Merge pull request #118 from dbhankins/fix-null-principal

Fix null principal
Unicon · Aug 14, 2015 · e34aacd · e34aacd
2 parents 6a23da8 + 1fca092
commit e34aacd
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 3 deletions.
diff --git a/...rc/main/groovy/net/unicon/cas/mfa/authentication/duo/DuoMultiFactorWebflowConfigurer.java b/...rc/main/groovy/net/unicon/cas/mfa/authentication/duo/DuoMultiFactorWebflowConfigurer.java
@@ -31,7 +31,7 @@ public class DuoMultiFactorWebflowConfigurer implements InitializingBean {
     public void afterPropertiesSet() throws Exception {
         try {
             final List resolvers = this.context.getBean("mfaCredentialsToPrincipalResolvers", List.class);
-            resolvers.add(new DuoCredentialsToPrincipalResolver());
+            resolvers.add(0, new DuoCredentialsToPrincipalResolver());
         } catch (final Exception e) {
             LOGGER.error(e.getMessage(), e);
         }

diff --git a/cas-mfa-java/src/main/java/net/unicon/cas/mfa/web/flow/CasMultiFactorWebflowConfigurer.java b/cas-mfa-java/src/main/java/net/unicon/cas/mfa/web/flow/CasMultiFactorWebflowConfigurer.java
@@ -4,6 +4,10 @@
 import net.unicon.cas.mfa.web.support.MultiFactorAuthenticationSupportingWebApplicationService;
 import net.unicon.cas.mfa.web.support.UnrecognizedAuthenticationMethodException;
 import org.apache.commons.lang.ArrayUtils;
+import org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver;
+import org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver;
+import org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver;
+import org.jasig.services.persondir.IPersonAttributeDao;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
@@ -22,6 +26,7 @@
 import org.springframework.binding.mapping.impl.DefaultMapping;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ClassUtils;
+import org.springframework.web.context.WebApplicationContext;
 import org.springframework.webflow.action.EvaluateAction;
 import org.springframework.webflow.action.ViewFactoryActionAdapter;
 import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
@@ -73,6 +78,9 @@ public class CasMultiFactorWebflowConfigurer implements InitializingBean {
     @Autowired
     private FlowDefinitionRegistry flowDefinitionRegistry;
 
+    @Autowired
+    private WebApplicationContext context;
+
     @Override
     @PostConstruct
     public void afterPropertiesSet() throws Exception {
@@ -89,11 +97,26 @@ public void afterPropertiesSet() throws Exception {
             setupWebflow(flowIds);
             LOGGER.debug("Configured webflow for multifactor authentication.");
 
+            LOGGER.debug("Registering default credentials-to-principal resolver...");
+            registerDefaultCredentialsToPrincipalResolver();
+            LOGGER.debug("Registered default credentials-to-principal resolver.");
         } catch (final Exception e) {
             LOGGER.error(e.getMessage(), e);
         }
     }
 
+    /**
+     * Registers the default credentials-to-principal resolver for the second or later factors. Also attaches an
+     * attribute repository to the resolver.
+     */
+    protected void registerDefaultCredentialsToPrincipalResolver() {
+        final List<CredentialsToPrincipalResolver> resolvers = this.context.getBean("mfaCredentialsToPrincipalResolvers", List.class);
+        final AbstractPersonDirectoryCredentialsToPrincipalResolver defaultResolver = new UsernamePasswordCredentialsToPrincipalResolver();
+        final IPersonAttributeDao attributeRepository = this.context.getBean("attributeRepository", IPersonAttributeDao.class);
+        defaultResolver.setAttributeRepository(attributeRepository);
+        resolvers.add(defaultResolver);
+    }
+
     /**
      * Sets webflow.
      * @param flowIds the flow ids

diff --git a/cas-mfa-overlay/etc/person-attributes.conf b/cas-mfa-overlay/etc/person-attributes.conf
@@ -7,6 +7,6 @@
 		"phone": ["3477464665"],
 		"additionalAttribute":["Engineer", "Musician"],
 		"eduPersonAffiliation":["tech", "music"],
-        "authn_method": ["strong-two-factor"]
+        "authn_method": ["duo-two-factor"]
 	}
 }
diff --git a/cas-mfa-overlay/etc/servicesRegistry.conf b/cas-mfa-overlay/etc/servicesRegistry.conf
@@ -7,7 +7,7 @@
             "description":"Test HTTP/HTTPS services",
             "allowedToProxy": true,
             "extraAttributes": {
-                "authn_method": "strong-two-factor"
+                "authn_method": "duo-two-factor"
             }
         }		
     ]