Versions Compared

Old Version 11

changes.mady.by.user Joseph A. MITOLA

Saved on

compared with

New Version 12

changes.mady.by.user Joseph A. MITOLA

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The source code needed for this article can be viewed here and can be compiled in Visual Studio 2005 or greater. It will create a .Net assembly (DLL) to drop in your project's bin folder.

First compile the attached code into a .Net assembly and drop it into your project's bin folder. Then, In Web.config, make the following changes:

Step 1: Turn on Forms Authentication:

...

In this example, the page MyErrorPage.aspx can access the last error reported by calling the CASAuthentication.LastError property of the CASAuthentication class.

Code used to act as a CAS proxier - Your main default page

Code Block
html
html
- Default.aspx

 <%@ Page Language="VB" %>

<script runat="server">
    Protected Sub Page_Load(ByVal sender As Object,ByVal e As System.EventArgs)
        If User.Identity.IsAuthenticated Then
            'Once we've returned from CAS after our proxied application has been authenticated, we will
            'get the proxy response and output it to the browser
            If Not String.IsNullOrEmpty(CASAuthentication.ProxyAppResponse)Then
                Response.Write(String.Concat("Proxied App Response: ", CASAuthentication.ProxyAppResponse))
            End If
        End If
    End Sub

   Protected Sub btnRunTest_Click(ByVal sender As Object, ByVal e As System.EventArgs)
        'First, let's add some proxy arguments to send to the CAS proxy
        CASAuthentication.AddProxyArgument("arg1", "hello")
        CASAuthentication.AddProxyArgument("arg2", "world")

        'The InvokeCASProxy method of the CASAuthentication class will tell CAS to create a proxy granting ticket IOU
        'we can later use to get our "real" proxyTicket needed to authenticate our proxy with CAS
        If Not CASAuthentication.InvokeCASProxy(ProxyAppUrl:="<url_to_your_CAS_Proxy_Application>", _
            pgtUrl:="<secure_url_to_your_CAS_Callback_Url_Application>", _
            HttpMethodPost:= False) Then
            Response.Write(CASAuthentication.LastError)
            Return
        EndIf
    End Sub
</script>

<html>
<head>
<title>Test calling a CAS Proxy</title>
</head>

<body>
<p><a href="LogOut.aspx">Log out of CAS</a></p>
<p><asp:Button ID="btnRunTest" runat="server" OnClick="btnRunTest_Click" Text="Call Test Proxy" /></p>
</body>
</html>

Code used by the CAS callback Url (This would be the same application page specified in the pgtUrl attribute in the call to InvokeCASProxy method shown above) - This assumes that your main application (the CAS proxier) and callback Url are part of the same application so that they can share application specific variables. If the callback Url is NOT part of the same application, then you must handle storing/retrieving the pgtIou/pgtId pair yourself. (e.g. store them in an external database).

Warning
titleWarning

IMPORTANT NOTE: Because your callback Url will be called by CAS directly, you must turn off Forms Authentication for this page. This is easily achieved by adding the following to your web.config file root configuration section:

...

Code Block
html
html
- ProxyCallback.aspx
<%@ PageLanguage="VB"%>

<script runat="server">
	Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
		Dim pgtIou As String = Request.QueryString.Get("pgtIou")
		Dim pgtId As String = Request.QueryString.Get("pgtId")
		If Not String.IsNullOrEmpty(pgtIou) And Not String.IsNullOrEmpty(pgtId) Then
			'We have a pgtIou/pgtId pair sent from CAS server
			'Now call the AssignPgtIDForCallingProxy method of the CASAuthentication class
			'this will store the pgtId in an application variable with it's name the value of the pgtIou
			CASAuthentication.AssignPgtIDForCallingProxy(pgtIou, pgtId)
		Else
			Response.Write("No pgtIou/pgtId pair\!")
		End If
	End Sub
</script>

<html>
<head>
<title>Proxy Callback Url Page</title>
</head>

<body>
</body>
</html>

Code used by the CAS Proxy (This would be the same application specified in the ProxyAppUrl attribute in the call to InvokeCASProxy method shown above)

Code Block
html
html
- CASProxy.aspx

<%@ Page Language="VB" %>

<script runat="server">
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
        If CASAuthentication.IsAuthenticated Then

            Response.Write("Welcome " & CASAuthentication.CalNetID & ", you have been successfully authenticated with CAS!")
            Response.Write("<BR>")

            Dim proxyArgs As StringBuilder = New StringBuilder
            Dim proxyArgKey As String = String.Empty
'
'Since this is the proxy application, we will check it's arguments it was sent
'Normally we would know if the arguments were sent in the query string or Form post
'but for the purposes of this example, we will check both
'
            If Request.QueryString.Count > 0 Then
                'get arguments from querystring object
                For Each proxyArgKey In Request.QueryString
                    proxyArgs.AppendFormat("{0}={1} (query string)<br>", proxyArgKey, Request.QueryString.Get(proxyArgKey))
                Next
            Else
                'get arguments from form object
                For Each proxyArgKey In Request.Form
                    proxyArgs.AppendFormat("{0}={1} (form post)<br>", proxyArgKey, Request.Form.Get(proxyArgKey))
                Next
            End If

            Response.Write(proxyArgs.ToString)
            Response.Write("<BR>")

            If Not String.IsNullOrEmpty(CASAuthentication.Proxies) Then
                Response.Write(CASAuthentication.Proxies)
                Response.Write("<BR>")
            End If

        End If
    End Sub
</script>

<html>
<head>
    <title>Test CAS Proxied Application</title>
</head>
<body>
    <a href="LogOut.aspx">Log out of CAS</a>
</body>
</html>