CAS 5.2.3 IpAddress blocking& Password expiry messages & Service Maintenance notifications

19 views
Skip to first unread message

Mr Rao

unread,
May 17, 2018, 1:12:13 AM5/17/18
to CAS Community
Hi,
I've been migrating from CAS 3.2.5 to CAS 5.2.3. We have below requirements in current code and need help on how to implement these in new version of CAS.

1) IP address blocking per user basis , error message should be added dynamically instead of using messages.properties.

2) After successful login before redirecting user to Service we want to display Application Maintenance notification. Info messages should be added dynamically instead of using messages.properties.

3)  After successful logic before redirecting user to Service we want to display  password expiration warning and user must be able click on change password to reset password. Error message should be added dynamically instead of using messages.properties.

I tried to modify AbstractAuthenticationAction class like below and I'm unable to add  my custom error message instead of using messages.properties.  

Whats the best practice to implement these?

Thanks
Rao


 protected Event doExecute(final RequestContext requestContext) {
        final String agent = WebUtils.getHttpServletRequestUserAgentFromRequestContext();
        final GeoLocationRequest geoLocation = WebUtils.getHttpServletRequestGeoLocationFromRequestContext();

        // TODo  -  Ip address Checking.
        Event event = iPAddressCasWebflowSupport.doExecute(requestContext);
        if (event != null) {
            return event;
        }


        if (!adaptiveAuthenticationPolicy.apply(agent, geoLocation)) {
            final String msg = "Adaptive authentication policy does not allow this request for " + agent + " and " + geoLocation;
            final Map<String, Class<? extends Throwable>> map = CollectionUtils.wrap(
                    UnauthorizedAuthenticationException.class.getSimpleName(),
                    UnauthorizedAuthenticationException.class);
            final AuthenticationException error = new AuthenticationException(msg, map, new HashMap<>(0));
            return new Event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE,
                    new LocalAttributeMap(CasWebflowConstants.TRANSITION_ID_ERROR, error));
        }

        final Event serviceTicketEvent = this.serviceTicketRequestWebflowEventResolver.resolveSingle(requestContext);
        if (serviceTicketEvent != null) {
            fireEventHooks(serviceTicketEvent, requestContext);
            return serviceTicketEvent;
        }


        final Event finalEvent = this.initialAuthenticationAttemptWebflowEventResolver.resolveSingle(requestContext);

        fireEventHooks(finalEvent, requestContext);

        event = notificationsCasWebflowSupport.doExecute(requestContext, this);

        if (event != null) {
            fireEventHooks(event, requestContext);
            return event;
        }





Mr Rao

unread,
May 17, 2018, 12:08:15 PM5/17/18
to CAS Community
Hi, 
Any one has ideas on this?

Rao

Mr Rao

unread,
Sep 5, 2018, 10:07:41 PM9/5/18
to CAS Community
Any ideas?

I also want to pass username to password change url when it triggers force to change password.
Reply all
Reply to author
Forward
0 new messages