0.7.0

Notable changes

• RestTemplate simple integration with RestTemplate but not enabled by default.

In order to enabled it you must create your own RestTemplate bean and adding an interceptor

@Bean
RestTemplate casRestTemplate(ServiceProperties serviceProperties, ProxyTicketProvider proxyTicketProvider) {
    RestTemplate restTemplate = new RestTemplate();
    restTemplate.getInterceptors().add(new CasAuthorizationInterceptor(serviceProperties, proxyTicketProvider));
    return restTemplate;
}

This interceptor is pretty simple, it will simply ask a new proxy ticket for each request and append it to request query parameter.
For example with: http://httpbin.org/get interceptor will modify request uri to become http://httpbin.org/get?ticket=PT-XX-YYYYYYYYYY.

ATTENTION if interceptor get any issue to get proxy ticket from CAS server, it will throw an IllegalStateException.

• AssertionProvider that will provide you a way to retrieve the current (bounded to current authenticated request) org.jasig.cas.client.validation.Assertion
• ProxyTicketProvider that will provide you a simple way to ask a proxy ticket for a given service (regarding the current authenticated request)

You can found sample usage for every new features on CasSecuritySpringBootSampleApplication

0.6.1

Bug fixes

• Fix security ordering issue

0.6.0

Notable changes

• 2 new properties to be able to override base-url for ticket validation or proxy callback requests, see https://github.com/kakawait/cas-security-spring-boot-starter#properties for more details
  • security.cas.server.validation-base-url
  • security.cas.service.callback-base-url
• Create a Docker and docker-compose version for cas-security-spring-boot-sample (#60)
  • See sample README.md for more details
• Add login path (default /login), logout path (default /logout) and proxy callback path to be handle by CasAuthenticationFilter by default (#58)

0.5.0

Notable changes

• Rework stateless support (#54)
• Upgrade spring boot dependencies (#55)

0.4.4

Notable changes

• Fix CasAuthenticationFilterConfigurer and authenticationSuccessHandler() (#49)
• CasAuthenticationSuccessHandler now handles query strings correctly (#49)

0.4.3

Notable changes

• Fix bug related to previous version from 0.4.0 to 0.4.2

0.4.0

ATTENTION

This version is a bit buggy please update directly to at least 0.4.3

Notable changes

• Now validate the whole url with query string (until now we validated only url without query string) (#41)
• New module spring-cas-security-extension to replace cas-security-dynamic-service-resolver (#34)

0.3.2

Bug fixes

• Remove @EnableWebSecurity on auto configuration class to do not disable default spring boot configuration (#37)

To switch off the default web application security configuration completely you can add a bean with @EnableWebSecurity (this does not disable the authentication manager configuration or Actuator’s security)

Source: https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-security.html#boot-features-security

0.3.1

Notable changes

• Easily configure ProxyGrantingTicketStorage by exposing a bean of ProxyGrantingTicketStorage (c947d6006fa04e87788db24a729dbc706a195741)

0.3.0

Notable changes

• New properties to configure proxy filter chain (#24)
• New static method to get default configurer CasSecurityConfigurer.cas() (#23)
• New configurer to custom TicketValidator (#26)