Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl); validator.setAcceptAnyProxy(true); validator.setEncoding("UTF-8"); try { String confRedirectURI = confService.getRedirectURI(); Assertion a = validator.validate(ticket, confRedirectURI); AttributePrincipal principal = a.getPrincipal();
protected void startInternal() throws LifecycleException { super.startInternal(); this.ticketValidator = new Cas20ProxyTicketValidator(getCasServerUrlPrefix()); this.ticketValidator.setRenew(isRenew()); this.ticketValidator.setProxyCallbackUrl(getProxyCallbackUrl()); this.ticketValidator.setProxyGrantingTicketStorage(ProxyCallbackValve.getProxyGrantingTicketStorage()); this.ticketValidator.setAcceptAnyProxy(this.acceptAnyProxy); this.ticketValidator.setAllowedProxyChains(CommonUtils.createProxyList(this.allowedProxyChains)); if (getEncoding() != null) { this.ticketValidator.setEncoding(getEncoding()); } } }
validator = new Cas20ProxyTicketValidator(authConfig.getCasServerUrlPrefix()); validator.setAcceptAnyProxy(true); validator.setProxyGrantingTicketStorage(pgtStorageFilter); validator.setRenew(authConfig.isSendRenew()); if (StringUtils.hasLength(authConfig.getProxyCallbackUrlPrefix())) validator.setProxyCallbackUrl( GeoServerCasConstants.createProxyCallBackURl( authConfig.getProxyCallbackUrlPrefix()));
protected Assertion authenticateWithPGT(CasFormAuthenticationHelper helper) throws Exception { helper.ssoLogin(); String ticket = helper.getServiceTicket(serviceUrl); Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator( casServerURLPrefix.toString()); validator.setAcceptAnyProxy(true); validator.setProxyCallbackUrl(GeoServerCasConstants .createProxyCallBackURl(proxyCallbackUrlPrefix.toExternalForm())); validator.setProxyGrantingTicketStorage(GeoServerExtensions .bean(ProxyGrantingTicketStorage.class)); Assertion result = validator.validate(ticket, serviceUrl.toExternalForm()); assertNotNull(result); return result; }
@Before public void setUp() throws Exception { final List<String[]> list = new ArrayList<String[]>(); list.add(new String[] { "proxy1", "proxy2", "proxy3" }); this.ticketValidator = new Cas20ProxyTicketValidator(CONST_CAS_SERVER_URL_PREFIX + "8089"); this.ticketValidator.setRenew(true); this.ticketValidator.setProxyCallbackUrl("test"); this.ticketValidator.setProxyGrantingTicketStorage(getProxyGrantingTicketStorage()); this.ticketValidator.setProxyRetriever(getProxyRetriever()); this.ticketValidator.setAllowedProxyChains(new ProxyList(list)); }
@Override public TicketValidator build() { Cas20ProxyTicketValidator ticketValidator = new Cas20ProxyTicketValidator(casServerUrlPrefix); super.configure(ticketValidator); if (proxyChainsValidation != null) { ticketValidator.setAcceptAnyProxy(!proxyChainsValidation); } if (allowEmptyProxyChain != null) { ticketValidator.setAllowEmptyProxyChain(allowEmptyProxyChain); } if (proxyChains != null) { ticketValidator.setAllowedProxyChains(proxyChains); } return ticketValidator; } }
final Cas20ProxyTicketValidator v = new Cas20ProxyTicketValidator(casServerUrlPrefix); v.setAcceptAnyProxy(parseBoolean(allowAnyProxy)); v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains)); validator = v; } else {
Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(serverURL); sv.setAcceptAnyProxy(true); Assertion a = sv.validate(ticket, clientURL); AttributePrincipal principal = a.getPrincipal();
public void validateTicket(HttpServletRequest httpRequest, String ticket) throws Exception { Cas20ProxyTicketValidator ticketValidator = new Cas20ProxyTicketValidator(casServerUrl); ticketValidator.setRenew(this.renewTicket); //String serviceUrl = "http://"+ httpRequest.getServerName() +":" + httpRequest.getServerPort() + //httpRequest.getContextPath() +"/private/classic"; Assertion assertion = ticketValidator.validate(ticket, this.casServiceUrl); log.debug("------------------------------------------------------------------------------------"); log.debug("Service: "+this.casServiceUrl); log.debug("Principal: "+assertion.getPrincipal().getName()); log.debug("------------------------------------------------------------------------------------"); String principal = assertion.getPrincipal().getName(); this.saveSSOCredentials(principal, httpRequest); } }
@Test public void testRegexProxyChainWithInvalidProxy() throws TicketValidationException, UnsupportedEncodingException { final List<String[]> list = new ArrayList<String[]>(); list.add(new String[] { "proxy1", "proxy2", "^proxy3/[a-z]*/" }); this.ticketValidator.setAllowedProxyChains(new ProxyList(list)); final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy1</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3/ABC/</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>"; server.content = RESPONSE.getBytes(server.encoding); try { this.ticketValidator.validate("test", "test"); fail("Invalid proxy chain"); } catch (InvalidProxyChainTicketValidationException e) { // expected } }
final Cas20ProxyTicketValidator v = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, this.defaultProxyTicketValidatorClass); v.setAcceptAnyProxy(allowAnyProxy); v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains)); validator = v; } else {
protected Assertion getCASAssertion(HttpServletRequest request) { String ticket = request.getParameter(GeoServerCasConstants.ARTIFACT_PARAMETER); if (ticket == null) return null; if ((ticket.startsWith(GeoServerCasConstants.PROXY_TICKET_PREFIX) || ticket.startsWith(GeoServerCasConstants.SERVICE_TICKET_PREFIX)) == false) return null; try { String service = retrieveService(request); return validator.validate(ticket, service); } catch (TicketValidationException e) { LOGGER.warning(e.getMessage()); } return null; }
/** * construct a working {@link org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter} */ private Cas20ProxyReceivingTicketValidationFilter newCas20ProxyReceivingTicketValidationFilter() { final Cas20ProxyReceivingTicketValidationFilter filter = new Cas20ProxyReceivingTicketValidationFilter(); filter.setServerName("localhost"); filter.setTicketValidator(new Cas20ProxyTicketValidator("")); return filter; } }
protected void startInternal() throws LifecycleException { super.startInternal(); this.ticketValidator = new Cas20ProxyTicketValidator(getCasServerUrlPrefix()); this.ticketValidator.setRenew(isRenew()); this.ticketValidator.setProxyCallbackUrl(getProxyCallbackUrl()); this.ticketValidator.setProxyGrantingTicketStorage(ProxyCallbackValve.getProxyGrantingTicketStorage()); this.ticketValidator.setAcceptAnyProxy(this.acceptAnyProxy); this.ticketValidator.setAllowedProxyChains(CommonUtils.createProxyList(this.allowedProxyChains)); if (getEncoding() != null) { this.ticketValidator.setEncoding(getEncoding()); } } }
@Test public void testRegexProxyChainWithValidProxy() throws TicketValidationException, UnsupportedEncodingException { final List<String[]> list = new ArrayList<String[]>(); list.add(new String[] { "proxy1", "proxy2", "^proxy3/[a-z]*/" }); this.ticketValidator.setAllowedProxyChains(new ProxyList(list)); final String USERNAME = "username"; final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy1</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3/abc/</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>"; server.content = RESPONSE.getBytes(server.encoding); final Assertion assertion = this.ticketValidator.validate("test", "test"); assertEquals(USERNAME, assertion.getPrincipal().getName()); }
@Test public void testProxyChainWithInvalidProxy() throws TicketValidationException, UnsupportedEncodingException { final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy7</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>"; server.content = RESPONSE.getBytes(server.encoding); try { this.ticketValidator.validate("test", "test"); fail("Invalid proxy chain"); } catch (InvalidProxyChainTicketValidationException e) { // expected } }
protected void startInternal() throws LifecycleException { super.startInternal(); this.ticketValidator = new Cas20ProxyTicketValidator(getCasServerUrlPrefix()); this.ticketValidator.setRenew(isRenew()); this.ticketValidator.setProxyCallbackUrl(getProxyCallbackUrl()); this.ticketValidator.setProxyGrantingTicketStorage(ProxyCallbackValve.getProxyGrantingTicketStorage()); this.ticketValidator.setAcceptAnyProxy(this.acceptAnyProxy); this.ticketValidator.setAllowedProxyChains(CommonUtils.createProxyList(this.allowedProxyChains)); if (getEncoding() != null) { this.ticketValidator.setEncoding(getEncoding()); } } }
@Test public void testConstructionFromSpringBean() throws TicketValidationException, UnsupportedEncodingException { final ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext( "classpath:cas20ProxyTicketValidator.xml"); final Cas20ProxyTicketValidator v = (Cas20ProxyTicketValidator) context.getBean("proxyTicketValidator"); final String USERNAME = "username"; final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy1</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>"; server.content = RESPONSE.getBytes(server.encoding); final Assertion assertion = v.validate("test", "test"); assertEquals(USERNAME, assertion.getPrincipal().getName()); } }
protected void startInternal() throws LifecycleException { super.startInternal(); this.ticketValidator = new Cas20ProxyTicketValidator(getCasServerUrlPrefix()); this.ticketValidator.setRenew(isRenew()); this.ticketValidator.setProxyCallbackUrl(getProxyCallbackUrl()); this.ticketValidator.setProxyGrantingTicketStorage(ProxyCallbackValve.getProxyGrantingTicketStorage()); this.ticketValidator.setAcceptAnyProxy(this.acceptAnyProxy); this.ticketValidator.setAllowedProxyChains(CommonUtils.createProxyList(this.allowedProxyChains)); if (getEncoding() != null) { this.ticketValidator.setEncoding(getEncoding()); } } }
@Test public void testProxyChainWithValidProxy() throws TicketValidationException, UnsupportedEncodingException { final String USERNAME = "username"; final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy1</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>"; server.content = RESPONSE.getBytes(server.encoding); final Assertion assertion = this.ticketValidator.validate("test", "test"); assertEquals(USERNAME, assertion.getPrincipal().getName()); }