f68281d0e4
added uri builder to construct query params
2015-05-13 03:44:13 -07:00
863038605f
Merge pull request #101 from Jasig/no-opensaml
...
Remove OpenSAML and consolidate SAML components in support module
2015-05-12 09:29:02 -04:00
f5b2275913
Issue #100 Bump minor version due to refactoring.
2015-05-11 12:09:00 -04:00
1edef62ecb
Issue #100 Isolate JodaTime to SAML module.
2015-05-11 12:01:48 -04:00
7c58629958
Issue 100 Restore configuration key for backward compatibility.
2015-05-04 16:10:56 -04:00
6e261e7251
Issue #100 Respond to code review feedback.
2015-04-20 10:34:28 -04:00
0652f4ee23
Merge pull request #93 from leleuj/CASC-217
...
CASC-217: Update the ticket validators to point to the new endpoint
2015-04-20 06:54:48 -04:00
d8980535b7
Move SAML components into separate module.
2015-04-14 16:19:12 -04:00
dd0818b84f
Fix @since version.
2015-02-20 10:35:05 -05:00
4527671568
Sensible XPath processing optimizations.
2015-02-20 10:26:01 -05:00
e998985732
SAML validation with XPath instead of OpenSAML.
2015-02-20 09:18:05 -05:00
6f7fe61780
Merge pull request #97 from battags/CASC-239
...
CASC-239 Saml11AuthenticationFilter Constructor was Private instead of Public
2015-01-25 19:11:28 -05:00
db3610123f
CASC-239 Saml11AuthenticationFilter Constructor was Private instead of Public.
2015-01-24 23:58:51 -05:00
4aef368057
CASC-237 Make OpenSAML bootstrap conditional.
2015-01-17 11:25:03 -05:00
bec0e6bb2e
Issue-91: Introduce system properties configuration option
...
First commit
2015-01-05 17:19:40 +01:00
2a98556daa
CASC-217: Update the ticket validators to point to the new endpoint
...
First commit
2015-01-05 15:55:33 +01:00
ec92d97518
Added license headers
2014-12-22 23:55:23 -05:00
34458db530
Merge branch 'master' into CASC-231
2014-12-22 23:54:46 -05:00
39f0f29dd9
CASC-200 Introduce Properties File Configuration Option
...
Problem: We can configure via JNDI, WebXML (or both) but not by properties file.
Solution: Introduce a method to use property files.
2014-12-07 14:14:08 -05:00
d1da02f457
CASC-231 HttpsURLConnectonFactory is Not Serializable
...
Problem: THe HttpsURLConnectionFactory is not serializable, causing problems for clients that must serialize
the principal (which depends on a ProxyRetriever).
Solution: Make the HttpsURLConnectionFactory serializable.
QA Notes: added unit test to confirm serialize-deserialize
2014-12-07 13:32:14 -05:00
d7ca6a098e
Merge pull request #87 from battags/CASC-233
...
CASC-233 ErrorRedirectFilter Can throw Null Pointer Exception
2014-12-07 12:13:27 -05:00
a780e39ab9
Merge branch 'master' into CASC-200-rebasefail
...
Conflicts:
cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java
2014-12-07 12:11:42 -05:00
bef2a88603
Updated try/catch loop to log when a class is not found.
2014-11-30 17:09:09 -05:00
3af5683dc1
Addressed formatting feedback as well as reserved keywords.
2014-11-26 22:58:12 -05:00
5109132df3
Per feedback, scoped catch block to Exception instead of Throwable
2014-11-26 22:31:01 -05:00
51a9192792
CASC-233 ErrorRedirectFilter Can throw Null Pointer Exception
...
Problem: the ErrorRedirectFilter assumes there is a root cause and will null pointer if there is not.
Solution: Only use the root cause if there is one, otherwise use the original exception.
QA Notes: Added unit test to confirm non-root cause error.
2014-11-20 16:29:29 -05:00
c7e66d7df2
Unused reference to Mockito
2014-11-20 16:03:19 -05:00
d011f5e64a
Removed unused mockito dependency
2014-11-20 16:01:02 -05:00
17f887595f
Added missing javadoc for Protocol enumeration
2014-11-20 15:58:52 -05:00
324b0919b6
Added additional keys that were new from the single signout refactor.
2014-11-20 15:31:31 -05:00
461cdcd8fc
CASC-200 Create a ConfigurationStrategy to allow for pluggable configurations.
...
Problem: The lookup strategy for configuration is hard-coded into the filter, making it impossible to replace or expand.
Solution: Pull the strategies into their own classees and make it configurable. Default to the previous strategy.
QA Notes: The current unit tests work. New unit tests for the configuration will have to be added once the design is approved.
2014-11-20 15:30:38 -05:00
4e3f761efe
[maven-release-plugin] prepare for next development iteration
2014-08-15 08:52:01 -04:00
0174cfbbb5
[maven-release-plugin] prepare release cas-client-3.3.3
2014-08-15 08:51:04 -04:00
f57f0ff096
Update notice files.
2014-08-15 08:48:05 -04:00
117f32006f
Merge pull request #79 from battags/CASC-229
...
CASC-229 Make Front Channel SSO Optional so that backwards compatibility...
2014-08-13 10:13:45 -04:00
db53818de7
Merge pull request #80 from battags/CASC-230
...
CASC-230 Call HttpServletRequest#logout() via Reflection to Improve Back...
2014-08-13 10:13:28 -04:00
b34c4e104f
Updated code to abstract the reflection logic a bit more behind a strategy interface.
2014-08-11 23:04:24 -04:00
a0f8845ecf
CASC-230 Call HttpServletRequest#logout() via Reflection to Improve Backwards Compatibility with Spring Security
2014-08-11 22:50:23 -04:00
b18dbfe0a9
CASC-229 Make Front Channel SSO Optional so that backwards compatibility is maintained.
...
Problem: Spring Security adopters will fail to be able to drop in a new version of CAS Client for Java if this feature is enabled by default/required.
Solution: Force a fail-safe optional mode if the value is not provided.
2014-08-11 22:36:27 -04:00
42ce676ef0
CASC-225 Restore Removed Constructor for Backwards Compatibility
...
Problem: We removed the two string constructor which breaks Spring Security compatibility.
Solution: Add it back as deprecated so that Spring Security can upgrade.
2014-08-11 22:09:27 -04:00
aa3e07bd79
[maven-release-plugin] prepare for next development iteration
2014-08-03 00:22:49 -04:00
112f068607
[maven-release-plugin] prepare release cas-client-3.3.2
2014-08-03 00:22:14 -04:00
d191ac8ee6
Added missing license header.
2014-08-03 00:03:25 -04:00
61a92c0e7f
CASC-224 Replace URL with String to remain compatible with Spring Security
2014-07-20 20:31:35 -04:00
9de2be91a2
CASC-228 URL Encode Paramaters Passed to Server via Validate
...
Problem: We currently don't pass encoded values to the server, possibly resolving in parsing/extraction errors.
Solution: URL Encode all values instead of just the service url.
QA Notes: Added unit test.
2014-06-24 18:44:45 -04:00
566c8690c8
Merge pull request #72 from battags/CASC-223
...
CASC-223 Backwards Compatibility for Initializing Sign Out Handler in Filter
2014-05-22 22:03:26 -04:00
a44b4c1229
Removed no-longer valid test.
2014-05-06 23:17:32 -04:00
a4e984e4ea
Synchronize the init method in case we have multiple concurrent requests at the same time.
2014-05-06 22:53:05 -04:00
2c9090155a
CASC-223 SingleSignOutFilter requires init method to be called which changes the contract with previous versions
...
Problem: Some clients such as Spring Security configure the filter via Spring configuration, meaning the handler's init method
is not called vai the Filter#init method.
Solution: For now, have an atomic boolean to determine if init was called or not and call it if necessary as part of the flow.
2014-05-06 22:35:55 -04:00
b4fbf23361
CASC-224 Public API Method Removed without Deprecation
...
Problem: Previous versions of the CAS Client remove a public API method without sufficient deprecation time resulting in
problems for clients who want to upgrade.
Solution: Add Method back and mark it as deprecated.
2014-05-06 22:12:59 -04:00
c61dea96bf
Formatting clean-up
2014-04-15 12:56:46 -07:00
99763ab2b6
Using Misagh's PatternMatcherStrategy to optimize proxy chain checks
2014-04-14 08:45:21 -07:00
7ac4c7afb7
Merge branch 'master' of https://github.com/jasig/java-cas-client into CASC-210
2014-04-11 15:17:29 -07:00
4e7bf66d68
Merge pull request #68 from leleuj/CASC-220
...
CASC-220: Support front channel SLO logout
2014-04-09 08:10:42 +02:00
c4c3223140
CASC-220: Support front channel SLO logout
...
Update after new Misagh's comments
2014-04-07 18:54:40 +02:00
4a0e960c32
CASC-220: Support front channel SLO logout
...
Updates after Marvin's code review
2014-04-01 16:46:19 +02:00
7069a4f6fb
CASC-220: Support front channel SLO logout
...
Update after Scott's code review
2014-03-27 21:02:30 +01:00
6aa2379268
CASC-220: Support front channel SLO logout
...
Updates after Misagh's code review
2014-03-21 14:10:33 +01:00
80f7f3647e
[maven-release-plugin] prepare for next development iteration
2014-03-19 20:55:47 -04:00
3373d7f767
[maven-release-plugin] prepare release cas-client-3.3.1
2014-03-19 20:55:38 -04:00
72766daac5
Added in missing license header.
2014-03-18 19:26:45 -04:00
9714053f07
Merge remote-tracking branch 'upstream/master' into CASC-220
2014-03-18 08:16:29 +01:00
286105266f
Merge pull request #67 from battags/CASC-214
...
CASC-214 Improve Service Url Construction to Add Non-Standard Ports
2014-03-17 09:15:29 -07:00
ed4802f943
CASC-219: added final
2014-03-17 00:18:56 -07:00
9b33321cc2
CASC-220: Support front channel SLO logout
...
specific front logout parameter + Tomcat valves update
2014-03-14 10:52:42 +01:00
47f825871e
CASC-220: Support front channel SLO logout
...
First commit
2014-03-13 19:03:41 +01:00
d2b93a237f
CASC-219: added exact-matcher strategy
2014-03-13 08:26:22 -07:00
0a8fd79a44
CASC-219: changed exact to contains
2014-03-13 03:20:39 -07:00
00ee9e378d
CASC-219: renamed matcher class to match behavior
2014-03-12 07:37:59 -07:00
248643cf30
CASC-219: switched warn to error, fixed typo and this refs
2014-03-11 08:46:00 -07:00
dfb3629dc2
CASC-219: updated internal map to be a static ref instead
2014-03-11 07:11:53 -07:00
511bce2471
CASC-219: allowed extensions for ignoring urls
2014-03-11 05:04:59 -07:00
3773fc9e54
CASC-219: updated javadocs and added map to keep track of pattern matchers
2014-03-11 04:24:27 -07:00
b97d03d126
CASC-219: Cleaned up formatting issues
2014-03-10 05:22:44 -07:00
a4df6582ee
Removed debug statements used to confirm private methods worked.
2014-03-09 23:18:14 -04:00
75584a2c33
CASC-214 Improve Service Url Construction to Add Non-Standard Ports if Missing from Configuration
...
Problem: sometimes the port is missing from the configuration. This generates the wrong service url.
Solution: Add the server port if the server configuration does not have one.
QA Notes: Added unit tests to confirm behavior (and old unit tests still pass)
2014-03-09 23:13:04 -04:00
0ef575ae84
Refactored the match logic and cache the regex patterns.
2014-03-07 16:11:00 -08:00
71b366cbf3
CASC-219: Provide support for certain urls to be excluded from CAS filters.
2014-03-07 11:17:14 -07:00
b9ac92cf25
CASC-219: Provide support for certain urls to be excluded from CAS filters.
2014-03-07 01:52:50 -07:00
887da3bffd
no message
2014-03-05 10:54:34 -08:00
90ccc41db3
Minor corrections.
2014-03-05 10:45:35 -08:00
80ff9857f0
Added support for having regex expressions in the proxy (chaining) list.
2014-03-05 10:17:59 -08:00
44d1413fa7
CAS-219: Provide support for certain urls to be excluded from CAS filters.
2014-03-02 03:03:24 -07:00
c857e4610b
CAS-219: Provide support for certain urls to be excluded from CAS filters.
2014-02-27 22:02:19 -07:00
36b8db1e86
CASC-203 Properly Parse Response to Keep Line Breaks
...
Problem: The CAS Client uses a buffer reader which strips out the returned line breaks.
Solution: Switch to a normal input stream reader and add appropriate test.
2014-02-17 23:09:32 -05:00
4d7b2517a9
[maven-release-plugin] prepare for next development iteration
2014-01-07 21:15:06 -05:00
4d12772bc4
[maven-release-plugin] prepare release v3.3.0
2014-01-07 20:37:19 -05:00
19e5e0671b
Added generated notice files
2014-01-07 20:00:30 -05:00
89e6bfd521
Fixed license files
2014-01-05 23:04:03 -05:00
6ba3f6f884
Added missing license headers
2014-01-05 22:53:17 -05:00
fe9dac934a
[maven-release-plugin] rollback the release of v3.3.0
2014-01-05 22:06:46 -05:00
5b1bd87e7a
Put HttpServletRequest#logout() in separate try/catch block.
2013-10-28 16:07:28 -04:00
82c95aaf19
Respond to code review feedback.
...
1. Call HttpServletRequest#logout() on SLO callback since it is available.
2. Use final for local variables where possible.
2013-10-28 15:58:40 -04:00
328692bb40
Remove cached assertions on logout to prevent credential replay attack.
2013-10-24 12:57:25 -04:00
5ce3bcb3d3
CASC-174 Remove @version javadoc tag.
2013-08-15 11:05:32 -04:00
75406c916e
CASC-174 Remove JBoss verbiage from error message.
2013-08-01 14:10:38 -04:00
517f94bd97
CASC-174 Provide facility for Servlet 3.0 programmatic JAAS login.
...
Servlet3AuthenticationFilter supersede the JBoss-specific
WebAuthenticationFilter for JBoss 7. It should also provide support for
programmatic JAAS login for any container that is Servlet 3.0/JEE6
compliant.
2013-08-01 14:05:01 -04:00
15103333e5
Merge pull request #52 from battags/CASC-211
...
CASC-211 Better Ticket Validation Error Logic
2013-06-20 16:31:59 -07:00
8ab75b883a
Renamed arguments
2013-06-20 19:28:35 -04:00
715659ebcf
Switched to SaxParserFactory directly. Unit tests pass. CASC-212
2013-06-20 00:15:53 -04:00
a9d640b1b0
Fixed formatting again.
2013-06-19 23:16:17 -04:00
b802354fdb
Changed default for exceptionOnValidationFailure and message.
...
This seems to have some formatting changes in it also for some reason.
2013-06-19 23:11:22 -04:00
1993718cc7
Reformat all files using shared CAS Eclipse formatter.
2013-06-19 22:50:02 -04:00
9674ad8a45
Swithed to existing Reflection utils. Added supporting unit test.
2013-06-19 22:26:09 -04:00
8a7e32e5be
Merge branch 'master' into CASC-206
2013-06-19 22:25:18 -04:00
077e991ae6
CASC-207
...
Converted logger to static for de-serialization purposes.
2013-06-18 22:38:25 -04:00
8643e85b1e
Added missing javadoc
2013-06-18 22:07:50 -04:00
73e36bf6d2
Fixed failing test case that was missing an import statement.
2013-06-18 21:57:22 -04:00
8df9f0272b
Added redirect strategy to support Faces.
2013-06-18 21:56:58 -04:00
091f1d5f90
Merge branch 'master' of github.com:Jasig/java-cas-client
2013-06-18 21:08:50 -04:00
2b53bdf882
getSocketFactory() should only be called on a sslContext that has been initialized.
2013-05-06 13:46:47 -04:00
e6e0f907b8
Fix to allow client to work with Server 3.5.2
2013-04-25 09:11:11 -04:00
089fca4ca4
Merge pull request #40 from mmoayyed/CASC-180
...
CASC-180: Fix the issue with casting to http url connections and provide...
2013-03-11 13:35:54 -07:00
4f79cd1014
CASC-180: Renamed factory to be HttpURLConnectionFactory.
2013-03-10 20:51:27 -07:00
2e6df8c5b7
CASC-180: Fixed try/catch block issue with URL creation.
2013-03-09 15:00:45 -07:00
3964e739c0
CASC-180: Removed the default url connection factory, allowed proxy retrieval to use the configured factory instance.
2013-03-06 09:34:39 -07:00
c34ff785dd
CASC-180: Fix the issue with casting to http url connections and provide a default instance for the http url factory.
2013-03-04 14:17:55 -07:00
6e12f43b16
CASC-204 Prevent renew misconfiguration.
...
Prevent renew from being configured via filter init param, which can lead
to a half-configured state where authentication filter is configured for
renew without validation filter. With this change in place, renew MUST be
configured by a global configuration facility such as context parameter or
JNDI to ensure proper configuration.
2013-03-04 10:43:55 -05:00
974c3beb67
Merge branch 'master' of github.com:battags/java-cas-client
2013-02-17 21:31:55 -05:00
d102c50779
CASC-180 - Add support for Client Side Certificates
...
Moved url connection factory interface and its https impl into the ssl package.
2013-01-24 15:47:22 -07:00
d1ae0f5bbf
Fixed javadoc for unused parameter.
2013-01-24 12:07:22 -07:00
b54cd179e2
CASC-180 - Add support for Client Side Certificates
...
In order to utilize client side certificates, this commit facilitates the creation of a SSLSocketFactory on HttpsURLConnection for the client. The configuration is encapsulated inside a url factory instance that applies the adjustments where necessary.
This commit is continuation of the posted pending pull on github that is at:
https://github.com/Jasig/java-cas-client/pull/26
...and applies the suggestions and fixes that were brought to light during the code review.
2013-01-24 12:01:47 -07:00
b4367f595e
Fix formatting of pom.xml and update licensing to match CAS project.
2013-01-15 22:04:16 -05:00
2f9d384b1e
CASC-202
...
convert Commons Logging to SLF4J. Add Enforcer.
2013-01-11 23:25:52 -05:00
06ccec017d
CASC-202
...
migration to SLF4J
2013-01-11 22:23:49 -05:00
105bd17b61
Merge branch 'master' into CASC-202
2013-01-08 23:34:01 -05:00
f2df7a8603
CASC-202
...
migrated some to SLF4J
2013-01-08 23:32:35 -05:00
d69e083f28
Merge pull request #34 from battags/CASC-179
...
CASC-179
2013-01-08 05:18:40 -08:00
eed831191a
re-add support for multi-valued attributes
...
Add tests for ensure re-add support for multi-valued attributes is working
2013-01-08 13:28:35 +01:00
67bb0a6ef8
CASC-196
...
re-add support for multi-valued attributes
2013-01-07 23:10:24 -05:00
e95d867792
Merge branch 'master' into CASC-196
2013-01-07 22:56:07 -05:00
5af7c331b7
CASC-179
...
added parameter to determine whether to create sessions. Also, now properly does a return.
2013-01-07 22:51:45 -05:00
27d89ccb30
Merge pull request #28 from battags/CASC-192
...
CASC-192
2013-01-07 06:22:28 -08:00
f733760e68
Merge pull request #30 from battags/CASC-168
...
CASC-168
2013-01-07 05:02:05 -08:00
9294fbdffd
Merge pull request #29 from battags/CASC-191
...
CASC-191
2013-01-07 05:01:51 -08:00
c26329d21b
Merge pull request #27 from battags/CASC-195
...
CASC-195
2013-01-06 21:02:08 -08:00
82c0207c25
NOJIRA fix minor missing final tags and javadoc.
2013-01-06 23:56:24 -05:00
980d0ff116
CASC-196
...
real XML parsing example if using <cas:attributes>. Updated tests to make sure it works if there are line breaks.
2013-01-06 23:40:46 -05:00
ac8a134192
CASC-168
...
added ability to specify class name in order to use a sub-class.
2013-01-06 19:36:37 -05:00
5ad57084cc
CASC-191
...
isValid method with simple implementation
2013-01-06 18:45:05 -05:00
41e7258af3
CASC-192
...
cast to XSAny in order to actually get the text content.
2013-01-06 18:24:11 -05:00
dcd9bda3df
CASC-195
...
null check in ProxyGrantingTicketStorageImpl.
2013-01-06 18:14:42 -05:00
5f1a30a314
CASC-199: Allow for an additional option to exclude empty proxy chains.
2012-12-10 21:10:10 -07:00
3deac9e1a9
Corrected JavaDoc (force if useSession=false force redirect=false)
2012-09-21 04:11:22 +02:00
5f1e5e0ed4
make default value of useRedirect visible. Add some JavaDoc for the
...
options.
2012-09-21 01:32:06 +02:00
bacf0c6142
Merge pull request #13 from serac/casc-166
...
CASC-166 Fix race condition in cached assertion cleanup.
2012-08-01 18:59:09 -07:00
ee2b719098
CASC-166 Address code review feedback.
...
Use ConcurrentHashMap to avoid explicit synchronization.
Use TimeUnit to allow more user-friendly configuration of the units of the cache timeout (e.g. MINUTES, SECONDS) and rename option from cacheTimeoutUnits to cacheTimeoutUnit for consistency.
2012-07-26 10:25:06 -04:00
ec0c7d5162
CASC-166 Fix race condition in cached assertion cleanup.
...
Perform assertion cleanup on same thread as JAAS module invocations to ensure that cleanup of expired assertions occurs before the cache is interrogated. A verifying test case accompanies this fix. The test case required a new module option, cacheTimeoutUnits, in order to complete on a time scale suitable for unit tests.
2012-07-25 16:58:36 -04:00
b2f038a174
Merge pull request #12 from battags/CASC-185
...
CASC-185 - Merged.
2012-07-25 09:34:46 -07:00
bae8e68f55
CASC-185
...
add authentication time to assertion and also actually use the validity period for Assertion.
2012-07-24 23:01:35 -04:00
Misagh Moayyed
Marvin S. Addison
Scott
LELEU Jerome
John Gasper
Scott Battaglia
mores
David Ordás
Bernd Eckenfels