org.apereo.cas.web

Class AbstractServiceValidateController

java.lang.Object

org.apereo.cas.web.AbstractDelegateController

org.apereo.cas.web.AbstractServiceValidateController

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware

Direct Known Subclasses:

LegacyValidateController, OpenIdValidateController, ProxyValidateController, SamlValidateController, ServiceValidateController, V3ServiceValidateController

public abstract class AbstractServiceValidateController
extends AbstractDelegateController

Process the /validate , /serviceValidate , and /proxyValidate URL requests.

Obtain the Service Ticket and Service information and present them to the CAS validation services. Receive back an Assertion containing the user Principal and (possibly) a chain of Proxy Principals. Store the Assertion in the Model and chain to a View to generate the appropriate response (CAS 1, CAS 2 XML, SAML, ...).

Since:

3.0.0

Field Summary

Fields inherited from class org.apereo.cas.web.AbstractDelegateController

applicationContext

Constructor Summary

Constructors

Constructor and Description
AbstractServiceValidateController()

Method Summary

Modifier and Type	Method and Description
void	addValidationSpecification(CasProtocolValidationSpecification validationSpecification) Add validation specification.
protected java.util.Map<java.lang.String,?>	augmentSuccessViewModelObjects(Assertion assertion) Augment success view model objects.
boolean	canHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Determine if a AbstractDelegateController subclass can handle the current request.
protected void	enforceTicketValidationAuthorizationFor(javax.servlet.http.HttpServletRequest request, Service service, Assertion assertion) Enforce ticket validation authorization for.
org.springframework.web.servlet.View	getFailureView()
protected Credential	getServiceCredentialsFromRequest(WebApplicationService service, javax.servlet.http.HttpServletRequest request) Overrideable method to determine which credentials to use to grant a proxy granting ticket.
org.springframework.web.servlet.View	getSuccessView()
org.springframework.web.servlet.ModelAndView	handleRequestInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Handle request internal.
protected org.springframework.web.servlet.ModelAndView	handleTicketValidation(javax.servlet.http.HttpServletRequest request, WebApplicationService service, java.lang.String serviceTicketId) Handle ticket validation model and view.
protected void	initBinder(javax.servlet.http.HttpServletRequest request, org.springframework.web.bind.ServletRequestDataBinder binder) Initialize the binder with the required fields.
protected void	onSuccessfulValidation(java.lang.String serviceTicketId, Assertion assertion) Triggered on successful validation events.
protected void	prepareForTicketValidation(javax.servlet.http.HttpServletRequest request, WebApplicationService service, java.lang.String serviceTicketId) Prepare for ticket validation.
protected org.apache.commons.lang3.tuple.Pair<java.lang.Boolean,java.util.Optional<MultifactorAuthenticationProvider>>	validateAuthenticationContext(Assertion assertion, javax.servlet.http.HttpServletRequest request) Validate authentication context pair.
protected Assertion	validateServiceTicket(WebApplicationService service, java.lang.String serviceTicketId) Validate service ticket assertion.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.context.ApplicationContextAware

setApplicationContext

Constructor Detail

AbstractServiceValidateController

public AbstractServiceValidateController()

Method Detail

getServiceCredentialsFromRequest

protected Credential getServiceCredentialsFromRequest(WebApplicationService service,
                                                      javax.servlet.http.HttpServletRequest request)

Overrideable method to determine which credentials to use to grant a proxy granting ticket. Default is to use the pgtUrl.

Parameters:

service - the webapp service requesting proxy

request - the HttpServletRequest object.

Returns:

the credentials or null if there was an error or no credentials provided.

validateAuthenticationContext

protected org.apache.commons.lang3.tuple.Pair<java.lang.Boolean,java.util.Optional<MultifactorAuthenticationProvider>> validateAuthenticationContext(Assertion assertion,
                                                                                                                                                     javax.servlet.http.HttpServletRequest request)

Validate authentication context pair.

Parameters:

assertion - the assertion

request - the request

Returns:

the pair

initBinder

protected void initBinder(javax.servlet.http.HttpServletRequest request,
                          org.springframework.web.bind.ServletRequestDataBinder binder)

Initialize the binder with the required fields.

Parameters:

request - the request

binder - the binder

handleRequestInternal

public org.springframework.web.servlet.ModelAndView handleRequestInternal(javax.servlet.http.HttpServletRequest request,
                                                                          javax.servlet.http.HttpServletResponse response)
                                                                   throws java.lang.Exception

Description copied from class: AbstractDelegateController

Handle request internal.

Specified by:

handleRequestInternal in class AbstractDelegateController

Parameters:

request - the request

response - the response

Returns:

the model and view

Throws:

java.lang.Exception - the exception

prepareForTicketValidation

protected void prepareForTicketValidation(javax.servlet.http.HttpServletRequest request,
                                          WebApplicationService service,
                                          java.lang.String serviceTicketId)

Prepare for ticket validation.

Parameters:

request - the request

service - the service

serviceTicketId - the service ticket id

handleTicketValidation

protected org.springframework.web.servlet.ModelAndView handleTicketValidation(javax.servlet.http.HttpServletRequest request,
                                                                              WebApplicationService service,
                                                                              java.lang.String serviceTicketId)

Handle ticket validation model and view.

Parameters:

request - the request

service - the service

serviceTicketId - the service ticket id

Returns:

the model and view

validateServiceTicket

protected Assertion validateServiceTicket(WebApplicationService service,
                                          java.lang.String serviceTicketId)

Validate service ticket assertion.

Parameters:

service - the service

serviceTicketId - the service ticket id

Returns:

the assertion

onSuccessfulValidation

protected void onSuccessfulValidation(java.lang.String serviceTicketId,
                                      Assertion assertion)

Triggered on successful validation events. Extensions are to use this as hook to plug in behavior.

Parameters:

serviceTicketId - the service ticket id

assertion - the assertion

enforceTicketValidationAuthorizationFor

protected void enforceTicketValidationAuthorizationFor(javax.servlet.http.HttpServletRequest request,
                                                       Service service,
                                                       Assertion assertion)

Enforce ticket validation authorization for.

Parameters:

request - the request

service - the service

assertion - the assertion

augmentSuccessViewModelObjects

protected java.util.Map<java.lang.String,?> augmentSuccessViewModelObjects(Assertion assertion)

Augment success view model objects. Provides a way for extension of this controller to dynamically populate the model object with attributes that describe a custom nature of the validation protocol.

Parameters:

assertion - the assertion

Returns:

map of objects each keyed to a name

canHandle

public boolean canHandle(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response)

Description copied from class: AbstractDelegateController

Determine if a AbstractDelegateController subclass can handle the current request.

Specified by:

canHandle in class AbstractDelegateController

Parameters:

request - the current request

response - the response

Returns:

true if the controller can handler the request, false otherwise

getSuccessView

public org.springframework.web.servlet.View getSuccessView()

getFailureView

public org.springframework.web.servlet.View getFailureView()

addValidationSpecification

public void addValidationSpecification(CasProtocolValidationSpecification validationSpecification)

Add validation specification.

Parameters:

validationSpecification - the validation specification