For a recent project I wanted to authenticate using Central Authentication Service (CAS), a single-sign on server deployed world-wide. My project is in ASP.NET, so I hunted down CASP, a C# class produced by John Tantalo at Case Western Reserve University. Coincidentally, John was also responsible for Planarity, a flash game which has only stolen mere days of my life.
I had a few nits to pick with it, so at the risk of calling his baby ugly:
- Doesn’t handle the latest CAS protocol, CAS2
- Dumps the authenticated username into Session, which isn’t what I wanted
- Doesn’t use “using” statements when dealing with IDisposable objects
- Doesn’t use XML comments, which .NET tools prefer
- Some minor duplication in specifying the login URL and the validation URL.
So, all in all nothing really big. I ended up going a little nuts with it resolving all my complaints. It can now speak CAS1 or CAS2, and has a bunch of options that I added in to solve my specific needs. It seems a little overcomplicated now, but I always get that feeling when I’m thinking in C#.
Installation
Pretty simple:
- Download the source: CASP.cs (BSD license)
- Add it to your project
Example usage
Like Tantalo’s CASP, mine is designed to be used from a System.Web.UI.Page, and will redirect the browser about as needed.
Simplest example, uses CAS2 by default
[csharp]
protected void Page_Load(object sender, EventArgs e) {
string username = CASP.Authenticate(“https://login.case.edu/cas/”, this.Page);
//do whatever with username
}
[/csharp]
Slightly more complex, using CAS1 and always renewing the authentication ticket
[csharp]
protected void Page_Load(object sender, EventArgs e) {
string username = CASP.Authenticate(“https://login.case.edu/cas/”, this.Page, true, false);
//do whatever with username
}
[/csharp]
Most complex example, giving you flexibility to decide what to do about errors, etc
[csharp]
protected void Page_Load(object sender, EventArgs e) {
CASP casp = new CASP(“https://login.case.edu/cas/”, this.Page, true); //re-login every time
if (casp.Login()) {
try {
string username = casp.ServerValidate(); //or casp.Validate() for CAS1
//do whatever with username
}catch (CASP.ValidateException ex) {
//try again, something was messed up
casp.Login(true);
}
}
}
[/csharp]
This code is certified:
3 Comments