Hi there,
I'm trying to redirect the webflow while accessing a service to an external
module, and since i need to add some additional parameters according to
each authentication context in the URL, i thought that by extending the
*DefaultRegisteredServiceAccessStrategy* class with a method wich will
change the *unauthorizedRedirectUrl*, would work, but it seems like it
didn't pay attention to my changes
Here the code of my Custome Access Strategy
public class MyDefaultRegisteredServiceAccessStrategy extends
DefaultRegisteredServiceAccessStrategy {
private String param1 = null;
private String param2 = null;
private Map<String, Object> principalAttributes = new HashMap<String,
Object>();
public URI getUnauthorizedRedirectUrl(){
URI unauthorizedRedirectUrlDyn = this.unauthorizedRedirectUrl;
try{
if( this.unauthorizedRedirectUrl != null ) {
unauthorizedRedirectUrlDyn = new URI(
this.unauthorizedRedirectUrl.toString() + "?param1=" + this.param1 +
"¶m2=" + this.param2 );
LOGGER.debug("getUnauthorizedRedirectUrl : ",
unauthorizedRedirectUrlDyn);
}
}catch (URISyntaxException e){
//return this.unauthorizedRedirectUrl;
}
return unauthorizedRedirectUrlDyn;
}
*/
@Override
public boolean doPrincipalAttributesAllowServiceAccess(final String
principal, final Map<String, Object> principalAttributes) {
this.param1 = principal;
this.param2 = (String) principalAttributes.get("ServiceTarget");
this.principalAttributes = principalAttributes;
if (this.rejectedAttributes.isEmpty() &&
this.requiredAttributes.isEmpty()) {
LOGGER.debug("Skipping access strategy policy, since no
attributes rules are defined");
return true;
}
if (!enoughAttributesAvailableToProcess(principal,
principalAttributes)) {
LOGGER.debug("Access is denied. There are not enough attributes
available to satisfy requirements");
return false;
}
if (doRejectedAttributesRefusePrincipalAccess(principalAttributes))
{
LOGGER.debug("Access is denied. The principal carries
attributes that would reject service access");
return false;
}
if (!doRequiredAttributesAllowPrincipalAccess(principalAttributes,
this.requiredAttributes)) {
LOGGER.debug("Access is denied. The principal does not have the
required attributes [{}] specified by this strategy",
this.requiredAttributes);
return false;
}
return true;
}
}
And this where i defined my *unauthorizedRedirectUrl* *:*
*{ "@class" : "org.apereo.cas.services.RegexRegisteredService", ........
"id" : 1000, "usernameAttributeProvider" : { "@class" :
"org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider",
"usernameAttribute" : "uid" }, ........................
"accessStrategy": { "@class" :
"org.apereo.cas.services.MyDefaultRegisteredServiceAccessStrategy",
"unauthorizedRedirectUrl" : "MyURL", "requiredAttributes" : {
"@class" : "java.util.HashMap", "uid" : [ "java.util.HashSet", [
".*" ] ] } }}*
--
You received this message because you are subscribed to the Google Groups "CAS
Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-dev/722670ef-05d9-4cfe-92bb-dcc504a74353n%40apereo.org.
