Hi, I revised the source code from
https://wiki.jasig.org/display/CASC/CAS+Proxying+with+Classic+ASP
and make the CASClass.asp to be an ASP CAS 4.0 Client:
(1) Add the following function (the original function ServiceValidate() is
for CAS Protocol 2.0):
'================================================================================
'2014.11.12 CAS Protocol 3.0 service validate method, by Oswald Lu.
'================================================================================
Public Function ServiceValidate*V3*(ByVal serviceUrl)
Dim tkt
Dim URLToValidate
tkt = Request.QueryString.Item("ticket")
URLToValidate = m_CASURL & "*/p3/*serviceValidate"
If IsEmpty(tkt) Then
'if no ticket in URL then send user to CAS to get one
'send the user back to CAS
'set-up to avoid endless loop to CAS
Response.Redirect m_CASURL & "/login?service=" & serviceUrl
Application.Lock
Application("ReturnUrl") =
Request.QueryString.Item("ReturnUrl")
Application.UnLock
ServiceValidateV3 = True
Exit Function
End If
' Second time (back from CAS) there is a ticket= to validate
queryCollection.RemoveAll
queryCollection.Add "ticket", tkt
queryCollection.Add "service", serviceUrl
If NOT IsEmpty(m_pgtUrl) Then
queryCollection.Add "pgtUrl", m_pgtUrl
End If
If NOT CASRequest(URLToValidate) Then
ServiceValidateV3 = False
Exit Function
End If
' If there was a problem, leave the message on the screen.
Otherwise, return to original page.
If IsEmpty(m_netID) Then
m_ErrorText = "CAS returned to this application, but then
refused to validate your identity."
ServiceValidateV3 = False
Exit Function
End If
ServiceValidateV3 = True
End Function
(2) If you want to publish attributes from CAS, revise the CASRequest()
function:
'================================================================================
'2014.11.18 Object for CAS Protocol 3.0 XML attributes nodes, by
Oswald Lu.
'================================================================================
Dim objAttributeNode
'2014.11.18 Create a cookie for session (name=session id,
value=login user id).
'Well, I store attributes in session object. It's very easy for ASP
to get these session values.
'You may want to store attributes in other places, e.g. database or
cookie.
Dim sessionCookie
in the block:
If objXML.LoadXml(htmlResponse) Then
'Get reference to cas:serviceResponse XML Node
Set objCASResponse =
objXML.getElementsByTagName("cas:serviceResponse")
If objCASResponse.length = 0 then
m_ErrorText = "cas:serviceResponse XML Node is Empty!"
CASRequest = False
Exit Function
End If
Set objCASAuthenticationNode =
objCASResponse.item(0).firstChild
Select Case objCASAuthenticationNode.nodeName
Case "cas:authenticationSuccess"
add similar logic to "get" XML attributes from the htmlResponse:
m_netID = objCASUser.item(0).nodeTypedValue
'================================================================================
'2014.11.18 Get attributes nodes one by one and stores
in session object, by Oswald Lu.
'To do: Change the attributes name to meet your needs.
'================================================================================
'Reset session variables first.
Session.Contents.RemoveAll()
'Store login user id in session("user") if you like.
Session("user") = m_netID
'Store user's login ID in session cookie if you like.
sessionCookie = Session.SessionID & "=" & m_netID & ";
Path=/; HttpOnly"
Response.AddHeader "Set-Cookie", sessionCookie
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:company")
If objAttributeNode.length > 0 then
Session("company") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:dept")
If objAttributeNode.length > 0 then
Session("dept") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:title")
If objAttributeNode.length > 0 then
Session("title") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:name")
If objAttributeNode.length > 0 then
Session("name") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:telephone")
If objAttributeNode.length > 0 then
Session("telephone") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:mail")
If objAttributeNode.length > 0 then
Session("mail") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode =
objCASAuthenticationNode.getElementsByTagName("cas:UPN")
If objAttributeNode.length > 0 then
Session("UPN") =
objAttributeNode.item(0).nodeTypedValue
End If
Set objAttributeNode = Nothing
'================================================================================
(3) Change the following line in CASProxier.asp:
If Not objCAS.ServiceValidate(serviceUrl) Then
If Not objCAS.ServiceValidateV3(serviceUrl) Then
P.S. Actually, I copied and make my own as CASClient.asp. Don't
forget to include your CASClass.asp file:
<!-- #Include File="./Includes/CASClass.asp" -->
(4) In real ASP applications:
<!-- #Include File="./CASClient.asp" -->
It will then automatically authenticate via CAS Protocol 3.0 (The
one CAS v4.0 uses.)
If you use session to store attributes from CAS, then you can use
statement like <%=Session("company")%>
to get values from your ASP applications.
Hope that help.
Oswald
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
