RemoteEndpointServiceAccessStrategy

java.lang.Object
- org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy
- - org.apereo.cas.services.RemoteEndpointServiceAccessStrategy

All Implemented Interfaces:

java.io.Serializable, RegisteredServiceAccessStrategy
```
public class RemoteEndpointServiceAccessStrategy
extends DefaultRegisteredServiceAccessStrategy
```
This is RemoteEndpointServiceAccessStrategy that reaches out to a remote endpoint, passing the CAS principal id to determine if access is allowed. If the status code returned in the final response is not accepted by the policy here, access shall be denied.

Since:

5.0.0

See Also:

Serialized Form

Constructor Summary

Constructors
Constructor and Description

RemoteEndpointServiceAccessStrategy()

Constructors
Constructor and Description
`RemoteEndpointServiceAccessStrategy()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`doPrincipalAttributesAllowServiceAccess(java.lang.String principal, java.util.Map<java.lang.String,java.lang.Object> principalAttributes)` Verify authorization policy by checking the pre-configured rules that may depend on what the principal might be carrying.
`boolean`	`equals(java.lang.Object obj)`
`java.lang.String`	`getAcceptableResponseCodes()`
`java.lang.String`	`getEndpointUrl()`
`int`	`hashCode()`
`void`	`setAcceptableResponseCodes(java.lang.String acceptableResponseCodes)`
`void`	`setEndpointUrl(java.lang.String endpointUrl)`
`java.lang.String`	`toString()`

Methods inherited from class org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy
enoughAttributesAvailableToProcess, getRejectedAttributes, getRequiredAttributes, getUnauthorizedRedirectUrl, isCaseInsensitive, isEnabled, isRequireAllAttributes, isServiceAccessAllowed, isServiceAccessAllowedForSso, isSsoEnabled, setCaseInsensitive, setEnabled, setRejectedAttributes, setRequireAllAttributes, setRequiredAttributes, setSsoEnabled, setUnauthorizedRedirectUrl

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - RemoteEndpointServiceAccessStrategy
```
public RemoteEndpointServiceAccessStrategy()
```
- Method Detail
  - doPrincipalAttributesAllowServiceAccess
```
public boolean doPrincipalAttributesAllowServiceAccess(java.lang.String principal,
                                                       java.util.Map<java.lang.String,java.lang.Object> principalAttributes)
```
    Description copied from class: DefaultRegisteredServiceAccessStrategy
    Verify authorization policy by checking the pre-configured rules that may depend on what the principal might be carrying. Verify presence of service required attributes.
    - If no rejected attributes are specified, authz is granted.
    - If no required attributes are specified, authz is granted.
    - If ALL attributes must be present, and the principal contains all and there is at least one attribute value that matches the rejected, authz is denied.
    - If ALL attributes must be present, and the principal contains all and there is at least one attribute value that matches the required, authz is granted.
    - If ALL attributes don't have to be present, and there is at least one principal attribute present whose value matches the rejected, authz is denied.
    - If ALL attributes don't have to be present, and there is at least one principal attribute present whose value matches the required, authz is granted.
    - Otherwise, access is denied
    Specified by:
    
    doPrincipalAttributesAllowServiceAccess in interface RegisteredServiceAccessStrategy
    
    Overrides:
    
    doPrincipalAttributesAllowServiceAccess in class DefaultRegisteredServiceAccessStrategy
    
    Parameters:
    
    principal - The authenticated principal
    
    principalAttributes - the principal attributes. Rather than passing the principal directly, we are only allowing principal attributes given they may be coming from a source external to the principal itself. (Cached principal attributes, etc)
    
    Returns:
    
    true/false if service access can be granted to principal
  - getEndpointUrl
```
public java.lang.String getEndpointUrl()
```
  - setEndpointUrl
```
public void setEndpointUrl(java.lang.String endpointUrl)
```
  - getAcceptableResponseCodes
```
public java.lang.String getAcceptableResponseCodes()
```
  - setAcceptableResponseCodes
```
public void setAcceptableResponseCodes(java.lang.String acceptableResponseCodes)
```
  - equals
```
public boolean equals(java.lang.Object obj)
```
    Overrides:
    
    equals in class DefaultRegisteredServiceAccessStrategy
  - hashCode
```
public int hashCode()
```
    Overrides:
    
    hashCode in class DefaultRegisteredServiceAccessStrategy
  - toString
```
public java.lang.String toString()
```
    Overrides:
    
    toString in class DefaultRegisteredServiceAccessStrategy

Class RemoteEndpointServiceAccessStrategy

Constructor Summary

Method Summary

Methods inherited from class org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy

Methods inherited from class java.lang.Object

Constructor Detail

RemoteEndpointServiceAccessStrategy

Method Detail

doPrincipalAttributesAllowServiceAccess

getEndpointUrl

setEndpointUrl

getAcceptableResponseCodes

setAcceptableResponseCodes

equals

hashCode

toString