1AuthCAS(3) User Contributed Perl Documentation AuthCAS(3)
2
6 AuthCAS - Client library for JA-SIG CAS 2.0 authentication server
7
9 Version 1.7
10
12 AuthCAS aims at providing a Perl API to JA-SIG Central Authentication
13 System (CAS). Only a basic Perl library is provided with CAS whereas
14 AuthCAS is a full object-oriented library.
15
17 This script requires IO::Socket::SSL and LWP::UserAgent
18
20 A simple example with a direct CAS authentication
21 use AuthCAS;
23 my $cas = new AuthCAS(casUrl => 'https://cas.myserver,
24 CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
25 );
26 my $login_url = $cas->getServerLoginURL('http://myserver/app.cgi');
28 ## The user should be redirected to the $login_url
30 ## When coming back from the CAS server a ticket is provided in the QUERY_STRING
31 ## $ST should contain the receaved Service Ticket
33 my $user = $cas->validateST('http://myserver/app.cgi', $ST);
34 printf "User authenticated as %s\n", $user;
36 In the following example a proxy is requesting a Proxy Ticket for the target application
39 $cas->proxyMode(pgtFile => '/tmp/pgt.txt',
41 pgtCallbackUrl => 'https://myserver/proxy.cgi?callback=1
42 );
43 ## Same as before but the URL is the proxy URL
45 my $login_url = $cas->getServerLoginURL('http://myserver/proxy.cgi');
46 ## Like in the previous example we should receave a $ST
48 my $user = $cas->validateST('http://myserver/proxy.cgi', $ST);
50 ## Process errors
52 printf STDERR "Error: %s\n", &AuthCAS::get_errors() unless (defined $user);
53 ## Now we request a Proxy Ticket for the target application
55 my $PT = $cas->retrievePT('http://myserver/app.cgi');
56 ## This piece of code is executed by the target application
58 ## It received a Proxy Ticket from the proxy
59 my ($user, @proxies) = $cas->validatePT('http://myserver/app.cgi', $PT);
60 printf "User authenticated as %s via %s proxies\n", $user, join(',',@proxies);
62
64 Jasig CAS is Yale University's web authentication system, heavily
65 inspired by Kerberos. Release 2.0 of CAS provides "proxied credential"
66 feature that allows authentication tickets to be carried by
67 intermediate applications (Portals for instance), they are called
68 proxy.
69 This AuthCAS Perl module provides required subroutines to validate and
71 retrieve CAS tickets.
72 new
74 my $cas = new AuthCAS(
75 casUrl => 'https://cas.myserver',
76 CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
77 );
78 The "new" constructor lets you create a new AuthCAS object.
80 casUrl - REQUIRED
82 CAFile
83 CAPath
84 loginPath - '/login'
85 logoutPath - '/logout'
86 serviceValidatePath - '/serviceValidate'
87 proxyPath - '/proxy'
88 proxyValidatePath - '/proxyValidate'
89 SSL_version - unset
90 Sets the version of the SSL protocol used to transmit data. If the
91 default causes connection issues, setting it to 'SSLv3' may help.
92 see the documentation for "METHODS" in IO::Socket::SSL for more
93 information see <http://www.perlmonks.org/?node_id=746493> for more
94 details.
95 Returns a new AuthCAS or dies on error.
97 get_errors
99 Return module errors
100 proxyMode
102 Use the CAS object as a proxy
103 pgtFile =item pgtCallbackUrl
105 dump_var
107 getServerLoginURL($service)
108 Returns a URL that you can redirect the browser to, which includes the
109 URL to return to
110 TODO: it escapes the return URL, but I've noticed some issues with more
112 complicated URL's
113 getServerLoginGatewayURL($service)
115 Returns non-blocking login URL ie: if user is logged in, return the
116 ticket, otherwise do not prompt for login
117 getServerLogoutURL($service)
119 Return logout URL After logout user is redirected back to the
120 application
121 getServerServiceValidateURL($service, $ticket, $pgtUrl)
123 Returns
124 getServerProxyURL($targetService, $pgt)
126 Returns
127 getServerProxyValidateURL($service, $ticket)
129 Returns
130 validateST($service, $ticket)
132 Validate a Service Ticket Also used to get a PGT
133 Returns the login that created the ticket, if the ticket is valid for
135 that $service URL
136 returns undef if the ticket is not valid.
138 validatePT($service, $ticket)
140 Validate a Proxy Ticket
141 Returns the login that created the ticket, if the ticket is valid for
143 that $service URL,
144 and a list of Proxies used.
145 user returned == undef if its not a valid ticket
147 callCAS($url)
149 ## Access a CAS URL and parses received XML
150 Returns
152 storePGT($pgtIou, $pgtId)
154 retrievePT($service)
155 Returns
156 get_https2
158 request a document using https, return status and content
159 Sven suspects this is intended to be private.
161 Returns
163
165 JA-SIG Central Authentication Service <http://www.jasig.org/cas>
166 was Yale Central Authentication Service <http://www.yale.edu/tp/auth/>
168 phpCAS <http://esup-phpcas.sourceforge.net/>
170
172 Copyright (C) 2003, 2005,2006,2007,2009 Olivier Salaun - Comite Reseau
173 des Universites <http://www.cru.fr>
174 2012 Sven Dowideit - <mailto:SvenDowideit@fosiki.com>
175 This library is free software; you can redistribute it and/or modify it
177 under the same terms as Perl itself.
178
180 Olivier Salaun
181 Sven Dowideit
182perl v5.32.1 2021-01-26 AuthCAS(3)