All geek questions in one place

Using Jasig Central Authentication Service (CAS) with ASP.NET MVC 4/5

I am running an ASP.NET MVC 5 project in VS 2013, which will ultimately need to support CAS (Central Authentication Service) for authentication. Jasig has an official official .NET client , but it is somewhat old and seems to have been created in MVC for 3 days.

Does anyone have any experience marrying this technology with the new MVC 4 or 5? My particular concern is that MVC 5 now uses OWIN authentication instead of the old forms authentication that is associated with CAS in ASP.

I want this project to start on the right foot, so when it comes time to add CAS, I'm not trying to recreate the main parts of the code. I would prefer to do this in MVC 5 with VS 2013, but MVC 4 in VS 2012 is also an option.

e: I understand that I really did not ask the question, as SO prefers. It boils down to the following: can I use CAS with MVC 5, what limitations will I name, and what special workarounds (if any) are needed to integrate it into my project?

+6
source share
1 answer

The current version of the CAS client will still work in MVC 5, but, fortunately, you cannot use everything that depends on claims-based authentication. This means that some packages that are installed when using File-New Project must be removed and you will need to revert to the legacy form authentication module module. Also, starting with .NET 4.0, FormsAuthenticationModule has been

There are two problems that I see with the current version of the CAS client regarding OWIN

  • The client uses its own IPrincipal class called CasPrincipal. It looks like it needs to be modified to use ClaimsPrincipal. This work is non-trivial and will break compatibility with .NET 2.0 / 3.5. He will address a long-standing issue regarding how to handle role / group membership information that may be provided by the CAS server.
  • The longer term problem is that having a dependency on System.Web will be a problem as OWIN starts to play the big picture in ASP.NET. I did not look closely at how to approach this, but probably it should be a separate client package. The gap of 2.0 / 3.5 compatibility is one thing, but there is another violation of compatibility with all applications that do not support OWIN.

I hope to set aside some time in the coming weeks to get the client to use ClaimsPrincipal and see where we can go from there.

+2
source

Source: https://habr.com/ru/post/958034/

More articles:


All Articles