Uploaded image for project: 'CAS Server'
  1. CAS Server
  2. CAS-973

Remember me support through SAML validation

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.4.9
    • Component/s: None
    • Labels:
      None

      Description

      I think remember me is a must-have feature so it would be great if SAML validation could notify the client application that the user is in remember mode (configured like this : https://wiki.jasig.org/display/CASUM/Remember+Me).

      For service ticket validation through SAML (/samlValidate), I would change the Saml10SuccessResponseView class :

      • add a constant :

      private static final String REMEMBERME_ATTRIBUTE_NAME = "isRemembered";

      • change the way of calculating SAML attributes :

      // remember me
      boolean isRemembered = (authentication.getAttributes()
      .get(RememberMeCredentials.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME) == Boolean.TRUE && !assertion
      .isFromNewLogin());

      if (!authentication.getPrincipal().getAttributes().isEmpty() || isRemembered) {
      final SAMLAttributeStatement attributeStatement = new SAMLAttributeStatement();

      attributeStatement.setSubject(getSamlSubject(authentication));
      samlAssertion.addStatement(attributeStatement);

      for (final Entry<String, Object> e : authentication.getPrincipal().getAttributes().entrySet()) {
      final SAMLAttribute attribute = new SAMLAttribute();
      attribute.setName(e.getKey());
      attribute.setNamespace(NAMESPACE);

      if (e.getValue() instanceof Collection<?>) {
      final Collection<?> c = (Collection<?>) e.getValue();
      if (c.isEmpty())

      { // 100323 bnoordhuis: don't add the attribute, it causes a org.opensaml.MalformedException continue; }


      attribute.setValues(c);
      } else

      { attribute.addValue(e.getValue()); }

      attributeStatement.addAttribute(attribute);
      }

      // remember me
      if (isRemembered)

      { final SAMLAttribute attribute = new SAMLAttribute(); attribute.setName(REMEMBERME_ATTRIBUTE_NAME); attribute.setNamespace(NAMESPACE); attribute.addValue(true); attributeStatement.addAttribute(attribute); }


      }

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                battags Scott Battaglia
                Reporter:
                jleleu Jérôme Leleu
              • Votes:
                1 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: