本文整理汇总了Java中org.jasig.cas.client.validation.Assertion类的典型用法代码示例。如果您正苦于以下问题:Java Assertion类的具体用法?Java Assertion怎么用?Java Assertion使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Assertion类属于org.jasig.cas.client.validation包,在下文中一共展示了Assertion类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: buildSamlResponse
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Build saml response.
*
* @param response the response
* @param request the request
* @param authenticationContext the authentication context
* @param casAssertion the cas assertion
* @param binding the binding
*/
protected void buildSamlResponse(final HttpServletResponse response,
final HttpServletRequest request,
final Pair<AuthnRequest, MessageContext> authenticationContext,
final Assertion casAssertion,
final String binding) {
final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authenticationContext.getKey());
LOGGER.debug("Located issuer [{}] from authentication context", issuer);
final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);
LOGGER.debug("Located SAML metadata for [{}]", registeredService);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
getSamlMetadataFacadeFor(registeredService, authenticationContext.getKey());
if (!adaptor.isPresent()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
LOGGER.debug("Preparing SAML response for [{}]", adaptor.get().getEntityId());
final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
final AuthnRequest authnRequest = authenticationContext.getKey();
this.responseBuilder.build(authnRequest, request, response,
casAssertion, registeredService, facade, binding);
LOGGER.info("Built the SAML response for [{}]", facade.getEntityId());
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:34,代码来源:AbstractSamlProfileHandlerController.java
示例2: handleFederationRequest
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Handle federation request.
*
* @param response the response
* @param request the request
* @return the model and view
* @throws Exception the exception
*/
@GetMapping(path = WSFederationConstants.ENDPOINT_FEDERATION_REQUEST_CALLBACK)
protected ModelAndView handleFederationRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
final WSFederationRequest fedRequest = WSFederationRequest.of(request);
LOGGER.debug("Received callback profile request [{}]", request.getRequestURI());
final WSFederationRegisteredService service = findAndValidateFederationRequestForRegisteredService(response, request, fedRequest);
LOGGER.debug("Located matching service [{}]", service);
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
return new ModelAndView(CasWebflowConstants.VIEW_ID_ERROR, new HashMap<>(), HttpStatus.FORBIDDEN);
}
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, fedRequest);
SecurityToken securityToken = getSecurityTokenFromRequest(request);
if (securityToken == null) {
LOGGER.debug("No security token is yet available. Invoking security token service to issue token");
securityToken = validateSecurityTokenInAssertion(assertion, request, response);
}
addSecurityTokenTicketToRegistry(request, securityToken);
final String rpToken = produceRelyingPartyToken(response, request, fedRequest, securityToken, assertion);
return postResponseBackToRelyingParty(rpToken, fedRequest);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:32,代码来源:WSFederationValidateRequestCallbackController.java
示例3: handleCallbackProfileRequest
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Handle callback profile request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
if (authnRequest == null) {
LOGGER.error("Can not validate the request because the original Authn request can not be found.");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
buildSamlResponse(response, request, authenticationContext, assertion, SAMLConstants.SAML2_POST_BINDING_URI);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:30,代码来源:SSOPostProfileCallbackHandlerController.java
示例4: validateRequestAndBuildCasAssertion
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
final HttpServletRequest request,
final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);
final HttpsURLConnectionFactory factory = new HttpsURLConnectionFactory();
factory.setHostnameVerifier(this.hostnameVerifier);
validator.setURLConnectionFactory(factory);
validator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = validator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:19,代码来源:SSOPostProfileCallbackHandlerController.java
示例5: finalizeNameId
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Finalize name id name id.
*
* @param nameid the nameid
* @param authnRequest the authn request
* @param assertion the assertion
* @param supportedNameFormats the supported name formats
* @param service the service
* @param adaptor the adaptor
* @return the name id
*/
protected NameID finalizeNameId(final NameID nameid,
final AuthnRequest authnRequest,
final Assertion assertion,
final List<String> supportedNameFormats,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
if (StringUtils.isNotBlank(service.getNameIdQualifier())) {
nameid.setNameQualifier(service.getNameIdQualifier());
}
if (StringUtils.isNotBlank(service.getServiceProviderNameIdQualifier())) {
nameid.setNameQualifier(service.getServiceProviderNameIdQualifier());
}
return nameid;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:SamlProfileSamlNameIdBuilder.java
示例6: encodeNameIdBasedOnNameFormat
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Encode name id based on name format name id.
*
* @param authnRequest the authn request
* @param assertion the assertion
* @param nameFormat the name format
* @param service the service
* @param adaptor the adaptor
* @return the name id
*/
protected NameID encodeNameIdBasedOnNameFormat(final AuthnRequest authnRequest,
final Assertion assertion,
final String nameFormat,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
try {
final IdPAttribute attribute = prepareNameIdAttribute(assertion);
final SAML2StringNameIDEncoder encoder = prepareNameIdEncoder(authnRequest, nameFormat, attribute, service, adaptor);
LOGGER.debug("Encoding NameID based on [{}]", nameFormat);
final NameID nameid = encoder.encode(attribute);
LOGGER.debug("Final NameID encoded with format [{}] has value [{}]", nameid.getFormat(), nameid.getValue());
return nameid;
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:SamlProfileSamlNameIdBuilder.java
示例7: buildAttributeStatement
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private AttributeStatement buildAttributeStatement(final Assertion assertion,
final AuthnRequest authnRequest,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
final Map<String, Object> attributes = new HashMap<>(assertion.getAttributes());
attributes.putAll(assertion.getPrincipal().getAttributes());
final Map<String, Object> encodedAttrs = this.samlAttributeEncoder.encodeAttributes(attributes, service);
final SamlIdPProperties.Response resp = casProperties.getAuthn().getSamlIdp().getResponse();
final Map<String, String> nameFormats = new HashMap<>(resp.configureAttributeNameFormats());
nameFormats.putAll(service.getAttributeNameFormats());
return newAttributeStatement(encodedAttrs,
resp.isUseAttributeFriendlyName(),
nameFormats);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:17,代码来源:SamlProfileSamlAttributeStatementBuilder.java
示例8: buildAuthnStatement
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Creates an authentication statement for the current request.
*
* @param assertion the assertion
* @param authnRequest the authn request
* @param adaptor the adaptor
* @param service the service
* @return constructed authentication statement
* @throws SamlException the saml exception
*/
private AuthnStatement buildAuthnStatement(final Assertion assertion, final AuthnRequest authnRequest,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final SamlRegisteredService service) throws SamlException {
final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
if (assertion.getValidUntilDate() != null) {
final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
statement.setSessionNotOnOrAfter(
DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
}
statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor));
return statement;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:SamlProfileSamlAuthNStatementBuilder.java
示例9: buildSubject
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private Subject buildSubject(final HttpServletRequest request,
final HttpServletResponse response,
final AuthnRequest authnRequest,
final Assertion assertion,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final String binding) throws SamlException {
final NameID nameID = this.ssoPostProfileSamlNameIdBuilder.build(authnRequest, request, response,
assertion, service, adaptor, binding);
final ZonedDateTime validFromDate = ZonedDateTime.ofInstant(assertion.getValidFromDate().toInstant(), ZoneOffset.UTC);
final AssertionConsumerService acs = adaptor.getAssertionConsumerService(binding);
if (acs == null) {
throw new IllegalArgumentException("Failed to locate the assertion consumer service url");
}
final String location = StringUtils.isBlank(acs.getResponseLocation()) ? acs.getLocation() : acs.getResponseLocation();
final Subject subject = newSubject(nameID.getFormat(), nameID.getValue(),
location, validFromDate.plusSeconds(this.skewAllowance), authnRequest.getID());
subject.setNameID(nameID);
return subject;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:23,代码来源:SamlProfileSamlSubjectBuilder.java
示例10: build
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
@Override
public String build(final Assertion assertion, final AuthnRequest authnRequest,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final SamlRegisteredService service) {
final RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
if (requestedAuthnContext == null) {
LOGGER.debug("No specific authN context is requested. Returning [{}]", AuthnContext.UNSPECIFIED_AUTHN_CTX);
return AuthnContext.UNSPECIFIED_AUTHN_CTX;
}
final List<AuthnContextClassRef> authnContextClassRefs = requestedAuthnContext.getAuthnContextClassRefs();
if (authnContextClassRefs == null || authnContextClassRefs.isEmpty()) {
LOGGER.debug("Requested authN context class ref is unspecified. Returning [{}]", AuthnContext.UNSPECIFIED_AUTHN_CTX);
return AuthnContext.UNSPECIFIED_AUTHN_CTX;
}
LOGGER.debug("AuthN Context comparison is requested to use [{}]", requestedAuthnContext.getComparison());
authnContextClassRefs.forEach(authnContextClassRef -> LOGGER.debug("Requested AuthN Context [{}]", authnContextClassRef.getAuthnContextClassRef()));
if (StringUtils.isNotBlank(service.getRequiredAuthenticationContextClass())) {
LOGGER.debug("Using [{}] as indicated by SAML registered service [{}]",
service.getRequiredAuthenticationContextClass(),
service.getName());
return service.getRequiredAuthenticationContextClass();
}
LOGGER.debug("Returning default AuthN Context [{}]", AuthnContext.PPT_AUTHN_CTX);
return AuthnContext.PPT_AUTHN_CTX;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:DefaultAuthnContextClassRefBuilder.java
示例11: loadUserDetails
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
protected UserDetails loadUserDetails(Assertion assertion) {
String username = assertion.getPrincipal().getName();
if (!StringUtils.hasText(username)) {
throw new UsernameNotFoundException("Unable to retrieve username from CAS assertion");
}
List<GrantedAuthority> authorities = Arrays
.stream(attributes)
.map(a -> assertion.getPrincipal().getAttributes().get(a))
.filter(Objects::nonNull)
.flatMap(v -> (v instanceof Collection) ? ((Collection<?>) v).stream() : Stream.of(v))
.map(v -> toUppercase ? v.toString().toUpperCase() : v.toString())
.map(r -> r.replaceFirst("^ROLE_", ""))
.map(r -> new SimpleGrantedAuthority("ROLE_" + r))
.collect(Collectors.toList());
authorities.addAll(defaultGrantedAuthorities);
return new User(username, NON_EXISTENT_PASSWORD_VALUE, authorities);
}
开发者ID:kakawait,项目名称:cas-security-spring-boot-starter,代码行数:21,代码来源:GrantedAuthoritiesFromAssertionAttributesWithDefaultRolesUserDetailsService.java
示例12: getAttributePrincipalName
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Gets the attribute principal name.
*
* @param assertion the assertion
*
* @return the attribute principal name
*/
public static String getAttributePrincipalName(Assertion assertion) {
AttributePrincipal attributePrincipal = AssertionUtils.getAttributePrincipal(assertion);
String name = "";
if (attributePrincipal != null) {
name = attributePrincipal.getName();
}
return name;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:19,代码来源:AssertionUtils.java
示例13: addCASTicket
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Adds the cas ticket.
*
* @param targetService the target service
* @param username the username
* @param password the password
* @param casRestUrlSuffix the cas rest url suffix
*
* @return the string
* @throws IOException
*
* @throws MotuException the motu exception
* @throws IOException Signals that an I/O exception has occurred.
* @throws MotuCasBadRequestException
*/
public static String addCASTicket(String targetService, String username, String password, String casRestUrlSuffix, boolean useAssertion)
throws IOException, MotuCasBadRequestException {
LOG.debug("addCASTicket(String, String, String, String) - entering: (" + username + ") " + targetService);
String returnString = targetService;
String casRestUrlSuffixToUse = casRestUrlSuffix;
Assertion assertion = null;
if (useAssertion) {
assertion = AssertionHolder.getAssertion();
}
if (assertion != null) {
returnString = AssertionUtils.addCASTicket(assertion, targetService);
} else if (!AssertionUtils.isNullOrEmpty(username)) {
if (AssertionUtils.isNullOrEmpty(casRestUrlSuffixToUse)) {
casRestUrlSuffixToUse = RestUtil.CAS_REST_URL_SUFFIX;
}
returnString = AssertionUtils.addCASTicketFromTGT(casRestUrlSuffixToUse, username, password, targetService);
}
LOG.debug("addCASTicket(String, String, String, String) - exiting: (" + username + ") " + targetService);
return returnString;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:40,代码来源:AssertionUtils.java
示例14: getAttributePrincipal
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* Gets the attribute principal.
*
* @param assertion the assertion
*
* @return the attribute principal
*/
public static AttributePrincipal getAttributePrincipal(Assertion assertion) {
if (LOG.isDebugEnabled()) {
LOG.debug("getAttributePrincipal(Assertion) - entering");
}
if (assertion == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("getAttributePrincipal(Assertion) - exiting");
}
return null;
}
AttributePrincipal returnAttributePrincipal = assertion.getPrincipal();
if (LOG.isDebugEnabled()) {
LOG.debug("getAttributePrincipal(Assertion) - exiting");
}
return returnAttributePrincipal;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:26,代码来源:AssertionUtils.java
示例15: validateTicket
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
public final static Assertion validateTicket(String ticket, String legacyServerServiceUrl) {
// AttributePrincipal principal = null;
String casServerUrl = casServerUrlPrefix;
Cas20ProxyTicketValidator pv = new Cas20ProxyTicketValidator(casServerUrl);
// pv.setAcceptAnyProxy(true);
// pv.setProxyCallbackUrl("https://atoll-dev.cls.fr:8443/mywebapp/proxyCallback");
// pv.setProxyGrantingTicketStorage(new ProxyGrantingTicketStorageImpl());
// pv.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix));
pv.setRenew(false);
Assertion assertion = null;
try {
// there is no need, that the legacy application is accessible
// through this URL. But for validation purpose, even a non-web-app
// needs a valid looking URL as identifier.
// String legacyServerServiceUrl = "http://otherserver/legacy/service";
assertion = pv.validate(ticket, legacyServerServiceUrl);
// principal = a.getPrincipal();
// System.out.println("user name:" + principal.getName());
} catch (TicketValidationException e) {
e.printStackTrace(); // bad style, but only for demonstration purpose.
}
return assertion;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:26,代码来源:TestCASRest.java
示例16: validateCasTicket
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private void validateCasTicket(final HttpServletRequest request, final HttpServletResponse response, final String ticket,
final String authenticationKey, final boolean force) throws ExternalAuthenticationException, IOException {
try {
ticketValidator.setRenew(force);
String serviceUrl = constructServiceUrl(request, response, true);
logger.debug("validating ticket: {} with service url: {}", ticket, serviceUrl);
Assertion assertion = ticketValidator.validate(ticket, serviceUrl);
if (assertion == null) {
throw new TicketValidationException("Validation failed. Assertion could not be retrieved for ticket " + ticket);
}
for (CasToShibTranslator casToShibTranslator : translators) {
casToShibTranslator.doTranslation(request, response, assertion);
}
ExternalAuthentication.finishExternalAuthentication(authenticationKey, request, response);
} catch (final TicketValidationException e) {
logger.error("Ticket validation failed, returning InvalidTicket", e);
request.setAttribute(ExternalAuthentication.AUTHENTICATION_ERROR_KEY, "InvalidTicket");
ExternalAuthentication.finishExternalAuthentication(authenticationKey, request, response);
}
}
开发者ID:Unicon,项目名称:shib-cas-authn3,代码行数:22,代码来源:ShibcasAuthServlet.java
示例17: loadUserDetails
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
@Override
protected UserDetails loadUserDetails(Assertion assertion) {
final List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
final Object value = assertion.getPrincipal().getAttributes().get(attribute);
if (value != null) {
if (value instanceof List) {
final List list = (List) value;
for (final Object o : list) {
convertObjectAndAddGrantedAuthorityToList(o, grantedAuthorities);
}
} else {
convertObjectAndAddGrantedAuthorityToList(value, grantedAuthorities);
}
}
return new User(assertion.getPrincipal().getName(), NON_EXISTENT_PASSWORD_VALUE, true, true, true, true, grantedAuthorities);
}
开发者ID:acu-dev,项目名称:spring-security-cas-memberOf-roles,代码行数:21,代码来源:GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsService.java
示例18: correctlyExtractsNamedAttributeFromAssertionAndConvertsThemToAuthorities
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
@Test
public void correctlyExtractsNamedAttributeFromAssertionAndConvertsThemToAuthorities() {
GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsService uds
= new GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsService();
uds.setConvertToUpperCase(false);
uds.setConvertSpacesToUnderscores(false);
uds.setAttribute("a");
uds.setRolePrefix("");
Assertion assertion = mock(Assertion.class);
AttributePrincipal principal = mock(AttributePrincipal.class);
Map<String, Object> attributes = new HashMap<>();
attributes.put("a", Arrays.asList("CN=role_a1,OU=roles,DC=spring,DC=io", "CN=role_a2,OU=roles,DC=spring,DC=io"));
attributes.put("b", "b");
attributes.put("c", "c");
attributes.put("d", null);
attributes.put("someother", "unused");
when(assertion.getPrincipal()).thenReturn(principal);
when(principal.getAttributes()).thenReturn(attributes);
when(principal.getName()).thenReturn("somebody");
CasAssertionAuthenticationToken token = new CasAssertionAuthenticationToken(assertion, "ticket");
UserDetails user = uds.loadUserDetails(token);
Set<String> roles = AuthorityUtils.authorityListToSet(user.getAuthorities());
assertTrue(roles.size() == 2);
assertTrue(roles.contains("role_a1"));
assertTrue(roles.contains("role_a2"));
}
开发者ID:acu-dev,项目名称:spring-security-cas-memberOf-roles,代码行数:27,代码来源:GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsServiceTest.java
示例19: correctlyExtractsDefaultNamedAttributeFromAssertionAndConvertsThemToAuthorities
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
@Test
public void correctlyExtractsDefaultNamedAttributeFromAssertionAndConvertsThemToAuthorities() {
GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsService uds
= new GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsService();
Assertion assertion = mock(Assertion.class);
AttributePrincipal principal = mock(AttributePrincipal.class);
Map<String, Object> attributes = new HashMap<>();
attributes.put("memberOf", Arrays.asList("CN=a1,ou=other,OU=roles,DC=spring,DC=io", "CN=a2,OU=roles,dc=spring,DC=io", null));
attributes.put("someother", "unused");
when(assertion.getPrincipal()).thenReturn(principal);
when(principal.getAttributes()).thenReturn(attributes);
when(principal.getName()).thenReturn("somebody");
CasAssertionAuthenticationToken token = new CasAssertionAuthenticationToken(assertion, "ticket");
UserDetails user = uds.loadUserDetails(token);
Set<String> roles = AuthorityUtils.authorityListToSet(user.getAuthorities());
assertTrue(roles.size() == 2);
assertTrue(roles.contains("ROLE_A1"));
assertTrue(roles.contains("ROLE_A2"));
}
开发者ID:acu-dev,项目名称:spring-security-cas-memberOf-roles,代码行数:20,代码来源:GrantedAuthorityFromMemberOfAssertionAttributeUserDetailsServiceTest.java
示例20: doGet
import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
* @TODO: We have the opportunity to give back more to Shib than just the PRINCIPAL_NAME_KEY. Identify additional information
* we can return as well as the best way to know when to do this.
* @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
protected void doGet(final HttpServletRequest request, final HttpServletResponse response) throws ServletException,
IOException {
String ticket = CommonUtils.safeGetParameter(request, artifactParameterName);
Object authnType = request.getSession().getAttribute(AUTHN_TYPE);
Assertion assertion = null;
try {
ticketValidator.setRenew(null != authnType && authnType.toString().contains("&renew=true"));
assertion = ticketValidator.validate(ticket, constructServiceUrl(request, response));
} catch (final TicketValidationException e) {
logger.error("Unable to validate login attempt.", e);
boolean wasPassiveAttempt = null != authnType && authnType.toString().contains("&gateway=true");
// If it was a passive attempt, send back the indicator that the responding provider cannot authenticate
// the principal passively, as has been requested. Otherwise, send the generic authn failed code.
request.setAttribute(LoginHandler.AUTHENTICATION_ERROR_KEY, wasPassiveAttempt ? StatusCode.NO_PASSIVE_URI
: StatusCode.AUTHN_FAILED_URI);
AuthenticationEngine.returnToAuthenticationEngine(request, response);
return;
}
for (CasToShibTranslator casToShibTranslator : translators) {
casToShibTranslator.doTranslation(request, response, assertion);
}
AuthenticationEngine.returnToAuthenticationEngine(request, response);
}
开发者ID:Unicon,项目名称:shib-cas-authn2,代码行数:30,代码来源:CasCallbackServlet.java
注:本文中的org.jasig.cas.client.validation.Assertion类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论