Merge branch 'master' into authn-sup-mfa

# Conflicts:
#	cas-server-support-oauth/src/test/resources/oauth-context.xml

cas-server-core-audit/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-authentication/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-events/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-logging/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-logout/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-monitor/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-services/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-tickets/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-util/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core-validation/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-core/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-documentation/Infinispan-Ticket-Registry.md

@@ -0,0 +1,79 @@
+---
+layout: default
+title: CAS - Infinispan Ticket Registry
+---
+
+# Infinispan Ticket Registry
+Infinispan integration is enabled by including the following dependency in the Maven WAR overlay:
+
+{% highlight xml %}
+<dependency>
+     <groupId>org.jasig.cas</groupId>
+     <artifactId>cas-server-integration-infinispan</artifactId>
+     <version>${cas.version}</version>
+</dependency>
+{% endhighlight %}
+
+
+[Infinispan](http://infinispan.org/) is a distributed in-memory key/value data store with optional schema.
+It can be used both as an embedded Java library and as a language-independent service accessed remotely over a variety of protocols. 
+It offers advanced functionality such as transactions, events, querying and distributed processing.
+
+Cache instance can be integrated with
+
+- JCache (JSR-107)
+- Hibernate second-level Cache
+- WildFly modules
+- Apache Lucene directory backed by Infinispan
+- Directory Provider for Hibernate Search
+- Spring Cache 3.x and 4.x
+- CDI
+- OSGi
+- Apache Spark
+- Apache Hadoop
+
+There are a variety of cache stores available to choose from, some of which are:
+
+- JPA/JDBC Store
+- Single File & Soft-Index 
+- REST 
+- Cassandra
+- Redis
+- HBase
+- MongoDB
+
+See the [full list of implementations](http://infinispan.org/cache-store-implementations/).
+
+## Distributed Cache
+Enable the registry via:
+
+{% highlight xml %}
+<alias name="infinispanTicketRegistry" alias="ticketRegistry" />
+{% endhighlight %}
+
+The above ticket registry expects a `infinispanTicketsCache` element to be available in the Spring context.
+This cache element may be chosen from one of the above implementations and configured.
+Here is an example:
+
+{% highlight xml %}
+<bean id="infinispanTicketsCache" factory-bean="cacheManager" factory-method="getCache" />
+<bean id="cacheManager" class="org.infinispan.manager.DefaultCacheManager"
+          c:configurationFile="infinispan.xml"/>
+{% endhighlight %}
+
+...and a sample `infinispan.xml` configuration file:
+
+{% highlight xml %}
+<?xml version="1.0" encoding="UTF-8"?>
+<infinispan xsi:schemaLocation="urn:infinispan:config:7.2 http://www.infinispan.org/schemas/infinispan-config-7.2.xsd"
+            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:infinispan:config:7.2">
+
+   <cache-container default-cache="cas">
+       <jmx duplicate-domains="true" />
+       <local-cache name="cas" />
+   </cache-container>
+</infinispan>
+{% endhighlight %}
+
+Refer to the [Infinispan](http://infinispan.org/) documentation to learn more about cache configuration, and how
+to manage the eviction policy for various ticket types.

cas-server-documentation/installation/LDAP-Authentication.md

@@ -102,7 +102,7 @@ Simply copy the configuration to `deployerConfigContext.xml` and provide values
             />
 {% endhighlight %}
 
-#### LDAP Requiring Authenticated Search
+## LDAP Requiring Authenticated Search
 The following configuration snippet provides a template for LDAP authentication performed with manager credentials
 followed by a bind. Copy the configuration to `deployerConfigContext.xml` and provide values for property placeholders.
 

cas-server-documentation/sidebar.html

@@ -58,6 +58,7 @@ <h1>Ticketing</h1>
             <li><a href="/$version/installation/JPA-Ticket-Registry.html">JPA</a></li>
             <li><a href="/$version/installation/Ignite-Ticket-Registry.html">Ignite</a></li>
             <li><a href="/$version/installation/Couchbase-Ticket-Registry.html">Couchbase</a></li>
+            <li><a href="/$version/installation/Infinispan-Ticket-Registry.html">Infinispan</a></li>
         </ul>
     </li>
 </ul>

cas-server-extension-clearpass/src/test/java/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-integration-ehcache-monitor/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-integration-ehcache/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-integration-grouper/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-integration-hazelcast/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-integration-ignite/src/test/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<Configuration>
+<Configuration shutdownHook="disable">
     <Appenders>
         <Console name="console" target="SYSTEM_OUT">
             <PatternLayout pattern="%d %p [%c] - &lt;%m&gt;%n"/>

cas-server-integration-infinispan/build.gradle

@@ -0,0 +1,35 @@
+description = 'Apereo CAS Infinispan Integration'
+dependencies {
+    compile group: 'org.springframework', name: 'spring-context-support', version:springVersion
+    compile group: 'org.springframework', name: 'spring-context', version:springVersion
+    compile(group: 'org.infinispan', name: 'infinispan-core', version:infinispanVersion) {
+        exclude(module: 'guava')
+        exclude(module: 'jboss-logging')
+    }
+    compile(group: 'org.infinispan', name: 'infinispan-commons', version:infinispanVersion) {
+        exclude(module: 'guava')
+        exclude(module: 'jboss-logging')
+    }
+    compile(group: 'org.infinispan', name: 'infinispan-cachestore-remote', version:infinispanVersion) {
+        exclude(module: 'guava')
+        exclude(module: 'leveldb-api')
+        exclude(module: 'leveldbjni')
+        exclude(module: 'jboss-logging')
+    }
+    compile project(':cas-server-core-api')
+    compile project(':cas-server-core-tickets')
+
+    testCompile(group: 'org.infinispan', name: 'infinispan-embedded', version:infinispanVersion) {
+        exclude(module: 'guava')
+        exclude(module: 'leveldb-api')
+        exclude(module: 'leveldbjni')
+        exclude(module: 'jboss-logging')
+    }
+
+    testCompile project(path: ":cas-server-core-authentication", configuration: "tests")
+    testCompile project(':cas-server-core-services')
+    testCompile project(path: ":cas-server-core-services", configuration: "tests")
+    testCompile project(':cas-server-core-util')
+}
+
+

cas-server-integration-infinispan/src/main/java/org/jasig/cas/ticket/registry/InfinispanTicketRegistry.java

@@ -0,0 +1,98 @@
+package org.jasig.cas.ticket.registry;
+
+import org.infinispan.Cache;
+import org.jasig.cas.ticket.Ticket;
+import org.jasig.cas.ticket.registry.encrypt.AbstractCrypticTicketRegistry;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import java.util.Collection;
+
+/**
+ * This is {@link InfinispanTicketRegistry}. Infinispan is a distributed in-memory key/value data store with optional schema.
+ * It offers advanced functionality such as transactions, events, querying and distributed processing.
+ * See <a href="http://infinispan.org/features/">http://infinispan.org/features/</a> for more info.
+ *
+ * @author Misagh Moayyed
+ * @since 4.2.0
+ */
+@Component("infinispanTicketRegistry")
+public final class InfinispanTicketRegistry extends AbstractCrypticTicketRegistry {
+
+    @Resource(name="infinispanTicketsCache")
+    private Cache<String, Ticket> cache;
+
+    /**
+     * Instantiates a new Infinispan ticket registry.
+     */
+    public InfinispanTicketRegistry() {
+    }
+
+    @Override
+    protected void updateTicket(final Ticket ticket) {
+        this.cache.put(ticket.getId(), ticket);
+    }
+
+    @Override
+    protected boolean needsCallback() {
+        return true;
+    }
+
+    /**
+     * Add a ticket to the registry. Ticket storage is based on the ticket id.
+     *
+     * @param ticket The ticket we wish to add to the cache.
+     */
+    @Override
+    public void addTicket(final Ticket ticket) {
+        this.cache.put(ticket.getId(), ticket);
+    }
+
+    /**
+     * Retrieve a ticket from the registry.
+     *
+     * @param ticketId the id of the ticket we wish to retrieve
+     * @return the requested ticket.
+     */
+    @Override
+    public Ticket getTicket(final String ticketId) {
+        final Ticket ticket = this.cache.get(ticketId);
+        return getProxiedTicketInstance(ticket);
+    }
+
+    /**
+     * Remove a specific ticket from the registry.
+     *
+     * @param ticketId The id of the ticket to delete.
+     * @return true if the ticket was removed and false if the ticket did not
+     *         exist.
+     */
+    @Override
+    public boolean deleteTicket(final String ticketId) {
+        if (getTicket(ticketId) == null) {
+            return false;
+        }
+        this.cache.evict(ticketId);
+        return true;
+
+    }
+
+    /**
+     *
+     * Retrieve all tickets from the registry.
+     *
+     * Note! Usage of this method can be computational and I/O intensive and should not be used for other than
+     * debugging.
+     *
+     * @return collection of tickets currently stored in the registry. Tickets
+     *         might or might not be valid i.e. expired.
+     */
+    @Override
+    public Collection<Ticket> getTickets() {
+        return this.cache.values();
+    }
+
+    public void setCache(final Cache<String, Ticket> cache) {
+        this.cache = cache;
+    }
+}

cas-server-integration-infinispan/src/main/resources/META-INF/spring/infinispan-ticket-registry.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xmlns:tx="http://www.springframework.org/schema/tx"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xmlns:sec="http://www.springframework.org/schema/security"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+       http://www.springframework.org/schema/beans/spring-beans.xsd
+       http://www.springframework.org/schema/context
+       http://www.springframework.org/schema/context/spring-context.xsd
+       http://www.springframework.org/schema/tx
+       http://www.springframework.org/schema/tx/spring-tx.xsd
+       http://www.springframework.org/schema/security
+       http://www.springframework.org/schema/security/spring-security.xsd
+       http://www.springframework.org/schema/util
+       http://www.springframework.org/schema/util/spring-util.xsd">
+
+</beans>