1AuthCAS(3)            User Contributed Perl Documentation           AuthCAS(3)
2
3
4

NAME

6       AuthCAS - Client library for JA-SIG CAS 2.0 authentication server
7

VERSION

9       Version 1.7
10

DESCRIPTION

12       AuthCAS aims at providing a Perl API to JA-SIG Central Authentication
13       System (CAS).  Only a basic Perl library is provided with CAS whereas
14       AuthCAS is a full object-oriented library.
15

PREREQUISITES

17       This script requires IO::Socket::SSL and LWP::UserAgent
18

SYNOPSIS

20         A simple example with a direct CAS authentication
21
22         use AuthCAS;
23         my $cas = new AuthCAS(casUrl => 'https://cas.myserver,
24                           CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
25                           );
26
27         my $login_url = $cas->getServerLoginURL('http://myserver/app.cgi');
28
29         ## The user should be redirected to the $login_url
30         ## When coming back from the CAS server a ticket is provided in the QUERY_STRING
31
32         ## $ST should contain the receaved Service Ticket
33         my $user = $cas->validateST('http://myserver/app.cgi', $ST);
34
35         printf "User authenticated as %s\n", $user;
36
37
38         In the following example a proxy is requesting a Proxy Ticket for the target application
39
40         $cas->proxyMode(pgtFile => '/tmp/pgt.txt',
41                         pgtCallbackUrl => 'https://myserver/proxy.cgi?callback=1
42                         );
43
44         ## Same as before but the URL is the proxy URL
45         my $login_url = $cas->getServerLoginURL('http://myserver/proxy.cgi');
46
47         ## Like in the previous example we should receave a $ST
48
49         my $user = $cas->validateST('http://myserver/proxy.cgi', $ST);
50
51         ## Process errors
52         printf STDERR "Error: %s\n", &AuthCAS::get_errors() unless (defined $user);
53
54         ## Now we request a Proxy Ticket for the target application
55         my $PT = $cas->retrievePT('http://myserver/app.cgi');
56
57         ## This piece of code is executed by the target application
58         ## It received a Proxy Ticket from the proxy
59         my ($user, @proxies) = $cas->validatePT('http://myserver/app.cgi', $PT);
60
61         printf "User authenticated as %s via %s proxies\n", $user, join(',',@proxies);
62

DESCRIPTION

64       Jasig CAS is Yale University's web authentication system, heavily
65       inspired by Kerberos.  Release 2.0 of CAS provides "proxied credential"
66       feature that allows authentication tickets to be carried by
67       intermediate applications (Portals for instance), they are called
68       proxy.
69
70       This AuthCAS Perl module provides required subroutines to validate and
71       retrieve CAS tickets.
72
73   new
74         my $cas = new AuthCAS(
75                           casUrl => 'https://cas.myserver',
76                           CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
77                           );
78
79       The "new" constructor lets you create a new AuthCAS object.
80
81       casUrl - REQUIRED
82       CAFile
83       CAPath
84       loginPath - '/login'
85       logoutPath - '/logout'
86       serviceValidatePath - '/serviceValidate'
87       proxyPath - '/proxy'
88       proxyValidatePath - '/proxyValidate'
89       SSL_version - unset
90           Sets the version of the SSL protocol used to transmit data. If the
91           default causes connection issues, setting it to 'SSLv3' may help.
92           see the documentation for "METHODS" in IO::Socket::SSL for more
93           information see <http://www.perlmonks.org/?node_id=746493> for more
94           details.
95
96       Returns a new AuthCAS or dies on error.
97
98   get_errors
99       Return module errors
100
101   proxyMode
102       Use the CAS object as a proxy
103
104       pgtFile =item pgtCallbackUrl
105
106   dump_var
107   getServerLoginURL($service)
108       Returns a URL that you can redirect the browser to, which includes the
109       URL to return to
110
111       TODO: it escapes the return URL, but I've noticed some issues with more
112       complicated URL's
113
114   getServerLoginGatewayURL($service)
115       Returns non-blocking login URL ie: if user is logged in, return the
116       ticket, otherwise do not prompt for login
117
118   getServerLogoutURL($service)
119       Return logout URL After logout user is redirected back to the
120       application
121
122   getServerServiceValidateURL($service, $ticket, $pgtUrl)
123       Returns
124
125   getServerProxyURL($targetService, $pgt)
126       Returns
127
128   getServerProxyValidateURL($service, $ticket)
129       Returns
130
131   validateST($service, $ticket)
132       Validate a Service Ticket Also used to get a PGT
133
134       Returns the login that created the ticket, if the ticket is valid for
135       that $service URL
136
137       returns undef if the ticket is not valid.
138
139   validatePT($service, $ticket)
140       Validate a Proxy Ticket
141
142       Returns the login that created the ticket, if the ticket is valid for
143       that $service URL,
144           and a list of Proxies used.
145
146           user returned == undef if its not a valid ticket
147
148   callCAS($url)
149       ## Access a CAS URL and parses received XML
150
151       Returns
152
153   storePGT($pgtIou, $pgtId)
154   retrievePT($service)
155       Returns
156
157   get_https2
158       request a document using https, return status and content
159
160       Sven suspects this is intended to be private.
161
162       Returns
163

SEE ALSO

165       JA-SIG Central Authentication Service <http://www.jasig.org/cas>
166
167       was Yale Central Authentication Service <http://www.yale.edu/tp/auth/>
168
169       phpCAS <http://esup-phpcas.sourceforge.net/>
170
172       Copyright (C) 2003, 2005,2006,2007,2009 Olivier Salaun - Comité Réseau
173       des Universités <http://www.cru.fr>
174                     2012 Sven Dowideit - <mailto:SvenDowideit@fosiki.com>
175
176       This library is free software; you can redistribute it and/or modify it
177       under the same terms as Perl itself.
178

AUTHORS

180         Olivier Salaun
181         Sven Dowideit
182
183
184
185perl v5.36.0                      2023-01-19                        AuthCAS(3)
Impressum