Examples with CRLFetcher - org.apereo.cas.adaptors.x509.authentication.CRLFetcher

Example 1 with CRLFetcher

use of org.apereo.cas.adaptors.x509.authentication.CRLFetcher in project cas by apereo.

the class X509AuthenticationConfiguration method resourceCrlRevocationChecker.

@Bean
public RevocationChecker resourceCrlRevocationChecker() {
    final X509Properties x509 = casProperties.getAuthn().getX509();
    final Set<Resource> x509CrlResources = x509.getCrlResources().stream().map(s -> this.resourceLoader.getResource(s)).collect(Collectors.toSet());
    return new ResourceCRLRevocationChecker(x509.isCheckAll(), getRevocationPolicy(x509.getCrlResourceUnavailablePolicy()), getRevocationPolicy(x509.getCrlResourceExpiredPolicy()), x509.getRefreshIntervalSeconds(), crlFetcher(), x509CrlResources);
}

Also used : CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) X509SubjectAlternativeNameUPNPrincipalResolver(org.apereo.cas.adaptors.x509.authentication.principal.X509SubjectAlternativeNameUPNPrincipalResolver) X509SubjectPrincipalResolver(org.apereo.cas.adaptors.x509.authentication.principal.X509SubjectPrincipalResolver) RevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.RevocationPolicy) X509SerialNumberAndIssuerDNPrincipalResolver(org.apereo.cas.adaptors.x509.authentication.principal.X509SerialNumberAndIssuerDNPrincipalResolver) Autowired(org.springframework.beans.factory.annotation.Autowired) Beans(org.apereo.cas.configuration.support.Beans) StringUtils(org.apache.commons.lang3.StringUtils) AuthenticationEventExecutionPlan(org.apereo.cas.authentication.AuthenticationEventExecutionPlan) IPersonAttributeDao(org.apereo.services.persondir.IPersonAttributeDao) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) AuthenticationHandler(org.apereo.cas.authentication.AuthenticationHandler) PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory) RevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.RevocationChecker) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) Qualifier(org.springframework.beans.factory.annotation.Qualifier) X509SubjectDNPrincipalResolver(org.apereo.cas.adaptors.x509.authentication.principal.X509SubjectDNPrincipalResolver) ServicesManager(org.apereo.cas.services.ServicesManager) Resource(org.springframework.core.io.Resource) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ResourceLoader(org.springframework.core.io.ResourceLoader) CRLFetcher(org.apereo.cas.adaptors.x509.authentication.CRLFetcher) X509SerialNumberPrincipalResolver(org.apereo.cas.adaptors.x509.authentication.principal.X509SerialNumberPrincipalResolver) PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver) Set(java.util.Set) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) AuthenticationEventExecutionPlanConfigurer(org.apereo.cas.config.support.authentication.AuthenticationEventExecutionPlanConfigurer) CRLDistributionPointRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.CRLDistributionPointRevocationChecker) ResourceCRLRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker) RegexUtils(org.apereo.cas.util.RegexUtils) Configuration(org.springframework.context.annotation.Configuration) DenyRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.DenyRevocationPolicy) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) X509Properties(org.apereo.cas.configuration.model.support.x509.X509Properties) AllowRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.AllowRevocationPolicy) NoOpRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.NoOpRevocationChecker) ResourceCRLFetcher(org.apereo.cas.adaptors.x509.authentication.ResourceCRLFetcher) LdaptiveResourceCRLFetcher(org.apereo.cas.adaptors.x509.authentication.ldap.LdaptiveResourceCRLFetcher) Bean(org.springframework.context.annotation.Bean) Cache(net.sf.ehcache.Cache) X509CredentialsAuthenticationHandler(org.apereo.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) ResourceCRLRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker) Resource(org.springframework.core.io.Resource) X509Properties(org.apereo.cas.configuration.model.support.x509.X509Properties) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Example 2 with CRLFetcher

use of org.apereo.cas.adaptors.x509.authentication.CRLFetcher in project cas by apereo.

the class X509AuthenticationConfiguration method crlDistributionPointRevocationChecker.

@Bean
public RevocationChecker crlDistributionPointRevocationChecker() {
    final X509Properties x509 = casProperties.getAuthn().getX509();
    final Cache cache = new Cache("CRL".concat(UUID.randomUUID().toString()), x509.getCacheMaxElementsInMemory(), x509.isCacheDiskOverflow(), x509.isCacheEternal(), x509.getCacheTimeToLiveSeconds(), x509.getCacheTimeToIdleSeconds());
    return new CRLDistributionPointRevocationChecker(x509.isCheckAll(), getRevocationPolicy(x509.getCrlUnavailablePolicy()), getRevocationPolicy(x509.getCrlExpiredPolicy()), cache, crlFetcher(), x509.isThrowOnFetchFailure());
}

Also used : CRLDistributionPointRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.CRLDistributionPointRevocationChecker) X509Properties(org.apereo.cas.configuration.model.support.x509.X509Properties) Cache(net.sf.ehcache.Cache) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

Cache (net.sf.ehcache.Cache)2 CRLDistributionPointRevocationChecker (org.apereo.cas.adaptors.x509.authentication.revocation.checker.CRLDistributionPointRevocationChecker)2 X509Properties (org.apereo.cas.configuration.model.support.x509.X509Properties)2 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)2 Bean (org.springframework.context.annotation.Bean)2 Set (java.util.Set)1 UUID (java.util.UUID)1 Collectors (java.util.stream.Collectors)1 StringUtils (org.apache.commons.lang3.StringUtils)1 CRLFetcher (org.apereo.cas.adaptors.x509.authentication.CRLFetcher)1 ResourceCRLFetcher (org.apereo.cas.adaptors.x509.authentication.ResourceCRLFetcher)1 X509CredentialsAuthenticationHandler (org.apereo.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler)1 LdaptiveResourceCRLFetcher (org.apereo.cas.adaptors.x509.authentication.ldap.LdaptiveResourceCRLFetcher)1 X509SerialNumberAndIssuerDNPrincipalResolver (org.apereo.cas.adaptors.x509.authentication.principal.X509SerialNumberAndIssuerDNPrincipalResolver)1 X509SerialNumberPrincipalResolver (org.apereo.cas.adaptors.x509.authentication.principal.X509SerialNumberPrincipalResolver)1 X509SubjectAlternativeNameUPNPrincipalResolver (org.apereo.cas.adaptors.x509.authentication.principal.X509SubjectAlternativeNameUPNPrincipalResolver)1 X509SubjectDNPrincipalResolver (org.apereo.cas.adaptors.x509.authentication.principal.X509SubjectDNPrincipalResolver)1 X509SubjectPrincipalResolver (org.apereo.cas.adaptors.x509.authentication.principal.X509SubjectPrincipalResolver)1 NoOpRevocationChecker (org.apereo.cas.adaptors.x509.authentication.revocation.checker.NoOpRevocationChecker)1 ResourceCRLRevocationChecker (org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker)1