org.jasig.cas
Class CentralAuthenticationServiceImpl

java.lang.Object
  org.jasig.cas.CentralAuthenticationServiceImpl

All Implemented Interfaces:

CentralAuthenticationService, org.springframework.beans.factory.InitializingBean

public final class CentralAuthenticationServiceImpl

extends java.lang.Object

implements CentralAuthenticationService, org.springframework.beans.factory.InitializingBean

Concrete implementation of a CentralAuthenticationService, and also the central, organizing component of CAS's internal implementation.

This class is threadsafe.

This class has the following properties that must be set:

• ticketRegistry - The Ticket Registry to maintain the list of available tickets.
• authenticationManager - The service that will handle authentication.
• ticketGrantingTicketUniqueTicketIdGenerator - Plug in to generate unique secure ids for TicketGrantingTickets.
• serviceTicketUniqueTicketIdGenerator - Plug in to generate unique secure ids for ServiceTickets.
• ticketGrantingTicketExpirationPolicy - The expiration policy for TicketGrantingTickets.
• serviceTicketExpirationPolicy - The expiration policy for ServiceTickets.

Since:

3.0

Version:

$Revision$ $Date$

Author:

William G. Thompson, Jr., Scott Battaglia, Dmitry Kopylenko

Constructor Summary

CentralAuthenticationServiceImpl()

Method Summary

void	afterPropertiesSet()
java.lang.String	createTicketGrantingTicket(Credentials credentials) Create a TicketGrantingTicket based on opaque credentials supplied by the caller.
java.lang.String	delegateTicketGrantingTicket(java.lang.String serviceTicketId, Credentials credentials) Delegate a TicketGrantingTicket to a Service for proxying authentication to other Services.
void	destroyTicketGrantingTicket(java.lang.String ticketGrantingTicketId) Implementation of destoryTicketGrantingTicket expires the ticket provided and removes it from the TicketRegistry.
java.lang.String	grantServiceTicket(java.lang.String ticketGrantingTicketId, Service service) Grant a ServiceTicket for a Service.
java.lang.String	grantServiceTicket(java.lang.String ticketGrantingTicketId, Service service, Credentials credentials) Grant a ServiceTicket for a Service *if* the principal resolved from the credentials matches the principal associated with the TicketGrantingTicket.
void	setAuthenticationManager(AuthenticationManager authenticationManager) Method to inject the AuthenticationManager into the class.
void	setServiceTicketExpirationPolicy(ExpirationPolicy serviceTicketExpirationPolicy) Method to inject the TicketGrantingTicket Expiration Policy.
void	setServiceTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator serviceTicketUniqueTicketIdGenerator)
void	setTicketGrantingTicketExpirationPolicy(ExpirationPolicy ticketGrantingTicketExpirationPolicy) Method to inject the TicketGrantingTicket Expiration Policy.
void	setTicketGrantingTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator) Method to inject the Unique Ticket Id Generator into the class.
void	setTicketRegistry(TicketRegistry ticketRegistry) Method to set the TicketRegistry.
Assertion	validateServiceTicket(java.lang.String serviceTicketId, Service service) Validate a ServiceTicket for a particular Service.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CentralAuthenticationServiceImpl

public CentralAuthenticationServiceImpl()

Method Detail

destroyTicketGrantingTicket

public void destroyTicketGrantingTicket(java.lang.String ticketGrantingTicketId)

Implementation of destoryTicketGrantingTicket expires the ticket provided and removes it from the TicketRegistry.

Specified by:

destroyTicketGrantingTicket in interface CentralAuthenticationService

Parameters:

ticketGrantingTicketId - the id of the ticket we want to destroy

Throws:

java.lang.IllegalArgumentException - if the TicketGrantingTicket ID is null.

grantServiceTicket

public java.lang.String grantServiceTicket(java.lang.String ticketGrantingTicketId,
                                           Service service,
                                           Credentials credentials)
                                    throws TicketException

Description copied from interface: CentralAuthenticationService

Grant a ServiceTicket for a Service *if* the principal resolved from the credentials matches the principal associated with the TicketGrantingTicket.

Specified by:

grantServiceTicket in interface CentralAuthenticationService

Parameters:

ticketGrantingTicketId - Proof of prior authentication.

service - The target service of the ServiceTicket.

credentials - the Credentials to present to receive the ServiceTicket

Returns:

the ServiceTicket for target Service.

Throws:

java.lang.IllegalArgumentException - if TicketGrantingTicket ID, Credentials or Service are null.

TicketException - if the ticket could not be created.

grantServiceTicket

public java.lang.String grantServiceTicket(java.lang.String ticketGrantingTicketId,
                                           Service service)
                                    throws TicketException

Description copied from interface: CentralAuthenticationService

Grant a ServiceTicket for a Service.

Specified by:

grantServiceTicket in interface CentralAuthenticationService

Parameters:

ticketGrantingTicketId - Proof of prior authentication.

service - The target service of the ServiceTicket.

Returns:

the ServiceTicket for target Service.

Throws:

TicketException - if the ticket could not be created.

delegateTicketGrantingTicket

public java.lang.String delegateTicketGrantingTicket(java.lang.String serviceTicketId,
                                                     Credentials credentials)
                                              throws TicketException

Description copied from interface: CentralAuthenticationService

Delegate a TicketGrantingTicket to a Service for proxying authentication to other Services.

Specified by:

delegateTicketGrantingTicket in interface CentralAuthenticationService

Parameters:

serviceTicketId - The service ticket that will delegate to a TicketGrantingTicket

credentials - The credentials of the service that wishes to have a TicketGrantingTicket delegated to it.

Returns:

TicketGrantingTicket that can grant ServiceTickets that proxy authentication.

Throws:

java.lang.IllegalArgumentException - if the ServiceTicketId or the Credentials are null.

TicketException - if there was an error creating the ticket

validateServiceTicket

public Assertion validateServiceTicket(java.lang.String serviceTicketId,
                                       Service service)
                                throws TicketException

Description copied from interface: CentralAuthenticationService

Validate a ServiceTicket for a particular Service.

Specified by:

validateServiceTicket in interface CentralAuthenticationService

Parameters:

serviceTicketId - Proof of prior authentication.

service - Service wishing to validate a prior authentication.

Returns:

ServiceTicket if valid for the service

Throws:

java.lang.IllegalArgumentException - if the ServiceTicketId or the Service are null.

TicketException - if there was an error validating the ticket.

createTicketGrantingTicket

public java.lang.String createTicketGrantingTicket(Credentials credentials)
                                            throws TicketCreationException

Description copied from interface: CentralAuthenticationService

Create a TicketGrantingTicket based on opaque credentials supplied by the caller.

Specified by:

createTicketGrantingTicket in interface CentralAuthenticationService

Parameters:

credentials - The credentials to create the ticket for

Returns:

The String identifier of the ticket (may not be null).

Throws:

java.lang.IllegalArgumentException - if the credentials are null.

TicketCreationException

setTicketRegistry

public void setTicketRegistry(TicketRegistry ticketRegistry)

Method to set the TicketRegistry.

Parameters:

ticketRegistry - the TicketRegistry to set.

setAuthenticationManager

public void setAuthenticationManager(AuthenticationManager authenticationManager)

Method to inject the AuthenticationManager into the class.

Parameters:

authenticationManager - The authenticationManager to set.

setTicketGrantingTicketExpirationPolicy

public void setTicketGrantingTicketExpirationPolicy(ExpirationPolicy ticketGrantingTicketExpirationPolicy)

Method to inject the TicketGrantingTicket Expiration Policy.

Parameters:

ticketGrantingTicketExpirationPolicy - The ticketGrantingTicketExpirationPolicy to set.

setTicketGrantingTicketUniqueTicketIdGenerator

public void setTicketGrantingTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator)

Method to inject the Unique Ticket Id Generator into the class.

Parameters:

uniqueTicketIdGenerator - The uniqueTicketIdGenerator to use

setServiceTicketExpirationPolicy

public void setServiceTicketExpirationPolicy(ExpirationPolicy serviceTicketExpirationPolicy)

Method to inject the TicketGrantingTicket Expiration Policy.

Parameters:

serviceTicketExpirationPolicy - The serviceTicketExpirationPolicy to set.

afterPropertiesSet

public void afterPropertiesSet()
                        throws java.lang.Exception

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

Throws:

java.lang.Exception

setServiceTicketUniqueTicketIdGenerator

public void setServiceTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator serviceTicketUniqueTicketIdGenerator)