org.jasig.cas.authentication.AuthenticationManager Java Examples

/**
 * Build the central authentication service implementation.
 *
 * @param ticketRegistry the tickets registry.
 * @param serviceTicketRegistry the service tickets registry.
 * @param authenticationManager the authentication manager.
 * @param ticketGrantingTicketUniqueTicketIdGenerator the TGT id generator.
 * @param uniqueTicketIdGeneratorsForService the map with service and ticket id generators.
 * @param ticketGrantingTicketExpirationPolicy the TGT expiration policy.
 * @param serviceTicketExpirationPolicy the service ticket expiration policy.
 * @param servicesManager the services manager.
 * @param logoutManager the logout manager.
 */
public CentralAuthenticationServiceImpl(final TicketRegistry ticketRegistry,
                                        final TicketRegistry serviceTicketRegistry,
                                        final AuthenticationManager authenticationManager,
                                        final UniqueTicketIdGenerator ticketGrantingTicketUniqueTicketIdGenerator,
                                        final Map<String, UniqueTicketIdGenerator> uniqueTicketIdGeneratorsForService,
                                        final ExpirationPolicy ticketGrantingTicketExpirationPolicy,
                                        final ExpirationPolicy serviceTicketExpirationPolicy,
                                        final ServicesManager servicesManager,
                                        final LogoutManager logoutManager) {
    this.ticketRegistry = ticketRegistry;
    if (serviceTicketRegistry == null) {
        this.serviceTicketRegistry = ticketRegistry;
    } else {
        this.serviceTicketRegistry = serviceTicketRegistry;
    }
    this.authenticationManager = authenticationManager;
    this.ticketGrantingTicketUniqueTicketIdGenerator = ticketGrantingTicketUniqueTicketIdGenerator;
    this.uniqueTicketIdGeneratorsForService = uniqueTicketIdGeneratorsForService;
    this.ticketGrantingTicketExpirationPolicy = ticketGrantingTicketExpirationPolicy;
    this.serviceTicketExpirationPolicy = serviceTicketExpirationPolicy;
    this.servicesManager = servicesManager;
    this.logoutManager = logoutManager;
}
 

@Before
public void setUp() throws Exception {
    this.action = new PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction();

    final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<>();
    idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());


    final AuthenticationManager authenticationManager = new PolicyBasedAuthenticationManager(
            Collections.<AuthenticationHandler, PrincipalResolver>singletonMap(
                    new PrincipalBearingCredentialsAuthenticationHandler(),
                    new PrincipalBearingPrincipalResolver()));
    final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl(
            new DefaultTicketRegistry(), null, authenticationManager, new DefaultUniqueTicketIdGenerator(),
            idGenerators, new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(),
            mock(ServicesManager.class), mock(LogoutManager.class));
    this.action.setCentralAuthenticationService(centralAuthenticationService);
}
 

@Before
public void setUp() throws Exception {
    this.action = new PrincipalFromRequestUserPrincipalNonInteractiveCredentialsAction();

    final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<>();
    idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());


    final AuthenticationManager authenticationManager = new PolicyBasedAuthenticationManager(
            Collections.<AuthenticationHandler, PrincipalResolver>singletonMap(
                    new PrincipalBearingCredentialsAuthenticationHandler(),
                    new PrincipalBearingPrincipalResolver()));

    final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl(
            new DefaultTicketRegistry(), null, authenticationManager, new DefaultUniqueTicketIdGenerator(),
            idGenerators, new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(),
            mock(ServicesManager.class), mock(LogoutManager.class));

    this.action.setCentralAuthenticationService(centralAuthenticationService);
}
 

@Before
public void setUp() throws Exception {
    this.action = new X509CertificateCredentialsNonInteractiveAction();
    final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<>();
    idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());


    final X509CredentialsAuthenticationHandler handler = new X509CredentialsAuthenticationHandler();
    handler.setTrustedIssuerDnPattern("CN=\\w+,DC=jasig,DC=org");

    final AuthenticationManager authenticationManager = new PolicyBasedAuthenticationManager(
            Collections.<AuthenticationHandler, PrincipalResolver>singletonMap(
                    handler, new X509SerialNumberPrincipalResolver()));

    final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl(
            new DefaultTicketRegistry(), null, authenticationManager, new DefaultUniqueTicketIdGenerator(),
            idGenerators, new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(),
            mock(ServicesManager.class), mock(LogoutManager.class));

    this.action.setCentralAuthenticationService(centralAuthenticationService);
    this.action.afterPropertiesSet();
}
 

/**
 * Build the central authentication service implementation.
 *
 * @param ticketRegistry the tickets registry.
 * @param serviceTicketRegistry the service tickets registry.
 * @param authenticationManager the authentication manager.
 * @param ticketGrantingTicketUniqueTicketIdGenerator the TGT id generator.
 * @param uniqueTicketIdGeneratorsForService the map with service and ticket id generators.
 * @param ticketGrantingTicketExpirationPolicy the TGT expiration policy.
 * @param serviceTicketExpirationPolicy the service ticket expiration policy.
 * @param servicesManager the services manager.
 * @param logoutManager the logout manager.
 */
public CentralAuthenticationServiceImpl(final TicketRegistry ticketRegistry,
                                        final TicketRegistry serviceTicketRegistry,
                                        final AuthenticationManager authenticationManager,
                                        final UniqueTicketIdGenerator ticketGrantingTicketUniqueTicketIdGenerator,
                                        final Map<String, UniqueTicketIdGenerator> uniqueTicketIdGeneratorsForService,
                                        final ExpirationPolicy ticketGrantingTicketExpirationPolicy,
                                        final ExpirationPolicy serviceTicketExpirationPolicy,
                                        final ServicesManager servicesManager,
                                        final LogoutManager logoutManager) {
    this.ticketRegistry = ticketRegistry;
    if (serviceTicketRegistry == null) {
        this.serviceTicketRegistry = ticketRegistry;
    } else {
        this.serviceTicketRegistry = serviceTicketRegistry;
    }
    this.authenticationManager = authenticationManager;
    this.ticketGrantingTicketUniqueTicketIdGenerator = ticketGrantingTicketUniqueTicketIdGenerator;
    this.uniqueTicketIdGeneratorsForService = uniqueTicketIdGeneratorsForService;
    this.ticketGrantingTicketExpirationPolicy = ticketGrantingTicketExpirationPolicy;
    this.serviceTicketExpirationPolicy = serviceTicketExpirationPolicy;
    this.servicesManager = servicesManager;
    this.logoutManager = logoutManager;
}
 

@Before
public void setUp() throws Exception {
    this.action = new PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction();

    final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<String, UniqueTicketIdGenerator>();
    idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());


    final AuthenticationManager authenticationManager = new PolicyBasedAuthenticationManager(
            Collections.<AuthenticationHandler, PrincipalResolver>singletonMap(
                    new PrincipalBearingCredentialsAuthenticationHandler(),
                    new PrincipalBearingPrincipalResolver()));
    final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl(
            new DefaultTicketRegistry(), null, authenticationManager, new DefaultUniqueTicketIdGenerator(),
            idGenerators, new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(),
            mock(ServicesManager.class), mock(LogoutManager.class));
    this.action.setCentralAuthenticationService(centralAuthenticationService);
}
 

@Before
public void setUp() throws Exception {
    this.action = new PrincipalFromRequestUserPrincipalNonInteractiveCredentialsAction();

    final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<String, UniqueTicketIdGenerator>();
    idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());


    final AuthenticationManager authenticationManager = new PolicyBasedAuthenticationManager(
            Collections.<AuthenticationHandler, PrincipalResolver>singletonMap(
                    new PrincipalBearingCredentialsAuthenticationHandler(),
                    new PrincipalBearingPrincipalResolver()));

    final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl(
            new DefaultTicketRegistry(), null, authenticationManager, new DefaultUniqueTicketIdGenerator(),
            idGenerators, new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(),
            mock(ServicesManager.class), mock(LogoutManager.class));

    this.action.setCentralAuthenticationService(centralAuthenticationService);
}
 

@Before
public void setUp() throws Exception {
    this.action = new X509CertificateCredentialsNonInteractiveAction();
    final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<String, UniqueTicketIdGenerator>();
    idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());


    final X509CredentialsAuthenticationHandler handler = new X509CredentialsAuthenticationHandler();
    handler.setTrustedIssuerDnPattern("CN=\\w+,DC=jasig,DC=org");

    final AuthenticationManager authenticationManager = new PolicyBasedAuthenticationManager(
            Collections.<AuthenticationHandler, PrincipalResolver>singletonMap(
                    handler, new X509SerialNumberPrincipalResolver()));

    final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl(
            new DefaultTicketRegistry(), null, authenticationManager, new DefaultUniqueTicketIdGenerator(),
            idGenerators, new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(),
            mock(ServicesManager.class), mock(LogoutManager.class));

    this.action.setCentralAuthenticationService(centralAuthenticationService);
    this.action.afterPropertiesSet();
}
 

@Override
public RegistryCleaner getNewRegistryCleaner(final TicketRegistry ticketRegistry) {
    this.centralAuthenticationService = new CentralAuthenticationServiceImpl(this.ticketRegistry, this.ticketRegistry,
            mock(AuthenticationManager.class), mock(UniqueTicketIdGenerator.class), Collections.EMPTY_MAP,
            new NeverExpiresExpirationPolicy(), new NeverExpiresExpirationPolicy(), mock(ServicesManager.class),
            mock(LogoutManager.class));

    return new DefaultTicketRegistryCleaner(this.centralAuthenticationService, this.ticketRegistry);
}
 

@Before
public void prepareNewCAS() {
    this.authentication = mock(Authentication.class);
    when(this.authentication.getAuthenticationDate()).thenReturn(new Date());
    final CredentialMetaData metadata = new BasicCredentialMetaData(TestUtils.getCredentialsWithSameUsernameAndPassword("principal"));
    final Map<String, HandlerResult> successes = new HashMap<>();
    successes.put("handler1", new DefaultHandlerResult(mock(AuthenticationHandler.class), metadata));
    when(this.authentication.getCredentials()).thenReturn(Arrays.asList(metadata));
    when(this.authentication.getSuccesses()).thenReturn(successes);
    when(this.authentication.getPrincipal()).thenReturn(new DefaultPrincipalFactory().createPrincipal(PRINCIPAL));
     
    final Service service1 = TestUtils.getService(SVC1_ID);
    final ServiceTicket stMock = createMockServiceTicket(ST_ID, service1); 
    
    final TicketGrantingTicket tgtRootMock = createRootTicketGrantingTicket();
    
    final TicketGrantingTicket tgtMock = createMockTicketGrantingTicket(TGT_ID, stMock, false,
            tgtRootMock, new ArrayList<Authentication>());
    when(tgtMock.getProxiedBy()).thenReturn(TestUtils.getService("proxiedBy"));

    final List<Authentication> authnListMock = mock(List.class);
    //Size is required to be 2, so that we can simulate proxying capabilities
    when(authnListMock.size()).thenReturn(2);
    when(authnListMock.get(anyInt())).thenReturn(this.authentication);
    when(tgtMock.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock.getGrantingTicket()).thenReturn(tgtMock);
    
    final Service service2 = TestUtils.getService(SVC2_ID);
    final ServiceTicket stMock2 = createMockServiceTicket(ST2_ID, service2);
    
    final TicketGrantingTicket tgtMock2 = createMockTicketGrantingTicket(TGT2_ID, stMock2, false, tgtRootMock, authnListMock);        
    
    //Mock TicketRegistry
    this.ticketRegMock = mock(TicketRegistry.class);
    when(ticketRegMock.getTicket(eq(tgtMock.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock);
    when(ticketRegMock.getTicket(eq(tgtMock2.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock2);
    when(ticketRegMock.getTicket(eq(stMock.getId()), eq(ServiceTicket.class))).thenReturn(stMock);
    when(ticketRegMock.getTicket(eq(stMock2.getId()), eq(ServiceTicket.class))).thenReturn(stMock2);
    when(ticketRegMock.getTickets()).thenReturn(Arrays.asList(tgtMock, tgtMock2, stMock, stMock2));

    //Mock ServicesManager
    final RegisteredService mockRegSvc1 = createMockRegisteredService(service1.getId(), true, getServiceProxyPolicy(false));
    final RegisteredService mockRegSvc2 = createMockRegisteredService("test", false, getServiceProxyPolicy(true)); 
    final RegisteredService mockRegSvc3 = createMockRegisteredService(service2.getId(), true, getServiceProxyPolicy(true)); 
    
    final ServicesManager smMock = mock(ServicesManager.class);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(service1.getId())))).thenReturn(mockRegSvc1);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher("test")))).thenReturn(mockRegSvc2);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(service2.getId())))).thenReturn(mockRegSvc3);
    
    final Map ticketIdGenForServiceMock = mock(Map.class);
    when(ticketIdGenForServiceMock.containsKey(any())).thenReturn(true);
    when(ticketIdGenForServiceMock.get(any())).thenReturn(new DefaultUniqueTicketIdGenerator());
    
    this.cas = new CentralAuthenticationServiceImpl(ticketRegMock, null, mock(AuthenticationManager.class),
            mock(UniqueTicketIdGenerator.class), ticketIdGenForServiceMock, mock(ExpirationPolicy.class),
            mock(ExpirationPolicy.class), smMock, mock(LogoutManager.class));
}
 

public AuthenticationManager getAuthenticationManager() {
    return this.authenticationManager;
}
 

@Before
public void prepareNewCAS() {
    this.authentication = mock(Authentication.class);
    when(this.authentication.getAuthenticatedDate()).thenReturn(new Date());
    final CredentialMetaData metadata = new BasicCredentialMetaData(TestUtils.getCredentialsWithSameUsernameAndPassword("principal"));
    final Map<String, HandlerResult> successes = new HashMap<String, HandlerResult>();
    successes.put("handler1", new HandlerResult(mock(AuthenticationHandler.class), metadata));
    when(this.authentication.getCredentials()).thenReturn(Arrays.asList(metadata));
    when(this.authentication.getSuccesses()).thenReturn(successes);
    when(this.authentication.getPrincipal()).thenReturn(new SimplePrincipal(PRINCIPAL));
    
    final ServiceTicket stMock = mock(ServiceTicket.class);
    when(stMock.getService()).thenReturn(TestUtils.getService());
    when(stMock.getId()).thenReturn(ST_ID);
    when(stMock.isValidFor(TestUtils.getService())).thenReturn(true);
    
    final TicketGrantingTicket tgtRootMock = mock(TicketGrantingTicket.class);
    when(tgtRootMock.isExpired()).thenReturn(false);
    when(tgtRootMock.getAuthentication()).thenReturn(this.authentication);
    
    final TicketGrantingTicket tgtMock = mock(TicketGrantingTicket.class);
    when(tgtMock.isExpired()).thenReturn(false);
    when(tgtMock.getId()).thenReturn(TGT_ID);
    when(tgtMock.grantServiceTicket(anyString(), argThat(new VerifyServiceByIdMatcher(TestUtils.getService().getId())),
            any(ExpirationPolicy.class), anyBoolean())).thenReturn(stMock);
    when(tgtMock.getRoot()).thenReturn(tgtRootMock);
            
    final List<Authentication> authnListMock = mock(List.class);
    //Size is required to be 2, so that we can simulate proxying capabilities
    when(authnListMock.size()).thenReturn(2);
    when(authnListMock.get(anyInt())).thenReturn(this.authentication);
    when(tgtMock.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock.getGrantingTicket()).thenReturn(tgtMock);
    
    final Service service2 = TestUtils.getService(SVC2_ID);
    final ServiceTicket stMock2 = mock(ServiceTicket.class);
    when(stMock2.getService()).thenReturn(service2);
    when(stMock2.getId()).thenReturn(ST2_ID);
    when(stMock2.isValidFor(service2)).thenReturn(true);
    
    final TicketGrantingTicket tgtMock2 = mock(TicketGrantingTicket.class);
    when(tgtMock2.isExpired()).thenReturn(false);
    when(tgtMock2.getId()).thenReturn(TGT2_ID);
    when(tgtMock2.grantServiceTicket(anyString(), argThat(new VerifyServiceByIdMatcher(service2.getId())),
            any(ExpirationPolicy.class), anyBoolean())).thenReturn(stMock2);
    when(tgtMock2.getRoot()).thenReturn(tgtRootMock);
    when(tgtMock2.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock2.getGrantingTicket()).thenReturn(tgtMock2);
    
    
    //Mock TicketRegistry
    final TicketRegistry ticketRegMock = mock(TicketRegistry.class);
    when(ticketRegMock.getTicket(eq(tgtMock.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock);
    when(ticketRegMock.getTicket(eq(tgtMock2.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock2);
    when(ticketRegMock.getTicket(eq(stMock.getId()), eq(ServiceTicket.class))).thenReturn(stMock);
    when(ticketRegMock.getTicket(eq(stMock2.getId()), eq(ServiceTicket.class))).thenReturn(stMock2);
    
    //Mock ServicesManager
    final RegisteredService mockRegSvc1 = mock(RegisteredService.class);
    when(mockRegSvc1.getServiceId()).thenReturn(SVC1_ID);
    when(mockRegSvc1.isEnabled()).thenReturn(true);
    when(mockRegSvc1.isAllowedToProxy()).thenReturn(false);
    when(mockRegSvc1.getName()).thenReturn(SVC1_ID);

    final RegisteredService mockRegSvc2 = mock(RegisteredService.class);
    when(mockRegSvc2.getServiceId()).thenReturn("test");
    when(mockRegSvc2.isEnabled()).thenReturn(false);
    when(mockRegSvc2.getName()).thenReturn("test");

    final RegisteredService mockRegSvc3 = mock(RegisteredService.class);
    when(mockRegSvc3.getServiceId()).thenReturn(service2.getId());
    when(mockRegSvc3.isEnabled()).thenReturn(true);
    when(mockRegSvc3.isAllowedToProxy()).thenReturn(true);
    when(mockRegSvc3.getName()).thenReturn(service2.getId());
    when(mockRegSvc3.matches(argThat(new VerifyServiceByIdMatcher(service2.getId())))).thenReturn(true);
    
    final ServicesManager smMock = mock(ServicesManager.class);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(SVC1_ID)))).thenReturn(mockRegSvc1);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher("test")))).thenReturn(mockRegSvc2);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(SVC2_ID)))).thenReturn(mockRegSvc3);
    
    final Map ticketIdGenForServiceMock = mock(Map.class);
    when(ticketIdGenForServiceMock.containsKey(any())).thenReturn(true);
    when(ticketIdGenForServiceMock.get(any())).thenReturn(new DefaultUniqueTicketIdGenerator());
    
    this.cas = new CentralAuthenticationServiceImpl(ticketRegMock, null, mock(AuthenticationManager.class),
            mock(UniqueTicketIdGenerator.class), ticketIdGenForServiceMock, mock(ExpirationPolicy.class),
            mock(ExpirationPolicy.class), smMock, mock(LogoutManager.class));
}
 

public AuthenticationManager getAuthenticationManager() {
    return this.authenticationManager;
}
 

public void setAuthenticationManager(final AuthenticationManager manager) {
    this.authenticationManager = manager;
}
 

/**
 * Authentication manager instance to authenticate the user by its configured
 * handlers as the first leg of an multifactor authentication sequence.
 *
 * @param manager the new multifactor authentication manager
 */
public final void setMultiFactorAuthenticationManager(final AuthenticationManager manager) {
    this.authenticationManager = manager;
}