net.unicon.cas.mfa.web.flow

Class SendTicketGrantingTicketAction

java.lang.Object

org.springframework.webflow.action.AbstractAction

net.unicon.cas.mfa.web.flow.SendTicketGrantingTicketAction

All Implemented Interfaces:

org.springframework.beans.factory.InitializingBean, org.springframework.webflow.execution.Action

public final class SendTicketGrantingTicketAction
extends org.springframework.webflow.action.AbstractAction

This is SendTicketGrantingTicketAction that mimics the default component in CAS with one key difference: it will only destroy the previous TGT issued if there is no MFA context available. If a TGT is issued as part of primary authn first without without going through MFA, that TGT will remain in the context. Subsequent requests that are MFA-aware will create new MFA-aware TGTs with their associated authentications. But, we will not be able to kill the previous TGT because that may have cached the credentials as part of the original primary authn and invalidating it will cause issues for extensions such as clearPass. The default behavior is that of CAS which assumes to caching of principal credential. Deployments that require that type of caching will need to disable destroying the primary authn TGT via setDestroyPreviousSSOSession(boolean).

Author:

Misagh Moayyed

Constructor Summary

Constructors

Constructor and Description
SendTicketGrantingTicketAction()

Method Summary

Methods

Modifier and Type	Method and Description
protected org.springframework.webflow.execution.Event	doExecute(org.springframework.webflow.execution.RequestContext context)
void	setAuthenticationSupport(net.unicon.cas.addons.authentication.AuthenticationSupport authenticationSupport)
void	setCentralAuthenticationService(org.jasig.cas.CentralAuthenticationService centralAuthenticationService)
void	setDestroyPreviousSSOSession(boolean destroyPreviousSSOSession)
void	setTicketGrantingTicketCookieGenerator(org.jasig.cas.web.support.CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator)

Methods inherited from class org.springframework.webflow.action.AbstractAction

afterPropertiesSet, doPostExecute, doPreExecute, error, error, execute, getActionNameForLogging, getEventFactorySupport, initAction, no, result, result, result, result, success, success, yes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SendTicketGrantingTicketAction

public SendTicketGrantingTicketAction()

Method Detail

doExecute

protected org.springframework.webflow.execution.Event doExecute(org.springframework.webflow.execution.RequestContext context)

Specified by:

doExecute in class org.springframework.webflow.action.AbstractAction

setTicketGrantingTicketCookieGenerator

public void setTicketGrantingTicketCookieGenerator(org.jasig.cas.web.support.CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator)

setCentralAuthenticationService

public void setCentralAuthenticationService(org.jasig.cas.CentralAuthenticationService centralAuthenticationService)

setAuthenticationSupport

public void setAuthenticationSupport(net.unicon.cas.addons.authentication.AuthenticationSupport authenticationSupport)

setDestroyPreviousSSOSession

public void setDestroyPreviousSSOSession(boolean destroyPreviousSSOSession)