本文整理汇总了Java中org.jasig.cas.services.RegisteredService.getAttributeReleasePolicy方法的典型用法代码示例。如果您正苦于以下问题:Java RegisteredService.getAttributeReleasePolicy方法的具体用法?Java RegisteredService.getAttributeReleasePolicy怎么用?Java RegisteredService.getAttributeReleasePolicy使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.jasig.cas.services.RegisteredService
的用法示例。
在下文中一共展示了RegisteredService.getAttributeReleasePolicy方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: decideIfCredentialPasswordShouldBeReleasedAsAttribute
import org.jasig.cas.services.RegisteredService; //导入方法依赖的package包/类
/**
* Decide if credential password should be released as attribute.
* The credential must have been cached as an authentication attribute
* and the attribute release policy must be allowed to release the
* attribute.
*
* @param attributes the attributes
* @param model the model
* @param service the service
*/
protected void decideIfCredentialPasswordShouldBeReleasedAsAttribute(final Map<String, Object> attributes,
final Map<String, Object> model,
final RegisteredService service) {
final RegisteredServiceAttributeReleasePolicy policy = service.getAttributeReleasePolicy();
final boolean isAuthorized = policy != null && policy.isAuthorizedToReleaseCredentialPassword();
decideAttributeReleaseBasedOnServiceAttributePolicy(attributes,
getAuthenticationAttribute(model, CasViewConstants.MODEL_ATTRIBUTE_NAME_PRINCIPAL_CREDENTIAL),
CasViewConstants.MODEL_ATTRIBUTE_NAME_PRINCIPAL_CREDENTIAL,
service, isAuthorized);
}
示例2: decideIfProxyGrantingTicketShouldBeReleasedAsAttribute
import org.jasig.cas.services.RegisteredService; //导入方法依赖的package包/类
/**
* Decide if PGT should be released as attribute.
* The PGT must have been cached as an authentication attribute
* and the attribute release policy must be allowed to release the
* attribute.
*
* @param attributes the attributes
* @param model the model
* @param service the service
*/
protected void decideIfProxyGrantingTicketShouldBeReleasedAsAttribute(final Map<String, Object> attributes,
final Map<String, Object> model,
final RegisteredService service) {
final RegisteredServiceAttributeReleasePolicy policy = service.getAttributeReleasePolicy();
final boolean isAuthorized = policy != null && policy.isAuthorizedToReleaseProxyGrantingTicket();
decideAttributeReleaseBasedOnServiceAttributePolicy(attributes,
getProxyGrantingTicketId(model),
CasViewConstants.MODEL_ATTRIBUTE_NAME_PROXY_GRANTING_TICKET,
service, isAuthorized);
}
示例3: grantServiceTicket
import org.jasig.cas.services.RegisteredService; //导入方法依赖的package包/类
@Audit(
action="SERVICE_TICKET",
actionResolverName="GRANT_SERVICE_TICKET_RESOLVER",
resourceResolverName="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER")
@Timed(name="GRANT_SERVICE_TICKET_TIMER")
@Metered(name="GRANT_SERVICE_TICKET_METER")
@Counted(name="GRANT_SERVICE_TICKET_COUNTER", monotonic=true)
@Override
public ServiceTicket grantServiceTicket(
final String ticketGrantingTicketId,
final Service service, final AuthenticationContext context)
throws AuthenticationException, AbstractTicketException {
final TicketGrantingTicket ticketGrantingTicket = getTicket(ticketGrantingTicketId, TicketGrantingTicket.class);
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
verifyRegisteredServiceProperties(registeredService, service);
final Authentication currentAuthentication = evaluatePossibilityOfMixedPrincipals(context, ticketGrantingTicket);
if (ticketGrantingTicket.getCountOfUses() > 0 && !registeredService.getAccessStrategy().isServiceAccessAllowedForSso()) {
logger.warn("Service [{}] is not allowed to use SSO.", service.getId());
throw new UnauthorizedSsoServiceException();
}
evaluateProxiedServiceIfNeeded(service, ticketGrantingTicket, registeredService);
// Perform security policy check by getting the authentication that satisfies the configured policy
// This throws if no suitable policy is found
getAuthenticationSatisfiedByPolicy(ticketGrantingTicket.getRoot(), new ServiceContext(service, registeredService));
final List<Authentication> authentications = ticketGrantingTicket.getChainedAuthentications();
final Principal principal = authentications.get(authentications.size() - 1).getPrincipal();
final RegisteredServiceAttributeReleasePolicy releasePolicy = registeredService.getAttributeReleasePolicy();
final Map<String, Object> principalAttrs;
if (releasePolicy != null) {
principalAttrs = releasePolicy.getAttributes(principal);
} else {
principalAttrs = new HashMap<>();
}
if (!registeredService.getAccessStrategy().doPrincipalAttributesAllowServiceAccess(principal.getId(), principalAttrs)) {
logger.warn("Cannot grant service ticket because Service [{}] is not authorized for use by [{}].",
service.getId(), principal);
throw new UnauthorizedServiceForPrincipalException();
}
final ServiceTicketFactory factory = this.ticketFactory.get(ServiceTicket.class);
final ServiceTicket serviceTicket = factory.create(ticketGrantingTicket, service, currentAuthentication != null);
this.ticketRegistry.addTicket(serviceTicket);
logger.info("Granted ticket [{}] for service [{}] and principal [{}]",
serviceTicket.getId(), service.getId(), principal.getId());
doPublishEvent(new CasServiceTicketGrantedEvent(this, ticketGrantingTicket, serviceTicket));
return serviceTicket;
}
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:59,代码来源:CentralAuthenticationServiceImpl.java
示例4: grantProxyTicket
import org.jasig.cas.services.RegisteredService; //导入方法依赖的package包/类
@Audit(
action="PROXY_TICKET",
actionResolverName="GRANT_PROXY_TICKET_RESOLVER",
resourceResolverName="GRANT_PROXY_TICKET_RESOURCE_RESOLVER")
@Timed(name="GRANT_PROXY_TICKET_TIMER")
@Metered(name="GRANT_PROXY_TICKET_METER")
@Counted(name="GRANT_PROXY_TICKET_COUNTER", monotonic=true)
@Override
public ProxyTicket grantProxyTicket(final String proxyGrantingTicket, final Service service)
throws AbstractTicketException {
final ProxyGrantingTicket proxyGrantingTicketObject = getTicket(proxyGrantingTicket, ProxyGrantingTicket.class);
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
verifyRegisteredServiceProperties(registeredService, service);
if (!registeredService.getAccessStrategy().isServiceAccessAllowedForSso()) {
logger.warn("Service [{}] is not allowed to use SSO.", service.getId());
throw new UnauthorizedSsoServiceException();
}
evaluateProxiedServiceIfNeeded(service, proxyGrantingTicketObject, registeredService);
// Perform security policy check by getting the authentication that satisfies the configured policy
// This throws if no suitable policy is found
getAuthenticationSatisfiedByPolicy(proxyGrantingTicketObject.getRoot(), new ServiceContext(service, registeredService));
final List<Authentication> authentications = proxyGrantingTicketObject.getChainedAuthentications();
final Principal principal = authentications.get(authentications.size() - 1).getPrincipal();
final RegisteredServiceAttributeReleasePolicy releasePolicy = registeredService.getAttributeReleasePolicy();
final Map<String, Object> principalAttrs;
if (releasePolicy != null) {
principalAttrs = releasePolicy.getAttributes(principal);
} else {
principalAttrs = new HashMap<>();
}
if (!registeredService.getAccessStrategy().doPrincipalAttributesAllowServiceAccess(principal.getId(), principalAttrs)) {
logger.warn("Cannot grant proxy ticket because Service [{}] is not authorized for use by [{}].",
service.getId(), principal);
throw new UnauthorizedServiceForPrincipalException();
}
final ProxyTicketFactory factory = this.ticketFactory.get(ProxyTicket.class);
final ProxyTicket proxyTicket = factory.create(proxyGrantingTicketObject, service);
this.ticketRegistry.addTicket(proxyTicket);
logger.info("Granted ticket [{}] for service [{}] for user [{}]",
proxyTicket.getId(), service.getId(), principal.getId());
doPublishEvent(new CasProxyTicketGrantedEvent(this, proxyGrantingTicketObject, proxyTicket));
return proxyTicket;
}
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:55,代码来源:CentralAuthenticationServiceImpl.java
示例5: validateServiceTicket
import org.jasig.cas.services.RegisteredService; //导入方法依赖的package包/类
@Audit(
action="SERVICE_TICKET_VALIDATE",
actionResolverName="VALIDATE_SERVICE_TICKET_RESOLVER",
resourceResolverName="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER")
@Timed(name="VALIDATE_SERVICE_TICKET_TIMER")
@Metered(name="VALIDATE_SERVICE_TICKET_METER")
@Counted(name="VALIDATE_SERVICE_TICKET_COUNTER", monotonic=true)
@Override
public Assertion validateServiceTicket(final String serviceTicketId, final Service service) throws AbstractTicketException {
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
verifyRegisteredServiceProperties(registeredService, service);
final ServiceTicket serviceTicket = this.ticketRegistry.getTicket(serviceTicketId, ServiceTicket.class);
if (serviceTicket == null) {
logger.info("Service ticket [{}] does not exist.", serviceTicketId);
throw new InvalidTicketException(serviceTicketId);
}
try {
synchronized (serviceTicket) {
if (serviceTicket.isExpired()) {
logger.info("ServiceTicket [{}] has expired.", serviceTicketId);
throw new InvalidTicketException(serviceTicketId);
}
if (!serviceTicket.isValidFor(service)) {
logger.error("Service ticket [{}] with service [{}] does not match supplied service [{}]",
serviceTicketId, serviceTicket.getService().getId(), service);
throw new UnrecognizableServiceForServiceTicketValidationException(serviceTicket.getService());
}
}
final TicketGrantingTicket root = serviceTicket.getGrantingTicket().getRoot();
final Authentication authentication = getAuthenticationSatisfiedByPolicy(
root, new ServiceContext(serviceTicket.getService(), registeredService));
final Principal principal = authentication.getPrincipal();
final RegisteredServiceAttributeReleasePolicy attributePolicy = registeredService.getAttributeReleasePolicy();
logger.debug("Attribute policy [{}] is associated with service [{}]", attributePolicy, registeredService);
@SuppressWarnings("unchecked")
final Map<String, Object> attributesToRelease = attributePolicy != null
? attributePolicy.getAttributes(principal) : Collections.EMPTY_MAP;
final String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, service);
final Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease);
final AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication);
builder.setPrincipal(modifiedPrincipal);
final Assertion assertion = new ImmutableAssertion(
builder.build(),
serviceTicket.getGrantingTicket().getChainedAuthentications(),
serviceTicket.getService(),
serviceTicket.isFromNewLogin());
doPublishEvent(new CasServiceTicketValidatedEvent(this, serviceTicket, assertion));
return assertion;
} finally {
if (serviceTicket.isExpired()) {
this.ticketRegistry.deleteTicket(serviceTicketId);
}
}
}
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:67,代码来源:CentralAuthenticationServiceImpl.java
示例6: validateServiceTicket
import org.jasig.cas.services.RegisteredService; //导入方法依赖的package包/类
@Audit(
action="SERVICE_TICKET_VALIDATE",
actionResolverName="VALIDATE_SERVICE_TICKET_RESOLVER",
resourceResolverName="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER")
@Timed(name="VALIDATE_SERVICE_TICKET_TIMER")
@Metered(name="VALIDATE_SERVICE_TICKET_METER")
@Counted(name="VALIDATE_SERVICE_TICKET_COUNTER", monotonic=true)
@Override
public Assertion validateServiceTicket(final String serviceTicketId, final Service service) throws TicketException {
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
verifyRegisteredServiceProperties(registeredService, service);
final ServiceTicket serviceTicket = this.serviceTicketRegistry.getTicket(serviceTicketId, ServiceTicket.class);
if (serviceTicket == null) {
logger.info("Service ticket [{}] does not exist.", serviceTicketId);
throw new InvalidTicketException(serviceTicketId);
}
try {
synchronized (serviceTicket) {
if (serviceTicket.isExpired()) {
logger.info("ServiceTicket [{}] has expired.", serviceTicketId);
throw new InvalidTicketException(serviceTicketId);
}
if (!serviceTicket.isValidFor(service)) {
logger.error("Service ticket [{}] with service [{}] does not match supplied service [{}]",
serviceTicketId, serviceTicket.getService().getId(), service);
throw new UnrecognizableServiceForServiceTicketValidationException(serviceTicket.getService());
}
}
final TicketGrantingTicket root = serviceTicket.getGrantingTicket().getRoot();
final Authentication authentication = getAuthenticationSatisfiedByPolicy(
root, new ServiceContext(serviceTicket.getService(), registeredService));
final Principal principal = authentication.getPrincipal();
final AttributeReleasePolicy attributePolicy = registeredService.getAttributeReleasePolicy();
logger.debug("Attribute policy [{}] is associated with service [{}]", attributePolicy, registeredService);
@SuppressWarnings("unchecked")
final Map<String, Object> attributesToRelease = attributePolicy != null
? attributePolicy.getAttributes(principal) : Collections.EMPTY_MAP;
final String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, service);
final Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease);
final AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication);
builder.setPrincipal(modifiedPrincipal);
return new ImmutableAssertion(
builder.build(),
serviceTicket.getGrantingTicket().getChainedAuthentications(),
serviceTicket.getService(),
serviceTicket.isFromNewLogin());
} finally {
if (serviceTicket.isExpired()) {
this.serviceTicketRegistry.deleteTicket(serviceTicketId);
}
}
}
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:62,代码来源:CentralAuthenticationServiceImpl.java