Yes, I meant FormsAuthenticationModule: http://www.koders.com/csharp/fid4BEDC51250B2B507391467CF38C6F5F600579CCD.aspx
Essentially on an AuthenticateRequest you check for CAS ticket/validation and also do FormsAuthenticationTicket logistics. The CAS Redirect is done on the EndRequest event if .Net was going to send a 401. The process feels odd from a Filter perspective, so I'm trusting this is the right way to do based on HttpApplication events as demonstrated by the mono code. Bill On Thu, Mar 26, 2009 at 3:52 PM, Winfrey, Catherine <cwinf...@vt.edu> wrote: > Could you provide a reference for " FormApplicationModule itself, as > demonstrated by Reflector, Mono[1], > and Michael Barton" so that I understand your approach a little better? Or > do you mean FormsAuthenticationModule? > > I have done some testing with HttpModules as well and agree that they are a > bit different from the ServletFilters. I have had some success with them > but thus far only with the Authentication step of the processing. I am > doing some more testing now. > > -----Original Message----- > From: William G. Thompson, Jr. [mailto:wgt...@gmail.com] > Sent: Thursday, March 26, 2009 14:06 > To: cas-dev@lists.jasig.org > Subject: [cas-dev] .Net JasigCasClient > > Folks, > > Initially when I started the port of the Java CasClient to .Net I > assumed since HttpModules are analogous to ServetFilters that it would > be relatively straight mapping from Filters to HttpModules. However, > as I dig deeper into .Net and the HttpRequest/FormsAuthentication > lifecycle this turns out not to be so simple. For one, HttpModules > and ServletFilters are not exactly at the same level of abstraction, > HttpModules being a bit lower level (i.e. HttpSession may not be > available depending on what events have fired). The other > complication is the HttpApplication pipeline itself, which fires a > mess of events and may make multiple calls into individual Modules > which is a different behavior than Filters. > > So, I'm started to come around to the approach taking by the > FormApplicationModule itself, as demonstrated by Reflector, Mono[1], > and Michael Barton. I think we end up with one CasHttpModule that > handles two events and is configured with the Cas specific components > for handling ticket validation and setting up Context.User. > > I'd like to end up at place that has these characteristics: > 1) dead simple easy deploy (drop in dll, a few web.conf settings) > 2) excellent integration with .Net framework (Context.User, etc.) > 3) feature/quality parity with Java client (good unit tests, support > for saml, etc) > > Thoughts? > > Bill > > [1] Mono FormsAuthenticationModule: > http://www.koders.com/csharp/fid4BEDC51250B2B507391467CF38C6F5F600579CCD.asp > x > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: cwinf...@vt.edu > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
