Class SpnegoProperties
java.lang.Object
org.apereo.cas.configuration.model.support.spnego.SpnegoProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-support-spnego-webflow")
public class SpnegoProperties
extends Object
implements Serializable
This is
SpnegoProperties
.- Since:
- 5.0.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionAlternative header name to use in order to find the host address.When validating clients, specifies the DNS timeout used to look up an address.The bean id of a webflow action whose job is to evaluate the client host to see if the request is authorized for spnego.A regex pattern that indicates whether the client host name is allowed for spnego.A regex pattern that indicates whether the client IP is allowed for spnego.getLdap()
LDAP settings for spnego to validate clients, etc.getName()
Name of the authentication handler.int
getOrder()
The order of the authentication handler in the chain.int
The size of the pool used to validate SPNEGO tokens.The timeout of the pool used to validate SPNEGO tokens.Password encoding settings for this authentication.This is principal transformation properties.Individual authentication settings for spengo that are grouped and fed to the spnego authentication object to form a collection.In case LDAP is used to validate clients, this is the attribute that indicates the host.Begins negotiating spnego if the user-agent is one of the supported browsers.Spnego settings that apply as system properties.The webflow configuration.boolean
If true, does not terminate authentication and allows CAS to resume and fallback to normal authentication means such as uid/psw via the login page.boolean
Allows authentication if spnego credential is marked as NTLM.boolean
If specified, will create the principal by ths name on successful authentication.boolean
If the authenticated principal cannot be determined from the spegno credential, will set the http status code to 401.setAlternativeRemoteHostAttribute
(String alternativeRemoteHostAttribute) Alternative header name to use in order to find the host address.setDnsTimeout
(String dnsTimeout) When validating clients, specifies the DNS timeout used to look up an address.setHostNameClientActionStrategy
(String hostNameClientActionStrategy) The bean id of a webflow action whose job is to evaluate the client host to see if the request is authorized for spnego.setHostNamePatternString
(String hostNamePatternString) A regex pattern that indicates whether the client host name is allowed for spnego.setIpsToCheckPattern
(String ipsToCheckPattern) A regex pattern that indicates whether the client IP is allowed for spnego.setLdap
(SpnegoLdapProperties ldap) LDAP settings for spnego to validate clients, etc.setMixedModeAuthentication
(boolean mixedModeAuthentication) If true, does not terminate authentication and allows CAS to resume and fallback to normal authentication means such as uid/psw via the login page.Name of the authentication handler.setNtlmAllowed
(boolean ntlmAllowed) Allows authentication if spnego credential is marked as NTLM.setOrder
(int order) The order of the authentication handler in the chain.setPoolSize
(int poolSize) The size of the pool used to validate SPNEGO tokens.setPoolTimeout
(String poolTimeout) The timeout of the pool used to validate SPNEGO tokens.Password encoding settings for this authentication.setPrincipalTransformation
(PrincipalTransformationProperties principalTransformation) This is principal transformation properties.setPrincipalWithDomainName
(boolean principalWithDomainName) If specified, will create the principal by ths name on successful authentication.setSend401OnAuthenticationFailure
(boolean send401OnAuthenticationFailure) If the authenticated principal cannot be determined from the spegno credential, will set the http status code to 401.setSpnegoAttributeName
(String spnegoAttributeName) In case LDAP is used to validate clients, this is the attribute that indicates the host.setSupportedBrowsers
(String supportedBrowsers) Begins negotiating spnego if the user-agent is one of the supported browsers.The webflow configuration.
-
Constructor Details
-
SpnegoProperties
public SpnegoProperties()
-
-
Method Details
-
getSystem
Spnego settings that apply as system properties. -
getProperties
Individual authentication settings for spengo that are grouped and fed to the spnego authentication object to form a collection. -
isPrincipalWithDomainName
public boolean isPrincipalWithDomainName()If specified, will create the principal by ths name on successful authentication. -
isNtlmAllowed
public boolean isNtlmAllowed()Allows authentication if spnego credential is marked as NTLM. -
isSend401OnAuthenticationFailure
public boolean isSend401OnAuthenticationFailure()If the authenticated principal cannot be determined from the spegno credential, will set the http status code to 401. -
getHostNameClientActionStrategy
The bean id of a webflow action whose job is to evaluate the client host to see if the request is authorized for spnego. Supported strategies includehostnameSpnegoClientAction
where CAS checks to see if the request’s remote hostname matches a predefine pattern. andldapSpnegoClientAction
where CAS checks an LDAP instance for the remote hostname, to locate a pre-defined attribute whose mere existence would allow the webflow to resume to SPNEGO. -
getLdap
LDAP settings for spnego to validate clients, etc. -
getDnsTimeout
When validating clients, specifies the DNS timeout used to look up an address. -
getHostNamePatternString
A regex pattern that indicates whether the client host name is allowed for spnego. -
getIpsToCheckPattern
A regex pattern that indicates whether the client IP is allowed for spnego. -
getAlternativeRemoteHostAttribute
Alternative header name to use in order to find the host address. -
getSpnegoAttributeName
In case LDAP is used to validate clients, this is the attribute that indicates the host. -
isMixedModeAuthentication
public boolean isMixedModeAuthentication()If true, does not terminate authentication and allows CAS to resume and fallback to normal authentication means such as uid/psw via the login page. If disallowed, considers spnego authentication to be final in the event of failures. -
getSupportedBrowsers
Begins negotiating spnego if the user-agent is one of the supported browsers. -
getPrincipalTransformation
This is principal transformation properties. -
getPrincipal
Password encoding settings for this authentication. -
getName
Name of the authentication handler. -
getOrder
public int getOrder()The order of the authentication handler in the chain. -
getWebflow
The webflow configuration. -
getPoolSize
public int getPoolSize()The size of the pool used to validate SPNEGO tokens. A pool is used to provider better performance than what was previously offered by the simple LombokSynchronized
annotation. -
getPoolTimeout
The timeout of the pool used to validate SPNEGO tokens. -
setPrincipalWithDomainName
If specified, will create the principal by ths name on successful authentication.- Returns:
this
.
-
setNtlmAllowed
Allows authentication if spnego credential is marked as NTLM.- Returns:
this
.
-
setSend401OnAuthenticationFailure
If the authenticated principal cannot be determined from the spegno credential, will set the http status code to 401.- Returns:
this
.
-
setHostNameClientActionStrategy
The bean id of a webflow action whose job is to evaluate the client host to see if the request is authorized for spnego. Supported strategies includehostnameSpnegoClientAction
where CAS checks to see if the request’s remote hostname matches a predefine pattern. andldapSpnegoClientAction
where CAS checks an LDAP instance for the remote hostname, to locate a pre-defined attribute whose mere existence would allow the webflow to resume to SPNEGO.- Returns:
this
.
-
setLdap
LDAP settings for spnego to validate clients, etc.- Returns:
this
.
-
setDnsTimeout
When validating clients, specifies the DNS timeout used to look up an address.- Returns:
this
.
-
setHostNamePatternString
A regex pattern that indicates whether the client host name is allowed for spnego.- Returns:
this
.
-
setIpsToCheckPattern
A regex pattern that indicates whether the client IP is allowed for spnego.- Returns:
this
.
-
setAlternativeRemoteHostAttribute
Alternative header name to use in order to find the host address.- Returns:
this
.
-
setSpnegoAttributeName
In case LDAP is used to validate clients, this is the attribute that indicates the host.- Returns:
this
.
-
setMixedModeAuthentication
If true, does not terminate authentication and allows CAS to resume and fallback to normal authentication means such as uid/psw via the login page. If disallowed, considers spnego authentication to be final in the event of failures.- Returns:
this
.
-
setSupportedBrowsers
Begins negotiating spnego if the user-agent is one of the supported browsers.- Returns:
this
.
-
setPrincipalTransformation
public SpnegoProperties setPrincipalTransformation(PrincipalTransformationProperties principalTransformation) This is principal transformation properties.- Returns:
this
.
-
setPrincipal
Password encoding settings for this authentication.- Returns:
this
.
-
setName
Name of the authentication handler.- Returns:
this
.
-
setOrder
The order of the authentication handler in the chain.- Returns:
this
.
-
setWebflow
The webflow configuration.- Returns:
this
.
-
setPoolSize
The size of the pool used to validate SPNEGO tokens. A pool is used to provider better performance than what was previously offered by the simple LombokSynchronized
annotation.- Returns:
this
.
-
setPoolTimeout
The timeout of the pool used to validate SPNEGO tokens.- Returns:
this
.
-