CASC-125

added default auth filter for saml1.1 and made sure that it and the validation filter set the required saml parameters.
2010-09-20 03:33:49 +00:00 · 2010-09-20 03:33:49 +00:00 · f64a23b1ae
parent f023fa5282
commit f64a23b1ae
2 changed files with 45 additions and 1 deletions
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/Saml11AuthenticationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/Saml11AuthenticationFilter.java
@ -0,0 +1,31 @@
+/*
+ * Copyright 2010 The JA-SIG Collaborative. All rights reserved. See license
+ * distributed with this file and available online at
+ * http://www.ja-sig.org/products/cas/overview/license/index.html
+ */
+package org.jasig.cas.client.authentication;
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+
+/**
+ * Extension to the default Authentication filter that sets the required SAML1.1 artifact parameter name and service parameter name.
+ * <p>
+ * Note, the "final" on this class helps ensure the compliance required in the initInternal method.
+ *
+ * @author Scott Battaglia
+ * @since 3.1.12
+ * @version $Revision$ $Date$
+ */
+public final class Saml11AuthenticationFilter extends AuthenticationFilter {
+
+    protected void initInternal(final FilterConfig filterConfig) throws ServletException {
+        super.initInternal(filterConfig);
+
+        log.warn("SAML1.1 compliance requires the [artifactParameterName] and [serviceParameterName] to be set to specified values.");
+        log.warn("This filter will overwrite any user-provided values (if any are provided)");
+
+        setArtifactParameterName("SAMLart");
+        setServiceParameterName("TARGET");
+    }
+}
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java
@ -6,24 +6,37 @@
 package org.jasig.cas.client.validation;

 import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;

 /**
 * Implementation of TicketValidationFilter that can instanciate a SAML 1.1 Ticket Validator.
 * <p>
 * Deployers can provide the "casServerUrlPrefix" and "tolerance" properties of the Saml11TicketValidator via the
 * context or filter init parameters.
+ * <p>
+ * Note, the "final" on this class helps ensure the compliance required in the initInternal method.
 *
 * @author Scott Battaglia
 * @version $Revision$ $Date$
 * @since 3.1
 */
-public class Saml11TicketValidationFilter extends AbstractTicketValidationFilter {
+public final class Saml11TicketValidationFilter extends AbstractTicketValidationFilter {

    public Saml11TicketValidationFilter() {
        setArtifactParameterName("SAMLart");
        setServiceParameterName("TARGET");
    }

+    protected void initInternal(final FilterConfig filterConfig) throws ServletException {
+        super.initInternal(filterConfig);
+
+        log.warn("SAML1.1 compliance requires the [artifactParameterName] and [serviceParameterName] to be set to specified values.");
+        log.warn("This filter will overwrite any user-provided values (if any are provided)");
+
+        setArtifactParameterName("SAMLart");
+        setServiceParameterName("TARGET");
+    }
+
    protected final TicketValidator getTicketValidator(final FilterConfig filterConfig) {
        final Saml11TicketValidator validator = new Saml11TicketValidator(getPropertyFromInitParams(filterConfig, "casServerUrlPrefix", null));
        final String tolerance = getPropertyFromInitParams(filterConfig, "tolerance", "1000");