTicketValidator() -
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource) - Specified by:
setMessageSource
in interfaceorg.springframework.context.MessageSourceAware
-
setStatelessTicketCache
-
setTicketValidator
public void setTicketValidator(org.apereo.cas.client.validation.TicketValidator ticketValidator) -
setAuthoritiesMapper
-
supports
Description copied from interface:AuthenticationProvider
Returnstrue
if thisAuthenticationProvider
supports the indicatedAuthentication
object.Returning
true
does not guarantee anAuthenticationProvider
will be able to authenticate the presentedAuthentication
object. It simply indicates it can support closer evaluation of it. AnAuthenticationProvider
can still returnnull
from theAuthenticationProvider.authenticate(Authentication)
method to indicate anotherAuthenticationProvider
should be tried.Selection of an
AuthenticationProvider
capable of performing authentication is conducted at runtime theProviderManager
.- Specified by:
supports
in interfaceAuthenticationProvider
- Returns:
true
if the implementation can more closely evaluate theAuthentication
class presented
-