net.unicon.cas.mfa.web

Class MultiFactorServiceValidateController

java.lang.Object

org.springframework.context.support.ApplicationObjectSupport

org.springframework.web.context.support.WebApplicationObjectSupport

org.springframework.web.servlet.support.WebContentGenerator

org.springframework.web.servlet.mvc.AbstractController

org.jasig.cas.web.DelegateController

net.unicon.cas.mfa.web.MultiFactorServiceValidateController

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, org.springframework.web.context.ServletContextAware, org.springframework.web.servlet.mvc.Controller

public class MultiFactorServiceValidateController
extends org.jasig.cas.web.DelegateController

Process the /validate and /serviceValidate URL requests.

Obtain the Service Ticket and Service information and present them to the CAS validation services. Receive back an Assertion containing the user Principal and (possibly) a chain of Proxy Principals. Store the Assertion in the Model and chain to a View to generate the appropriate response (CAS 1, CAS 2 XML, SAML, ...).

This implementation differs from the default, in that the validation of the incoming request is handled by an instance of AbstractMultiFactorAuthenticationProtocolValidationSpecification. Validation errors are signaled back to this controller via exceptions, the result of which are passed down to the error view.

This extension, additionally, will also attempt to map the validation parameter MultiFactorAuthenticationSupportingWebApplicationService.CONST_PARAM_AUTHN_METHOD in order to activate validation of mfa requests. Otherwise, it's compliant with the default implementation.

Since:

3.0

Author:

Scott Battaglia, Misagh Moayyed

Field Summary

Fields inherited from class org.springframework.web.servlet.support.WebContentGenerator

METHOD_GET, METHOD_HEAD, METHOD_POST

Constructor Summary

Constructors

Constructor and Description
MultiFactorServiceValidateController()

Method Summary

Methods

Modifier and Type	Method and Description
boolean	canHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected org.jasig.cas.authentication.principal.Credentials	getServiceCredentialsFromRequest(javax.servlet.http.HttpServletRequest request) Overrideable method to determine which credentials to use to grant a proxy granting ticket.
protected org.springframework.web.servlet.ModelAndView	handleRequestInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Handle the request.
protected void	initBinder(javax.servlet.http.HttpServletRequest request, org.springframework.web.bind.ServletRequestDataBinder binder) Initialize the binder with the required fields.
protected void	onSuccessfulValidation(String serviceTicketId, org.jasig.cas.validation.Assertion assertion) Template method to handle post successful validation event by extensions.
void	setArgumentExtractor(org.jasig.cas.web.support.ArgumentExtractor argumentExtractor)
void	setCentralAuthenticationService(org.jasig.cas.CentralAuthenticationService centralAuthenticationService)
void	setFailureView(String failureView)
void	setProxyHandler(org.jasig.cas.ticket.proxy.ProxyHandler proxyHandler)
void	setSuccessView(String successView)
void	setValidationSpecificationClass(Class<AbstractMultiFactorAuthenticationProtocolValidationSpecification> validationSpecificationClass)

Methods inherited from class org.springframework.web.servlet.mvc.AbstractController

handleRequest, isSynchronizeOnSession, setSynchronizeOnSession

Methods inherited from class org.springframework.web.servlet.support.WebContentGenerator

applyCacheSeconds, applyCacheSeconds, cacheForSeconds, cacheForSeconds, checkAndPrepare, checkAndPrepare, getCacheSeconds, getSupportedMethods, isAlwaysMustRevalidate, isRequireSession, isUseCacheControlHeader, isUseCacheControlNoStore, isUseExpiresHeader, preventCaching, setAlwaysMustRevalidate, setCacheSeconds, setRequireSession, setSupportedMethods, setUseCacheControlHeader, setUseCacheControlNoStore, setUseExpiresHeader

Methods inherited from class org.springframework.web.context.support.WebApplicationObjectSupport

getServletContext, getTempDir, getWebApplicationContext, initApplicationContext, initServletContext, isContextRequired, setServletContext

Methods inherited from class org.springframework.context.support.ApplicationObjectSupport

getApplicationContext, getMessageSourceAccessor, initApplicationContext, requiredContextClass, setApplicationContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

MultiFactorServiceValidateController

public MultiFactorServiceValidateController()

Method Detail

getServiceCredentialsFromRequest

protected org.jasig.cas.authentication.principal.Credentials getServiceCredentialsFromRequest(javax.servlet.http.HttpServletRequest request)

Overrideable method to determine which credentials to use to grant a proxy granting ticket. Default is to use the pgtUrl.

Parameters:

request - the HttpServletRequest object.

Returns:

the credentials or null if there was an error or no credentials provided.

initBinder

protected final void initBinder(javax.servlet.http.HttpServletRequest request,
              org.springframework.web.bind.ServletRequestDataBinder binder)

Initialize the binder with the required fields.

Parameters:

request - the request object

binder - the binder instance

handleRequestInternal

protected final org.springframework.web.servlet.ModelAndView handleRequestInternal(javax.servlet.http.HttpServletRequest request,
                                                                 javax.servlet.http.HttpServletResponse response)
                                                                            throws Exception

Handle the request. Specially, abides by the default behavior specified in the ServiceValidateController and then, invokes the getCommandClass() method to delegate the task of spec validation.

Specified by:

handleRequestInternal in class org.springframework.web.servlet.mvc.AbstractController

Parameters:

request - request object

response - response object

Returns:

A ModelAndView object pointing to either setSuccessView(String) or setFailureView(String)

Throws:

Exception - In case the authentication method cannot be retrieved by the binder from the incoming request.

onSuccessfulValidation

protected void onSuccessfulValidation(String serviceTicketId,
                          org.jasig.cas.validation.Assertion assertion)

Template method to handle post successful validation event by extensions.

Parameters:

serviceTicketId - service ticket in validation

assertion - the assertion generated after validation

canHandle

public final boolean canHandle(javax.servlet.http.HttpServletRequest request,
                javax.servlet.http.HttpServletResponse response)

Specified by:

canHandle in class org.jasig.cas.web.DelegateController

setCentralAuthenticationService

public final void setCentralAuthenticationService(org.jasig.cas.CentralAuthenticationService centralAuthenticationService)

Parameters:

centralAuthenticationService - The centralAuthenticationService to set.

setArgumentExtractor

public final void setArgumentExtractor(org.jasig.cas.web.support.ArgumentExtractor argumentExtractor)

setValidationSpecificationClass

public final void setValidationSpecificationClass(Class<AbstractMultiFactorAuthenticationProtocolValidationSpecification> validationSpecificationClass)

Parameters:

validationSpecificationClass - The authenticationSpecificationClass to set.

setFailureView

public final void setFailureView(String failureView)

Parameters:

failureView - The failureView to set.

setSuccessView

public final void setSuccessView(String successView)

Parameters:

successView - The successView to set.

setProxyHandler

public final void setProxyHandler(org.jasig.cas.ticket.proxy.ProxyHandler proxyHandler)

Parameters:

proxyHandler - The proxyHandler to set.