Package org.apache.shiro.cas

Class CasRealm

  • All Implemented Interfaces:
    org.apache.shiro.authc.LogoutAware, org.apache.shiro.authz.Authorizer, org.apache.shiro.authz.permission.PermissionResolverAware, org.apache.shiro.authz.permission.RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, org.apache.shiro.realm.Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable
    @Deprecated
public class CasRealm
extends org.apache.shiro.realm.AuthorizingRealm
    Deprecated.
    replaced with Shiro integration in buji-pac4j.
    This realm implementation acts as a CAS client to a CAS server for authentication and basic authorization.

    This realm functions by inspecting a submitted CasToken (which essentially wraps a CAS service ticket) and validates it against the CAS server using a configured CAS TicketValidator.

    The validationProtocol is CAS by default, which indicates that a a Cas20ServiceTicketValidator will be used for ticket validation. You can alternatively set or Saml11TicketValidator of CAS client. It is based on AuthorizingRealm for both authentication and authorization. User id and attributes are retrieved from the CAS service ticket validation response during authentication phase. Roles and permissions are computed during authorization phase (according to the attributes previously retrieved).

    Since:
    1.2
    See Also:
    buji-pac4j

    • Constructor Summary

      Constructors 
      Constructor Description
      CasRealm()
      Deprecated.
       

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      protected org.jasig.cas.client.validation.TicketValidator createTicketValidator()
      Deprecated.
       
      protected org.apache.shiro.authc.AuthenticationInfo doGetAuthenticationInfo​(org.apache.shiro.authc.AuthenticationToken token)
      Deprecated.
      Authenticates a user and retrieves its information.
      protected org.apache.shiro.authz.AuthorizationInfo doGetAuthorizationInfo​(org.apache.shiro.subject.PrincipalCollection principals)
      Deprecated.
      Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user : id + attributes).
      protected org.jasig.cas.client.validation.TicketValidator ensureTicketValidator()
      Deprecated.
       
      String getCasServerUrlPrefix()
      Deprecated.
       
      String getCasService()
      Deprecated.
       
      String getDefaultPermissions()
      Deprecated.
       
      String getDefaultRoles()
      Deprecated.
       
      String getPermissionAttributeNames()
      Deprecated.
       
      String getRememberMeAttributeName()
      Deprecated.
       
      String getRoleAttributeNames()
      Deprecated.
       
      String getValidationProtocol()
      Deprecated.
       
      protected void onInit()
      Deprecated.
       
      void setCasServerUrlPrefix​(String casServerUrlPrefix)
      Deprecated.
       
      void setCasService​(String casService)
      Deprecated.
       
      void setDefaultPermissions​(String defaultPermissions)
      Deprecated.
       
      void setDefaultRoles​(String defaultRoles)
      Deprecated.
       
      void setPermissionAttributeNames​(String permissionAttributeNames)
      Deprecated.
       
      void setRememberMeAttributeName​(String rememberMeAttributeName)
      Deprecated.
       
      void setRoleAttributeNames​(String roleAttributeNames)
      Deprecated.
       
      void setValidationProtocol​(String validationProtocol)
      Deprecated.
       

      • Methods inherited from class org.apache.shiro.realm.AuthorizingRealm

        afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver

      • Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm

        assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports

      • Methods inherited from class org.apache.shiro.realm.CachingRealm

        clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled

      • Methods inherited from interface org.apache.shiro.util.Initializable

        init

    • Constructor Detail

      • CasRealm

        public CasRealm()
        Deprecated.

    • Method Detail

      • onInit

        protected void onInit()
        Deprecated.
        Overrides:
        onInit in class org.apache.shiro.realm.AuthorizingRealm

      • ensureTicketValidator

        protected org.jasig.cas.client.validation.TicketValidator ensureTicketValidator()
        Deprecated.

      • createTicketValidator

        protected org.jasig.cas.client.validation.TicketValidator createTicketValidator()
        Deprecated.

      • doGetAuthenticationInfo

        protected org.apache.shiro.authc.AuthenticationInfo doGetAuthenticationInfo​(org.apache.shiro.authc.AuthenticationToken token)
                                                                     throws org.apache.shiro.authc.AuthenticationException
        Deprecated.
        Authenticates a user and retrieves its information.
        Specified by:
        doGetAuthenticationInfo in class org.apache.shiro.realm.AuthenticatingRealm
        Parameters:
        token - the authentication token
        Throws:
        org.apache.shiro.authc.AuthenticationException - if there is an error during authentication.

      • doGetAuthorizationInfo

        protected org.apache.shiro.authz.AuthorizationInfo doGetAuthorizationInfo​(org.apache.shiro.subject.PrincipalCollection principals)
        Deprecated.
        Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user : id + attributes).
        Specified by:
        doGetAuthorizationInfo in class org.apache.shiro.realm.AuthorizingRealm
        Parameters:
        principals - the primary identifying principals of the AuthorizationInfo that should be retrieved.
        Returns:
        the AuthorizationInfo associated with this principals.

      • getCasServerUrlPrefix

        public String getCasServerUrlPrefix()
        Deprecated.

      • setCasServerUrlPrefix

        public void setCasServerUrlPrefix​(String casServerUrlPrefix)
        Deprecated.

      • getCasService

        public String getCasService()
        Deprecated.

      • setCasService

        public void setCasService​(String casService)
        Deprecated.

      • getValidationProtocol

        public String getValidationProtocol()
        Deprecated.

      • setValidationProtocol

        public void setValidationProtocol​(String validationProtocol)
        Deprecated.

      • getRememberMeAttributeName

        public String getRememberMeAttributeName()
        Deprecated.

      • setRememberMeAttributeName

        public void setRememberMeAttributeName​(String rememberMeAttributeName)
        Deprecated.

      • getDefaultRoles

        public String getDefaultRoles()
        Deprecated.

      • setDefaultRoles

        public void setDefaultRoles​(String defaultRoles)
        Deprecated.

      • getDefaultPermissions

        public String getDefaultPermissions()
        Deprecated.

      • setDefaultPermissions

        public void setDefaultPermissions​(String defaultPermissions)
        Deprecated.

      • getRoleAttributeNames

        public String getRoleAttributeNames()
        Deprecated.

      • setRoleAttributeNames

        public void setRoleAttributeNames​(String roleAttributeNames)
        Deprecated.

      • getPermissionAttributeNames

        public String getPermissionAttributeNames()
        Deprecated.

      • setPermissionAttributeNames

        public void setPermissionAttributeNames​(String permissionAttributeNames)
        Deprecated.