use of org.apereo.cas.configuration.model.support.x509.X509Properties in project cas by apereo.
the class X509AuthenticationConfiguration method x509CredentialsAuthenticationHandler.
@Bean
@RefreshScope
public AuthenticationHandler x509CredentialsAuthenticationHandler() {
final X509Properties x509 = casProperties.getAuthn().getX509();
final RevocationChecker revChecker;
switch(x509.getRevocationChecker().trim().toLowerCase()) {
case "resource":
revChecker = resourceCrlRevocationChecker();
break;
case "crl":
revChecker = crlDistributionPointRevocationChecker();
break;
case "none":
default:
revChecker = noOpRevocationChecker();
break;
}
return new X509CredentialsAuthenticationHandler(x509.getName(), servicesManager, x509PrincipalFactory(), StringUtils.isNotBlank(x509.getRegExTrustedIssuerDnPattern()) ? RegexUtils.createPattern(x509.getRegExTrustedIssuerDnPattern()) : null, x509.getMaxPathLength(), x509.isMaxPathLengthAllowUnspecified(), x509.isCheckKeyUsage(), x509.isRequireKeyUsage(), StringUtils.isNotBlank(x509.getRegExSubjectDnPattern()) ? RegexUtils.createPattern(x509.getRegExSubjectDnPattern()) : null, revChecker);
}
use of org.apereo.cas.configuration.model.support.x509.X509Properties in project cas by apereo.
the class X509AuthenticationConfiguration method x509SerialNumberPrincipalResolver.
@Bean
@RefreshScope
public PrincipalResolver x509SerialNumberPrincipalResolver() {
final X509Properties x509 = casProperties.getAuthn().getX509();
final X509SerialNumberPrincipalResolver r = new X509SerialNumberPrincipalResolver();
r.setAttributeRepository(attributeRepository);
r.setPrincipalAttributeName(x509.getPrincipal().getPrincipalAttribute());
r.setReturnNullIfNoAttributes(x509.getPrincipal().isReturnNull());
r.setPrincipalFactory(x509PrincipalFactory());
return r;
}
use of org.apereo.cas.configuration.model.support.x509.X509Properties in project cas by apereo.
the class X509AuthenticationConfiguration method x509SubjectDNPrincipalResolver.
@Bean
@RefreshScope
public PrincipalResolver x509SubjectDNPrincipalResolver() {
final X509Properties x509 = casProperties.getAuthn().getX509();
final X509SubjectDNPrincipalResolver r = new X509SubjectDNPrincipalResolver();
r.setAttributeRepository(attributeRepository);
r.setPrincipalAttributeName(x509.getPrincipal().getPrincipalAttribute());
r.setReturnNullIfNoAttributes(x509.getPrincipal().isReturnNull());
r.setPrincipalFactory(x509PrincipalFactory());
return r;
}
use of org.apereo.cas.configuration.model.support.x509.X509Properties in project cas by apereo.
the class X509AuthenticationConfiguration method x509SubjectAlternativeNameUPNPrincipalResolver.
@Bean
@RefreshScope
public PrincipalResolver x509SubjectAlternativeNameUPNPrincipalResolver() {
final X509Properties x509 = casProperties.getAuthn().getX509();
final X509SubjectAlternativeNameUPNPrincipalResolver r = new X509SubjectAlternativeNameUPNPrincipalResolver();
r.setAttributeRepository(attributeRepository);
r.setPrincipalAttributeName(x509.getPrincipal().getPrincipalAttribute());
r.setReturnNullIfNoAttributes(x509.getPrincipal().isReturnNull());
r.setPrincipalFactory(x509PrincipalFactory());
return r;
}
use of org.apereo.cas.configuration.model.support.x509.X509Properties in project cas by apereo.
the class X509AuthenticationConfiguration method resourceCrlRevocationChecker.
@Bean
public RevocationChecker resourceCrlRevocationChecker() {
final X509Properties x509 = casProperties.getAuthn().getX509();
final Set<Resource> x509CrlResources = x509.getCrlResources().stream().map(s -> this.resourceLoader.getResource(s)).collect(Collectors.toSet());
return new ResourceCRLRevocationChecker(x509.isCheckAll(), getRevocationPolicy(x509.getCrlResourceUnavailablePolicy()), getRevocationPolicy(x509.getCrlResourceExpiredPolicy()), x509.getRefreshIntervalSeconds(), crlFetcher(), x509CrlResources);
}
Aggregations