donghuang/cas4
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Shaun Chyxion 2021-07-25 16:29:55 +08:00
commit de7b7ebc68
99 changed files with 6493 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.gitignore vendored Normal file
View File

@ -0,0 +1,8 @@
.*
!.gitignore
!.gitlab-ci.yml
!.gitkeep
*.log
*.iml
target/
bin/

236
pom.xml Normal file
View File

@ -0,0 +1,236 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
<version>0.0.1</version>
<packaging>jar</packaging>
<name>Apereo CAS Web Application</name>
<properties>
<spring-boot.version>2.5.3</spring-boot.version>
<cas.version>4.2.7</cas.version>
<pac4j.version>1.8.9</pac4j.version>
<metrics.version>3.1.5</metrics.version>
<project.build.sourceVersion>1.8</project.build.sourceVersion>
<project.build.targetVersion>1.8</project.build.targetVersion>
<maven.compiler.aspectj.skip>false</maven.compiler.aspectj.skip>
<maven.build.timestamp.format>yyyy-MM-dd HH:mm:ssa</maven.build.timestamp.format>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
</properties>
<dependencies>
<dependency>
<groupId>com.pudonghot.emtomcat</groupId>
<artifactId>emtomcat-core</artifactId>
<version>0.0.1</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-support</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-monitor</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-authentication</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-services</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-logout</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-audit</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-logging</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-tickets</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-web</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-validation</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core-util</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-throttle</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-actions</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-cookie</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-reports</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-themes</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp-validation</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>spring-webmvc-pac4j</artifactId>
<version>1.0.1</version>
</dependency>
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-core</artifactId>
<version>${pac4j.version}</version>
</dependency>
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-http</artifactId>
<version>${pac4j.version}</version>
</dependency>
<dependency>
<groupId>com.lmax</groupId>
<artifactId>disruptor</artifactId>
<version>3.3.4</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-security-filter</artifactId>
<version>2.0.6</version>
</dependency>
<dependency>
<groupId>com.ryantenney.metrics</groupId>
<artifactId>metrics-spring</artifactId>
<version>3.1.3</version>
</dependency>
<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-jvm</artifactId>
<version>${metrics.version}</version>
</dependency>
<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-servlets</artifactId>
<version>${metrics.version}</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-web</artifactId>
<version>2.6.2</version>
</dependency>
<dependency>
<groupId>org.jasig</groupId>
<artifactId>spring-webflow-client-repo</artifactId>
<version>1.0.0</version>
</dependency>
<!--<dependency>-->
<!--<groupId>com.mchange</groupId>-->
<!--<artifactId>c3p0</artifactId>-->
<!--<version>0.9.5.2</version>-->
<!--</dependency>-->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.51</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>4.2.8.RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13.2</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${spring-boot.version}</version>
<configuration>
<finalName>app</finalName>
<layout>ZIP</layout>
<skip>false</skip>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

14
src/main/java/org/jasig/cas/web/CasWebServer.java Normal file
View File

@ -0,0 +1,14 @@
package org.jasig.cas.web;
import com.pudonghot.emtomcat.EmTomcat;
/**
* @author Donghuang
* @date Jul 24, 2021 15:15:58
*/
public class CasWebServer {
public static void main(String[] args) {
EmTomcat.run(8090);
}
}

0
src/main/resources/META-INF/.gitkeep Normal file
View File

528
src/main/resources/META-INF/resources/css/cas.css Normal file
View File

@ -0,0 +1,528 @@
/*@import url(https://fonts.googleapis.com/css?family=Lato);*/
@import url(https://fonts.googleapis.com/css?family=Lato:700,400,300,100);
html, body, div, span, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, abbr,
address, cite, code, del, dfn, em, img, ins, kbd, q, samp, small, strong, sub, sup, var,
b, i, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot,
thead, tr, th, td, article, aside, canvas, details, figcaption, figure, footer, header,
hgroup, menu, nav, section, summary, time, mark, audio, video {
margin: 0;
padding: 0;
border: 0;
outline: 0;
font-size: 100%;
vertical-align: baseline;
background: transparent;
}
body { line-height: 1; }
nav ul { list-style: none; }
blockquote, q { quotes: none; }
blockquote:before, blockquote:after, q:before, q:after { content: ''; content: none; }
a { margin: 0; padding: 0; font-size: 100%; vertical-align: baseline; background: transparent; }
ins { background-color: #ff9; color: #000; text-decoration: none; }
mark { background-color: #ff9; color: #000; font-style: italic; font-weight: bold; }
del { text-decoration: line-through; }
abbr[title], dfn[title] { border-bottom: 1px dotted; cursor: help; }
table { border-collapse: collapse; border-spacing: 0; }
hr { display: block; height: 1px; border: 0; border-top: 1px solid #cccccc; margin: 1em 0; padding: 0; }
input, select { vertical-align: middle; }
body { font-family: Verdana, sans-serif; font-size: 11px; line-height: 1.4em; background: #eee; }
#container { width: 960px; margin: 0 auto; }
@media screen and (min-width: 960px) {
#container { width: 960px; }
}
@media screen and (min-width: 1280px) {
#ssosessions-page #container { width: 1280px; }
}
@media only screen and (max-width: 960px) {
#container { width: 100%; }
#content {
-webkit-border-bottom-right-radius: 0px;
-webkit-border-bottom-left-radius: 0px;
-moz-border-radius-bottomright: 0px;
-moz-border-radius-bottomleft: 0px;
border-bottom-right-radius: 0px;
border-bottom-left-radius: 0px;
}
}
body#cas {
background: #153e50; /* Old browsers */
}
a:link, a:visited {
color: #257bb2;
}
a:hover {
color: #a0b757;
}
p {
margin-bottom: 1.4em;
}
header {
overflow: hidden;
padding: 20px 0;
}
#logo {
display: block;
background: url(../images/logo.png) no-repeat;
text-indent: -999em;
float: left;
height: 100px;
width: 80%;
margin-right: 40px;
border: 0px;
}
header h1 {
float: right;
width: 119px;
height: 60px;
background: url(../images/cas-logo.png) no-repeat;
text-indent: -999em;
}
#content {
overflow: hidden;
background: #fff;
padding: 20px;
-webkit-border-radius: 10px;
-moz-border-radius: 10px;
border-radius: 10px;
}
#msg {
padding: 20px;
margin-bottom: 40px;
}
#msg.errors {
border: 1px dotted #BB0000;
color: #BB0000;
padding-left: 100px;
background: url(../images/error.png) no-repeat 20px center;
}
#msg.success { border: 1px dotted #390; color: #390; padding-left: 100px; background: url(../images/success.png) no-repeat 20px center; }
#msg.info { border: 1px dotted #008; color: #008; padding-left: 100px; background: url(../images/info.png) no-repeat 20px center; }
#msg.question { border: 1px dotted #390; color: #390; padding-left: 100px; background: url(../images/question.png) no-repeat 20px center; }
#msg.warn { border: 1px dotted #960; color: #960; padding-left: 100px; background: #ffbc8f url(../images/info.png) no-repeat 20px center; }
.errors {
border: 1px dotted #BB0000;
color: #BB0000;
padding-left: 100px;
padding-top:5px;
margin-bottom:5px;
background: url(../images/error.png) no-repeat 20px center;
}
#serviceui.serviceinfo {
border: 1px dotted #0066FF;
color: black;
padding-left: 10px;
padding-top: 5px;
}
#servicedesc {
vertical-align:middle;
padding-left: 30px;
width: 90%;
}
#login {
width: 320px;
float: left;
margin-right: 20px;
}
#login h2 {
font-weight: normal;
font-size: 1.4em;
margin-bottom: 20px;
}
#login .row {
padding: 10px 0;
}
#login label {
display: block;
margin-bottom: 2px;
}
#login .check label {
display: inline;
}
#login input[type=text], #login input[type=password] {
font-size: 1.4em;
padding: 5px;
}
#login .btn-submit {
background: #70ba61;
border: 0;
padding: 10px 20px;
font-weight: bold;
color: white;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
#login .btn-reset {
background: #eee;
padding: 10px 20px;
border: 0;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
#login .btn-submit:hover, #login .btn-reset:hover {
cursor: pointer;
}
#login .btn-submit:hover {
background: #7fd36e;
}
#login .btn-reset:hover {
background: #d4d4d4;
}
#sidebar {
width: auto;
height: 100%;
}
#sidebar-content {
padding-left: 20px;
}
#list-providers ul {
margin-bottom: 3em;
}
#list-languages h3, #list-providers h3 {
margin-bottom: 1.4em;
}
#list-languages ul li, #list-providers ul li {
list-style: none;
display: inline-block;
margin-right: 2em;
}
footer {
padding: 20px;
color: white;
}
footer a:link, footer a:visited {
color: white;
}
@media only screen and (max-width: 960px) {
header { padding: 20px; }
#container { width: 100%; }
#content {
-webkit-border-radius: 0px;
-moz-border-radius: 0px;
border-radius: 0px;
}
}
@media only screen and (max-width: 855px) {
#logo { display: none; }
header h1 { font-size: 1em; width: 70px; height: 40px; background-size: 70px 40px; }
#login { float: none; width: 100%; }
#fm1 .row input[type=text],
#fm1 .row input[type=password] { width: 100%; padding: 10px; box-sizing: border-box; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; }
#fm1 .row .btn-submit { outline: none; -webkit-appearance: none; -webkit-border-radius: 0; border: 0; background: #70ba61; color: white; font-weight: bold; width: 100%; padding: 10px 20px; -webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px; }
#fm1 .row .btn-reset { display: none; }
#sidebar { margin-top: 20px; }
#sidebar .sidebar-content { padding: 0; }
}
/**
* SSO Sessions Styles
*/
#loadingMessage {
font-size: 14px;
}
#cas-sessions, #no-cas-sessions {
display: none;
}
#no-cas-sessions div {
margin-top: 2em;
}
.ssoSessions #content {
border-radius: 4px;
padding: 20px;
}
#container-stable {
margin: 20px 0 20px;
}
.ssoSessions .btn-success {
background: #70ba61;
border: 0;
padding: 10px 20px;
font-weight: bold;
color: white;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
.ssoSessions .sorting_desc, .ssoSessions .sorting_asc {
background-color: rgba(239, 239, 239, 0.8);
}
.ssoSessions #removeAllSessionsButton.btn .badge {
color: #000;
padding-right: 9px;
}
.ssoSessions .adminPanels {
border-bottom: 1px solid #efefef;
margin-bottom: 2em;
margin-top: 1em;
padding-bottom: 1em;
}
.ssoSessions .adminPanels .panel-default>.panel-heading {
background-color: #fff;
border-bottom: none;
}
.ssoSessions .adminPanels .panel-default>.panel-heading h3 {
font-family: 'Lato', sans-serif;
font-weight: 300;
font-size: 20pt;
}
.ssoSessions .adminPanels .panel-default > .panel-heading:after {
position: absolute;
font-family: FontAwesome;
top: -5px;
right: 30px;
font-size: 70pt;
color: #153e50;
opacity: 0.1;
}
.adminPanels .users-panel.panel-default > .panel-heading:after {
content: "\f0c0";
}
.adminPanels .usage-panel.panel-default > .panel-heading:after {
content: "\f201";
}
.adminPanels .tickets-panel.panel-default > .panel-heading:after {
content: "\f145";
}
.ssoSessions td.details-control {
cursor: pointer;
font-family: FontAwesome;
font-size: 10pt;
color: #337ab7;
}
.ssoSessions td.details-control:after {
content: "\f067";
/*content: "\002B"; - thinner plus sign */
}
.ssoSessions tr.shown td.details-control:after {
content: "\f068";
/*content: "\002D"; - thinner minus sign */
}
.row-detail-wrapper {
/*background-color: cornsilk;*/
background-color: #d9edf7;
}
.ssoSessions .row-detail thead {
display: none;
}
.ssoSessions .row-detail {
/*font-size: 8pt;*/
font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
}
.ssoSessions .field-label {
/*font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;*/
/*font-size: 8pt;*/
/*font-weight: bold;*/
}
.principal_attributes td:first-child {
width: 30%;
}
table.principal_attributes>tbody>tr>td {
border-top-color: #E6E6E6;
}
.adminPanels .panel-body {
padding-top: 5px;
}
.adminPanels .panel-body span {
font-family: 'Lato', sans-serif;
font-size: 30pt;
font-weight: 100;
}
.row-eq-height {
display: -webkit-box;
display: -webkit-flex;
display: -ms-flexbox;
display: flex;
}
#alertBox {
display: none;
}
/**
SB Admin Styles
*/
.huge {
font-size: 30pt;
font-family: 'Lato', sans-serif;
font-weight: 300;
}
.semi-huge {
font-size: 18pt;
font-family: 'Lato', sans-serif;
font-weight: 300;
}
/**
* Statistics View
*/
.statisticsView {
display: none;
}
.statisticsView .progress-meter .background {
fill: #DFEAFD;
}
.statisticsView .progress-meter .foreground {
fill: #2E7AF9;
}
.statisticsView .progress-meter text {
font-family: 'Lato' sans-serif;
font-size: 25pt;
font-weight: 300;
}
.statisticsView .progress-meter .text2 {
font-family: 'Georgia' sans-serif;
font-size: 10pt;
}
.modal {
display: none;
}
/**
* Runtime Statistics Gauge styles
*/
.statisticsView .runtimeStatistics .background {
fill: #DFEAFD;
}
.statisticsView .runtimeStatistics .foreground {
fill: #2E7AF9;
}
.statisticsView .runtimeStatistics text {
font-family: 'Lato' sans-serif;
font-size: 25pt;
font-weight: 300;
}
.statisticsView .runtimeStatistics .text2 {
font-family: 'Georgia' sans-serif;
font-size: 10pt;
}
#uptime-panel {
display: none;
}
#uptime {
font-family: 'Lato', sans-serif;
font-size: 16pt;
}
.thread-dump-view {
height: 600px;
overflow-y: auto;
}
#metricsGauges strong {
display: block;
}
#metricsGauges .panel {
width: 100%;
}
#metricsGauges ul {
height : auto;
overflow : hidden;
}
#metricsGauges li {
float : left;
width : 80px;
height: 80px;
margin: 0 0 10px 10px;
background : #d8d8d8;
}
#metricsGauges ul li:nth-child(5n + 1) {
clear : left;
}
.statisticsView .equal, .statisticsView .equal > div[class*='col-'] {
display: -webkit-box;
display: -moz-box;
display: -ms-flexbox;
display: -webkit-flex;
display: flex;
flex:1 1 auto;
}
.statisticsView .section {
margin-bottom: 25px;
}
#viewSsoSessions {
color: white;
}
.statisticsView .adminPanels.container-fluid {
padding-right: 0;
}
/**
* View Configuration Styles
*/
#viewConfigError {
display: none;
}
#view-configuration {
display: none;
}

130
src/main/resources/META-INF/resources/css/ssosessions.css Normal file
View File

@ -0,0 +1,130 @@
/*
/* --------------- CUSTOM STYLES
*/
body,html {
background: #153e50;
}
/*body,html,*/
#cas-sessions,
#container-stable,
.ui-widget {
font-family: 'Lato', sans-serif !important;
font-size: 14px;
}
/* Navigation -- */
.navbar-default .navbar-brand,
.navbar-default .navbar-toggle {
color: #ffffff;
}
.navbar-default .navbar-brand {
font-family: 'Open Sans', sans-serif;
color: #ffffff;
line-height: 32px;
font-size: 20px;
padding: 0;
position: relative;
top: 8px;
left: 5px;
}
.navbar-default .navbar-brand:hover {
color: #ffffff;
}
.navbar-default .navbar-brand img {
margin-right: 8px;
width: 32px;
}
.navbar-default .navbar-brand .logo {
text-transform: uppercase;
font-size: 26px;
}
.navbar-default .navbar-brand .logo .heavy {
font-weight: 700;
}
@media (min-width: 768px) {
.navbar-brand {
display: block;
padding: 6px 15px 0;
box-sizing: border-box;
top: auto;
left: auto;
}
.navbar-brand img {
display: inline-block;
width: 32px;
}
}
#navbar > .navbar-nav > li > a {
color: #ffffff;
font-size: 12px;
}
.navbar-default {
border-bottom: 1px solid #dadada;
background-color: #346288;
}
.navbar-default .navbar-header a {
color: #ffffff;
}
.navbar-default .navbar-header a.toggle-sidebar {
padding: 15px 20px;
float: left;
}
#top-navbar .nav > li .navbar-text {
color: #ffffff;
padding: 15px 14px;
margin: 0;
}
#top-navbar .nav > li > a {
color: #ffffff;
padding: 15px 14px;
margin: 0;
}
#top-navbar .nav > li > a:hover,
#top-navbar .nav > li > a:focus {
background-color: #36a9e1;
}
/* Main content block --*/
/*#content {*/
/*border-radius: 4px;*/
/*}*/
/* Session container --*/
#container-stable {
margin: 40px 0 20px;
}
#container-stable h3,
#container-stable table th,
#container-stable table td {
/*font-family: Arial,"Helvetica Neue",Helvetica,sans-serif;*/
}
#container-stable table th {
text-align: left;
}
/* Tables */
#table-monitor-hdr {
font-weight: bold;
margin-left: 16px;
text-align: center
}
/* UI controls */
.ui-accordion .ui-accordion-header {
margin: 15px 0 0;
}
.btn.active, .btn:active {
color: #fff;
background-color: #286090;
border-color: #204d74;
}

BIN
src/main/resources/META-INF/resources/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 170 B

BIN
src/main/resources/META-INF/resources/images/6inchbrand-64.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
src/main/resources/META-INF/resources/images/cas-logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
src/main/resources/META-INF/resources/images/confirm.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 958 B

BIN
src/main/resources/META-INF/resources/images/error.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
src/main/resources/META-INF/resources/images/error.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
src/main/resources/META-INF/resources/images/green.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 B

BIN
src/main/resources/META-INF/resources/images/info.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 980 B

BIN
src/main/resources/META-INF/resources/images/info.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
src/main/resources/META-INF/resources/images/key-point_bl.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 102 B

BIN
src/main/resources/META-INF/resources/images/key-point_br.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 186 B

BIN
src/main/resources/META-INF/resources/images/key-point_tl.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 103 B

BIN
src/main/resources/META-INF/resources/images/key-point_tr.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 105 B

BIN
src/main/resources/META-INF/resources/images/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
src/main/resources/META-INF/resources/images/question.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.9 KiB

BIN
src/main/resources/META-INF/resources/images/red.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 B

BIN
src/main/resources/META-INF/resources/images/success.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
src/main/resources/META-INF/resources/images/warning.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 602 B

BIN
src/main/resources/META-INF/resources/images/webapp.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.9 KiB

6
src/main/resources/META-INF/resources/index.jsp Normal file
View File

@ -0,0 +1,6 @@
<%@ page language="java" session="false" %>
<%
final String queryString = request.getQueryString();
final String url = request.getContextPath() + "/login" + (queryString != null ? '?' + queryString : "");
response.sendRedirect(response.encodeURL(url));%>

62
src/main/resources/META-INF/resources/js/cas.js Normal file
View File

@ -0,0 +1,62 @@
head.ready(document, function() {
head.load("https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js", loadjQueryUI);
});
function loadjQueryUI() {
head.load("https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js", loadjQueryCookies);
}
function loadjQueryCookies() {
head.load("https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js", resourceLoadedSuccessfully);
}
function areCookiesEnabled() {
$.cookie('cookiesEnabled', 'true');
var value = $.cookie('cookiesEnabled');
if (value != undefined) {
$.removeCookie('cookiesEnabled');
return true;
}
return false;
}
function resourceLoadedSuccessfully() {
$(document).ready(function() {
if ($(":focus").length === 0){
$("input:visible:enabled:first").focus();
}
if (areCookiesEnabled()) {
$('#cookiesDisabled').hide();
} else {
$('#cookiesDisabled').show();
$('#cookiesDisabled').animate({ backgroundColor: 'rgb(187,0,0)' }, 30).animate({ backgroundColor: 'rgb(255,238,221)' }, 500);
}
//flash error box
$('#msg.errors').animate({ backgroundColor: 'rgb(187,0,0)' }, 30).animate({ backgroundColor: 'rgb(255,238,221)' }, 500);
//flash success box
$('#msg.success').animate({ backgroundColor: 'rgb(51,204,0)' }, 30).animate({ backgroundColor: 'rgb(221,255,170)' }, 500);
//flash confirm box
$('#msg.question').animate({ backgroundColor: 'rgb(51,204,0)' }, 30).animate({ backgroundColor: 'rgb(221,255,170)' }, 500);
$('#capslock-on').hide();
$('#password').keypress(function(e) {
var s = String.fromCharCode( e.which );
if ( s.toUpperCase() === s && s.toLowerCase() !== s && !e.shiftKey ) {
$('#capslock-on').show();
} else {
$('#capslock-on').hide();
}
});
if (typeof(jqueryReady) == "function") {
jqueryReady();
}
});
};

181
src/main/resources/META-INF/resources/js/ssosessions.js Normal file
View File

@ -0,0 +1,181 @@
var ssoSessions = (function () {
var urls = {
destroy: {
all: '/cas/statistics/ssosessions/destroySsoSessions',
single: '/cas/statistics/ssosessions/destroySsoSession'
},
getSessions: '/cas/statistics/ssosessions/getSsoSessions'
};
var createDataTable = function() {
$('#ssoSessions').DataTable( {
"order": [[ 3, "desc" ]],
"initComplete": function(settings, json) {
if (!json || json.activeSsoSessions.length == 0) {
$('#loadingMessage').hide();
$('#no-cas-sessions').show();
} else {
updateAdminPanels( json );
$('#loadingMessage').hide();
$("#no-cas-sessions").hide();
$("#cas-sessions").show();
}
},
"language": {
//"infoEmpty": "No active sessions were found",
"emptyTable": "No sessions found",
"zeroRecords": "No matching sessions found"
},
"processing": true,
"ajax": {
"url": '/cas/statistics/ssosessions/getSsoSessions',
"dataSrc": "activeSsoSessions"
},
columnDefs: [
{
"targets": 0,
"className": 'details-control',
"orderable": false,
"data": null,
"defaultContent": ''
},
{
"targets": 1,
"data": 'is_proxied',
'className': 'col-xs-2 col-md-1',
"render" : function ( data, type, full, meta ) {
if ( data === true) {
return '<span class="label label-primary">Proxy</span>';
} else {
return ' ';
}
}
},
{
"targets": 2,
"data": 'authenticated_principal',
"className": 'col-xs-4 col-md-2',
"render": function ( data, type, full, meta ) {
return type === 'display' && data.length > 20 ?
'<span title="'+data+'">'+data.substr( 0, 18 )+'...</span>' :
data;
}
},
{
"targets": 3,
"data": 'ticket_granting_ticket',
"className": 'hidden-xs hidden-sm col-md-4',
"render": function ( data, type, full, meta ) {
return type === 'display' && data.length > 20 ?
'<span title="'+data+'">'+data.substr( 0, 40 )+'...</span>' :
data;
}
},
{
"targets": 4,
"data": 'authentication_date_formatted',
"className": 'col-xs-4 col-sm-4 col-md-2'
},
{
"targets": 5,
"data": 'number_of_uses',
"className": 'hidden-xs hidden-sm visible-md-* col-md-2'
},
{
"targets": 6,
"data": "ticket_granting_ticket",
"className": 'col-xs-2 col-sm-2 col-md-1',
"render": function (data, type, full, meta ) {
return '<button class="btn btn-xs btn-block btn-danger" type="button" value="' + data + '">Destroy</button>';
},
"orderable": false
},
]
} );
};
var addEventHandlers = function() {
/**
* The Bulk remove button
*/
$('#removeAllSessionsButton').on('click', function(e) {
e.preventDefault();
removeSession(this.value);
});
/**
* Individual removal button
*/
$(document).on('click', '#ssoSessions tbody tr td:last-child button.btn-danger', function (e) {
e.preventDefault();
removeSession( this.value );
});
/**
* The filter buttons
*/
$('#filterButtons .btn').click(function() {
var filter = $(this).data('filter');
var table = $('#ssoSessions').DataTable();
// Create Filter RegEx:
if ( filter == 'proxied') {
var filterRegex = '^Proxy$';
var deleteValue = 'PROXIED';
var btnText = 'Remove <span class="badge">xx</span> Proxied Sessions';
} else if ( filter == 'non-proxied') {
var filterRegex = '^ $';
var deleteValue = 'DIRECT';
var btnText = 'Remove <span class="badge">xx</span> Non-Proxied Sessions';
} else {
var filterRegex = '';
var deleteValue = 'ALL';
var btnText = 'Remove All Sessions';
}
var searchTerm = table.column( 1 ).search(filterRegex, true, false).draw();
$('#removeAllSessionsButton').val( deleteValue ).html(btnText.replace('xx', searchTerm.page.info().recordsDisplay ))
});
// Add event listener for opening and closing details
$(document).on('click', '#ssoSessions tbody td.details-control', function () {
var table = $('#ssoSessions').DataTable();
var tr = $(this).closest('tr');
var row = table.row( tr );
if ( row.child.isShown() ) {
// This row is already open - close it
row.child.hide();
tr.removeClass('shown');
}
else {
// Open this row
row.child( format(row.data()), 'info' ).show();
tr.addClass('shown');
}
} );
};
// initialization *******
( function init () {
addEventHandlers();
createDataTable();
})();
// Public Methods
return {
/**
* Not used
*/
};
})();

138
src/main/resources/META-INF/resources/js/statisticsview.js Normal file
View File

@ -0,0 +1,138 @@
var Gauge = function (wrapper, percent, options) {
if (!wrapper || !percent) {
//console.error('wrapper and percentage are required. Please check your code.');
return;
}
var label = (!options.label) ? '' : options.label;
var textClass = options.textClass || 'progress-meter';
var width = options.width || 200,
height = options.height || 200,
twoPi = 2 * Math.PI,
progress = 0,
total = 100,
formatPercent = d3.format(".0%");
var colorScale = d3.scale.linear()
.domain([0, 0.40, 0.50, 1])
.range(["green", "green", "goldenrod", "red"]);
var arc = d3.svg.arc()
.startAngle(0)
.innerRadius(width * 0.4)
.outerRadius(width * 0.5)
;
var svg = d3.select(wrapper).append("svg")
.attr("width", width)
.attr("height", height)
.attr('fill', '#2E7AF9')
.append("g")
.attr("transform", "translate(" + width / 2 + "," + height / 2 + ")");
var meter = svg.append("g")
.attr("class", textClass);
meter.append("path")
.attr("class", "background")
.attr("d", arc.endAngle(twoPi));
var foreground = meter.append("path")
.attr("class", "foreground");
var text = meter.append("text")
.attr("text-anchor", "middle");
var text2 = meter.append("text")
.attr('y', height * 0.15)
.attr("text-anchor", "middle")
.attr("class", "text2");
text2.text(label);
var animate = function (percentage) {
var i = d3.interpolate(progress, percentage);
foreground.transition().duration(2000)
.tween("progress", function () {
return function (t) {
progress = i(t);
foreground.style('fill', colorScale(progress));
foreground.attr("d", arc.endAngle(twoPi * progress));
text.text(formatPercent(progress));
};
});
};
// init
(function () {
setTimeout(function () {
animate(percent);
}, 500);
})();
return {
update: function (newPercent) {
animate(newPercent);
}
};
};
function upTime(countTo, el) {
var wrapper = document.getElementById('uptime-panel');
var element = document.getElementById(el);
var now = new Date();
countTo = new Date(countTo);
var difference = (now - countTo);
var days = Math.floor(difference / (60 * 60 * 1000 * 24) * 1);
var hours = Math.floor((difference % (60 * 60 * 1000 * 24)) / (60 * 60 * 1000) * 1);
var mins = Math.floor(((difference % (60 * 60 * 1000 * 24)) % (60 * 60 * 1000)) / (60 * 1000) * 1);
var secs = Math.floor((((difference % (60 * 60 * 1000 * 24)) % (60 * 60 * 1000)) % (60 * 1000)) / 1000 * 1);
clearTimeout(upTime.to);
if (isNaN(days) || isNaN(hours) || isNaN(mins) || isNaN(secs) ) {
wrapper.style.display = 'none';
} else {
days = (days == 1) ? days + ' day ' : days + ' days ';
hours = (hours == 1) ? hours + ' hour ' : hours + ' hours ';
mins = (mins == 1) ? mins + ' minute ' : mins + ' minutes ';
secs = (secs == 1) ? secs + ' second ' : secs + ' seconds';
var timeString = '<span class="upTime">' + days + hours + mins + secs + '</span>';
element.innerHTML = timeString;
wrapper.style.display = 'block';
upTime.to = setTimeout(function() {
upTime(countTo, el);
},1000);
}
}
// Fill modal with content from link href
$("#threadDumpModal").on("show.bs.modal", function (e) {
var link = $(e.relatedTarget);
$(this).find(".modal-body pre").load(link.val());
});
/**
* Thread Dump Preview
* Returnes the xx amount of characters from the end of the thread dump for preview sake.
* The length can be changed by passing ini a value, otherwise it defaults to 400.
*/
function getThreadDumpPreview(len) {
var len = len || 400;
$.get($('#threadDumpViewButton').val(), function (data) {
$('#threadDumpPreview').html(data.substr(-len));
});
}

1117
src/main/resources/META-INF/resources/js/test_data.json Normal file
View File

File diff suppressed because it is too large Load Diff

59
src/main/resources/META-INF/resources/js/viewConfig.js Normal file
View File

@ -0,0 +1,59 @@
var viewConfigs = (function () {
var createDataTable = function() {
$('#viewConfigsTable').DataTable( {
"initComplete": function(settings, json) {
if (!json || json.length == 0) {
$('#loadingMessage').hide();
$('#viewConfigError').show();
$("#view-configuration").hide();
} else {
$('#loadingMessage').hide();
$('#viewConfigError').hide();
$("#view-configuration").show();
}
},
"drawCallback": function( settings ) {
var api = this.api();
if (api.page.info().pages > 1) {
$('#' + $.fn.dataTable.tables()[0].id + '_paginate')[0].style.display = "block";
} else {
$('#' + $.fn.dataTable.tables()[0].id + '_paginate')[0].style.display = "none";
}
},
"processing": true,
"ajax": {
"url": '/cas/status/config/getProperties',
"dataSrc": function (json) {
var return_data = new Array();
for(var i=0;i< json.length; i++){
var obj = json[i];
for (var key in obj) {
if (obj.hasOwnProperty(key)) {
return_data.push({
'key': key,
'value' : obj[key],
})
}
}
}
return return_data;
}
},
"columns": [
{ "data": "key", 'className': 'col-xs-6' },
{ "data": "value", 'className': 'col-xs-6' }
],
} );
};
// initialization *******
( function init () {
createDataTable();
})();
// Public Methods
return {
/**
* Not used
*/
};
})();

198
src/main/resources/META-INF/resources/themes/apereo/css/cas.css Normal file
View File

@ -0,0 +1,198 @@
html, body, div, span, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, abbr, address, cite, code, del, dfn, em, img, ins, kbd, q, samp, small, strong, sub, sup, var, b, i, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, figcaption, figure, footer, header, hgroup, menu, nav, section, summary, time, mark, audio, video { margin: 0; padding: 0; border: 0; outline: 0; font-size: 100%; vertical-align: baseline; background: transparent; }
body { line-height: 1; }
nav ul { list-style: none; }
blockquote, q { quotes: none; }
blockquote:before, blockquote:after, q:before, q:after { content: ''; content: none; }
a { margin: 0; padding: 0; font-size: 100%; vertical-align: baseline; background: transparent; }
ins { background-color: #ff9; color: #000; text-decoration: none; }
mark { background-color: #ff9; color: #000; font-style: italic; font-weight: bold; }
del { text-decoration: line-through; }
abbr[title], dfn[title] { border-bottom: 1px dotted; cursor: help; }
table { border-collapse: collapse; border-spacing: 0; }
hr { display: block; height: 1px; border: 0; border-top: 1px solid #cccccc; margin: 1em 0; padding: 0; }
input, select { vertical-align: middle; }
body { font-family: Helvetica, Arial, sans-serif; font-size: 12px; line-height: 1.4em; background: #eee; }
#container { width: 960px; margin: 0 auto; }
@media only screen and (max-width: 960px) {
#container { width: 100%; }
#content { -webkit-border-bottom-right-radius: 0px; -webkit-border-bottom-left-radius: 0px; -moz-border-radius-bottomright: 0px; -moz-border-radius-bottomleft: 0px; border-bottom-right-radius: 0px; border-bottom-left-radius: 0px; }
}
body {
background: url(../images/bg-tile.gif); /* Old browsers */
}
a:link, a:visited {
color: #257bb2;
}
a:hover {
color: #a0b757;
}
p {
margin-bottom: 1.4em;
}
header {
overflow: hidden;
padding: 40px 0;
}
#logo {
display: block;
width: 250px;
height: 52px;
background: url(../images/apereo-logo.png) no-repeat;
text-indent: -999em;
float: left;
margin-right: 40px;
border-right: 1px solid rgba(255,255,255,0.25);
}
header h1 {
display: none;
}
#content {
overflow: hidden;
background: #fff;
padding: 20px;
-webkit-border-radius: 10px;
-moz-border-radius: 10px;
border-radius: 10px;
-webkit-box-shadow: 0 0 8px 0 rgba(0,0,0,0.15);
box-shadow: 0 0 8px 0 rgba(0,0,0,0.15);
}
#msg {
padding: 20px;
margin-bottom: 40px;
}
#msg.errors {
border: 1px dotted #BB0000;
color: #BB0000;
padding-left: 100px;
background: url(../../../images/error.png) no-repeat 20px center;
}
#msg.success { border: 1px dotted #390; color: #390; padding-left: 100px; background: url(../../../images/success.png) no-repeat 20px center; }
#msg.info { border: 1px dotted #008; color: #008; padding-left: 100px; background: url(../../../images/info.png) no-repeat 20px center; }
#msg.question { border: 1px dotted #390; color: #390; padding-left: 100px; background: url(../../../images/question.png) no-repeat 20px center; }
#msg.warn { border: 1px dotted #960; color: #960; padding-left: 100px; background: #ffbc8f url(../../../images/info.png) no-repeat 20px center; }
#login {
width: 320px;
float: left;
margin-right: 20px;
}
#login h2 {
font-weight: normal;
font-size: 1.4em;
margin-bottom: 20px;
}
#login .row {
padding: 10px 0;
}
#login label {
display: block;
margin-bottom: 2px;
}
#login .check label {
display: inline;
}
#login input[type=text], #login input[type=password] {
font-size: 1.4em;
padding: 5px;
}
#login .btn-submit {
background: #2aa4a5;
border: 0;
padding: 10px 20px;
font-weight: bold;
color: white;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
#login .btn-reset {
background: #eee;
padding: 10px 20px;
border: 0;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
#login .btn-submit:hover, #login .btn-reset:hover {
cursor: pointer;
}
#login .btn-submit:hover {
background: #30bfbf;
}
#login .btn-reset:hover {
background: #d4d4d4;
}
#sidebar {
width: auto;
height: 100%;
}
#sidebar-content {
padding-left: 20px;
}
#list-languages h3 {
margin-bottom: 1.4em;
}
#list-languages ul li {
list-style: none;
display: inline-block;
margin-right: 2em;
}
footer {
padding: 20px;
color: black;
}
footer a:link, footer a:visited {
color: black;
}
@media only screen and (max-width: 960px) {
header { padding: 20px; }
#container { width: 100%; }
#content {
-webkit-border-radius: 0px;
-moz-border-radius: 0px;
border-radius: 0px;
}
}
@media only screen and (max-width: 799px) {
header { padding: 10px;}
#logo { width: 156px; height: 32px; background-size: 156px 32px; margin-right: 20px; }
#login { float: none; width: 100%; }
#fm1 .row input[type=text],
#fm1 .row input[type=password] { width: 100%; padding: 10px; box-sizing: border-box; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; }
#fm1 .row .btn-submit { outline: none; -webkit-appearance: none; -webkit-border-radius: 0; border: 0; background: #2aa4a5; color: white; font-weight: bold; width: 100%; padding: 10px 20px; -webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px; }
#fm1 .row .btn-reset { display: none; }
#sidebar { margin-top: 20px; }
#sidebar .sidebar-content { padding: 0; }
}

BIN
src/main/resources/META-INF/resources/themes/apereo/images/apereo-logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
src/main/resources/META-INF/resources/themes/apereo/images/bg-tile.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

20
src/main/resources/META-INF/resources/themes/apereo/js/cas.js Normal file
View File

@ -0,0 +1,20 @@
$(document).ready(function(){
//focus username field
if ($(":focus").length === 0){
$("input:visible:enabled:first").focus();
}
//flash error box
$('#msg.errors').animate({ backgroundColor: 'rgb(187,0,0)' }, 30).animate({ backgroundColor: 'rgb(255,238,221)' }, 500);
//flash success box
$('#msg.success').animate({ backgroundColor: 'rgb(51,204,0)' }, 30).animate({ backgroundColor: 'rgb(221,255,170)' }, 500);
//flash confirm box
$('#msg.question').animate({ backgroundColor: 'rgb(51,204,0)' }, 30).animate({ backgroundColor: 'rgb(221,255,170)' }, 500);
/*
* Using the JavaScript Debug library, you may issue log messages such as:
* debug.log("Welcome to Central Authentication Service");
*/
});

100
src/main/resources/WEB-INF/cas-servlet.xml Normal file
View File

@ -0,0 +1,100 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:webflow="http://www.springframework.org/schema/webflow-config"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/webflow-config http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.3.xsd">
<import resource="spring-configuration/propertyFileConfigurer.xml"/>
<bean id="themeChangeInterceptor"
class="org.springframework.web.servlet.theme.ThemeChangeInterceptor"
p:paramName="${cas.themeResolver.param.name:theme}"/>
<bean id="beanNameViewResolver" class="org.springframework.web.servlet.view.BeanNameViewResolver"
p:order="1"/>
<!--
<bean id="xmlViewResolver" class="org.springframework.web.servlet.view.XmlViewResolver"
p:order="1000"
p:location="${cas.viewResolver.xmlFile:classpath:/META-INF/spring/views.xml}" />
-->
<bean id="urlBasedViewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver"
p:viewClass="org.springframework.web.servlet.view.InternalResourceView"
p:prefix="${cas.themeResolver.pathprefix:/WEB-INF/view/jsp}/"
p:suffix=".jsp"
p:order="2000"/>
<!-- Locale Resolver -->
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver"
p:defaultLocale="${locale.default:en}"/>
<bean id="localeChangeInterceptor" class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor"
p:paramName="${locale.param.name:locale}"/>
<bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter"/>
<!-- login webflow configuration -->
<bean id="loginFlowHandlerMapping" class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping"
p:flowRegistry-ref="loginFlowRegistry" p:order="2">
<property name="interceptors">
<array value-type="org.springframework.web.servlet.HandlerInterceptor">
<ref bean="localeChangeInterceptor"/>
<ref bean="authenticationThrottle"/>
</array>
</property>
</bean>
<bean id="loginHandlerAdapter" class="org.jasig.cas.web.flow.SelectiveFlowHandlerAdapter"
p:supportedFlowId="login" p:flowExecutor-ref="loginFlowExecutor" p:flowUrlHandler-ref="loginFlowUrlHandler"/>
<bean id="loginFlowUrlHandler" class="org.jasig.cas.web.flow.CasDefaultFlowUrlHandler"/>
<bean name="loginFlowExecutor" class="org.springframework.webflow.executor.FlowExecutorImpl"
c:definitionLocator-ref="loginFlowRegistry"
c:executionFactory-ref="loginFlowExecutionFactory"
c:executionRepository-ref="loginFlowExecutionRepository"/>
<bean name="loginFlowExecutionFactory" class="org.springframework.webflow.engine.impl.FlowExecutionImplFactory"
p:executionKeyFactory-ref="loginFlowExecutionRepository"/>
<bean id="loginFlowExecutionRepository" class=" org.jasig.spring.webflow.plugin.ClientFlowExecutionRepository"
c:flowExecutionFactory-ref="loginFlowExecutionFactory"
c:flowDefinitionLocator-ref="loginFlowRegistry"
c:transcoder-ref="loginFlowStateTranscoder"/>
<bean id="loginFlowStateTranscoder" class="org.jasig.spring.webflow.plugin.EncryptedTranscoder"
c:cipherBean-ref="loginFlowCipherBean" />
<!-- logout webflow configuration -->
<bean id="logoutFlowHandlerMapping" class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping"
p:flowRegistry-ref="logoutFlowRegistry" p:order="3">
<property name="interceptors">
<array value-type="org.springframework.web.servlet.HandlerInterceptor">
<ref bean="localeChangeInterceptor"/>
</array>
</property>
</bean>
<bean id="logoutHandlerAdapter" class="org.jasig.cas.web.flow.SelectiveFlowHandlerAdapter"
p:supportedFlowId="logout" p:flowExecutor-ref="logoutFlowExecutor"
p:flowUrlHandler-ref="logoutFlowUrlHandler"/>
<bean id="logoutFlowUrlHandler" class="org.jasig.cas.web.flow.CasDefaultFlowUrlHandler"
p:flowExecutionKeyParameter="RelayState"/>
<bean id="credentialsValidator" class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean"
p:messageInterpolator-ref="messageInterpolator"/>
</beans>

709
src/main/resources/WEB-INF/cas.properties Normal file
View File

@ -0,0 +1,709 @@
server.name=http://localhost:8080
server.prefix=${server.name}/cas
# security configuration based on IP address to access the /status and /statistics pages
# cas.securityContext.adminpages.ip=127\.0\.0\.1
##
# Unique CAS node name
# host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific
# hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster.
# host.name=
##
# JPA Ticket Registry Database Configuration
#
# ticketreg.database.ddl.auto=create-drop
# ticketreg.database.dialect=org.hibernate.dialect.OracleDialect|MySQLInnoDBDialect|HSQLDialect
# ticketreg.database.batchSize=10
# ticketreg.database.driverClass=org.hsqldb.jdbcDriver
# ticketreg.database.url=jdbc:hsqldb:mem:cas-ticket-registry
# ticketreg.database.user=sa
# ticketreg.database.password=
# ticketreg.database.pool.minSize=6
# ticketreg.database.pool.maxSize=18
# ticketreg.database.pool.maxWait=10000
# ticketreg.database.pool.maxIdleTime=120
# ticketreg.database.pool.acquireIncrement=6
# ticketreg.database.pool.idleConnectionTestPeriod=30
# ticketreg.database.pool.connectionHealthQuery=select 1
# ticketreg.database.pool.acquireRetryAttempts=5
# ticketreg.database.pool.acquireRetryDelay=2000
# ticketreg.database.pool.connectionHealthQuery=select 1
##
# JPA Service Registry Database Configuration
#
# svcreg.database.ddl.auto=create-drop
# svcreg.database.hibernate.dialect=org.hibernate.dialect.OracleDialect|MySQLInnoDBDialect|HSQLDialect
# svcreg.database.hibernate.batchSize=10
# svcreg.database.driverClass=org.hsqldb.jdbcDriver
# svcreg.database.url=jdbc:hsqldb:mem:cas-ticket-registry
# svcreg.database.user=sa
# svcreg.database.password=
# svcreg.database.pool.minSize=6
# svcreg.database.pool.maxSize=18
# svcreg.database.pool.maxWait=10000
# svcreg.database.pool.maxIdleTime=120
# svcreg.database.pool.acquireIncrement=6
# svcreg.database.pool.idleConnectionTestPeriod=30
# svcreg.database.pool.connectionHealthQuery=select 1
# svcreg.database.pool.acquireRetryAttempts=5
# svcreg.database.pool.acquireRetryDelay=2000
# svcreg.database.pool.connectionHealthQuery=select 1
##
# CAS SSO Cookie Generation & Security
# See https://github.com/mitreid-connect/json-web-key-generator
#
# Do note that the following settings MUST be generated per deployment.
#
# The encryption secret key. By default, must be a octet string of size 256.
# tgc.encryption.key=
# The signing secret key. By default, must be a octet string of size 512.
# tgc.signing.key=
# Decides whether SSO cookie should be created only under secure connections.
# tgc.secure=true
# The expiration value of the SSO cookie
# tgc.maxAge=-1
# The name of the SSO cookie
# tgc.name=TGC
# The path to which the SSO cookie will be scoped
# tgc.path=/cas
# The expiration value of the SSO cookie for long-term authentications
# tgc.remember.me.maxAge=1209600
# Decides whether SSO Warning cookie should be created only under secure connections.
# warn.cookie.secure=true
# The expiration value of the SSO Warning cookie
# warn.cookie.maxAge=-1
# The name of the SSO Warning cookie
# warn.cookie.name=CASPRIVACY
# The path to which the SSO Warning cookie will be scoped
# warn.cookie.path=/cas
# Whether we should track the most recent session by keeping the latest service ticket
# tgt.onlyTrackMostRecentSession = true
##
# CAS UI Theme Resolution
#
# cas.themeResolver.defaultThemeName=cas-theme-default
# cas.themeResolver.pathprefix=/WEB-INF/view/jsp/
# cas.themeResolver.param.name=theme
# Location of the Spring xml config file where views may be collected
# cas.viewResolver.xmlFile=/META-INF/spring/views.xml
##
# CAS Logout Behavior
# WEB-INF/cas-servlet.xml
#
# Specify whether CAS should redirect to the specified service parameter on /logout requests
# cas.logout.followServiceRedirects=false
##
# CAS Cached Attributes Timeouts
# Controls the cached attribute expiration policy
#
# Notes the duration in which attributes will be kept alive
# cas.attrs.timeToExpireInHours=2
##
# Single Sign-On Session
#
# Indicates whether an SSO session should be created for renewed authentication requests.
# create.sso.renewed.authn=true
#
# Indicates whether an SSO session can be created if no service is present.
# create.sso.missing.service=true
##
# CAS Authentication Policy
#
# cas.authn.policy.any.tryall=false
# cas.authn.policy.req.tryall=false
# cas.authn.policy.req.handlername=handlerName
##
# CAS PersonDirectory Principal Resolution
#
# cas.principal.resolver.persondir.principal.attribute=cn
# cas.principal.resolver.persondir.return.null=false
##
# CAS Internationalization
#
# locale.default=en
# locale.param.name=locale
# message.bundle.encoding=UTF-8
# message.bundle.cacheseconds=180
# message.bundle.fallback.systemlocale=false
# message.bundle.usecode.message=true
# message.bundle.basenames=classpath:custom_messages,classpath:messages
##
# CAS Authentication Throttling
#
#cas.throttle.failure.threshold=
#cas.throttle.failure.range.seconds=
#cas.throttle.username.parameter=
#cas.throttle.appcode=
#cas.throttle.authn.failurecode=
#cas.throttle.audit.query=
##
# CAS Health Monitoring
#
# cas.monitor.st.warn.threshold=5000
# cas.monitor.tgt.warn.threshold=10000
# cas.monitor.free.mem.threshold=10
##
# CAS MongoDB Service Registry
#
# mongodb.host=mongodb database url
# mongodb.port=mongodb database port
# mongodb.userId=mongodb userid to bind
# mongodb.userPassword=mongodb password to bind
# cas.service.registry.mongo.db=Collection name to store service definitions
# mongodb.timeout=5000
##
# Spring Webflow Web Application Session
# Define the settings that are required to encrypt and persist the CAS web application session.
# See the cas-servlet.xml file to understand how these properties are used.
#
# The encryption secret key. By default, must be a octet string of size 256.
# webflow.encryption.key=
# The signing secret key. By default, must be a octet string of size 512.
# webflow.signing.key=
##
# Remote User Authentication
#
# ip.address.range=
##
# Apache Shiro Authentication
#
# shiro.authn.requiredRoles=
# shiro.authn.requiredPermissions=
# shiro.authn.config.file=classpath:shiro.ini
##
# YubiKey Authentication
#
# yubikey.client.id=
# yubikey.secret.key=
##
# JDBC Authentication
#
# cas.jdbc.authn.query.encode.sql=
# cas.jdbc.authn.query.encode.alg=
# cas.jdbc.authn.query.encode.salt.static=
# cas.jdbc.authn.query.encode.password=
# cas.jdbc.authn.query.encode.salt=
# cas.jdbc.authn.query.encode.iterations.field=
# cas.jdbc.authn.query.encode.iterations=
# cas.jdbc.authn.query.sql=
# cas.jdbc.authn.search.password=
# cas.jdbc.authn.search.user=
# cas.jdbc.authn.search.table=
##
# Duo security 2fa authentication provider
# https://www.duosecurity.com/docs/duoweb#1.-generate-an-akey
#
# cas.duo.api.host=
# cas.duo.integration.key=
# cas.duo.secret.key=
# cas.duo.application.key=
##
# File Authentication
#
# file.authn.filename=classpath:people.txt
# file.authn.separator=::
##
# General Authentication
#
# cas.principal.transform.upperCase=false
# cas.authn.password.encoding.char=UTF-8
# cas.authn.password.encoding.alg=SHA-256
# cas.principal.transform.prefix=
# cas.principal.transform.suffix=
##
# X509 Authentication
#
# cas.x509.authn.crl.checkAll=false
# cas.x509.authn.crl.throw.failure=true
# cas.x509.authn.crl.refresh.interval=
# cas.x509.authn.revocation.policy.threshold=
# cas.x509.authn.trusted.issuer.dnpattern=
# cas.x509.authn.max.path.length=
# cas.x509.authn.max.path.length.unspecified=
# cas.x509.authn.check.key.usage=
# cas.x509.authn.require.key.usage=
# cas.x509.authn.subject.dnpattern=
# cas.x509.authn.principal.descriptor=
# cas.x509.authn.principal.serial.no.prefix=
# cas.x509.authn.principal.value.delim=
##
# Accepted Users Authentication
#
accept.authn.users=casuser::Mellon
##
# Rejected Users Authentication
#
# reject.authn.users=
##
# JAAS Authentication
#
# cas.authn.jaas.realm=CAS
# cas.authn.jaas.kerb.realm=
# cas.authn.jaas.kerb.kdc=
##
# Single Sign-On Session TGT Timeouts
#
# Inactivity Timeout Policy
# tgt.timeout.maxTimeToLiveInSeconds=28800
# Hard Timeout Policy
# tgt.timeout.hard.maxTimeToLiveInSeconds
#
# Throttled Timeout Policy
# tgt.throttled.maxTimeToLiveInSeconds=28800
# tgt.throttled.timeInBetweenUsesInSeconds=5
# Default Expiration Policy
# tgt.maxTimeToLiveInSeconds=28800
# tgt.timeToKillInSeconds=7200
##
# Service Ticket Timeout
#
# st.timeToKillInSeconds=10
# st.numberOfUses=1
##
# Http Client Settings
#
# The http client read timeout in milliseconds
# http.client.read.timeout=5000
# The http client connection timeout in milliseconds
# http.client.connection.timeout=5000
#
# The http client truststore file, in addition to the default's
# http.client.truststore.file=classpath:truststore.jks
#
# The http client truststore's password
# http.client.truststore.psw=changeit
##
# Single Logout Out Callbacks
#
# To turn off all back channel SLO requests set this to true
# slo.callbacks.disabled=false
#
# To send callbacks to endpoints synchronously, set this to false
# slo.callbacks.asynchronous=true
##
# CAS Protocol Security Filter
#
# Are multi-valued parameters accepted?
# cas.http.allow.multivalue.params=false
# Define the list of request parameters to examine for sanity
# cas.http.check.params=ticket,service,renew,gateway,warn,target,SAMLart,pgtUrl,pgt,pgtId,pgtIou,targetService
# Define the list of request parameters only allowed via POST
# cas.http.allow.post.params=username,password
##
# JSON Service Registry
#
# Directory location where JSON service files may be found.
# service.registry.config.location=classpath:services
##
# Service Registry Periodic Reloading Scheduler
# Default sourced from WEB-INF/spring-configuration/applicationContext.xml
#
# Force a startup delay of 2 minutes.
# service.registry.quartz.reloader.startDelay=120000
#
# Reload services every 2 minutes
# service.registry.quartz.reloader.repeatInterval=120000
##
# Background Scheduler
#
# Wait for scheduler to finish running before shutting down CAS.
# scheduler.shutdown.wait=true
#
# Attempt to interrupt background jobs when shutting down CAS
# scheduler.shutdown.interruptJobs=true
##
# Audits
#
# Use single line format for audit blocks
# cas.audit.singleline=true
# Separator to use between each fields in a single audit event
# cas.audit.singleline.separator=|
# Application code for audits
# cas.audit.appcode=CAS
#
## JDBC Audits
#
#cas.audit.max.agedays=
#cas.audit.database.dialect=
#cas.audit.database.batchSize=
#cas.audit.database.ddl.auto=
#cas.audit.database.gen.ddl=
#cas.audit.database.show.sql=
#cas.audit.database.driverClass=
#cas.audit.database.url=
#cas.audit.database.user=
#cas.audit.database.password=
#cas.audit.database.pool.minSize=
#cas.audit.database.pool.minSize=
#cas.audit.database.pool.maxSize=
#cas.audit.database.pool.maxIdleTime=
#cas.audit.database.pool.maxWait=
#cas.audit.database.pool.acquireIncrement=
#cas.audit.database.pool.acquireRetryAttempts=
#cas.audit.database.pool.acquireRetryDelay=
#cas.audit.database.pool.idleConnectionTestPeriod=
#cas.audit.database.pool.connectionHealthQuery=
##
# Metrics
# Default sourced from WEB-INF/spring-configuration/metricsConfiguration.xml:
#
# Define how often should metric data be reported. Default is 30 seconds.
# metrics.refresh.interval=30s
##
# Encoding
#
# Set the encoding to use for requests. Default is UTF-8
# httprequest.web.encoding=UTF-8
# Default is true. Switch this to "false" to not enforce the specified encoding in any case,
# applying it as default response encoding as well.
# httprequest.web.encoding.force=true
##
# Response Headers
#
# httpresponse.header.cache=false
# httpresponse.header.hsts=false
# httpresponse.header.xframe=false
# httpresponse.header.xcontent=false
# httpresponse.header.xss=false
##
# SAML
#
# Indicates the SAML response issuer
# cas.saml.response.issuer=localhost
#
# Indicates the skew allowance which controls the issue instant of the SAML response
# cas.saml.response.skewAllowance=0
#
# Indicates whether SAML ticket id generation should be saml2-compliant.
# cas.saml.ticketid.saml2=false
##
# Default Ticket Registry
#
# default.ticket.registry.initialcapacity=1000
# default.ticket.registry.loadfactor=1
# default.ticket.registry.concurrency=20
##
# Ticket Registry Cleaner
#
# Indicates how frequently the Ticket Registry cleaner should run. Configured in seconds.
# ticket.registry.cleaner.startdelay=20
# ticket.registry.cleaner.repeatinterval=5000
##
# Ticket ID Generation
#
# lt.ticket.maxlength=20
# st.ticket.maxlength=20
# tgt.ticket.maxlength=50
# pgt.ticket.maxlength=50
##
# Google Apps public/private key
#
# cas.saml.googleapps.publickey.file=file:/etc/cas/public.key
# cas.saml.googleapps.privatekey.file=file:/etc/cas/private.p8
# cas.saml.googleapps.key.alg=RSA
##
# WS-FED
#
# The claim from ADFS that should be used as the user's identifier.
# cas.wsfed.idp.idattribute=upn
#
# Federation Service identifier
# cas.wsfed.idp.id=https://adfs.example.org/adfs/services/trust
#
# The ADFS login url.
# cas.wsfed.idp.url=https://adfs.example.org/adfs/ls/
#
# Identifies resource(s) that point to ADFS's signing certificates.
# These are used verify the WS Federation token that is returned by ADFS.
# Multiple certificates may be separated by comma.
# cas.wsfed.idp.signingcerts=classpath:adfs-signing.crt
#
# Unique identifier that will be set in the ADFS configuration.
# cas.wsfed.rp.id=urn:cas:localhost
#
# Slack dealing with time-drift between the ADFS Server and the CAS Server.
# cas.wsfed.idp.tolerance=10000
#
# Decides which bundle of attributes should be resolved during WS-FED authentication.
# cas.wsfed.idp.attribute.resolver.enabled=true
# cas.wsfed.idp.attribute.resolver.type=WSFED
#
# Private/Public keypair used to decrypt assertions, if any.
# cas.wsfed.idp.enc.privateKey=classpath:private.key
# cas.wsfed.idp.enc.cert=classpath:certificate.crt
# cas.wsfed.idp.enc.privateKeyPassword=NONE
##
# LDAP User Details
#
# ldap.userdetails.service.user.attr=
# ldap.userdetails.service.role.attr=
##
# LDAP Service Registry
#
# svcreg.ldap.baseDn=dc=example,dc=org
##
# Password Policy
#
# Warn all users of expiration date regardless of warningDays value.
# password.policy.warnAll=false
# Threshold number of days to begin displaying password expiration warnings.
# password.policy.warningDays=30
# URL to which the user will be redirected to change the password.
# password.policy.url=https://password.example.edu/change
# password.policy.warn.attribute.name=attributeName
# password.policy.warn.attribute.value=attributeValue
# password.policy.warn.display.matched=true
##
# CAS REST API Services
#
# cas.rest.services.attributename=
# cas.rest.services.attributevalue=
##
# Ticket Registry
#
# Secret key to use when encrypting tickets in a distributed ticket registry.
# ticket.encryption.secretkey=C@$W3bSecretKey!
# Secret key to use when signing tickets in a distributed ticket registry.
# By default, must be a octet string of size 512.
# ticket.signing.secretkey=szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dWxsOVGutZWgvmY3l5oVPO3w
# Secret key algorithm used
# ticket.secretkey.alg=AES
##
# Hazelcast Ticket Registry
#
# hz.config.location=file:/etc/cas/hazelcast.xml
# hz.mapname=tickets
# hz.cluster.logging.type=slf4j
# hz.cluster.portAutoIncrement=true
# hz.cluster.port=5701
# hz.cluster.multicast.enabled=false
# hz.cluster.members=cas1.example.com,cas2.example.com
# hz.cluster.tcpip.enabled=true
# hz.cluster.multicast.enabled=false
# hz.cluster.max.heapsize.percentage=85
# hz.cluster.max.heartbeat.seconds=300
# hz.cluster.eviction.percentage=10
# hz.cluster.eviction.policy=LRU
# hz.cluster.instance.name=${host.name}
##
# Ehcache Ticket Registry
#
# ehcache.config.file=classpath:ehcache-replicated.xml
# ehcache.cachemanager.shared=false
# ehcache.cachemanager.name=ticketRegistryCacheManager
# ehcache.disk.expiry.interval.seconds=0
# ehcache.disk.persistent=false
# ehcache.eternal=false
# ehcache.max.elements.memory=10000
# ehcache.max.elements.disk=0
# ehcache.eviction.policy=LRU
# ehcache.overflow.disk=false
# ehcache.cache.st.name=org.jasig.cas.ticket.ServiceTicket
# ehcache.cache.st.timeIdle=0
# ehcache.cache.st.timeAlive=300
# ehcache.cache.tgt.name=org.jasig.cas.ticket.TicketGrantingTicket
# ehcache.cache.tgt.timeIdle=7201
# ehcache.cache.tgt.timeAlive=0
# ehcache.cache.loader.async=true
# ehcache.cache.loader.chunksize=5000000
# ehcache.repl.async.interval=10000
# ehcache.repl.async.batch.size=100
# ehcache.repl.sync.puts=true
# ehcache.repl.sync.putscopy=true
# ehcache.repl.sync.updates=true
# ehcache.repl.sync.updatesCopy=true
# ehcache.repl.sync.removals=true
##
# Ehcache Monitoring
#
# cache.monitor.warn.free.threshold=10
# cache.monitor.eviction.threshold=0
##
# Memcached Ticket Registry
#
# memcached.servers=localhost:11211
# memcached.hashAlgorithm=FNV1_64_HASH
# memcached.protocol=BINARY
# memcached.locatorType=ARRAY_MOD
# memcached.failureMode=Redistribute
##
# Memcached Monitoring
#
# cache.monitor.warn.free.threshold=10
# cache.monitor.eviction.threshold=0
##
# RADIUS Authentication Server
#
# cas.radius.client.inetaddr=localhost
# cas.radius.client.port.acct=
# cas.radius.client.socket.timeout=60
# cas.radius.client.port.authn=
# cas.radius.client.sharedsecret=N0Sh@ar3d$ecReT
# cas.radius.server.protocol=EAP_MSCHAPv2
# cas.radius.server.retries=3
# cas.radius.server.nasIdentifier=
# cas.radius.server.nasPort=-1
# cas.radius.server.nasPortId=-1
# cas.radius.server.nasRealPort=-1
# cas.radius.server.nasPortType=-1
# cas.radius.server.nasIpAddress=
# cas.radius.server.nasIpv6Address=
# cas.radius.failover.authn=false
# cas.radius.failover.exception=false
##
# SPNEGO Authentication
#
# cas.spnego.ldap.attribute=spnegoattribute
# cas.spnego.ldap.filter=host={0}
# cas.spnego.ldap.basedn=
# cas.spnego.hostname.pattern=.+
# cas.spnego.ip.pattern=
# cas.spnego.alt.remote.host.attribute
# cas.spengo.use.principal.domain=false
# cas.spnego.ntlm.allowed=true
# cas.spnego.kerb.debug=false
# cas.spnego.kerb.realm=EXAMPLE.COM
# cas.spnego.kerb.kdc=172.10.1.10
# cas.spnego.login.conf.file=/path/to/login
# cas.spnego.jcifs.domain=
# cas.spnego.jcifs.domaincontroller=
# cas.spnego.jcifs.netbios.cache.policy:600
# cas.spnego.jcifs.netbios.wins=
# cas.spnego.jcifs.password=
# cas.spnego.jcifs.service.password=
# cas.spnego.jcifs.socket.timeout:300000
# cas.spnego.jcifs.username=
# cas.spnego.kerb.conf=
# cas.spnego.ntlm=false
# cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
# cas.spnego.mixed.mode.authn=false
# cas.spnego.send.401.authn.failure=false
# cas.spnego.principal.resolver.transform=NONE
# cas.spnego.service.principal=HTTP/cas.example.com@EXAMPLE.COM
##
# NTLM Authentication
#
# ntlm.authn.domain.controller=
# ntlm.authn.include.pattern=
# ntlm.authn.load.balance=true
##
# Authentication delegation using pac4j
#
# cas.pac4j.client.authn.typedidused=true
# cas.pac4j.facebook.id=
# cas.pac4j.facebook.secret=
# cas.pac4j.facebook.scope=
# cas.pac4j.facebook.fields=
# cas.pac4j.twitter.id=
# cas.pac4j.twitter.secret=
# cas.pac4j.saml.keystorePassword=
# cas.pac4j.saml.privateKeyPassword=
# cas.pac4j.saml.keystorePath=
# cas.pac4j.saml.identityProviderMetadataPath=
# cas.pac4j.saml.maximumAuthenticationLifetime=
# cas.pac4j.saml.serviceProviderEntityId=
# cas.pac4j.saml.serviceProviderMetadataPath=
# cas.pac4j.cas.loginUrl=
# cas.pac4j.cas.protocol=
# cas.pac4j.oidc.id=
# cas.pac4j.oidc.secret=
# cas.pac4j.oidc.discoveryUri=
# cas.pac4j.oidc.useNonce=
# cas.pac4j.oidc.preferredJwsAlgorithm=
# cas.pac4j.oidc.maxClockSkew=
# cas.pac4j.oidc.customParamKey1=
# cas.pac4j.oidc.customParamValue1=
# cas.pac4j.oidc.customParamKey2=
# cas.pac4j.oidc.customParamValue2=
##
# CAS Acceptable Usage Policy Settings
#
# cas.aup.ldap.search.filter=cn={0}
# cas.aup.ldap.url=ldap://127.0.0.1:1389
# cas.aup.ldap.ssl=false
# cas.aup.ldap.startTLS=false
# cas.aup.ldap.basedn=dc=example,dc=org
# cas.aup.attribute=

77
src/main/resources/WEB-INF/deployerConfigContext.xml Normal file
View File

@ -0,0 +1,77 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<util:map id="authenticationHandlersResolvers">
<entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
<entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" />
</util:map>
<util:list id="authenticationMetadataPopulators">
<ref bean="successfulHandlerMetaDataPopulator" />
<ref bean="rememberMeAuthenticationMetaDataPopulator" />
</util:list>
<bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />
<alias name="acceptUsersAuthenticationHandler" alias="primaryAuthenticationHandler" />
<alias name="personDirectoryPrincipalResolver" alias="primaryPrincipalResolver" />
<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
<entry>
<key><value>memberOf</value></key>
<list>
<value>faculty</value>
<value>staff</value>
<value>org</value>
</list>
</entry>
</util:map>
<alias name="serviceThemeResolver" alias="themeResolver" />
<alias name="jsonServiceRegistryDao" alias="serviceRegistryDao" />
<alias name="defaultTicketRegistry" alias="ticketRegistry" />
<alias name="ticketGrantingTicketExpirationPolicy" alias="grantingTicketExpirationPolicy" />
<alias name="multiTimeUseOrTimeoutExpirationPolicy" alias="serviceTicketExpirationPolicy" />
<alias name="anyAuthenticationPolicy" alias="authenticationPolicy" />
<alias name="acceptAnyAuthenticationPolicyFactory" alias="authenticationPolicyFactory" />
<bean id="auditTrailManager"
class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager"
p:entrySeparator="${cas.audit.singleline.separator:|}"
p:useSingleLine="${cas.audit.singleline:false}"/>
<alias name="neverThrottle" alias="authenticationThrottle" />
<util:list id="monitorsList">
<ref bean="memoryMonitor" />
<ref bean="sessionMonitor" />
</util:list>
<alias name="defaultPrincipalFactory" alias="principalFactory" />
<alias name="defaultAuthenticationTransactionManager" alias="authenticationTransactionManager" />
<alias name="defaultPrincipalElectionStrategy" alias="principalElectionStrategy" />
<alias name="tgcCipherExecutor" alias="defaultCookieCipherExecutor" />
</beans>

121
src/main/resources/WEB-INF/spring-configuration/applicationContext.xml Normal file
View File

@ -0,0 +1,121 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<description>
This is the main Spring configuration file with some of the main "core" classes defined. You shouldn't really
modify this unless you know what you're doing!
</description>
<!--
| The base-package indicates where components stored. Spring will scan this
| folder and find out the annotated beans and register it in Spring container.
-->
<context:component-scan base-package="org.jasig.cas" />
<context:annotation-config/>
<!--
Including this aspectj-autoproxy element will cause spring to automatically
create proxies around any beans defined in this file that match the pointcuts
of any aspects defined in this file.
-->
<aop:aspectj-autoproxy/>
<!-- ADVISORS -->
<bean id="advisorAutoProxyCreator"
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/>
<!-- CAS Application Context Configuration -->
<util:list id="serviceFactoryList" value-type="org.jasig.cas.authentication.principal.ServiceFactory">
<ref bean="webApplicationServiceFactory" />
</util:list>
<util:list id="argumentExtractors">
<ref bean="defaultArgumentExtractor"/>
</util:list>
<util:map id="uniqueIdGeneratorsMap">
<entry
key="org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl"
value-ref="serviceTicketUniqueIdGenerator" />
</util:map>
<bean id="passThroughController" class="org.springframework.web.servlet.mvc.UrlFilenameViewController"/>
<bean id="handlerMappingC" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"
p:order="1000"
p:alwaysUseFullPath="true">
<property name="mappings">
<util:properties>
<prop key="/authorizationFailure.html">passThroughController</prop>
<prop key="/statistics/ping">pingController</prop>
<prop key="/statistics/threads">threadsController</prop>
<prop key="/statistics/metrics">metricsController</prop>
<prop key="/statistics/healthcheck">healthController</prop>
</util:properties>
</property>
</bean>
<bean id="healthController" class="org.springframework.web.servlet.mvc.ServletWrappingController">
<property name="servletClass">
<value>com.codahale.metrics.servlets.HealthCheckServlet</value>
</property>
<property name="servletName">
<value>healthServlet</value>
</property>
</bean>
<bean id="metricsController" class="org.springframework.web.servlet.mvc.ServletWrappingController">
<property name="servletClass">
<value>com.codahale.metrics.servlets.MetricsServlet</value>
</property>
<property name="servletName">
<value>metricsServlet</value>
</property>
</bean>
<bean id="pingController" class="org.springframework.web.servlet.mvc.ServletWrappingController">
<property name="servletClass">
<value>com.codahale.metrics.servlets.PingServlet</value>
</property>
<property name="servletName">
<value>ping</value>
</property>
</bean>
<bean id="threadsController" class="org.springframework.web.servlet.mvc.ServletWrappingController">
<property name="servletClass">
<value>com.codahale.metrics.servlets.ThreadDumpServlet</value>
</property>
<property name="servletName">
<value>threads</value>
</property>
</bean>
<!-- The Quartz scheduler used by any scheduled tasks -->
<bean id="scheduler" class="org.springframework.scheduling.quartz.SchedulerFactoryBean"
p:waitForJobsToCompleteOnShutdown="${scheduler.shutdown.wait:true}">
<property name="jobFactory">
<bean class="org.jasig.cas.util.CasSpringBeanJobFactory" />
</property>
<property name="quartzProperties">
<props>
<prop key="org.quartz.scheduler.interruptJobsOnShutdown">${scheduler.shutdown.interruptJobs:true}</prop>
<prop key="org.quartz.scheduler.interruptJobsOnShutdownWithWait">
${scheduler.shutdown.interruptJobs:true}
</prop>
</props>
</property>
</bean>
<bean id="ticketTransactionManager"
class="org.jasig.cas.util.PseudoTransactionManager" />
</beans>

108
src/main/resources/WEB-INF/spring-configuration/auditTrailContext.xml Normal file
View File

@ -0,0 +1,108 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<description>
Configuration file for the Inspektr package which handles auditing for Java applications.
If enabled this should be modified to log audit and statistics information the same way
your local applications do. The default is currently to log to the console which is good
for debugging/testing purposes.
</description>
<aop:aspectj-autoproxy/>
<bean id="auditTrailManagementAspect" class="org.jasig.inspektr.audit.AuditTrailManagementAspect"
c:applicationCode="${cas.audit.appcode:CAS}" c:auditablePrincipalResolver-ref="assertionAsReturnValuePrincipalResolver"
c:auditTrailManagers-ref="auditTrailManager" c:auditActionResolverMap-ref="auditActionResolverMap"
c:auditResourceResolverMap-ref="auditResourceResolverMap"/>
<util:map id="auditActionResolverMap">
<entry key="AUTHENTICATION_RESOLVER">
<ref bean="authenticationActionResolver"/>
</entry>
<entry key="SAVE_SERVICE_ACTION_RESOLVER">
<ref bean="authenticationActionResolver"/>
</entry>
<entry key="CREATE_TICKET_GRANTING_TICKET_RESOLVER">
<ref bean="ticketCreationActionResolver"/>
</entry>
<entry key="DESTROY_TICKET_GRANTING_TICKET_RESOLVER">
<bean class="org.jasig.inspektr.audit.spi.support.DefaultAuditActionResolver"/>
</entry>
<entry key="CREATE_PROXY_GRANTING_TICKET_RESOLVER">
<ref bean="ticketCreationActionResolver"/>
</entry>
<entry key="DESTROY_PROXY_GRANTING_TICKET_RESOLVER">
<bean class="org.jasig.inspektr.audit.spi.support.DefaultAuditActionResolver"/>
</entry>
<entry key="GRANT_SERVICE_TICKET_RESOLVER">
<ref bean="ticketCreationActionResolver"/>
</entry>
<entry key="GRANT_PROXY_TICKET_RESOLVER">
<ref bean="ticketCreationActionResolver"/>
</entry>
<entry key="VALIDATE_SERVICE_TICKET_RESOLVER">
<ref bean="ticketValidationActionResolver"/>
</entry>
</util:map>
<util:map id="auditResourceResolverMap">
<entry key="AUTHENTICATION_RESOURCE_RESOLVER">
<bean class="org.jasig.cas.audit.spi.CredentialsAsFirstParameterResourceResolver"/>
</entry>
<entry key="CREATE_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref bean="returnValueResourceResolver"/>
</entry>
<entry key="DESTROY_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref bean="ticketResourceResolver"/>
</entry>
<entry key="CREATE_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref bean="returnValueResourceResolver"/>
</entry>
<entry key="DESTROY_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER">
<ref bean="ticketResourceResolver"/>
</entry>
<entry key="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER">
<bean class="org.jasig.cas.audit.spi.ServiceResourceResolver"/>
</entry>
<entry key="GRANT_PROXY_TICKET_RESOURCE_RESOLVER">
<bean class="org.jasig.cas.audit.spi.ServiceResourceResolver"/>
</entry>
<entry key="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER">
<ref bean="ticketResourceResolver"/>
</entry>
<entry key="SAVE_SERVICE_RESOURCE_RESOLVER">
<ref bean="returnValueResourceResolver"/>
</entry>
</util:map>
<bean id="authenticationActionResolver"
class="org.jasig.inspektr.audit.spi.support.DefaultAuditActionResolver"
c:successSuffix="_SUCCESS" c:failureSuffix="_FAILED"/>
<bean id="ticketCreationActionResolver"
class="org.jasig.inspektr.audit.spi.support.DefaultAuditActionResolver"
c:successSuffix="_CREATED" c:failureSuffix="_NOT_CREATED"/>
<bean id="ticketValidationActionResolver"
class="org.jasig.inspektr.audit.spi.support.DefaultAuditActionResolver"
c:successSuffix="D" c:failureSuffix="_FAILED"/>
<bean id="returnValueResourceResolver"
class="org.jasig.inspektr.audit.spi.support.ReturnValueAsStringResourceResolver"/>
</beans>

39
src/main/resources/WEB-INF/spring-configuration/filters.xml Normal file
View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<bean id="characterEncodingFilter" class="org.springframework.web.filter.CharacterEncodingFilter"
p:encoding="${httprequest.web.encoding:UTF-8}"
p:forceEncoding="${httprequest.web.encoding.force:true}" />
<bean id="responseHeadersSecurityFilter" class="org.apereo.cas.security.ResponseHeadersEnforcementFilter"
p:enableCacheControl="${httpresponse.header.cache:false}"
p:enableStrictTransportSecurity="${httpresponse.header.hsts:false}"
p:enableXFrameOptions="${httpresponse.header.xframe:false}"
p:enableXContentTypeOptions="${httpresponse.header.xcontent:false}"
p:enableXSSProtection="${httpresponse.header.xss:false}" />
<bean id="requestParameterSecurityFilter"
class="org.apereo.cas.security.RequestParameterPolicyEnforcementFilter"
p:allowMultiValueParameters="${cas.http.allow.multivalue.params:false}">
<property name="parametersToCheck">
<bean class="org.springframework.util.StringUtils" factory-method="commaDelimitedListToSet">
<constructor-arg type="java.lang.String"
value="${cas.http.check.params:ticket,service,renew,gateway,warn,method,target,SAMLart,pgtUrl,pgt,pgtId,pgtIou,targetService,entityId}"/>
</bean>
</property>
<property name="charactersToForbid">
<util:set />
</property>
<property name="onlyPostParameters">
<bean class="org.springframework.util.StringUtils" factory-method="commaDelimitedListToSet">
<constructor-arg type="java.lang.String"
value="${cas.http.allow.post.params:username,password}"/>
</bean>
</property>
</bean>
</beans>

38
src/main/resources/WEB-INF/spring-configuration/metricsContext.xml Normal file
View File

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:metrics="http://www.ryantenney.com/schema/metrics"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.ryantenney.com/schema/metrics http://www.ryantenney.com/schema/metrics/metrics-3.0.xsd">
<description>
This is the Spring configuration file that orchestrates the CAS metrics.
</description>
<metrics:metric-registry id="metrics" />
<metrics:health-check-registry id="healthCheckMetrics" />
<metrics:annotation-driven health-check-registry="healthCheckMetrics" metric-registry="metrics" />
<metrics:reporter type="slf4j" metric-registry="metrics"
period="${metrics.refresh.interval:30s}"
duration-unit="MILLISECONDS"
rate-unit="MILLISECONDS"
logger="perfStatsLogger"/>
<metrics:reporter type="jmx" metric-registry="metrics" />
<metrics:register metric-registry="metrics">
<bean metrics:name="jvm.gc" class="com.codahale.metrics.jvm.GarbageCollectorMetricSet" />
<bean metrics:name="jvm.memory" class="com.codahale.metrics.jvm.MemoryUsageGaugeSet" />
<bean metrics:name="jvm.thread-states" class="com.codahale.metrics.jvm.ThreadStatesGaugeSet" />
<bean metrics:name="jvm.fd.usage" class="com.codahale.metrics.jvm.FileDescriptorRatioGauge" />
</metrics:register>
</beans>

23
src/main/resources/WEB-INF/spring-configuration/propertyFileConfigurer.xml Normal file
View File

@ -0,0 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<description>
This file lets CAS know where you've stored the cas.properties file which details some of the configuration
options
that are specific to your environment. You can specify the location of the file here. You may wish to place the
file outside
of the Servlet context if you have options that are specific to a tier (i.e. test vs. production) so that the
WAR file
can be moved between tiers without modification.
</description>
<util:properties id="casProperties" location="${cas.properties.config.location:/WEB-INF/cas.properties}"/>
<context:property-placeholder properties-ref="casProperties"/>
</beans>

48
src/main/resources/WEB-INF/spring-configuration/protocolViewsConfiguration.xml Normal file
View File

@ -0,0 +1,48 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<!-- CAS 2.0 Response Protocol Views -->
<!-- Validation Response Protocol Views: /proxyValidate, /serviceValidate -->
<bean id="cas2JstlSuccessView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp" />
<!-- Failure Validation Views -->
<bean id="cas2ServiceFailureView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/2.0/casServiceValidationFailure.jsp" />
<!-- Proxy Response Protocol Views: /proxy -->
<!-- Failure Proxy Views -->
<bean id="cas2ProxyFailureView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/2.0/casProxyFailureView.jsp" />
<!-- Successful Proxy Views -->
<bean id="cas2ProxySuccessView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/2.0/casProxySuccessView.jsp" />
<!-- CAS 3.0 Response Protocol Views -->
<!-- Validation Response Protocol Views: /proxyValidate, /serviceValidate -->
<!-- Successful Validation Views -->
<bean id="cas3JstlSuccessView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/3.0/casServiceValidationSuccess.jsp" />
<!-- Failure Validation Views -->
<bean id="cas3ServiceFailureView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/3.0/casServiceValidationFailure.jsp" />
<!-- Post View -->
<bean id="postResponseView" class="org.springframework.web.servlet.view.JstlView"
c:url="/WEB-INF/view/jsp/protocol/casPostResponseView.jsp" />
</beans>

35
src/main/resources/WEB-INF/spring-configuration/securityContext.xml Normal file
View File

@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<description>
Security configuration for sensitive areas of CAS : status and statistics.
</description>
<bean id="config" class="org.pac4j.core.config.Config">
<constructor-arg name="client">
<bean class="org.pac4j.http.client.direct.IpClient">
<property name="authenticator">
<bean class="org.pac4j.http.credentials.authenticator.IpRegexpAuthenticator">
<constructor-arg name="regexpPattern" value="${cas.securityContext.adminpages.ip:127\.0\.0\.1|0:0:0:0:0:0:0:1}" />
</bean>
</property>
</bean>
</constructor-arg>
</bean>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/status/**" />
<mvc:mapping path="/statistics/**" />
<bean class="org.pac4j.springframework.web.RequiresAuthenticationInterceptor">
<constructor-arg name="config" ref="config" />
<constructor-arg name="clientName" value="IpClient" />
</bean>
</mvc:interceptor>
</mvc:interceptors>
</beans>

70
src/main/resources/WEB-INF/spring-configuration/webflowContext.xml Normal file
View File

@ -0,0 +1,70 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:webflow="http://www.springframework.org/schema/webflow-config"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/webflow-config http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.3.xsd">
<webflow:flow-builder-services id="builder"
development="true"
view-factory-creator="viewFactoryCreator"
expression-parser="expressionParser"/>
<webflow:flow-registry id="loginFlowRegistry" flow-builder-services="builder" base-path="/WEB-INF/webflow">
<webflow:flow-location-pattern value="/login/*-webflow.xml"/>
</webflow:flow-registry>
<webflow:flow-executor id="logoutFlowExecutor" flow-registry="logoutFlowRegistry">
<webflow:flow-execution-attributes>
<webflow:always-redirect-on-pause value="false"/>
<webflow:redirect-in-same-state value="false"/>
</webflow:flow-execution-attributes>
</webflow:flow-executor>
<webflow:flow-registry id="logoutFlowRegistry" flow-builder-services="builder" base-path="/WEB-INF/webflow">
<webflow:flow-location-pattern value="/logout/*-webflow.xml"/>
</webflow:flow-registry>
<bean id="expressionParser" class="org.springframework.webflow.expression.spel.WebFlowSpringELExpressionParser"
c:conversionService-ref="logoutConversionService">
<constructor-arg>
<bean class="org.springframework.expression.spel.standard.SpelExpressionParser"/>
</constructor-arg>
</bean>
<bean id="viewFactoryCreator" class="org.springframework.webflow.mvc.builder.MvcViewFactoryCreator">
<property name="viewResolvers">
<util:list>
<ref bean="viewResolver"/>
<ref bean="internalViewResolver"/>
</util:list>
</property>
</bean>
<bean id="logoutConversionService" class="org.jasig.cas.web.flow.LogoutConversionService"/>
<!-- View Resolver -->
<bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver"
p:order="0">
<property name="basenames">
<util:list>
<value>cas_views</value>
</util:list>
</property>
</bean>
<bean id="internalViewResolver" class="org.jasig.cas.services.web.RegisteredServiceThemeBasedViewResolver"
c:servicesManager-ref="servicesManager"
p:suffix=".jsp"
p:prefix="${cas.themeResolver.pathprefix:/WEB-INF/view/jsp}"
p:order="10000"/>
</beans>

108
src/main/resources/WEB-INF/unused-spring-configuration/clearpass-configuration.xml Normal file
View File

@ -0,0 +1,108 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to Apereo under one or more contributor license
agreements. See the NOTICE file distributed with this work
for additional information regarding copyright ownership.
Apereo licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file
except in compliance with the License. You may obtain a
copy of the License at the following location:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<!-- Credentials Cache implementation -->
<bean id="ehCacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"
p:configLocation="classpath:ehcacheClearPass.xml"
p:shared="false"
p:cacheManagerName="ehCacheClearPassCacheManger"/>
<bean id="clearPassEhCache" class="org.springframework.cache.ehcache.EhCacheFactoryBean"
p:cacheManager-ref="ehCacheManager"
p:cacheName="clearPassCache"/>
<bean id="credentialsCache" class="org.jasig.cas.extension.clearpass.EhcacheBackedMap"
c:cache-ref="clearPassEhCache"/>
<bean id="encryptedMap" class="org.jasig.cas.extension.clearpass.EncryptedMapDecorator"
c:decoratedMap-ref="credentialsCache"/>
<!--
NOTE:
Name of delegated ticket registry bean in ticketRegistry.xml must be "ticketRegistryValue."
-->
<bean id="ticketRegistry" class="org.jasig.cas.extension.clearpass.TicketRegistryDecorator"
c:actualTicketRegistry-ref="ticketRegistryValue" c:cache-ref="encryptedMap"/>
<!-- implementation of the clear pass vending service -->
<bean id="clearPassController" class="org.jasig.cas.extension.clearpass.ClearPassController"
c:credentialsCache-ref="encryptedMap"/>
<bean id="handlerMappingClearPass" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"
p:alwaysUseFullPath="true" p:mappings-ref="mappings"/>
<util:properties id="mappings">
<prop key="/clearPass">clearPassController</prop>
</util:properties>
<!-- Security configuration -->
<bean id="clearPassFilterChainProxy" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map request-matcher="ant">
<sec:filter-chain pattern="/clearPass"
filters="casValidationFilter,httpServletRequestWrappingFilter"/>
</sec:filter-chain-map>
</bean>
<!-- NOTE:
It is dangerous to include a non-proxied CAS Filter for protecting /clearPass. Non-proxied CAS Filters
like AuthenticationFilter don't honor the Filter chain proxy protection mechanism and, worse yet, allow access to the
logged on user's cleartext password. It could be useful to enable this bean for easy testing of clearPass functionality however.-->
<!--
<bean id="casAuthenticationFilter" class="org.jasig.cas.client.authentication.AuthenticationFilter">
<property name="casServerLoginUrl" value="${cas.securityContext.casProcessingFilterEntryPoint.loginUrl}"/>
<property name="serverName" value="${server.name}"/>
</bean>
-->
<!--
NOTE:
A bean named clearPassProxyList must be defined that defines
the list of proxying services authorized to obtain clearpass credential.
-->
<bean id="clearPassProxyList" class="org.jasig.cas.client.validation.ProxyList">
<constructor-arg>
<list>
<value>...</value>
</list>
</constructor-arg>
</bean>
<bean id="casValidationFilter" class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
p:serverName="${server.name}" p:exceptionOnValidationFailure="false"
p:useSession="true" p:ticketValidator-ref="clearPassTicketValidator"/>
<bean id="clearPassTicketValidator" class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
p:allowEmptyProxyChain="false"
p:acceptAnyProxy="false"
c:casServerUrlPrefix="${server.prefix}" p:allowedProxyChains-ref="clearPassProxyList"/>
<bean id="httpServletRequestWrappingFilter" class="org.jasig.cas.client.util.HttpServletRequestWrapperFilter"/>
</beans>

23
src/main/resources/WEB-INF/view/jsp/authorizationFailure.jsp Normal file
View File

@ -0,0 +1,23 @@
<jsp:directive.include file="/WEB-INF/view/jsp/default/ui/includes/top.jsp" />
<%@ page isErrorPage="true" %>
<%@ page import="org.jasig.cas.web.support.WebUtils"%>
<div id="msg" class="errors">
<h2>${pageContext.errorData.statusCode} - <spring:message code="screen.blocked.header" /></h2>
<%
Object casAcessDeniedKey = request.getAttribute(WebUtils.CAS_ACCESS_DENIED_REASON);
request.setAttribute("casAcessDeniedKey", casAcessDeniedKey);
%>
<c:choose>
<c:when test="${not empty casAcessDeniedKey}">
<p><spring:message code="${casAcessDeniedKey}" /></p>
</c:when>
</c:choose>
<p><%=request.getAttribute("javax.servlet.error.message")%></p>
<p><spring:message code="AbstractAccessDecisionManager.accessDenied"/></p>
</div>
<jsp:directive.include file="/WEB-INF/view/jsp/default/ui/includes/bottom.jsp" />

26
src/main/resources/WEB-INF/view/jsp/default/ui/casAcceptableUsagePolicyView.jsp Normal file
View File

@ -0,0 +1,26 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="login" style="width: 100%;">
<form:form method="post" id="fm1" htmlEscape="true">
<h2>Acceptable Usage Policy</h2>
<div>
The purpose of this policy is to establish acceptable and unacceptable use of electronic devices and network resources in conjunction with the established culture of ethical and lawful behavior, openness, trust, and integrity.
<p>
By using these resources, you agree to abide by the Acceptable Usage Policy.
</p>
<p>Click '<spring:message code="screen.aup.button.accept" />' to continue. Otherwise, click '<spring:message code="screen.aup.button.cancel" />'.</p>
</div>
<section class="row btn-row">
<input type="hidden" name="execution" value="${flowExecutionKey}" />
<input type="hidden" name="_eventId" value="submit" />
<input class="btn-submit" name="submit" accesskey="s" value="<spring:message code="screen.aup.button.accept" />" type="submit" />
<input class="btn-reset" name="cancel" accesskey="c"
value="<spring:message code="screen.aup.button.cancel" />" type="button"
onclick="location.href = location.href;" />
</section>
</form:form>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/casAccountDisabledView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.accountdisabled.heading" /></h2>
<p><spring:message code="screen.accountdisabled.message" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/casAccountLockedView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.accountlocked.heading" /></h2>
<p><spring:message code="screen.accountlocked.message" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/casBadHoursView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.badhours.heading" /></h2>
<p><spring:message code="screen.badhours.message" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/casBadWorkstationView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.badworkstation.heading" /></h2>
<p><spring:message code="screen.badworkstation.message" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

5
src/main/resources/WEB-INF/view/jsp/default/ui/casConfirmView.jsp Normal file
View File

@ -0,0 +1,5 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="info">
<p><spring:message code="screen.confirmation.message" arguments="${fn:escapeXml(param.service)}${fn:indexOf(param.service, '?') eq -1 ? '?' : '&'}ticket=${serviceTicketId}" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/casExpiredPassView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.expiredpass.heading" /></h2>
<p><spring:message code="screen.expiredpass.message" arguments="${passwordPolicyUrl}" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

8
src/main/resources/WEB-INF/view/jsp/default/ui/casGenericSuccessView.jsp Normal file
View File

@ -0,0 +1,8 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="success">
<h2><spring:message code="screen.success.header" /></h2>
<p><spring:message code="screen.success.success" arguments="${principal.id}"/></p>
<p><spring:message code="screen.success.security" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

22
src/main/resources/WEB-INF/view/jsp/default/ui/casLoginMessageView.jsp Normal file
View File

@ -0,0 +1,22 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="warn">
<h2>Authentication Succeeded with Warnings</h2>
<c:forEach items="${messages}" var="message">
<p class="message">${message.text}</p>
</c:forEach>
</div>
<c:url value="login" var="url">
<c:param name="execution" value="${flowExecutionKey}" />
<c:param name="_eventId" value="proceed" />
</c:url>
<div id="big-buttons">
<a class="button" href="${url}">Continue</a>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

198
src/main/resources/WEB-INF/view/jsp/default/ui/casLoginView.jsp Normal file
View File

@ -0,0 +1,198 @@
<jsp:directive.include file="includes/top.jsp" />
<c:if test="${not pageContext.request.secure}">
<div id="msg" class="errors">
<h2><spring:message code="screen.nonsecure.title" /></h2>
<p><spring:message code="screen.nonsecure.message" /></p>
</div>
</c:if>
<div id="cookiesDisabled" class="errors" style="display:none;">
<h2><spring:message code="screen.cookies.disabled.title" /></h2>
<p><spring:message code="screen.cookies.disabled.message" /></p>
</div>
<c:if test="${not empty registeredService}">
<c:set var="registeredServiceLogo" value="images/webapp.png"/>
<c:set var="registeredServiceName" value="${registeredService.name}"/>
<c:set var="registeredServiceDescription" value="${registeredService.description}"/>
<c:choose>
<c:when test="${not empty mduiContext}">
<c:if test="${not empty mduiContext.logoUrl}">
<c:set var="registeredServiceLogo" value="${mduiContext.logoUrl}"/>
</c:if>
<c:set var="registeredServiceName" value="${mduiContext.displayName}"/>
<c:set var="registeredServiceDescription" value="${mduiContext.description}"/>
</c:when>
<c:when test="${not empty registeredService.logo}">
<c:set var="registeredServiceLogo" value="${registeredService.logo}"/>
</c:when>
</c:choose>
<div id="serviceui" class="serviceinfo">
<table>
<tr>
<td><img src="${registeredServiceLogo}"></td>
<td id="servicedesc">
<h1>${fn:escapeXml(registeredServiceName)}</h1>
<p>${fn:escapeXml(registeredServiceDescription)}</p>
</td>
</tr>
</table>
</div>
<p/>
</c:if>
<div class="box" id="login">
<form:form method="post" id="fm1" commandName="${commandName}" htmlEscape="true">
<form:errors path="*" id="msg" cssClass="errors" element="div" htmlEscape="false" />
<h2><spring:message code="screen.welcome.instructions" /></h2>
<section class="row">
<label for="username"><spring:message code="screen.welcome.label.netid" /></label>
<c:choose>
<c:when test="${not empty sessionScope.openIdLocalId}">
<strong><c:out value="${sessionScope.openIdLocalId}" /></strong>
<input type="hidden" id="username" name="username" value="<c:out value="${sessionScope.openIdLocalId}" />" />
</c:when>
<c:otherwise>
<spring:message code="screen.welcome.label.netid.accesskey" var="userNameAccessKey" />
<form:input cssClass="required" cssErrorClass="error" id="username" size="25" tabindex="1" accesskey="${userNameAccessKey}" path="username" autocomplete="off" htmlEscape="true" />
</c:otherwise>
</c:choose>
</section>
<section class="row">
<label for="password"><spring:message code="screen.welcome.label.password" /></label>
<%--
NOTE: Certain browsers will offer the option of caching passwords for a user. There is a non-standard attribute,
"autocomplete" that when set to "off" will tell certain browsers not to prompt to cache credentials. For more
information, see the following web page:
http://www.technofundo.com/tech/web/ie_autocomplete.html
--%>
<spring:message code="screen.welcome.label.password.accesskey" var="passwordAccessKey" />
<form:password cssClass="required" cssErrorClass="error" id="password" size="25" tabindex="2" path="password" accesskey="${passwordAccessKey}" htmlEscape="true" autocomplete="off" />
<span id="capslock-on" style="display:none;"><p><img src="images/warning.png" valign="top"> <spring:message code="screen.capslock.on" /></p></span>
</section>
<!--
<section class="row check">
<p>
<input id="warn" name="warn" value="true" tabindex="3" accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />" type="checkbox" />
<label for="warn"><spring:message code="screen.welcome.label.warn" /></label>
<br/>
<input id="publicWorkstation" name="publicWorkstation" value="false" tabindex="4" type="checkbox" />
<label for="publicWorkstation"><spring:message code="screen.welcome.label.publicstation" /></label>
<br/>
<input type="checkbox" name="rememberMe" id="rememberMe" value="true" tabindex="5" />
<label for="rememberMe"><spring:message code="screen.rememberme.checkbox.title" /></label>
</p>
</section>
-->
<section class="row btn-row">
<input type="hidden" name="execution" value="${flowExecutionKey}" />
<input type="hidden" name="_eventId" value="submit" />
<input class="btn-submit" name="submit" accesskey="l" value="<spring:message code="screen.welcome.button.login" />" tabindex="6" type="submit" />
<input class="btn-reset" name="reset" accesskey="c" value="<spring:message code="screen.welcome.button.clear" />" tabindex="7" type="reset" />
</section>
</form:form>
</div>
<div id="sidebar">
<div class="sidebar-content">
<p><spring:message code="screen.welcome.security" /></p>
<c:if test="${!empty pac4jUrls}">
<div id="list-providers">
<h3><spring:message code="screen.welcome.label.loginwith" /></h3>
<form>
<ul>
<c:forEach var="entry" items="${pac4jUrls}">
<li><a href="${entry.value}">${entry.key}</a></li>
</c:forEach>
</ul>
</form>
</div>
</c:if>
<div id="list-languages">
<%final String queryString = request.getQueryString() == null ? "" : request.getQueryString().replaceAll("&locale=([A-Za-z][A-Za-z]_)?[A-Za-z][A-Za-z]|^locale=([A-Za-z][A-Za-z]_)?[A-Za-z][A-Za-z]", "");%>
<c:set var='query' value='<%=queryString%>' />
<c:set var="xquery" value="${fn:escapeXml(query)}" />
<h3>Languages:</h3>
<c:choose>
<c:when test="${not empty requestScope['isMobile'] and not empty mobileCss}">
<form method="get" action="login?${xquery}">
<select name="locale">
<option value="en">English</option>
<option value="es">Spanish</option>
<option value="fr">French</option>
<option value="ru">Russian</option>
<option value="nl">Nederlands</option>
<option value="sv">Svenska</option>
<option value="it">Italiano</option>
<option value="ur">Urdu</option>
<option value="zh_CN">Chinese (Simplified)</option>
<option value="zh_TW">Chinese (Traditional)</option>
<option value="de">Deutsch</option>
<option value="ja">Japanese</option>
<option value="hr">Croatian</option>
<option value="uk">Ukranian</option>
<option value="cs">Czech</option>
<option value="sk">Slovak</option>
<option value="sl">Slovenian</option>
<option value="pl">Polish</option>
<option value="ca">Catalan</option>
<option value="mk">Macedonian</option>
<option value="fa">Farsi</option>
<option value="ar">Arabic</option>
<option value="pt_PT">Portuguese</option>
<option value="pt_BR">Portuguese (Brazil)</option>
</select>
<input type="submit" value="Switch">
</form>
</c:when>
<c:otherwise>
<c:set var="loginUrl" value="login?${xquery}${not empty xquery ? '&' : ''}locale=" />
<ul>
<li class="first"><a href="${loginUrl}en">English</a></li>
<li><a href="${loginUrl}es">Spanish</a></li>
<li><a href="${loginUrl}fr">French</a></li>
<li><a href="${loginUrl}ru">Russian</a></li>
<li><a href="${loginUrl}nl">Nederlands</a></li>
<li><a href="${loginUrl}sv">Svenska</a></li>
<li><a href="${loginUrl}it">Italiano</a></li>
<li><a href="${loginUrl}ur">Urdu</a></li>
<li><a href="${loginUrl}zh_CN">Chinese (Simplified)</a></li>
<li><a href="${loginUrl}zh_TW">Chinese (Traditional)</a></li>
<li><a href="${loginUrl}de">Deutsch</a></li>
<li><a href="${loginUrl}ja">Japanese</a></li>
<li><a href="${loginUrl}hr">Croatian</a></li>
<li><a href="${loginUrl}uk">Ukranian</a></li>
<li><a href="${loginUrl}cs">Czech</a></li>
<li><a href="${loginUrl}sk">Slovak</a></li>
<li><a href="${loginUrl}sl">Slovenian</a></li>
<li><a href="${loginUrl}ca">Catalan</a></li>
<li><a href="${loginUrl}mk">Macedonian</a></li>
<li><a href="${loginUrl}fa">Farsi</a></li>
<li><a href="${loginUrl}ar">Arabic</a></li>
<li><a href="${loginUrl}pt_PT">Portuguese</a></li>
<li><a href="${loginUrl}pt_BR">Portuguese (Brazil)</a></li>
<li class="last"><a href="${loginUrl}pl">Polish</a></li>
</ul>
</c:otherwise>
</c:choose>
</div>
</div>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

7
src/main/resources/WEB-INF/view/jsp/default/ui/casLogoutView.jsp Normal file
View File

@ -0,0 +1,7 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="success">
<h2><spring:message code="screen.logout.header" /></h2>
<p><spring:message code="screen.logout.success" /></p>
<p><spring:message code="screen.logout.security" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/casMustChangePassView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.mustchangepass.heading" /></h2>
<p><spring:message code="screen.mustchangepass.message" arguments="${passwordPolicyUrl}" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

22
src/main/resources/WEB-INF/view/jsp/default/ui/includes/bottom.jsp Normal file
View File

@ -0,0 +1,22 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
</div> <!-- END #content -->
<footer>
<div id="copyright" class="container">
<p><spring:message code="copyright" /></p>
<p>Powered by <a href="http://www.apereo.org/cas">
Apereo Central Authentication Service <%=org.jasig.cas.CasVersion.getVersion()%></a>
<%=org.jasig.cas.CasVersion.getDateTime()%></p>
</div>
</footer>
</div> <!-- END #container -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js"></script>
<spring:theme code="cas.javascript.file" var="casJavascriptFile" text="" />
<script type="text/javascript" src="<c:url value="${casJavascriptFile}" />"></script>
</body>
</html>

33
src/main/resources/WEB-INF/view/jsp/default/ui/includes/top.jsp Normal file
View File

@ -0,0 +1,33 @@
<!DOCTYPE html>
<%@ page pageEncoding="UTF-8" %>
<%@ page contentType="text/html; charset=UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>CAS &#8211; Central Authentication Service</title>
<meta name="_csrf" content="${_csrf.token}"/>
<meta name="_csrf_header" content="${_csrf.headerName}"/>
<spring:theme code="standard.custom.css.file" var="customCssFile" />
<link rel="stylesheet" href="<c:url value="${customCssFile}" />" />
<link rel="icon" href="<c:url value="/favicon.ico" />" type="image/x-icon" />
</head>
<body id="cas">
<div id="container">
<header>
<a id="logo" href="http://www.apereo.org" title="<spring:message code="logo.title" />">Apereo</a>
<h1>Central Authentication Service (CAS)</h1>
</header>
<div id="content">

11
src/main/resources/WEB-INF/view/jsp/default/ui/serviceErrorSsoView.jsp Normal file
View File

@ -0,0 +1,11 @@
<jsp:directive.include file="includes/top.jsp" />
<c:url var="url" value="/login">
<c:param name="service" value="${param.service}" />
<c:param name="renew" value="true" />
</c:url>
<div id="msg" class="errors">
<h2><spring:message code="screen.service.sso.error.header" /></h2>
<p><spring:message code="screen.service.sso.error.message" arguments="${fn:escapeXml(url)}" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/default/ui/serviceErrorView.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.service.error.header" /></h2>
<p><spring:message code="${rootCauseException.code}" /></p>
</div>
<jsp:directive.include file="includes/bottom.jsp" />

6
src/main/resources/WEB-INF/view/jsp/errors.jsp Normal file
View File

@ -0,0 +1,6 @@
<jsp:directive.include file="default/ui/includes/top.jsp" />
<div id="msg" class="errors">
<h2><spring:message code="screen.unavailable.heading" /></h2>
<p><spring:message code="screen.unavailable.message" /></p>
</div>
<jsp:directive.include file="default/ui/includes/bottom.jsp" />

74
src/main/resources/WEB-INF/view/jsp/monitoring/viewConfig.jsp Normal file
View File

@ -0,0 +1,74 @@
<%@include file="/WEB-INF/view/jsp/default/ui/includes/top.jsp"%>
<link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/cupertino/jquery-ui.css">
<link rel="stylesheet" href="//cdn.datatables.net/plug-ins/1.10.6/integration/jqueryui/dataTables.jqueryui.css" />
<script type="text/javascript">
function jqueryReady() {
head.load(
// Bootstrap Datables CSS
"https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css",
"//maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css",
"https://cdn.datatables.net/1.10.9/css/dataTables.bootstrap.min.css"
);
head.load(
// JS Libraries
"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js",
// Bootstrap Datatables
"https://cdn.datatables.net/1.10.9/js/jquery.dataTables.min.js",
"https://cdn.datatables.net/1.10.9/js/dataTables.bootstrap.min.js",
"/cas/js/viewConfig.js"
);
}
</script>
<div class="viewConfig">
<div id="loadingMessage"><h3><spring:message code="cas.viewconfig.loading" /></h3></div>
<div id="viewConfigError">
<h2><spring:message code="cas.viewconfig.errormessage" /></h2>
<div>
<input class="btn btn-success" type="button" onclick="location.reload();" value="<spring:message code="cas.viewconfig.button.refresh" />">
</div>
</div>
<div id="view-configuration">
<div id="alertWrapper"></div>
<div class="panel panel-default">
<div class="panel-heading">
<h4><span class="glyphicon glyphicon-cog" aria-hidden="true"></span> <spring:message code="cas.viewconfig.pagetitle" /></h4>
</div>
<div class="panel-body">
<div id="containers-table" class="container-fluid">
<div id="msg" style="display:none"></div>
<table id="viewConfigsTable" class="display table table-striped table-bordered">
<thead>
<tr>
<th><spring:message code="cas.viewconfig.table.column.key" /></th>
<th><spring:message code="cas.viewconfig.table.column.value" /></th>
</tr>
</thead>
<tbody>
<tr>
<td></td>
<td></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div id="login">
<input class="btn-submit" type="button" onclick="location.reload();" value="<spring:message code="cas.viewconfig.button.refresh" />">
</div>
</div>
</div>
<%@include file="/WEB-INF/view/jsp/default/ui/includes/bottom.jsp" %>

323
src/main/resources/WEB-INF/view/jsp/monitoring/viewSsoSessions.jsp Normal file
View File

@ -0,0 +1,323 @@
<%@include file="/WEB-INF/view/jsp/default/ui/includes/top.jsp"%>
<script type="text/javascript">
String.prototype.padLeft = function (length, character) {
return new Array(length - this.length + 1).join(character || ' ') + this;
};
Date.prototype.toFormattedString = function () {
return [String(this.getMonth()+1).padLeft(2, '0'),
String(this.getDate()).padLeft(2, '0'),
String(this.getFullYear()).substr(2, 2)].join("/") + " " +
[String(this.getHours()).padLeft(2, '0'),
String(this.getMinutes()).padLeft(2, '0')].join(":");
};
function principalAttributes(obj) {
var output = '<table class="table table-condensed principal_attributes"><tbody>';
for (var key in obj) {
if (obj.hasOwnProperty(key)) {
if (Array.isArray(obj[key])) {
output = output.concat('<tr><td class="field-label active">'+ key +'</td><td>' + obj[key].toString() + '</td></tr>');
} else {
output = output.concat('<tr><td class="field-label active">'+ key +'</td><td>' + obj[key] + '</td></tr>');
}
}
}
output = output.concat('</tbody></table>');
return output;
}
function authenticatedServices(obj) {
var output = '';
for (var key in obj) {
if (obj.hasOwnProperty(key)) {
output = output.concat('<h5>' + key + '</h5><table class="table table-condensed principal_attributes"><tbody>');
for (foo in obj[key] ) {
if (obj[key].hasOwnProperty(foo)) {
if (Array.isArray(obj[key][foo])) {
output = output.concat('<tr><td class="field-label active">'+ foo +':</td><td>' + obj[key][foo].toString() + '</td></tr>');
} else {
output = output.concat('<tr><td class="field-label active">'+ foo +':</td><td>' + obj[key][foo] + '</td></tr>');
}
}
}
output = output.concat('</tbody></table>');
}
}
return output;
}
/* Formatting function for row details - modify as you need */
function format ( d ) {
return '<table class="table table-bordered row-detail">' +
'<tbody>'+
'<tr class="hidden-md hidden-lg">'+
'<td class="field-label active">Access Date:</td>'+
'<td>'+d.authentication_date_formatted+'</td>'+
'</tr>'+
'<tr class="hidden-md hidden-lg">'+
'<td class="field-label active">Usage Count:</td>'+
'<td>'+d.number_of_uses+'</td>'+
'</tr>'+
'<tr>'+
'<td class="field-label active">Ticket Granting Ticket:</td>'+
'<td>'+d.ticket_granting_ticket+'</td>'+
'</tr>'+
'<tr>'+
'<td class="field-label active">Principal Attributes:</td>'+
'<td>' +
principalAttributes(d.principal_attributes) +
'</td>' +
'</tr>'+
'<tr>'+
'<td class="field-label active">Authenticated Services:</td>'+
'<td>' +
authenticatedServices(d.authenticated_services);
'</td>' +
'</tr>'+
'<tr>'+
'<td class="field-label active">Ticket Granting Service:</td>'+
'<td></td>'+
'</tr>'+
'</tbody></table>';
}
function updateAdminPanels( data ) {
//$('#totalUsers').text(data.totalPrincipals);
$('#totalUsers').text(data.activeSsoSessions.length);
$('#totalUsageSessions').text( sum(data.activeSsoSessions, 'number_of_uses') );
//$('#totalProxied').text(data.totalTicketGrantingTickets);
$('#totalTGTs').text(data.totalTicketGrantingTickets);
//$('#totalTGTs').text( sum(data.activeSsoSessions, 'is_proxied' ) );
}
function sum( obj, prop ) {
var sum = 0;
for( var el in obj ) {
if( obj.hasOwnProperty( el ) ) {
sum += ( typeof obj[el][prop] == 'boolean' ) ? +obj[el][prop] : obj[el][prop] ;
}
}
return sum;
}
function showError(msg) {
$("#msg").removeClass();
$("#msg").addClass("errors");
$("#msg").text(msg);
$("#msg").show();
}
function showInfo(msg) {
$("#msg").removeClass();
$("#msg").addClass("info");
$("#msg").text(msg);
$("#msg").show();
}
function alertUser(message, alertType) {
$('#alertWrapper').append('<div id="alertdiv" class="alert alert-' + alertType + ' alert-dismissible">' +
'<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>' +
'<span class="alertMessage">' + message + '</span></div>'
);
setTimeout(function() { // this will automatically close the alert and remove this if the users doesnt close it in 5 secs
$("#alertdiv").remove();
}, 5000);
}
function removeSession( ticketId ) {
var factory = {};
factory.httpHeaders = {};
factory.messages = {};
factory.ticketId = ticketId;
if (ticketId && (ticketId == 'ALL' || ticketId == 'PROXIED' || ticketId == 'DIRECT' ) ) {
factory.url = '/cas/statistics/ssosessions/destroySsoSessions';
factory.data = { type: ticketId };
factory.messages.success = '<spring:message code="cas.sessions.alert.removal.success.multi.partone" /> ' + ticketId + ' <spring:message code="cas.sessions.alert.removal.success.multi.parttwo" />';
factory.messages.error = '<spring:message code="cas.sessions.alert.removal.error.multi.partone" /> ' + ticketId + ' <spring:message code="cas.sessions.alert.removal.error.multi.parttwo" />.';
} else {
factory.url = '/cas/statistics/ssosessions/destroySsoSession';
factory.data = { ticketGrantingTicket: factory.ticketId };
factory.messages.success = '<spring:message code="cas.sessions.alert.removal.success.single.partone" /> ' + ticketId + ' <spring:message code="cas.sessions.alert.removal.success.single.parttwo" />';
factory.messages.error = '<spring:message code="cas.sessions.alert.removal.error.single.partone" /> ' + ticketId + ' <spring:message code="cas.sessions.alert.removal.error.single.parttwo" />.';
}
$.ajax({
type: 'post',
url: factory.url,
//data: { ticketGrantingTicket: factory.ticketId, type: 'ALL' },
data: factory.data,
headers: factory.httpHeaders,
dataType: 'json',
success: function (data, status) {
// Reinitialize the table data
$('#ssoSessions').DataTable().ajax.reload();
if ( data.status != 200 ) {
alertUser(factory.messages.error, 'danger');
} else {
alertUser( factory.messages.success, 'success' );
// Reload the page
location.reload();
}
},
error: function(xhr, status) {
alertUser('There appears to be an error. Please try your request again.', 'danger');
}
});
}
function jqueryReady() {
head.load(
// Bootstrap Datables CSS
"https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css",
"//maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css",
"https://cdn.datatables.net/1.10.9/css/dataTables.bootstrap.min.css",
"/cas/css/ssosessions.css"
);
head.load(
// JS Libraries
"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js",
// Bootstrap Datatables
"https://cdn.datatables.net/1.10.9/js/jquery.dataTables.min.js",
"https://cdn.datatables.net/1.10.9/js/dataTables.bootstrap.min.js",
"/cas/js/ssosessions.js"
);
}
</script>
<div class="ssoSessions">
<div id="loadingMessage"><h3><spring:message code="cas.ssosessions.loading" /></h3></div>
<div id="no-cas-sessions">
<h2><spring:message code="cas.ssosessions.nosessionsfound" /></h2>
<div>
<input class="btn btn-success" type="button" onclick="location.reload();" value="<spring:message code="cas.ssosessions.button.refresh" />">
</div>
</div>
<div id="cas-sessions">
<div id="alertWrapper"></div>
<div class="panel panel-default">
<div class="panel-heading">
<h4><span class="glyphicon glyphicon-stats" aria-hidden="true"></span> <spring:message code="cas.ssosessions.report.pagetitle" /></h4>
</div>
<div class="panel-body">
<div id="session-counts" class="container-fluid">
<div class="row adminPanels">
<div class="col-lg-3 col-md-6">
<div class="panel panel-info">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-users fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge" id="totalUsers">0</div>
<div><spring:message code="cas.ssosessions.report.panel.totalactiveprincipals" /></div>
</div>
</div>
</div>
</div>
</div>
<div class="col-lg-3 col-md-6">
<div class="panel panel-success">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-tasks fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge" id="totalUsageSessions">0</div>
<div><spring:message code="cas.ssosessions.report.panel.usagecountsessions" /></div>
</div>
</div>
</div>
</div>
</div>
<div class="col-lg-3 col-md-6">
<div class="panel panel-warning">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-ticket fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge" id="totalTGTs">0</div>
<div><spring:message code="cas.ssosessions.report.panel.totalssosessions" /></div>
</div>
</div>
</div>
</div>
</div>
<%--<div class="col-md-12">graph</div>--%>
</div>
</div>
<div class="container-fluid">
<div id="filterButtons" class="btn-group btn-group-sm pull-right" data-toggle="buttons">
<label class="btn btn-default active" data-filter="all">
<input type="radio" name="options" id="optionAll" autocomplete="off"> <spring:message code="cas.ssosessions.buttons.filter.all" />
</label>
<label class="btn btn-default" data-filter="proxied">
<input type="radio" name="options" id="optionProxied" autocomplete="off"> <spring:message code="cas.ssosessions.buttons.filter.proxied" />
</label>
<label class="btn btn-default" data-filter="non-proxied">
<input type="radio" name="options" id="optionDirect" autocomplete="off"> <spring:message code="cas.ssosessions.buttons.filter.nonproxied" />
</label>
</div>
<button id="removeAllSessionsButton" class="btn btn-sm btn-danger" type="button" value="ALL"><spring:message code="cas.ssosessions.buttons.removeall" /></button>
</div>
<div id="container-stable" class="container-fluid">
<div id="msg" style="display:none"></div>
<table id="ssoSessions" class="display table table-striped table-bordered">
<thead>
<tr>
<th>&nbsp;</th>
<th>&nbsp;</th>
<th><spring:message code="cas.ssosessions.table.header.principal" /></th>
<th><spring:message code="cas.ssosessions.table.header.ticketgrantingticket" /></th>
<th><spring:message code="cas.ssosessions.table.header.authenticationdate" /></th>
<th><spring:message code="cas.ssosessions.table.header.usagecount" /></th>
<th>&nbsp;</th>
</tr>
</thead>
<tbody>
<tr>
<td></td>
<td></td>
<td>User</td>
<td>TGT</td>
<td>Auth_Date</td>
<td>Usage_Count</td>
<td></td>
</tr>
</tbody>
</table>
<hr />
</div>
<div id="login">
<input class="btn-submit" type="button" onclick="location.reload();" value="<spring:message code="cas.ssosessions.button.refresh" />">
</div>
</div>
</div>
</div>
</div>
<%@include file="/WEB-INF/view/jsp/default/ui/includes/bottom.jsp" %>

218
src/main/resources/WEB-INF/view/jsp/monitoring/viewStatistics.jsp Normal file
View File

@ -0,0 +1,218 @@
<%@include file="/WEB-INF/view/jsp/default/ui/includes/top.jsp"%>
<script type="text/javascript">
var memory_graph, completion_graph;
function jqueryReady() {
head.load(
"//maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css",
"//maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"
);
head.load(
"//cdnjs.cloudflare.com/ajax/libs/d3/3.5.6/d3.min.js",
"//maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js",
"/cas/js/statisticsview.js",
function() {
var memory = new Gauge('#memoryGauge', ${freeMemory / (totalMemory)}, {width: 200, height: 200, label: '<spring:message code="cas.statistics.section.serverstatistics.freememorygauge.label" />', textClass: 'runtimeStatistics'});
var maxMemory = new Gauge('#maxMemoryGauge', ${totalMemory / (maxMemory)}, {width: 200, height: 200, label: '<spring:message code="cas.statistics.section.serverstatistics.maxmemorygauge.label" />', textClass: 'runtimeStatistics'});
var server_uptime = upTime('${startTime}', 'uptime');
/**
* Populate the Thread Dump area.
* Pass it how many characters to retrieve Default is 400
*/
getThreadDumpPreview(600);
$('#loading, .statisticsView').toggle();
}
);
};
</script>
<div id="loading">Loading...</div>
<div class="statisticsView">
<h2><spring:message code="cas.statistics.pagetitle" /></h2>
<div class="section">
<%-- Registry Ticket Section --%>
<h3><spring:message code="cas.statistics.section.ticket.title" /></h3>
<div class="row adminPanels clearfix">
<div class="col-lg-3 col-md-6">
<div class="panel panel-success">
<div class="panel-heading">
<div class="row">
<div class="col-xs-12 text-right">
<div class="semi-huge"><spring:message code="cas.statistics.section.ticket.panel.unexpiredtgts.title" /></div>
<div class="huge" id="totalUsers">${unexpiredTgts}</div>
</div>
</div>
</div>
</div>
</div>
<div class="col-lg-3 col-md-6">
<div class="panel panel-success">
<div class="panel-heading">
<div class="row">
<div class="col-xs-12 text-right">
<div class="semi-huge"><spring:message code="cas.statistics.section.ticket.panel.unexpiredsts.title" /></div>
<div class="huge" id="totalUsageSessions">${unexpiredSts}</div>
</div>
</div>
</div>
</div>
</div>
<div class="col-lg-3 col-md-6">
<div class="panel panel-warning">
<div class="panel-heading">
<div class="row">
<div class="col-xs-12 text-right">
<div class="semi-huge"><spring:message code="cas.statistics.section.ticket.panel.expiredtgts.title" /></div>
<div class="huge">${expiredTgts}</div>
</div>
</div>
</div>
</div>
</div>
<div class="col-lg-3 col-md-6">
<div class="panel panel-warning">
<div class="panel-heading">
<div class="row">
<div class="col-xs-12 text-right">
<div class="semi-huge"><spring:message code="cas.statistics.section.ticket.panel.expiredsts.title" /></div>
<div class="huge">${expiredSts}</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="adminPanels container-fluid">
<a id="viewSsoSessions" href="statistics/ssosessions" class="btn btn-primary pull-right"><spring:message code="cas.statistics.section.ticket.button" /></a>
</div>
</div>
<h3><spring:message code="cas.statistics.section.serverstatistics.title" /></h3>
<div class="row runtimePanels">
<%-- JVM Server Section --%>
<div class="col-md-4">
<div class="text-center">
<div class="section" id="memoryUsageWrapper">
<div id="memoryGauge"></div>
</div>
<div id="maxMemoryWrapper">
<div id="maxMemoryGauge"></div>
</div>
</div>
</div>
<div class="col-md-8">
<div id="uptime-panel" class="panel panel-info">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-clock-o fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge"><spring:message code="cas.statistics.section.serverstatistics.panel.uptime.title" /></div>
<div id="uptime"></div>
</div>
</div>
</div>
</div>
<div class="panel panel-info">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-server fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge"><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.title" /></div>
<div id=""></div>
</div>
</div>
</div>
<div class="panel-body">
<table class="table table-striped ">
<thead>
<tr>
<th class="col-md-4"><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.label" /></th>
<th class="col-md-8"><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.value.label" /></th>
</tr>
</thead>
<tbody>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.server.label" /></td>
<td>${serverIpAddress} (${serverHostName})</td>
</tr>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.casticketsuffix.label" /></td>
<td>${casTicketSuffix}</td>
</tr>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.starttime.label" /></td>
<td>${startTime}</td>
</tr>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.uptime.label" /></td>
<td>${upTime}</td>
</tr>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.memory.label" /></td>
<td>${freeMemory} MB <spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.free" /> <br/>${totalMemory} MB <spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.total" /></td>
</tr>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.maxmemory.label" /></td>
<td>${maxMemory} MB</td>
</tr>
<tr>
<td><spring:message code="cas.statistics.section.serverstatistics.panel.serverinfo.table.property.availprocessors.label" /></td>
<td>${availableProcessors}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div class="row">
<%-- Thread Dump Section --%>
<div class="col-md-12">
<h3><spring:message code="cas.statistics.section.threaddump.title" /></h3>
<div class="well clearfix">
<pre id="threadDumpPreview"></pre>
<button id="threadDumpViewButton" type="button" class="btn btn-sm btn-default pull-right" value="statistics/threads?pretty=true" data-toggle="modal" data-target="#threadDumpModal" data-remote="false"><spring:message code="cas.statistics.section.threaddump.button" /></button>
</div>
</div>
</div>
<div class="row">
<%-- Metrics Section --%>
<div class="col-sm-12">
<h3><spring:message code="cas.statistics.section.metrics.title" /></h3>
<a href="statistics/metrics?pretty=true" class="btn btn-default"><spring:message code="cas.statistics.section.metrics.button" /></a>
</div>
</div>
</div>
<div class="modal fade" id="threadDumpModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title" id="myModalLabel"><spring:message code="cas.statistics.section.threaddump.modal.title" /></h4>
</div>
<div class="modal-body"><pre class="thread-dump-view"></pre></div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal"><spring:message code="cas.statistics.modal.close.button" /></button>
</div>
</div>
</div>
</div>
<%@include file="/WEB-INF/view/jsp/default/ui/includes/bottom.jsp" %>

7
src/main/resources/WEB-INF/view/jsp/protocol/2.0/casProxyFailureView.jsp Normal file
View File

@ -0,0 +1,7 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:proxyFailure code='${code}'>
${fn:escapeXml(description)}
</cas:proxyFailure>
</cas:serviceResponse>

7
src/main/resources/WEB-INF/view/jsp/protocol/2.0/casProxySuccessView.jsp Normal file
View File

@ -0,0 +1,7 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:proxySuccess>
<cas:proxyTicket>${fn:escapeXml(ticket)}</cas:proxyTicket>
</cas:proxySuccess>
</cas:serviceResponse>

7
src/main/resources/WEB-INF/view/jsp/protocol/2.0/casServiceValidationFailure.jsp Normal file
View File

@ -0,0 +1,7 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='${code}'>
${fn:escapeXml(description)}
</cas:authenticationFailure>
</cas:serviceResponse>

18
src/main/resources/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp Normal file
View File

@ -0,0 +1,18 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(principal.id)}</cas:user>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(chainedAuthentications) > 0}">
<cas:proxies>
<c:forEach var="proxy" items="${chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(chainedAuthentications)}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>

7
src/main/resources/WEB-INF/view/jsp/protocol/3.0/casServiceValidationFailure.jsp Normal file
View File

@ -0,0 +1,7 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='${code}'>
${fn:escapeXml(description)}
</cas:authenticationFailure>
</cas:serviceResponse>

36
src/main/resources/WEB-INF/view/jsp/protocol/3.0/casServiceValidationSuccess.jsp Normal file
View File

@ -0,0 +1,36 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ page import="java.util.*, java.util.Map.Entry" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(principal.id)}</cas:user>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(chainedAuthentications) > 0}">
<cas:proxies>
<c:forEach var="proxy" items="${chainedAuthentications}" varStatus="loopStatus" begin="0"
end="${fn:length(chainedAuthentications)}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
<c:if test="${fn:length(attributes) > 0}">
<cas:attributes>
<c:forEach var="attr"
items="${attributes}"
varStatus="loopStatus" begin="0"
end="${fn:length(attributes)}"
step="1">
<c:forEach var="attrval" items="${attr.value}">
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attrval)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</c:forEach>
</cas:attributes>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>

17
src/main/resources/WEB-INF/view/jsp/protocol/casPostResponseView.jsp Normal file
View File

@ -0,0 +1,17 @@
<%@ page language="java" session="false"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<body onload="document.acsForm.submit();">
<form name="acsForm" action="<c:out value="${originalUrl}" escapeXml="true" />" method="post">
<div style="display: none">
<c:forEach items="${parameters}" var="entry">
<textarea rows=10 cols=80 name="${entry.key}"><c:out value="${entry.value}" escapeXml="true" /></textarea>
</c:forEach>
</div>
<noscript>
<p>You are being redirected to <c:out value="${originalUrl}" escapeXml="true" />. Please click &quot;Continue&quot; to continue your login.</p>
<p><input type="submit" value="Continue" /></p>
</noscript>
</form>
</body>
</html>

5
src/main/resources/WEB-INF/view/jsp/protocol/clearPass/clearPassFailure.jsp Normal file
View File

@ -0,0 +1,5 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<cas:clearPassResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:clearPassFailure>${fn:escapeXml(description)}</cas:clearPassFailure>
</cas:clearPassResponse>

8
src/main/resources/WEB-INF/view/jsp/protocol/clearPass/clearPassSuccess.jsp Normal file
View File

@ -0,0 +1,8 @@
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:clearPassResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:clearPassSuccess>
<cas:credentials>${fn:escapeXml(credentials)}</cas:credentials>
</cas:clearPassSuccess>
</cas:clearPassResponse>

13
src/main/resources/WEB-INF/view/jsp/protocol/oauth/confirm.jsp Normal file
View File

@ -0,0 +1,13 @@
<jsp:directive.include file="../../default/ui/includes/top.jsp"/>
<div id="msg" class="question">
<h2><spring:message code="screen.oauth.confirm.header"/></h2>
<p>
<spring:message code="screen.oauth.confirm.message" arguments="${serviceName}"/>
</p>
<p>
<a id="allow" name="allow" href="${callbackUrl}"><spring:message code="screen.oauth.confirm.allow"/></a>
</p>
</div>
<jsp:directive.include file="../../default/ui/includes/bottom.jsp"/>

1
src/main/resources/WEB-INF/view/jsp/protocol/openid/casOpenIdAssociationFailureView.jsp Normal file
View File

@ -0,0 +1 @@
<%= "openid.mode:cancel\n" %>

9
src/main/resources/WEB-INF/view/jsp/protocol/openid/casOpenIdAssociationSuccessView.jsp Normal file
View File

@ -0,0 +1,9 @@
<%@ page import="java.util.Set, java.util.Map, java.util.Iterator" %><%
Map parameters = (Map)request.getAttribute("parameters");
Iterator iterator = parameters.keySet().iterator();
while (iterator.hasNext()) {
String key = (String)iterator.next();
String parameter = (String)parameters.get(key);
out.print(key+":"+parameter+"\n");
}
%>

1
src/main/resources/WEB-INF/view/jsp/protocol/openid/casOpenIdServiceFailureView.jsp Normal file
View File

@ -0,0 +1 @@
<%= "openid.mode:id_res\nis_valid:false\n" %>

1
src/main/resources/WEB-INF/view/jsp/protocol/openid/casOpenIdServiceSuccessView.jsp Normal file
View File

@ -0,0 +1 @@
<%= "openid.mode:id_res\nis_valid:true\n" %>

5
src/main/resources/WEB-INF/view/jsp/protocol/openid/user.jsp Normal file
View File

@ -0,0 +1,5 @@
<html>
<head>
<link rel="openid.server" href="${openid_server}"/>
</head>
</html>

258
src/main/resources/WEB-INF/web.xml Normal file
View File

@ -0,0 +1,258 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>Central Authentication System (CAS)</display-name>
<context-param>
<param-name>isLog4jAutoInitializationDisabled</param-name>
<param-value>true</param-value>
</context-param>
<listener>
<listener-class>org.apache.logging.log4j.web.Log4jServletContextListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-configuration/*.xml
/WEB-INF/deployerConfigContext.xml
<!-- this enables extensions and addons to contribute to overall CAS' application context
by loading spring context files from classpath i.e. found in classpath jars, etc. -->
classpath*:/META-INF/spring/*.xml
</param-value>
</context-param>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Client Info Logging Filter</filter-name>
<filter-class>org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>CAS Client Info Logging Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>requestParameterSecurityFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>requestParameterSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>responseHeadersSecurityFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>responseHeadersSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the CAS ApplicationContext.
-->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<listener>
<listener-class>
org.jasig.cas.CasEnvironmentContextListener
</listener-class>
</listener>
<!--
- This is the Spring dispatcher servlet which delegates all requests to the
- Spring WebMVC controllers as configured in cas-servlet.xml.
- This configuration also provides a plugin mechanism which enables un-intrusive contributions to the DispatcherServlet
- child application context (via local Maven or Gradle war overlays for example)
- and thus an ability to override beans defined in cas-servlet.xml by means of including additional
- Spring XML config files with a naming convention pattern of /WEB-INF/cas-servlet-*.xml
-->
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<!-- Load the child application context. Start with the default, then modules, then overlays. -->
<param-value>/WEB-INF/cas-servlet.xml,classpath*:/META-INF/cas-servlet-*.xml,/WEB-INF/cas-servlet-*.xml</param-value>
</init-param>
<init-param>
<param-name>publishContext</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/validate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/serviceValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/p3/serviceValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxyValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/p3/proxyValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/CentralAuthenticationService</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/status</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics/ping</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics/metrics</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics/threads</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics/healthcheck</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics/ssosessions/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/statistics/ssosessions</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/status/config/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/status/config</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/authorizationFailure.html</url-pattern>
</servlet-mapping>
<!-- REST support if cas-server-support-rest is included -->
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/v1/tickets/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/v1/services/*</url-pattern>
</servlet-mapping>
<session-config>
<!-- Default to 5 minute session timeouts -->
<session-timeout>5</session-timeout>
<tracking-mode>COOKIE</tracking-mode>
<cookie-config>
<http-only>true</http-only>
</cookie-config>
</session-config>
<error-page>
<error-code>401</error-code>
<location>/authorizationFailure.html</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/authorizationFailure.html</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<error-page>
<error-code>501</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<error-page>
<error-code>503</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>

212
src/main/resources/WEB-INF/webflow/login/login-webflow.xml Normal file
View File

@ -0,0 +1,212 @@
<?xml version="1.0" encoding="UTF-8"?>
<flow xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.springframework.org/schema/webflow"
xsi:schemaLocation="http://www.springframework.org/schema/webflow
http://www.springframework.org/schema/webflow/spring-webflow.xsd">
<var name="credential" class="org.jasig.cas.authentication.UsernamePasswordCredential"/>
<!--
<var name="credential" class="org.jasig.cas.authentication.RememberMeUsernamePasswordCredential" />
-->
<on-start>
<evaluate expression="initialFlowSetupAction"/>
</on-start>
<action-state id="ticketGrantingTicketCheck">
<evaluate expression="ticketGrantingTicketCheckAction"/>
<transition on="notExists" to="gatewayRequestCheck"/>
<transition on="invalid" to="terminateSession"/>
<transition on="valid" to="hasServiceCheck"/>
</action-state>
<action-state id="terminateSession">
<evaluate expression="terminateSessionAction.terminate(flowRequestContext)"/>
<transition to="gatewayRequestCheck"/>
</action-state>
<decision-state id="gatewayRequestCheck">
<if test="requestParameters.gateway != '' and requestParameters.gateway != null and flowScope.service != null"
then="gatewayServicesManagementCheck" else="serviceAuthorizationCheck"/>
</decision-state>
<decision-state id="hasServiceCheck">
<if test="flowScope.service != null" then="renewRequestCheck" else="viewGenericLoginSuccess"/>
</decision-state>
<decision-state id="renewRequestCheck">
<if test="requestParameters.renew != '' and requestParameters.renew != null" then="serviceAuthorizationCheck"
else="generateServiceTicket"/>
</decision-state>
<!-- Do a service authorization check early without the need to login first -->
<action-state id="serviceAuthorizationCheck">
<evaluate expression="serviceAuthorizationCheck"/>
<transition to="initializeLogin"/>
</action-state>
<!--
The "warn" action makes the determination of whether to redirect directly to the requested
service or display the "confirmation" page to go back to the server.
-->
<decision-state id="warn">
<if test="flowScope.warnCookieValue" then="showWarningView" else="redirect"/>
</decision-state>
<action-state id="initializeLogin">
<evaluate expression="'success'"/>
<transition on="success" to="viewLoginForm"/>
</action-state>
<view-state id="viewLoginForm" view="casLoginView" model="credential">
<binder>
<binding property="username" required="true"/>
<binding property="password" required="true"/>
<!--
<binding property="rememberMe" />
-->
</binder>
<on-entry>
<set name="viewScope.commandName" value="'credential'"/>
<!--
<evaluate expression="samlMetadataUIParserAction" />
-->
</on-entry>
<transition on="submit" bind="true" validate="true" to="realSubmit"/>
</view-state>
<action-state id="realSubmit">
<evaluate
expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credential, messageContext)"/>
<transition on="warn" to="warn"/>
<!--
To enable AUP workflows, replace the 'success' transition with the following:
<transition on="success" to="acceptableUsagePolicyCheck" />
-->
<transition on="success" to="sendTicketGrantingTicket"/>
<transition on="successWithWarnings" to="showMessages"/>
<transition on="authenticationFailure" to="handleAuthenticationFailure"/>
<transition on="error" to="initializeLogin"/>
</action-state>
<view-state id="showMessages" view="casLoginMessageView">
<on-entry>
<evaluate expression="sendTicketGrantingTicketAction"/>
<set name="requestScope.messages" value="messageContext.allMessages"/>
</on-entry>
<transition on="proceed" to="serviceCheck"/>
</view-state>
<action-state id="handleAuthenticationFailure">
<evaluate expression="authenticationExceptionHandler.handle(currentEvent.attributes.error, messageContext)"/>
<transition on="AccountDisabledException" to="casAccountDisabledView"/>
<transition on="AccountLockedException" to="casAccountLockedView"/>
<transition on="AccountPasswordMustChangeException" to="casMustChangePassView"/>
<transition on="CredentialExpiredException" to="casExpiredPassView"/>
<transition on="InvalidLoginLocationException" to="casBadWorkstationView"/>
<transition on="InvalidLoginTimeException" to="casBadHoursView"/>
<transition on="FailedLoginException" to="initializeLogin"/>
<transition on="AccountNotFoundException" to="initializeLogin"/>
<transition on="UNKNOWN" to="initializeLogin"/>
</action-state>
<action-state id="sendTicketGrantingTicket">
<evaluate expression="sendTicketGrantingTicketAction"/>
<transition to="serviceCheck"/>
</action-state>
<decision-state id="serviceCheck">
<if test="flowScope.service != null" then="generateServiceTicket" else="viewGenericLoginSuccess"/>
</decision-state>
<action-state id="generateServiceTicket">
<evaluate expression="generateServiceTicketAction"/>
<transition on="success" to="warn"/>
<transition on="authenticationFailure" to="handleAuthenticationFailure"/>
<transition on="error" to="initializeLogin"/>
<transition on="gateway" to="gatewayServicesManagementCheck"/>
</action-state>
<action-state id="gatewayServicesManagementCheck">
<evaluate expression="gatewayServicesManagementCheck"/>
<transition on="success" to="redirect"/>
</action-state>
<action-state id="redirect">
<evaluate expression="flowScope.service.getResponse(requestScope.serviceTicketId)"
result-type="org.jasig.cas.authentication.principal.Response" result="requestScope.response"/>
<transition to="postRedirectDecision"/>
</action-state>
<decision-state id="postRedirectDecision">
<if test="requestScope.response.responseType.name() == 'POST'" then="postView" else="redirectView"/>
</decision-state>
<!--
the "viewGenericLoginSuccess" is the end state for when a user attempts to login without coming directly from a service.
They have only initialized their single-sign on session.
-->
<end-state id="viewGenericLoginSuccess" view="casGenericSuccessView">
<on-entry>
<evaluate expression="genericSuccessViewAction.getAuthenticationPrincipal(flowScope.ticketGrantingTicketId)"
result="requestScope.principal"
result-type="org.jasig.cas.authentication.principal.Principal"/>
</on-entry>
</end-state>
<!--
The "showWarningView" end state is the end state for when the user has requested privacy settings (to be "warned")
to be turned on. It delegates to a view defines in default_views.properties that display the
"Please click here to go to the service." message.
-->
<end-state id="showWarningView" view="casConfirmView"/>
<!-- Password policy failure states -->
<end-state id="abstactPasswordChangeView">
<on-entry>
<set name="flowScope.passwordPolicyUrl" value="passwordPolicyConfiguration.passwordPolicyUrl"/>
</on-entry>
</end-state>
<end-state id="casExpiredPassView" view="casExpiredPassView" parent="#abstactPasswordChangeView"/>
<end-state id="casMustChangePassView" view="casMustChangePassView" parent="#abstactPasswordChangeView"/>
<end-state id="casAccountDisabledView" view="casAccountDisabledView"/>
<end-state id="casAccountLockedView" view="casAccountLockedView"/>
<end-state id="casBadHoursView" view="casBadHoursView"/>
<end-state id="casBadWorkstationView" view="casBadWorkstationView"/>
<end-state id="postView" view="postResponseView">
<on-entry>
<set name="requestScope.parameters" value="requestScope.response.attributes"/>
<set name="requestScope.originalUrl" value="flowScope.service.id"/>
</on-entry>
</end-state>
<!--
The "redirect" end state allows CAS to properly end the workflow while still redirecting
the user back to the service required.
-->
<end-state id="redirectView" view="externalRedirect:#{requestScope.response.url}"/>
<end-state id="viewServiceErrorView" view="serviceErrorView"/>
<decision-state id="serviceUnauthorizedCheck">
<if test="flowScope.unauthorizedRedirectUrl != null"
then="viewRedirectToUnauthorizedUrlView"
else="viewServiceErrorView"/>
</decision-state>
<end-state id="viewRedirectToUnauthorizedUrlView" view="externalRedirect:#{flowScope.unauthorizedRedirectUrl}"/>
<end-state id="viewServiceSsoErrorView" view="serviceErrorSsoView" />
<global-transitions>
<transition to="viewLoginForm" on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException"/>
<transition to="viewServiceErrorView"
on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException"/>
<transition to="serviceUnauthorizedCheck" on-exception="org.jasig.cas.services.UnauthorizedServiceException"/>
<transition to="serviceUnauthorizedCheck" on-exception="org.jasig.cas.services.UnauthorizedServiceForPrincipalException" />
</global-transitions>
</flow>

35
src/main/resources/WEB-INF/webflow/logout/logout-webflow.xml Normal file
View File

@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<flow xmlns="http://www.springframework.org/schema/webflow"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd">
<action-state id="terminateSession">
<evaluate expression="terminateSessionAction.terminate(flowRequestContext)" />
<transition to="doLogout" />
</action-state>
<action-state id="doLogout">
<evaluate expression="logoutAction" />
<transition on="finish" to="finishLogout" />
<transition on="front" to="frontLogout" />
</action-state>
<action-state id="frontLogout">
<evaluate expression="frontChannelLogoutAction" />
<transition on="finish" to="finishLogout" />
<transition on="redirectApp" to="redirectToFrontApp" />
</action-state>
<view-state id="redirectToFrontApp" view="externalRedirect:#{currentEvent.attributes.logoutUrl}&amp;RelayState=#{flowExecutionContext.key}">
<transition on="next" to="frontLogout" />
</view-state>
<decision-state id="finishLogout">
<if test="flowScope.logoutRedirectUrl != null" then="redirectView" else="logoutView" />
</decision-state>
<end-state id="redirectView" view="externalRedirect:#{flowScope.logoutRedirectUrl}" />
<end-state id="logoutView" view="casLogoutView" />
</flow>

2
src/main/resources/apereo.properties Normal file
View File

@ -0,0 +1,2 @@
standard.custom.css.file=/themes/apereo/css/cas.css
cas.javascript.file=/themes/apereo/js/cas.js

2
src/main/resources/cas-theme-default.properties Normal file
View File

@ -0,0 +1,2 @@
standard.custom.css.file=/css/cas.css
cas.javascript.file=/js/cas.js

7
src/main/resources/cas_views.properties Normal file
View File

@ -0,0 +1,7 @@
# A placeholder for view definitions that are to be defined
# in the format of:
# viewName.(class)=org.jasig.cas.web.view.ViewClassName
# This file is exclusively reserved for custom views that
# would be put into a CAS overlay by deployers and removes
# the need to have to overlay the entire xml view definition file.

79
src/main/resources/log4j2.xml Normal file
View File

@ -0,0 +1,79 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!-- Specify the refresh internal in seconds. -->
<Configuration monitorInterval="60">
<Appenders>
<Console name="console" target="SYSTEM_OUT">
<PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>
</Console>
<RollingFile name="file" fileName="cas.log" append="true"
filePattern="cas-%d{yyyy-MM-dd-HH}-%i.log">
<PatternLayout pattern="%d %p [%c] - %m%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<SizeBasedTriggeringPolicy size="10 MB"/>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>
<RollingFile name="auditlogfile" fileName="cas_audit.log" append="true"
filePattern="cas_audit-%d{yyyy-MM-dd-HH}-%i.log">
<PatternLayout pattern="%d %p [%c] - %m%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<SizeBasedTriggeringPolicy size="10 MB"/>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>
<RollingFile name="perfFileAppender" fileName="perfStats.log" append="true"
filePattern="perfStats-%d{yyyy-MM-dd-HH}-%i.log">
<PatternLayout pattern="%m%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<SizeBasedTriggeringPolicy size="10 MB"/>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>
</Appenders>
<Loggers>
<AsyncLogger name="org.jasig" level="info" additivity="false" includeLocation="true">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</AsyncLogger>
<AsyncLogger name="org.springframework" level="warn" />
<AsyncLogger name="org.springframework.webflow" level="warn" />
<AsyncLogger name="org.springframework.web" level="warn" />
<AsyncLogger name="org.pac4j" level="warn" />
<!--
<AsyncLogger name="org.opensaml" level="debug" additivity="false">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</AsyncLogger>
<AsyncLogger name="org.ldaptive" level="debug" additivity="false">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</AsyncLogger>
<AsyncLogger name="com.hazelcast" level="debug" additivity="false">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</AsyncLogger>
-->
<AsyncLogger name="org.apereo.cas.security" level="warn" additivity="false" includeLocation="true">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</AsyncLogger>
<AsyncLogger name="perfStatsLogger" level="info" additivity="false" includeLocation="true">
<AppenderRef ref="perfFileAppender"/>
</AsyncLogger>
<AsyncLogger name="org.jasig.cas.web.flow" level="info" additivity="true" includeLocation="true">
<AppenderRef ref="file"/>
</AsyncLogger>
<AsyncLogger name="org.jasig.inspektr.audit.support" level="info" includeLocation="true">
<AppenderRef ref="auditlogfile"/>
<AppenderRef ref="file"/>
</AsyncLogger>
<AsyncRoot level="error">
<AppenderRef ref="console"/>
</AsyncRoot>
</Loggers>
</Configuration>

243
src/main/resources/messages.properties Normal file
View File

@ -0,0 +1,243 @@
screen.welcome.welcome=Congratulations on bringing CAS online! To learn how to authenticate, please review the default authentication handler configuration.
screen.welcome.security=For security reasons, please <a href="logout">log out</a> and exit your web browser when you are done accessing services that require \
authentication!
screen.welcome.instructions=Enter your Username and Password
screen.welcome.label.netid=<span class="accesskey">U</span>sername:
screen.welcome.label.netid.accesskey=u
screen.welcome.label.password=<span class="accesskey">P</span>assword:
screen.welcome.label.password.accesskey=p
screen.welcome.label.publicstation=I am at a public workstation.
screen.welcome.label.warn=<span class="accesskey">W</span>arn me before logging me into other sites.
screen.welcome.label.warn.accesskey=w
screen.welcome.button.login=LOGIN
screen.welcome.button.clear=CLEAR
screen.welcome.label.loginwith=Or login with:
screen.cookies.disabled.title=Browser cookies disabled
screen.cookies.disabled.message=Your browser does not accept cookies. Single Sign On WILL NOT WORK.
screen.aup.button.accept=ACCEPT
screen.aup.button.cancel=CANCEL
screen.nonsecure.title=Non-secure Connection
screen.nonsecure.message=You are currently accessing CAS over a non-secure connection. Single Sign On WILL NOT WORK. In order to have single sign on work, you MUST log in over HTTPS.
logo.title=go to Apereo home page
copyright=Copyright &copy; 2005&ndash;2015 Apereo, Inc.
screen.capslock.on = CAPSLOCK key is turned on!
# Remember-Me Authentication
screen.rememberme.checkbox.title=Remember Me
# Blocked Errors Page
screen.blocked.header=Access Denied
screen.blocked.message=You've entered the wrong password for the user too many times. You've been throttled.
AbstractAccessDecisionManager.accessDenied=You are not authorized to access this resource. Contact your CAS administrator for more info.
#Confirmation Screen Messages
screen.confirmation.message=Click <a href="{0}">here</a> to go to the application.
#Generic Success Screen Messages
screen.success.header=Log In Successful
screen.success.success=You, {0}, have successfully logged into the Central Authentication Service.
screen.success.security=When you are finished, for security reasons, please <a href="logout">log out</a> and exit your web browser.
#Logout Screen Messages
screen.logout.header=Logout successful
screen.logout.success=You have successfully logged out of the Central Authentication Service.
screen.logout.security=For security reasons, exit your web browser.
screen.logout.redirect=The service from which you arrived has supplied a <a href="{0}">link you may follow by clicking here</a>.
screen.service.sso.error.header=Re-Authentication Required to Access this Service
screen.service.sso.error.message=You attempted to access a service that requires authentication without re-authenticating. Please try <a href="{0}">authenticating again</a>.
screen.service.required.message=You attempted authentication without specifying the target application. Please re-examine the request and try again.
username.required=Username is a required field.
password.required=Password is a required field.
# Authentication failure messages
authenticationFailure.AccountDisabledException=This account has been disabled.
authenticationFailure.AccountLockedException=This account has been locked.
authenticationFailure.CredentialExpiredException=Your password has expired.
authenticationFailure.InvalidLoginLocationException=You cannot login from this workstation.
authenticationFailure.InvalidLoginTimeException=Your account is forbidden to login at this time.
authenticationFailure.AccountNotFoundException=Invalid credentials.
authenticationFailure.FailedLoginException=Invalid credentials.
authenticationFailure.UNKNOWN=Invalid credentials.
INVALID_REQUEST_PROXY=The request is incorrectly formatted. Ensure all required parameters are properly encoded and included.
INVALID_TICKET_SPEC=Ticket failed validation specification. Possible errors could include attempting to validate a Proxy Ticket via a Service Ticket validator, or not complying with the renew true request.
INVALID_REQUEST='service' and 'ticket' parameters are both required
INVALID_TICKET=Ticket ''{0}'' not recognized
INVALID_SERVICE=Ticket ''{0}'' does not match supplied service. The original service was ''{1}'' and the supplied service was ''{2}''.
INVALID_PROXY_CALLBACK=The supplied proxy callback url ''{0}'' could not be authenticated.
UNAUTHORIZED_SERVICE_PROXY=The supplied service ''{0}'' is not authorized to use CAS proxy authentication.
screen.service.error.header=Application Not Authorized to Use CAS
service.not.authorized.missing.attr=You are not authorized to access the application as your account \
is missing privileges required by the CAS server to authenticate into this service. Please notify your support desk.
screen.service.error.message=The application you attempted to authenticate to is not authorized to use CAS.
screen.service.empty.error.message=The services registry of CAS is empty and has no service definitions. \
Applications that wish to authenticate with CAS must explicitly be defined in the services registry.
# Password policy
password.expiration.warning=Your password expires in {0} day(s). Please <a href="{1}">change your password</a> now.
password.expiration.loginsRemaining=You have {0} login(s) remaining before you <strong>MUST</strong> change your password.
screen.accountdisabled.heading=This account has been disabled.
screen.accountdisabled.message=Please contact the system administrator to regain access.
screen.accountlocked.heading=This account has been locked.
screen.accountlocked.message=Please contact the system administrator to regain access.
screen.expiredpass.heading=Your password has expired.
screen.expiredpass.message=Please <a href="{0}">change your password</a>.
screen.mustchangepass.heading=You must change your password.
screen.mustchangepass.message=Please <a href="{0}">change your password</a>.
screen.badhours.heading=Your account is forbidden to login at this time.
screen.badhours.message=Please try again later.
screen.badworkstation.heading=You cannot login from this workstation.
screen.badworkstation.message=Please contact the system administrator to regain access.
# OAuth
screen.oauth.confirm.header=Authorization
screen.oauth.confirm.message=Do you want to grant access to your complete profile to "{0}" ?
screen.oauth.confirm.allow=Allow
# Unavailable
screen.unavailable.heading=CAS is Unavailable
screen.unavailable.message=There was an error trying to complete your request. \
<strong>Please notify your support desk or try again.</strong> \
<div>Apereo is a non-profit open source software governance foundation. The CAS software is an Apereo sponsored project \
and is freely downloadable and usable by anyone. However, Apereo does not operate the systems of anyone using the \
software and in most cases doesn't even know who is using it or how to contact them unless they are an active part \
of the Apereo community.<br/></br>If you are having problems logging in using CAS, \
<strong>you will need to contact the IT staff or Help Desk of your organization for assistance</strong>. \
<br/><br/>We wish we could be more directly helpful to you.</div>
#####################################################################
# SSO Sessions View
#####################################################################
# No sessions found screen
cas.ssosessions.loading=Loading SSO Sessions...
cas.ssosessions.nosessionsfound=No Sessions Found
cas.ssosessions.button.refresh=Refresh
# Report View
cas.ssosessions.report.pagetitle=SSO Sessions Report
cas.ssosessions.report.panel.totalactiveprincipals=Total Active Principals
cas.ssosessions.report.panel.usagecountsessions=Usage Count Sessions
cas.ssosessions.report.panel.totalssosessions=Total SSO Sessions
cas.ssosessions.buttons.removeall=Remove All Sessions
cas.ssosessions.buttons.removesingle=Remove
cas.ssosessions.buttons.filter.all=All
cas.ssosessions.buttons.filter.proxied=Proxied
cas.ssosessions.buttons.filter.nonproxied=Non-Proxied
cas.ssosessions.table.header.principal=Principal
cas.ssosessions.table.header.ticketgrantingticket=Ticket Granting Ticket
cas.ssosessions.table.header.authenticationdate=Authentication Date
cas.ssosessions.table.header.usagecount=Usage Count
# Remove Session AJAX messages
cas.sessions.ajax.error=There appears to be an error. Please try your request again.
cas.sessions.alert.removal.success.multi.partone=Successfully removed
cas.sessions.alert.removal.success.multi.parttwo=sessions.
cas.sessions.alert.removal.error.multi.partone=Error removing
cas.sessions.alert.removal.error.multi.parttwo=sessions. Please try your request again.
cas.sessions.alert.removal.success.single.partone=Successfully removed
cas.sessions.alert.removal.success.single.parttwo=session.
cas.sessions.alert.removal.error.single.partone=Error removing
cas.sessions.alert.removal.error.single.parttwo=Please try your request again.
# Ex of passing attributes
#footer.poweredBy=Powered by <a href="http://www.apereo.org/cas">Apereo Central Authentication Service {0}</a>
#<spring:message code="footer.poweredBy" arguments="<%=org.jasig.cas.CasVersion.getVersion()%>" />
#####################################################################
# Statistics View
#####################################################################
# Ticket Registry Section
cas.statistics.pagetitle=Statistics View
cas.statistics.section.ticket.title=Ticket Registry Statistics
cas.statistics.section.ticket.panel.unexpiredtgts.title=Unexpired TGTs
cas.statistics.section.ticket.panel.unexpiredsts.title=Unexpired STs
cas.statistics.section.ticket.panel.expiredtgts.title=Expired TGTs
cas.statistics.section.ticket.panel.expiredsts.title=Expired STs
cas.statistics.section.ticket.button=View SSO Sessions
# JVM Section
cas.statistics.section.serverstatistics.title=JVM Server Statistics
## memory gauges
cas.statistics.section.serverstatistics.freememorygauge.label=Total JVM Memory
cas.statistics.section.serverstatistics.maxmemorygauge.label=Max Memory
## Uptime
cas.statistics.section.serverstatistics.panel.uptime.title=Uptime
cas.statistics.section.serverstatistics.panel.uptime.day=day
cas.statistics.section.serverstatistics.panel.uptime.days=days
cas.statistics.section.serverstatistics.panel.uptime.hour=hour
cas.statistics.section.serverstatistics.panel.uptime.hours=hours
cas.statistics.section.serverstatistics.panel.uptime.minute=minute
cas.statistics.section.serverstatistics.panel.uptime.minutes=minutes
cas.statistics.section.serverstatistics.panel.uptime.second=second
cas.statistics.section.serverstatistics.panel.uptime.seconds=seconds
## Server Info
cas.statistics.section.serverstatistics.panel.serverinfo.title=Server Info
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.label=Property
cas.statistics.section.serverstatistics.panel.serverinfo.table.value.label=Value
## Property Names
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.server.label=Server
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.casticketsuffix.label=CAS Ticket Suffix
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.starttime.label=Server Start Time
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.uptime.label=Uptime
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.memory.label=Memory
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.free=free
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.total=total
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.maxmemory.label=Maximum Memory
cas.statistics.section.serverstatistics.panel.serverinfo.table.property.availprocessors.label=Available Processors
## Thread Dump Section
cas.statistics.section.threaddump.title=Thread Dump
cas.statistics.section.threaddump.button=View more
cas.statistics.section.threaddump.modal.title=Thread Dump
## Metrics Section
cas.statistics.section.metrics.title=Metrics
cas.statistics.section.metrics.button=View Metrics
## Modal
cas.statistics.modal.close.button=Close
##
## End Statistics View
#####################################################################
#####################################################################
# Configuration View
#####################################################################
# Error loading screen
cas.viewconfig.loading=Loading Configuration...
cas.viewconfig.errormessage=Error reading configuration
cas.viewconfig.button.refresh=Refresh
# Report View
cas.viewconfig.pagetitle=View Configuration
cas.viewconfig.table.column.key=Key
cas.viewconfig.table.column.value=Value
##
## End Configuration View
#####################################################################

108
src/main/resources/messages_zh_CN.properties Normal file
View File

@ -0,0 +1,108 @@
#Welcome Screen Messages
#
# Licensed to Apereo under one or more contributor license
# agreements. See the NOTICE file distributed with this work
# for additional information regarding copyright ownership.
# Apereo licenses this file to you under the Apache License,
# Version 2.0 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a
# copy of the License at the following location:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
screen.welcome.welcome=\u6b22\u8fce\u6765\u5230\u4e2d\u592e\u8ba4\u8bc1\u7cfb\u7edf\u3002\u9ed8\u8ba4\u7684\u8ba4\u8bc1\u5904\u7406\u5668\u652f\u6301\u90a3\u4e9b\u7528\u6237\u540d\u7b49\u4e8e\u5bc6\u7801\u7684\u8d26\u53f7\uff0c\u5f00\u53d1\u8005\u53ef\u4ee5\u8bd5\u8bd5\u770b\u3002
screen.welcome.security=\u51fa\u4e8e\u5b89\u5168\u8003\u8651\uff0c\u4e00\u65e6\u60a8\u8bbf\u95ee\u8fc7\u90a3\u4e9b\u9700\u8981\u60a8\u63d0\u4f9b\u51ed\u8bc1\u4fe1\u606f\u7684\u5e94\u7528\u65f6\uff0c\u8bf7\u64cd\u4f5c\u5b8c\u6210\u4e4b\u540e\u5173\u95ed\u6d4f\u89c8\u5668\u3002
screen.welcome.instructions=\u8bf7\u8f93\u5165\u60a8\u7684\u7528\u6237\u540d\u548c\u5bc6\u7801.
screen.welcome.label.netid=\u7528\u6237\u540d:
screen.welcome.label.netid.accesskey=n
screen.welcome.label.password=\u5bc6\u3000\u7801:
screen.welcome.label.password.accesskey=p
screen.welcome.label.warn=\u8f6c\u5411\u5176\u4ed6\u7ad9\u70b9\u524d\u63d0\u793a\u6211\u3002
screen.welcome.label.warn.accesskey=w
screen.welcome.button.login=\u767b\u5f55
screen.welcome.button.clear=\u91cd\u7f6e
logo.title=\u8f6c\u5230Apereo\u7f51\u7ad9\u9996\u9875
copyright=\u7248\u6743\u6240\u6709 &copy; 2005&ndash;2012 Apereo, Inc. \u4fdd\u7559\u5168\u90e8\u6743\u5229\u3002
# Blocked Errors Page
screen.blocked.header=\u8bbf\u95ee\u88ab\u62d2\u7edd
screen.blocked.message=\u8f93\u9519\u5bc6\u7801\u6b21\u6570\u592a\u591a\uff0c\u8d26\u53f7\u88ab\u9501\u5b9a\u3002
#Confirmation Screen Messages
screen.confirmation.message=\u5355\u51fb <a href="{0}">\u8fd9\u91cc</a> \uff0c\u4fbf\u80fd\u591f\u8bbf\u95ee\u5230\u76ee\u6807\u5e94\u7528\u3002
#Generic Success Screen Messages
screen.success.header=\u767b\u5f55\u6210\u529f
screen.success.success=\u60a8\u5df2\u7ecf\u6210\u529f\u767b\u5f55\u4e2d\u592e\u8ba4\u8bc1\u7cfb\u7edf\u3002
screen.success.security=\u51fa\u4e8e\u5b89\u5168\u8003\u8651\uff0c\u4e00\u65e6\u60a8\u8bbf\u95ee\u8fc7\u90a3\u4e9b\u9700\u8981\u60a8\u63d0\u4f9b\u51ed\u8bc1\u4fe1\u606f\u7684\u5e94\u7528\u65f6\uff0c\u8bf7\u64cd\u4f5c\u5b8c\u6210\u4e4b\u540e\u5173\u95ed\u6d4f\u89c8\u5668\u3002
#Logout Screen Messages
screen.logout.header=\u6ce8\u9500\u6210\u529f
screen.logout.success=\u60a8\u5df2\u7ecf\u6210\u529f\u9000\u51faCAS\u7cfb\u7edf\uff0c\u8c22\u8c22\u4f7f\u7528\uff01
screen.logout.security=\u51fa\u4e8e\u5b89\u5168\u8003\u8651\uff0c\u8bf7\u5173\u95ed\u60a8\u7684\u6d4f\u89c8\u5668\u3002
screen.logout.redirect=\u60a8\u53ef\u4ee5\u901a\u8fc7\u5982\u4e0bURL\u8bbf\u95ee\u5230\u76ee\u6807\u670d\u52a1\uff1a<a href="{0}">\u76ee\u6807\u670d\u52a1</a>.
screen.service.sso.error.header=\u5728\u8bbf\u95ee\u5230\u5230\u76ee\u6807\u670d\u52a1\u524d\uff0c\u4f60\u5fc5\u987b\u7ecf\u8fc7\u91cd\u65b0\u8ba4\u8bc1\u7684\u8003\u9a8c
screen.service.sso.error.message=\u4f60\u6b63\u8bd5\u56fe\u8bbf\u95ee\u8981\u6c42\u91cd\u65b0\u8ba4\u8bc1\u7684\u670d\u52a1\u3002\u8bf7\u5c1d\u8bd5\u8fdb\u884c<a href="{0}">\u518d\u6b21\u8ba4\u8bc1</a>\u3002
error.invalid.loginticket=\u60a8\u4e0d\u80fd\u591f\u518d\u6b21\u63d0\u4ea4\u5df2\u7ecf\u63d0\u4ea4\u8fc7\u7684\u8868\u5355\u3002
username.required=\u5fc5\u987b\u5f55\u5165\u7528\u6237\u540d\u3002
password.required=\u5fc5\u987b\u5f55\u5165\u5bc6\u7801\u3002
# Authentication failure messages
authenticationFailure.AccountDisabledException=\u8fd9\u4e2a\u8d26\u6237\u88ab\u7981\u7528\u4e86\u3002
authenticationFailure.AccountLockedException=\u8fd9\u4e2a\u8d26\u6237\u88ab\u4e0a\u9501\u4e86\u3002
authenticationFailure.CredentialExpiredException=\u4f60\u7684\u5bc6\u7801\u8fc7\u671f\u4e86\u3002
authenticationFailure.InvalidLoginLocationException=\u4f60\u4e0d\u80fd\u4ece\u8fd9\u4e2a\u5de5\u4f5c\u7ad9\u767b\u5f55\u3002
authenticationFailure.InvalidLoginTimeException=\u4f60\u7684\u8d26\u6237\u73b0\u5728\u88ab\u7981\u6b62\u767b\u5f55\u4e86\u3002
authenticationFailure.AccountNotFoundException=\u8ba4\u8bc1\u4fe1\u606f\u65e0\u6548\u3002
authenticationFailure.FailedLoginException=\u8ba4\u8bc1\u4fe1\u606f\u65e0\u6548\u3002
authenticationFailure.UNKNOWN=\u8ba4\u8bc1\u4fe1\u606f\u65e0\u6548\u3002
INVALID_REQUEST_PROXY=\u5fc5\u987b\u540c\u65f6\u63d0\u4f9b'pgt'\u548c'targetService'\u53c2\u6570
INVALID_TICKET_SPEC=\u6821\u9a8c\u7968\u6839\u5931\u8d25\u3002\u60a8\u53ef\u80fd\u91c7\u7528\u670d\u52a1\u7968\u6839\u6765\u6821\u9a8c\u4ee3\u7406\u7968\u6839\uff0c\u6216\u6ca1\u6709\u5c06renew\u8bbe\u4e3atrue\u3002
INVALID_REQUEST=\u5fc5\u987b\u540c\u65f6\u63d0\u4f9b'service'\u548c'ticket'\u53c2\u6570
INVALID_TICKET=\u672a\u80fd\u591f\u8bc6\u522b\u51fa\u76ee\u6807 ''{0}''\u7968\u6839
INVALID_SERVICE=\u7968\u6839''{0}''\u4e0d\u7b26\u5408\u76ee\u6807\u670d\u52a1
INVALID_PROXY_CALLBACK=\u6240\u63d0\u4f9b\u7684\u4ee3\u7406\u56de\u8c03\u7f51\u5740''{0}''\u4e0d\u80fd\u63d0\u4f9b\u8ba4\u8bc1\u3002
UNAUTHORIZED_SERVICE_PROXY=\u6240\u63d0\u4f9b\u7684\u670d\u52a1''{0}''\u6ca1\u6709\u6743\u9650\u4f7f\u7528CAS\u4ee3\u7406\u7684\u8ba4\u8bc1\u65b9\u5f0f\u3002
screen.service.error.header=\u672a\u8ba4\u8bc1\u6388\u6743\u7684\u670d\u52a1
screen.service.error.message=\u4e0d\u5141\u8bb8\u4f7f\u7528CAS\u6765\u8ba4\u8bc1\u60a8\u8bbf\u95ee\u7684\u76ee\u6807\u5e94\u7528\u3002
screen.service.empty.error.message=CAS\u7684\u670d\u52a1\u8bb0\u5f55\u662f\u7a7a\u7684\uff0c\u6ca1\u6709\u5b9a\u4e49\u670d\u52a1\u3002 \
\u5e0c\u671b\u901a\u8fc7CAS\u8fdb\u884c\u8ba4\u8bc1\u7684\u5e94\u7528\u7a0b\u5e8f\u5fc5\u987b\u5728\u670d\u52a1\u8bb0\u5f55\u4e2d\u660e\u786e\u5b9a\u4e49\u3002
# Password policy
password.expiration.warning=\u4f60\u7684\u5bc6\u7801\u4f1a\u5728{0}\u5929\u5185\u8fc7\u671f\u3002\u8bf7\u7acb\u523b<a href="{1}">\u4fee\u6539\u4f60\u7684\u5bc6\u7801</a>\u3002
password.expiration.loginsRemaining=\u5728<strong>\u5fc5\u987b</strong>\u4fee\u6539\u5bc6\u7801\u4e4b\u524d\uff0c\u4f60\u8fd8\u5269{0}\u6b21\u767b\u5f55\u3002
screen.accountdisabled.heading=\u8fd9\u4e2a\u8d26\u6237\u5df2\u7ecf\u88ab\u7981\u7528\u4e86\u3002
screen.accountdisabled.message=\u8bf7\u8054\u7cfb\u7cfb\u7edf\u7ba1\u7406\u5458\u6765\u91cd\u65b0\u83b7\u5f97\u8bbf\u95ee\u6743\u9650\u3002
screen.accountlocked.heading=\u8fd9\u4e2a\u8d26\u6237\u5df2\u7ecf\u88ab\u9501\u4f4f\u4e86\u3002
screen.accountlocked.message=\u8bf7\u8054\u7cfb\u7cfb\u7edf\u7ba1\u7406\u5458\u6765\u91cd\u65b0\u83b7\u5f97\u8bbf\u95ee\u6743\u9650\u3002
screen.expiredpass.heading=\u4f60\u7684\u5bc6\u7801\u5df2\u7ecf\u8fc7\u671f\u4e86\u3002
screen.expiredpass.message=\u8bf7<a href="{0}">\u4fee\u6539\u4f60\u7684\u5bc6\u7801</a>\u3002
screen.mustchangepass.heading=\u4f60\u5fc5\u987b\u4fee\u6539\u4f60\u7684\u5bc6\u7801\u3002
screen.mustchangepass.message=\u8bf7<a href="{0}">\u4fee\u6539\u4f60\u7684\u5bc6\u7801</a>\u3002
screen.badhours.heading=\u73b0\u5728\u4f60\u7684\u8d26\u6237\u88ab\u7981\u6b62\u767b\u5f55\u4e86\u3002
screen.badhours.message=\u8bf7\u7a0d\u540e\u518d\u8bd5\u3002
screen.badworkstation.heading=\u4f60\u4e0d\u80fd\u4ece\u8fd9\u4e2a\u5de5\u4f5c\u7ad9\u767b\u5f55\u3002
screen.badworkstation.message=\u8bf7\u8054\u7cfb\u7cfb\u7edf\u7ba1\u7406\u5458\u6765\u91cd\u65b0\u83b7\u5f97\u8bbf\u95ee\u6743\u9650\u3002
# OAuth
screen.oauth.confirm.header=\u6388\u6743
screen.oauth.confirm.message=\u8981\u6388\u6743"{0}"\u8bbf\u95ee\u4f60\u5168\u90e8\u4e2a\u4eba\u4fe1\u606f\u5417\uff1f
screen.oauth.confirm.allow=\u5141\u8bb8
# Unavailable
screen.unavailable.heading=CAS\u65e0\u6cd5\u4f7f\u7528
screen.unavailable.message=\u5728\u8bd5\u56fe\u5b8c\u6210\u4f60\u7684\u8bf7\u6c42\u65f6\u51fa\u9519\u3002\u8bf7\u901a\u77e5\u4f60\u7684\u6280\u672f\u652f\u6301\u6216\u91cd\u8bd5\u3002

29
src/main/resources/services/Apereo-10000002.json Normal file
View File

@ -0,0 +1,29 @@
{
"@class" : "org.jasig.cas.services.RegexRegisteredService",
"serviceId" : "^https://www.apereo.org",
"name" : "Apereo",
"theme" : "apereo",
"id" : 10000002,
"description" : "Apereo foundation sample service",
"proxyPolicy" : {
"@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy"
},
"evaluationOrder" : 1,
"usernameAttributeProvider" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider"
},
"logoutType" : "BACK_CHANNEL",
"attributeReleasePolicy" : {
"@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",
"principalAttributesRepository" : {
"@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"
},
"authorizedToReleaseCredentialPassword" : false,
"authorizedToReleaseProxyGrantingTicket" : false
},
"accessStrategy" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled" : true
}
}

28
src/main/resources/services/HTTPSandIMAPS-10000001.json Normal file
View File

@ -0,0 +1,28 @@
{
"@class" : "org.jasig.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps)://.*",
"name" : "HTTPS and IMAPS",
"id" : 10000001,
"description" : "This service definition authorized all application urls that support HTTPS and IMAPS protocols.",
"proxyPolicy" : {
"@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy"
},
"evaluationOrder" : 10000,
"usernameAttributeProvider" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider"
},
"logoutType" : "BACK_CHANNEL",
"attributeReleasePolicy" : {
"@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",
"principalAttributesRepository" : {
"@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"
},
"authorizedToReleaseCredentialPassword" : false,
"authorizedToReleaseProxyGrantingTicket" : false
},
"accessStrategy" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled" : true
}
}

BIN
src/main/resources/truststore.jks Normal file
View File

Binary file not shown.

58
src/test/java/org/jasig/cas/WiringTests.java Normal file
View File

@ -0,0 +1,58 @@
package org.jasig.cas;
import org.jasig.cas.authentication.principal.PrincipalFactory;
import org.junit.Before;
import org.junit.Test;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.core.io.ResourceLoader;
import org.springframework.mock.web.MockServletContext;
import org.springframework.web.context.support.XmlWebApplicationContext;
import static org.junit.Assert.*;
/**
* Unit test to verify Spring context wiring.
*
* @author Middleware Services
* @since 3.0.0
*/
public class WiringTests {
private XmlWebApplicationContext applicationContext;
@Before
public void setUp() {
applicationContext = new XmlWebApplicationContext();
applicationContext.setConfigLocations(
"classpath:/webappContext.xml",
"file:src/main/webapp/WEB-INF/cas-servlet.xml",
"file:src/main/webapp/WEB-INF/deployerConfigContext.xml",
"file:src/main/webapp/WEB-INF/spring-configuration/*.xml");
applicationContext.setServletContext(new MockServletContext(new ResourceLoader() {
@Override
public Resource getResource(final String location) {
return new FileSystemResource("src/main/webapp" + location);
}
@Override
public ClassLoader getClassLoader() {
return getClassLoader();
}
}));
applicationContext.refresh();
}
@Test
public void verifyWiring() throws Exception {
assertTrue(applicationContext.getBeanDefinitionCount() > 0);
}
@Test
public void checkPrincipalFactory() throws Exception {
final PrincipalFactory factory1 =
applicationContext.getBean("principalFactory", PrincipalFactory.class);
final PrincipalFactory factory2 =
applicationContext.getBean("principalFactory", PrincipalFactory.class);
assertEquals("principal factories should be equal instances", factory1, factory2);
}
}

44
src/test/resources/log4j2.xml Normal file
View File

@ -0,0 +1,44 @@
<?xml version="1.0" encoding="UTF-8" ?>
<Configuration shutdownHook="disable">
<Appenders>
<Console name="console" target="SYSTEM_OUT">
<PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>
</Console>
<RollingFile name="file" fileName="cas.log" append="true"
filePattern="cas-%d{yyyy-MM-dd-HH}-%i.log">
<PatternLayout pattern="%d %p [%c] - %m%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<SizeBasedTriggeringPolicy size="10 MB"/>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>
<RollingFile name="perfFileAppender" fileName="target/perfStats.log" append="true"
filePattern="perfStats-%d{yyyy-MM-dd-HH}-%i.log">
<PatternLayout pattern="%m%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<SizeBasedTriggeringPolicy size="10 MB"/>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>
</Appenders>
<Loggers>
<Logger name="org.springframework" level="warn" />
<Logger name="org.springframework.webflow" level="warn" />
<Logger name="org.jasig" level="info">
<AppenderRef ref="file"/>
</Logger>
<Logger name="org.jasig.cas.web.flow" level="info" additivity="true">
<AppenderRef ref="file"/>
</Logger>
<Logger name="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" level="info">
<AppenderRef ref="file"/>
</Logger>
<Root level="error">
<AppenderRef ref="console"/>
</Root>
</Loggers>
</Configuration>

21
src/test/resources/webappContext.xml Normal file
View File

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<util:map id="serviceThemeResolverSupportedBrowsers">
<entry key=".*iPhone.*" value="iphone"/>
<entry key=".*Android.*" value="android"/>
<entry key=".*Safari.*Pre.*" value="safari"/>
<entry key=".*Nokia.*AppleWebKit.*" value="nokiawebkit"/>
</util:map>
</beans>

34
start.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
#!/bin/bash
# get real path of softlink
get_real_path() {
local f="$1"
while [ -h "$f" ]; do
ls=`ls -ld "$f"`
link=`expr "$ls" : '.*-> \(.*\)$'`
if expr "$link" : '/.*' > /dev/null; then
f="$link"
else
f=`dirname "$f"`/"$link"
fi
done
echo "$f"
}
prg_path=$(get_real_path "$0")
echo "Script path [$prg_path]"
# Service Home
pushd $(dirname "$prg_path") > /dev/null
WORK_DIR=$(pwd)
echo "Work dir [$WORK_DIR]"
mvn -T 4C -DskipTests clean \
spring-boot:run \
-Dspring-boot.run.jvmArguments='-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8000' \
-Dspring-boot.run.fork=false
popd > /dev/null