Property | Type | Description | |
---|---|---|---|
ExtractSingleSignOutTicketFromSamlResponse | string | ||
GetCookiePath | string | ||
LogAndThrowConfigurationException | void | ||
LogAndThrowOperationException | void |
Method | Description | |
---|---|---|
CASClient ( |
||
ClearAuthCookie ( System.Web.HttpContextBase httpContext ) : void |
Sends a blank and expired FormsAuthentication cookie to the client response. This effectively removes the FormsAuthentication cookie and revokes the FormsAuthenticationTicket. It also removes the cookie from the current Request object, preventing subsequent code from being able to access it during the execution of the current request.
|
|
CreateFormsAuthenticationTicket ( string netId, string serviceTicket, System.DateTime validFromDate, System.DateTime validUntilDate ) : System.Web.Security.FormsAuthenticationTicket |
Creates a FormsAuthenticationTicket for storage on the client. The UserData field contains the CAS Service Ticket which can be used by the server-side ServiceTicketManager to retrieve additional details about the ticket (e.g. assertions)
|
|
GatewayAuthenticate ( System.Web.HttpContextBase httpContext, bool ignoreGatewayStatusCookie ) : System.Web.Mvc.RedirectResult |
Attempt to perform a CAS gateway authentication. This causes a transparent redirection out to the CAS server and back to the requesting page with or without a CAS service ticket. If the user has already authenticated for another service against the CAS server and the CAS server supports Single Sign On, this will result in the user being automatically authenticated. Otherwise, the user will remain anonymous.
|
|
GetAuthCookie ( System.Web.HttpContextBase httpContext, System.Web.Security.FormsAuthenticationTicket ticket ) : System.Web.HttpCookie |
Creates an HttpCookie containing an encrypted FormsAuthenticationTicket, which in turn contains a CAS service ticket.
|
|
GetFormsAuthenticationTicket ( System.Web.HttpContextBase httpContext ) : System.Web.Security.FormsAuthenticationTicket |
Looks for a FormsAuthentication cookie and attempts to parse a valid, non-expired FormsAuthenticationTicket. It ensures that the UserData field has a value (presumed to be a CAS Service Ticket).
|
|
GetGatewayStatus ( System.Web.HttpContextBase httpContext ) : GatewayStatus |
Retrieves the GatewayStatus from the client cookie.
|
|
GetProxyTicketIdFor ( System.Web.HttpContextBase httpContext, string targetServiceUrl ) : string |
Attempts to connect to the CAS server to retrieve a proxy ticket for the target URL specified. Problems retrieving proxy tickets are generally caused by SSL misconfiguration. The CAS server must be configured to trust the SSL certificate on the web application's server. The CAS server will attempt to establish an SSL connection to this web application server to confirm that the proxy ticket request is legitimate. If the server does not trust the SSL certificate or the certificate authority/chain of the SSL certificate, the request will fail. |
|
ProcessProxyCallbackRequest ( System.Web.HttpContextBase httpContext ) : System.Web.Mvc.ActionResult |
Process a Proxy Callback request from the CAS server. Proxy Callback requests occur as a part of a proxy ticket request. When the web application requests a proxy ticket for a third party service from the CAS server, the CAS server attempts to connect back to the web application over an HTTPS connection. The success of this callback is essential for the proxy ticket request to succeed. Failures are generally caused by SSL configuration errors. See the description of the SingleSignOut method for more details. Assuming the SSL configuration is correct, this method is responsible for handling the callback from the CAS server. For more details, see the CAS protocol specification.
|
|
ProcessRequestAuthentication ( System.Web.HttpContextBase httpContext ) : void |
Attempts to authenticate requests subsequent to the initial authentication request (handled by ProcessTicketValidation). This method looks for a FormsAuthenticationCookie containing a FormsAuthenticationTicket and attempts to confirms its validitiy. It either contains the CAS service ticket or a reference to a CasAuthenticationTicket stored in the ServiceTicketManager (if configured). If it succeeds, the context.User and Thread.CurrentPrincipal are set with a ICasPrincipal and the current request is considered authenticated. Otherwise, the current request is effectively anonymous.
|
|
ProcessSingleSignOutRequest ( System.Web.HttpContextBase httpContext ) : System.Web.Mvc.ActionResult |
Process SingleSignOut requests originating from another web application by removing the ticket from the ServiceTicketManager (assuming one is configured). Without a ServiceTicketManager configured, this method will not execute and this web application cannot respect external SingleSignOut requests.
|
|
ProcessTicketValidation ( System.Web.HttpContextBase httpContext ) : void |
Validates a ticket contained in the URL, presumably generated by the CAS server after a successful authentication. The actual ticket validation is performed by the configured TicketValidator (i.e., CAS 1.0, CAS 2.0, SAML 1.0). If the validation succeeds, the request is authenticated and a FormsAuthenticationCookie and corresponding CasAuthenticationTicket are created for the purpose of authenticating subsequent requests (see ProcessTicketValidation method). If the validation fails, the authentication status remains unchanged (generally the user is and remains anonymous).
|
|
ProxyRedirect ( System.Web.HttpContextBase httpContext, string url ) : void |
Obtain a Proxy ticket and redirect to the foreign service url with that ticket included in the url. The foreign service must be configured to accept the ticket.
|
|
ProxyRedirect ( System.Web.HttpContextBase httpContext, string url, bool endResponse ) : void |
Obtain a Proxy ticket and redirect to the foreign service url with that ticket included in the url. The foreign service must be configured to accept the ticket.
|
|
ProxyRedirect ( System.Web.HttpContextBase httpContext, string url, string proxyTicketUrlParameter ) : void |
Obtain a Proxy ticket and redirect to the foreign service url with that ticket included in the url. The foreign service must be configured to accept the ticket.
|
|
ProxyRedirect ( System.Web.HttpContextBase httpContext, string url, string proxyTicketUrlParameter, bool endResponse ) : void |
|
|
RedirectFromFailedGatewayCallback ( System.Web.HttpContextBase httpContext ) : System.Web.Mvc.RedirectResult |
Redirects the current request back to the requested page without the gateway callback artifact in the URL.
|
|
RedirectFromLoginCallback ( System.Web.HttpContextBase httpContext, System.Web.Mvc.ActionResult result ) : System.Web.Mvc.RedirectResult |
Redirects the current request back to the requested page without the CAS ticket artifact in the URL.
|
|
RedirectToCookiesRequiredPage ( ) : System.Web.Mvc.RedirectResult |
Redirects the current request to the Cookies Required page
|
|
RedirectToLoginPage ( ) : System.Web.Mvc.RedirectResult |
Redirects the current request to the CAS Login page
|
|
RedirectToLoginPage ( bool forceRenew ) : System.Web.Mvc.RedirectResult |
Redirects the current request to the Login page and requires renewed CAS credentials
|
|
RedirectToNotAuthorizedPage ( ) : System.Web.Mvc.RedirectResult |
Redirects the current request to the Not Authorized page
|
|
SetAuthCookie ( System.Web.HttpContextBase httpContext, System.Web.Security.FormsAuthenticationTicket clientTicket ) : void |
Encrypts a FormsAuthenticationTicket in an HttpCookie (using GetAuthCookie) and includes it in the response.
|
|
SetGatewayStatusCookie ( System.Web.HttpContextBase httpContext, GatewayStatus gatewayStatus ) : void |
Attempts to set the GatewayStatus client cookie. If the cookie is not present and equal to GatewayStatus.Attempting when a CAS Gateway request comes in (indicated by the presence of the 'gatewayParameterName' defined in web.config appearing in the URL), the server knows that the client is not accepting session cookies and will optionally redirect the user to the 'cookiesRequiredUrl' (also defined in web.config). If 'cookiesRequiredUrl' is not defined but 'gateway' is, every page request will result in a round-trip to the CAS server.
|
|
SingleSignOut ( System.Web.HttpContextBase httpContext ) : void |
Logs the user out of the application and attempts to perform a Single Sign Out against the CAS server. If the CAS server is configured to support Single Sign Out, this will prevent users from gateway authenticating to other services. The CAS server will attempt to notify any other applications to revoke the session. Each of the applications must be configured to maintain session state on the server. In the case of ASP.NET web applications using DotNetCasClient, this requires defining a serviceTicketManager. The configuration for other client types (Java, PHP) varies based on the client implementation. Consult the Jasig wiki for more details.
|
Method | Description | |
---|---|---|
ExtractSingleSignOutTicketFromSamlResponse ( string xmlAsString ) : string |
Extracts the CAS ticket from the SAML message supplied.
|
|
GetCookiePath ( System.Web.HttpContextBase httpContext ) : string | ||
LogAndThrowConfigurationException ( string message ) : void | ||
LogAndThrowOperationException ( string message ) : void |
public CASClient ( |
||
settings | ||
ticketValidatorFactory | ITicketValidatorFactory | |
requestEvaluator | IRequestEvaluator | |
clock | IClock | |
urlUtil | IUrlUtil | |
authenticationService | IAuthenticationService | |
casServices | ICasServices | |
return | System |
public ClearAuthCookie ( System.Web.HttpContextBase httpContext ) : void | ||
httpContext | System.Web.HttpContextBase | |
return | void |
public CreateFormsAuthenticationTicket ( string netId, string serviceTicket, System.DateTime validFromDate, System.DateTime validUntilDate ) : System.Web.Security.FormsAuthenticationTicket | ||
netId | string | User associated with the ticket |
serviceTicket | string | CAS service ticket |
validFromDate | System.DateTime | Ticket valid from date |
validUntilDate | System.DateTime | Ticket valid too date |
return | System.Web.Security.FormsAuthenticationTicket |
public GatewayAuthenticate ( System.Web.HttpContextBase httpContext, bool ignoreGatewayStatusCookie ) : System.Web.Mvc.RedirectResult | ||
httpContext | System.Web.HttpContextBase | |
ignoreGatewayStatusCookie | bool | /// The Gateway Status Cookie reflects whether a gateway authentication has /// already been attempted, in which case the redirection is generally /// unnecessary. This property allows you to override the behavior and /// perform a redirection regardless of whether it has already been attempted. /// |
return | System.Web.Mvc.RedirectResult |
public GetAuthCookie ( System.Web.HttpContextBase httpContext, System.Web.Security.FormsAuthenticationTicket ticket ) : System.Web.HttpCookie | ||
httpContext | System.Web.HttpContextBase | |
ticket | System.Web.Security.FormsAuthenticationTicket | The FormsAuthenticationTicket to encode |
return | System.Web.HttpCookie |
public GetFormsAuthenticationTicket ( System.Web.HttpContextBase httpContext ) : System.Web.Security.FormsAuthenticationTicket | ||
httpContext | System.Web.HttpContextBase | |
return | System.Web.Security.FormsAuthenticationTicket |
public GetGatewayStatus ( System.Web.HttpContextBase httpContext ) : GatewayStatus | ||
httpContext | System.Web.HttpContextBase | |
return | GatewayStatus |
public GetProxyTicketIdFor ( System.Web.HttpContextBase httpContext, string targetServiceUrl ) : string | ||
httpContext | System.Web.HttpContextBase | |
targetServiceUrl | string | The target Url to obtain a proxy ticket for |
return | string |
public ProcessProxyCallbackRequest ( System.Web.HttpContextBase httpContext ) : System.Web.Mvc.ActionResult | ||
httpContext | System.Web.HttpContextBase | |
return | System.Web.Mvc.ActionResult |
public ProcessRequestAuthentication ( System.Web.HttpContextBase httpContext ) : void | ||
httpContext | System.Web.HttpContextBase | |
return | void |
public ProcessSingleSignOutRequest ( System.Web.HttpContextBase httpContext ) : System.Web.Mvc.ActionResult | ||
httpContext | System.Web.HttpContextBase | |
return | System.Web.Mvc.ActionResult |
public ProcessTicketValidation ( System.Web.HttpContextBase httpContext ) : void | ||
httpContext | System.Web.HttpContextBase | |
return | void |
public ProxyRedirect ( System.Web.HttpContextBase httpContext, string url ) : void | ||
httpContext | System.Web.HttpContextBase | |
url | string | The foreign service to redirect to |
return | void |
public ProxyRedirect ( System.Web.HttpContextBase httpContext, string url, bool endResponse ) : void | ||
httpContext | System.Web.HttpContextBase | |
url | string | The foreign service to redirect to |
endResponse | bool | /// Boolean indicating whether or not to short circuit the remaining request /// pipeline events /// |
return | void |
public ProxyRedirect ( System.Web.HttpContextBase httpContext, string url, string proxyTicketUrlParameter ) : void | ||
httpContext | System.Web.HttpContextBase | |
url | string | The foreign service to redirect to |
proxyTicketUrlParameter | string | /// The ticket parameter to include in the remote service Url. /// |
return | void |
public ProxyRedirect ( System.Web.HttpContextBase httpContext, string url, string proxyTicketUrlParameter, bool endResponse ) : void | ||
httpContext | System.Web.HttpContextBase | |
url | string | The foreign service to redirect to |
proxyTicketUrlParameter | string | /// The ticket parameter to include in the remote service Url. /// |
endResponse | bool | /// Boolean indicating whether or not to short circuit the remaining request /// pipeline events /// |
return | void |
public RedirectFromFailedGatewayCallback ( System.Web.HttpContextBase httpContext ) : System.Web.Mvc.RedirectResult | ||
httpContext | System.Web.HttpContextBase | |
return | System.Web.Mvc.RedirectResult |
public RedirectFromLoginCallback ( System.Web.HttpContextBase httpContext, System.Web.Mvc.ActionResult result ) : System.Web.Mvc.RedirectResult | ||
httpContext | System.Web.HttpContextBase | |
result | System.Web.Mvc.ActionResult | |
return | System.Web.Mvc.RedirectResult |
public RedirectToCookiesRequiredPage ( ) : System.Web.Mvc.RedirectResult | ||
return | System.Web.Mvc.RedirectResult |
public RedirectToLoginPage ( ) : System.Web.Mvc.RedirectResult | ||
return | System.Web.Mvc.RedirectResult |
public RedirectToLoginPage ( bool forceRenew ) : System.Web.Mvc.RedirectResult | ||
forceRenew | bool | |
return | System.Web.Mvc.RedirectResult |
public RedirectToNotAuthorizedPage ( ) : System.Web.Mvc.RedirectResult | ||
return | System.Web.Mvc.RedirectResult |
public SetAuthCookie ( System.Web.HttpContextBase httpContext, System.Web.Security.FormsAuthenticationTicket clientTicket ) : void | ||
httpContext | System.Web.HttpContextBase | |
clientTicket | System.Web.Security.FormsAuthenticationTicket | The FormsAuthenticationTicket to encode |
return | void |
public SetGatewayStatusCookie ( System.Web.HttpContextBase httpContext, GatewayStatus gatewayStatus ) : void | ||
httpContext | System.Web.HttpContextBase | |
gatewayStatus | GatewayStatus | The GatewayStatus to attempt to store |
return | void |
public SingleSignOut ( System.Web.HttpContextBase httpContext ) : void | ||
httpContext | System.Web.HttpContextBase | |
return | void |