@Bean
@RefreshScope
public AuthenticationHandler adfsAuthNHandler() {
final WsFederationProperties wsfed = casProperties.getAuthn().getWsfed();
final WsFederationAuthenticationHandler h = new WsFederationAuthenticationHandler();
h.setPrincipalFactory(adfsPrincipalFactory());
h.setServicesManager(servicesManager);
h.setName(wsfed.getName());
return h;
}
@PostConstruct
protected void initializeRootApplicationContext() {
final WsFederationProperties wsfed = casProperties.getAuthn().getWsfed();
if (StringUtils.isNotBlank(wsfed.getIdentityProviderUrl())
&& StringUtils.isNotBlank(wsfed.getIdentityProviderIdentifier())) {
if (!wsfed.isAttributeResolverEnabled()) {
authenticationHandlersResolvers.put(adfsAuthNHandler(), null);
} else {
authenticationHandlersResolvers.put(adfsAuthNHandler(), adfsPrincipalResolver());
}
}
}
@Bean
@RefreshScope
public PrincipalResolver adfsPrincipalResolver() {
final WsFederationProperties wsfed = casProperties.getAuthn().getWsfed();
final WsFederationCredentialsToPrincipalResolver r =
new WsFederationCredentialsToPrincipalResolver();
r.setConfiguration(wsFedConfig());
r.setAttributeRepository(attributeRepository);
r.setPrincipalAttributeName(wsfed.getPrincipal().getPrincipalAttribute());
r.setReturnNullIfNoAttributes(wsfed.getPrincipal().isReturnNull());
r.setPrincipalFactory(adfsPrincipalFactory());
return r;
}
@Bean
@RefreshScope
public WsFederationConfiguration wsFedConfig() {
final WsFederationConfiguration config = new WsFederationConfiguration();
final WsFederationProperties wsfed = casProperties.getAuthn().getWsfed();
config.setAttributesType(
WsFederationConfiguration.WsFedPrincipalResolutionAttributesType.valueOf(
wsfed.getAttributesType()));
config.setIdentityAttribute(wsfed.getIdentityAttribute());
config.setIdentityProviderIdentifier(wsfed.getIdentityProviderIdentifier());
config.setIdentityProviderUrl(wsfed.getIdentityProviderUrl());
config.setTolerance(wsfed.getTolerance());
config.setRelyingPartyIdentifier(wsfed.getRelyingPartyIdentifier());
org.springframework.util.StringUtils.commaDelimitedListToSet(
wsfed.getSigningCertificateResources())
.forEach(
s -> config.getSigningCertificateResources().add(this.resourceLoader.getResource(s)));
org.springframework.util.StringUtils.commaDelimitedListToSet(wsfed.getEncryptionPrivateKey())
.forEach(s -> config.setEncryptionPrivateKey(this.resourceLoader.getResource(s)));
org.springframework.util.StringUtils.commaDelimitedListToSet(wsfed.getEncryptionCertificate())
.forEach(s -> config.setEncryptionCertificate(this.resourceLoader.getResource(s)));
config.setEncryptionPrivateKeyPassword(wsfed.getEncryptionPrivateKeyPassword());
config.setAttributeMutator(this.attributeMutator);
return config;
}
