cas-security-spring-boot-starter
cas-security-spring-boot-starter copied to clipboard
kakawait
Add extensions to ticket validator
Add the possibility to extend the ticket validator to do custom things.
The CAS server I am using sends the attributes in custom tags and the default implementation of this api does not recognize them. I am having a hard time to extend the existing ticket validator to be able to parse those fields.
Maybe adding parse handlers would be good.
@igorhara Thank you for reporting. I'm not totally sure to understand completely your needs. So I have some questions:
Are you aware that you're able to customize and add/configure your own implementation of org.jasig.cas.client.validation.TicketValidator which is responsible to validate ticket. By registring a bean that implement org.jasig.cas.client.validation.TicketValidator.
Because CasTicketValidatorConfiguration will only be configured if you're not providing your own TicketValidator bean.
So if somewhere in your configuration you define a new bean of
@Bean
TicketValidator myCustomTicketValidator() {
return new MyCustomTicketValidator();
}
Where MyCustomTicketValidator is implementing TicketValidator.
Does it not enough for you?
I am doing that. But I had to understand all the details on how the api automatically creates a ticket validator.
And I just need to extend the extractCustomAttributes method to process custom tags.
[]´s
Igor Harã Serafim
2018-04-20 11:04 GMT+02:00 Thibaud Lepretre [email protected]:
@igorhara https://github.com/igorhara Thank you for reporting. I'm not totally sure to understand completely your needs. So I have some questions:
Are you aware that you're able to customize and add/configure your own implementation of org.jasig.cas.client.validation.TicketValidator which is responsible to validate ticket. By registring a bean that implement org.jasig.cas.client.validation.TicketValidator.
Because CasTicketValidatorConfiguration https://github.com/kakawait/cas-security-spring-boot-starter/blob/master/cas-security-spring-boot-autoconfigure/src/main/java/com/kakawait/spring/boot/security/cas/CasTicketValidatorConfiguration.java#L13 will only be configured if you're not providing your own TicketValidator bean.
So if somewhere in your configuration you define a new bean of
@BeanTicketValidator myCustomTicketValidator() { return new MyCustomTicketValidator(); }
Where MyCustomTicketValidator is implementing TicketValidator.
Does it not enough for you?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/kakawait/cas-security-spring-boot-starter/issues/75#issuecomment-383034262, or mute the thread https://github.com/notifications/unsubscribe-auth/AcMkz0YNUGa95VPvENFSzdsmIhBa_lGrks5tqaSDgaJpZM4TdCM5 .
@igorhara So why do you not creating a bean extending Cas30ServiceTicketValidator (or whatever the version, depending of your needs) and then overriding protected Map<String, Object> extractCustomAttributes(final String xml) method?
That is what I am doing, but I had to read the source code in order to be able to configure my custom TIcketValidator correctly.
Ok but currently the starter is more about integrating CAS client inside Spring boot & Security app.
I don't mean that this feature request will never resolved but since there are missing few integrations (Spring boot 2, RestTemplate, tests & coverage). To be honest with you, since it's possible to override by yourself the TicketValidator, I don't think I will work on that top priority on that request.
Feel free to propose PR.