tessl/maven-org-apereo-cas--cas-server-core-multitenancy
Apereo CAS Core Multitenancy library providing tenant management capabilities for Central Authentication Service
—
Pending
tenant-management.mddocs/
Tenant Management
Core functionality for managing tenant definitions, including loading from JSON configuration files, providing lookup capabilities, and supporting dynamic configuration reloading through file system monitoring.
Capabilities
TenantsManager Interface
The central interface for tenant management operations, providing methods to find and retrieve tenant definitions.
/**
* Central interface for managing tenant definitions
*/
public interface TenantsManager {
String BEAN_NAME = "tenantsManager";
/**
* Find tenant by tenant ID
* @param tenantId the tenant identifier to search for
* @return Optional containing the tenant definition if found, empty otherwise
*/
Optional<TenantDefinition> findTenant(String tenantId);
/**
* Retrieve all tenant definitions
* @return List of all configured tenant definitions
*/
List<TenantDefinition> findTenants();
}DefaultTenantsManager Implementation
Default implementation of TenantsManager that supports JSON-based configuration with file watching capabilities.
/**
* Default implementation of TenantsManager with JSON configuration support
* Implements DisposableBean for proper resource cleanup
*/
public class DefaultTenantsManager implements TenantsManager, DisposableBean {
/**
* Default constructor - creates manager without configuration resource
*/
public DefaultTenantsManager();
/**
* Constructor with resource-based configuration
* @param resource Spring Resource pointing to tenant configuration file (typically JSON)
*/
public DefaultTenantsManager(Resource resource);
/**
* Find tenant by ID (inherited from TenantsManager)
* @param tenantId the tenant identifier
* @return Optional containing tenant definition if found
*/
@Override
public Optional<TenantDefinition> findTenant(String tenantId);
/**
* Get all tenant definitions (inherited from TenantsManager)
* @return List of all tenant definitions
*/
@Override
public List<TenantDefinition> findTenants();
/**
* Cleanup method for proper resource disposal (from DisposableBean)
* Stops file watching service if active
*/
@Override
public void destroy();
}Usage Examples:
import org.apereo.cas.multitenancy.*;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.FileSystemResource;
// Create manager with classpath resource
Resource config = new ClassPathResource("tenants.json");
TenantsManager manager = new DefaultTenantsManager(config);
// Create manager with file system resource
Resource fileConfig = new FileSystemResource("/etc/cas/tenants.json");
TenantsManager fileManager = new DefaultTenantsManager(fileConfig);
// Find specific tenant
Optional<TenantDefinition> tenant = manager.findTenant("organization1");
if (tenant.isPresent()) {
TenantDefinition def = tenant.get();
System.out.println("Found tenant: " + def.getId());
System.out.println("Description: " + def.getDescription());
}
// Get all tenants
List<TenantDefinition> allTenants = manager.findTenants();
for (TenantDefinition tenant : allTenants) {
System.out.println("Tenant ID: " + tenant.getId());
}Configuration Format
The DefaultTenantsManager expects JSON configuration files with the following structure:
[
{
"@class": "org.apereo.cas.multitenancy.TenantDefinition",
"id": "tenant1",
"description": "First Organization",
"authenticationPolicy": {
"@class": "org.apereo.cas.multitenancy.DefaultTenantAuthenticationPolicy",
"authenticationHandlers": ["handler1", "handler2"],
"authenticationProtocolPolicy": {
"@class": "org.apereo.cas.multitenancy.TenantCasAuthenticationProtocolPolicy",
"supportedProtocols": ["CAS30", "CAS20"]
}
},
"communicationPolicy": {
"@class": "org.apereo.cas.multitenancy.DefaultTenantCommunicationPolicy",
"emailCommunicationPolicy": {
"host": "smtp.tenant1.com",
"port": 587,
"username": "cas@tenant1.com",
"from": "noreply@tenant1.com"
}
},
"delegatedAuthenticationPolicy": {
"@class": "org.apereo.cas.multitenancy.DefaultTenantDelegatedAuthenticationPolicy",
"allowedProviders": ["Google", "GitHub"]
},
"multifactorAuthenticationPolicy": {
"@class": "org.apereo.cas.multitenancy.DefaultTenantMultifactorAuthenticationPolicy",
"globalProviderIds": ["mfa-duo", "mfa-totp"]
}
}
]File Watching
The DefaultTenantsManager automatically sets up file system monitoring when a file-based resource is provided:
- Automatic Reloading: Configuration changes are detected and applied without restart
- Error Handling: Invalid configurations are logged but don't break existing tenant definitions
- Resource Cleanup: File watchers are properly disposed when the manager is destroyed
File Watching Behavior:
// File watching is automatically enabled for file-based resources
Resource fileResource = new FileSystemResource("/etc/cas/tenants.json");
DefaultTenantsManager manager = new DefaultTenantsManager(fileResource);
// The manager will monitor the file for changes and reload tenant definitions
// when the file is modified, created, or deleted
// Proper cleanup when done
manager.destroy(); // Stops file watching and releases resourcesError Handling
The tenant management system handles various error conditions gracefully:
- Missing Configuration: Empty tenant list returned if no configuration file exists
- Invalid JSON: Existing tenant definitions preserved, errors logged
- File Access Issues: Graceful degradation with logging
- Tenant Not Found: Optional.empty() returned rather than exceptions
Install with Tessl CLI
npx tessl i tessl/maven-org-apereo-cas--cas-server-core-multitenancy