Package net.shibboleth.idp.cas.config

Class ValidateConfiguration

  • All Implemented Interfaces:
    net.shibboleth.idp.profile.config.ConditionalProfileConfiguration, net.shibboleth.idp.profile.config.ProfileConfiguration, net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.IdentifiableComponent, net.shibboleth.utilities.java.support.component.IdentifiedComponent, net.shibboleth.utilities.java.support.component.InitializableComponent
    public class ValidateConfiguration
extends AbstractProtocolConfiguration
    CAS protocol configuration. Applies to the following ticket validation URIs:
    • /proxyValidate
    • /serviceValidate

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected int getDefaultTicketLength()
      Get default ticket length.
      protected String getDefaultTicketPrefix()
      Get default ticket prefix.
      net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy getPGTIOUGenerator​(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
      Get the PGTIOU ticket ID generator.
      Comparator<String> getServiceComparator​(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
      Get component responsible for enforcing ticket requester matches ticket validator.
      String getUserAttribute​(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
      Get name of IdP attribute to use for username returned in CAS ticket validation response.
      void setPGTIOUGenerator​(net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy generator)
      Set the PGTIOU ticket ID generator.
      void setPGTIOUGeneratorLookupStrategy​(Function<org.opensaml.profile.context.ProfileRequestContext,​net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy> strategy)
      Set the lookup strategy to use for the PGTIOU ticket ID generator.
      void setServiceComparator​(Comparator<String> comparator)
      Set component responsible for enforcing ticket requester matches ticket validator.
      void setServiceComparatorLookupStrategy​(Function<org.opensaml.profile.context.ProfileRequestContext,​Comparator<String>> strategy)
      Set the lookup strategy to use for the component responsible for enforcing that the ticket requester matches the ticket validator.
      void setUserAttribute​(String attribute)
      Set the name of IdP attribute to use for username returned in CAS ticket validation response.
      void setUserAttributeLookupStrategy​(Function<org.opensaml.profile.context.ProfileRequestContext,​String> strategy)
      Set the lookup strategy to use for the name of the IdP attribute to use for username returned in CAS ticket validation response.

      • Methods inherited from class net.shibboleth.idp.profile.config.AbstractConditionalProfileConfiguration

        getActivationCondition, setActivationCondition

      • Methods inherited from class net.shibboleth.idp.profile.config.AbstractProfileConfiguration

        equals, getDisallowedFeatures, getInboundInterceptorFlows, getOutboundInterceptorFlows, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setInboundFlowsLookupStrategy, setInboundInterceptorFlows, setOutboundFlowsLookupStrategy, setOutboundInterceptorFlows, setSecurityConfiguration, setSecurityConfigurationLookupStrategy

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

        setId

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

        doInitialize, getId

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

        destroy, doDestroy, initialize, isDestroyed, isInitialized

      • Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

        getId

      • Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

        initialize, isInitialized

      • Methods inherited from interface net.shibboleth.idp.profile.config.ProfileConfiguration

        getInboundInterceptorFlows, getOutboundInterceptorFlows

    • Field Detail

      • DEFAULT_TICKET_VALIDITY_PERIOD

        @Nonnull
public static final Duration DEFAULT_TICKET_VALIDITY_PERIOD
        Default ticket validity.

      • DEFAULT_TICKET_PREFIX

        @Nonnull
@NotEmpty
public static final String DEFAULT_TICKET_PREFIX
        Default ticket prefix.
        See Also:
        Constant Field Values

      • DEFAULT_TICKET_LENGTH

        public static final int DEFAULT_TICKET_LENGTH
        Default ticket length (random part).
        See Also:
        Constant Field Values

      • pgtIOUGeneratorLookupStrategy

        @Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,​net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy> pgtIOUGeneratorLookupStrategy
        Lookup strategy for PGTIOU ticket ID generator.

      • defaultPGTIOUGenerator

        @Nonnull
private final net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy defaultPGTIOUGenerator
        Default PGTIOU ticket ID generator.

      • serviceComparatorLookupStrategy

        @Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,​Comparator<String>> serviceComparatorLookupStrategy
        Lookup strategy for enforcing ticket requester matches ticket validator.

      • userAttributeLookupStrategy

        @Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,​String> userAttributeLookupStrategy
        Lookup strategy for Name of IdP attribute to use for user returned in CAS ticket validation response.

    • Constructor Detail

      • ValidateConfiguration

        public ValidateConfiguration()
        Creates a new instance.

    • Method Detail

      • getPGTIOUGenerator

        @Nonnull
public net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy getPGTIOUGenerator​(@Nullable
                                                                                                      org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
        Get the PGTIOU ticket ID generator.
        Parameters:
        profileRequestContext - current profile request context
        Returns:
        PGTIOU ticket ID generator

      • setPGTIOUGenerator

        public void setPGTIOUGenerator​(@Nonnull
                               net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy generator)
        Set the PGTIOU ticket ID generator.
        Parameters:
        generator - ID generator

      • setPGTIOUGeneratorLookupStrategy

        public void setPGTIOUGeneratorLookupStrategy​(@Nonnull
                                             Function<org.opensaml.profile.context.ProfileRequestContext,​net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy> strategy)
        Set the lookup strategy to use for the PGTIOU ticket ID generator.
        Parameters:
        strategy - lookup strategy
        Since:
        3.3.0

      • getServiceComparator

        @Nonnull
public Comparator<String> getServiceComparator​(@Nullable
                                               org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
        Get component responsible for enforcing ticket requester matches ticket validator.
        Parameters:
        profileRequestContext - current profile request context
        Returns:
        ticket requester/validator comparator

      • setServiceComparator

        public void setServiceComparator​(@Nonnull
                                 Comparator<String> comparator)
        Set component responsible for enforcing ticket requester matches ticket validator.
        Parameters:
        comparator - ticket requester/validator comparator

      • setServiceComparatorLookupStrategy

        public void setServiceComparatorLookupStrategy​(@Nonnull
                                               Function<org.opensaml.profile.context.ProfileRequestContext,​Comparator<String>> strategy)
        Set the lookup strategy to use for the component responsible for enforcing that the ticket requester matches the ticket validator.
        Parameters:
        strategy - lookup strategy
        Since:
        3.3.0

      • getUserAttribute

        @Nullable
public String getUserAttribute​(@Nullable
                               org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
        Get name of IdP attribute to use for username returned in CAS ticket validation response.
        Parameters:
        profileRequestContext - current profile request context
        Returns:
        attribute name

      • setUserAttribute

        public void setUserAttribute​(@Nullable
                             String attribute)
        Set the name of IdP attribute to use for username returned in CAS ticket validation response.
        Parameters:
        attribute - attribute name to use

      • setUserAttributeLookupStrategy

        public void setUserAttributeLookupStrategy​(@Nonnull
                                           Function<org.opensaml.profile.context.ProfileRequestContext,​String> strategy)
        Set the lookup strategy to use for the name of the IdP attribute to use for username returned in CAS ticket validation response.
        Parameters:
        strategy - lookup strategy
        Since:
        3.3.0