Search in sources :

Example 31 with RefreshScope

use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.

the class CasJdbcThrottlingConfiguration method authenticationThrottle.

@Autowired
@Bean
@RefreshScope
public ThrottledSubmissionHandlerInterceptor authenticationThrottle(@Qualifier("auditTrailExecutionPlan") final AuditTrailExecutionPlan auditTrailManager) {
    final ThrottleProperties throttle = casProperties.getAuthn().getThrottle();
    final ThrottleProperties.Failure failure = throttle.getFailure();
    return new JdbcThrottledSubmissionHandlerInterceptorAdapter(failure.getThreshold(), failure.getRangeSeconds(), throttle.getUsernameParameter(), auditTrailManager, inspektrAuditTrailDataSource(), throttle.getAppcode(), throttle.getJdbc().getAuditQuery(), failure.getCode());
}
Also used : JdbcThrottledSubmissionHandlerInterceptorAdapter(org.apereo.cas.web.support.JdbcThrottledSubmissionHandlerInterceptorAdapter) ThrottleProperties(org.apereo.cas.configuration.model.support.throttle.ThrottleProperties) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) Autowired(org.springframework.beans.factory.annotation.Autowired) Bean(org.springframework.context.annotation.Bean)

Example 32 with RefreshScope

use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.

the class CasMongoDbThrottlingConfiguration method authenticationThrottle.

@Autowired
@Bean
@RefreshScope
public ThrottledSubmissionHandlerInterceptor authenticationThrottle(@Qualifier("auditTrailExecutionPlan") final AuditTrailExecutionPlan auditTrailExecutionPlan) {
    final ThrottleProperties throttle = casProperties.getAuthn().getThrottle();
    final ThrottleProperties.Failure failure = throttle.getFailure();
    final AuditMongoDbProperties mongo = casProperties.getAudit().getMongo();
    final MongoDbConnectionFactory factory = new MongoDbConnectionFactory();
    final MongoTemplate mongoTemplate = factory.buildMongoTemplate(mongo);
    factory.createCollection(mongoTemplate, mongo.getCollection(), mongo.isDropCollection());
    return new MongoDbThrottledSubmissionHandlerInterceptorAdapter(failure.getThreshold(), failure.getRangeSeconds(), throttle.getUsernameParameter(), auditTrailExecutionPlan, mongoTemplate, failure.getCode(), throttle.getAppcode(), mongo.getCollection());
}
Also used : MongoDbConnectionFactory(org.apereo.cas.mongo.MongoDbConnectionFactory) MongoTemplate(org.springframework.data.mongodb.core.MongoTemplate) MongoDbThrottledSubmissionHandlerInterceptorAdapter(org.apereo.cas.web.support.MongoDbThrottledSubmissionHandlerInterceptorAdapter) AuditMongoDbProperties(org.apereo.cas.configuration.model.core.audit.AuditMongoDbProperties) ThrottleProperties(org.apereo.cas.configuration.model.support.throttle.ThrottleProperties) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) Autowired(org.springframework.beans.factory.annotation.Autowired) Bean(org.springframework.context.annotation.Bean)

Example 33 with RefreshScope

use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.

the class TokenCoreConfiguration method tokenCipherExecutor.

@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "tokenCipherExecutor")
public CipherExecutor tokenCipherExecutor() {
    final EncryptionOptionalSigningJwtCryptographyProperties crypto = casProperties.getAuthn().getToken().getCrypto();
    boolean enabled = crypto.isEnabled();
    if (!enabled && (StringUtils.isNotBlank(crypto.getEncryption().getKey())) && StringUtils.isNotBlank(crypto.getSigning().getKey())) {
        LOGGER.warn("Token encryption/signing is not enabled explicitly in the configuration, yet signing/encryption keys " + "are defined for operations. CAS will proceed to enable the token encryption/signing functionality.");
        enabled = true;
    }
    if (enabled) {
        return new TokenTicketCipherExecutor(crypto.getEncryption().getKey(), crypto.getSigning().getKey(), crypto.getAlg(), crypto.isEncryptionEnabled());
    }
    LOGGER.info("Token cookie encryption/signing is turned off. This " + "MAY NOT be safe in a production environment. Consider using other choices to handle encryption, " + "signing and verification of generated tokens.");
    return CipherExecutor.noOp();
}
Also used : EncryptionOptionalSigningJwtCryptographyProperties(org.apereo.cas.configuration.model.core.util.EncryptionOptionalSigningJwtCryptographyProperties) TokenTicketCipherExecutor(org.apereo.cas.token.cipher.TokenTicketCipherExecutor) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Example 34 with RefreshScope

use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.

the class MultifactorAuthnTrustConfiguration method mfaTrustEngine.

@ConditionalOnMissingBean(name = "mfaTrustEngine")
@Bean
@RefreshScope
public MultifactorAuthenticationTrustStorage mfaTrustEngine() {
    final TrustedDevicesMultifactorProperties trusted = casProperties.getAuthn().getMfa().getTrusted();
    final LoadingCache<String, MultifactorAuthenticationTrustRecord> storage = Caffeine.newBuilder().initialCapacity(INITIAL_CACHE_SIZE).maximumSize(MAX_CACHE_SIZE).expireAfterWrite(trusted.getExpiration(), trusted.getTimeUnit()).build(s -> {
        LOGGER.error("Load operation of the cache is not supported.");
        return null;
    });
    storage.asMap();
    final BaseMultifactorAuthenticationTrustStorage m;
    if (trusted.getJson().getLocation() != null) {
        LOGGER.debug("Storing trusted device records inside the JSON resource [{}]", trusted.getJson().getLocation());
        m = new JsonMultifactorAuthenticationTrustStorage(trusted.getJson().getLocation());
    } else {
        LOGGER.warn("Storing trusted device records in runtime memory. Changes and records will be lost upon CAS restarts");
        m = new InMemoryMultifactorAuthenticationTrustStorage(storage);
    }
    m.setCipherExecutor(mfaTrustCipherExecutor());
    return m;
}
Also used : InMemoryMultifactorAuthenticationTrustStorage(org.apereo.cas.trusted.authentication.storage.InMemoryMultifactorAuthenticationTrustStorage) MultifactorAuthenticationTrustRecord(org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecord) BaseMultifactorAuthenticationTrustStorage(org.apereo.cas.trusted.authentication.storage.BaseMultifactorAuthenticationTrustStorage) TrustedDevicesMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.TrustedDevicesMultifactorProperties) JsonMultifactorAuthenticationTrustStorage(org.apereo.cas.trusted.authentication.storage.JsonMultifactorAuthenticationTrustStorage) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Example 35 with RefreshScope

use of org.springframework.cloud.context.config.annotation.RefreshScope in project cas by apereo.

the class CasJdbcAuthenticationConfiguration method jdbcAuthenticationHandlers.

@ConditionalOnMissingBean(name = "jdbcAuthenticationHandlers")
@Bean
@RefreshScope
public Collection<AuthenticationHandler> jdbcAuthenticationHandlers() {
    final Collection<AuthenticationHandler> handlers = new HashSet<>();
    final JdbcAuthenticationProperties jdbc = casProperties.getAuthn().getJdbc();
    jdbc.getBind().forEach(b -> handlers.add(bindModeSearchDatabaseAuthenticationHandler(b)));
    jdbc.getEncode().forEach(b -> handlers.add(queryAndEncodeDatabaseAuthenticationHandler(b)));
    jdbc.getQuery().forEach(b -> handlers.add(queryDatabaseAuthenticationHandler(b)));
    jdbc.getSearch().forEach(b -> handlers.add(searchModeSearchDatabaseAuthenticationHandler(b)));
    return handlers;
}
Also used : BindModeSearchDatabaseAuthenticationHandler(org.apereo.cas.adaptors.jdbc.BindModeSearchDatabaseAuthenticationHandler) AuthenticationHandler(org.apereo.cas.authentication.AuthenticationHandler) QueryDatabaseAuthenticationHandler(org.apereo.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler) QueryAndEncodeDatabaseAuthenticationHandler(org.apereo.cas.adaptors.jdbc.QueryAndEncodeDatabaseAuthenticationHandler) SearchModeSearchDatabaseAuthenticationHandler(org.apereo.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler) BindJdbcAuthenticationProperties(org.apereo.cas.configuration.model.support.jdbc.BindJdbcAuthenticationProperties) QueryEncodeJdbcAuthenticationProperties(org.apereo.cas.configuration.model.support.jdbc.QueryEncodeJdbcAuthenticationProperties) QueryJdbcAuthenticationProperties(org.apereo.cas.configuration.model.support.jdbc.QueryJdbcAuthenticationProperties) SearchJdbcAuthenticationProperties(org.apereo.cas.configuration.model.support.jdbc.SearchJdbcAuthenticationProperties) JdbcAuthenticationProperties(org.apereo.cas.configuration.model.support.jdbc.JdbcAuthenticationProperties) HashSet(java.util.HashSet) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)167 Bean (org.springframework.context.annotation.Bean)167 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)114 Autowired (org.springframework.beans.factory.annotation.Autowired)20 ArrayList (java.util.ArrayList)15 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)11 ServletRegistrationBean (org.springframework.boot.web.servlet.ServletRegistrationBean)11 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)8 EncryptionJwtSigningJwtCryptographyProperties (org.apereo.cas.configuration.model.core.util.EncryptionJwtSigningJwtCryptographyProperties)8 EnableConfigurationProperties (org.springframework.boot.context.properties.EnableConfigurationProperties)8 List (java.util.List)7 SneakyThrows (lombok.SneakyThrows)7 IPersonAttributeDao (org.apereo.services.persondir.IPersonAttributeDao)7 FilterRegistrationBean (org.springframework.boot.web.servlet.FilterRegistrationBean)7 ConnectionFactory (org.ldaptive.ConnectionFactory)6 Resource (org.springframework.core.io.Resource)5 Properties (java.util.Properties)4 GrouperPrincipalAttributesProperties (org.apereo.cas.configuration.model.core.authentication.GrouperPrincipalAttributesProperties)4 PrincipalAttributesProperties (org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesProperties)4 IgniteProperties (org.apereo.cas.configuration.model.support.ignite.IgniteProperties)4