Versions Compared

Old Version 4

changes.mady.by.user Jordan Christensen

Saved on

compared with

New Version 5

changes.mady.by.user Jordan Christensen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
// Local specific CAS host
private const string CASHOST = "https://secure.its.yale.edu/cas/";

// After the page has been loaded, this routine is called.
protected void Page_Load(object sender, EventArgs e)
{
  // Look for the "ticket=" after the "?" in the URL
  string tkt = *Request.QueryString["ticket"];

  // This page is the CAS service=, but discard any query string residue
  string service = Request.Url.GetLeftPart(UriPartial.Path);

  // First time through there is no ticket=, so redirect to CAS login
  if (tkt == null || tkt.Length == 0)
  {         
        string redir = CASHOST + "login?" +                
       "service=" + service; 
    Response.Redirect(redir);
    return; 
       
  }

  // Second time (back from CAS) there is a ticket= to validate
  string validateurl = CASHOST + "serviceValidate?" +
    "ticket=" + tkt + "&"+
    "service=" + service;
  StreamReader Reader = new StreamReader( new WebClient().OpenRead(validateurl));
  string resp = Reader.ReadToEnd();
  // I like to have the text in memory for debugging rather than parsing the stream

  // Some boilerplate to set up the parse.
  NameTable nt = new NameTable();
  XmlNamespaceManager nsmgr = new XmlNamespaceManager(nt);
  XmlParserContext context = new XmlParserContext(null, nsmgr, null, XmlSpace.None);
  XmlTextReader reader = new XmlTextReader(resp, XmlNodeType.Element, context);

  string netid = null;

  // A very dumb use of XML. Just scan for the "user". If it isn't there, its an error.
  while (reader.Read())
  {            
     if (reader.IsStartElement()) {                
       string tag = reader.LocalName;        
        
      if (tag=="user")
                    
        netid = reader.ReadString();                
     }
  }
  // if you want to parse the proxy chain, just add the logic above
  reader.Close();
  // If there was a problem, leave the message on the screen. Otherwise, return to original page.
  if (netid == null)
  {
            
    Label1.Text = "CAS returned to this application, but then refused to validate your identity.";         
  }
  else
  {
            
    Label1.Text = "Welcome " + netid;
            
    FormsAuthentication.RedirectFromLoginPage(netid, false); // set netid in ASP.NET blocks         
  }
}

Now in any page in the application, the netid is accessible as Context.User.Identity.Name.