Merge pull request #220 from mmoayyed/tomcat85x

Add support for tomcat 8.5.x
apereo · Oct 6, 2017 · d999745 · d999745
2 parents c2a75e9 + 4fc3f42
commit d999745
Show file tree

Hide file tree

Showing 18 changed files with 1,213 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -26,9 +26,9 @@ files in the modules (`cas-client-integration-jboss` and `cas-client-support-dis
 
 ```xml
 <dependency>
-	<groupId>org.jasig.cas.client</groupId>
-	<artifactId>cas-client-core</artifactId>
-	<version>${java.cas.client.version}</version>
+    <groupId>org.jasig.cas.client</groupId>
+    <artifactId>cas-client-core</artifactId>
+    <version>${java.cas.client.version}</version>
 </dependency>
 ```
 
@@ -102,7 +102,7 @@ files in the modules (`cas-client-integration-jboss` and `cas-client-support-dis
 </dependency>
 ```
 
-- Tomcat 8 is provided by this dependency:
+- Tomcat 8.0.x is provided by this dependency:
 
 ```xml
 <dependency>
@@ -111,6 +111,17 @@ files in the modules (`cas-client-integration-jboss` and `cas-client-support-dis
    <version>${java.cas.client.version}</version>
 </dependency>
 ```
+
+- Tomcat 8.5.x is provided by this dependency:
+
+```xml
+<dependency>
+   <groupId>org.jasig.cas.client</groupId>
+   <artifactId>cas-client-integration-tomcat-v85</artifactId>
+   <version>${java.cas.client.version}</version>
+</dependency>
+```
+
 <a name="configurtion"></a>
 ## Configuration
 
@@ -786,17 +797,17 @@ The `WebAuthenticationFilter` performs these operations for the JBoss AS contain
 ```xml
 ...
 <filter>
-	<filter-name>CASWebAuthenticationFilter</filter-name>
-	<filter-class>org.jasig.cas.client.jboss.authentication.WebAuthenticationFilter</filter-class>
+    <filter-name>CASWebAuthenticationFilter</filter-name>
+    <filter-class>org.jasig.cas.client.jboss.authentication.WebAuthenticationFilter</filter-class>
 </filter>
 
 <filter>
-	<filter-name>CASAuthenticationFilter</filter-name>
-	<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
-	<init-param>
-	  <param-name>casServerLoginUrl</param-name>
-	  <param-value>https://cas.example.com/cas/login</param-value>
-	</init-param>
+    <filter-name>CASAuthenticationFilter</filter-name>
+    <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
+    <init-param>
+      <param-name>casServerLoginUrl</param-name>
+      <param-value>https://cas.example.com/cas/login</param-value>
+    </init-param>
 </filter>
 ...
 <!-- one filter-mapping for each filter as seen in the examples above -->
@@ -848,7 +859,12 @@ CAS authentication support for Tomcat is based on the Tomcat-specific Realm comp
 
 <a name="component-overview"></a>
 ### Component Overview
-In the following discussion of components, only the Tomcat 8.x components are mentioned. The Tomcat 7.0.x and 6.0.x components have exactly the same name, but **are in the tomcat.v7 and tomcat.v6 packages**, e.g. `org.jasig.cas.client.tomcat.v7.Cas20CasAuthenticator` or `org.jasig.cas.client.tomcat.v6.Cas20CasAuthenticator`.
+In the following discussion of components, only the Tomcat 8.x components are mentioned. Tomcat 8.0.x components are housed inside
+`org.jasig.cas.client.tomcat.v8` while Tomcat 8.5.x components are inside `org.jasig.cas.client.tomcat.v85`. You should be able to use
+the same exact configuration between the two modules provided package names are adjusted for each release. 
+
+The Tomcat 7.0.x and 6.0.x components have exactly the same name, but **are in the tomcat.v7 and tomcat.v6 packages**, e.g. 
+`org.jasig.cas.client.tomcat.v7.Cas20CasAuthenticator` or `org.jasig.cas.client.tomcat.v6.Cas20CasAuthenticator`.
 
 <a name="authenticators"></a>
 #### Authenticators

diff --git a/cas-client-integration-tomcat-v85/NOTICE b/cas-client-integration-tomcat-v85/NOTICE
@@ -0,0 +1,30 @@
+Licensed to Apereo under one or more contributor license
+agreements. See the NOTICE file distributed with this work
+for additional information regarding copyright ownership.
+Apereo licenses this file to you under the Apache License,
+Version 2.0 (the "License"); you may not use this file
+except in compliance with the License.  You may obtain a
+copy of the License at the following location:
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+
+This project includes:
+  Jasig CAS Client for Java - Common Tomcat Integration Support under Apache License Version 2.0
+  Jasig CAS Client for Java - Core under Apache License Version 2.0
+  Jasig CAS Client for Java - SAML Protocol Support under Apache License Version 2.0
+  Jasig CAS Client for Java - Tomcat 8.x Integration under Apache License Version 2.0
+  Java Servlet API under CDDL + GPLv2 with classpath exception
+  JCL 1.1.1 implemented over SLF4J under MIT License
+  Joda-Time under Apache 2
+  JUnit under Common Public License Version 1.0
+  SLF4J API Module under MIT License
+  SLF4J Simple Binding under MIT License
+  tomcat-catalina under Apache License, Version 2.0
+
diff --git a/cas-client-integration-tomcat-v85/pom.xml b/cas-client-integration-tomcat-v85/pom.xml
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>cas-client</artifactId>
+        <groupId>org.jasig.cas.client</groupId>
+        <version>3.5.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>cas-client-integration-tomcat-v85</artifactId>
+    <packaging>jar</packaging>
+    <name>Jasig CAS Client for Java - Tomcat 8.5.x Integration</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.jasig.cas.client</groupId>
+            <artifactId>cas-client-integration-tomcat-common</artifactId>
+            <version>${project.version}</version>
+            <type>jar</type>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jasig.cas.client</groupId>
+            <artifactId>cas-client-support-saml</artifactId>
+            <version>${project.version}</version>
+            <type>jar</type>
+            <scope>compile</scope>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-core</artifactId>
+            <version>8.5.16</version>
+            <type>jar</type>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.tomcat</groupId>
+            <artifactId>tomcat-catalina</artifactId>
+            <version>8.5.16</version>
+            <type>jar</type>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                  <groupId>org.apache.tomcat</groupId>
+                  <artifactId>tomcat-servlet-api</artifactId>
+                </exclusion>
+                <exclusion>
+                  <groupId>org.apache.tomcat</groupId>
+                  <artifactId>tomcat-juli</artifactId>
+                </exclusion>
+                <exclusion>
+                  <groupId>org.apache.tomcat</groupId>
+                  <artifactId>tomcat-annotations-api</artifactId>
+                </exclusion>
+                <exclusion>
+                  <groupId>org.apache.tomcat</groupId>
+                  <artifactId>tomcat-api</artifactId>
+                </exclusion>
+                <exclusion>
+                  <groupId>org.apache.tomcat</groupId>
+                  <artifactId>tomcat-util</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>org.jasig.cas.client</groupId>
+            <artifactId>cas-client-core</artifactId>
+            <version>${project.version}</version>
+            <type>jar</type>
+            <scope>compile</scope>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/...ation-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/AbstractAuthenticator.java b/...ation-tomcat-v85/src/main/java/org/jasig/cas/client/tomcat/v85/AbstractAuthenticator.java
@@ -0,0 +1,200 @@
+/*
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work
+ * for additional information regarding copyright ownership.
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License.  You may obtain a
+ * copy of the License at the following location:
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.jasig.cas.client.tomcat.v85;
+
+import java.io.IOException;
+import java.security.Principal;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.catalina.*;
+import org.apache.catalina.authenticator.AuthenticatorBase;
+import org.apache.catalina.connector.Request;
+import org.jasig.cas.client.tomcat.AuthenticatorDelegate;
+import org.jasig.cas.client.tomcat.CasRealm;
+import org.jasig.cas.client.util.CommonUtils;
+import org.jasig.cas.client.validation.TicketValidator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Base authenticator for all authentication protocols supported by CAS.
+ * 
+ * @author Scott Battaglia
+ * @version $Revision$ $Date$
+ * @since 3.1.12
+ */
+public abstract class AbstractAuthenticator extends AuthenticatorBase implements LifecycleListener {
+
+    protected final Logger logger = LoggerFactory.getLogger(getClass());
+
+    private final AuthenticatorDelegate delegate = new AuthenticatorDelegate();
+
+    private String casServerUrlPrefix;
+
+    private String encoding;
+
+    private boolean encode;
+
+    private boolean renew;
+
+    protected abstract String getAuthenticationMethod();
+
+    /**
+     * Provided for Tomcat 7.0.8 support.
+     *
+     * @return the authentication method.
+     */
+    protected String getAuthMethod() {
+        return getAuthenticationMethod();
+    }
+
+    /**
+     * Abstract method that subclasses should use to provide the name of the artifact parameter (i.e. ticket)
+     *
+     * @return the artifact parameter name.  CANNOT be NULL.
+     */
+    protected abstract String getArtifactParameterName();
+
+    /**
+     * Abstract method that subclasses should use to provide the name of the service parameter (i.e. service)
+     *
+     * @return the service parameter name.  CANNOT be NULL.
+     */
+    protected abstract String getServiceParameterName();
+
+    /**
+     * Returns the single instance of the ticket validator to use to validate tickets.  Sub classes should include
+     * the one appropriate for the
+     *
+     * @return a fully configured ticket validator.  CANNOT be NULL.
+     */
+    protected abstract TicketValidator getTicketValidator();
+
+    protected void startInternal() throws LifecycleException {
+        super.startInternal();
+        logger.debug("{} starting.", getName());
+        final Realm realm = this.context.getRealm();
+        try {
+            CommonUtils.assertTrue(realm instanceof CasRealm, "Expected CasRealm but got " + realm.getClass());
+            CommonUtils.assertNotNull(this.casServerUrlPrefix, "casServerUrlPrefix cannot be null.");
+            CommonUtils.assertNotNull(this.delegate.getCasServerLoginUrl(), "casServerLoginUrl cannot be null.");
+            CommonUtils.assertTrue(this.delegate.getServerName() != null || this.delegate.getServiceUrl() != null,
+                    "either serverName or serviceUrl must be set.");
+            this.delegate.setRealm((CasRealm) realm);
+        } catch (final Exception e) {
+            throw new LifecycleException(e);
+        }
+        // Complete delegate initialization after the component is started.
+        // See #lifecycleEvent() method.
+        addLifecycleListener(this);
+    }
+
+    protected final String getCasServerUrlPrefix() {
+        return this.casServerUrlPrefix;
+    }
+
+    public final void setCasServerUrlPrefix(final String casServerUrlPrefix) {
+        this.casServerUrlPrefix = casServerUrlPrefix;
+    }
+
+    public final void setCasServerLoginUrl(final String casServerLoginUrl) {
+        this.delegate.setCasServerLoginUrl(casServerLoginUrl);
+    }
+
+    public final boolean isEncode() {
+        return this.encode;
+    }
+
+    public final void setEncode(final boolean encode) {
+        this.encode = encode;
+    }
+
+    protected final boolean isRenew() {
+        return this.renew;
+    }
+
+    public void setRenew(final boolean renew) {
+        this.renew = renew;
+    }
+
+    public final void setServerName(final String serverName) {
+        this.delegate.setServerName(serverName);
+    }
+
+    public final void setServiceUrl(final String serviceUrl) {
+        this.delegate.setServiceUrl(serviceUrl);
+    }
+
+    protected final String getEncoding() {
+        return this.encoding;
+    }
+
+    public final void setEncoding(final String encoding) {
+        this.encoding = encoding;
+    }
+
+    /** {@inheritDoc} */
+    @Override
+    protected boolean doAuthenticate(final Request request,
+                                     final HttpServletResponse httpServletResponse) throws IOException {
+        Principal principal = request.getUserPrincipal();
+        boolean result = false;
+        if (principal == null) {
+            // Authentication sets the response headers for status and redirect if needed
+            principal = this.delegate.authenticate(request.getRequest(), request.getResponse());
+            if (principal != null) {
+                register(request, request.getResponse(), principal, getAuthenticationMethod(), null, null);
+                result = true;
+            }
+        } else {
+            result = true;
+        }
+        return result;
+    }
+
+    /** {@inheritDoc} */
+    public void lifecycleEvent(final LifecycleEvent event) {
+        if (AFTER_START_EVENT.equals(event.getType())) {
+            logger.debug("{} processing lifecycle event {}", getName(), AFTER_START_EVENT);
+            this.delegate.setTicketValidator(getTicketValidator());
+            this.delegate.setArtifactParameterName(getArtifactParameterName());
+            this.delegate.setServiceParameterName(getServiceParameterName());
+        }
+    }
+
+    /** {@inheritDoc} */
+    public String getInfo() {
+        return getName() + "/1.0";
+    }
+
+    /** {@inheritDoc} 
+     * @throws LifecycleException */
+    protected synchronized void setState(final LifecycleState state, final Object data) throws LifecycleException {
+        super.setState(state, data);
+        if (LifecycleState.STARTED.equals(state)) {
+            logger.info("{} started.", getName());
+        }
+    }
+
+    /**
+     * @return  Authenticator descriptive name.
+     */
+    protected abstract String getName();
+}