Example 1 with ProxyGrantingTicketFactory
use of org.apereo.cas.ticket.proxy.ProxyGrantingTicketFactory in project cas by apereo.
the class DefaultCentralAuthenticationService method createProxyGrantingTicket.
@Audit(action = "PROXY_GRANTING_TICKET", actionResolverName = "CREATE_PROXY_GRANTING_TICKET_RESOLVER", resourceResolverName = "CREATE_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER")
@Timed(name = "CREATE_PROXY_GRANTING_TICKET_TIMER")
@Metered(name = "CREATE_PROXY_GRANTING_TICKET_METER")
@Counted(name = "CREATE_PROXY_GRANTING_TICKET_COUNTER", monotonic = true)
@Override
public ProxyGrantingTicket createProxyGrantingTicket(final String serviceTicketId, final AuthenticationResult authenticationResult) throws AuthenticationException, AbstractTicketException {
AuthenticationCredentialsLocalBinder.bindCurrent(authenticationResult.getAuthentication());
final ServiceTicket serviceTicket = this.ticketRegistry.getTicket(serviceTicketId, ServiceTicket.class);
if (serviceTicket == null || serviceTicket.isExpired()) {
LOGGER.debug("ServiceTicket [{}] has expired or cannot be found in the ticket registry", serviceTicketId);
throw new InvalidTicketException(serviceTicketId);
}
final RegisteredService registeredService = this.servicesManager.findServiceBy(serviceTicket.getService());
RegisteredServiceAccessStrategyUtils.ensurePrincipalAccessIsAllowedForService(serviceTicket, authenticationResult, registeredService);
if (!registeredService.getProxyPolicy().isAllowedToProxy()) {
LOGGER.warn("ServiceManagement: Service [{}] attempted to proxy, but is not allowed.", serviceTicket.getService().getId());
throw new UnauthorizedProxyingException();
}
final Authentication authentication = authenticationResult.getAuthentication();
final ProxyGrantingTicketFactory factory = this.ticketFactory.get(ProxyGrantingTicket.class);
final ProxyGrantingTicket proxyGrantingTicket = factory.create(serviceTicket, authentication);
LOGGER.debug("Generated proxy granting ticket [{}] based off of [{}]", proxyGrantingTicket, serviceTicketId);
this.ticketRegistry.addTicket(proxyGrantingTicket);
doPublishEvent(new CasProxyGrantingTicketCreatedEvent(this, proxyGrantingTicket));
return proxyGrantingTicket;
}
Also used :
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException)
ServiceTicket(org.apereo.cas.ticket.ServiceTicket)
ProxyGrantingTicket(org.apereo.cas.ticket.proxy.ProxyGrantingTicket)
CasProxyGrantingTicketCreatedEvent(org.apereo.cas.support.events.ticket.CasProxyGrantingTicketCreatedEvent)
UnauthorizedProxyingException(org.apereo.cas.services.UnauthorizedProxyingException)
ProxyGrantingTicketFactory(org.apereo.cas.ticket.proxy.ProxyGrantingTicketFactory)
Audit(org.apereo.inspektr.audit.annotation.Audit)
Counted(com.codahale.metrics.annotation.Counted)
Metered(com.codahale.metrics.annotation.Metered)
Timed(com.codahale.metrics.annotation.Timed)
Aggregations
Counted (com.codahale.metrics.annotation.Counted)1
Metered (com.codahale.metrics.annotation.Metered)1
Timed (com.codahale.metrics.annotation.Timed)1
Authentication (org.apereo.cas.authentication.Authentication)1
RegisteredService (org.apereo.cas.services.RegisteredService)1
UnauthorizedProxyingException (org.apereo.cas.services.UnauthorizedProxyingException)1
CasProxyGrantingTicketCreatedEvent (org.apereo.cas.support.events.ticket.CasProxyGrantingTicketCreatedEvent)1
InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)1
ServiceTicket (org.apereo.cas.ticket.ServiceTicket)1
ProxyGrantingTicket (org.apereo.cas.ticket.proxy.ProxyGrantingTicket)1
ProxyGrantingTicketFactory (org.apereo.cas.ticket.proxy.ProxyGrantingTicketFactory)1
Audit (org.apereo.inspektr.audit.annotation.Audit)1
