代码拉取完成,页面将自动刷新
A .NET client supports Central Authentication Service (CAS).
dotnet add package Alastack.Authentication.Cas
AuthenticationBuilder
extension methods to configure CAS authentication.
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllersWithViews();
builder.Services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.LoginPath = "/signin";
options.LogoutPath = "/signout";
options.SlidingExpiration = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(3);
options.Cookie.Name = ".app.cookies";
//options.Cookie.MaxAge = TimeSpan.FromMinutes(1);
//options.Cookie.Expiration = TimeSpan.FromMinutes(1);
})
.AddCas(options =>
{
options.Service = builder.Configuration["CAS:Service"]!;
options.Server = builder.Configuration["CAS:Server"]!;
options.SaveTokens = true;
//options.ProtocolVersion = Configuration["ProtocolVersion"];
//options.LoginPath = Configuration["CAS:LoginPath"];
//options.LogoutPath = Configuration["CAS:LogoutPath"];
//options.ServiceValidatePath = Configuration["CAS:ServiceValidePath"];
//options.ProxyValidatePath = Configuration["CAS:ProxyValidatePath"];
//options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
var app = builder.Build();
app.UseStaticFiles();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(name: "default", pattern: "controller=Home}/{action=Index}/{id?}");
app.Run();
Using json configuration.
{
"CAS": {
"Service": "[CAS integration app uri]", //https://www.somecasservice.io
"Server": "[CAS service uri]", //https://www.somecasserver.io/cas
"ProtocolVersion": "3.0",
"LoginPath": "/login",
"LogoutPath": "/logout",
"ServiceValidatePath": "/serviceValidate",
"ProxyValidatePath": "/proxyValidate"
}
}
The CasOptions
object provides properties that connects to the CAS server.
Property | Description | Default |
---|---|---|
Service |
null |
|
Renew |
if this parameter is set, single sign-on will be bypassed. In this case, CAS will require the client to present credentials regardless of the existence of a single sign-on session with CAS. This parameter is not compatible with the gateway parameter. |
false |
Gateway |
if this parameter is set, CAS will not ask the client for credentials. If the client has a pre-existing single sign-on session with CAS, or if a single sign-on session can be established through non-interactive means (i.e. trust authentication), CAS MAY redirect the client to the URL specified by the service parameter, appending a valid service ticket. (CAS also MAY interpose an advisory page informing the client that a CAS authentication has taken place.) If the client does not have a single sign-on session with CAS, and a non-interactive authentication cannot be established, CAS MUST redirect the client to the URL specified by the service parameter with no “ticket” parameter appended to the URL. If the service parameter is not specified and gateway is set, the behavior of CAS is undefined. |
false |
Server |
CAS Server Uri. | null |
ProtocolVersion |
CAS protocol version. | 2.0 |
LoginPath |
Credential requestor / acceptor. | /login |
LogoutPath |
Destroy CAS session (logout). | /logout |
ServiceValidatePath |
Service ticket validation | null |
ProxyValidatePath |
Service/proxy ticket validation | null |
ClaimsFilter |
Used to select values from the CAS validation response and create Claims. | DefaultCasClaimsFilter |
TicketValidator |
Checks the validity of a service ticket and returns the AuthenticationTicket. | CompositeCasTicketValidator |
StateDataFormat |
Gets or sets the type used to secure data handled by the middleware. | PropertiesDataFormat |
More information: CAS - CAS Protocol Specification
Visit the samples folder.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。