/**
* This method verify the ticket.
*
* @param ticket String, ticket to validate
* @param userId String, user id
* @return String
* @throws SecurityException the security exception
*/
public void validateTicket(String ticket, String userId) throws SecurityException {
logger.debug("IN");
ConfigSingleton config = ConfigSingleton.getInstance();
String validateUrl = null;
String validateService = null;
if (config != null) {
// only server side...
validateUrl = SingletonConfig.getInstance().getConfigValue("CAS_SSO.VALIDATE-USER.URL");
logger.debug("Read validateUrl=" + validateUrl);
validateService =
SingletonConfig.getInstance().getConfigValue("CAS_SSO.VALIDATE-USER.SERVICE");
logger.debug("Read validateService=" + validateService);
}
logger.debug("userId:" + userId);
try {
AttributePrincipal principal = null;
Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(validateUrl);
sv.setAcceptAnyProxy(true);
Assertion a = sv.validate(ticket, validateService);
principal = a.getPrincipal();
logger.debug("Ticket is VALID, username="******"An exception occured while validating the cas token");
throw new SecurityException("An exception occured while validating the cas token", e);
} catch (Throwable e) {
logger.error("An exception occured while validating the cas token");
throw new SecurityException("An exception occured while validating the cas token", e);
} finally {
logger.debug("OUT");
}
}
protected void initializeCas20ProxyProtocol(final WebContext context) {
this.ticketValidator = new Cas20ProxyTicketValidator(this.casPrefixUrl);
final Cas20ProxyTicketValidator cas20ProxyTicketValidator =
(Cas20ProxyTicketValidator) this.ticketValidator;
cas20ProxyTicketValidator.setEncoding(this.encoding);
cas20ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
cas20ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
if (this.casProxyReceptor != null) {
cas20ProxyTicketValidator.setProxyCallbackUrl(
this.casProxyReceptor.computeFinalCallbackUrl(context));
cas20ProxyTicketValidator.setProxyGrantingTicketStorage(
this.casProxyReceptor.getProxyGrantingTicketStorage());
}
}
@Override
protected void internalInit() {
CommonHelper.assertNotBlank("callbackUrl", this.callbackUrl);
CommonHelper.assertNotNull("logoutHandler", this.logoutHandler);
if (CommonHelper.isBlank(this.casLoginUrl) && CommonHelper.isBlank(this.casPrefixUrl)) {
throw new TechnicalException("casLoginUrl and casPrefixUrl cannot be both blank");
}
if (this.casPrefixUrl != null && !this.casPrefixUrl.endsWith("/")) {
this.casPrefixUrl += "/";
}
if (CommonHelper.isBlank(this.casPrefixUrl)) {
this.casPrefixUrl = this.casLoginUrl.replaceFirst("/login", "/");
} else if (CommonHelper.isBlank(this.casLoginUrl)) {
this.casLoginUrl = this.casPrefixUrl + "login";
}
if (this.casProtocol == CasProtocol.CAS10) {
this.ticketValidator = new Cas10TicketValidator(this.casPrefixUrl);
} else if (this.casProtocol == CasProtocol.CAS20) {
this.ticketValidator = new Cas20ServiceTicketValidator(this.casPrefixUrl);
if (this.casProxyReceptor != null) {
final Cas20ServiceTicketValidator cas20ServiceTicketValidator =
(Cas20ServiceTicketValidator) this.ticketValidator;
cas20ServiceTicketValidator.setProxyCallbackUrl(this.casProxyReceptor.getCallbackUrl());
cas20ServiceTicketValidator.setProxyGrantingTicketStorage(
this.casProxyReceptor.getProxyGrantingTicketStorage());
}
} else if (this.casProtocol == CasProtocol.CAS20_PROXY) {
this.ticketValidator = new Cas20ProxyTicketValidator(this.casPrefixUrl);
final Cas20ProxyTicketValidator cas20ProxyTicketValidator =
(Cas20ProxyTicketValidator) this.ticketValidator;
cas20ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
cas20ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
if (this.casProxyReceptor != null) {
cas20ProxyTicketValidator.setProxyCallbackUrl(this.casProxyReceptor.getCallbackUrl());
cas20ProxyTicketValidator.setProxyGrantingTicketStorage(
this.casProxyReceptor.getProxyGrantingTicketStorage());
}
} else if (this.casProtocol == CasProtocol.SAML) {
this.ticketValidator = new Saml11TicketValidator(this.casPrefixUrl);
}
}