public class CasRealm extends AuthorizingRealm
CasToken (which essentially
wraps a CAS service ticket) and validates it against the CAS server using a configured CAS
TicketValidator.
The validationProtocol is CAS by default, which indicates that a
a Cas20ServiceTicketValidator
will be used for ticket validation. You can alternatively set
or Saml11TicketValidator of CAS client. It is based on
AuthorizingRealm for both authentication and authorization. User id and attributes are retrieved from the CAS
service ticket validation response during authentication phase. Roles and permissions are computed during authorization phase (according
to the attributes previously retrieved).| Modifier and Type | Field and Description |
|---|---|
static String |
DEFAULT_REMEMBER_ME_ATTRIBUTE_NAME |
static String |
DEFAULT_VALIDATION_PROTOCOL |
| Constructor and Description |
|---|
CasRealm() |
| Modifier and Type | Method and Description |
|---|---|
protected org.jasig.cas.client.validation.TicketValidator |
createTicketValidator() |
protected AuthenticationInfo |
doGetAuthenticationInfo(AuthenticationToken token)
Authenticates a user and retrieves its information.
|
protected AuthorizationInfo |
doGetAuthorizationInfo(PrincipalCollection principals)
Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user : id + attributes).
|
protected org.jasig.cas.client.validation.TicketValidator |
ensureTicketValidator() |
String |
getCasServerUrlPrefix() |
String |
getCasService() |
String |
getDefaultPermissions() |
String |
getDefaultRoles() |
String |
getPermissionAttributeNames() |
String |
getRememberMeAttributeName() |
String |
getRoleAttributeNames() |
String |
getValidationProtocol() |
protected void |
onInit() |
void |
setCasServerUrlPrefix(String casServerUrlPrefix) |
void |
setCasService(String casService) |
void |
setDefaultPermissions(String defaultPermissions) |
void |
setDefaultRoles(String defaultRoles) |
void |
setPermissionAttributeNames(String permissionAttributeNames) |
void |
setRememberMeAttributeName(String rememberMeAttributeName) |
void |
setRoleAttributeNames(String roleAttributeNames) |
void |
setValidationProtocol(String validationProtocol) |
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolverassertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supportsclearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabledclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitinitpublic static final String DEFAULT_REMEMBER_ME_ATTRIBUTE_NAME
public static final String DEFAULT_VALIDATION_PROTOCOL
protected void onInit()
onInit in class AuthorizingRealmprotected org.jasig.cas.client.validation.TicketValidator ensureTicketValidator()
protected org.jasig.cas.client.validation.TicketValidator createTicketValidator()
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException
doGetAuthenticationInfo in class AuthenticatingRealmtoken - the authentication tokenAuthenticationException - if there is an error during authentication.protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
doGetAuthorizationInfo in class AuthorizingRealmprincipals - the primary identifying principals of the AuthorizationInfo that should be retrieved.public String getCasServerUrlPrefix()
public void setCasServerUrlPrefix(String casServerUrlPrefix)
public String getCasService()
public void setCasService(String casService)
public String getValidationProtocol()
public void setValidationProtocol(String validationProtocol)
public String getRememberMeAttributeName()
public void setRememberMeAttributeName(String rememberMeAttributeName)
public String getDefaultRoles()
public void setDefaultRoles(String defaultRoles)
public String getDefaultPermissions()
public void setDefaultPermissions(String defaultPermissions)
public String getRoleAttributeNames()
public void setRoleAttributeNames(String roleAttributeNames)
public String getPermissionAttributeNames()
public void setPermissionAttributeNames(String permissionAttributeNames)
Copyright © 2004-2016 The Apache Software Foundation. All Rights Reserved.