Central Authentication System
Central Authentication System

CAS Sample Client Code: ASP

To integrate CAS into your asp application the following code will be required:

  1. cas.asp - TAMU implementation of CAS client code
  2. logout.asp - TAMU implementation of CAS logout

To integrate the TAMU CAS code into your asp application, the following code should be integrated into your code: 

    
 < %@ Language=JScript % >
 < %
 var CAS_Server = "https://netid.tamu.edu/cas";
 var MyServer = "http://your_servers_name";
 var MyWebPage = "myapp/index.asp";
 greeting = "World";
 var uid = Session.Contents("Netid");	// session information for local
					//  session management
 if (!uid) {		// check to see if we have done this before
			// if not, check with cas server for valid session
   var ticket = Request.QueryString.Item("ticket").Item;
   if (!ticket) {	// no session, no ticket, redirect to cas logon
     var url = CAS_Server+"login?"+"service="+MyServer+MyWebPage;
     Response.Redirect(url);	// call CAS server
			// if we return and get this far, we are logged in
     Response.End;
   } else {		// we have talked to CAS server, verify it is good
     var http = Server.CreateObject("MSXML2.ServerXMLHTTP.4.0");
     var url = CAS_Server+"validate?ticket="+ticket+"&"+
		"service="+MyServer+MyWebPage;
     http.open("GET",url,false);	// call cas server for validation
     http.send();
     var resp=http.responseText.split('\n');	// parse response
     if (resp[0]=="yes") {	// login is successful
       greeting.resp[1];	// get NetID from CAS server
       Session.Contents("Netid")=resp[1];
     } else {
       // we have a fatal critical error, someone is spoofing cas tickets
		// or the cas server has failed between requests
     }
  }
 % >
 < HTML >
 < BODY >
 < P >Hello < %=greeting % >< /P >
 < /BODY >
 < /HTML >

The code is implemented in JavaScript so it will need to be enabled in the client as well as cookies. The CAS server stores the persistant session information in a cookie of the client browser.

You should also provide a mechanism to log the user out of the CAS authentication system. This can be done by calling the module on the CAS server. This is done by redirecting the user to https://netid.tamu.edu/cas/logout The logout.asp script is an example of how to integrate this call into your asp code. Alternatively, you could integrate the following code into your application: 

 
    
  < %@ Language=JScript %>
  < %
  // Insert name of CAS Server at your location
  var CAS_Server = "https://netid-test.tamu.edu/cas";

  // we don't care if we are logged in or not, call logout service.
  var url = CAS_Server+"logout"
  Response.Redirect(url);
  Response.End;
  % >