1AuthCAS(3) User Contributed Perl Documentation AuthCAS(3)
2
3
4
6 AuthCAS - Client library for JA-SIG CAS 2.0 authentication server
7
9 Version 1.7
10
12 AuthCAS aims at providing a Perl API to JA-SIG Central Authentication
13 System (CAS). Only a basic Perl library is provided with CAS whereas
14 AuthCAS is a full object-oriented library.
15
17 This script requires IO::Socket::SSL and LWP::UserAgent
18
20 A simple example with a direct CAS authentication
21
22 use AuthCAS;
23 my $cas = new AuthCAS(casUrl => 'https://cas.myserver,
24 CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
25 );
26
27 my $login_url = $cas->getServerLoginURL('http://myserver/app.cgi');
28
29 ## The user should be redirected to the $login_url
30 ## When coming back from the CAS server a ticket is provided in the QUERY_STRING
31
32 ## $ST should contain the receaved Service Ticket
33 my $user = $cas->validateST('http://myserver/app.cgi', $ST);
34
35 printf "User authenticated as %s\n", $user;
36
37
38 In the following example a proxy is requesting a Proxy Ticket for the target application
39
40 $cas->proxyMode(pgtFile => '/tmp/pgt.txt',
41 pgtCallbackUrl => 'https://myserver/proxy.cgi?callback=1
42 );
43
44 ## Same as before but the URL is the proxy URL
45 my $login_url = $cas->getServerLoginURL('http://myserver/proxy.cgi');
46
47 ## Like in the previous example we should receave a $ST
48
49 my $user = $cas->validateST('http://myserver/proxy.cgi', $ST);
50
51 ## Process errors
52 printf STDERR "Error: %s\n", &AuthCAS::get_errors() unless (defined $user);
53
54 ## Now we request a Proxy Ticket for the target application
55 my $PT = $cas->retrievePT('http://myserver/app.cgi');
56
57 ## This piece of code is executed by the target application
58 ## It received a Proxy Ticket from the proxy
59 my ($user, @proxies) = $cas->validatePT('http://myserver/app.cgi', $PT);
60
61 printf "User authenticated as %s via %s proxies\n", $user, join(',',@proxies);
62
64 Jasig CAS is Yale University's web authentication system, heavily
65 inspired by Kerberos. Release 2.0 of CAS provides "proxied credential"
66 feature that allows authentication tickets to be carried by
67 intermediate applications (Portals for instance), they are called
68 proxy.
69
70 This AuthCAS Perl module provides required subroutines to validate and
71 retrieve CAS tickets.
72
73 new
74 my $cas = new AuthCAS(
75 casUrl => 'https://cas.myserver',
76 CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
77 );
78
79 The "new" constructor lets you create a new AuthCAS object.
80
81 casUrl - REQUIRED
82 CAFile
83 CAPath
84 loginPath - '/login'
85 logoutPath - '/logout'
86 serviceValidatePath - '/serviceValidate'
87 proxyPath - '/proxy'
88 proxyValidatePath - '/proxyValidate'
89 SSL_version - unset
90 Sets the version of the SSL protocol used to transmit data. If the
91 default causes connection issues, setting it to 'SSLv3' may help.
92 see the documentation for "METHODS" in IO::Socket::SSL for more
93 information see <http://www.perlmonks.org/?node_id=746493> for more
94 details.
95
96 Returns a new AuthCAS or dies on error.
97
98 get_errors
99 Return module errors
100
101 proxyMode
102 Use the CAS object as a proxy
103
104 pgtFile =item pgtCallbackUrl
105
106 dump_var
107 getServerLoginURL($service)
108 Returns a URL that you can redirect the browser to, which includes the
109 URL to return to
110
111 TODO: it escapes the return URL, but I've noticed some issues with more
112 complicated URL's
113
114 getServerLoginGatewayURL($service)
115 Returns non-blocking login URL ie: if user is logged in, return the
116 ticket, otherwise do not prompt for login
117
118 getServerLogoutURL($service)
119 Return logout URL After logout user is redirected back to the
120 application
121
122 getServerServiceValidateURL($service, $ticket, $pgtUrl)
123 Returns
124
125 getServerProxyURL($targetService, $pgt)
126 Returns
127
128 getServerProxyValidateURL($service, $ticket)
129 Returns
130
131 validateST($service, $ticket)
132 Validate a Service Ticket Also used to get a PGT
133
134 Returns the login that created the ticket, if the ticket is valid for
135 that $service URL
136
137 returns undef if the ticket is not valid.
138
139 validatePT($service, $ticket)
140 Validate a Proxy Ticket
141
142 Returns the login that created the ticket, if the ticket is valid for
143 that $service URL,
144 and a list of Proxies used.
145
146 user returned == undef if its not a valid ticket
147
148 callCAS($url)
149 ## Access a CAS URL and parses received XML
150
151 Returns
152
153 storePGT($pgtIou, $pgtId)
154 retrievePT($service)
155 Returns
156
157 get_https2
158 request a document using https, return status and content
159
160 Sven suspects this is intended to be private.
161
162 Returns
163
165 JA-SIG Central Authentication Service <http://www.jasig.org/cas>
166
167 was Yale Central Authentication Service <http://www.yale.edu/tp/auth/>
168
169 phpCAS <http://esup-phpcas.sourceforge.net/>
170
172 Copyright (C) 2003, 2005,2006,2007,2009 Olivier Salaun - Comité Réseau
173 des Universités <http://www.cru.fr>
174 2012 Sven Dowideit - <mailto:SvenDowideit@fosiki.com>
175
176 This library is free software; you can redistribute it and/or modify it
177 under the same terms as Perl itself.
178
180 Olivier Salaun
181 Sven Dowideit
182
183
184
185perl v5.36.0 2023-01-19 AuthCAS(3)