@ConditionalOnMissingBean(name = "cacheCredentialsCipherExecutor") @Bean public CipherExecutor cacheCredentialsCipherExecutor() { val cp = casProperties.getClearpass(); if (cp.isCacheCredential()) { val crypto = cp.getCrypto(); if (crypto.isEnabled()) { return new CacheCredentialsCipherExecutor(crypto.getEncryption().getKey(), crypto.getSigning().getKey(), crypto.getAlg(), crypto.getSigning().getKeySize(), crypto.getEncryption().getKeySize()); } LOGGER.warn("Cas is configured to capture and cache credentials via Clearpass yet crypto operations for the cached password are " + "turned off. Consider enabling the crypto configuration in CAS settings that allow the system to sign & encrypt the captured credential."); } return CipherExecutor.noOp(); }