See: Description
| Interface | Description |
|---|---|
| Authentication |
The Authentication object represents a successful authentication request.
|
| AuthenticationBuilder |
Constructs immutable
Authentication objects using the builder pattern. |
| AuthenticationContextValidator |
This is
AuthenticationContextValidator, which is responsible for evaluating an authentication
object to see whether it satisfied a requested authentication context. |
| AuthenticationEventExecutionPlan |
This is
AuthenticationEventExecutionPlan. |
| AuthenticationEventExecutionPlanConfigurer | |
| AuthenticationHandler |
An authentication handler authenticates a single credential.
|
| AuthenticationHandlerResolver |
This is
AuthenticationHandlerResolver which decides which set of
authentication handlers shall be chosen for a given authN event. |
| AuthenticationManager |
Authenticates one or more credentials.
|
| AuthenticationMetaDataPopulator |
An extension point to the Authentication process that allows CAS to provide
additional attributes related to the overall Authentication (such as
authentication type) that are specific to the Authentication request versus
the Principal itself.
|
| AuthenticationPolicy |
Strategy interface for pluggable authentication security policies.
|
| AuthenticationResult |
The
AuthenticationResult is an abstraction representing final authentication outcome for any number of processed
authentication transactions. |
| AuthenticationResultBuilder |
This is
AuthenticationResultBuilder. |
| AuthenticationServiceSelectionPlan |
This is
AuthenticationServiceSelectionPlan. |
| AuthenticationServiceSelectionStrategy |
This is
AuthenticationServiceSelectionStrategy which attempts to
resolve and nominate a service during a validation event. |
| AuthenticationServiceSelectionStrategyConfigurer |
This is
AuthenticationServiceSelectionStrategyConfigurer
that is used to extract and translate a given service request/URL. |
| AuthenticationSystemSupport |
This is
AuthenticationSystemSupport - a facade that exposes a high level authentication system API to CAS core. |
| AuthenticationTransactionManager |
The
AuthenticationTransactionManager deals exclusively with authentication concepts
e.g. |
| CassandraRepository |
This is
CassandraRepository. |
| ContextualAuthenticationPolicy<T> |
A stateful authentication policy that is applied using arbitrary contextual information.
|
| ContextualAuthenticationPolicyFactory<T> |
A factory for producing (stateful) authentication policies based on arbitrary context data.
|
| Credential |
Describes an authentication credential.
|
| CredentialMetaData |
Describes a credential provided for authentication.
|
| HandlerResult |
This is
HandlerResult that describes the result of an authentication attempt. |
| MessageDescriptor |
Simple parameterized message descriptor with a code that refers to a message bundle key and a default
message string to use if no message code can be resolved.
|
| MultifactorTriggerSelectionStrategy |
This interface is responsible for deciding which Multifactor provider to use based on the request, service, and
principal.
|
| PrePostAuthenticationHandler |
This is
PrePostAuthenticationHandler. |
| PrincipalElectionStrategy |
This is
PrincipalElectionStrategy that attempts to nominate a given principal
as the primary principal object amongst many authentication events. |
| ProtocolAttributeEncoder |
An encoder that defines how a CAS attribute
is to be encoded and signed in the CAS
validation response.
|
| RememberMeCredential |
Credential that wish to handle remember me scenarios need
to implement this class.
|
| Class | Description |
|---|---|
| AbstractAuthenticationHandler |
Base class for all authentication handlers that support configurable naming.
|
| AbstractAuthenticationManager |
This is
AbstractAuthenticationManager, which provides common operations
around an authentication manager implementation. |
| AbstractCredential |
Base class for CAS credentials that are safe for long-term storage.
|
| AcceptUsersAuthenticationHandler |
Handler that contains a list of valid users and passwords.
|
| AuthenticationCredentialsLocalBinder |
ThreadLocal based holder for current set of credentials and/or authentication object for any current
CAS authentication transaction.
|
| AuthenticationTransaction |
This is
AuthenticationTransaction. |
| BasicCredentialMetaData |
Basic credential metadata implementation that stores the original credential ID and the original credential type.
|
| BasicIdentifiableCredential |
This is
BasicIdentifiableCredential, a simple credential implementation
that is only recognized by its id. |
| CassandraAuthenticationHandler |
This is
CassandraAuthenticationHandler. |
| CloudDirectoryAuthenticationHandler |
This is
CloudDirectoryAuthenticationHandler. |
| CouchbaseAuthenticationHandler |
This is
CouchbaseAuthenticationHandler. |
| DefaultAuthentication |
Immutable authentication event whose attributes may not change after creation.
|
| DefaultAuthenticationBuilder |
Constructs immutable
Authentication objects using the builder pattern. |
| DefaultAuthenticationContextValidator |
The
DefaultAuthenticationContextValidator is responsible for evaluating an authentication
object to see whether it satisfied a requested authentication context. |
| DefaultAuthenticationEventExecutionPlan | |
| DefaultAuthenticationResult |
The
DefaultAuthenticationResult represents a concrete implementation of AuthenticationResult. |
| DefaultAuthenticationResultBuilder |
This is
DefaultAuthenticationResultBuilder. |
| DefaultAuthenticationServiceSelectionPlan | |
| DefaultAuthenticationServiceSelectionStrategy |
This is
DefaultAuthenticationServiceSelectionStrategy which returns back to the caller
the provided service, as it was without any additional processing. |
| DefaultAuthenticationSystemSupport |
This is
DefaultAuthenticationSystemSupport. |
| DefaultAuthenticationTransactionManager | |
| DefaultCassandraRepository |
This is
DefaultCassandraRepository. |
| DefaultCasSslContext |
This is
DefaultCasSslContext. |
| DefaultHandlerResult |
Contains information about a successful authentication produced by an
AuthenticationHandler. |
| DefaultMultifactorTriggerSelectionStrategy |
Default MFA Trigger selection strategy.
|
| DefaultPrincipalElectionStrategy |
This is
DefaultPrincipalElectionStrategy that selects the primary principal
to be the first principal in the chain of authentication history. |
| HttpBasedServiceCredential |
A credential representing an HTTP endpoint given by a URL.
|
| LdapAuthenticationHandler |
LDAP authentication handler that uses the ldaptive
Authenticator component underneath. |
| MongoAuthenticationHandler |
An authentication handler to verify credentials against a MongoDb instance.
|
| PolicyBasedAuthenticationManager |
Provides an authentication manager that is inherently aware of multiple credentials and supports pluggable
security policy via the
AuthenticationPolicy component. |
| PseudoPlatformTransactionManager |
This is
PseudoPlatformTransactionManager. |
| RegisteredServiceAuthenticationHandlerResolver |
This is
RegisteredServiceAuthenticationHandlerResolver
that acts on the criteria presented by a registered service to
detect which handler(s) should be resolved for authentication. |
| RememberMeUsernamePasswordCredential |
Handles both remember me services and username and password.
|
| SecurityTokenServiceAuthenticationMetaDataPopulator | |
| SecurityTokenServiceClient |
This is
SecurityTokenServiceClient. |
| SecurityTokenServiceClientBuilder |
This is
SecurityTokenServiceClientBuilder. |
| SurrogateAuthenticationAspect |
This is
SurrogateAuthenticationAspect. |
| SurrogateAuthenticationMetaDataPopulator | |
| SurrogatePrincipalResolver |
This is
SurrogatePrincipalResolver. |
| SurrogateUsernamePasswordCredential |
This is
SurrogateUsernamePasswordCredential,
able to substitute a target username on behalf of the given credentials. |
| UsernamePasswordCredential |
Credential for authenticating with a username and password.
|
| Exception | Description |
|---|---|
| AuthenticationException |
Authentication raised by
AuthenticationManager to signal authentication failure. |
| PreventedException |
Describes an error condition where authentication was prevented for some reason, e.g.
|
| PrincipalException |
Describes a principal resolution error, which is a subcategory of authentication error.
|
| RootCasException |
Generic CAS exception that sits at the top of the exception hierarchy.
|
Authentication validates the Credentials provided during a /login request. In this context, "Credentials" are an opaque object declared with the Credentials marker interface. The AuthenticationManager typically passes the Credentials to a sequence of plug-in elements to see if any of them can recognize and process the concrete implementing type.
Successful authentication generates a Principal object wrapped in an Authentication object. All these objects must be serializable, and the Authentication becomes part of the TGT in the ticket cache.
Unsucessful authentication must throw an AuthenticationException. The AuthenticationManager may not return null to signal a failure.