Package org.apereo.cas.configuration.model.support.spnego

Class SpnegoProperties

java.lang.Object
org.apereo.cas.configuration.model.support.spnego.SpnegoProperties
All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-support-spnego-webflow") public class SpnegoProperties extends Object implements Serializable
This is SpnegoProperties.
Since:
5.0.0
See Also:

  • Constructor Details

    • SpnegoProperties

      public SpnegoProperties()

  • Method Details

    • getSystem

      public SpnegoSystemProperties getSystem()
      Spnego settings that apply as system properties.

    • getProperties

      public List<SpnegoAuthenticationProperties> getProperties()
      Individual authentication settings for spengo that are grouped and fed to the spnego authentication object to form a collection.

    • isPrincipalWithDomainName

      public boolean isPrincipalWithDomainName()
      If specified, will create the principal by ths name on successful authentication.

    • isNtlmAllowed

      public boolean isNtlmAllowed()
      Allows authentication if spnego credential is marked as NTLM.

    • isSend401OnAuthenticationFailure

      public boolean isSend401OnAuthenticationFailure()
      If the authenticated principal cannot be determined from the spegno credential, will set the http status code to 401.

    • getHostNameClientActionStrategy

      public String getHostNameClientActionStrategy()
      The bean id of a webflow action whose job is to evaluate the client host to see if the request is authorized for spnego. Supported strategies include hostnameSpnegoClientAction where CAS checks to see if the request’s remote hostname matches a predefine pattern. and ldapSpnegoClientAction where CAS checks an LDAP instance for the remote hostname, to locate a pre-defined attribute whose mere existence would allow the webflow to resume to SPNEGO.

    • getLdap

      public SpnegoLdapProperties getLdap()
      LDAP settings for spnego to validate clients, etc.

    • getDnsTimeout

      public String getDnsTimeout()
      When validating clients, specifies the DNS timeout used to look up an address.

    • getHostNamePatternString

      public String getHostNamePatternString()
      A regex pattern that indicates whether the client host name is allowed for spnego.

    • getIpsToCheckPattern

      public String getIpsToCheckPattern()
      A regex pattern that indicates whether the client IP is allowed for spnego.

    • getAlternativeRemoteHostAttribute

      public String getAlternativeRemoteHostAttribute()
      Alternative header name to use in order to find the host address.

    • getSpnegoAttributeName

      public String getSpnegoAttributeName()
      In case LDAP is used to validate clients, this is the attribute that indicates the host.

    • isMixedModeAuthentication

      public boolean isMixedModeAuthentication()
      If true, does not terminate authentication and allows CAS to resume and fallback to normal authentication means such as uid/psw via the login page. If disallowed, considers spnego authentication to be final in the event of failures.

    • getSupportedBrowsers

      public String getSupportedBrowsers()
      Begins negotiating spnego if the user-agent is one of the supported browsers.

    • getPrincipalTransformation

      public PrincipalTransformationProperties getPrincipalTransformation()
      This is principal transformation properties.

    • getPrincipal

      public PersonDirectoryPrincipalResolverProperties getPrincipal()
      Password encoding settings for this authentication.

    • getName

      public String getName()
      Name of the authentication handler.

    • getOrder

      public int getOrder()
      The order of the authentication handler in the chain.

    • getWebflow

      public WebflowAutoConfigurationProperties getWebflow()
      The webflow configuration.

    • getPoolSize

      public int getPoolSize()
      The size of the pool used to validate SPNEGO tokens. A pool is used to provider better performance than what was previously offered by the simple Lombok Synchronized annotation.

    • getPoolTimeout

      public String getPoolTimeout()
      The timeout of the pool used to validate SPNEGO tokens.

    • setPrincipalWithDomainName

      public SpnegoProperties setPrincipalWithDomainName(boolean principalWithDomainName)
      If specified, will create the principal by ths name on successful authentication.
      Returns:
      this.

    • setNtlmAllowed

      public SpnegoProperties setNtlmAllowed(boolean ntlmAllowed)
      Allows authentication if spnego credential is marked as NTLM.
      Returns:
      this.

    • setSend401OnAuthenticationFailure

      public SpnegoProperties setSend401OnAuthenticationFailure(boolean send401OnAuthenticationFailure)
      If the authenticated principal cannot be determined from the spegno credential, will set the http status code to 401.
      Returns:
      this.

    • setHostNameClientActionStrategy

      public SpnegoProperties setHostNameClientActionStrategy(String hostNameClientActionStrategy)
      The bean id of a webflow action whose job is to evaluate the client host to see if the request is authorized for spnego. Supported strategies include hostnameSpnegoClientAction where CAS checks to see if the request’s remote hostname matches a predefine pattern. and ldapSpnegoClientAction where CAS checks an LDAP instance for the remote hostname, to locate a pre-defined attribute whose mere existence would allow the webflow to resume to SPNEGO.
      Returns:
      this.

    • setLdap

      public SpnegoProperties setLdap(SpnegoLdapProperties ldap)
      LDAP settings for spnego to validate clients, etc.
      Returns:
      this.

    • setDnsTimeout

      public SpnegoProperties setDnsTimeout(String dnsTimeout)
      When validating clients, specifies the DNS timeout used to look up an address.
      Returns:
      this.

    • setHostNamePatternString

      public SpnegoProperties setHostNamePatternString(String hostNamePatternString)
      A regex pattern that indicates whether the client host name is allowed for spnego.
      Returns:
      this.

    • setIpsToCheckPattern

      public SpnegoProperties setIpsToCheckPattern(String ipsToCheckPattern)
      A regex pattern that indicates whether the client IP is allowed for spnego.
      Returns:
      this.

    • setAlternativeRemoteHostAttribute

      public SpnegoProperties setAlternativeRemoteHostAttribute(String alternativeRemoteHostAttribute)
      Alternative header name to use in order to find the host address.
      Returns:
      this.

    • setSpnegoAttributeName

      public SpnegoProperties setSpnegoAttributeName(String spnegoAttributeName)
      In case LDAP is used to validate clients, this is the attribute that indicates the host.
      Returns:
      this.

    • setMixedModeAuthentication

      public SpnegoProperties setMixedModeAuthentication(boolean mixedModeAuthentication)
      If true, does not terminate authentication and allows CAS to resume and fallback to normal authentication means such as uid/psw via the login page. If disallowed, considers spnego authentication to be final in the event of failures.
      Returns:
      this.

    • setSupportedBrowsers

      public SpnegoProperties setSupportedBrowsers(String supportedBrowsers)
      Begins negotiating spnego if the user-agent is one of the supported browsers.
      Returns:
      this.

    • setPrincipalTransformation

      public SpnegoProperties setPrincipalTransformation(PrincipalTransformationProperties principalTransformation)
      This is principal transformation properties.
      Returns:
      this.

    • setPrincipal

      public SpnegoProperties setPrincipal(PersonDirectoryPrincipalResolverProperties principal)
      Password encoding settings for this authentication.
      Returns:
      this.

    • setName

      public SpnegoProperties setName(String name)
      Name of the authentication handler.
      Returns:
      this.

    • setOrder

      public SpnegoProperties setOrder(int order)
      The order of the authentication handler in the chain.
      Returns:
      this.

    • setWebflow

      public SpnegoProperties setWebflow(WebflowAutoConfigurationProperties webflow)
      The webflow configuration.
      Returns:
      this.

    • setPoolSize

      public SpnegoProperties setPoolSize(int poolSize)
      The size of the pool used to validate SPNEGO tokens. A pool is used to provider better performance than what was previously offered by the simple Lombok Synchronized annotation.
      Returns:
      this.

    • setPoolTimeout

      public SpnegoProperties setPoolTimeout(String poolTimeout)
      The timeout of the pool used to validate SPNEGO tokens.
      Returns:
      this.