use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.
the class CasJdbcThrottlingConfiguration method authenticationThrottle.
@Autowired
@Bean
@RefreshScope
public ThrottledSubmissionHandlerInterceptor authenticationThrottle(@Qualifier("auditTrailExecutionPlan") final AuditTrailExecutionPlan auditTrailManager) {
final ThrottleProperties throttle = casProperties.getAuthn().getThrottle();
final ThrottleProperties.Failure failure = throttle.getFailure();
return new JdbcThrottledSubmissionHandlerInterceptorAdapter(failure.getThreshold(), failure.getRangeSeconds(), throttle.getUsernameParameter(), auditTrailManager, inspektrAuditTrailDataSource(), throttle.getAppcode(), throttle.getJdbc().getAuditQuery(), failure.getCode());
}
use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.
the class CasMongoDbThrottlingConfiguration method authenticationThrottle.
@Autowired
@Bean
@RefreshScope
public ThrottledSubmissionHandlerInterceptor authenticationThrottle(@Qualifier("auditTrailExecutionPlan") final AuditTrailExecutionPlan auditTrailExecutionPlan) {
final ThrottleProperties throttle = casProperties.getAuthn().getThrottle();
final ThrottleProperties.Failure failure = throttle.getFailure();
final AuditMongoDbProperties mongo = casProperties.getAudit().getMongo();
final MongoDbConnectionFactory factory = new MongoDbConnectionFactory();
final MongoTemplate mongoTemplate = factory.buildMongoTemplate(mongo);
factory.createCollection(mongoTemplate, mongo.getCollection(), mongo.isDropCollection());
return new MongoDbThrottledSubmissionHandlerInterceptorAdapter(failure.getThreshold(), failure.getRangeSeconds(), throttle.getUsernameParameter(), auditTrailExecutionPlan, mongoTemplate, failure.getCode(), throttle.getAppcode(), mongo.getCollection());
}
use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.
the class TokenCoreConfiguration method tokenCipherExecutor.
@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "tokenCipherExecutor")
public CipherExecutor tokenCipherExecutor() {
final EncryptionOptionalSigningJwtCryptographyProperties crypto = casProperties.getAuthn().getToken().getCrypto();
boolean enabled = crypto.isEnabled();
if (!enabled && (StringUtils.isNotBlank(crypto.getEncryption().getKey())) && StringUtils.isNotBlank(crypto.getSigning().getKey())) {
LOGGER.warn("Token encryption/signing is not enabled explicitly in the configuration, yet signing/encryption keys " + "are defined for operations. CAS will proceed to enable the token encryption/signing functionality.");
enabled = true;
}
if (enabled) {
return new TokenTicketCipherExecutor(crypto.getEncryption().getKey(), crypto.getSigning().getKey(), crypto.getAlg(), crypto.isEncryptionEnabled());
}
LOGGER.info("Token cookie encryption/signing is turned off. This " + "MAY NOT be safe in a production environment. Consider using other choices to handle encryption, " + "signing and verification of generated tokens.");
return CipherExecutor.noOp();
}
use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.
the class MultifactorAuthnTrustConfiguration method mfaTrustEngine.
@ConditionalOnMissingBean(name = "mfaTrustEngine")
@Bean
@RefreshScope
public MultifactorAuthenticationTrustStorage mfaTrustEngine() {
final TrustedDevicesMultifactorProperties trusted = casProperties.getAuthn().getMfa().getTrusted();
final LoadingCache<String, MultifactorAuthenticationTrustRecord> storage = Caffeine.newBuilder().initialCapacity(INITIAL_CACHE_SIZE).maximumSize(MAX_CACHE_SIZE).expireAfterWrite(trusted.getExpiration(), trusted.getTimeUnit()).build(s -> {
LOGGER.error("Load operation of the cache is not supported.");
return null;
});
storage.asMap();
final BaseMultifactorAuthenticationTrustStorage m;
if (trusted.getJson().getLocation() != null) {
LOGGER.debug("Storing trusted device records inside the JSON resource [{}]", trusted.getJson().getLocation());
m = new JsonMultifactorAuthenticationTrustStorage(trusted.getJson().getLocation());
} else {
LOGGER.warn("Storing trusted device records in runtime memory. Changes and records will be lost upon CAS restarts");
m = new InMemoryMultifactorAuthenticationTrustStorage(storage);
}
m.setCipherExecutor(mfaTrustCipherExecutor());
return m;
}
use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.
the class CasJdbcAuthenticationConfiguration method jdbcAuthenticationHandlers.
@ConditionalOnMissingBean(name = "jdbcAuthenticationHandlers")
@Bean
@RefreshScope
public Collection<AuthenticationHandler> jdbcAuthenticationHandlers() {
final Collection<AuthenticationHandler> handlers = new HashSet<>();
final JdbcAuthenticationProperties jdbc = casProperties.getAuthn().getJdbc();
jdbc.getBind().forEach(b -> handlers.add(bindModeSearchDatabaseAuthenticationHandler(b)));
jdbc.getEncode().forEach(b -> handlers.add(queryAndEncodeDatabaseAuthenticationHandler(b)));
jdbc.getQuery().forEach(b -> handlers.add(queryDatabaseAuthenticationHandler(b)));
jdbc.getSearch().forEach(b -> handlers.add(searchModeSearchDatabaseAuthenticationHandler(b)));
return handlers;
}
Aggregations