Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using Jasig's Central Authentication Service (CAS) with ASP.NET MVC 4/5

Tags:

c#

asp.net-mvc

asp.net-mvc-4

asp.net-mvc-5

cas

I'm starting an ASP.NET MVC 5 project in VS 2013, which will eventually need to support CAS (Central Authentication Service) for authentication. Jasig has an official .NET client, but it's somewhat old and seems to have been created in the MVC 3 days.

Does anyone have experience marrying this technology with the newer MVC 4 or 5? Of special concern to me is that MVC 5 now uses OWIN authentication in place of the old Forms Authentication, which is how CAS ties into ASP.

I want to get this project started on the right foot so that, when the time comes later to add CAS, I'm not scrambling to re-create major parts of the code. I would prefer to do this in MVC 5 with VS 2013, but MVC 4 in VS 2012 is also an option.

e: I realize I haven't really "asked a question" as SO prefers. It comes down to this: Can I use CAS with MVC 5, what limitations will I run into, and what special workarounds (if any) are necessary to integrate it into my project?

like image 232
ASP Novice Avatar asked Nov 14 '13 01:11

ASP Novice

1 Answers

The current version of the CAS client will still work in MVC 5, but unforunately you can't leverage anything that depends on claims-based authentication. This means that some of the packages that install when you use File-New Project would need to be removed and you'd need to revert back to the legacy Forms Authentication Module approach. Also, since .NET 4.0, the FormsAuthenticationModule was

There are 2 problems that I see with the current version of the CAS client with respect to OWIN

  1. The client is using a custom IPrincipal class called CasPrincipal. It looks like it should be modified to leverage the ClaimsPrincipal. This work is non-trivial and would break compatibility with .NET 2.0/3.5. It would address a long-standing issue regarding how to handle roles/group membership information that can be provided by the CAS server.
  2. The longer-term issue is that having a dependency on System.Web is going to be a problem as OWIN begins to play a bigger picture in ASP.NET. I haven't looked closely enough at how to approach this, but it would likely have to be a separate client package. Breaking 2.0/3.5 compatibility is one thing, but breaking compatibility with all of the non-OWIN-aware applications out there is another.

I'm hoping to set aside some time in the coming weeks to getting the client to leverage ClaimsPrincipal and see where we can go from there.

like image 198
scottt732 Avatar answered Sep 29 '22 00:09

scottt732
Sign in to Comment

Related questions

How do I use Code Contracts to have a compile time assert in C#?
OrderByDescending with Skip and Take in LINQ shows error
How to pass an array and a single element to a multiple argument method?
access the response from a web coded performance test
Getting the form of a childprocess
Get name of variable calling method from within that method
Using category expressions in Nunit console runner
WPF application, fonts graphical error
Querying bool column always returns false
What Happens To a Task When It's Cancelled?
How do I use Linqpad to insert record with specified primary key?
Buttons with effect won't print
Consume ASP.NET WebApi from MVC controller
Interoping With PowerShell CmdLets
How To generate unique ID for controls inside a User Control
How to work with true self referencing entities in code first EF5?
MigraDoc Footer Position
how to create a template PDF file with acrofields? [closed]
"Key does not exist" exception thrown. What am I doing wrong?
Preventing EDMX Merge Conflicts and Cherry Picking Problems

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!