org.jasig.cas

Class CentralAuthenticationServiceImpl

java.lang.Object

org.jasig.cas.CentralAuthenticationServiceImpl

All Implemented Interfaces:

CentralAuthenticationService

public final class CentralAuthenticationServiceImpl
extends Object
implements CentralAuthenticationService

Concrete implementation of a CentralAuthenticationService, and also the central, organizing component of CAS's internal implementation.

This class is threadsafe.

This class has the following properties that must be set:

• ticketRegistry - The Ticket Registry to maintain the list of available tickets.
• serviceTicketRegistry - Provides an alternative to configure separate registries for TGTs and ST in order to store them in different locations (i.e. long term memory or short-term)
• authenticationManager - The service that will handle authentication.
• ticketGrantingTicketUniqueTicketIdGenerator - Plug in to generate unique secure ids for TicketGrantingTickets.
• serviceTicketUniqueTicketIdGenerator - Plug in to generate unique secure ids for ServiceTickets.
• ticketGrantingTicketExpirationPolicy - The expiration policy for TicketGrantingTickets.
• serviceTicketExpirationPolicy - The expiration policy for ServiceTickets.

Since:

3.0

Version:

$Revision: 1.16 $ $Date: 2007/04/24 18:11:36 $

Author:

William G. Thompson, Jr., Scott Battaglia, Dmitry Kopylenko

Constructor Summary

Constructors

Constructor and Description
CentralAuthenticationServiceImpl()

Method Summary

Methods

Modifier and Type	Method and Description
String	createTicketGrantingTicket(Credentials credentials) Create a TicketGrantingTicket based on opaque credentials supplied by the caller.
String	delegateTicketGrantingTicket(String serviceTicketId, Credentials credentials) Delegate a TicketGrantingTicket to a Service for proxying authentication to other Services.
void	destroyTicketGrantingTicket(String ticketGrantingTicketId) Implementation of destoryTicketGrantingTicket expires the ticket provided and removes it from the TicketRegistry.
String	grantServiceTicket(String ticketGrantingTicketId, Service service) Grant a ServiceTicket for a Service.
String	grantServiceTicket(String ticketGrantingTicketId, Service service, Credentials credentials) Grant a ServiceTicket for a Service *if* the principal resolved from the credentials matches the principal associated with the TicketGrantingTicket.
void	setAuthenticationManager(AuthenticationManager authenticationManager) Method to inject the AuthenticationManager into the class.
void	setPersistentIdGenerator(PersistentIdGenerator persistentIdGenerator)
void	setServicesManager(ServicesManager servicesManager)
void	setServiceTicketExpirationPolicy(ExpirationPolicy serviceTicketExpirationPolicy) Method to inject the TicketGrantingTicket Expiration Policy.
void	setServiceTicketRegistry(TicketRegistry serviceTicketRegistry)
void	setTicketGrantingTicketExpirationPolicy(ExpirationPolicy ticketGrantingTicketExpirationPolicy) Method to inject the TicketGrantingTicket Expiration Policy.
void	setTicketGrantingTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator) Method to inject the Unique Ticket Id Generator into the class.
void	setTicketRegistry(TicketRegistry ticketRegistry) Method to set the TicketRegistry.
void	setUniqueTicketIdGeneratorsForService(Map<String,UniqueTicketIdGenerator> uniqueTicketIdGeneratorsForService)
Assertion	validateServiceTicket(String serviceTicketId, Service service) Validate a ServiceTicket for a particular Service.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CentralAuthenticationServiceImpl

public CentralAuthenticationServiceImpl()

Method Detail

destroyTicketGrantingTicket

@Transactional(readOnly=false)
public void destroyTicketGrantingTicket(String ticketGrantingTicketId)

Implementation of destoryTicketGrantingTicket expires the ticket provided and removes it from the TicketRegistry.

Specified by:

destroyTicketGrantingTicket in interface CentralAuthenticationService

Parameters:

ticketGrantingTicketId - the id of the ticket we want to destroy

Throws:

IllegalArgumentException - if the TicketGrantingTicket ID is null.

grantServiceTicket

@Transactional(readOnly=false)
public String grantServiceTicket(String ticketGrantingTicketId,
                                      Service service,
                                      Credentials credentials)
                          throws TicketException

Description copied from interface: CentralAuthenticationService

Grant a ServiceTicket for a Service *if* the principal resolved from the credentials matches the principal associated with the TicketGrantingTicket.

Specified by:

grantServiceTicket in interface CentralAuthenticationService

Parameters:

ticketGrantingTicketId - Proof of prior authentication.

service - The target service of the ServiceTicket.

credentials - the Credentials to present to receive the ServiceTicket

Returns:

the ServiceTicket for target Service.

Throws:

IllegalArgumentException - if TicketGrantingTicket ID, Credentials or Service are null.

TicketException - if the ticket could not be created.

grantServiceTicket

@Transactional(readOnly=false)
public String grantServiceTicket(String ticketGrantingTicketId,
                                      Service service)
                          throws TicketException

Description copied from interface: CentralAuthenticationService

Grant a ServiceTicket for a Service.

Specified by:

grantServiceTicket in interface CentralAuthenticationService

Parameters:

ticketGrantingTicketId - Proof of prior authentication.

service - The target service of the ServiceTicket.

Returns:

the ServiceTicket for target Service.

Throws:

TicketException - if the ticket could not be created.

delegateTicketGrantingTicket

@Transactional(readOnly=false)
public String delegateTicketGrantingTicket(String serviceTicketId,
                                                Credentials credentials)
                                    throws TicketException

Description copied from interface: CentralAuthenticationService

Delegate a TicketGrantingTicket to a Service for proxying authentication to other Services.

Specified by:

delegateTicketGrantingTicket in interface CentralAuthenticationService

Parameters:

serviceTicketId - The service ticket that will delegate to a TicketGrantingTicket

credentials - The credentials of the service that wishes to have a TicketGrantingTicket delegated to it.

Returns:

TicketGrantingTicket that can grant ServiceTickets that proxy authentication.

Throws:

IllegalArgumentException - if the ServiceTicketId or the Credentials are null.

TicketException - if there was an error creating the ticket

validateServiceTicket

@Transactional(readOnly=false)
public Assertion validateServiceTicket(String serviceTicketId,
                                            Service service)
                                throws TicketException

Description copied from interface: CentralAuthenticationService

Validate a ServiceTicket for a particular Service.

Specified by:

validateServiceTicket in interface CentralAuthenticationService

Parameters:

serviceTicketId - Proof of prior authentication.

service - Service wishing to validate a prior authentication.

Returns:

ServiceTicket if valid for the service

Throws:

IllegalArgumentException - if the ServiceTicketId or the Service are null.

TicketException - if there was an error validating the ticket.

createTicketGrantingTicket

@Transactional(readOnly=false)
public String createTicketGrantingTicket(Credentials credentials)
                                  throws TicketCreationException

Description copied from interface: CentralAuthenticationService

Create a TicketGrantingTicket based on opaque credentials supplied by the caller.

Specified by:

createTicketGrantingTicket in interface CentralAuthenticationService

Parameters:

credentials - The credentials to create the ticket for

Returns:

The String identifier of the ticket (may not be null).

Throws:

IllegalArgumentException - if the credentials are null.

TicketCreationException

setTicketRegistry

public void setTicketRegistry(TicketRegistry ticketRegistry)

Method to set the TicketRegistry.

Parameters:

ticketRegistry - the TicketRegistry to set.

setServiceTicketRegistry

public void setServiceTicketRegistry(TicketRegistry serviceTicketRegistry)

setAuthenticationManager

public void setAuthenticationManager(AuthenticationManager authenticationManager)

Method to inject the AuthenticationManager into the class.

Parameters:

authenticationManager - The authenticationManager to set.

setTicketGrantingTicketExpirationPolicy

public void setTicketGrantingTicketExpirationPolicy(ExpirationPolicy ticketGrantingTicketExpirationPolicy)

Method to inject the TicketGrantingTicket Expiration Policy.

Parameters:

ticketGrantingTicketExpirationPolicy - The ticketGrantingTicketExpirationPolicy to set.

setTicketGrantingTicketUniqueTicketIdGenerator

public void setTicketGrantingTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator)

Method to inject the Unique Ticket Id Generator into the class.

Parameters:

uniqueTicketIdGenerator - The uniqueTicketIdGenerator to use

setServiceTicketExpirationPolicy

public void setServiceTicketExpirationPolicy(ExpirationPolicy serviceTicketExpirationPolicy)

Method to inject the TicketGrantingTicket Expiration Policy.

Parameters:

serviceTicketExpirationPolicy - The serviceTicketExpirationPolicy to set.

setUniqueTicketIdGeneratorsForService

public void setUniqueTicketIdGeneratorsForService(Map<String,UniqueTicketIdGenerator> uniqueTicketIdGeneratorsForService)

setServicesManager

public void setServicesManager(ServicesManager servicesManager)

setPersistentIdGenerator

public void setPersistentIdGenerator(PersistentIdGenerator persistentIdGenerator)