Hi,
I've recently been asked to add CAS support to an existing web application (ASP.NET MVC based). As part of looking at CAS, I found Scott's posting on this list - I wasn't on the list at the time so I can't reply properly, but I've borrowed his subject line.
I've taken our new CAS requirement as an opportunity to rework the membership stuff within our app to use the new .NET 4.5 "ASP.NET Identity" system. As part of this, and the latest OWIN Security bits, there is now very simple-to-use support for external logins (initially 'social' stuff - Facebook, Twitter, Google, etc) - you can enable this for a web app with a very small amount of code.
It seemed obvious to me to provide CAS support in the same way - we can't *replace* our existing login mechanism with CAS anyway - because lots of our users need to use non-CAS login, so it has to be an additional feature.
To this end, I took the MS source for one of their external providers (Google trad-OpenId, but that's not really relevant) and used it as a basis for a set of "OWIN Middleware" classes which implement the CAS protocol (at the moment, just 1.0, no gateway support, no proxies, etc).
This turned out to be pretty easy to do, at least to the point where I am offered CAS login as an external provider by the MVC5 login templates, and can login to my app via a test CAS server. I'm using the built-in Identity/EF bits to store user data in a single-file local SQL database.
I have not used any of the existing CAS client code at all, though I'm sure there's lots in there which would much improve/extend my implementation.
In no way do I want to interfere with existing work on an updated .NET client, nor do I want to overstate the scale of my work (it's literally a few hours of adapting existing source), but if anyone is interested in a skeletal CAS OWIN Middleware client, then I'm very happy to share it. It's .NET 4.5 minimum, which is where Katana is now anyway.
Cheers, Will -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
