Examples with IsAuthenticatedAuthorizer org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer used on opensource projects

Search in sources :

Example 1 with IsAuthenticatedAuthorizer

use of org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer in project cas by apereo.

the class CasSecurityContextConfiguration method config.

@RefreshScope
@Bean
public Config config() {
    try {
        final AdminPagesSecurityProperties adminProps = casProperties.getAdminPagesSecurity();
        if (StringUtils.isNotBlank(adminProps.getLoginUrl()) && StringUtils.isNotBlank(adminProps.getService())) {
            final CasConfiguration casConfig = new CasConfiguration(adminProps.getLoginUrl());
            final DirectCasClient client = new DirectCasClient(casConfig);
            client.setName(CAS_CLIENT_NAME);
            final Config cfg = new Config(adminProps.getService(), client);
            if (adminProps.getUsers() == null) {
                LOGGER.warn("List of authorized users for admin pages security is not defined. " + "Allowing access for all authenticated users");
                client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
                cfg.setAuthorizer(new IsAuthenticatedAuthorizer());
            } else {
                final Resource file = ResourceUtils.prepareClasspathResourceIfNeeded(adminProps.getUsers());
                if (file != null && file.exists()) {
                    LOGGER.debug("Loading list of authorized users from [{}]", file);
                    final Properties properties = new Properties();
                    properties.load(file.getInputStream());
                    client.setAuthorizationGenerator(new SpringSecurityPropertiesAuthorizationGenerator(properties));
                    cfg.setAuthorizer(new RequireAnyRoleAuthorizer(adminProps.getAdminRoles()));
                }
            }
            return cfg;
        }
    } catch (final Exception e) {
        LOGGER.warn(e.getMessage(), e);
    }
    return new Config();
}
Also used : DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient) IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer) SpringSecurityPropertiesAuthorizationGenerator(org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator) CasConfiguration(org.pac4j.cas.config.CasConfiguration) Config(org.pac4j.core.config.Config) Resource(org.springframework.core.io.Resource) AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) Properties(java.util.Properties) AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties) RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) Bean(org.springframework.context.annotation.Bean)

Example 2 with IsAuthenticatedAuthorizer

use of org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer in project cas by apereo.

the class CasConsentReviewConfiguration method casConsentPac4jConfig.

@Bean
@RefreshScope
public Config casConsentPac4jConfig() {
    final CasConfiguration conf = new CasConfiguration(casProperties.getServer().getLoginUrl());
    final CasClient client = new CasClient(conf);
    client.setName(CAS_CONSENT_CLIENT);
    client.setCallbackUrl(casProperties.getServer().getPrefix().concat("/consentReview/callback"));
    client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
    final Clients clients = new Clients(client);
    final Config config = new Config(clients);
    config.setAuthorizer(new IsAuthenticatedAuthorizer());
    config.setCallbackLogic(new DefaultCallbackLogic());
    config.setLogoutLogic(new DefaultLogoutLogic());
    // get role authorizer from admin pages for smooth integration
    final Map<String, Authorizer> adminAuthorizers = casAdminPagesPac4jConfig.getAuthorizers();
    final String auth = RequireAnyRoleAuthorizer.class.getSimpleName();
    if (adminAuthorizers.containsKey(auth)) {
        config.addAuthorizer(auth, adminAuthorizers.get(auth));
        final BaseClient adminClient = casAdminPagesPac4jConfig.getClients().findClient(DirectCasClient.class);
        client.addAuthorizationGenerators(adminClient.getAuthorizationGenerators());
    }
    return config;
}
Also used : IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer) CasConfiguration(org.pac4j.cas.config.CasConfiguration) Config(org.pac4j.core.config.Config) RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer) IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer) Authorizer(org.pac4j.core.authorization.authorizer.Authorizer) Clients(org.pac4j.core.client.Clients) DefaultLogoutLogic(org.pac4j.core.engine.DefaultLogoutLogic) DefaultCallbackLogic(org.pac4j.core.engine.DefaultCallbackLogic) BaseClient(org.pac4j.core.client.BaseClient) CasClient(org.pac4j.cas.client.CasClient) DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnBean(org.springframework.boot.autoconfigure.condition.ConditionalOnBean) Bean(org.springframework.context.annotation.Bean)

Example 3 with IsAuthenticatedAuthorizer

use of org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer in project cas by apereo.

the class CasSecurityContextConfiguration method casAdminPagesPac4jConfig.

@RefreshScope
@Bean
public Config casAdminPagesPac4jConfig() {
    try {
        final AdminPagesSecurityProperties adminProps = casProperties.getAdminPagesSecurity();
        if (StringUtils.isNotBlank(adminProps.getLoginUrl()) && StringUtils.isNotBlank(adminProps.getService())) {
            final CasConfiguration casConfig = new CasConfiguration(adminProps.getLoginUrl());
            final DirectCasClient client = new DirectCasClient(casConfig);
            client.setName(CAS_CLIENT_NAME);
            final Config cfg = new Config(adminProps.getService(), client);
            if (adminProps.getUsers() == null) {
                LOGGER.warn("List of authorized users for admin pages security is not defined. " + "Allowing access for all authenticated users");
                client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
                cfg.setAuthorizer(new IsAuthenticatedAuthorizer());
            } else {
                final Resource file = ResourceUtils.prepareClasspathResourceIfNeeded(adminProps.getUsers());
                if (file != null && file.exists()) {
                    LOGGER.debug("Loading list of authorized users from [{}]", file);
                    final Properties properties = new Properties();
                    properties.load(file.getInputStream());
                    client.setAuthorizationGenerator(new SpringSecurityPropertiesAuthorizationGenerator(properties));
                    cfg.setAuthorizer(new RequireAnyRoleAuthorizer(adminProps.getAdminRoles()));
                }
            }
            return cfg;
        }
    } catch (final Exception e) {
        LOGGER.warn(e.getMessage(), e);
    }
    return new Config();
}
Also used : DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient) IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer) SpringSecurityPropertiesAuthorizationGenerator(org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator) CasConfiguration(org.pac4j.cas.config.CasConfiguration) Config(org.pac4j.core.config.Config) Resource(org.springframework.core.io.Resource) AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) Properties(java.util.Properties) AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties) RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) Bean(org.springframework.context.annotation.Bean)

Aggregations

DirectCasClient (org.pac4j.cas.client.direct.DirectCasClient)3 CasConfiguration (org.pac4j.cas.config.CasConfiguration)3 IsAuthenticatedAuthorizer (org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)3 RequireAnyRoleAuthorizer (org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)3 Config (org.pac4j.core.config.Config)3 RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)3 Bean (org.springframework.context.annotation.Bean)3 Properties (java.util.Properties)2 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)2 AdminPagesSecurityProperties (org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)2 SpringSecurityPropertiesAuthorizationGenerator (org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)2 EnableConfigurationProperties (org.springframework.boot.context.properties.EnableConfigurationProperties)2 Resource (org.springframework.core.io.Resource)2 CasClient (org.pac4j.cas.client.CasClient)1 Authorizer (org.pac4j.core.authorization.authorizer.Authorizer)1 BaseClient (org.pac4j.core.client.BaseClient)1 Clients (org.pac4j.core.client.Clients)1 DefaultCallbackLogic (org.pac4j.core.engine.DefaultCallbackLogic)1 DefaultLogoutLogic (org.pac4j.core.engine.DefaultLogoutLogic)1 ConditionalOnBean (org.springframework.boot.autoconfigure.condition.ConditionalOnBean)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial