public class CasAuthenticationProvider extends Object implements AuthenticationProvider, InitializingBean, MessageSourceAware
AuthenticationProvider implementation that integrates with JA-SIG Central Authentication Service
(CAS).
This AuthenticationProvider is capable of validating UsernamePasswordAuthenticationToken
requests which contain a principal name equal to either
CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER or CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER.
It can also validate a previously created CasAuthenticationToken.
| Modifier and Type | Field and Description |
|---|---|
protected MessageSourceAccessor |
messages |
| Constructor and Description |
|---|
CasAuthenticationProvider() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet() |
Authentication |
authenticate(Authentication authentication)
Performs authentication with the same contract as
AuthenticationManager.authenticate(Authentication). |
protected String |
getKey() |
StatelessTicketCache |
getStatelessTicketCache() |
protected org.jasig.cas.client.validation.TicketValidator |
getTicketValidator() |
protected UserDetails |
loadUserByAssertion(org.jasig.cas.client.validation.Assertion assertion)
Template method for retrieving the UserDetails based on the assertion.
|
void |
setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService) |
void |
setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) |
void |
setKey(String key) |
void |
setMessageSource(MessageSource messageSource) |
void |
setServiceProperties(ServiceProperties serviceProperties) |
void |
setStatelessTicketCache(StatelessTicketCache statelessTicketCache) |
void |
setTicketValidator(org.jasig.cas.client.validation.TicketValidator ticketValidator) |
void |
setUserDetailsService(UserDetailsService userDetailsService)
Deprecated.
|
boolean |
supports(Class<?> authentication)
Returns
true if this AuthenticationProvider supports the indicated
Authentication object. |
protected MessageSourceAccessor messages
public void afterPropertiesSet()
throws Exception
afterPropertiesSet in interface InitializingBeanExceptionpublic Authentication authenticate(Authentication authentication) throws AuthenticationException
AuthenticationProviderAuthenticationManager.authenticate(Authentication).authenticate in interface AuthenticationProviderauthentication - the authentication request object.null if the
AuthenticationProvider is unable to support authentication of the passed
Authentication object. In such a case, the next AuthenticationProvider that
supports the presented Authentication class will be tried.AuthenticationException - if authentication fails.protected UserDetails loadUserByAssertion(org.jasig.cas.client.validation.Assertion assertion)
assertion - The CAS Assertion.@Deprecated public void setUserDetailsService(UserDetailsService userDetailsService)
public void setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService)
public void setServiceProperties(ServiceProperties serviceProperties)
protected String getKey()
public void setKey(String key)
public StatelessTicketCache getStatelessTicketCache()
protected org.jasig.cas.client.validation.TicketValidator getTicketValidator()
public void setMessageSource(MessageSource messageSource)
setMessageSource in interface MessageSourceAwarepublic void setStatelessTicketCache(StatelessTicketCache statelessTicketCache)
public void setTicketValidator(org.jasig.cas.client.validation.TicketValidator ticketValidator)
public void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)
public boolean supports(Class<?> authentication)
AuthenticationProvidertrue if this AuthenticationProvider supports the indicated
Authentication object.
Returning true does not guarantee an AuthenticationProvider will be able to
authenticate the presented instance of the Authentication class. It simply indicates it can support
closer evaluation of it. An AuthenticationProvider can still return null from the
AuthenticationProvider.authenticate(Authentication) method to indicate another AuthenticationProvider should be
tried.
Selection of an AuthenticationProvider capable of performing authentication is
conducted at runtime the ProviderManager.
supports in interface AuthenticationProvidertrue if the implementation can more closely evaluate the Authentication class
presented