net.unicon.cas.mfa

Class MultiFactorAwareCentralAuthenticationService

java.lang.Object

net.unicon.cas.mfa.MultiFactorAwareCentralAuthenticationService

All Implemented Interfaces:

org.jasig.cas.CentralAuthenticationService

public final class MultiFactorAwareCentralAuthenticationService
extends Object
implements org.jasig.cas.CentralAuthenticationService

An extension of CentralAuthenticationService that routes CAS requests to a delegate, thereby allowing the ability to partially override behavior that is MFA specific. The current implementation is specific on the operation of creating ticket creating tickets based on the assumptions that the credentials received are of type MultiFactorCredentials and that the authentication context is verified and readily available, based on which the TGT will be added to the configured TicketRegistry. This implementation here is merely responsible for creating the ticket granting ticket and again, assumes that the authentication context has been established by all other authentication managers in the flow. The authentication context is carried within the MultiFactorCredentials instance. Assumptions: the TicketRegistry wired into this CentralAuthenticationService instance is the same as that wired into the wrapped delegate. (That way when this implementation adds tickets directly to the registry in createTGT and delegateTGT those tickets will be available to the delegate in its fulfilling such methods as grantServiceTicket.)

Author:

Misagh Moayyed

Constructor Summary

Constructors

Constructor and Description
MultiFactorAwareCentralAuthenticationService()

Method Summary

Methods

Modifier and Type	Method and Description
String	createTicketGrantingTicket(org.jasig.cas.authentication.principal.Credentials credentials)
String	delegateTicketGrantingTicket(String serviceTicketId, org.jasig.cas.authentication.principal.Credentials credentials)
void	destroyTicketGrantingTicket(String ticketGrantingTicketId)
String	grantServiceTicket(String ticketGrantingTicketId, org.jasig.cas.authentication.principal.Service service)
String	grantServiceTicket(String ticketGrantingTicketId, org.jasig.cas.authentication.principal.Service service, org.jasig.cas.authentication.principal.Credentials credentials)
void	setAuthenticationManager(org.jasig.cas.authentication.AuthenticationManager manager)
void	setAuthenticationMethodAttributeName(String authenticationMethodAttributeName) Sets authentication method attribute name.
void	setCentralAuthenticationServiceDelegate(org.jasig.cas.CentralAuthenticationService cas) Inject a delegate CAS implementation to fulfill the non-TGT-creating CAS API methods.
void	setPersistentIdGenerator(org.jasig.cas.authentication.principal.PersistentIdGenerator persistentIdGenerator)
void	setServicesManager(org.jasig.cas.services.ServicesManager servicesManager)
void	setServiceTicketRegistry(org.jasig.cas.ticket.registry.TicketRegistry serviceTicketRegistry)
void	setTicketGrantingTicketExpirationPolicy(org.jasig.cas.ticket.ExpirationPolicy ticketGrantingTicketExpirationPolicy) Inject a ticket granting ticket expiration policy.
void	setTicketGrantingTicketUniqueTicketIdGenerator(org.jasig.cas.util.UniqueTicketIdGenerator uniqueTicketIdGenerator) Inject a TGT unique ID generator.
void	setTicketRegistry(org.jasig.cas.ticket.registry.TicketRegistry ticketRegistry) Method to set the TicketRegistry.
org.jasig.cas.validation.Assertion	validateServiceTicket(String serviceTicketId, org.jasig.cas.authentication.principal.Service service)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

MultiFactorAwareCentralAuthenticationService

public MultiFactorAwareCentralAuthenticationService()

Method Detail

createTicketGrantingTicket

public String createTicketGrantingTicket(org.jasig.cas.authentication.principal.Credentials credentials)
                                  throws org.jasig.cas.ticket.TicketException

Specified by:

createTicketGrantingTicket in interface org.jasig.cas.CentralAuthenticationService

Throws:

org.jasig.cas.ticket.TicketException

grantServiceTicket

public String grantServiceTicket(String ticketGrantingTicketId,
                        org.jasig.cas.authentication.principal.Service service)
                          throws org.jasig.cas.ticket.TicketException

Specified by:

grantServiceTicket in interface org.jasig.cas.CentralAuthenticationService

Throws:

org.jasig.cas.ticket.TicketException

grantServiceTicket

public String grantServiceTicket(String ticketGrantingTicketId,
                        org.jasig.cas.authentication.principal.Service service,
                        org.jasig.cas.authentication.principal.Credentials credentials)
                          throws org.jasig.cas.ticket.TicketException

Specified by:

grantServiceTicket in interface org.jasig.cas.CentralAuthenticationService

Throws:

org.jasig.cas.ticket.TicketException

validateServiceTicket

public org.jasig.cas.validation.Assertion validateServiceTicket(String serviceTicketId,
                                                       org.jasig.cas.authentication.principal.Service service)
                                                         throws org.jasig.cas.ticket.TicketException

Specified by:

validateServiceTicket in interface org.jasig.cas.CentralAuthenticationService

Throws:

org.jasig.cas.ticket.TicketException

destroyTicketGrantingTicket

public void destroyTicketGrantingTicket(String ticketGrantingTicketId)

Specified by:

destroyTicketGrantingTicket in interface org.jasig.cas.CentralAuthenticationService

delegateTicketGrantingTicket

public String delegateTicketGrantingTicket(String serviceTicketId,
                                  org.jasig.cas.authentication.principal.Credentials credentials)
                                    throws org.jasig.cas.ticket.TicketException

Specified by:

delegateTicketGrantingTicket in interface org.jasig.cas.CentralAuthenticationService

Throws:

org.jasig.cas.ticket.TicketException

setAuthenticationManager

public void setAuthenticationManager(org.jasig.cas.authentication.AuthenticationManager manager)

setTicketRegistry

public void setTicketRegistry(org.jasig.cas.ticket.registry.TicketRegistry ticketRegistry)

Method to set the TicketRegistry.

Parameters:

ticketRegistry - the TicketRegistry to set.

setServiceTicketRegistry

public void setServiceTicketRegistry(org.jasig.cas.ticket.registry.TicketRegistry serviceTicketRegistry)

setTicketGrantingTicketExpirationPolicy

public void setTicketGrantingTicketExpirationPolicy(org.jasig.cas.ticket.ExpirationPolicy ticketGrantingTicketExpirationPolicy)

Inject a ticket granting ticket expiration policy.

Parameters:

ticketGrantingTicketExpirationPolicy - the non-null policy on TGT expiration.

setServicesManager

public void setServicesManager(org.jasig.cas.services.ServicesManager servicesManager)

setTicketGrantingTicketUniqueTicketIdGenerator

public void setTicketGrantingTicketUniqueTicketIdGenerator(org.jasig.cas.util.UniqueTicketIdGenerator uniqueTicketIdGenerator)

Inject a TGT unique ID generator.

Parameters:

uniqueTicketIdGenerator - the non-null TGT unique ID generator.

setCentralAuthenticationServiceDelegate

public void setCentralAuthenticationServiceDelegate(org.jasig.cas.CentralAuthenticationService cas)

Inject a delegate CAS implementation to fulfill the non-TGT-creating CAS API methods. The delegate CAS instance should share a TicketRegistry with this CAS instance otherwise this CAS will be granting TGTs that will not be honored by the delegate.

Parameters:

cas - the non-null delegate CAS

setAuthenticationMethodAttributeName

public void setAuthenticationMethodAttributeName(String authenticationMethodAttributeName)

Sets authentication method attribute name.

Parameters:

authenticationMethodAttributeName - the authentication method attribute name

setPersistentIdGenerator

public void setPersistentIdGenerator(org.jasig.cas.authentication.principal.PersistentIdGenerator persistentIdGenerator)