Package org.jasig.cas.client.validation

Examples of org.jasig.cas.client.validation.Assertion


        logger.debug("Cleaning assertion cache of size {}", ASSERTION_CACHE.size());
        final Iterator<Map.Entry<TicketCredential, Assertion>> iter = ASSERTION_CACHE.entrySet().iterator();
        final Calendar cutoff = Calendar.getInstance();
        cutoff.setTimeInMillis(System.currentTimeMillis() - this.cacheTimeoutUnit.toMillis(this.cacheTimeout));
        while (iter.hasNext()) {
            final Assertion assertion = iter.next().getValue();
            final Calendar created = Calendar.getInstance();
            created.setTime(assertion.getValidFromDate());
            if (created.before(cutoff)) {
                logger.debug("Removing expired assertion for principal {}", assertion.getPrincipal());
                iter.remove();
            }
        }
    }
View Full Code Here


            filterChain.doFilter(request, response);
            return;
        }
       
        final HttpSession session = request.getSession(false);
        final Assertion assertion = session != null ? (Assertion) session.getAttribute(CONST_CAS_ASSERTION) : null;

        if (assertion != null) {
            filterChain.doFilter(request, response);
            return;
        }
View Full Code Here

    }

    protected AttributePrincipal retrievePrincipalFromSessionOrRequest(final ServletRequest servletRequest) {
        final HttpServletRequest request = (HttpServletRequest) servletRequest;
        final HttpSession session = request.getSession(false);
        final Assertion assertion = (Assertion) (session == null ? request
                .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : session
                .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION));

        return assertion == null ? null : assertion.getPrincipal();
    }
View Full Code Here

     * code is set on the response.  In cases where no existing CAS session exists,
     * a 302 redirect is set on the response to redirect to the CAS server for
     * authentication.
     */
    public final Principal authenticate(final HttpServletRequest request, final HttpServletResponse response) {
        Assertion assertion = null;
        HttpSession session = request.getSession();
        if (session != null) {
            assertion = (Assertion) session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
        }
        if (assertion == null) {
            logger.debug("CAS assertion not found in session -- authentication required.");
            final String token = request.getParameter(this.artifactParameterName);
            final String service = CommonUtils.constructServiceUrl(request, response, this.serviceUrl, this.serverName,
                    this.artifactParameterName, true);
            if (CommonUtils.isBlank(token)) {
                final String redirectUrl = CommonUtils.constructRedirectUrl(this.casServerLoginUrl,
                        this.serviceParameterName, service, false, false);
                logger.debug("Redirecting to {}", redirectUrl);
                CommonUtils.sendRedirect(response, redirectUrl);
                return null;
            }
            try {
                logger.debug("Attempting to validate {} for {}", token, service);
                assertion = this.ticketValidator.validate(token, service);
                logger.debug("CAS authentication succeeded.");
                if (session == null) {
                    session = request.getSession(true);
                }
                session.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
            } catch (final TicketValidationException e) {
                setUnauthorized(response, e.getMessage());
                return null;
            }
        }
        Principal p = realm.authenticate(assertion.getPrincipal());
        if (p == null) {
            logger.debug("{} failed to authenticate to {}", assertion.getPrincipal().getName(), realm);
            setUnauthorized(response, null);
        }
        return p;
    }
View Full Code Here

    /** {@inheritDoc} */
    public void logout(final HttpServletRequest request, final HttpServletResponse response) {
        logger.debug("Processing logout request from CAS server.");

        final Assertion assertion;
        final HttpSession httpSession = request.getSession(false);
        if (httpSession != null
                && (assertion = (Assertion) httpSession.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION)) != null) {
            httpSession.removeAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
            logger.info("Successfully logged out {}", assertion.getPrincipal());
        } else {
            logger.info("Session already ended.");
        }

        final String redirectUrl = constructRedirectUrl(request);
View Full Code Here

        if (session.getAttribute(LOGGED_IN_KEY) != null) {
            LOGGER.debug("Session found; user already logged in.");
            return (Principal) session.getAttribute(LOGGED_IN_KEY);
        }

        final Assertion assertion = (Assertion) session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);

        if (assertion != null) {
            final Principal p = getUser(assertion.getPrincipal().getName());

            LOGGER.debug("Logging in [{}] from CAS.", p.getName());

            session.setAttribute(LOGGED_IN_KEY, p);
            session.setAttribute(LOGGED_OUT_KEY, null);
View Full Code Here

    public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse,
            final FilterChain filterChain) throws IOException, ServletException {
        final HttpServletRequest request = (HttpServletRequest) servletRequest;
        final HttpSession session = request.getSession(false);
        final Assertion assertion = (Assertion) (session == null ? request
                .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : session
                .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION));

        try {
            AssertionHolder.setAssertion(assertion);
View Full Code Here

      if (null != ticket && ticket.length() > 0 ) {
        CasClientUtils casClientUtils = new CasClientUtils();
        PageURL pageUrl = this.getUrlManager().createURL(reqCtx);
        String serviceUrl = casClientUtils.getURLStringWithoutTicketParam(pageUrl, reqCtx);
        _log.info("CAS - service " + serviceUrl + ", ticket " + ticket);
        Assertion assertion;
        assertion = _ticketValidationUtil.validateTicket(serviceUrl, ticket);
        request.getSession().setAttribute(CasClientPluginSystemCostants.JPCASCLIENT_CONST_CAS_ASSERTION, assertion);
       
//        redirect to current page without ticket parameter in the url
//         to avoid involuntary submits
View Full Code Here

      return status;
    }
    try {
      HttpServletRequest req = reqCtx.getRequest();
      //Punto 1
      Assertion assertion = (Assertion) req.getSession().getAttribute(CasClientPluginSystemCostants.JPCASCLIENT_CONST_CAS_ASSERTION);
      this._log.trace(" Assertion " + assertion);
      if (null != assertion) {
        AttributePrincipal attributePrincipal = assertion.getPrincipal();
        name = attributePrincipal.getName();
        this._log.trace(" Princ " + attributePrincipal);
        this._log.trace(" Princ - Name " + attributePrincipal.getName());
      }
      this._log.trace("jpcasclient: request From User with Principal [CAS tiket validation]: " + name + " - info: AuthType " + req.getAuthType() + " " + req.getProtocol() + " " + req.getRemoteAddr() + " " + req.getRemoteHost());
View Full Code Here

  public void test_cas_auth_authFailure() throws ApsSystemException {
    RequestContext reqCtx = this.getRequestContext();
    MockHttpServletRequest request = (MockHttpServletRequest) reqCtx.getRequest();

    AttributePrincipal attributePrincipal = new AttributePrincipalImpl("admin");
    Assertion assertion = new AssertionImpl(attributePrincipal, new HashMap());
    request.setAttribute(CasClientPluginSystemCostants.JPCASCLIENT_CONST_CAS_ASSERTION, assertion);

    int status = _authenticator.service(reqCtx, ControllerManager.CONTINUE);
    assertEquals(status, ControllerManager.CONTINUE);
    UserDetails currentUser = (UserDetails) request.getSession().getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
View Full Code Here

TOP

Related Classes of org.jasig.cas.client.validation.Assertion

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.