Class CASCredentialProvider
java.lang.Object
org.ametys.runtime.plugin.component.AbstractLogEnabled
org.ametys.core.authentication.AbstractCredentialProvider
org.ametys.plugins.extrausermgt.authentication.cas.CASCredentialProvider
- All Implemented Interfaces:
BlockingCredentialProvider,CredentialProvider,NonBlockingCredentialProvider,LogEnabled,Component,Contextualizable
public class CASCredentialProvider
extends AbstractCredentialProvider
implements NonBlockingCredentialProvider, BlockingCredentialProvider, Contextualizable
This manager gets the credentials given by an authentication CAS filter.
The filter must set the 'remote user' header into the request.
This manager can not get the password of the connected user: the user is already authenticated. This manager should not be associated with a
The filter must set the 'remote user' header into the request.
This manager can not get the password of the connected user: the user is already authenticated. This manager should not be associated with a
UsersManagerAuthentication-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected StringGet the connected user login from the request or session.blockingGetUserIdentity(Redirector redirector) Method called by AuthenticateAction each time a request need authentication.booleanMethod called by AuthenticateAction before asking for credentials.booleanblockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) Validates that the user specify is still connectedvoidblockingUserAllowed(UserIdentity userIdentity, Redirector redirector) Method called by AuthenticateAction after authentication process succeededvoidblockingUserNotAllowed(Redirector redirector) Method called by AuthenticateAction each a user could not get authenticated.voidcontextualize(Context context) voidInitialize the credential provider with given parameters' values.nonBlockingGetUserIdentity(Redirector redirector) Method called by AuthenticateAction each time a request need authentication.booleanMethod called by AuthenticateAction before asking for credentials.booleannonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) Validates that the user specify is still connectedvoidnonBlockingUserAllowed(UserIdentity userIdentity, Redirector redirector) Method called by AuthenticateAction after authentication process succeededvoidnonBlockingUserNotAllowed(Redirector redirector) Method called by AuthenticateAction each a user could not get authenticated.booleanDoes this blocking credential provider requires a new window to process.Methods inherited from class org.ametys.core.authentication.AbstractCredentialProvider
equals, getCredentialProviderModelId, getId, getLabel, getParameterValues, hashCodeMethods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled
getLogger, setLoggerMethods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.ametys.core.authentication.CredentialProvider
getCredentialProviderModelId, getId, getLabel, getParameterValues, getUserIdentity, grantAnonymousRequest, isStillConnected, userAllowed, userNotAllowed
-
Field Details
-
PARAM_SERVER_URL
Parameter name for server url- See Also:
-
_serverUrl
Cas server URL with context (https://cas-server ou https://cas-server/cas)
-
-
Constructor Details
-
CASCredentialProvider
public CASCredentialProvider()
-
-
Method Details
-
contextualize
- Specified by:
contextualizein interfaceContextualizable- Throws:
ContextException
-
init
public void init(String id, String cpModelId, Map<String, Object> paramValues, String label) throws ExceptionDescription copied from interface:CredentialProviderInitialize the credential provider with given parameters' values.- Specified by:
initin interfaceCredentialProvider- Overrides:
initin classAbstractCredentialProvider- Parameters:
id- The unique identifiercpModelId- The id of credential provider extension pointparamValues- The parameters' valueslabel- The specific label of this instance. Can be null- Throws:
Exception- If an error occurred
-
blockingIsStillConnected
public boolean blockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) throws Exception Description copied from interface:BlockingCredentialProviderValidates that the user specify is still connected- Specified by:
blockingIsStillConnectedin interfaceBlockingCredentialProvider- Parameters:
userIdentity- the user previously correctly identified with this credential providerredirector- The cocoon redirector- Returns:
- true if this CredentialProvider was in a valid state, false to restart authentication process
- Throws:
Exception- If an error occurred
-
nonBlockingIsStillConnected
public boolean nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) throws Exception Description copied from interface:NonBlockingCredentialProviderValidates that the user specify is still connected- Specified by:
nonBlockingIsStillConnectedin interfaceNonBlockingCredentialProvider- Parameters:
userIdentity- the user previously correctly identified with this credential providerredirector- The cocoon redirector- Returns:
- true if this CredentialProvider was in a valid state, false to restart authentication process
- Throws:
Exception- If an error occurred
-
blockingGrantAnonymousRequest
Description copied from interface:BlockingCredentialProviderMethod called by AuthenticateAction before asking for credentials. This method is used to bypass authentication. If this method returns true, no authentication will be required. Use it with care, as it may lead to obvious security issues.- Specified by:
blockingGrantAnonymousRequestin interfaceBlockingCredentialProvider- Returns:
- true if the Request is not authenticated
-
nonBlockingGrantAnonymousRequest
Description copied from interface:NonBlockingCredentialProviderMethod called by AuthenticateAction before asking for credentials. This method is used to bypass authentication. If this method returns true, no authentication will be require. Use it with care, as it may lead to obvious security issues.- Specified by:
nonBlockingGrantAnonymousRequestin interfaceNonBlockingCredentialProvider- Returns:
- true if the Request is not authenticated
-
blockingGetUserIdentity
Description copied from interface:BlockingCredentialProviderMethod called by AuthenticateAction each time a request need authentication.- Specified by:
blockingGetUserIdentityin interfaceBlockingCredentialProvider- Parameters:
redirector- the cocoon redirector.- Returns:
- the
UserIdentitycorresponding to the user (with or without population specified), or null if user could not get authenticated. - Throws:
Exception- if something wrong occurs
-
nonBlockingGetUserIdentity
Description copied from interface:NonBlockingCredentialProviderMethod called by AuthenticateAction each time a request need authentication.- Specified by:
nonBlockingGetUserIdentityin interfaceNonBlockingCredentialProvider- Parameters:
redirector- the cocoon redirector.- Returns:
- the
UserIdentitycorresponding to the user (with or without population specified), or null if user could not get authenticated. - Throws:
Exception- if something wrong occurs
-
blockingUserNotAllowed
Description copied from interface:BlockingCredentialProviderMethod called by AuthenticateAction each a user could not get authenticated. This method implementation is responsible of redirecting response to appropriate url.- Specified by:
blockingUserNotAllowedin interfaceBlockingCredentialProvider- Parameters:
redirector- the cocoon Redirector that can be used for redirecting response.- Throws:
Exception- if something wrong occurs
-
nonBlockingUserNotAllowed
Description copied from interface:NonBlockingCredentialProviderMethod called by AuthenticateAction each a user could not get authenticated. This method implementation is responsible of redirecting response to appropriate url.- Specified by:
nonBlockingUserNotAllowedin interfaceNonBlockingCredentialProvider- Parameters:
redirector- the cocoon Redirector that can be used for redirecting response.- Throws:
Exception- if something wrong occurs
-
blockingUserAllowed
Description copied from interface:BlockingCredentialProviderMethod called by AuthenticateAction after authentication process succeeded- Specified by:
blockingUserAllowedin interfaceBlockingCredentialProvider- Parameters:
userIdentity- The user correctly connectedredirector- the cocoon Redirector that can be used for redirecting response.
-
nonBlockingUserAllowed
Description copied from interface:NonBlockingCredentialProviderMethod called by AuthenticateAction after authentication process succeeded- Specified by:
nonBlockingUserAllowedin interfaceNonBlockingCredentialProvider- Parameters:
userIdentity- The user correctly connectedredirector- the cocoon Redirector that can be used for redirecting response.
-
requiresNewWindow
Description copied from interface:BlockingCredentialProviderDoes this blocking credential provider requires a new window to process.- Specified by:
requiresNewWindowin interfaceBlockingCredentialProvider- Returns:
- true to ask the client to process this credential provider throught a new window
-
_getLogin
Get the connected user login from the request or session.- Parameters:
request- the request object.- Returns:
- the connected user login or null.
-