Examples with CasProtocolValidationSpecification org.apereo.cas.validation.CasProtocolValidationSpecification used on opensource projects

Example 1 with CasProtocolValidationSpecification

use of org.apereo.cas.validation.CasProtocolValidationSpecification in project cas by apereo.

the class AbstractServiceValidateController method validateAssertion.

/**
 * Validate assertion.
 *
 * @param request         the request
 * @param serviceTicketId the service ticket id
 * @param assertion       the assertion
 * @param service         the service
 * @return true/false
 */
private boolean validateAssertion(final HttpServletRequest request, final String serviceTicketId, final Assertion assertion, final Service service) {
    for (final CasProtocolValidationSpecification s : this.validationSpecifications) {
        s.reset();
        final ServletRequestDataBinder binder = new ServletRequestDataBinder(s, "validationSpecification");
        initBinder(request, binder);
        binder.bind(request);
        if (!s.isSatisfiedBy(assertion, request)) {
            LOGGER.warn("Service ticket [{}] does not satisfy validation specification.", serviceTicketId);
            return false;
        }
    }
    enforceTicketValidationAuthorizationFor(request, service, assertion);
    return true;
}

Example 2 with CasProtocolValidationSpecification

use of org.apereo.cas.validation.CasProtocolValidationSpecification in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyAuthenticateTwiceWithRenew.

/**
 * This test simulates :
 * - a first authentication for a default service
 * - a second authentication with the renew parameter and the same service (and same credentials)
 * - a validation of the second ticket.
 * When supplemental authentications were returned with the chained authentications, the validation specification
 * failed as it only expects one authentication. Thus supplemental authentications should not be returned in the
 * chained authentications. Both concepts are orthogonal.
 */
@Test
public void verifyAuthenticateTwiceWithRenew() throws AbstractTicketException, AuthenticationException {
    final CentralAuthenticationService cas = getCentralAuthenticationService();
    final Service svc = getService("testDefault");
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket tgtId = cas.createTicketGrantingTicket(ctx);
    cas.grantServiceTicket(tgtId.getId(), svc, ctx);
    // simulate renew with new good same credentials
    final ServiceTicket st2Id = cas.grantServiceTicket(tgtId.getId(), svc, ctx);
    final Assertion assertion = cas.validateServiceTicket(st2Id.getId(), svc);
    final CasProtocolValidationSpecification validationSpecification = new Cas20WithoutProxyingValidationSpecification();
    assertTrue(validationSpecification.isSatisfiedBy(assertion, new MockHttpServletRequest()));
}