Hi Richie, Here a first quick reply: You cannot grab the CAS cookie in your application as CAS itself issues this cookie with restriction to only the CAS server URL, meaning that the cookie is not sent to your application. Your CAS client authentication APIs make calls to the CAS server and therefore this cookie is automatically sent to the CAS server as here the cookie comain matches. This behvaiour makes perfectly sense as it makes the CAS SSO secure. Otherwise other applications / persons could grab this cookie and exploit it.
2014-02-27 17:49 GMT+01:00 Richie <[email protected]>: > I'm hoping that someone will be able to point me in the correct direction. > > I have an existing project that uses .NET CAS (C#, framework 4), and > everything works great with SSO for these other applications. I didn't > have anything to do with the original building of this site, and those > sites that use SSO. To make matters worse there doesn't seem to be anyone > to talk with to find out how they're making this work, so I'm hoping the > community can. > > My issue is that I'm trying to incorporate an existing Secure Token > Server to read the CAS cookie/token/ticket (not sure what it's called) to > determine the logged in user's name. That's it. I just need to know how > to grab the CAS cookie using C# .NET, and decrypt it to get a > username. Sounds easy enough, right? > > Here's what I've tried: When I authenticate with the CAS application on > one browser tab, then open another and run my STS authenticated > application. In code I try to grab all cookies in the browser, but I can't > seem to locate the CAS cookie. Can someone provide a code example for how > this would be done, or walk me through a high level explanation? > > Thanks for your time! > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
