Central Authentication System
Central Authentication System

CAS Sample Client Code: Java Servlet

To integrate CAS into your servlet, the following code will be required:

  1. casclient.jar - TAMU implementation of CAS client code

To require CAS login to your servlet, the following should be added to your web application deployment file (typically web.xml): 

    
<web-app>
  ...
  <filter>
    <filter-name>CASFilter</filter-name>
    
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
    <init-param>
      
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
      <param-value>https://netid.tamu.edu/cas/login</param-value>
      <description>
        The URL for CAS login at TAMU.
      </description>
    </init-param>
    <init-param>
      
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
      
<param-value>https://netid.tamu.edu/cas/serviceValidate</param-value>
      <description>
        The URL used for CAS ticket validation.
      </description>
    </init-param>
    <init-param>
      
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
      <param-value>YOUR-SERVER:PORT</param-value>
      <description>
        Your application's server name and port.
      </description>
    </init-param>
<!--
    <init-param>
      
<param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>
      
<param-value>http://YOUR-SERVER:PORT/WEB-APP-PATH</param-value>
      <description>
        If you would like to redirect the user to a fixed URL after
        validation, it may be specified here.  Otherwise, the CAS
        client will attempt to compute the appropriate URL with the
        serverName parameter and information about your application.
      </description>
    </init-param>
-->
  </filter>
 
  <filter-mapping>
    <filter-name>CASFilter</filter-name>
    <!-- Root of CAS protection in webapp; use /* to specify entire app 
-->
    <url-pattern>/DIRECTORY-TO-PROTECT/*</url-pattern>
  </filter-mapping>
  ...
</web-app>

The CAS server stores the persistent session information in a cookie on the client browser. Cookies must therefore be enabled for CAS authentication to work.

You should also provide a mechanism to log the user out of the CAS authentication system. Redirecting the user to https://netid.tamu.edu/cas/logout allows the CAS server to handle logout.

Texas A&M Specific Data

After authentication, the CASFilter.CAS_FILTER_USER session parameter will contain a edu.yale.its.tp.cas.client.TAMUUser wrapper class from which you may extract the user's UIN and NetID via: