Class DefaultCasProtocolAttributeEncoder
java.lang.Object
org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder
org.apereo.cas.authentication.support.DefaultCasProtocolAttributeEncoder
- All Implemented Interfaces:
org.apereo.cas.authentication.ProtocolAttributeEncoder
The default implementation of the attribute
encoder that will use a per-service key-pair
to encrypt the credential password and PGT
when available. All other attributes remain in
place.
- Since:
- 4.1
-
Field Summary
Fields inherited from class org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder
servicesManager
Fields inherited from interface org.apereo.cas.authentication.ProtocolAttributeEncoder
ENCODED_ATTRIBUTE_PREFIX, LOGGER
-
Constructor Summary
ConstructorDescriptionDefaultCasProtocolAttributeEncoder
(org.apereo.cas.services.ServicesManager servicesManager, org.apereo.cas.services.RegisteredServiceCipherExecutor cipherExecutor, org.apereo.cas.util.crypto.CipherExecutor<String, String> cacheCredentialCipherExecutor) Instantiates a new Default cas attribute encoder.DefaultCasProtocolAttributeEncoder
(org.apereo.cas.services.ServicesManager servicesManager, org.apereo.cas.util.crypto.CipherExecutor<String, String> cacheCredentialCipherExecutor) Instantiates a new Default cas attribute encoder. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
encodeAndEncryptCredentialPassword
(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService) Encode and encrypt credential password using the public key supplied by the service.protected void
encodeAndEncryptProxyGrantingTicket
(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService) Encode and encrypt pgt.protected void
encodeAttributesInternal
(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService, org.apereo.cas.authentication.principal.WebApplicationService webApplicationService) Initialize the cipher with the public key and then start to encrypt select attributes.protected void
encryptAndEncodeAndPutIntoAttributesMap
(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, String cachedAttributeName, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService) Encrypt, encode and put the attribute into attributes map.Methods inherited from class org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder
encodeAttributes, initialize
-
Constructor Details
-
DefaultCasProtocolAttributeEncoder
public DefaultCasProtocolAttributeEncoder(org.apereo.cas.services.ServicesManager servicesManager, org.apereo.cas.util.crypto.CipherExecutor<String, String> cacheCredentialCipherExecutor) Instantiates a new Default cas attribute encoder.- Parameters:
servicesManager
- the services managercacheCredentialCipherExecutor
- the cache credential cipher executor
-
DefaultCasProtocolAttributeEncoder
public DefaultCasProtocolAttributeEncoder(org.apereo.cas.services.ServicesManager servicesManager, org.apereo.cas.services.RegisteredServiceCipherExecutor cipherExecutor, org.apereo.cas.util.crypto.CipherExecutor<String, String> cacheCredentialCipherExecutor) Instantiates a new Default cas attribute encoder.- Parameters:
servicesManager
- the services managercipherExecutor
- the cipher executorcacheCredentialCipherExecutor
- the cache credential cipher executor
-
-
Method Details
-
encodeAndEncryptCredentialPassword
protected void encodeAndEncryptCredentialPassword(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService) Encode and encrypt credential password using the public key supplied by the service. The result is base64 encoded and put into the attributes collection again, overwriting the previous value.- Parameters:
attributes
- the attributescachedAttributesToEncode
- the cached attributes to encodecipher
- the cipherregisteredService
- the registered service
-
encodeAndEncryptProxyGrantingTicket
protected void encodeAndEncryptProxyGrantingTicket(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService) Encode and encrypt pgt.- Parameters:
attributes
- the attributescachedAttributesToEncode
- the cached attributes to encodecipher
- the cipherregisteredService
- the registered service
-
encryptAndEncodeAndPutIntoAttributesMap
protected void encryptAndEncodeAndPutIntoAttributesMap(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, String cachedAttributeName, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService) Encrypt, encode and put the attribute into attributes map.- Parameters:
attributes
- the attributescachedAttributesToEncode
- the cached attributes to encodecachedAttributeName
- the cached attribute namecipher
- the cipherregisteredService
- the registered service
-
encodeAttributesInternal
protected void encodeAttributesInternal(Map<String, Object> attributes, Map<String, String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService, org.apereo.cas.authentication.principal.WebApplicationService webApplicationService) Description copied from class:AbstractProtocolAttributeEncoder
Initialize the cipher with the public key and then start to encrypt select attributes.- Specified by:
encodeAttributesInternal
in classAbstractProtocolAttributeEncoder
- Parameters:
attributes
- the attributescachedAttributesToEncode
- the cached attributes to encodecipher
- the cipher object initialized per service public keyregisteredService
- the registered servicewebApplicationService
- the web application service
-