Class PrincipalAttributesProperties
- All Implemented Interfaces:
Serializable
PrincipalAttributesProperties
.
Attribute sources are defined and configured to describe the global set of attributes to be fetched for each authenticated principal.
That global set of attributes is then filtered by the service manager according to service-specific attribute release rules.
The goal of the resolver is to construct a final identifiable authenticated principal for CAS
which carries a number of attributes inside it.
The behavior of the resolver is such that it attempts to locate the principal id, which in most cases is the same thing as the credential id provided during authentication or it could be noted by a custom attribute. Then the resolver starts to construct attributes from attribute repositories defined. If it realizes that a custom attribute is used to determine the principal id AND the same attribute is also set to be collected into the final set of attributes, it will then remove that attribute from the final collection.
Note that by default, CAS auto-creates attribute repository sources that are appropriate for LDAP, JDBC, etc. If you need something more, you will need to resort to more elaborate measures of defining the bean configuration.- Since:
- 5.0.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionReference to the attribute definition store that contains metadata about attributes and their encoding specifics.Retrieve attributes from multiple Microsoft Graph instances.getCore()
Attribute resolution core/common settings.Retrieve attributes from multiple Groovy scripts.Use Grouper to fetch principal attributes.getJdbc()
Retrieve attributes from multiple JDBC repositories.getJson()
Retrieve attributes from multiple JSON file repositories.getLdap()
Retrieve attributes from multiple LDAP servers.getOkta()
Fetch user attributes from Okta.getRedis()
Retrieve attributes from redis repositories.getRest()
Retrieve attributes from multiple REST endpoints.getStub()
Use stubbed attribute definitions as the underlying attribute repository source.Fetch user attributes from Apache Syncope.setAttributeDefinitionStore
(AttributeDefinitionStoreProperties attributeDefinitionStore) Reference to the attribute definition store that contains metadata about attributes and their encoding specifics.setAzureActiveDirectory
(List<AzureActiveDirectoryAttributesProperties> azureActiveDirectory) Retrieve attributes from multiple Microsoft Graph instances.Attribute resolution core/common settings.Retrieve attributes from multiple Groovy scripts.Use Grouper to fetch principal attributes.Retrieve attributes from multiple JDBC repositories.Retrieve attributes from multiple JSON file repositories.Retrieve attributes from multiple LDAP servers.Fetch user attributes from Okta.Retrieve attributes from redis repositories.Retrieve attributes from multiple REST endpoints.Use stubbed attribute definitions as the underlying attribute repository source.Fetch user attributes from Apache Syncope.
-
Constructor Details
-
PrincipalAttributesProperties
public PrincipalAttributesProperties()
-
-
Method Details
-
getCore
Attribute resolution core/common settings. -
getJdbc
Retrieve attributes from multiple JDBC repositories. -
getAzureActiveDirectory
Retrieve attributes from multiple Microsoft Graph instances. -
getRest
Retrieve attributes from multiple REST endpoints. -
getGroovy
Retrieve attributes from multiple Groovy scripts. -
getLdap
Retrieve attributes from multiple LDAP servers. -
getJson
Retrieve attributes from multiple JSON file repositories. -
getRedis
Retrieve attributes from redis repositories. -
getStub
Use stubbed attribute definitions as the underlying attribute repository source. Static attributes that need to be mapped to a hardcoded value belong here. -
getGrouper
Use Grouper to fetch principal attributes. You will also need to ensuregrouper.client.properties
is available on the classpath (i.e.src/main/resources
) and it contains the following:grouperClient.webService.url = http://192.168.99.100:32768/grouper-ws/servicesRest
grouperClient.webService.login = banderson
grouperClient.webService.password = password
-
getAttributeDefinitionStore
Reference to the attribute definition store that contains metadata about attributes and their encoding specifics. -
getOkta
Fetch user attributes from Okta. -
getSyncope
Fetch user attributes from Apache Syncope. -
setCore
Attribute resolution core/common settings.- Returns:
this
.
-
setJdbc
Retrieve attributes from multiple JDBC repositories.- Returns:
this
.
-
setAzureActiveDirectory
public PrincipalAttributesProperties setAzureActiveDirectory(List<AzureActiveDirectoryAttributesProperties> azureActiveDirectory) Retrieve attributes from multiple Microsoft Graph instances.- Returns:
this
.
-
setRest
Retrieve attributes from multiple REST endpoints.- Returns:
this
.
-
setGroovy
Retrieve attributes from multiple Groovy scripts.- Returns:
this
.
-
setLdap
Retrieve attributes from multiple LDAP servers.- Returns:
this
.
-
setJson
Retrieve attributes from multiple JSON file repositories.- Returns:
this
.
-
setRedis
Retrieve attributes from redis repositories.- Returns:
this
.
-
setStub
Use stubbed attribute definitions as the underlying attribute repository source. Static attributes that need to be mapped to a hardcoded value belong here.- Returns:
this
.
-
setGrouper
Use Grouper to fetch principal attributes. You will also need to ensuregrouper.client.properties
is available on the classpath (i.e.src/main/resources
) and it contains the following:grouperClient.webService.url = http://192.168.99.100:32768/grouper-ws/servicesRest
grouperClient.webService.login = banderson
grouperClient.webService.password = password
- Returns:
this
.
-
setAttributeDefinitionStore
public PrincipalAttributesProperties setAttributeDefinitionStore(AttributeDefinitionStoreProperties attributeDefinitionStore) Reference to the attribute definition store that contains metadata about attributes and their encoding specifics.- Returns:
this
.
-
setOkta
Fetch user attributes from Okta.- Returns:
this
.
-
setSyncope
Fetch user attributes from Apache Syncope.- Returns:
this
.
-