gpt4 book ai didi

java - 扩展 JASIG CAS 的授权

转载 作者:行者123 更新时间:2023-12-01 10:25:26 25 4
gpt4 key购买 nike

我必须构建一个集中式身份验证和授权服务。我正在尝试使用 JASIG CAS。但它提到它是一个身份验证协议(protocol)。我的场景如下。

  1. 我的应用程序在第一次访问时重定向到 cas 服务器。
  2. CAS 重定向用户以进行 Google 身份验证
  3. 用户使用所需的电子邮件地址登录并重定向回 CAS
  4. At this moment i need to validate the user in my local jdbc store for user enabled or not and if not already registered user, and the email domain is abc.com i need to auto register the user.

  5. CAS 重定向到调用服务
  6. My service do the validateService api call. I would like to get the user authorities for the requested service in the result response from the CAS

这个场景可以通过CAS实现吗,如果CAS可以扩展,有人可以建议如何做到这一点,基本上是我需要修改的类

最佳答案

Does this scenario can be achieved by CAS

Jasig CAS 是高度可定制的,因为它是使用 Spring 框架和 Spring Security 构建的,您可以将其扩展以满足您的任何需求。

basically the classes that i need to modify

您的兴趣类别是:

  • PolicyBasedAuthenticationManager

Entry point into authentication subsystem. It accepts one or more credentials and delegates authentication to configured AuthenticationHandler components. It collects the results of each attempt and determines effective security policy.

  • AuthenticationHandler

Authenticates a single credential and reports one of three possible results: success, failure, not attempted.

  • PrincipalResolver

Converts information in the authentication credential into a security principal that commonly contains additional metadata attributes (i.e. user details such as affiliations, group membership, email, display name).

Jasig CAS 一切顺利 documented 。您应该能够在那里找到所需的所有信息。

关于java - 扩展 JASIG CAS 的授权,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35377849/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com