RegisteredServiceAccessStrategy (cas-server-core-api-services 4.2.7 API)

All Superinterfaces:

java.io.Serializable
```
public interface RegisteredServiceAccessStrategy
extends java.io.Serializable
```
This is RegisteredServiceAccessStrategy that can decide if a service is recognized and authorized to participate in the CAS protocol flow during authentication/validation events.

Since:

4.1

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`doPrincipalAttributesAllowServiceAccess(java.lang.String principal, java.util.Map<java.lang.String,java.lang.Object> principalAttributes)` Verify authorization policy by checking the pre-configured rules that may depend on what the principal might be carrying.
`java.net.URI`	`getUnauthorizedRedirectUrl()` Redirect the request to a separate and possibly external URL in case authorization fails for this service.
`boolean`	`isServiceAccessAllowed()` Verify is the service is enabled and recognized by CAS.
`boolean`	`isServiceAccessAllowedForSso()` Assert that the service can participate in sso.

- Method Detail
  - isServiceAccessAllowed
```
boolean isServiceAccessAllowed()
```
    Verify is the service is enabled and recognized by CAS.
    
    Returns:
    true/false if service is enabled
  - isServiceAccessAllowedForSso
```
boolean isServiceAccessAllowedForSso()
```
    Assert that the service can participate in sso.
    
    Returns:
    true/false if service can participate in sso
  - doPrincipalAttributesAllowServiceAccess
```
boolean doPrincipalAttributesAllowServiceAccess(java.lang.String principal,
                                              java.util.Map<java.lang.String,java.lang.Object> principalAttributes)
```
    Verify authorization policy by checking the pre-configured rules that may depend on what the principal might be carrying.
    
    Parameters:
    principal - The authenticated principal
    principalAttributes - the principal attributes. Rather than passing the principal directly, we are only allowing principal attributes given they may be coming from a source external to the principal itself. (Cached principal attributes, etc)
    
    Returns:
    true/false if service access can be granted to principal
  - getUnauthorizedRedirectUrl
```
java.net.URI getUnauthorizedRedirectUrl()
```
    Redirect the request to a separate and possibly external URL in case authorization fails for this service. If no URL is specified, CAS shall redirect the request by default to a generic page that describes the authorization failed attempt.
    
    Returns:
    the redirect url
    Since:
    
    4.2

Interface RegisteredServiceAccessStrategy

Method Summary

Method Detail

isServiceAccessAllowed

isServiceAccessAllowedForSso

doPrincipalAttributesAllowServiceAccess

getUnauthorizedRedirectUrl