1.解决cas扩展信息中文乱码问题。

2.投保信息保存报400问题，投保人数为null导致。

picc-common/src/main/resources/mapper/base/CompanyUser.xml

@@ -27,23 +27,24 @@
 	-->
 	<![CDATA[
 		insert into base_company_user
-	    (id_,user_name,password_,phone_,open_id,profession_,summary_,company_id,status_,create_by,create_time,update_by,update_time,del_flag)
+	    (id_,user_name,password_,phone_,open_id,profession_,summary_,company_id,status_,
+	    create_by,create_time,update_by,update_time,del_flag)
 		values
 		(
-#{id,jdbcType=VARCHAR}
-,#{userName,jdbcType=VARCHAR}
-,#{password,jdbcType=VARCHAR}
-,#{phone,jdbcType=VARCHAR}
-,#{openId,jdbcType=VARCHAR}
-,#{profession,jdbcType=VARCHAR}
-,#{summary,jdbcType=VARCHAR}
-,#{companyId,jdbcType=VARCHAR}
-,#{status,jdbcType=VARCHAR}
-,#{createBy,jdbcType=VARCHAR}
-,#{createTime,jdbcType= TIMESTAMP }
-,#{updateBy,jdbcType=VARCHAR}
-,#{updateTime,jdbcType= TIMESTAMP }
-,#{delFlag,jdbcType= NUMERIC }
+			#{id,jdbcType=VARCHAR}
+			,#{userName,jdbcType=VARCHAR}
+			,#{password,jdbcType=VARCHAR}
+			,#{phone,jdbcType=VARCHAR}
+			,#{openId,jdbcType=VARCHAR}
+			,#{profession,jdbcType=VARCHAR}
+			,#{summary,jdbcType=VARCHAR}
+			,#{companyId,jdbcType=VARCHAR}
+			,#{status,jdbcType=VARCHAR}
+			,#{createBy,jdbcType=VARCHAR}
+			,#{createTime,jdbcType= TIMESTAMP }
+			,#{updateBy,jdbcType=VARCHAR}
+			,#{updateTime,jdbcType= TIMESTAMP }
+			,#{delFlag,jdbcType= NUMERIC }
 		)
 	]]>
 	</insert>

picc-enterprise-server/src/main/java/com/jpsoft/picc/PICCEnterpriseServerApplication.java

@@ -1,5 +1,7 @@
 package com.jpsoft.picc;
 
+import org.jasig.cas.client.configuration.ConfigurationKey;
+import org.jasig.cas.client.configuration.ConfigurationKeys;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;

picc-enterprise-server/src/main/java/com/jpsoft/picc/config/CasConfig.java

@@ -1,26 +1,26 @@
 package com.jpsoft.picc.config;
 
+import com.jpsoft.picc.filter.Cas20ProxyReceivingTicketValidationFilterEx;
 import com.jpsoft.picc.filter.RequestWrapperFilterEx;
 import lombok.Data;
 import net.unicon.cas.client.configuration.EnableCasClient;
 import org.jasig.cas.client.authentication.AuthenticationFilter;
-import org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl;
+import org.jasig.cas.client.session.SingleSignOutFilter;
 import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
-import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
-import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
-import org.jasig.cas.client.validation.Cas30ProxyTicketValidator;
-import org.jasig.cas.client.validation.TicketValidator;
+import org.jasig.cas.client.validation.*;
+import org.jasig.cas.client.validation.json.Cas30JsonProxyTicketValidator;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
+import java.util.EventListener;
 import java.util.HashMap;
 import java.util.Map;
 
 @Data
 @Configuration
-@EnableCasClient
 public class CasConfig {
     @Value("${cas.server-url-prefix}")
     private String serverUrlPrefix;
@@ -30,63 +30,87 @@ public class CasConfig {
     private String clientHostUrl;
 
     /**
-     * 授权过滤器
-     * @return
+     * description: 登录过滤器
+     * @param: []
+     * @return: org.springframework.boot.web.servlet.FilterRegistrationBean
      */
     @Bean
-    public FilterRegistrationBean filterAuthenticationRegistration() {
+    public FilterRegistrationBean filterSingleRegistration() {
         FilterRegistrationBean registration = new FilterRegistrationBean();
-        registration.setFilter(new AuthenticationFilter());
+        registration.setFilter(new SingleSignOutFilter());
         // 设定匹配的路径
         registration.addUrlPatterns("/auth/*");
         Map<String,String> initParameters = new HashMap<String, String>();
-        initParameters.put("casServerLoginUrl", serverUrlPrefix);
-        initParameters.put("serverName", clientHostUrl);
-        //忽略的url，"|"分隔多个url
-        initParameters.put("ignorePattern", "/logout/success|/index");
+        initParameters.put("casServerUrlPrefix", serverUrlPrefix);
         registration.setInitParameters(initParameters);
         // 设定加载的顺序
         registration.setOrder(1);
         return registration;
     }
 
+
+    /**
+     * description:过滤验证器
+     *     * @param: []
+     * @return: org.springframework.boot.web.servlet.FilterRegistrationBean
+     */
     @Bean
-    public FilterRegistrationBean filterHttpServletRequestRegistration() {
+    public FilterRegistrationBean filterValidationRegistration() {
         FilterRegistrationBean registration = new FilterRegistrationBean();
-        registration.setFilter(new RequestWrapperFilterEx());
+
+        Cas20ProxyReceivingTicketValidationFilterEx validationFilter = new Cas20ProxyReceivingTicketValidationFilterEx();
+
+        registration.setFilter(validationFilter);
+
         // 设定匹配的路径
         registration.addUrlPatterns("/auth/*");
-
+        Map<String,String>  initParameters = new HashMap<String, String>();
+        initParameters.put("casServerUrlPrefix", serverUrlPrefix);
+        initParameters.put("serverName", clientHostUrl);
+        initParameters.put("useSession", "true");
+        registration.setInitParameters(initParameters);
+        // 设定加载的顺序
+        registration.setOrder(1);
         return registration;
     }
 
+
     /**
-     * 配置ticket校验器
-     *
-     * @return
+     * description:授权过滤器
+     * @param: []
+     * @return: org.springframework.boot.web.servlet.FilterRegistrationBean
      */
     @Bean
-    public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
-        // 配置上服务端的校验ticket地址
-        Cas20ServiceTicketValidator validator =  new Cas20ServiceTicketValidator(serverUrlPrefix);
-        validator.setEncoding("UTF-8");
+    public FilterRegistrationBean filterAuthenticationRegistration() {
+        FilterRegistrationBean registration = new FilterRegistrationBean();
+        registration.setFilter(new AuthenticationFilter());
+        // 设定匹配的路径
+        registration.addUrlPatterns("/auth/*");
+        Map<String,String>  initParameters = new HashMap<String, String>();
+        initParameters.put("casServerLoginUrl", serverLoginUrl);
+        initParameters.put("serverName", clientHostUrl);
+
+        //忽略/logout的路径
+        initParameters.put("ignorePattern", "/logout");
 
-        return validator;
+        registration.setInitParameters(initParameters);
+        // 设定加载的顺序
+        registration.setOrder(1);
+        return registration;
     }
 
+    /**
+     * wraper过滤器
+     * @return
+     */
     @Bean
-    public FilterRegistrationBean filterCasTicketValidationRegistration() {
-        Cas20ProxyReceivingTicketValidationFilter filter = new Cas20ProxyReceivingTicketValidationFilter();
-        filter.setServerName(clientHostUrl);
-        filter.setTicketValidator(cas20ServiceTicketValidator());
-
+    public FilterRegistrationBean filterWrapperRegistration() {
         FilterRegistrationBean registration = new FilterRegistrationBean();
-
-        registration.setFilter(filter);
-
+        registration.setFilter(new HttpServletRequestWrapperFilter());
         // 设定匹配的路径
         registration.addUrlPatterns("/auth/*");
-
+        // 设定加载的顺序
+        registration.setOrder(1);
         return registration;
     }
 }

picc-enterprise-server/src/main/java/com/jpsoft/picc/filter/Cas20ProxyReceivingTicketValidationFilterEx.java

@@ -0,0 +1,186 @@
+package com.jpsoft.picc.filter;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Timer;
+import java.util.TimerTask;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.jasig.cas.client.Protocol;
+import org.jasig.cas.client.configuration.ConfigurationKeys;
+import org.jasig.cas.client.proxy.AbstractEncryptedProxyGrantingTicketStorageImpl;
+import org.jasig.cas.client.proxy.Cas20ProxyRetriever;
+import org.jasig.cas.client.proxy.CleanUpTimerTask;
+import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage;
+import org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl;
+import org.jasig.cas.client.ssl.HttpURLConnectionFactory;
+import org.jasig.cas.client.ssl.HttpsURLConnectionFactory;
+import org.jasig.cas.client.util.CommonUtils;
+import org.jasig.cas.client.util.ReflectUtils;
+import org.jasig.cas.client.validation.AbstractTicketValidationFilter;
+import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
+import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
+import org.jasig.cas.client.validation.TicketValidator;
+import com.jpsoft.picc.validation.Cas20ServiceTicketValidatorEx;
+
+public class Cas20ProxyReceivingTicketValidationFilterEx extends AbstractTicketValidationFilter {
+    private static final String[] RESERVED_INIT_PARAMS;
+    private String proxyReceptorUrl;
+    private Timer timer;
+    private TimerTask timerTask;
+    private int millisBetweenCleanUps;
+    protected Class<? extends Cas20ServiceTicketValidator> defaultServiceTicketValidatorClass;
+    protected Class<? extends Cas20ProxyTicketValidator> defaultProxyTicketValidatorClass;
+    private ProxyGrantingTicketStorage proxyGrantingTicketStorage;
+
+    public Cas20ProxyReceivingTicketValidationFilterEx() {
+        this(Protocol.CAS2);
+        this.defaultServiceTicketValidatorClass = Cas20ServiceTicketValidator.class;
+        this.defaultProxyTicketValidatorClass = Cas20ProxyTicketValidator.class;
+    }
+
+    protected Cas20ProxyReceivingTicketValidationFilterEx(Protocol protocol) {
+        super(protocol);
+        this.proxyGrantingTicketStorage = new ProxyGrantingTicketStorageImpl();
+    }
+
+    protected void initInternal(FilterConfig filterConfig) throws ServletException {
+        this.setProxyReceptorUrl(this.getString(ConfigurationKeys.PROXY_RECEPTOR_URL));
+        Class<? extends ProxyGrantingTicketStorage> proxyGrantingTicketStorageClass = this.getClass(ConfigurationKeys.PROXY_GRANTING_TICKET_STORAGE_CLASS);
+        if (proxyGrantingTicketStorageClass != null) {
+            this.proxyGrantingTicketStorage = (ProxyGrantingTicketStorage)ReflectUtils.newInstance(proxyGrantingTicketStorageClass, new Object[0]);
+            if (this.proxyGrantingTicketStorage instanceof AbstractEncryptedProxyGrantingTicketStorageImpl) {
+                AbstractEncryptedProxyGrantingTicketStorageImpl p = (AbstractEncryptedProxyGrantingTicketStorageImpl)this.proxyGrantingTicketStorage;
+                String cipherAlgorithm = this.getString(ConfigurationKeys.CIPHER_ALGORITHM);
+                String secretKey = this.getString(ConfigurationKeys.SECRET_KEY);
+                p.setCipherAlgorithm(cipherAlgorithm);
+
+                try {
+                    if (secretKey != null) {
+                        p.setSecretKey(secretKey);
+                    }
+                } catch (Exception var7) {
+                    throw new RuntimeException(var7);
+                }
+            }
+        }
+
+        this.millisBetweenCleanUps = this.getInt(ConfigurationKeys.MILLIS_BETWEEN_CLEAN_UPS);
+        super.initInternal(filterConfig);
+    }
+
+    public void init() {
+        super.init();
+        CommonUtils.assertNotNull(this.proxyGrantingTicketStorage, "proxyGrantingTicketStorage cannot be null.");
+        if (this.timer == null) {
+            this.timer = new Timer(true);
+        }
+
+        if (this.timerTask == null) {
+            this.timerTask = new CleanUpTimerTask(this.proxyGrantingTicketStorage);
+        }
+
+        this.timer.schedule(this.timerTask, (long)this.millisBetweenCleanUps, (long)this.millisBetweenCleanUps);
+    }
+
+    protected final TicketValidator getTicketValidator(FilterConfig filterConfig) {
+        setServerName(filterConfig.getInitParameter("serverName"));
+
+        boolean allowAnyProxy = this.getBoolean(ConfigurationKeys.ACCEPT_ANY_PROXY);
+        String allowedProxyChains = this.getString(ConfigurationKeys.ALLOWED_PROXY_CHAINS);
+        String casServerUrlPrefix = this.getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX);
+        Class<? extends Cas20ServiceTicketValidator> ticketValidatorClass = this.getClass(ConfigurationKeys.TICKET_VALIDATOR_CLASS);
+
+        casServerUrlPrefix = filterConfig.getInitParameter("casServerUrlPrefix");
+        Cas20ServiceTicketValidatorEx validator = new Cas20ServiceTicketValidatorEx(casServerUrlPrefix);
+
+//        if (!allowAnyProxy && !CommonUtils.isNotBlank(allowedProxyChains)) {
+//            validator = (Cas20ServiceTicketValidator)this.createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, this.defaultServiceTicketValidatorClass);
+//        } else {
+//            Cas20ProxyTicketValidator v = (Cas20ProxyTicketValidator)this.createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, this.defaultProxyTicketValidatorClass);
+//            v.setAcceptAnyProxy(allowAnyProxy);
+//            v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains));
+//            validator = v;
+//        }
+        validator.setProxyCallbackUrl(this.getString(ConfigurationKeys.PROXY_CALLBACK_URL));
+        validator.setProxyGrantingTicketStorage(this.proxyGrantingTicketStorage);
+        HttpURLConnectionFactory factory = new HttpsURLConnectionFactory(this.getHostnameVerifier(), this.getSSLConfig());
+        validator.setURLConnectionFactory(factory);
+
+        //Cas20ProxyRetriever中会调用CommonUtils.getResponseFromServer 其中需要用到encoding
+//      validator.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix, this.getString(ConfigurationKeys.ENCODING), factory));
+        validator.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix, "UTF-8", factory));
+        validator.setRenew(this.getBoolean(ConfigurationKeys.RENEW));
+//      validator.setEncoding(this.getString(ConfigurationKeys.ENCODING));
+        validator.setEncoding("UTF-8");
+
+        Map<String, String> additionalParameters = new HashMap();
+        List<String> params = Arrays.asList(RESERVED_INIT_PARAMS);
+        Enumeration e = filterConfig.getInitParameterNames();
+
+        while(e.hasMoreElements()) {
+            String s = (String)e.nextElement();
+            if (!params.contains(s)) {
+                additionalParameters.put(s, filterConfig.getInitParameter(s));
+            }
+        }
+
+        validator.setCustomParameters(additionalParameters);
+        return (TicketValidator)validator;
+    }
+
+    public void destroy() {
+        super.destroy();
+        this.timer.cancel();
+    }
+
+    protected final boolean preFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        HttpServletRequest request = (HttpServletRequest)servletRequest;
+        HttpServletResponse response = (HttpServletResponse)servletResponse;
+        String requestUri = request.getRequestURI();
+        if (!CommonUtils.isEmpty(this.proxyReceptorUrl) && requestUri.endsWith(this.proxyReceptorUrl)) {
+            try {
+                CommonUtils.readAndRespondToProxyReceptorRequest(request, response, this.proxyGrantingTicketStorage);
+                return false;
+            } catch (RuntimeException var8) {
+                this.logger.error(var8.getMessage(), var8);
+                throw var8;
+            }
+        } else {
+            return true;
+        }
+    }
+
+    public final void setProxyReceptorUrl(String proxyReceptorUrl) {
+        this.proxyReceptorUrl = proxyReceptorUrl;
+    }
+
+    public void setProxyGrantingTicketStorage(ProxyGrantingTicketStorage storage) {
+        this.proxyGrantingTicketStorage = storage;
+    }
+
+    public void setTimer(Timer timer) {
+        this.timer = timer;
+    }
+
+    public void setTimerTask(TimerTask timerTask) {
+        this.timerTask = timerTask;
+    }
+
+    public void setMillisBetweenCleanUps(int millisBetweenCleanUps) {
+        this.millisBetweenCleanUps = millisBetweenCleanUps;
+    }
+
+    static {
+        RESERVED_INIT_PARAMS = new String[]{ConfigurationKeys.ARTIFACT_PARAMETER_NAME.getName(), ConfigurationKeys.SERVER_NAME.getName(), ConfigurationKeys.SERVICE.getName(), ConfigurationKeys.RENEW.getName(), ConfigurationKeys.LOGOUT_PARAMETER_NAME.getName(), ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST.getName(), ConfigurationKeys.EAGERLY_CREATE_SESSIONS.getName(), ConfigurationKeys.ENCODE_SERVICE_URL.getName(), ConfigurationKeys.SSL_CONFIG_FILE.getName(), ConfigurationKeys.ROLE_ATTRIBUTE.getName(), ConfigurationKeys.IGNORE_CASE.getName(), ConfigurationKeys.CAS_SERVER_LOGIN_URL.getName(), ConfigurationKeys.GATEWAY.getName(), ConfigurationKeys.AUTHENTICATION_REDIRECT_STRATEGY_CLASS.getName(), ConfigurationKeys.GATEWAY_STORAGE_CLASS.getName(), ConfigurationKeys.CAS_SERVER_URL_PREFIX.getName(), ConfigurationKeys.ENCODING.getName(), ConfigurationKeys.TOLERANCE.getName(), ConfigurationKeys.IGNORE_PATTERN.getName(), ConfigurationKeys.IGNORE_URL_PATTERN_TYPE.getName(), ConfigurationKeys.HOSTNAME_VERIFIER.getName(), ConfigurationKeys.HOSTNAME_VERIFIER_CONFIG.getName(), ConfigurationKeys.EXCEPTION_ON_VALIDATION_FAILURE.getName(), ConfigurationKeys.REDIRECT_AFTER_VALIDATION.getName(), ConfigurationKeys.USE_SESSION.getName(), ConfigurationKeys.SECRET_KEY.getName(), ConfigurationKeys.CIPHER_ALGORITHM.getName(), ConfigurationKeys.PROXY_RECEPTOR_URL.getName(), ConfigurationKeys.PROXY_GRANTING_TICKET_STORAGE_CLASS.getName(), ConfigurationKeys.MILLIS_BETWEEN_CLEAN_UPS.getName(), ConfigurationKeys.ACCEPT_ANY_PROXY.getName(), ConfigurationKeys.ALLOWED_PROXY_CHAINS.getName(), ConfigurationKeys.TICKET_VALIDATOR_CLASS.getName(), ConfigurationKeys.PROXY_CALLBACK_URL.getName(), ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getName()};
+    }
+}

picc-enterprise-server/src/main/java/com/jpsoft/picc/modules/auth/controller/InsuranceApplicationController.java

@@ -193,12 +193,11 @@ public class InsuranceApplicationController {
                 insuranceApplicationDTO.setBusinessScope(company.getBusinessScope());
                 insuranceApplicationDTO.setIndustryType(company.getIndustryType());
                 insuranceApplicationDTO.setEmployeesNumber(company.getEmployeesNumber());
-                insuranceApplicationDTO.setInsuredNumber(company.getInsuredNumber());
+                insuranceApplicationDTO.setInsuredNumber(0);
                 insuranceApplicationDTO.setTel(company.getTel());
                 insuranceApplicationDTO.setPostal(company.getPostal());
                 insuranceApplicationDTO.setCompanyAddress(company.getAddress());
                 insuranceApplicationDTO.setLossInRecentYears(company.getRemark());
-
             }
 
             //读取每月投保单编号

picc-enterprise-server/src/main/java/com/jpsoft/picc/validation/Cas20ServiceTicketValidatorEx.java

@@ -0,0 +1,194 @@
+package com.jpsoft.picc.validation;
+
+
+import java.io.StringReader;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import javax.xml.parsers.SAXParser;
+import javax.xml.parsers.SAXParserFactory;
+import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.jasig.cas.client.authentication.AttributePrincipalImpl;
+import org.jasig.cas.client.proxy.Cas20ProxyRetriever;
+import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage;
+import org.jasig.cas.client.proxy.ProxyRetriever;
+import org.jasig.cas.client.util.CommonUtils;
+import org.jasig.cas.client.util.XmlUtils;
+import org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator;
+import org.jasig.cas.client.validation.Assertion;
+import org.jasig.cas.client.validation.AssertionImpl;
+import org.jasig.cas.client.validation.TicketValidationException;
+import org.xml.sax.Attributes;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.XMLReader;
+import org.xml.sax.helpers.DefaultHandler;
+
+public class Cas20ServiceTicketValidatorEx extends AbstractCasProtocolUrlBasedTicketValidator {
+    private String proxyCallbackUrl;
+    private ProxyGrantingTicketStorage proxyGrantingTicketStorage;
+    private ProxyRetriever proxyRetriever;
+
+    public Cas20ServiceTicketValidatorEx(String casServerUrlPrefix) {
+        super(casServerUrlPrefix);
+         this.proxyRetriever = new Cas20ProxyRetriever(casServerUrlPrefix, this.getEncoding(), this.getURLConnectionFactory());
+    }
+
+    protected final void populateUrlAttributeMap(Map<String, String> urlParameters) {
+        urlParameters.put("pgtUrl", this.proxyCallbackUrl);
+    }
+
+    protected String getUrlSuffix() {
+        return "serviceValidate";
+    }
+
+    protected Assertion parseResponseFromServer(String response) throws TicketValidationException {
+        String error = this.parseAuthenticationFailureFromResponse(response);
+        if (CommonUtils.isNotBlank(error)) {
+            throw new TicketValidationException(error);
+        } else {
+            String principal = this.parsePrincipalFromResponse(response);
+            String proxyGrantingTicketIou = this.parseProxyGrantingTicketFromResponse(response);
+            String proxyGrantingTicket;
+            if (!CommonUtils.isBlank(proxyGrantingTicketIou) && this.proxyGrantingTicketStorage != null) {
+                proxyGrantingTicket = this.proxyGrantingTicketStorage.retrieve(proxyGrantingTicketIou);
+            } else {
+                proxyGrantingTicket = null;
+            }
+
+            if (CommonUtils.isEmpty(principal)) {
+                throw new TicketValidationException("No principal was found in the response from the CAS server.");
+            } else {
+                Map<String, Object> attributes = this.extractCustomAttributes(response);
+                AssertionImpl assertion;
+                if (CommonUtils.isNotBlank(proxyGrantingTicket)) {
+                    AttributePrincipal attributePrincipal = new AttributePrincipalImpl(principal, attributes, proxyGrantingTicket, this.proxyRetriever);
+                    assertion = new AssertionImpl(attributePrincipal);
+                } else {
+                    assertion = new AssertionImpl(new AttributePrincipalImpl(principal, attributes));
+                }
+
+                this.customParseResponse(response, assertion);
+                return assertion;
+            }
+        }
+    }
+
+    protected String parseProxyGrantingTicketFromResponse(String response) {
+        return XmlUtils.getTextForElement(response, "proxyGrantingTicket");
+    }
+
+    protected String parsePrincipalFromResponse(String response) {
+        return XmlUtils.getTextForElement(response, "user");
+    }
+
+    protected String parseAuthenticationFailureFromResponse(String response) {
+        return XmlUtils.getTextForElement(response, "authenticationFailure");
+    }
+
+    protected Map<String, Object> extractCustomAttributes(String xml) {
+        SAXParserFactory spf = SAXParserFactory.newInstance();
+        spf.setNamespaceAware(true);
+        spf.setValidating(false);
+
+        try {
+            SAXParser saxParser = spf.newSAXParser();
+            XMLReader xmlReader = saxParser.getXMLReader();
+            Cas20ServiceTicketValidatorEx.CustomAttributeHandler handler = new Cas20ServiceTicketValidatorEx.CustomAttributeHandler();
+            xmlReader.setContentHandler(handler);
+            xmlReader.parse(new InputSource(new StringReader(xml)));
+            return handler.getAttributes();
+        } catch (Exception var6) {
+            this.logger.error(var6.getMessage(), var6);
+            return Collections.emptyMap();
+        }
+    }
+
+    protected void customParseResponse(String response, Assertion assertion) throws TicketValidationException {
+    }
+
+    public final void setProxyCallbackUrl(String proxyCallbackUrl) {
+        this.proxyCallbackUrl = proxyCallbackUrl;
+    }
+
+    public final void setProxyGrantingTicketStorage(ProxyGrantingTicketStorage proxyGrantingTicketStorage) {
+        this.proxyGrantingTicketStorage = proxyGrantingTicketStorage;
+    }
+
+    public final void setProxyRetriever(ProxyRetriever proxyRetriever) {
+        this.proxyRetriever = proxyRetriever;
+    }
+
+    protected final String getProxyCallbackUrl() {
+        return this.proxyCallbackUrl;
+    }
+
+    protected final ProxyGrantingTicketStorage getProxyGrantingTicketStorage() {
+        return this.proxyGrantingTicketStorage;
+    }
+
+    protected final ProxyRetriever getProxyRetriever() {
+        return this.proxyRetriever;
+    }
+
+    private class CustomAttributeHandler extends DefaultHandler {
+        private Map<String, Object> attributes;
+        private boolean foundAttributes;
+        private String currentAttribute;
+        private StringBuilder value;
+
+        private CustomAttributeHandler() {
+        }
+
+        public void startDocument() throws SAXException {
+            this.attributes = new HashMap();
+        }
+
+        public void startElement(String namespaceURI, String localName, String qName, Attributes attributes) throws SAXException {
+            if ("attributes".equals(localName)) {
+                this.foundAttributes = true;
+            } else if (this.foundAttributes) {
+                this.value = new StringBuilder();
+                this.currentAttribute = localName;
+            }
+
+        }
+
+        public void characters(char[] chars, int start, int length) throws SAXException {
+            if (this.currentAttribute != null) {
+                this.value.append(chars, start, length);
+            }
+
+        }
+
+        public void endElement(String namespaceURI, String localName, String qName) throws SAXException {
+            if ("attributes".equals(localName)) {
+                this.foundAttributes = false;
+                this.currentAttribute = null;
+            } else if (this.foundAttributes) {
+                Object o = this.attributes.get(this.currentAttribute);
+                if (o == null) {
+                    this.attributes.put(this.currentAttribute, this.value.toString());
+                } else {
+                    Object items;
+                    if (o instanceof List) {
+                        items = (List)o;
+                    } else {
+                        items = new LinkedList();
+                        ((List)items).add(o);
+                        this.attributes.put(this.currentAttribute, items);
+                    }
+
+                    ((List)items).add(this.value.toString());
+                }
+            }
+
+        }
+
+        public Map<String, Object> getAttributes() {
+            return this.attributes;
+        }
+    }
+}