or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

Files

docs

authentication.mdconfiguration.mdindex.mdjson-serialization.mdticket-caching.mduser-details.mdweb-integration.md

configuration.mddocs/

0
# Configuration
1


2
Service properties and SAML configuration for defining CAS service parameters, authentication behavior, and protocol-specific settings. These classes provide the foundational configuration needed to integrate with CAS servers.
3


4
## Capabilities
5


6
### Service Properties
7


8
Core configuration properties for CAS service integration, defining service URLs, parameter names, and authentication behavior.
9


10
```java { .api }
11
/**
12
 * Stores properties related to the service URL and other CAS-related configuration.
13
 * Must be configured with the service URL that CAS will redirect back to after authentication.
14
 */
15
public class ServiceProperties implements InitializingBean {
16
    
17
    /** Default parameter name for CAS artifact/ticket (value: "ticket") */
18
    public static final String DEFAULT_CAS_ARTIFACT_PARAMETER = "ticket";
19
    
20
    /** Default parameter name for service URL (value: "service") */
21
    public static final String DEFAULT_CAS_SERVICE_PARAMETER = "service";
22
    
23
    /**
24
     * Gets the service URL that CAS will redirect to after authentication.
25
     * @return the service URL
26
     */
27
    public String getService();
28
    
29
    /**
30
     * Sets the service URL that CAS will redirect to after authentication.
31
     * Must be accessible by both the user's browser and the CAS server.
32
     * @param service the service URL (required)
33
     */
34
    public void setService(String service);
35
    
36
    /**
37
     * Indicates whether renew=true should be sent to the CAS login URL.
38
     * @return true if renew should be sent
39
     */
40
    public boolean isSendRenew();
41
    
42
    /**
43
     * Sets whether renew=true should be sent to the CAS login URL.
44
     * When true, forces fresh authentication even if user has valid CAS session.
45
     * @param sendRenew true to force fresh authentication
46
     */
47
    public void setSendRenew(boolean sendRenew);
48
    
49
    /**
50
     * Gets the artifact parameter name (defaults to "ticket").
51
     * @return the artifact parameter name
52
     */
53
    public String getArtifactParameter();
54
    
55
    /**
56
     * Sets the artifact parameter name used in requests.
57
     * @param artifactParameter the parameter name for CAS tickets
58
     */
59
    public void setArtifactParameter(String artifactParameter);
60
    
61
    /**
62
     * Gets the service parameter name (defaults to "service").
63
     * @return the service parameter name
64
     */
65
    public String getServiceParameter();
66
    
67
    /**
68
     * Sets the service parameter name used in requests.
69
     * @param serviceParameter the parameter name for service URL
70
     */
71
    public void setServiceParameter(String serviceParameter);
72
    
73
    /**
74
     * Indicates if all artifacts should be authenticated, not just stateful ones.
75
     * @return true if all artifacts should be authenticated
76
     */
77
    public boolean isAuthenticateAllArtifacts();
78
    
79
    /**
80
     * Sets whether all artifacts should be authenticated.
81
     * When false, only stateful artifacts are authenticated.
82
     * @param authenticateAllArtifacts true to authenticate all artifacts
83
     */
84
    public void setAuthenticateAllArtifacts(boolean authenticateAllArtifacts);
85
    
86
    /**
87
     * Validates that required properties are set.
88
     * @throws IllegalArgumentException if service URL is not set
89
     */
90
    public void afterPropertiesSet() throws IllegalArgumentException;
91
}
92
```
93


94
**Usage Example:**
95


96
```java
97
@Bean
98
public ServiceProperties serviceProperties() {
99
    ServiceProperties serviceProperties = new ServiceProperties();
100
    serviceProperties.setService("https://myapp.example.com/login/cas");
101
    serviceProperties.setSendRenew(false);
102
    serviceProperties.setAuthenticateAllArtifacts(true);
103
    return serviceProperties;
104
}
105
```
106


107
### SAML Service Properties
108


109
SAML-specific configuration extending `ServiceProperties` with SAML protocol parameter defaults.
110


111
```java { .api }
112
/**
113
 * SAML-specific service properties with different default parameter names.
114
 * Used when integrating with CAS servers that support SAML protocol.
115
 */
116
public final class SamlServiceProperties extends ServiceProperties {
117
    
118
    /** Default SAML artifact parameter name (value: "SAMLart") */
119
    public static final String DEFAULT_SAML_ARTIFACT_PARAMETER = "SAMLart";
120
    
121
    /** Default SAML service parameter name (value: "TARGET") */
122
    public static final String DEFAULT_SAML_SERVICE_PARAMETER = "TARGET";
123
    
124
    /**
125
     * Creates SAML service properties with SAML-specific parameter defaults.
126
     * Sets artifact parameter to "SAMLart" and service parameter to "TARGET".
127
     */
128
    public SamlServiceProperties();
129
}
130
```
131


132
**Usage Example:**
133


134
```java
135
@Bean
136
public ServiceProperties samlServiceProperties() {
137
    SamlServiceProperties serviceProperties = new SamlServiceProperties();
138
    serviceProperties.setService("https://myapp.example.com/saml/cas");
139
    return serviceProperties;
140
}
141
```
142


143
## Configuration Examples
144


145
### Basic CAS Configuration
146


147
```java
148
@Configuration
149
public class CasConfig {
150
    
151
    @Bean
152
    public ServiceProperties serviceProperties() {
153
        ServiceProperties props = new ServiceProperties();
154
        props.setService("https://localhost:8080/login/cas");
155
        props.setSendRenew(false);
156
        props.setAuthenticateAllArtifacts(false); // Only authenticate stateful tickets
157
        return props;
158
    }
159
}
160
```
161


162
### SAML CAS Configuration
163


164
```java
165
@Configuration  
166
public class SamlCasConfig {
167
    
168
    @Bean
169
    public ServiceProperties samlServiceProperties() {
170
        SamlServiceProperties props = new SamlServiceProperties();
171
        props.setService("https://localhost:8080/saml/login");
172
        props.setSendRenew(true); // Force fresh authentication
173
        return props;
174
    }
175
}
176
```
177


178
### Custom Parameter Names
179


180
```java
181
@Configuration
182
public class CustomCasConfig {
183
    
184
    @Bean
185
    public ServiceProperties customServiceProperties() {
186
        ServiceProperties props = new ServiceProperties();
187
        props.setService("https://localhost:8080/custom/cas");
188
        props.setArtifactParameter("casticket"); // Custom ticket parameter
189
        props.setServiceParameter("returnto");   // Custom service parameter
190
        return props;
191
    }
192
}
193
```
194


195
## Configuration Validation
196


197
The `ServiceProperties.afterPropertiesSet()` method validates configuration:
198


199
- **Service URL Required**: The service URL must be set and non-empty
200
- **URL Format**: Service URL should be a valid HTTP/HTTPS URL
201
- **Accessibility**: Service URL must be accessible by both user browsers and CAS server
202


203
## Integration Notes
204


205
- Service URL must match the URL pattern configured in CAS server's service registry
206
- For load-balanced applications, use consistent service URLs across all instances
207
- HTTPS is strongly recommended for production service URLs
208
- Consider using context-relative URLs for flexibility across environments