Java Code Examples for org.jasig.cas.client.authentication.AttributePrincipal#getName()

The following examples show how to use org.jasig.cas.client.authentication.AttributePrincipal#getName() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CasUserDetailsService.java    From kylin-on-parquet-v2 with Apache License 2.0 5 votes vote down vote up
protected ManagedUser parseUserDetails(Assertion assertion) {
    AttributePrincipal principal = assertion.getPrincipal();
    List<GrantedAuthority> grantedAuthorities = Stream.of(defaultAuthorities)
            .map(SimpleGrantedAuthority::new)
            .collect(Collectors.toList());
    return new ManagedUser(principal.getName(), NON_EXISTENT_PASSWORD_VALUE, true, grantedAuthorities);
}
 
Example 2
Source File: MCRCASServlet.java    From mycore with GNU General Public License v3.0 5 votes vote down vote up
public void doGetPost(MCRServletJob job) throws Exception {
    HttpServletRequest req = job.getRequest();
    HttpServletResponse res = job.getResponse();

    String ticket = req.getParameter("ticket");
    if ((ticket == null) || (ticket.trim().length() == 0)) {
        res.sendError(HttpServletResponse.SC_BAD_REQUEST);
        return;
    }

    // Validate ticket at CAS server
    Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(serverURL);
    sv.setAcceptAnyProxy(true);
    Assertion a = sv.validate(ticket, clientURL);
    AttributePrincipal principal = a.getPrincipal();

    // Get user name logged in
    String userName = principal.getName();
    LOGGER.info("Login {}", userName);

    MCRUser user;
    boolean userExists = MCRUserManager.exists(userName, realmID);
    if (userExists) {
        user = MCRUserManager.getUser(userName, realmID);
    } else {
        user = new MCRUser(userName, realmID);
    }

    // Get user properties from LDAP server
    boolean userChanged = MCRLDAPClient.instance().updateUserProperties(user);
    if (userChanged && userExists) {
        MCRUserManager.updateUser(user);
    }

    // Store login user in session and redirect browser to target url
    MCRSessionMgr.getCurrentSession().setUserInformation(user);
    // MCR-1154
    req.changeSessionId();
    MCRLoginServlet.redirect(res);
}
 
Example 3
Source File: CasUserDetailsService.java    From kylin with Apache License 2.0 5 votes vote down vote up
protected ManagedUser parseUserDetails(Assertion assertion) {
    AttributePrincipal principal = assertion.getPrincipal();
    List<GrantedAuthority> grantedAuthorities = Stream.of(defaultAuthorities)
            .map(SimpleGrantedAuthority::new)
            .collect(Collectors.toList());
    return new ManagedUser(principal.getName(), NON_EXISTENT_PASSWORD_VALUE, true, grantedAuthorities);
}
 
Example 4
Source File: TicketValidationService.java    From guacamole-client with Apache License 2.0 4 votes vote down vote up
/**
 * Validates and parses the given ID ticket, returning a map of all
 * available tokens for the given user based on attributes provided by the
 * CAS server.  If the ticket is invalid an exception is thrown.
 *
 * @param ticket
 *     The ID ticket to validate and parse.
 *
 * @param credentials
 *     The Credentials object to store retrieved username and
 *     password values in.
 *
 * @return
 *     A Map all of tokens for the user parsed from attributes returned
 *     by the CAS server.
 *
 * @throws GuacamoleException
 *     If the ID ticket is not valid or guacamole.properties could
 *     not be parsed.
 */
public Map<String, String> validateTicket(String ticket,
        Credentials credentials) throws GuacamoleException {

    // Retrieve the configured CAS URL, establish a ticket validator,
    // and then attempt to validate the supplied ticket.  If that succeeds,
    // grab the principal returned by the validator.
    URI casServerUrl = confService.getAuthorizationEndpoint();
    Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl.toString());
    validator.setAcceptAnyProxy(true);
    validator.setEncoding("UTF-8");
    try {
        Map<String, String> tokens = new HashMap<>();
        URI confRedirectURI = confService.getRedirectURI();
        Assertion a = validator.validate(ticket, confRedirectURI.toString());
        AttributePrincipal principal =  a.getPrincipal();
        Map<String, Object> ticketAttrs =
                new HashMap<>(principal.getAttributes());

        // Retrieve username and set the credentials.
        String username = principal.getName();
        if (username == null)
            throw new GuacamoleSecurityException("No username provided by CAS.");
        
        credentials.setUsername(username);

        // Retrieve password, attempt decryption, and set credentials.
        Object credObj = ticketAttrs.remove("credential");
        if (credObj != null) {
            String clearPass = decryptPassword(credObj.toString());
            if (clearPass != null && !clearPass.isEmpty())
                credentials.setPassword(clearPass);
        }
        
        // Convert remaining attributes that have values to Strings
        for (Entry <String, Object> attr : ticketAttrs.entrySet()) {
            String tokenName = TokenName.canonicalize(attr.getKey(),
                    CAS_ATTRIBUTE_TOKEN_PREFIX);
            Object value = attr.getValue();
            if (value != null)
                tokens.put(tokenName, value.toString());
        }

        return tokens;

    } 
    catch (TicketValidationException e) {
        throw new GuacamoleException("Ticket validation failed.", e);
    }

}
 
Example 5
Source File: TicketValidationService.java    From guacamole-client with Apache License 2.0 4 votes vote down vote up
/**
 * Validates and parses the given ID ticket, returning a map of all
 * available tokens for the given user based on attributes provided by the
 * CAS server.  If the ticket is invalid an exception is thrown.
 *
 * @param ticket
 *     The ID ticket to validate and parse.
 *
 * @param credentials
 *     The Credentials object to store retrieved username and
 *     password values in.
 *
 * @return
 *     A Map all of tokens for the user parsed from attributes returned
 *     by the CAS server.
 *
 * @throws GuacamoleException
 *     If the ID ticket is not valid or guacamole.properties could
 *     not be parsed.
 */
public Map<String, String> validateTicket(String ticket,
        Credentials credentials) throws GuacamoleException {

    // Retrieve the configured CAS URL, establish a ticket validator,
    // and then attempt to validate the supplied ticket.  If that succeeds,
    // grab the principal returned by the validator.
    URI casServerUrl = confService.getAuthorizationEndpoint();
    Cas20ProxyTicketValidator validator = new Cas20ProxyTicketValidator(casServerUrl.toString());
    validator.setAcceptAnyProxy(true);
    validator.setEncoding("UTF-8");
    try {
        Map<String, String> tokens = new HashMap<>();
        URI confRedirectURI = confService.getRedirectURI();
        Assertion a = validator.validate(ticket, confRedirectURI.toString());
        AttributePrincipal principal =  a.getPrincipal();
        Map<String, Object> ticketAttrs =
                new HashMap<>(principal.getAttributes());

        // Retrieve username and set the credentials.
        String username = principal.getName();
        if (username == null)
            throw new GuacamoleSecurityException("No username provided by CAS.");
        
        credentials.setUsername(username);

        // Retrieve password, attempt decryption, and set credentials.
        Object credObj = ticketAttrs.remove("credential");
        if (credObj != null) {
            String clearPass = decryptPassword(credObj.toString());
            if (clearPass != null && !clearPass.isEmpty())
                credentials.setPassword(clearPass);
        }
        
        // Convert remaining attributes that have values to Strings
        for (Entry <String, Object> attr : ticketAttrs.entrySet()) {
            String tokenName = TokenName.canonicalize(attr.getKey(),
                    CAS_ATTRIBUTE_TOKEN_PREFIX);
            Object value = attr.getValue();
            if (value != null)
                tokens.put(tokenName, value.toString());
        }

        return tokens;

    } 
    catch (TicketValidationException e) {
        throw new GuacamoleException("Ticket validation failed.", e);
    }

}