Example 1 with DirectCasClient
use of org.pac4j.cas.client.direct.DirectCasClient in project cas by apereo.
the class CasSecurityContextConfiguration method config.
@RefreshScope
@Bean
public Config config() {
try {
final AdminPagesSecurityProperties adminProps = casProperties.getAdminPagesSecurity();
if (StringUtils.isNotBlank(adminProps.getLoginUrl()) && StringUtils.isNotBlank(adminProps.getService())) {
final CasConfiguration casConfig = new CasConfiguration(adminProps.getLoginUrl());
final DirectCasClient client = new DirectCasClient(casConfig);
client.setName(CAS_CLIENT_NAME);
final Config cfg = new Config(adminProps.getService(), client);
if (adminProps.getUsers() == null) {
LOGGER.warn("List of authorized users for admin pages security is not defined. " + "Allowing access for all authenticated users");
client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
cfg.setAuthorizer(new IsAuthenticatedAuthorizer());
} else {
final Resource file = ResourceUtils.prepareClasspathResourceIfNeeded(adminProps.getUsers());
if (file != null && file.exists()) {
LOGGER.debug("Loading list of authorized users from [{}]", file);
final Properties properties = new Properties();
properties.load(file.getInputStream());
client.setAuthorizationGenerator(new SpringSecurityPropertiesAuthorizationGenerator(properties));
cfg.setAuthorizer(new RequireAnyRoleAuthorizer(adminProps.getAdminRoles()));
}
}
return cfg;
}
} catch (final Exception e) {
LOGGER.warn(e.getMessage(), e);
}
return new Config();
}
Also used :
DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient)
IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)
SpringSecurityPropertiesAuthorizationGenerator(org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
Config(org.pac4j.core.config.Config)
Resource(org.springframework.core.io.Resource)
AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties)
Properties(java.util.Properties)
AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)
RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
Bean(org.springframework.context.annotation.Bean)
Example 2 with DirectCasClient
use of org.pac4j.cas.client.direct.DirectCasClient in project cas by apereo.
the class CasManagementWebAppConfiguration method casClient.
@Bean
public Client casClient() {
final CasConfiguration cfg = new CasConfiguration(casProperties.getServer().getLoginUrl());
final DirectCasClient client = new DirectCasClient(cfg);
client.setAuthorizationGenerator(authorizationGenerator());
client.setName("CasClient");
return client;
}
Also used :
DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Example 3 with DirectCasClient
use of org.pac4j.cas.client.direct.DirectCasClient in project cas by apereo.
the class CasSecurityContextConfiguration method casAdminPagesPac4jConfig.
@RefreshScope
@Bean
public Config casAdminPagesPac4jConfig() {
try {
final AdminPagesSecurityProperties adminProps = casProperties.getAdminPagesSecurity();
if (StringUtils.isNotBlank(adminProps.getLoginUrl()) && StringUtils.isNotBlank(adminProps.getService())) {
final CasConfiguration casConfig = new CasConfiguration(adminProps.getLoginUrl());
final DirectCasClient client = new DirectCasClient(casConfig);
client.setName(CAS_CLIENT_NAME);
final Config cfg = new Config(adminProps.getService(), client);
if (adminProps.getUsers() == null) {
LOGGER.warn("List of authorized users for admin pages security is not defined. " + "Allowing access for all authenticated users");
client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
cfg.setAuthorizer(new IsAuthenticatedAuthorizer());
} else {
final Resource file = ResourceUtils.prepareClasspathResourceIfNeeded(adminProps.getUsers());
if (file != null && file.exists()) {
LOGGER.debug("Loading list of authorized users from [{}]", file);
final Properties properties = new Properties();
properties.load(file.getInputStream());
client.setAuthorizationGenerator(new SpringSecurityPropertiesAuthorizationGenerator(properties));
cfg.setAuthorizer(new RequireAnyRoleAuthorizer(adminProps.getAdminRoles()));
}
}
return cfg;
}
} catch (final Exception e) {
LOGGER.warn(e.getMessage(), e);
}
return new Config();
}
Also used :
DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient)
IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)
SpringSecurityPropertiesAuthorizationGenerator(org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
Config(org.pac4j.core.config.Config)
Resource(org.springframework.core.io.Resource)
AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties)
Properties(java.util.Properties)
AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)
RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
Bean(org.springframework.context.annotation.Bean)
Aggregations
DirectCasClient (org.pac4j.cas.client.direct.DirectCasClient)3
CasConfiguration (org.pac4j.cas.config.CasConfiguration)3
Bean (org.springframework.context.annotation.Bean)3
Properties (java.util.Properties)2
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)2
AdminPagesSecurityProperties (org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)2
IsAuthenticatedAuthorizer (org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)2
RequireAnyRoleAuthorizer (org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)2
SpringSecurityPropertiesAuthorizationGenerator (org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)2
Config (org.pac4j.core.config.Config)2
EnableConfigurationProperties (org.springframework.boot.context.properties.EnableConfigurationProperties)2
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)2
Resource (org.springframework.core.io.Resource)2
ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)1
