Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

This page is a place to evolve a CAS 3 domain model for tickets.

Ticket

public Interface Ticket {

   /**
    * Get the Date at which this Ticket was created.
    */
    public Date getTimestamp();


   /**
    * Returns true if this ticekt as valid, false otherwise.
    */
    public boolean isValid();

}
TicketGrantingTicket

public Interface TicketGrantingTicket 
    extends Ticket {

   /**
    * Get the Principal which owns this TicketGrantingTicket and may exercise it
    * to obtain a TargettedTicket for authentication to a particular URL. 
    * For instance, in the case of a SSOTicket this Principal is the end user who authenticated
    * to CAS by presentation of Primary Credentials.
    * In the case of a ProxyGrantingTicket, this is the URL to which the PGT was vended.
    */
    public Principal getPrincipal();


   /**
    * Derive from this TicketGrantingTicket a TargettedTicket for use in authenticating
    * to some particular target.
    */
    public TargettedTicket deriveTicket(URL target);

}
SSOTicket
public Class SSOTicket implements TicketGrantingTicket {

    private final Date whenCreated = new Date();

    private final Principal authenticatedUser;

    private final ExpirationPolicy expPolicy;

    private final ExpirationPolicyFactory expPolicyFactory;


    public SSOTicket(Principal authenticatedUser, 
        ExpirationPolicy expPolicy, 
        ExpirationPolicyFactory expPolicyFactory) {
       this.authenticatedUser = authenticatedUser;
       this.expPolicy = expPolicy;
       this.expPolicyFactory = expPolicyFactory;
    }

    public Principal getUser() {
       return this.authenticatedUser;
    }

    public boolean isValid() {
         return this.expPolicy.isValid();
    }

    public void expire() {
        this.expPolicy.expire();
    }

    public TargettedTicket deriveTicket(URL target) {

        return new TargettedTicketImpl(target, this, this.expPolicyFactory.buildPolicyInstance());

    }

}
ProxyGrantingTicket
public Class ProxyGrantingTicket 
    implements TicketGrantingTicket, DerivedTicket {

    private final Date whenCreated = new Date();

    private final Principal authenticatedUser;

    private final ExpirationPolicy expPolicy;

    private final ExpirationPolicyFactory expPolicyFactory;

    private final TicketGrantingTicket parent;


    public ProxyGrantingTicket(Principal proxyingService, 
        ExpirationPolicy expPolicy, 
        ExpirationPolicyFactory expPolicyFactory, 
        TicketGrantingTicket parent) {

       this.authenticatedUser = authenticatedUser;
       this.expPolicy = expPolicy;
       this.expPolicyFactory = expPolicyFactory;
       this.parent = parent;
    }

    public Principal getUser() {
       return this.authenticatedUser;
    }

    public boolean isValid() {
         return this.expPolicy.isValid();
    }

    public void expire() {
        this.expPolicy.expire();
    }

    public TargettedTicket deriveTicket(URL target) {

        return new TargettedTicketImpl(target, this, this.expPolicyFactory.buildPolicyInstance());

    }

    public TicketGrantingTicket getParant() {
        return this.parent;
    }

}
DerivedTicket

public Interface DerivedTicket 
    extends Ticket {

   /**
    * Get the TicketGrantingTicket from which this ticket was derived.
    */
    public TicketGrantingTicket getParent();

}
TargettedTicket

public Interface TargettedTicket
    extends DerivedTicket {

   /**
    * Get the URL to which this ticket will authenticate.
    */
    public URL getTarget();

   /**
    * Get the chain of principals through which authentication has passed
    * in producing this targetted ticket, starting with the most recent principal
    * and leading back to the originally authenticating User.
    */
    public List getPrincipalChain();

}
TargettedTicketImpl
public Class TargettedTicketImpl implements TargettedTicket {

    private final Date whenCreated = new Date();

    private final ExpirationPolicy expPolicy;

    private final TicketGrantingTicket parent;

    private final URL target;


    public SSOTicket(URL target, TicketGrantingTicket parent, ExpirationPolicy expPolicy) {
       this.target = target;
       this.parent = parent;
       this.expPolicy = expPolicy;
    }

    public boolean isValid() {
         return this.expPolicy.isValid()
             && this.parent.isValid();
    }

    public URL getTarget() {
        return this.target;
    }

    public List getPrincipalChain() {
      
      List principalChain = new ArrayList();

      TicketGrantingTicket ancestor = this.parent;

      while (ancestor != null) {

         principalChain.add(ancestor.getPrincipal());

         if (parent instanceof DerivedTicket) {
              DerivedTicket ancestorIsAlsoAChild = (DerivedTicket) ancestor;
              ancestor = ancestor.getParent();
         } else {
              // perhaps an ugly way of breaking out of this while loop
              ancestor = null;
         }

     }
            
     return principalChain;
    }

}
  • No labels