See: Description
| Interface | Description |
|---|---|
| ClientCustomPropertyConstants |
This is
ClientCustomPropertyConstants. |
| PersistentIdGenerator |
Generates a unique consistent Id based on the principal.
|
| Principal |
Generic concept of an authenticated thing.
|
| PrincipalAttributesRepository |
Defines operations required for retrieving principal attributes.
|
| PrincipalFactory |
Defines operations to create principals.
|
| PrincipalResolver |
Resolves a
Principal from a Credential using an arbitrary strategy. |
| Response |
This is
Response that is outputted by each service principal. |
| ResponseBuilder<T extends WebApplicationService> |
Represents the task of building a CAS response
that is returned by a service.
|
| ResponseBuilderLocator<T extends WebApplicationService> |
This is
ResponseBuilderLocator which attempts to locate ResponseBuilder
objects registered in the application context. |
| Service |
Marker interface for Services.
|
| ServiceFactory<T extends Service> |
The
ServiceFactory is responsible for creating service objects. |
| ServiceFactoryConfigurer |
This is
ServiceFactoryConfigurer. |
| WebApplicationService |
Represents a service using CAS that comes from the web.
|
| Class | Description |
|---|---|
| AbstractServiceFactory<T extends Service> |
The
AbstractServiceFactory is the parent class providing
convenience methods for creating service objects. |
| AbstractWebApplicationService |
Abstract implementation of a WebApplicationService.
|
| AbstractWebApplicationServiceResponseBuilder |
Abstract response builder that provides wrappers for building
post and redirect responses.
|
| ClientCredential |
This class represents client credentials and (after authentication) a user profile.
|
| DefaultPrincipalAttributesRepository |
Default implementation of
PrincipalAttributesRepository
that just returns the attributes as it receives them. |
| DefaultPrincipalFactory |
Factory to create
SimplePrincipal objects. |
| DefaultResponse |
Encapsulates a Response to send back for a particular service.
|
| DefaultWebApplicationResponseBuilderLocator | |
| GroovyPrincipalFactory |
Factory to create
SimplePrincipal objects. |
| NullPrincipal |
Null principal implementation that allows us to construct
Authentications in the event that no
principal is resolved during the authentication process. |
| OidcPairwisePersistentIdGenerator |
This is
OidcPairwisePersistentIdGenerator. |
| PrincipalFactoryUtils |
This is
PrincipalFactoryUtils. |
| PrincipalNameTransformerUtils |
This is
PrincipalNameTransformerUtils. |
| ShibbolethCompatiblePersistentIdGenerator |
Generates PersistentIds based on the Shibboleth algorithm.
|
| SimplePrincipal |
Simple implementation of a
Principal that exposes an unmodifiable
map of attributes. |
| SimpleWebApplicationServiceImpl |
Represents a service which wishes to use the CAS protocol.
|
| WebApplicationServiceFactory |
The
WebApplicationServiceFactory is responsible for
creating WebApplicationService objects. |
| WebApplicationServiceResponseBuilder |
Default response builder that passes back the ticket
id to the original url of the service based on the response type.
|
| Enum | Description |
|---|---|
| Response.ResponseType |
An enumeration of different response types.
|
Credentials is a marker interface for an opaque object that may be recognized by Handlers and Resolvers. Credentials may be a UserId/Password, Certificate, RemoteUser, IP address, etc.
When the authentication manager is
used, that bean is configured with a list of AuthenticationHandler that
validate Credentials and PrincipalResolver that turn
Credential objects into
into Principal objects.
The Authentication Handler validates credentials and in certain cases is able extract information. The extraction use case is clearer when credentials are certificates. A certificate is valid if you trust the CA, if it hasn't expired, and if it isn't revoked. You can decide all this, and still not have the foggiest idea what ID to give to the person (if it is a person) represented by the Certificate.
The PrincipalResolver
looks into previously validated credentials to construct a Principal object containing an ID (and in more
complex cases some attributes). The ProxyingPrincipalResolver takes
credentials and creates a SimplePrincipal containing the Userid.