Page Comparison

CAS Proxying with Classic ASP

This article demonstrates using CAS authentication with classic ASP and then calling a second application via
a CAS proxy. You should read the article on the proxy CAS walkthrough Proxy CAS Walkthrough first as it explains
how CAS proxying works.

For an example of how to do CAS proxying with ASP.Net, see me other article CAS Proxying with ASP.Net Forms Authentication

Using the code I have sited below, it is really quite simple to call another CAS-enabled application as a proxy after the
main (Proxier) CAS application has already authenticated.

The basic steps using the CAS_Authenticator class are as follows:

1. Call the ServiceValidate method from the main (Proxier) application for CAS authentication and include a pgtUrl attribute.

   Note
   title About the pgtUrl
   The pgtUrl MUST be part of the same application as the CAS Proxier AND be on a secure server with a valid RSA or Verisign SSL Certificate

2. The pgtUrl receives back from CAS the pgtIou/pgtId pair and stores them in an Application variable (e.g. Application(<value of pgtIou>) = <value of pgtId>)

   Info
   title The use of Application variables
   Application variables MUST be used instead of Session variables. This is because of the extra trip CAS has to make to the pgtUrl. Your application would lose it's session variables otherwise. This is NOT true in basic CAS Authentication so, you will notice through out these examples that I chose to use Application variables instead of Session variables for this reason. Also, note the use of the name of the Application variable being the value of the pgtIou. This is important because the main (Proxier) application will need to retrieve the pgtId sent to the pgtUrl and the only value it will know is the proxyGrantingTicket IOU (pgtIou).

3. The main (Proxier) application retrieves the pgtId value from the Application variable stored by the pgtUrl and then calls the RequestProxyTicket
   method passing in the pgtId and the proxy application complete Url.

   Info
   title The CAS Proxied Application
   The actual proxy application can be any CAS-enabled application that can call proxyValidate on the supplied proxyTicket and it does not have to reside on the same application server like the pgtUrl and main Proxier applications do._

4. With the "real" proxyTicket in it's grasp, the main (Proxier) application now calls AddProxyArgument as many times as it needs to add the arguments the proxied application will need. At the bare minimum, the proxyTicket itself MUST be added as an argument.

   Info
   title The Proxy Ticket
   The CAS-enabled proxied application MUST have a proxyTicket in order to send it to CAS in the proxyValidate method. The AddProxyArgument method is used in this case by the main application to add the proxyTicket. Then when you call MakeWebRequest , you specify an http method of GET or POST which would determine whether the proxyTicket was sent in the query string or the form post.

5. Finally, call the MakeWebRequest method passing in the Url to the CAS-enabled application to be proxied along with the http method (e.g. GET or POST).

The examples I've outlined rely on two classes (source code at the end of this article) that must be included in an include file in order for them to work.
The first is a simple string class since ASP doesn't have the very useful StringBuilder that is always available in ASP.Net,
I created a vbscript mocked up version called clsString (see below). The second class is the CAS_Authenticator and does all the dirty work,
not just for basic CAS authentication with ASP but also supports CAS proxying which is what my examples will demonstrate.

...

<%@ Language=VBScript %>
<%Option Explicit %>

<!-- #Include File = "../Includes/Public.asp" -->

<HTML>
<HEAD>
<title>Test CAS Proxy Application</title>
</HEAD>
          <body>
<%

Dim objCAS, serviceUrl
Dim pgtId
Dim proxyTicket
Dim proxyAppUrl

...

CAS Proxying with Classic ASP

This article demonstrates using CAS authentication with classic ASP and then calling a second application via a CAS proxy. You should read the article on the proxy CAS walkthrough Proxy CAS Walkthrough first as it explains how CAS proxying works.

For an example of how to do CAS proxying with ASP.Net, see me other article CAS Proxying with ASP.Net Forms Authentication

Using the code I have sited below, it is really quite simple to call another CAS-enabled application as a proxy after the main (Proxier) CAS application has already authenticated.

The steps for CAS Proxying using the CAS_Authenticator class are as follows:
(for basic CAS Authentication, you only need to do step 1 without including the pgtUrl. It's the inclusion of the pgtUrl prior to calling ServiceValidate that enables CAS proxying.)

1. From the main (Proxier) application, set the CASpgtUrl property to your application Url that will accept the pgtIou/pgtId pair from CAS and then call the ServiceValidate method for CAS authentication.

   Note
   title About the pgtUrl
   The pgtUrl MUST be part of the same application as the CAS Proxier AND be on a secure server with a valid RSA or Verisign SSL Certificate

2. The pgtUrl receives back from CAS the pgtIou/pgtId pair and stores them in an Application variable (e.g. Application(<value of pgtIou>) = <value of pgtId>)

   Info
   title The use of Application variables
   Application variables MUST be used instead of Session variables. This is because of the extra trip CAS has to make to the pgtUrl. Your application would lose it's session variables otherwise. This is NOT true in basic CAS Authentication so, you will notice through out these examples that I chose to use Application variables instead of Session variables for this reason. Also, note the use of the name of the Application variable being the value of the pgtIou. This is important because the main (Proxier) application will need to retrieve the pgtId sent to the pgtUrl and the only value it will know is the proxyGrantingTicket IOU (pgtIou).

3. The main (Proxier) application retrieves the pgtId value from the Application variable stored by the pgtUrl and then calls the RequestProxyTicket method passing in the pgtId and the proxy application complete Url.

   Info
   title The CAS Proxied Application
   The actual proxy application can be any CAS-enabled application that can call proxyValidate on the supplied proxyTicket and it does not have to reside on the same application server like the pgtUrl and main Proxier applications do._

4. With the "real" proxyTicket in it's grasp, the main (Proxier) application now calls AddProxyArgument as many times as it needs to add the arguments the proxied application will need. At the bare minimum, the proxyTicket itself MUST be added as an argument.

   Info
   title The Proxy Ticket
   The CAS-enabled proxied application MUST have a proxyTicket in order to send it to CAS in the proxyValidate method. The AddProxyArgument method is used in this case by the main application to add the proxyTicket. Then when you call MakeWebRequest , you specify an http method of GET or POST which would determine whether the proxyTicket was sent in the query string or the form post.

5. Finally, call the MakeWebRequest method passing in the Url to the CAS-enabled application to be proxied along with the http method (e.g. GET or POST).
   

   Tip
   title Making an Http Request in ASP
   The MakeWebRequest method is sort of an ASP version of the System.Net.WebClient class in ASP.Net. You can call this method in any ASP page to make an http GET or POST request and receive an html or xml response depending on the request. This method works very well for CAS proxying because we are just going to Response.Write the returned html of the proxied application to the browser.

   The examples I've outlined rely on two classes (source code at the end of this article) that must be included in an include file in order for them to work. The first is a simple string class since ASP doesn't have the very useful StringBuilder that is always available in ASP.Net, I created a vbscript mocked up version called clsString (see below). The second class is the CAS_Authenticator and does all the dirty work, not just for basic CAS authentication with ASP but also supports CAS proxying which is what my examples will demonstrate.

   VBScript Code

   Panel
   borderColor #cccccc bgColor #ffffff titleBGColor #eeeeee borderStyle dashed title CASProxier.asp
   Span style background-color:yellow id hl <% @ Language=VBScript Span style background-color:yellow id hl %> Span style background-color:yellow id hl <% Option Explicit Span style background-color:yellow id hl %> <!-- #Include File = "../Includes/Public.asp" --> <HTML> <HEAD> <title>Test CAS Proxy Application</title> </HEAD>             <body> Span style background-color:yellow id hl <% Dim objCAS, serviceUrl Dim pgtId Dim proxyTicket Dim proxyAppUrl 'Initialize CAS Authenticator Class Set objCAS = New CAS_Authenticator 'Set the CAS URL objCAS.CASURL = "https://auth-test.berkeley.edu/cas" 'Set the current request page Url as the CAS service name serviceUrl = GetRequestUrl() If Request.ServerVariables.Item("REQUEST_METHOD") = "POST" Then     'Get the pgtId, the proxy callback would have stored this as an application variable     'with the key name as the pgtIou     pgtId = Application(objCAS.ProxyGrantingTicketIOU)         If IsEmpty(pgtId) Then         Response.Write "No pgtId found, please make sure your pgtUrl is correct!"         Response.Write "<BR>"         Response.End     End If        'Send off the pgtId as well as the full Url to the CAS-enabled app to be proxied to the     'RequestProxyTicket method. It will return the "real" proxy ticket to call the proxy with     proxyAppUrl = "https://orimaging.berkeley.edu/ASP/Proxy/CASProxy.asp"     proxyTicket = objCAS.RequestProxyTicket(pgtId, proxyAppUrl)         If IsEmpty(proxyTicket) Then         Response.Write "The proxyTicket is Empty! " & objCAS.LastError         Response.Write "<BR>"         Response.End     End If        'Add arguments to send to proxy, proxyTicket is required as an argument!     objCAS.AddProxyArgument "proxyTicket", proxyTicket         'Make a request to the proxy and output the response     Response.Write "Proxy Response:"     Response.Write "<BR>"     Response.Write objCAS.MakeWebRequest(proxyAppUrl, "POST") Else     If IsEmpty(Application("UID")) Then         'Since this application will proxy other CAS-enabled apps, we will request         'a pgtIou/pgtId pair from CAS by supplying a secure Url to our CAS Callback         objCAS.CASpgtUrl = "https://orimaging.berkeley.edu/ASP/Proxy/

...

1. ProxyCallback.asp"         'Validate the URL of this application which will get assigned a ticket         'unless it fails, in which case exit and explain why it failed         If Not objCAS.ServiceValidate(serviceUrl) Then             Response.Write objCAS.LastError             Response.Write "<BR>"

...

1. Response.Write

...

1. "Service: " & serviceUrl             Response.End         End If         'Set Application variables         Application.Lock         Application("UID")

...

1. = objCAS.netID         Application.UnLock     End If             Span style background-color:yellow id hl %>                         <FORM action="Default.asp" method=post>                         <TABLE align=center width="75%">                         <TR>                         <td valign=top align=left>                                      <Ahref="../Logout.asp?url= Span style background-color:yellow id hl <% =serviceUrl Span style background-color:yellow id hl %> ">Log out of CAS</A>                         </td>                         </TR>                         <TR>                         <td valign=top align=left>                                      The current time is: Span style background-color:yellow id hl <% =now() Span style background-color:yellow id hl %>                         </td>                         </TR>                         <TR>                                      <TD> </TD>                         </TR>                         <TR>                         <td valign=top align=

...

1. left>

...

1. <span style="FONT-SIZE: 14px; COLOR: teal; FONT-FAMILY: tahoma">

...

1. Welcome <B> Span style background-color:yellow id hl <%

...

1. =Application("UID") Span style background-color:yellow id hl %> </B>, you have successfully authenticated with

...

1. CAS                       </span>

...

1. </td>

...

1. </TR>

...

1. <TR>

...

1. <td valign=top align=

...

1. left>

...

1. <INPUT type="submit" value="Test Call Proxy" id="btnCallProxy" name="btnCallProxy">

...

1. </td>

...

1. </TR>                         </TABLE>                         </FORM

...

1. >  Span style background-color:yellow id hl <% End If Set objCAS = Nothing

...

1. Span style background-color:yellow id hl %>                    </body> </HTML>

   Panel
   borderColor #cccccc bgColor #ffffff titleBGColor #eeeeee borderStyle

...

1. dashed title pgtUrl

...

1. Span style background-color:yellow id hl <% @ Language=VBScript Span style background-color:yellow id hl %> Span style background-color:yellow id hl <% Option Explicit Span style background-color:yellow id hl %> <!-- #Include File = "../Includes/Public.asp" --> <HTML> <HEAD> <title>CAS Proxy Callback App</title> </HEAD

...

1. >             <body>            Span style background-color:yellow id hl <% Dim pgtIou, pgtId 'Get pgtIou in Query String sent from CAS pgtIou = Request.QueryString.Item("pgtIou") 'Get pgtId in Query String sent from CAS pgtId = Request.QueryString.Item("pgtId") 'Check to see if they exist If Len(pgtIou) = 0 OR Len(pgtId) = 0 Then     Response.Write "No pgtIou/pgtId pair supplied!"     Response.End End If 'Store pgtId in application variable accessable from any page within this application Application.Lock Application(pgtIou) = pgtId Application.UnLock Span style background-color:yellow id hl %>             </BODY> </HTML>

   Panel
   borderColor

...

1. #cccccc bgColor #ffffff titleBGColor #eeeeee borderStyle dashed title CAS Proxied Application

   Span style background-color:yellow id hl <% @ Language=VBScript Span style background-color:yellow id hl %> Span style background-color:yellow id hl <% Option Explicit Span style background-color:yellow id hl %> <!-- #Include File = "../Includes/Public.asp" --> <HTML> <HEAD> <title>Test CAS Proxy</title> </HEAD>             <body> Span style background-color:yellow id hl <% Dim proxyArgKey Dim proxyTicket Dim objCAS 'Initialize CAS Authenticator Class Set objCAS = New CAS_Authenticator 'Set the CAS URL, change accordingly objCAS.CASURL = "https://auth-test.berkeley.edu/cas" 'proxy ticket should be in either the query string or the form post proxyTicket = Request.Item("proxyTicket") If Not IsEmpty(proxyTicket) Then     ' validate the proxy application with CAS     If NOT objCAS.ValidateProxy

...

1. (proxyTicket) Then         Response.Write objCAS.LastError         Response.Write "<BR>"         Response.End     End

...

1. If Span style background-color:yellow id hl %>             <P>                  <span style="font-size: 14px;font-family: tahoma;color:teal">                         Welcome <B><%=objCAS.netID%></B>, you have successfully authenticated with CAS             </span>             </P>

...

1. Span style background-color:yellow id hl <%     '     'Since this is the proxy application, we will check its arguments it was sent     'Normally we would know if the arguments were sent in the query string or Form post     'but for the purposes of this example, we will check both     '     If Request.QueryString.Count > 0 Then         'get arguments from querystring object         For Each proxyArgKey In Request.QueryString             Response.Write proxyArgKey & "=" & Request.QueryString.Item(proxyArgKey) & "(query string)"             Response.Write "<BR>"         Next     Else         'get arguments from form object         For Each proxyArgKey In Request.Form             Response.Write proxyArgKey & "=" & Request.Form.Item(proxyArgKey) & "(form post)"             Response.Write "<BR>"         Next     End If     If Not IsEmpty(objCAS.Proxies) Then         Response.Write "<BR>"         Response.Write "CAS Proxies:"         Response.Write "<BR>"         Response.Write objCAS.Proxies         Response.Write "<BR>"     End If Else     Response.Write "No proxyTicket found in either the query string or the form post!"     Response.Write "<BR>" End If Set objCAS = Nothing Span style background-color:yellow id hl %>             </BODY> </HTML>

   Panel
   borderColor #cccccc bgColor #ffffff titleBGColor #eeeeee borderStyle dashed title clsString

...

1. '***************************************************************** ' clsString : A String Class helper to aid in string concatenation '***************************************************************** Class clsString     Private m_intLength     Private m_intCounter     Private m_arrString()     Private Sub Class_Initialize()         'Dim an array and set position counter          m_intCounter = 1          m_intLength = 100          Redim m_arrString(m_intLength)     End Sub     Public Sub Reset         'Erase current array and recreate          Erase m_arrString          Call Class_Initialize()     End Sub     Public Property Get Value          'Use Join function to create final string          Value = Join(m_arrString,"")     End Property     Public Property Get Delim(ByVal delimeter)          'Use Join function to create final string          Redim Preserve m_arrString(Limit)          Delim = Join(m_arrString,delimeter)     End Property     Public Property Get Element(ByVal

...

1. j)          'Use Join function to create final string          Element = m_arrString

...

1. (j)     End Property     Public Property Get Limit          'Use Join function to create final string          Limit = m_intCounter - 1     End Property     Public Sub Add(byval strValue)         Dim intArrLen         'Add value to string array         intArrLen = Ubound(m_arrString)         If m_intCounter >intArrLen Then _             Redim Preserve m_arrString(intArrLen + m_intLength)             m_arrString(m_intCounter) = Cstr(strValue)             'Increment position counter

...

1. m_intCounter = m_intCounter + 1     End Sub     Public Sub RemoveLast(byval intLastIndex)         'Remove the last intLastIndex elements from string array         Redim Preserve m_arrString(Limit - intLastIndex)     End Sub End Class 'Start Public Functions 'This function is basically an ASP version of the ASP.Net - Request.Url.GetLeftPart(UriPartial.Path) Public Function GetRequestUrl()     Dim Port     Dim Local_Addr     Dim Path_

...

1. Info     Dim Server_Name     Dim Protocol         Protocol = Request.ServerVariables("SERVER_PORT_SECURE")     Server_Name = Request.ServerVariables("SERVER_NAME")     Port = Request.ServerVariables("SERVER_PORT")     Path_Info = Request.ServerVariables("PATH_INFO")             If Port = 80 ORPort = 443 Then

...

1. Port = ""     Else

...

1. Port = ":" & Port     End If     Local_Addr = Request.ServerVariables("LOCAL_ADDR")             If Protocol = ""OR Protocol = "0"Then

...

1. If Local_Addr = "127.0.0.1"Then

...

1. Protocol = "http://"

...

1. Else

...

1. Protocol = "https://"

...

1. End If     Else

...

1. Protocol = "https://"     End If         GetRequestUrl = Protocol & Server_Name & Port & Path_Info End Function ' End Public Functions:

   Panel
   borderColor #cccccc bgColor #ffffff titleBGColor #eeeeee borderStyle dashed title CAS Authenticator

...

...

1. '*************************************************************************** ' CAS_Authenticator : A Class wrapper that encapsulates authentication via CAS '*************************************************************************** Class CAS_Authenticator     '*********************************************************     'Private Global variables     '*********************************************************     Private m_ErrorText     Private m_CASURL     Private m_netID     Private objXML     Private srvXmlHttp     Private proxyArgHash         Private m_pgtUrl     Private m_pgtId     Private m_Proxies     Private

...

1. queryCollection         Private Sub Class_Initialize()

...

1. Set proxyArgHash = Server.CreateObject("Scripting.Dictionary")         Set objXML = Server.CreateObject("Microsoft.XMLDOM")                 'set async for XML Dom         objXML.async = False

...

1. Set srvXmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")         Set queryCollection = Server.CreateObject("Scripting.Dictionary")     End Sub     Private Sub Class_Terminate()         Set objXML = Nothing         Set srvXMLHttp = Nothing         Set proxyArgHash = Nothing         Set queryCollection = Nothing     End Sub         Public Sub AddProxyArgument(ByVal name, ByVal value)

...

1. If Not proxyArgHash.Exists(name) Then

...

1. proxyArgHash.Add name,value

...

1. End If     End Sub

...

1. Public Property Get ProxyGrantingTicketIOU

...

1. ProxyGrantingTicketIOU = Application("pgtIou")     End Property     Public Property Get Proxies

...

1. Proxies = m_Proxies     End Property

...

1. Public Property Get netID

...

1. netID = m_netID     End Property     Public Property Get LastError

...

1. LastError = m_ErrorText     End Property

...

1. Public Property Let CASpgtUrl(ByVal vNewValue)

...

1. m_pgtUrl = vNewValue     End Property     Public Property Let CASURL(ByValvNewValue)         m_CASURL = vNewValue     End Property

...

1. Public Sub LogOut(ByVal url)

...

1. Session.Abandon()

...

1. Response.Redirect m_CASURL & "/logout?url=" & url     End Sub

...

1. Public Function MakeWebRequest(ByVal requestUrl, ByVal httpMethod)

...

1. On Error Resume Next

...

1. Err.

...

1. Clear                 Select Case httpMethod

...

1. Case "GET"

...

1. 'request method is a GET

...

1. 'Check the proxy arguments

...

1. If proxyArgHash.Count > 0 Then

...

1. requestUrl = requestUrl & "?"& CollectionToQueryString(proxyArgHash)

...

1. End If

...

1. srvXmlHttp.open "GET", requestUrl, false

...

1. srvXmlHttp.send()

...

1. Case "POST"

...

1. 'request method is a POST

...

1. srvXmlHttp.open "POST", requestUrl, false

...

1. srvXmlHttp.setRequestHeader "Content-Type","application/x-www-form-urlencoded"

...

1. 'Check the proxy arguments

...

1. If proxyArgHash.Count > 0 Then

...

1. srvXmlHttp.send CollectionToQueryString(proxyArgHash)

...

1. Else

...

1. srvXmlHttp.send()

...

1. End If

...

1. Case Else

...

1. 'Return error

...

1. m_ErrorText = "Expecting either 'GET' OR 'POST' http method!"

...

1. MakeWebRequest = Empty

...

1. Exit Function

...

...

1. End Select

...

1. If Err <> 0 Then

...

1. m_ErrorText = Err.Description

...

1. MakeWebRequest = Empty

...

1. Exit Function

...

1. End If

...

...

1. If srvXmlHttp.Status <> 200 Then

...

1. m_ErrorText = srvXmlHttp.Status & " - " & srvXmlHttp.StatusText

...

1. MakeWebRequest = Empty

...

1. Exit Function

...

1. End If

...

1. MakeWebRequest = srvXmlHttp.responseText     End Function

...

1. Private Function CollectionToQueryString(ByVal srcCollection)

...

1. Dim srcKey

...

1. Dim strCollItems

...

1. Set strCollItems = New clsString

...

1. For Each srcKey in srcCollection.Keys

...

1. strCollItems.Add srcKey & "="& srcCollection.Item(srcKey)

...

1. Next

...

...

1. CollectionToQueryString = Mid(strCollItems.Delim("&"), 2)

...

1. Set strCollItems = Nothing     End Function     Private Function CASRequest(ByVal validateurl)

...

1. Dim proxyNodeText

...

1. Dim objCASResponse

...

1. Dim objCASAuthenticationNode

...

1. Dim objCASUser

...

1. Dim objCASProxies

...

1. Dim objCASpgt

...

1. Dim objCASProxy

...

1. Dim objCASproxyTicket

...

1. Dim objProxyList

...

1. Dim htmlResponse

...

1. Dim

...

1. j

...

1. validateUrl = validateUrl & "?" & CollectionToQueryString(queryCollection)

...

...

1. htmlResponse = MakeWebRequest(validateUrl, "GET")

...

...

1. If IsEmpty(htmlResponse) Then

...

1. CASRequest = False

...

1. Exit Function

...

1. End If

...

...

1. If objXML.LoadXml(htmlResponse) Then

...

1. 'Get reference to cas:serviceResponse XML Node

...

1. Set objCASResponse = objXML.getElementsByTagName("cas:serviceResponse")

...

1. If objCASResponse.length = 0 then

...

1. m_ErrorText = "cas:serviceResponse XML Node is Empty!"

...

1. CASRequest = False

...

1. Exit Function

...

1. End If

...

...

1. Set objCASAuthenticationNode = objCASResponse.item(0).firstChild

...

1. Select Case objCASAuthenticationNode.nodeName

...

1. Case "cas:authenticationSuccess"

...

1. 'Get CAS user nodeText

...

1. Set objCASUser = objCASAuthenticationNode.getElementsByTagName("cas:user")

...

1. If objCASUser.length = 0

...

1. then                         m_ErrorText = "cas:user element NOT present in source CAS XML!"

...

1. CASRequest = False

...

1. Exit Function

...

1. End If

...

1. m_netID = objCASUser.item(0).nodeTypedValue

...

1. 'Get CAS proxies nodeText

...

1. Set objCASProxy = objCASAuthenticationNode.getElementsByTagName("cas:proxies")

...

1. If objCASProxy.length > 0 then

...

1. Set objProxyList = New clsString

...

1. Set objCASProxies = objCASProxy.item(0).

...

1. childNodes                                                 For j = 0 To objCASProxies.length - 1

...

1. objProxyList.Add(objCASProxies.item

...

1. (j).nodeTypedValue)

...

1. Next                                                 m_Proxies = objProxyList.Delim(vbcrlf)

...

1. Set objProxyList = Nothing

...

1. End If

...

1. 'Get CAS proxyGT nodeText

...

1. Set objCASpgt = objCASAuthenticationNode.getElementsByTagName("cas:proxyGrantingTicket")

...

1. If objCASpgt.length > 0 Then

...

1. Application.Lock

...

1. Application("pgtIou") = objCASpgt.item(0).nodeTypedValue

...

1. Application.UnLock

...

1. End If

...

1. Case "cas:authenticationFailure"

...

1. m_ErrorText = objCASAuthenticationNode.nodeTypedValue

...

1. CASRequest = False

...

1. Exit Function

...

1. Case "cas:proxySuccess"

...

1. 'Sample success returned from CAS

...

1. '<cas:proxySuccess xmlns:cas="http://www.yale.edu/tp/cas">

...

1. '  <cas:proxyTicket>

...

1. '      ST-1625-6YBqesAL6ywgfCwOPQYcK72G6ikQIHc6lab-aws-p1

...

1. '  </cas:proxyTicket>

...

1. '</cas:proxySuccess>

...

1. Set objCASproxyTicket = objCASAuthenticationNode.getElementsByTagName("cas:proxyTicket")

...

1. If objCASproxyTicket.length > 0 Then

...

1. m_pgtId = objCASproxyTicket.item(0).nodeTypedValue

...

1. End If

...

1. Case "cas:proxyFailure"

...

1. 'Sample error returned from CAS

...

1. '<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">

...

1. '   <cas:proxyFailure code="INVALID_TICKET">

...

1. '       ticket 'TGT-3053-jqon6B5AIUQ4A6Pb2RlgykerJ99PhUrF0ON-aws-p1' not recognized

...

1. '  </cas:proxyFailure>

...

1. '</cas:

...

1. serviceResponse>                     m_ErrorText = objCASAuthenticationNode.nodeTypedValue

...

1. CASRequest = False

...

1. Exit Function

...

1. Case Else

...

1. m_ErrorText = "Undefined CAS error!"

...

1. CASRequest = False

...

1. Exit Function

...

1. End Select

...

1. Else

...

1. m_ErrorText = "XML Failed to load<XMP>" & htmlResponse & "</XMP>"

...

1. CASRequest = False

...

1. Exit Function

...

1. End If

...

1. 'CAS is Authenticated

...

1. CASRequest = True     End Function

...

1. Public Function ServiceValidate(ByVal serviceUrl)

...

1. Dim tkt

...

1. Dim URLToValidate                 tkt = Request.QueryString.Item("ticket")

...

1. URLToValidate = m_CASURL & "/serviceValidate"

...

1. If IsEmpty(tkt) Then

...

1. 'if no ticket in URL then send user to CAS to get one             'send the user back to CAS             'set-up to avoid endless loop to CAS                             Response.Redirect

...

1. m_CASURL & "/login?service="& serviceUrl             Application.Lock             Application("ReturnUrl") = Request.QueryString.Item("ReturnUrl")

...

1. Application.UnLock             ServiceValidate = True

...

1. Exit Function

...

1. End If

...

...

1. ' Second time (back from CAS) there is a ticket= to validate

...

1. queryCollection.RemoveAll

...

1. queryCollection.Add"ticket", tkt

...

1. queryCollection.Add "service", serviceUrl

...

1. If NOT IsEmpty(m_pgtUrl) Then

...

1. queryCollection.Add "pgtUrl", m_pgtUrl

...

1. End If

...

1. If NOT CASRequest(URLToValidate) Then

...

1. ServiceValidate = False

...

1. Exit Function

...

1. End If

...

1. ' If there was a problem, leave the message on the screen. Otherwise, return to original page.

...

1. If IsEmpty(m_netID) Then

...

1. m_ErrorText = "CAS returned to this application, but then refused to validate your identity."

...

1. ServiceValidate = False

...

1. Exit Function

...

1. End If

...

...

1. ServiceValidate = True     End Function

...

1. Public Function RequestProxyTicket(ByVal pgtId, ByVal proxyAppUrl)

...

1. Dim validateurl

...

1. validateurl = m_CASURL & "/proxy"

...

...

1. queryCollection.RemoveAll

...

1. queryCollection.Add "targetService", proxyAppUrl

...

1. queryCollection.Add "pgt",

...

1. pgtId                 If Not CASRequest(validateurl) Then

...

1. RequestProxyTicket = Empty

...

1. Exit Function

...

1. End If

...

1. RequestProxyTicket = m_pgtId     End Function

...

1. Public

...

1. Function ValidateProxy(ByVal proxyTicket)         Dim validateurl         ' Validate proxy ticket

...

1. validateurl = m_CASURL & "/proxyValidate"

...

1. queryCollection.RemoveAll         queryCollection.Add "ticket", proxyTicket         queryCollection.Add "service", GetRequestUrl()         If Not CASRequest(validateurl) Then

...

1. ValidateProxy = False             Exit Function         EndIf         ' If there was a problem, leave the message on the screen. Otherwise, return to original page.         If IsEmpty(m_netID) Then