How can I retrieve the username from a CAS server in c# MVC

Question

I have searched the boards and while I have found information regarding CAS(Central Authentication Service), I have not found any information pertaining to how one would go about retrieving the username from the CAS server after they are redirected back to the client application.

I have followed the guidelines for configuring my Web.config file according to the steps on GitHub when using the dotNetCasClient.dll. Below is the web.config code: (NOTE: I had to replace the server names for privacy reasons)

    ?xml version="1.0" encoding="utf-8"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=301880
  -->
<configuration>
  <!-- CAS Configuration -->
  <configSections>
        <section name="casClientConfig" type="DotNetCasClient.Configuration.CasClientConfiguration, DotNetCasClient" />
    </configSections>

  <casClientConfig casServerLoginUrl="https://mycasserver/login"
                   casServerUrlPrefix="https://mycasserver"
                   serverName="https://myappserver"
                   notAuthorizedUrl="~/Home"
                   cookiesRequiredUrl="~/Home/CookiesRequired"
                   redirectAfterValidation="true"
                   gateway="false"
                   renew="false"
                   singleSignOut="true"
                   ticketTimeTolerance="5000"
                   ticketValidatorName="Cas20"
                   serviceTicketManager="CacheServiceTicketManager"
                   gatewayStatusCookieName="CasGatewayStatus" />

  <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <!--<modules runAllManagedModulesForAllRequests="true">-->
    <modules>
          <remove name="DotNetCasClient" />
      <add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" />
    </modules>
  </system.webServer>
  <!-- /CAS Configuration -->


  <connectionStrings configSource="connectionStrings.config" />
    <system.data>
      <DbProviderFactories>
        <remove invariant="Oracle.DataAccess.Client" />
        <!-- If any should be in the machine.config -->
        <add name="Oracle Data Provider for .NET" 
             invariant="Oracle.DataAccess.Client" 
             description="Oracle Data Provider for .NET" 
             type="Oracle.DataAccess.Client.OracleClientFactory, Oracle.DataAccess, Version=2.112.1.0, Culture=neutral, PublicKeyToken=89b483f429c47342" />
      </DbProviderFactories>
    </system.data>

  <appSettings>
    <add key="webpages:Version" value="3.0.0.0" />
    <add key="webpages:Enabled" value="false" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />


    <!-- CAS Configuration -->
    <add key="enableSimpleMembership" value="false" />
    <add key="autoFormsAuthentication" value="false" />
    <!-- /CAS Configuration -->

  </appSettings>

  <system.web>
  <sessionState mode="StateServer" />
  <compilation debug="true" targetFramework="4.5" />
  <httpRuntime targetFramework="4.5" />

  <!-- CAS Configuration -->

  <authentication mode="Forms">
        <forms loginUrl="https://mycasserver/login" 
               cookieless="UseCookies"
               path="https://myappserver" />
  </authentication>

  <httpModules>
  <add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient" />
  </httpModules>  

  <!-- /CAS Configuration -->

</system.web>


  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
  <system.codedom>
    <compilers>
      <compiler language="c#;cs;csharp" 
                extension=".cs" 
                type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" 
                warningLevel="4" 
                compilerOptions="/langversion:6 /nowarn:1659;1699;1701" />

      <compiler language="vb;vbs;visualbasic;vbscript" 
                extension=".vb" 
                type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" 
                warningLevel="4" 
                compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />

    </compilers>
  </system.codedom>
</configuration>

As per the instructions regarding the CAS Client, I also placed the authorize tag above my login page so that when a user wants to log in, they are instead redirected to the CAS server login, and upon successful validation, the "Login" ActionResult redirects the user to a specific page.

    [Authorize]
    public ActionResult Login()
    {
        return RedirectToAction("Index", "Departments");
    }

I have successfully tested the CAS implementation and can confirm that it works as expected, however I am completely lost in regards to how I would go about getting the information from the CAS server after it validates the User.

Any help is appreciated, and if this is a duplicate post I apologize as I was unable to find anything of this sort while searching myself.

Answer 1

It looks like it may be a matter of pulling the value from HttpContext.Current.User.Identity.Name , which should return the value of the CAS username of the authenticated user. There was a post on the jasig-cas-user mailing list that tipped me off to this.

Another mailing list post suggests that other returned information may be accessible through CasAuthentication.CurrentPrincipal.Assertion.Attributes , but that it isn't particularly well-documented on their wiki.

The implication is that accessing data from the CAS return is demonstrated in the example web application distributed with the code, but it isn't very intuitive that it would be there and not documented anywhere else. (I installed using NuGet, and missed out on the sample application altogether. I actually found your question before I found the answer myself!)