How do you use Single Signon on a IIS web site?

Platform: IIS 6 running on Windows Server 2003 SP2

Using ASP.NET built-in functionality, you can control access to your web site using Single Signon (SSO), also called CAS. When the web page loads, you validate the browser has a valid ticket, created by SSO. The Case Network ID then be used for authentication in Active Directory.

Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

If Not Page.IsPostBack Then
If CAS(Request, Response, Server) = False Then
Response.Redirect("error.aspx")
End If

End Sub


Function CAS(ByVal Request As Object, ByVal Response As Object, ByVal Server As Object) As Boolean
''
'' Single Signon Service
''

'CAS Login information
'Declare and assign CAS server variable
Dim casServer As String = "login.case.edu/cas"

'Declare additional variables used for redirect
Dim protocol As String
Dim originatingURL As String
Dim objSvrHTTP As Object
Dim ticket As String
Dim casResponseArray() As String

'Determine the protocol for the originitating page
If Request.ServerVariables("HTTPS") = "off" Then
protocol = "http"
Else
protocol = "https"
End If

'Construct the originatingURL variable based on ServerVariables
originatingURL = protocol & "://" & _
Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("URL")

Try
'Check to see if the 'ticket' variable was passed via the query string
If Request.QueryString("ticket") = "" Then
'If no, then redirect to CAS
Response.Redirect("https://" & casServer & "/login?service=" & originatingURL)
Else
'If yes, create MSXML object and attempt to validate the ticket

ticket = Request.QueryString("ticket")

objSvrHTTP = Server.CreateObject("Msxml2.ServerXMLHTTP")
objSvrHTTP.open("GET", "https://" & casServer & "/validate?ticket=" + _
ticket + "&service=" & originatingURL, False)

objSvrHTTP.send()
Dim casResponse As String
casResponse = objSvrHTTP.responseText
casResponseArray = Split(casResponse, Chr(10), -1, 1)

If casResponseArray(0) = "no" Then
Response.Redirect("https://" & casServer & "/login?service=" & originatingURL)
Else
caseNetworkID = casResponseArray(1)
Return True
End If
End If

Catch ex As Exception
Return False
End Try
End Function

Trackbacks

Trackback URL for this entry is: http://blog.case.edu/barry.lukoff/mt-tb.cgi/21349

Comments

Post a comment





If you have entered an email address in the box, clicking this checkbox will subscribe your email address to this entry so that you are notified if any updates or additional comments occur on the entry.