Class Cas2Authenticator

java.lang.Object
org.nuxeo.ecm.platform.ui.web.auth.cas2.Cas2Authenticator
All Implemented Interfaces:
LoginResponseHandler, NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension

Author:
Thierry Delprat, Olivier Adam, M.-A. Darche, Benjamin Jalon, Thierry Martins
  • Field Details

    • CAS_SERVER_HEADER_KEY

      @Deprecated(since="2023") protected static final String CAS_SERVER_HEADER_KEY
      Deprecated.
      since 2023, no used anymore for security reasons
      See Also:
    • CAS_SERVER_PATTERN_KEY

      protected static final String CAS_SERVER_PATTERN_KEY
      See Also:
    • NUXEO_SERVER_PATTERN_KEY

      protected static final String NUXEO_SERVER_PATTERN_KEY
      See Also:
    • LOGIN_ACTION

      protected static final String LOGIN_ACTION
      See Also:
    • LOGOUT_ACTION

      protected static final String LOGOUT_ACTION
      See Also:
    • VALIDATE_ACTION

      protected static final String VALIDATE_ACTION
      See Also:
    • PROXY_VALIDATE_ACTION

      protected static final String PROXY_VALIDATE_ACTION
      See Also:
    • EXCLUDE_PROMPT_KEY

      protected static final String EXCLUDE_PROMPT_KEY
      See Also:
    • ticketKey

      protected String ticketKey
    • proxyKey

      protected String proxyKey
    • appURL

      protected String appURL
    • serviceLoginURL

      protected String serviceLoginURL
    • serviceValidateURL

      protected String serviceValidateURL
    • proxyValidateURL

      protected String proxyValidateURL
      We tell the CAS server whether we want a plain text (CAS 1.0) or XML (CAS 2.0) response by making the request either to the '.../validate' or '.../serviceValidate' URL. The older protocol supports only the CAS 1.0 functionality, which is left around as the legacy '.../validate' URL.
    • serviceKey

      protected String serviceKey
    • logoutURL

      protected String logoutURL
    • defaultCasServer

      protected String defaultCasServer
    • ticketValidatorClassName

      protected String ticketValidatorClassName
    • proxyValidatorClassName

      protected String proxyValidatorClassName
    • promptLogin

      protected boolean promptLogin
    • excludePromptURLs

      protected List<String> excludePromptURLs
    • errorPage

      protected String errorPage
  • Constructor Details

    • Cas2Authenticator

      public Cas2Authenticator()
  • Method Details

    • getUnAuthenticatedURLPrefix

      public List<String> getUnAuthenticatedURLPrefix()
      Description copied from interface: NuxeoAuthenticationPlugin
      Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.
      Specified by:
      getUnAuthenticatedURLPrefix in interface NuxeoAuthenticationPlugin
    • getServiceURL

      protected String getServiceURL(javax.servlet.http.HttpServletRequest httpRequest, String action)
    • handleLoginPrompt

      public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL)
      Description copied from interface: NuxeoAuthenticationPlugin
      Handles the Login Prompt.
      Specified by:
      handleLoginPrompt in interface NuxeoAuthenticationPlugin
      Parameters:
      httpRequest - the request
      httpResponse - the response
      Returns:
      true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise
    • getAppURL

      protected String getAppURL(javax.servlet.http.HttpServletRequest httpRequest)
    • handleRetrieveIdentity

      public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
      Description copied from interface: NuxeoAuthenticationPlugin
      Retrieves user identification information from the request.
      Specified by:
      handleRetrieveIdentity in interface NuxeoAuthenticationPlugin
      Parameters:
      httpRequest - the request
      httpResponse - the response
    • initPlugin

      public void initPlugin(Map<String,String> parameters)
      Description copied from interface: NuxeoAuthenticationPlugin
      Initializes the Plugin from parameters set in the XML descriptor.
      Specified by:
      initPlugin in interface NuxeoAuthenticationPlugin
    • needLoginPrompt

      public Boolean needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)
      Description copied from interface: NuxeoAuthenticationPlugin
      Defines if the authentication plugin needs to do a login prompt.
      Specified by:
      needLoginPrompt in interface NuxeoAuthenticationPlugin
      Returns:
      true if LoginPrompt is used
    • handleLogout

      public Boolean handleLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
      Description copied from interface: NuxeoAuthenticationPluginLogoutExtension
      Handles logout operation.

      Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.

      Specified by:
      handleLogout in interface NuxeoAuthenticationPluginLogoutExtension
      Returns:
      true if caller must stop execution (ie: logout generated a redirect), false otherwise
    • checkProxyCasTicket

      protected String checkProxyCasTicket(String ticket, javax.servlet.http.HttpServletRequest httpRequest)
    • checkCasTicket

      protected String checkCasTicket(String ticket, javax.servlet.http.HttpServletRequest httpRequest)
    • onError

      public boolean onError(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Description copied from interface: LoginResponseHandler
      Handles the login error response.
      Specified by:
      onError in interface LoginResponseHandler
      Parameters:
      request - the HTTP request
      response - the HTTP response
      Returns:
      true if error was handled, false otherwise
    • onSuccess

      public boolean onSuccess(javax.servlet.http.HttpServletRequest arg0, javax.servlet.http.HttpServletResponse arg1)
      Description copied from interface: LoginResponseHandler
      Handles login success response.
      Specified by:
      onSuccess in interface LoginResponseHandler
      Parameters:
      arg0 - the HTTP request
      arg1 - the HTTP response
      Returns:
      true if response was handled, false otherwise
    • getAlternativeAuthPlugin

      protected NuxeoAuthenticationPlugin getAlternativeAuthPlugin(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
    • getCookie

      protected javax.servlet.http.Cookie getCookie(javax.servlet.http.HttpServletRequest httpRequest, String cookieName)
    • removeCookie

      protected void removeCookie(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, javax.servlet.http.Cookie cookie)