@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); CasAuthenticationFilterConfig authConfig = (CasAuthenticationFilterConfig) config; validator = new GeoServerCas20ProxyTicketValidator(authConfig.getCasServerUrlPrefix()); validator.setAcceptAnyProxy(true); validator.setProxyGrantingTicketStorage(pgtStorageFilter); validator.setRenew(authConfig.isSendRenew()); if (StringUtils.hasLength(authConfig.getProxyCallbackUrlPrefix())) validator.setProxyCallbackUrl(GeoServerCasConstants.createProxyCallBackURl(authConfig.getProxyCallbackUrlPrefix())); casLogoutURL=GeoServerCasConstants.createCasURl(authConfig.getCasServerUrlPrefix(), GeoServerCasConstants.LOGOUT_URI); if (StringUtils.hasLength(authConfig.getUrlInCasLogoutPage())) casLogoutURL+="?"+GeoServerCasConstants.LOGOUT_URL_PARAM+"="+URLEncoder.encode(authConfig.getUrlInCasLogoutPage(),"utf-8"); singleSignOut=authConfig.isSingleSignOut(); aep = new GeoServerCasAuthenticationEntryPoint(authConfig); }
@Test public void testCasFilterConfigValidation() throws Exception{ CasAuthenticationFilterConfig config = new CasAuthenticationFilterConfig(); config.setClassName(GeoServerCasAuthenticationFilter.class.getName()); config.setName("testCAS"); check(config); validator.validateCASFilterConfig(config); }
public void validateCASFilterConfig(CasAuthenticationFilterConfig casConfig) throws FilterConfigException { if (StringUtils.hasLength(casConfig.getUrlInCasLogoutPage())) { try { new URL(casConfig.getUrlInCasLogoutPage()); } catch (MalformedURLException ex) { throw createFilterException(CasFilterConfigException.CAS_URL_IN_LOGOUT_PAGE_MALFORMED); if (StringUtils.hasLength(casConfig.getCasServerUrlPrefix())==false) throw createFilterException(CasFilterConfigException.CAS_SERVER_URL_REQUIRED); new URL(casConfig.getCasServerUrlPrefix()); } catch (MalformedURLException ex) { throw createFilterException(CasFilterConfigException.CAS_SERVER_URL_MALFORMED); if (StringUtils.hasLength(casConfig.getProxyCallbackUrlPrefix())) { URL callBackUrl=null; try { callBackUrl=new URL(casConfig.getProxyCallbackUrlPrefix()); } catch (MalformedURLException ex) { throw createFilterException(CasFilterConfigException.CAS_PROXYCALLBACK_MALFORMED);
CasAuthenticationFilterConfig config = new CasAuthenticationFilterConfig(); config.setClassName(GeoServerCasAuthenticationFilter.class.getName()); config.setCasServerUrlPrefix(casServerURLPrefix.toString()); config.setName(casFilterName); config.setRoleSource(RoleSource.UserGroupService); config.setUserGroupServiceName("ug1"); config.setSingleSignOut(true); getSecurityManager().saveFilter(config);
config.setRoleSource(RequestHeaderAuthenticationFilterConfig.RoleSource.UserGroupService); failed = false; try { config.setUserGroupServiceName("blabla"); failed = false; try { config.setUserGroupServiceName(XMLUserGroupService.DEFAULT_NAME); config.setRoleSource(RequestHeaderAuthenticationFilterConfig.RoleSource.RoleService); config.setRoleServiceName("blabla"); failed = false; try { config.setRoleServiceName(XMLRoleService.DEFAULT_NAME); config.setRoleSource(RequestHeaderAuthenticationFilterConfig.RoleSource.Header); failed = false; try { config.setRolesHeaderAttribute("roles"); config.setRoleConverterName("unknown"); failed = false; try { config.setRoleConverterName(null);
sp.setSendRenew(authConfig.isSendRenew()); sp.setService(GeoServerCasAuthenticationFilter.retrieveService(request)); aep.setLoginUrl(authConfig.getCasServerUrlPrefix()+GeoServerCasConstants.LOGIN_URI); aep.setServiceProperties(sp); try {
CasAuthenticationFilterConfig config = new CasAuthenticationFilterConfig(); config.setClassName(GeoServerCasAuthenticationFilter.class.getName()); config.setCasServerUrlPrefix(casServerURLPrefix.toString()); config.setName(casFilterName); config.setRoleSource(RoleSource.UserGroupService); config.setUserGroupServiceName("ug1"); config.setSingleSignOut(true); config.setProxyCallbackUrlPrefix(proxyCallbackUrlPrefix.toString()); getSecurityManager().saveFilter(config);
public void validateCASFilterConfig(CasAuthenticationFilterConfig casConfig) throws FilterConfigException { if (StringUtils.hasLength(casConfig.getUrlInCasLogoutPage())) { try { new URL(casConfig.getUrlInCasLogoutPage()); } catch (MalformedURLException ex) { throw createFilterException( CasFilterConfigException.CAS_URL_IN_LOGOUT_PAGE_MALFORMED); } } super.validateFilterConfig((PreAuthenticatedUserNameFilterConfig) casConfig); if (StringUtils.hasLength(casConfig.getCasServerUrlPrefix()) == false) throw createFilterException(CasFilterConfigException.CAS_SERVER_URL_REQUIRED); try { new URL(casConfig.getCasServerUrlPrefix()); } catch (MalformedURLException ex) { throw createFilterException(CasFilterConfigException.CAS_SERVER_URL_MALFORMED); } if (StringUtils.hasLength(casConfig.getProxyCallbackUrlPrefix())) { URL callBackUrl = null; try { callBackUrl = new URL(casConfig.getProxyCallbackUrlPrefix()); } catch (MalformedURLException ex) { throw createFilterException(CasFilterConfigException.CAS_PROXYCALLBACK_MALFORMED); } if ("https".equalsIgnoreCase(callBackUrl.getProtocol()) == false) throw createFilterException(CasFilterConfigException.CAS_PROXYCALLBACK_NOT_HTTPS); } }
sp.setSendRenew(authConfig.isSendRenew()); sp.setService(GeoServerCasAuthenticationFilter.retrieveService(request)); aep.setLoginUrl(authConfig.getCasServerUrlPrefix() + GeoServerCasConstants.LOGIN_URI); aep.setServiceProperties(sp); try {
CasAuthenticationFilterConfig pconfig1 = new CasAuthenticationFilterConfig(); pconfig1.setClassName(GeoServerCasAuthenticationFilter.class.getName()); pconfig1.setName(casProxyFilterName); pconfig1.setCasServerUrlPrefix(casServerURLPrefix.toString()); pconfig1.setRoleSource(RoleSource.UserGroupService); pconfig1.setUserGroupServiceName("ug1"); pconfig1.setSingleSignOut(true); getSecurityManager().saveFilter(pconfig1); pconfig1.setProxyCallbackUrlPrefix(proxyCallbackUrlPrefix.toString()); getSecurityManager().saveFilter(pconfig1);
props.setSendRenew(authConfig.isSendRenew()); validator = new Cas20ProxyTicketValidator(authConfig.getCasServerUrlPrefix()); validator.setAcceptAnyProxy(true); validator.setProxyGrantingTicketStorage(pgtStorageFilter); validator.setRenew(authConfig.isSendRenew()); if (StringUtils.hasLength(authConfig.getProxyCallbackUrlPrefix())) validator.setProxyCallbackUrl( GeoServerCasConstants.createProxyCallBackURl( authConfig.getProxyCallbackUrlPrefix())); authConfig.getCasServerUrlPrefix(), GeoServerCasConstants.LOGOUT_URI); if (StringUtils.hasLength(authConfig.getUrlInCasLogoutPage())) casLogoutURL += "?" + GeoServerCasConstants.LOGOUT_URL_PARAM + "=" + URLEncoder.encode(authConfig.getUrlInCasLogoutPage(), "utf-8"); singleSignOut = authConfig.isSingleSignOut(); aep = new GeoServerCasAuthenticationEntryPoint(authConfig);
CasAuthenticationFilterConfig pconfig1 = new CasAuthenticationFilterConfig(); pconfig1.setClassName(GeoServerCasAuthenticationFilter.class.getName()); pconfig1.setName(casProxyFilterName); pconfig1.setCasServerUrlPrefix(casServerURLPrefix.toString()); pconfig1.setRoleSource(RoleSource.UserGroupService); pconfig1.setUserGroupServiceName("ug1"); getSecurityManager().saveFilter(pconfig1); pconfig1.setProxyCallbackUrlPrefix(proxyCallbackUrlPrefix.toString()); getSecurityManager().saveFilter(pconfig1);