Hey, Did anyone figure this out? I am getting the same exception: System.InvalidCastException = “Unable to cast object of type 'System.Web.Security.RolePrincipal' to type 'DotNetCasClient.Security.ICasPrincipal'.”
I tried to do what the below example states but IPrincipal claimsPrincipal does not seem to have an identities property. ClaimsPrincipal does have an identities property but only returns one genericdentity which I cannot cast to ICasPrincipal. Any help would be greatly appreciated. Thanks, -Abhijit. From: Andrew McInnes [mailto:[email protected]] Sent: Friday, May 24, 2013 5:18 PM To: [email protected] Subject: RE: [cas-user] .Net, SAML, ICasPrincipal Do you have a full code example of how to implement cas auth from scratch with .net? Perhaps a sample project? I have been struggling to get it to work and have followed all the various examples on jasig. I use .net 4/4.5. Many thanks, Andy Sent from my Windows Phone ________________________________ From: Scott<mailto:[email protected]> Sent: 24/05/2013 21:11 To: [email protected]<mailto:[email protected]> Subject: Re: [cas-user] .Net, SAML, ICasPrincipal Sorry. var should work in C# for .NET > 2.0, but you can specify the type too. What version of .NET are you running this on? The client was built w/compatibility for 2.0. It looks like RolePrincipal is 4.0/4.5 and is based on ClaimsPrincipal. I haven't really tested the existing client against 4.5, but I believe they changed the built-in authentication to be claims/WIF-based now. Try casting HttpContext.Current.User to a ClaimsPrincipal or RolePrincipal. They'll have an Identity and an Identities properties that should (hopefully) contain our ICasPrincipal. Something like this. ICasPrincipal casPrincipal = null; IPrincipal claimsPrincipal = HttpContext.CurrentUser as ClaimsPrincipal; if (claimsPrincipal != null) { foreach (IPrincipal principal in claimsPrincipal.Identities) { casPrincipal = principal as ICasPrincipal; if (casPrincipal != null) { // You found the CAS principal. Maybe you're looking for one of these? // casPrincipal.ProxyGrantingTicket // casPrincipal.Proxies // casPrincipal.Assertion.Attributes // casPrincipal.Assertion.ValidFromDate // casPrincipal.Assertion.ValidUntilDate // casPrincipal.Assertion.PrincipalName break; } } } if (casPrincipal == null) { // Didn't find it. We might have a client bug } The code that actually sets the principal is in CasAuthentication.cs. ICasPrincipal principal; ... principal = new CasPrincipal(assertion); ... context.User = principal; Thread.CurrentPrincipal = principal; and ICasPrincipal : System.Security.Principal.IPrincipal. CasAuthentication.cs takes care of setting these. If this stuff doesn't help, try turning on all of cas client trace logging. Alternatively, you may want to try to add the project to your solution and use it as a project reference. Then you can set breakpoints in the CAS client code and see what's going on. On Thu, May 23, 2013 at 9:57 AM, Brian Davidson <[email protected]<mailto:[email protected]>> wrote: I'm getting an exception trying to cast User to an ICasPrincipal: System.InvalidCastException: Unable to cast object of type 'System.Web.Security.RolePrincipal' to type 'DotNetCasClient.Security.ICasPrincipal'. Here's the specific line: ICasPrincipal p = (ICasPrincipal)HttpContext.Current.User; It wasn't happy with var p -- "the type or namespace name 'var' could not be found". I'm guessing var is what would be used for VB, and a type must be given for C#. On May 22, 2013, at 7:27 PM, Scott <[email protected]<mailto:[email protected]>> wrote: Hi, You'll need to cast HttpContext.Current.User.Identity to IPrincipal. So depending on where your code is running, one of these should do the trick. var casPrincipal = (ICasPrincipal) User; var casPrincipal = (ICasPrincipal) HttpContext.Current.User; -ScottH On Wed, May 22, 2013 at 5:22 PM, Brian Davidson <[email protected]<mailto:[email protected]>> wrote: Sorry for my complete lack of C#/.Net knowledge. Is an instance of ICasPrincipal is required to read SAML attributes? If so, how does one obtain an instance of ICasPrincipal? If not, how does one go about reading an attribute such as "fullName" (assuming that's one in our SAML tickets)? Thanks! Brian -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user ________________________________ This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of The Manchester College. If you are not the intended recipient, please be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. P Before printing this message, think about the environment. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
