Example 6 with PrincipalResolver
use of org.apereo.cas.authentication.principal.PrincipalResolver in project cas by apereo.
the class PolicyBasedAuthenticationManagerTests method verifyAuthenticateAllSuccess.
@Test
public void verifyAuthenticateAllSuccess() throws Exception {
final Map<AuthenticationHandler, PrincipalResolver> map = new LinkedHashMap<>();
map.put(newMockHandler(true), null);
map.put(newMockHandler(true), null);
final AuthenticationEventExecutionPlan authenticationExecutionPlan = getAuthenticationExecutionPlan(map);
authenticationExecutionPlan.registerAuthenticationPolicy(new AllAuthenticationPolicy());
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(authenticationExecutionPlan, false, mock(ApplicationEventPublisher.class));
final Authentication auth = manager.authenticate(transaction);
assertEquals(2, auth.getSuccesses().size());
assertEquals(0, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
Also used :
PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver)
ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)
LinkedHashMap(java.util.LinkedHashMap)
AllAuthenticationPolicy(org.apereo.cas.authentication.policy.AllAuthenticationPolicy)
Test(org.junit.Test)
Example 7 with PrincipalResolver
use of org.apereo.cas.authentication.principal.PrincipalResolver in project cas by apereo.
the class PolicyBasedAuthenticationManager method authenticateInternal.
/**
* Authenticate internal authentication builder.
*
* @param transaction the transaction
* @return the authentication builder
* @throws AuthenticationException the authentication exception
*/
protected AuthenticationBuilder authenticateInternal(final AuthenticationTransaction transaction) throws AuthenticationException {
final Collection<Credential> credentials = transaction.getCredentials();
LOGGER.debug("Authentication credentials provided for this transaction are [{}]", credentials);
if (credentials.isEmpty()) {
LOGGER.error("Resolved authentication handlers for this transaction are empty");
throw new AuthenticationException("Resolved credentials for this transaction are empty");
}
final AuthenticationBuilder builder = new DefaultAuthenticationBuilder(NullPrincipal.getInstance());
credentials.stream().forEach(cred -> builder.addCredential(new BasicCredentialMetaData(cred)));
@NonNull final Set<AuthenticationHandler> handlerSet = getAuthenticationHandlersForThisTransaction(transaction);
LOGGER.debug("Candidate resolved authentication handlers for this transaction are [{}]", handlerSet);
if (handlerSet.isEmpty()) {
LOGGER.error("Resolved authentication handlers for this transaction are empty");
throw new AuthenticationException(builder.getFailures(), builder.getSuccesses());
}
try {
final Iterator<Credential> it = credentials.iterator();
AuthenticationCredentialsThreadLocalBinder.clearInProgressAuthentication();
while (it.hasNext()) {
final Credential credential = it.next();
LOGGER.debug("Attempting to authenticate credential [{}]", credential);
final Iterator<AuthenticationHandler> itHandlers = handlerSet.iterator();
boolean proceedWithNextHandler = true;
while (proceedWithNextHandler && itHandlers.hasNext()) {
final AuthenticationHandler handler = itHandlers.next();
if (handler.supports(credential)) {
try {
final PrincipalResolver resolver = getPrincipalResolverLinkedToHandlerIfAny(handler, transaction);
LOGGER.debug("Attempting authentication of [{}] using [{}]", credential.getId(), handler.getName());
authenticateAndResolvePrincipal(builder, credential, resolver, handler);
AuthenticationCredentialsThreadLocalBinder.bindInProgress(builder.build());
final Pair<Boolean, Set<Throwable>> failures = evaluateAuthenticationPolicies(builder.build(), transaction);
proceedWithNextHandler = !failures.getKey();
} catch (final Exception e) {
LOGGER.error("Authentication has failed. Credentials may be incorrect or CAS cannot " + "find authentication handler that supports [{}] of type [{}]. Examine the configuration to " + "ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace " + "the authentication event.", credential, credential.getClass().getSimpleName());
handleAuthenticationException(e, handler.getName(), builder);
proceedWithNextHandler = true;
}
} else {
LOGGER.debug("Authentication handler [{}] does not support the credential type [{}]. Trying next...", handler.getName(), credential);
}
}
}
evaluateFinalAuthentication(builder, transaction);
return builder;
} finally {
AuthenticationCredentialsThreadLocalBinder.clearInProgressAuthentication();
}
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
Set(java.util.Set)
UnresolvedPrincipalException(org.apereo.cas.authentication.exceptions.UnresolvedPrincipalException)
GeneralSecurityException(java.security.GeneralSecurityException)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver)
NonNull(lombok.NonNull)
Example 8 with PrincipalResolver
use of org.apereo.cas.authentication.principal.PrincipalResolver in project cas by apereo.
the class ChainingPrincipalResolver method getAttributeRepository.
@Override
public IPersonAttributeDao getAttributeRepository() {
val dao = new MergingPersonAttributeDaoImpl();
dao.setPersonAttributeDaos(this.chain.stream().map(PrincipalResolver::getAttributeRepository).collect(Collectors.toList()));
return dao;
}
Also used :
lombok.val(lombok.val)
MergingPersonAttributeDaoImpl(org.apereo.services.persondir.support.MergingPersonAttributeDaoImpl)
PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver)
Example 9 with PrincipalResolver
use of org.apereo.cas.authentication.principal.PrincipalResolver in project cas by apereo.
the class PolicyBasedAuthenticationManagerTests method verifyAuthenticateAnyButTryAllSuccess.
@Test
public void verifyAuthenticateAnyButTryAllSuccess() throws Exception {
final Map<AuthenticationHandler, PrincipalResolver> map = new HashMap<>();
map.put(newMockHandler(true), null);
map.put(newMockHandler(false), null);
final AuthenticationEventExecutionPlan authenticationExecutionPlan = getAuthenticationExecutionPlan(map);
authenticationExecutionPlan.registerAuthenticationPolicy(new AnyAuthenticationPolicy(true));
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(authenticationExecutionPlan, false, mock(ApplicationEventPublisher.class));
final Authentication auth = manager.authenticate(transaction);
assertEquals(1, auth.getSuccesses().size());
assertEquals(1, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
Also used :
AnyAuthenticationPolicy(org.apereo.cas.authentication.policy.AnyAuthenticationPolicy)
PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)
Test(org.junit.Test)
Example 10 with PrincipalResolver
use of org.apereo.cas.authentication.principal.PrincipalResolver in project cas by apereo.
the class PolicyBasedAuthenticationManagerTests method verifyAuthenticateAnyFailure.
@Test
public void verifyAuthenticateAnyFailure() throws Exception {
final Map<AuthenticationHandler, PrincipalResolver> map = new LinkedHashMap<>();
map.put(newMockHandler(false), null);
map.put(newMockHandler(false), null);
final AuthenticationEventExecutionPlan authenticationExecutionPlan = getAuthenticationExecutionPlan(map);
authenticationExecutionPlan.registerAuthenticationPolicy(new AnyAuthenticationPolicy());
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(authenticationExecutionPlan, false, mock(ApplicationEventPublisher.class));
this.thrown.expect(AuthenticationException.class);
manager.authenticate(transaction);
throw new AssertionError("Should have thrown authentication exception");
}
Also used :
AnyAuthenticationPolicy(org.apereo.cas.authentication.policy.AnyAuthenticationPolicy)
PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver)
ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)
LinkedHashMap(java.util.LinkedHashMap)
Test(org.junit.Test)
Aggregations
PrincipalResolver (org.apereo.cas.authentication.principal.PrincipalResolver)10
LinkedHashMap (java.util.LinkedHashMap)8
Test (org.junit.Test)8
ApplicationEventPublisher (org.springframework.context.ApplicationEventPublisher)8
AnyAuthenticationPolicy (org.apereo.cas.authentication.policy.AnyAuthenticationPolicy)3
RequiredHandlerAuthenticationPolicy (org.apereo.cas.authentication.policy.RequiredHandlerAuthenticationPolicy)3
HashMap (java.util.HashMap)2
AllAuthenticationPolicy (org.apereo.cas.authentication.policy.AllAuthenticationPolicy)2
UndeclaredThrowableException (java.lang.reflect.UndeclaredThrowableException)1
GeneralSecurityException (java.security.GeneralSecurityException)1
LinkedHashSet (java.util.LinkedHashSet)1
Set (java.util.Set)1
NonNull (lombok.NonNull)1
lombok.val (lombok.val)1
UnresolvedPrincipalException (org.apereo.cas.authentication.exceptions.UnresolvedPrincipalException)1
MergingPersonAttributeDaoImpl (org.apereo.services.persondir.support.MergingPersonAttributeDaoImpl)1
