diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index 234778d2bfc7067459bb7c37a768b498a91f9867..a007fbbe831ddc436d2e515df7cac9b694ce0188 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -74,14 +74,7 @@ public abstract class AbstractAuthenticationProvider { protected abstract Authentication doInternalAuthenticate(LoginCredential authentication); - public abstract Authentication basicAuthenticate(LoginCredential authentication) ; - - public abstract Authentication trustAuthentication( - String username, - String type, - String provider, - String code, - String message); + public abstract Authentication authentication(LoginCredential loginCredential,boolean isTrusted); @SuppressWarnings("rawtypes") public boolean supports(Class authentication) { diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java index b4e741cdccf9a9b0af5ee1f19483ea6aabe5dbf5..0e5d75eda916fd1e24e2a33ee4b9796af786370a 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java @@ -38,6 +38,10 @@ public class LoginCredential implements Authentication { String authType; String jwtToken; String onlineTicket; + String provider; + String code; + String message="SUCCESS"; + ArrayList grantedAuthority; boolean authenticated; boolean roleAdministrators; @@ -182,6 +186,30 @@ public class LoginCredential implements Authentication { this.roleAdministrators = roleAdministrators; } + public String getProvider() { + return provider; + } + + public void setProvider(String provider) { + this.provider = provider; + } + + public String getCode() { + return code; + } + + public void setCode(String code) { + this.code = code; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } + @Override public String toString() { StringBuilder builder = new StringBuilder(); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java index 432bc9f7848a1a8921c3b31157dde1af966ce3d2..e735c3d53a1054ddb8d8670dca77102dfaa99acc 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java @@ -95,19 +95,19 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword()); userinfoValid(userInfo, loginCredential.getUsername()); - + //mfa tftcaptchaValid(loginCredential.getOtpCaptcha(),loginCredential.getAuthType(),userInfo); - + + //Validate PasswordPolicy + authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo); if(loginCredential.getAuthType().equalsIgnoreCase(AuthType.MOBILE)) { mobilecaptchaValid(loginCredential.getPassword(),loginCredential.getAuthType(),userInfo); - }else { - //Validate PasswordPolicy - authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo); + }else { //Match password authenticationRealm.passwordMatches(userInfo, loginCredential.getPassword()); - //apply PasswordSetType and resetBadPasswordCount - authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(userInfo); } + //apply PasswordSetType and resetBadPasswordCount + authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(userInfo); UsernamePasswordAuthenticationToken authenticationToken = createOnlineSession(loginCredential,userInfo); //RemeberMe Config check then set RemeberMe cookies @@ -127,26 +127,6 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider return authenticationToken; } - - @Override - public Authentication basicAuthenticate(LoginCredential loginCredential) { - UserInfo loadeduserInfo = loadUserInfo(loginCredential.getUsername(), ""); - if (loadeduserInfo != null) { - authenticationRealm.passwordMatches(loadeduserInfo, loginCredential.getPassword()); - - authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo); - - Authentication authentication = createOnlineSession(loginCredential,loadeduserInfo); - - authenticationRealm.insertLoginHistory(loadeduserInfo, loginCredential.getAuthType(), "", "", "SUCCESS"); - - return authentication; - }else { - String message = WebContext.getI18nValue("login.error.username"); - _logger.debug("login user " + loginCredential.getUsername() + " not in this System ." + message); - throw new BadCredentialsException(WebContext.getI18nValue("login.error.username")); - } - } /** * trustAuthentication. @@ -158,24 +138,29 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider * @return boolean */ @Override - public Authentication trustAuthentication(String username, - String type, - String provider, - String code, - String message) { - UserInfo loadeduserInfo = loadUserInfo(username, ""); + public Authentication authentication(LoginCredential loginCredential,boolean isTrusted) { + UserInfo loadeduserInfo = loadUserInfo(loginCredential.getUsername(), ""); if (loadeduserInfo != null) { - LoginCredential loginCredential = new LoginCredential(); - loginCredential.setUsername(loadeduserInfo.getUsername()); - + //Validate PasswordPolicy + authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo); + if(!isTrusted) { + authenticationRealm.passwordMatches(loadeduserInfo, loginCredential.getPassword()); + } + //apply PasswordSetType and resetBadPasswordCount + authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(loadeduserInfo); Authentication authentication = createOnlineSession(loginCredential,loadeduserInfo); - authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message); + authenticationRealm.insertLoginHistory( loadeduserInfo, + loginCredential.getAuthType(), + loginCredential.getProvider(), + loginCredential.getCode(), + loginCredential.getMessage() + ); return authentication; }else { String i18nMessage = WebContext.getI18nValue("login.error.username"); - _logger.debug("login user " + username + " not in this System ." + i18nMessage); + _logger.debug("login user " + loginCredential.getUsername() + " not in this System ." + i18nMessage); throw new BadCredentialsException(WebContext.getI18nValue("login.error.username")); } } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java index 5af105f0462816f65f14ec62b09bd6186c781682..0464f601e44832abb9143d9cb8b5a2105dff2a27 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java @@ -21,6 +21,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.constants.ConstantsLoginType; import org.maxkey.util.AuthorizationHeaderCredential; import org.maxkey.util.AuthorizationHeaderUtils; @@ -129,8 +130,9 @@ public class BasicEntryPoint implements AsyncHandlerInterceptor { } if(!isAuthenticated){ - authenticationProvider.trustAuthentication(headerCredential.getUsername(),ConstantsLoginType.BASIC,"","","success"); - _logger.info("Authentication "+headerCredential.getUsername()+" successful ."); + LoginCredential loginCredential =new LoginCredential(headerCredential.getUsername(),"",ConstantsLoginType.BASIC); + authenticationProvider.authentication(loginCredential,true); + _logger.info("Authentication "+headerCredential.getUsername()+" successful ."); } return true; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java index be73f6dac5b036ccd9798429693b91ee0dc93eb1..b373d38b1c657c2118a597a6ab3e3974e4ae6fdb 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java @@ -21,6 +21,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.constants.ConstantsLoginType; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -107,7 +108,8 @@ public class HttpHeaderEntryPoint implements AsyncHandlerInterceptor { } if(!isAuthenticated){ - authenticationProvider.trustAuthentication(httpHeaderUsername,ConstantsLoginType.HTTPHEADER,"","","success"); + LoginCredential loginCredential =new LoginCredential(httpHeaderUsername,"",ConstantsLoginType.HTTPHEADER); + authenticationProvider.authentication(loginCredential,true); _logger.info("Authentication "+httpHeaderUsername+" successful ."); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/jwt/HttpJwtEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/jwt/HttpJwtEntryPoint.java index 542acac905920c488156a68352fb9c9ce9e0b0b0..56bab38fd4ac22ee929ec592c4f43983d798ce1a 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/jwt/HttpJwtEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/jwt/HttpJwtEntryPoint.java @@ -21,6 +21,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsLoginType; import org.maxkey.web.WebConstants; @@ -77,7 +78,8 @@ public class HttpJwtEntryPoint implements AsyncHandlerInterceptor { SignedJWT signedJWT = jwtLoginService.jwtTokenValidation(jwt); if(signedJWT != null) { String username =signedJWT.getJWTClaimsSet().getSubject(); - authenticationProvider.trustAuthentication(username, ConstantsLoginType.JWT, "", "", "success"); + LoginCredential loginCredential =new LoginCredential(username,"",ConstantsLoginType.JWT); + authenticationProvider.authentication(loginCredential,true); _logger.debug("JWT Logined in , username " + username); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/kerberos/HttpKerberosEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/kerberos/HttpKerberosEntryPoint.java index 14016e69780ed882efaeddb5230fe77bd1ad6e68..0fe64e75ff06dfc2b66613be922c6d1e5a9fa703 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/kerberos/HttpKerberosEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/kerberos/HttpKerberosEntryPoint.java @@ -21,6 +21,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.joda.time.DateTime; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsLoginType; import org.maxkey.crypto.ReciprocalUtils; @@ -94,7 +95,9 @@ public class HttpKerberosEntryPoint implements AsyncHandlerInterceptor { _logger.debug("Kerberos Token is After Now "+notOnOrAfter.isAfterNow()); if(notOnOrAfter.isAfterNow()){ - authenticationProvider.trustAuthentication(kerberosToken.getPrincipal(),ConstantsLoginType.KERBEROS,kerberosUserDomain,"","success"); + LoginCredential loginCredential =new LoginCredential(kerberosToken.getPrincipal(),"",ConstantsLoginType.KERBEROS); + loginCredential.setProvider(kerberosUserDomain); + authenticationProvider.authentication(loginCredential,true); _logger.debug("Kerberos Logined in , username " + kerberosToken.getPrincipal()); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java index 071eb7916ada1f2d21ec4f422a4883c20554e4c5..d7fc1129263e97061565aaba5c6b18d3e01ccabd 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java @@ -23,6 +23,7 @@ import javax.servlet.http.HttpServletResponse; import org.joda.time.DateTime; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsLoginType; import org.maxkey.crypto.Base64Utils; @@ -94,12 +95,8 @@ public class HttpRemeberMeEntryPoint implements AsyncHandlerInterceptor { DateTime expiryDate = loginDate.plusSeconds(remeberMeService.getRemeberMeValidity()); DateTime now = new DateTime(); if (now.isBefore(expiryDate)) { - authenticationProvider.trustAuthentication( - storeRemeberMe.getUsername(), - ConstantsLoginType.REMEBER_ME, - "", - "", - "success"); + LoginCredential loginCredential =new LoginCredential(storeRemeberMe.getUsername(),"",ConstantsLoginType.REMEBER_ME); + authenticationProvider.authentication(loginCredential,true); remeberMeService.updateRemeberMe(remeberMeCookie, response); _logger.debug("RemeberMe Logined in , username " + storeRemeberMe.getUsername()); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/wsfederation/HttpWsFederationEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/wsfederation/HttpWsFederationEntryPoint.java index 8a00d7317e43cdc530fd696a18c2bcdba43432d7..4eac55e6690f2de97cd933160fc3cc25fa0c62b6 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/wsfederation/HttpWsFederationEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/wsfederation/HttpWsFederationEntryPoint.java @@ -20,6 +20,7 @@ package org.maxkey.authn.support.wsfederation; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsLoginType; import org.maxkey.util.StringUtils; @@ -97,11 +98,9 @@ public class HttpWsFederationEntryPoint implements AsyncHandlerInterceptor { wsFederationCredential.getAttributes(), wsFederationService.getWsFederationConfiguration().getUpnSuffix()); } - - authenticationProvider.trustAuthentication( - wsFederationCredential.getAttributes().get("").toString(), - ConstantsLoginType.WSFEDERATION, - "","","success"); + LoginCredential loginCredential =new LoginCredential( + wsFederationCredential.getAttributes().get("").toString(),"",ConstantsLoginType.WSFEDERATION); + authenticationProvider.authentication(loginCredential,true); return true; } else { _logger.warn("SAML assertions are blank or no longer valid."); diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java index 0d0990300a1abf113b7b16af9e33557c3b8b77a9..a9d9faee692eed7ba9b0e231938336e343776892 100644 --- a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java +++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java @@ -22,6 +22,7 @@ package org.maxkey.authn.support.socialsignon; import javax.servlet.http.HttpServletRequest; +import org.maxkey.authn.LoginCredential; import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider; import org.maxkey.authn.support.socialsignon.service.SocialsAssociate; import org.maxkey.constants.ConstantsLoginType; @@ -176,8 +177,11 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{ _logger.debug("Social Sign On from "+socialsAssociate.getProvider()+" mapping to user "+socialsAssociate.getUsername()); - authenticationProvider.trustAuthentication(socialsAssociate.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success"); - //socialsAssociate.setAccessToken(JsonUtils.object2Json(this.accessToken)); + LoginCredential loginCredential =new LoginCredential( + socialsAssociate.getUsername(),"",ConstantsLoginType.SOCIALSIGNON); + loginCredential.setProvider(this.socialSignOnProvider.getProviderName()); + authenticationProvider.authentication(loginCredential,true); + //socialsAssociate.setAccessToken(JsonUtils.object2Json(this.accessToken)); socialsAssociate.setSocialUserInfo(accountJsonString); //socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject())); diff --git a/maxkey-core/src/main/java/org/maxkey/web/WebXssRequestFilter.java b/maxkey-core/src/main/java/org/maxkey/web/WebXssRequestFilter.java index 5676ac75dfa3b0734dd07d0f1282fdcb4c682780..7f1cf24e525be6056769df3100512c3cca3fca1b 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/WebXssRequestFilter.java +++ b/maxkey-core/src/main/java/org/maxkey/web/WebXssRequestFilter.java @@ -39,8 +39,12 @@ public class WebXssRequestFilter extends GenericFilterBean { final static ConcurrentHashMap skipUrlMap = new ConcurrentHashMap (); static { - skipUrlMap.put("/notices/add", ""); - skipUrlMap.put("/notices/update", ""); + skipUrlMap.put("/notices/add", "/notices/add"); + skipUrlMap.put("/notices/update", "/notices/update"); + skipUrlMap.put("/authz/cas", "/authz/cas"); + skipUrlMap.put("/authz/cas/", "/authz/cas/"); + skipUrlMap.put("/authz/cas/login", "/authz/cas/login"); + skipUrlMap.put("/authz/oauth/v20/authorize", "/authz/oauth/v20/authorize"); } @Override diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java index 6844b420f39f9af464e4d79a5fa000506b782561..ee38b0520b09d2d6f4f0d6f9edd564188c437448 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java @@ -64,7 +64,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ AppsCasDetails casDetails=casDetailsService.getAppDetails(casService); - return buildCasModelAndView(request,response,casDetails); + return buildCasModelAndView(request,response,casDetails,casService); } @@ -77,20 +77,34 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ AppsCasDetails casDetails=casDetailsService.getAppDetails(id); - return buildCasModelAndView(request,response,casDetails); + return buildCasModelAndView(request,response,casDetails,casDetails.getCallbackUrl()); } private ModelAndView buildCasModelAndView( HttpServletRequest request, HttpServletResponse response, - AppsCasDetails casDetails){ + AppsCasDetails casDetails, + String casService){ _logger.debug(""+casDetails); - + Map parameterMap = WebContext.getRequestParameterMap(request); + String service = casService; + _logger.debug("CAS Parameter service = " + service); + if(casService.indexOf("?") >-1 ) { + service = casService.substring(casService.indexOf("?") + 1); + if(service.indexOf("=") > -1) { + String [] parameterValues = service.split("="); + if(parameterValues.length == 2) { + parameterMap.put(parameterValues[0], parameterValues[1]); + } + } + _logger.debug("CAS service with Parameter : " + service); + } WebContext.setAttribute( CasConstants.PARAMETER.PARAMETER_MAP, - WebContext.getRequestParameterMap(request) + parameterMap ); + WebContext.setAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS, casDetails); WebContext.setAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID, casDetails.getId()); WebContext.setAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP,casDetails); @@ -116,7 +130,6 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ callbackUrl.append("&"); } - //append ticket callbackUrl.append(CasConstants.PARAMETER.TICKET).append("=").append(ticket); diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java index f2129f0b160b55f22b470e2bdfe37e44c1fb3078..b8325453228bf268d364864d2afca3b9415b8fbb 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java @@ -82,7 +82,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ LoginCredential loginCredential =new LoginCredential(username,password,"CASREST"); - authenticationProvider.basicAuthenticate(loginCredential); + authenticationProvider.authentication(loginCredential,false); TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null); @@ -189,7 +189,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ LoginCredential loginCredential =new LoginCredential(username,password,"CASREST"); - authenticationProvider.basicAuthenticate(loginCredential); + authenticationProvider.authentication(loginCredential,false); UserInfo userInfo =WebContext.getUserInfo(); TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java index 556ddcc7c90f125316f2b69f891a529b2b476a38..fef0ac2c2ecaf7bb2c95870eb3714f34f2cb1f40 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.Validate; import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.LoginCredential; import org.maxkey.authz.saml.common.EndpointGenerator; import org.maxkey.authz.saml.common.TrustResolver; import org.maxkey.authz.saml.service.IDService; @@ -185,8 +186,9 @@ public class ConsumerEndpoint { logger.debug("assertion.getID() ", assertion.getAuthnStatements()); - - authenticationProvider.trustAuthentication(username, ConstantsLoginType.SAMLTRUST,"","","success"); + LoginCredential loginCredential =new LoginCredential( + username,"",ConstantsLoginType.SAMLTRUST); + authenticationProvider.authentication(loginCredential,true); ModelAndView mav = new ModelAndView(); mav.addObject("username", username); diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/cas_sso_submint.ftl b/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/cas_sso_submint.ftl index 6e4b7374c48548dd28620f29bd564948608ae20a..b6b1b2464a4c83f3d03f6a03fc620bcbaa6422bf 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/cas_sso_submint.ftl +++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/cas_sso_submint.ftl @@ -5,7 +5,13 @@ <#include "authorize_common.ftl">