org.jasig.portal.security.provider.cas
Class CasSecurityContext

java.lang.Object
  extended by org.jasig.portal.security.provider.ChainingSecurityContext
      extended by org.jasig.portal.security.provider.cas.CasSecurityContext
All Implemented Interfaces:
java.io.Serializable, ISecurityContext, ICasSecurityContext

public class CasSecurityContext
extends ChainingSecurityContext
implements ICasSecurityContext

A SecurityContext using the Central Authentication Service.

An ICasSecurityContext implementation in keeping with the traditional approach of performing actual authentication inside this security context. This security context is suitable for cases where your login URL (the "portalServiceUrl") is a constant. This class is based on edu.yale.its.tp.portal.security.YaleCasContext as distributed in the Yale uPortal CAS security provider version 3.0.0.

Version:
$Revision$ $Date$
See Also:
Serialized Form

Nested Class Summary
 
Nested classes/interfaces inherited from class org.jasig.portal.security.provider.ChainingSecurityContext
ChainingSecurityContext.ChainingAdditionalDescriptor, ChainingSecurityContext.ChainingOpaqueCredentials, ChainingSecurityContext.ChainingPrincipal
 
Field Summary
private  java.lang.String casProxyCallbackUrl
          The https: URL at which CAS is to call back the uPortal with Proxy Granting Tickets.
private  java.lang.String casValidateUrl
          The https: URL at which CAS offers its ticket validation service.
private  java.lang.String pgtIou
          The pgtIou which keys to the Proxy Granting Ticket associated with this authenticated security context, if any.
private  java.lang.String portalServiceUrl
          The URL of the uPortal Login servlet to which service tickets will authenticate users.
private static long serialVersionUID
           
 
Fields inherited from class org.jasig.portal.security.provider.ChainingSecurityContext
isauth, log, myAdditionalDescriptor, myOpaqueCredentials, myOrder, myPrincipal, mySubContexts, stopWhenAuthenticated
 
Fields inherited from interface org.jasig.portal.security.provider.cas.ICasSecurityContext
CAS_AUTHTYPE
 
Constructor Summary
CasSecurityContext(java.lang.String portalServiceUrl, java.lang.String casValidateUrl)
          Instantiate a YaleCasContext given a constant URL to which CAS service tickets will authenticate users, a URL at which to validate those tickets.
CasSecurityContext(java.lang.String portalServiceUrl, java.lang.String casValidateUrl, java.lang.String casProxyCallbackUrl)
          Instantiate a YaleCasContext given a constant URL to which CAS service tickets will authenticate users, a URL at which to validate those tickets, and a callback URL at which to ask CAS to deliver Proxy Granting Tickets.
 
Method Summary
 void authenticate()
          We walk the chain of subcontext assigning principals and opaquecredentials from the parent.
 int getAuthType()
          Returns the canonical authentication type for this flavor of authentication.
 java.lang.String getCasServiceToken(java.lang.String target)
          Get a proxy ticket for a given target.
 java.lang.String toString()
           
 
Methods inherited from class org.jasig.portal.security.provider.ChainingSecurityContext
addSubContext, doesSubContextExist, getAdditionalDescriptor, getOpaqueCredentials, getOpaqueCredentialsInstance, getPrincipal, getPrincipalInstance, getSubContext, getSubContextNames, getSubContexts, isAuthenticated
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

serialVersionUID

private static final long serialVersionUID
See Also:
Constant Field Values

portalServiceUrl

private final java.lang.String portalServiceUrl
The URL of the uPortal Login servlet to which service tickets will authenticate users.


casValidateUrl

private final java.lang.String casValidateUrl
The https: URL at which CAS offers its ticket validation service.


casProxyCallbackUrl

private final java.lang.String casProxyCallbackUrl
The https: URL at which CAS is to call back the uPortal with Proxy Granting Tickets.


pgtIou

private java.lang.String pgtIou
The pgtIou which keys to the Proxy Granting Ticket associated with this authenticated security context, if any.

Constructor Detail

CasSecurityContext

public CasSecurityContext(java.lang.String portalServiceUrl,
                          java.lang.String casValidateUrl,
                          java.lang.String casProxyCallbackUrl)
Instantiate a YaleCasContext given a constant URL to which CAS service tickets will authenticate users, a URL at which to validate those tickets, and a callback URL at which to ask CAS to deliver Proxy Granting Tickets.

Parameters:
portalServiceUrl - - the constant URL to which service tickets authenticate users
casValidateUrl - - the https: URL at which CAS offers its ticket validation service
casProxyCallbackUrl - - the https: URL to which CAS should send proxy granting tickets.

CasSecurityContext

public CasSecurityContext(java.lang.String portalServiceUrl,
                          java.lang.String casValidateUrl)
Instantiate a YaleCasContext given a constant URL to which CAS service tickets will authenticate users, a URL at which to validate those tickets.

Parameters:
portalServiceUrl - - the constant URL to which service tickets authenticate users
casValidateUrl - - the https: URL at which CAS offers its ticket validation service
Method Detail

getAuthType

public int getAuthType()
Description copied from interface: ISecurityContext
Returns the canonical authentication type for this flavor of authentication. Each value returned should be either a globally registered auth flavor or a local variant.

Specified by:
getAuthType in interface ISecurityContext
Returns:
The unique authentication value identifier. Values with the high order 16 bits clear are local (0x0000 - 0x00FF) where values with the high order 16 bits set (0xFF00 - 0xFFFF are foundation types distributed by JASIG. All other should be registered and globally unique.

authenticate

public void authenticate()
                  throws PortalSecurityException
Description copied from class: ChainingSecurityContext
We walk the chain of subcontext assigning principals and opaquecredentials from the parent. Note that the contexts themselves should resist actually performing the assignment if an assignment has already been made to either the credentials or the UID.

Specified by:
authenticate in interface ISecurityContext
Overrides:
authenticate in class ChainingSecurityContext
Throws:
PortalSecurityException
See Also:
ISecurityContext.getPrincipalInstance(), ISecurityContext.getOpaqueCredentialsInstance()

getCasServiceToken

public java.lang.String getCasServiceToken(java.lang.String target)
                                    throws CasProxyTicketAcquisitionException
Description copied from interface: ICasSecurityContext
Get a proxy ticket for a given target. Implementations should return null if no PGTIOU or PGT is available by which to obtain a proxy ticket. Implementations should throw a CASProxyTicketAcquisitionException if an error occurs during an attempt to obtain a PGT. In particular, inability to contact the CAS server and expiration of the underlying PGT should result in a CASProxyTicketAcquisitionException.

Specified by:
getCasServiceToken in interface ICasSecurityContext
Parameters:
target - - URL for which a proxy ticket is desired.
Returns:
a valid proxy ticket for the target, or null.
Throws:
CasProxyTicketAcquisitionException

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object