CAS Proxy

maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java

@@ -223,7 +223,7 @@ public class InitializeContext extends HttpServlet {
         _logger.info("+                           Version "
                     + WebContext.properties.getProperty("application.formatted-version"));
         _logger.info("+");
-        _logger.info("+                  "+ Character.toString(0xA9) + "Copyright 2018-2021 https://www.maxkey.top/");
+        _logger.info("+                  "+  ((char)0xA9) + "Copyright 2018-2021 https://www.maxkey.top/");
         _logger.info("+                 Licensed under the Apache License, Version 2.0 ");
         _logger.info("-----------------------------------------------------------");
     }

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java

@@ -80,13 +80,14 @@ public abstract class SingleLogout {
             } catch (UnsupportedEncodingException e) {
                 e.printStackTrace();
             }
+            _logger.debug("Post Message \n" + 
+                    httpPost.getEntity().toString()
+                 );
         }
         
         
         try {
-            _logger.debug("Post URL " + url + " , Post Message \n" + 
-                            httpPost.getEntity().toString()
-                         );
+        	 _logger.debug("Post URL " + url  );
             // httpClient对象执行post请求,并返回响应参数对象
             httpResponse = httpClient.execute(httpPost);
             // 从响应对象中获取响应内容

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java

@@ -22,11 +22,13 @@ package org.maxkey.authz.cas.endpoint;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
+import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketIOUImpl;
+import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketImpl;
+import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.constants.Boolean;
@@ -38,7 +40,6 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
-
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 
@@ -189,11 +190,13 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 	    setContentType(request,response,format);
 	    
 		Ticket storedTicket=null;
-		try {
-			storedTicket = ticketServices.consumeTicket(ticket);
-		} catch (Exception e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
+		if(ticket.startsWith(CasConstants.PREFIX.SERVICE_TICKET_PREFIX)) {
+			try {
+				storedTicket = ticketServices.consumeTicket(ticket);
+			} catch (Exception e) {
+				// TODO Auto-generated catch block
+				e.printStackTrace();
+			}
 		}
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
@@ -202,6 +205,18 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 			String principal=authentication.getUsername();
 			_logger.debug("principal "+principal);
 			serviceResponseBuilder.success().setUser(principal);
+			if(pgtUrl != null && !pgtUrl.equalsIgnoreCase("")) {
+				ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl();
+				String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl);
+				
+				ProxyGrantingTicketImpl proxyGrantingTicketImpl=new ProxyGrantingTicketImpl(storedTicket.getAuthentication(),storedTicket.getCasDetails());
+				String proxyGrantingTicket=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketImpl);
+				
+				serviceResponseBuilder.success().setTicket(proxyGrantingTicketIOU);
+				serviceResponseBuilder.success().setProxy(pgtUrl);
+			
+				postMessage(pgtUrl+"?pgtId="+proxyGrantingTicket+"&pgtIou="+proxyGrantingTicketIOU,null);		
+			}
 			
 			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
@@ -299,16 +314,26 @@ Response on ticket validation failure:
 	    setContentType(request,response,format);
 		
 		Ticket storedTicket=null;
-		try {
-			storedTicket = ticketServices.consumeTicket(ticket);
-		} catch (Exception e) {
-			e.printStackTrace();
+		if(ticket.startsWith(CasConstants.PREFIX.PROXY_TICKET_PREFIX)) {
+			try {
+					storedTicket = ticketServices.consumeTicket(ticket);
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
 		}
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-			serviceResponseBuilder.success()
-				.setUser(storedTicket.getAuthentication().getPrincipal().toString());
+		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
+			String principal=authentication.getUsername();
+			_logger.debug("principal "+principal);
+			serviceResponseBuilder.success().setUser(principal);
+			
+			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
+				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
+				UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
+				adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
+			}
 		}else{
 			serviceResponseBuilder.failure()
 				.setCode(CasConstants.ERROR_CODE.INVALID_TICKET)
@@ -385,7 +410,13 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
                 +" , format " + format
         );
 	    setContentType(request,response,format);
-	    
+	    ProxyGrantingTicketImpl proxyGrantingTicketImpl = (ProxyGrantingTicketImpl)casProxyGrantingTicketServices.get(pgt);
+	    if(proxyGrantingTicketImpl != null) {
+	    	ProxyTicketImpl ProxyTicketImpl = new ProxyTicketImpl(proxyGrantingTicketImpl.getAuthentication(),proxyGrantingTicketImpl.getCasDetails());
+	    	String proxyTicket =ticketServices.createTicket(ProxyTicketImpl);
+	    	ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();
+	 		return proxyServiceResponseBuilder.success().setTicket(proxyTicket).setFormat(format).serviceResponseBuilder();
+	    }
 	    ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();
 		return proxyServiceResponseBuilder.success().setTicket("").setFormat(format).serviceResponseBuilder();
 	}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java

@@ -24,8 +24,12 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
+import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketIOUImpl;
+import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketImpl;
+import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.constants.Boolean;
@@ -51,7 +55,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 
 	final static Logger _logger = LoggerFactory.getLogger(Cas30AuthorizeEndpoint.class);
 
-	@ApiOperation(value = "CAS 2.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
+	@ApiOperation(value = "CAS 3.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
 	@RequestMapping("/authz/cas/p3/serviceValidate")
 	@ResponseBody
 	public String serviceValidate(
@@ -70,20 +74,36 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	                    +" , format " + format
 	            );
 	    
-	    setContentType(request,response,format);
+setContentType(request,response,format);
 	    
 		Ticket storedTicket=null;
-		try {
-			storedTicket = ticketServices.consumeTicket(ticket);
-		} catch (Exception e) {
-			e.printStackTrace();
+		if(ticket.startsWith(CasConstants.PREFIX.SERVICE_TICKET_PREFIX)) {
+			try {
+				storedTicket = ticketServices.consumeTicket(ticket);
+			} catch (Exception e) {
+				// TODO Auto-generated catch block
+				e.printStackTrace();
+			}
 		}
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
 		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
 			String principal=authentication.getUsername();
+			_logger.debug("principal "+principal);
 			serviceResponseBuilder.success().setUser(principal);
+			if(pgtUrl != null && !pgtUrl.equalsIgnoreCase("")) {
+				ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl();
+				String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl);
+				
+				ProxyGrantingTicketImpl proxyGrantingTicketImpl=new ProxyGrantingTicketImpl(storedTicket.getAuthentication(),storedTicket.getCasDetails());
+				String proxyGrantingTicket=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketImpl);
+				
+				serviceResponseBuilder.success().setTicket(proxyGrantingTicketIOU);
+				serviceResponseBuilder.success().setProxy(pgtUrl);
+			
+				postMessage(pgtUrl+"?pgtId="+proxyGrantingTicket+"&pgtIou="+proxyGrantingTicketIOU,null);		
+			}
 			
 			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
@@ -99,7 +119,33 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		return serviceResponseBuilder.serviceResponseBuilder();
 	}
 	
-	@ApiOperation(value = "CAS 3.0 ticket代理验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
+	@ApiOperation(value = "CAS 3.0 ProxyTicket代理验证接口", notes = "通过ProxyGrantingTicket获取ProxyTicket",httpMethod="POST")
+	@RequestMapping("/authz/cas/p3/proxy")
+	@ResponseBody
+	public String proxy(
+			HttpServletRequest request,
+			HttpServletResponse response,
+			@RequestParam(value = CasConstants.PARAMETER.PROXY_GRANTING_TICKET) String pgt,
+			@RequestParam(value = CasConstants.PARAMETER.TARGET_SERVICE) String targetService,
+			@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
+	    _logger.debug("proxy " 
+                + " pgt " + pgt 
+                +" , targetService " + targetService 
+                +" , format " + format
+        );
+	    setContentType(request,response,format);
+	    ProxyGrantingTicketImpl proxyGrantingTicketImpl = (ProxyGrantingTicketImpl)casProxyGrantingTicketServices.get(pgt);
+	    if(proxyGrantingTicketImpl != null) {
+	    	ProxyTicketImpl ProxyTicketImpl = new ProxyTicketImpl(proxyGrantingTicketImpl.getAuthentication(),proxyGrantingTicketImpl.getCasDetails());
+	    	String proxyTicket =ticketServices.createTicket(ProxyTicketImpl);
+	    	ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();
+	 		return proxyServiceResponseBuilder.success().setTicket(proxyTicket).setFormat(format).serviceResponseBuilder();
+	    }
+	    ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();
+		return proxyServiceResponseBuilder.success().setTicket("").setFormat(format).serviceResponseBuilder();
+	}
+	
+	@ApiOperation(value = "CAS 3.0 ticket代理验证接口", notes = "通过ProxyTicket获取当前登录用户信息",httpMethod="POST")
 	@RequestMapping("/authz/cas/p3/proxyValidate")
 	@ResponseBody
 	public String proxy(
@@ -118,18 +164,21 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
                 +" , format " + format
         );
 	    setContentType(request,response,format);
-	    		
+		
 		Ticket storedTicket=null;
-		try {
-			storedTicket = ticketServices.consumeTicket(ticket);
-		} catch (Exception e) {
-			e.printStackTrace();
+		if(ticket.startsWith(CasConstants.PREFIX.PROXY_TICKET_PREFIX)) {
+			try {
+					storedTicket = ticketServices.consumeTicket(ticket);
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
 		}
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
 		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
 			String principal=authentication.getUsername();
+			_logger.debug("principal "+principal);
 			serviceResponseBuilder.success().setUser(principal);
 			
 			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java

@@ -36,15 +36,12 @@ import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.security.core.Authentication;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.ModelAndView;
-
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 
@@ -105,8 +102,6 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	        @AuthenticationPrincipal Object user,
 			HttpServletRequest request,
 			HttpServletResponse response){
-		
-	    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 		AppsCasDetails casDetails=(AppsCasDetails)WebContext.getAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS);
 		ServiceTicketImpl serviceTicket=new ServiceTicketImpl(WebContext.getAuthentication(),casDetails);
 		

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java

@@ -17,12 +17,31 @@
 
 package org.maxkey.authz.cas.endpoint;
 
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.Map.Entry;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.http.HttpEntity;
+import org.apache.http.NameValuePair;
+import org.apache.http.client.config.RequestConfig;
+import org.apache.http.client.entity.UrlEncodedFormEntity;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicNameValuePair;
+import org.apache.http.util.EntityUtils;
 import org.maxkey.authn.online.OnlineTicketServices;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
-import org.maxkey.authz.cas.endpoint.ticket.service.TicketServices;
+import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
 import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
 import org.maxkey.constants.ContentType;
 import org.maxkey.persistence.service.AppsCasDetailsService;
@@ -55,6 +74,10 @@ public class CasBaseAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
     @Qualifier("onlineTicketServices")
     protected OnlineTicketServices onlineTicketServices;
     
+    @Autowired
+    @Qualifier("casProxyGrantingTicketServices")
+    protected TicketServices casProxyGrantingTicketServices;
+    
     
     public void setContentType(
                         HttpServletRequest request,
@@ -67,4 +90,74 @@ public class CasBaseAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
             response.setContentType(ContentType.APPLICATION_JSON_UTF8);
         }
     }
+    
+    public void postMessage(String url,Map<String, Object> paramMap) {
+        // 创建httpClient实例
+        CloseableHttpClient httpClient = HttpClients.createDefault();
+        CloseableHttpResponse httpResponse = null;
+        // 创建httpPost远程连接实例
+        HttpPost httpPost = new HttpPost(url);
+        // 配置请求参数实例
+        RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(35000)// 设置连接主机服务超时时间
+                .setConnectionRequestTimeout(35000)// 设置连接请求超时时间
+                .setSocketTimeout(60000)// 设置读取数据连接超时时间
+                .build();
+        // 为httpPost实例设置配置
+        httpPost.setConfig(requestConfig);
+        // 设置请求头
+        httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
+        // 封装post请求参数
+        if (null != paramMap && paramMap.size() > 0) {
+            List<NameValuePair> nvps = new ArrayList<NameValuePair>();
+            // 通过map集成entrySet方法获取entity
+            Set<Entry<String, Object>> entrySet = paramMap.entrySet();
+            // 循环遍历，获取迭代器
+            Iterator<Entry<String, Object>> iterator = entrySet.iterator();
+            while (iterator.hasNext()) {
+                Entry<String, Object> mapEntry = iterator.next();
+                _logger.debug("Name " + mapEntry.getKey() + " , Value " +mapEntry.getValue());
+                nvps.add(new BasicNameValuePair(mapEntry.getKey(), mapEntry.getValue().toString()));
+            }
+
+            // 为httpPost设置封装好的请求参数
+            try {
+                httpPost.setEntity(new UrlEncodedFormEntity(nvps, "UTF-8"));
+            } catch (UnsupportedEncodingException e) {
+                e.printStackTrace();
+            }
+            _logger.debug("Post Message \n" + 
+                    httpPost.getEntity().toString()
+                 );
+        }
+        
+        
+        try {
+            // httpClient对象执行post请求,并返回响应参数对象
+            httpResponse = httpClient.execute(httpPost);
+            // 从响应对象中获取响应内容
+            HttpEntity entity = httpResponse.getEntity();
+            _logger.debug("Http Response StatusCode " + 
+                    httpResponse.getStatusLine().getStatusCode()+
+                    " , Content " +EntityUtils.toString(entity)
+            );
+        } catch (Exception e) {
+            e.printStackTrace();
+        } finally {
+            // 关闭资源
+            if (null != httpResponse) {
+                try {
+                    httpResponse.close();
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
+            }
+            if (null != httpClient) {
+                try {
+                    httpClient.close();
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
+            }
+        }
+    }
 }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketIOUImpl.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authz.cas.endpoint.ticket;
+
+import org.maxkey.domain.apps.AppsCasDetails;
+import org.springframework.security.core.Authentication;
+
+/**
+ * The {@link ProxyGrantingTicketIOUImpl} is a concrete implementation of the {@link ProxyTicket}.
+ *
+ * @author Misagh Moayyed
+ * @since 4.2
+ */
+public class ProxyGrantingTicketIOUImpl extends ServiceTicketImpl implements Ticket {
+    private static final long serialVersionUID = -4469960563289285371L;
+
+    /**
+     * Instantiates a new Proxy ticket.
+     */
+    public ProxyGrantingTicketIOUImpl() {
+    }
+
+    /**
+     * Instantiates a new Proxy ticket.
+     *
+     * @param id                 the id
+     * @param ticket             the ticket
+     * @param service            the service
+     * @param credentialProvided the credential that prompted this ticket. Could be false.
+     * @param policy             the expiration policy
+     */
+    public ProxyGrantingTicketIOUImpl(final String id,  final Service service,
+                           final boolean credentialProvided) {
+
+    }
+    
+    public ProxyGrantingTicketIOUImpl(Authentication authentication,  AppsCasDetails casDetails) {
+    	this.authentication=authentication;
+    	this.casDetails=casDetails;
+    }
+}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketImpl.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authz.cas.endpoint.ticket;
+
+import org.maxkey.domain.apps.AppsCasDetails;
+import org.springframework.security.core.Authentication;
+
+/**
+ * The {@link ProxyGrantingTicketImpl} is a concrete implementation of the {@link ProxyTicket}.
+ *
+ * @author Misagh Moayyed
+ * @since 4.2
+ */
+public class ProxyGrantingTicketImpl extends ServiceTicketImpl implements Ticket {
+    private static final long serialVersionUID = -4469960563289285371L;
+
+    /**
+     * Instantiates a new Proxy ticket.
+     */
+    public ProxyGrantingTicketImpl() {
+    }
+
+    /**
+     * Instantiates a new Proxy ticket.
+     *
+     * @param id                 the id
+     * @param ticket             the ticket
+     * @param service            the service
+     * @param credentialProvided the credential that prompted this ticket. Could be false.
+     * @param policy             the expiration policy
+     */
+    public ProxyGrantingTicketImpl(final String id,  final Service service,
+                           final boolean credentialProvided) {
+
+    }
+    
+    public ProxyGrantingTicketImpl(Authentication authentication,  AppsCasDetails casDetails) {
+    	this.authentication=authentication;
+    	this.casDetails=casDetails;
+    }
+}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyTicketImpl.java

@@ -17,6 +17,9 @@
 
 package org.maxkey.authz.cas.endpoint.ticket;
 
+import org.maxkey.domain.apps.AppsCasDetails;
+import org.springframework.security.core.Authentication;
+
 /**
  * The {@link ProxyTicketImpl} is a concrete implementation of the {@link ProxyTicket}.
  *
@@ -45,4 +48,9 @@ public class ProxyTicketImpl extends ServiceTicketImpl implements Ticket {
                            final boolean credentialProvided) {
 
     }
+    
+    public ProxyTicketImpl(Authentication authentication,  AppsCasDetails casDetails) {
+    	this.authentication=authentication;
+    	this.casDetails=casDetails;
+    }
 }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RandomServiceTicketServices.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/RandomServiceTicketServices.java

@@ -15,10 +15,8 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket;
 
-import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
-import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.cas.endpoint.ticket.generator.DefaultUniqueTicketIdGenerator;
 
 
@@ -43,9 +41,15 @@ public abstract class RandomServiceTicketServices implements TicketServices {
 			ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_TICKET_PREFIX);
 		}else if(ticket.getClass().getSimpleName().equalsIgnoreCase("TicketGrantingTicketImpl")){
 			ticketId = generator.getNewTicketId(CasConstants.PREFIX.TICKET_GRANTING_TICKET_PREFIX);
+		}else if(ticket.getClass().getSimpleName().equalsIgnoreCase("ProxyGrantingTicketImpl")){
+			ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_GRANTING_TICKET_PREFIX);
+		}else if(ticket.getClass().getSimpleName().equalsIgnoreCase("ProxyGrantingTicketIOUImpl")){
+			ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_GRANTING_TICKET_IOU_PREFIX);
+			return ticketId;
 		}else {
-			ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_TICKET_PREFIX);
+			ticketId = generator.getNewTicketId(CasConstants.PREFIX.SERVICE_TICKET_PREFIX);
 		}
+		
 		store(ticketId, ticket);
 		return ticketId;
 	}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicket.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.authz.cas.endpoint.ticket;
 
-import org.maxkey.authz.cas.endpoint.ticket.proxy.ProxyGrantingTicket;
+import org.maxkey.authz.cas.endpoint.ticket.pgt.ProxyGrantingTicket;
 import org.springframework.security.core.Authentication;
 
 import com.fasterxml.jackson.annotation.JsonTypeInfo;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicketImpl.java

@@ -18,7 +18,7 @@
 package org.maxkey.authz.cas.endpoint.ticket;
 
 import org.apache.commons.lang3.builder.EqualsBuilder;
-import org.maxkey.authz.cas.endpoint.ticket.proxy.ProxyGrantingTicket;
+import org.maxkey.authz.cas.endpoint.ticket.pgt.ProxyGrantingTicket;
 import org.maxkey.domain.apps.AppsCasDetails;
 import org.springframework.security.core.Authentication;
 

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServices.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/TicketServices.java

@@ -15,9 +15,7 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.service;
-
-import org.maxkey.authz.cas.endpoint.ticket.Ticket;
+package org.maxkey.authz.cas.endpoint.ticket;
 
 public interface TicketServices {
 

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/InMemoryProxyGrantingTicketServices.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authz.cas.endpoint.ticket.pgt;
+
+import java.time.Duration;
+
+import org.ehcache.UserManagedCache;
+import org.ehcache.config.builders.ExpiryPolicyBuilder;
+import org.ehcache.config.builders.UserManagedCacheBuilder;
+import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices;
+import org.maxkey.authz.cas.endpoint.ticket.Ticket;
+
+
+public class InMemoryProxyGrantingTicketServices extends RandomServiceTicketServices {
+
+	protected final static  UserManagedCache<String, Ticket> casTicketStore = 
+			UserManagedCacheBuilder.newUserManagedCacheBuilder(String.class, Ticket.class)
+				.withExpiry(ExpiryPolicyBuilder.timeToLiveExpiration(Duration.ofHours(1)))
+				.build(true);
+
+	
+	@Override
+	public void store(String ticketId, Ticket ticket) {
+		casTicketStore.put(ticketId, ticket);
+	}
+
+	@Override
+	public Ticket remove(String ticketId) {
+		Ticket ticket=casTicketStore.get(ticketId);	
+		casTicketStore.remove(ticketId);
+		return ticket;
+	}
+
+    @Override
+    public Ticket get(String ticket) {
+        // TODO Auto-generated method stub
+        return casTicketStore.get(ticket);
+    }
+
+}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyGrantingTicket.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicket.java

@@ -15,7 +15,7 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.proxy;
+package org.maxkey.authz.cas.endpoint.ticket.pgt;
 
 import org.maxkey.authz.cas.endpoint.ticket.ExpirationPolicy;
 import org.maxkey.authz.cas.endpoint.ticket.Service;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicketServicesFactory.java

@@ -0,0 +1,30 @@
+package org.maxkey.authz.cas.endpoint.ticket.pgt;
+
+import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
+import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.jdbc.core.JdbcTemplate;
+
+public class ProxyGrantingTicketServicesFactory {
+	private static final  Logger _logger = LoggerFactory.getLogger(ProxyGrantingTicketServicesFactory.class);
+	
+    public TicketServices getService(
+            int persistence,
+            JdbcTemplate jdbcTemplate,
+            RedisConnectionFactory redisConnFactory) {
+    	TicketServices casTicketServices = null;
+        if (persistence == ConstantsPersistence.INMEMORY) {
+            casTicketServices = new InMemoryProxyGrantingTicketServices();
+            _logger.debug("InMemoryTicketServices");
+        } else if (persistence == ConstantsPersistence.JDBC) {
+            //casTicketServices = new JdbcTicketServices(jdbcTemplate);
+            _logger.debug("JdbcTicketServices not support ");
+        } else if (persistence == ConstantsPersistence.REDIS) {
+            casTicketServices = new RedisProxyGrantingTicketServices(redisConnFactory);
+            _logger.debug("RedisTicketServices");
+        }
+        return casTicketServices;
+    }
+}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyTicket.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyTicket.java

@@ -15,7 +15,7 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.proxy;
+package org.maxkey.authz.cas.endpoint.ticket.pgt;
 
 import org.maxkey.authz.cas.endpoint.ticket.ServiceTicket;
 

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/RedisProxyGrantingTicketServices.java

@@ -0,0 +1,78 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authz.cas.endpoint.ticket.pgt;
+
+import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices;
+import org.maxkey.authz.cas.endpoint.ticket.Ticket;
+import org.maxkey.persistence.redis.RedisConnection;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
+
+
+public class RedisProxyGrantingTicketServices extends RandomServiceTicketServices {
+
+	
+	protected int serviceTicketValiditySeconds = 60 * 60; //default 60 minutes.
+	
+	RedisConnectionFactory connectionFactory;
+	
+	public static String PREFIX="REDIS_CAS_TICKET_PGT_";
+	/**
+	 * @param connectionFactory
+	 */
+	public RedisProxyGrantingTicketServices(RedisConnectionFactory connectionFactory) {
+		super();
+		this.connectionFactory = connectionFactory;
+	}
+	
+	/**
+	 * 
+	 */
+	public RedisProxyGrantingTicketServices() {
+		
+	}
+
+	public void setConnectionFactory(RedisConnectionFactory connectionFactory) {
+		this.connectionFactory = connectionFactory;
+	}
+
+	@Override
+	public void store(String ticketId, Ticket ticket) {
+		RedisConnection conn=connectionFactory.getConnection();
+		conn.setexObject(PREFIX+ticketId, serviceTicketValiditySeconds, ticket);
+		conn.close();
+	}
+
+	@Override
+	public Ticket remove(String ticketId) {
+		RedisConnection conn=connectionFactory.getConnection();
+		Ticket ticket = conn.getObject(PREFIX+ticketId);
+		conn.delete(PREFIX+ticketId);
+		conn.close();
+		return ticket;
+	}
+
+    @Override
+    public Ticket get(String ticketId) {
+        RedisConnection conn=connectionFactory.getConnection();
+        Ticket ticket = conn.getObject(PREFIX+ticketId);
+        conn.close();
+        return ticket;
+    }
+
+	
+}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/JdbcTicketServices.java

@@ -1,95 +0,0 @@
-/*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.authz.cas.endpoint.ticket.service;
-
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Types;
-import org.maxkey.authz.cas.endpoint.ticket.Ticket;
-import org.maxkey.util.SerializationUtils;
-import org.springframework.dao.EmptyResultDataAccessException;
-import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.jdbc.core.RowMapper;
-import org.springframework.jdbc.core.support.SqlLobValue;
-import org.springframework.util.Assert;
-
-
-public class JdbcTicketServices extends RandomServiceTicketServices {
-
-	private static final String DEFAULT_SELECT_STATEMENT = "select id, ticket from cas_ticket where id = ?";
-	private static final String DEFAULT_INSERT_STATEMENT = "insert into cas_ticket (id, ticket) values (?, ?)";
-	private static final String DEFAULT_DELETE_STATEMENT = "delete from cas_ticket where id = ?";
-
-	private String selectAuthenticationSql = DEFAULT_SELECT_STATEMENT;
-	private String insertAuthenticationSql = DEFAULT_INSERT_STATEMENT;
-	private String deleteAuthenticationSql = DEFAULT_DELETE_STATEMENT;
-
-	private final JdbcTemplate jdbcTemplate;
-
-	public JdbcTicketServices(JdbcTemplate jdbcTemplate) {
-		Assert.notNull(jdbcTemplate, "jdbcTemplate required");
-		this.jdbcTemplate = jdbcTemplate;
-	}
-
-	@Override
-	public void store(String ticketId, Ticket ticket) {
-		jdbcTemplate.update(insertAuthenticationSql,
-				new Object[] { ticket, new SqlLobValue(SerializationUtils.serialize(ticket)) }, new int[] {
-						Types.VARCHAR, Types.BLOB });
-	}
-
-	public Ticket  remove(String ticketId) {
-		Ticket ticket;
-
-		try {
-			ticket = jdbcTemplate.queryForObject(selectAuthenticationSql,
-					new RowMapper<Ticket>() {
-						public Ticket mapRow(ResultSet rs, int rowNum)
-								throws SQLException {
-							return SerializationUtils.deserialize(rs.getBytes("ticket"));
-						}
-					}, ticketId);
-		} catch (EmptyResultDataAccessException e) {
-			return null;
-		}
-
-		if (ticket != null) {
-			jdbcTemplate.update(deleteAuthenticationSql, ticket);
-		}
-
-		return ticket;
-	}
-
-	public void setSelectAuthenticationSql(String selectAuthenticationSql) {
-		this.selectAuthenticationSql = selectAuthenticationSql;
-	}
-
-	public void setInsertAuthenticationSql(String insertAuthenticationSql) {
-		this.insertAuthenticationSql = insertAuthenticationSql;
-	}
-
-	public void setDeleteAuthenticationSql(String deleteAuthenticationSql) {
-		this.deleteAuthenticationSql = deleteAuthenticationSql;
-	}
-
-    @Override
-    public Ticket get(String ticketId) {
-        // TODO Auto-generated method stub
-        return null;
-    }
-}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketServices.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/InMemoryTicketServices.java

@@ -15,13 +15,14 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.st;
 
 import java.time.Duration;
 
 import org.ehcache.UserManagedCache;
 import org.ehcache.config.builders.ExpiryPolicyBuilder;
 import org.ehcache.config.builders.UserManagedCacheBuilder;
+import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 
 

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketServices.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/RedisTicketServices.java

@@ -15,8 +15,9 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.st;
 
+import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.persistence.redis.RedisConnection;
 import org.maxkey.persistence.redis.RedisConnectionFactory;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServicesFactory.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/TicketServicesFactory.java

@@ -1,5 +1,6 @@
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.st;
 
+import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
 import org.maxkey.constants.ConstantsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/package-info.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/package-info.java

@@ -22,4 +22,4 @@
  * @author Administrator
  *
  */
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.st;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketGrantingTicketServices.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/InMemoryTicketGrantingTicketServices.java

@@ -15,13 +15,14 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.tgt;
 
 import java.time.Duration;
 
 import org.ehcache.UserManagedCache;
 import org.ehcache.config.builders.ExpiryPolicyBuilder;
 import org.ehcache.config.builders.UserManagedCacheBuilder;
+import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 
 

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketGrantingTicketServices.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/RedisTicketGrantingTicketServices.java

@@ -15,8 +15,9 @@
  */
  
 
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.tgt;
 
+import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.persistence.redis.RedisConnection;
 import org.maxkey.persistence.redis.RedisConnectionFactory;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketGrantingTicketServicesFactory.java → maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/TicketGrantingTicketServicesFactory.java

@@ -1,5 +1,6 @@
-package org.maxkey.authz.cas.endpoint.ticket.service;
+package org.maxkey.authz.cas.endpoint.ticket.tgt;
 
+import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
 import org.maxkey.constants.ConstantsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java

@@ -17,9 +17,10 @@
 
 package org.maxkey.autoconfigure;
 
-import org.maxkey.authz.cas.endpoint.ticket.service.TicketGrantingTicketServicesFactory;
-import org.maxkey.authz.cas.endpoint.ticket.service.TicketServices;
-import org.maxkey.authz.cas.endpoint.ticket.service.TicketServicesFactory;
+import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
+import org.maxkey.authz.cas.endpoint.ticket.pgt.ProxyGrantingTicketServicesFactory;
+import org.maxkey.authz.cas.endpoint.ticket.st.TicketServicesFactory;
+import org.maxkey.authz.cas.endpoint.ticket.tgt.TicketGrantingTicketServicesFactory;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
@@ -72,6 +73,17 @@ public class CasAutoConfiguration implements InitializingBean {
         return new TicketGrantingTicketServicesFactory().getService(persistence, jdbcTemplate, redisConnFactory);
     }
     
+    @Bean(name = "casProxyGrantingTicketServices")
+    public TicketServices casProxyGrantingTicketServices(
+            @Value("${config.server.persistence}") int persistence,
+            @Value("${config.login.remeberme.validity}") int validity,
+            JdbcTemplate jdbcTemplate,
+            RedisConnectionFactory redisConnFactory) {
+    	_logger.debug("init casTicketGrantingTicketServices.");
+        return new ProxyGrantingTicketServicesFactory().getService(persistence, jdbcTemplate, redisConnFactory);
+    }
+    
+    
     @Override
     public void afterPropertiesSet() throws Exception {
         // TODO Auto-generated method stub

maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java

@@ -170,9 +170,11 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
                 //cas2.0 Validate
                 .excludePathPatterns("/authz/cas/serviceValidate")
                 .excludePathPatterns("/authz/cas/proxyValidate")
+                .excludePathPatterns("/authz/cas/proxy")
                 //cas3.0 Validate
                 .excludePathPatterns("/authz/cas/p3/serviceValidate")
                 .excludePathPatterns("/authz/cas/p3/proxyValidate")
+                .excludePathPatterns("/authz/cas/p3/proxy")
                 //rest
                 .excludePathPatterns("/authz/cas/v1/tickets")
                 .excludePathPatterns("/authz/cas/v1/tickets/*")