Class AuthenticationPolicyProperties
java.lang.Object
org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-core-authentication",
automated=true)
public class AuthenticationPolicyProperties
extends Object
implements Serializable
Configuration properties class for cas.authn.policy.
- Since:
- 5.0.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptiongetAll()
Satisfied if and only if all given credentials are successfully authenticated.Satisfied if and only if all given authn handlers are successfully authenticated.getAny()
Satisfied if any authentication handler succeeds.Execute a groovy script to detect authentication policy.Satisfied if an only if the authentication event is not blocked by aPreventedException
.getReq()
Satisfied if an only if a specified handler successfully authenticates its credential.Satisfied if an only if the authentication contains the required attributes.getRest()
Execute a rest endpoint to detect authentication policy.Satisfied if an only if the principal has not already authenticated and does not have an sso session with CAS.boolean
Global authentication policy that is applied when CAS attempts to vend and validate tickets.boolean
If true, allows CAS to select authentication handlers based on the credential source.Satisfied if and only if all given credentials are successfully authenticated.setAllHandlers
(AllHandlersAuthenticationPolicyProperties allHandlers) Satisfied if and only if all given authn handlers are successfully authenticated.Satisfied if any authentication handler succeeds.Execute a groovy script to detect authentication policy.setNotPrevented
(NotPreventedAuthenticationPolicyProperties notPrevented) Satisfied if an only if the authentication event is not blocked by aPreventedException
.Satisfied if an only if a specified handler successfully authenticates its credential.setRequiredAttributes
(RequiredAttributesAuthenticationPolicyProperties requiredAttributes) Satisfied if an only if the authentication contains the required attributes.setRequiredHandlerAuthenticationPolicyEnabled
(boolean requiredHandlerAuthenticationPolicyEnabled) Global authentication policy that is applied when CAS attempts to vend and validate tickets.Execute a rest endpoint to detect authentication policy.setSourceSelectionEnabled
(boolean sourceSelectionEnabled) If true, allows CAS to select authentication handlers based on the credential source.setUniquePrincipal
(UniquePrincipalAuthenticationPolicyProperties uniquePrincipal) Satisfied if an only if the principal has not already authenticated and does not have an sso session with CAS.
-
Constructor Details
-
AuthenticationPolicyProperties
public AuthenticationPolicyProperties()
-
-
Method Details
-
isRequiredHandlerAuthenticationPolicyEnabled
public boolean isRequiredHandlerAuthenticationPolicyEnabled()Global authentication policy that is applied when CAS attempts to vend and validate tickets. Checks to make sure a particular authentication handler has successfully executed and validated credentials. Required handlers are defined per registered service. -
isSourceSelectionEnabled
public boolean isSourceSelectionEnabled()If true, allows CAS to select authentication handlers based on the credential source. This allows the authentication engine to restrict the task of validating credentials to the selected source or account repository, as opposed to every authentication handler registered with CAS at runtime. -
getAny
Satisfied if any authentication handler succeeds. Allows options to avoid short circuiting and try every handler even if one prior succeeded. -
getReq
Satisfied if an only if a specified handler successfully authenticates its credential. -
getAll
Satisfied if and only if all given credentials are successfully authenticated. Support for multiple credentials is new in CAS and this handler would only be acceptable in a multi-factor authentication situation. -
getAllHandlers
Satisfied if and only if all given authn handlers are successfully authenticated. -
getGroovy
Execute a groovy script to detect authentication policy. -
getRest
Execute a rest endpoint to detect authentication policy. -
getNotPrevented
Satisfied if an only if the authentication event is not blocked by aPreventedException
. -
getUniquePrincipal
Satisfied if an only if the principal has not already authenticated and does not have an sso session with CAS. Otherwise, prevents the user from logging in more than once. Note that this policy adds an extra burden to the ticket store/registry as CAS needs to query all relevant tickets found in the registry to cross-check the requesting username with existing tickets. -
getRequiredAttributes
Satisfied if an only if the authentication contains the required attributes. -
setRequiredHandlerAuthenticationPolicyEnabled
public AuthenticationPolicyProperties setRequiredHandlerAuthenticationPolicyEnabled(boolean requiredHandlerAuthenticationPolicyEnabled) Global authentication policy that is applied when CAS attempts to vend and validate tickets. Checks to make sure a particular authentication handler has successfully executed and validated credentials. Required handlers are defined per registered service.- Returns:
this
.
-
setSourceSelectionEnabled
If true, allows CAS to select authentication handlers based on the credential source. This allows the authentication engine to restrict the task of validating credentials to the selected source or account repository, as opposed to every authentication handler registered with CAS at runtime.- Returns:
this
.
-
setAny
Satisfied if any authentication handler succeeds. Allows options to avoid short circuiting and try every handler even if one prior succeeded.- Returns:
this
.
-
setReq
public AuthenticationPolicyProperties setReq(RequiredAuthenticationHandlerAuthenticationPolicyProperties req) Satisfied if an only if a specified handler successfully authenticates its credential.- Returns:
this
.
-
setAll
Satisfied if and only if all given credentials are successfully authenticated. Support for multiple credentials is new in CAS and this handler would only be acceptable in a multi-factor authentication situation.- Returns:
this
.
-
setAllHandlers
public AuthenticationPolicyProperties setAllHandlers(AllHandlersAuthenticationPolicyProperties allHandlers) Satisfied if and only if all given authn handlers are successfully authenticated.- Returns:
this
.
-
setGroovy
Execute a groovy script to detect authentication policy.- Returns:
this
.
-
setRest
Execute a rest endpoint to detect authentication policy.- Returns:
this
.
-
setNotPrevented
public AuthenticationPolicyProperties setNotPrevented(NotPreventedAuthenticationPolicyProperties notPrevented) Satisfied if an only if the authentication event is not blocked by aPreventedException
.- Returns:
this
.
-
setUniquePrincipal
public AuthenticationPolicyProperties setUniquePrincipal(UniquePrincipalAuthenticationPolicyProperties uniquePrincipal) Satisfied if an only if the principal has not already authenticated and does not have an sso session with CAS. Otherwise, prevents the user from logging in more than once. Note that this policy adds an extra burden to the ticket store/registry as CAS needs to query all relevant tickets found in the registry to cross-check the requesting username with existing tickets.- Returns:
this
.
-
setRequiredAttributes
public AuthenticationPolicyProperties setRequiredAttributes(RequiredAttributesAuthenticationPolicyProperties requiredAttributes) Satisfied if an only if the authentication contains the required attributes.- Returns:
this
.
-