Class PrincipalAttributesCoreProperties
java.lang.Object
org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-core-authentication",
automated=true)
public class PrincipalAttributesCoreProperties
extends Object
implements Serializable
This is
PrincipalAttributesCoreProperties
.- Since:
- 6.4.0
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
The aggregation strategy types.static enum
The merging strategy. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionIndicates how the results of multiple attribute repositories should be aggregated together.CAS provides the ability to release a bundle of principal attributes to all services by default.int
Indicates the global cache expiration period, once attributes are fetched from the underlying attribute repository.Expiration caching time unit for attributes.int
Indicates the global cache size used to store attributes retrieved from the attribute repository.Merging strategies can be used to resolve conflicts when the same attributes are found from multiple sources.boolean
Recover from LDAP exceptions and continue with partial results.boolean
In the event that multiple attribute repositories are defined, setting this option totrue
forces all repositories to produce a person object.boolean
Whenaggregation
is set toPrincipalAttributesCoreProperties.AggregationStrategyTypes.CASCADE
, this setting controls whether subsequent attribute repositories need to be contacted for person attributes, if the first attribute repository's query does not produce any results.Indicates how the results of multiple attribute repositories should be aggregated together.setDefaultAttributesToRelease
(Set<String> defaultAttributesToRelease) CAS provides the ability to release a bundle of principal attributes to all services by default.setExpirationTime
(int expirationTime) Indicates the global cache expiration period, once attributes are fetched from the underlying attribute repository.setExpirationTimeUnit
(String expirationTimeUnit) Expiration caching time unit for attributes.setMaximumCacheSize
(int maximumCacheSize) Indicates the global cache size used to store attributes retrieved from the attribute repository.Merging strategies can be used to resolve conflicts when the same attributes are found from multiple sources.setRecoverExceptions
(boolean recoverExceptions) Recover from LDAP exceptions and continue with partial results.setRequireAllRepositorySources
(boolean requireAllRepositorySources) In the event that multiple attribute repositories are defined, setting this option totrue
forces all repositories to produce a person object.setStopCascadingWhenNoInitialResults
(boolean stopCascadingWhenNoInitialResults) Whenaggregation
is set toPrincipalAttributesCoreProperties.AggregationStrategyTypes.CASCADE
, this setting controls whether subsequent attribute repositories need to be contacted for person attributes, if the first attribute repository's query does not produce any results.
-
Constructor Details
-
PrincipalAttributesCoreProperties
public PrincipalAttributesCoreProperties()
-
-
Method Details
-
getExpirationTime
public int getExpirationTime()Indicates the global cache expiration period, once attributes are fetched from the underlying attribute repository. A zero or negative value indicates that no attribute caching should take place where attributes must always be fetched from the source. -
getExpirationTimeUnit
Expiration caching time unit for attributes. -
getMaximumCacheSize
public int getMaximumCacheSize()Indicates the global cache size used to store attributes retrieved from the attribute repository. -
isRecoverExceptions
public boolean isRecoverExceptions()Recover from LDAP exceptions and continue with partial results. Otherwise, die and do not allow to log in. -
isStopCascadingWhenNoInitialResults
public boolean isStopCascadingWhenNoInitialResults()Whenaggregation
is set toPrincipalAttributesCoreProperties.AggregationStrategyTypes.CASCADE
, this setting controls whether subsequent attribute repositories need to be contacted for person attributes, if the first attribute repository's query does not produce any results. -
getMerger
Merging strategies can be used to resolve conflicts when the same attributes are found from multiple sources. A merging strategy is used to handle conflicts for both principal attributes as well as those that are captured by the authentication attempt. Conflicts arise when the multiple attribute sources or repositories produce the same attribute with the same name, or when there are multiple legs in an authentication flow that produce the same attribute as authentication metadata for each leg of the attempt (i.e. when going through MFA flows). -
getAggregation
Indicates how the results of multiple attribute repositories should be aggregated together. -
isRequireAllRepositorySources
public boolean isRequireAllRepositorySources()In the event that multiple attribute repositories are defined, setting this option totrue
forces all repositories to produce a person object. If any of the repositories fails to produce a person or person attributes, the resolution engine will halt to short-circuit the process, failing to resolve the person altogether. -
getDefaultAttributesToRelease
CAS provides the ability to release a bundle of principal attributes to all services by default. This bundle is not defined on a per-service basis and is always combined with attributes produced by the specific release policy of the service, such that for instance, you can devise rules to always releasegivenName
andcn
to every application, and additionally allow other specific principal attributes for only some applications per their attribute release policy. -
setExpirationTime
Indicates the global cache expiration period, once attributes are fetched from the underlying attribute repository. A zero or negative value indicates that no attribute caching should take place where attributes must always be fetched from the source.- Returns:
this
.
-
setExpirationTimeUnit
Expiration caching time unit for attributes.- Returns:
this
.
-
setMaximumCacheSize
Indicates the global cache size used to store attributes retrieved from the attribute repository.- Returns:
this
.
-
setRecoverExceptions
Recover from LDAP exceptions and continue with partial results. Otherwise, die and do not allow to log in.- Returns:
this
.
-
setStopCascadingWhenNoInitialResults
public PrincipalAttributesCoreProperties setStopCascadingWhenNoInitialResults(boolean stopCascadingWhenNoInitialResults) Whenaggregation
is set toPrincipalAttributesCoreProperties.AggregationStrategyTypes.CASCADE
, this setting controls whether subsequent attribute repositories need to be contacted for person attributes, if the first attribute repository's query does not produce any results.- Returns:
this
.
-
setMerger
public PrincipalAttributesCoreProperties setMerger(PrincipalAttributesCoreProperties.MergingStrategyTypes merger) Merging strategies can be used to resolve conflicts when the same attributes are found from multiple sources. A merging strategy is used to handle conflicts for both principal attributes as well as those that are captured by the authentication attempt. Conflicts arise when the multiple attribute sources or repositories produce the same attribute with the same name, or when there are multiple legs in an authentication flow that produce the same attribute as authentication metadata for each leg of the attempt (i.e. when going through MFA flows).- Returns:
this
.
-
setAggregation
public PrincipalAttributesCoreProperties setAggregation(PrincipalAttributesCoreProperties.AggregationStrategyTypes aggregation) Indicates how the results of multiple attribute repositories should be aggregated together.- Returns:
this
.
-
setRequireAllRepositorySources
public PrincipalAttributesCoreProperties setRequireAllRepositorySources(boolean requireAllRepositorySources) In the event that multiple attribute repositories are defined, setting this option totrue
forces all repositories to produce a person object. If any of the repositories fails to produce a person or person attributes, the resolution engine will halt to short-circuit the process, failing to resolve the person altogether.- Returns:
this
.
-
setDefaultAttributesToRelease
public PrincipalAttributesCoreProperties setDefaultAttributesToRelease(Set<String> defaultAttributesToRelease) CAS provides the ability to release a bundle of principal attributes to all services by default. This bundle is not defined on a per-service basis and is always combined with attributes produced by the specific release policy of the service, such that for instance, you can devise rules to always releasegivenName
andcn
to every application, and additionally allow other specific principal attributes for only some applications per their attribute release policy.- Returns:
this
.
-