To invoke the CAS server, you will need to change your perl code to call the CASUtils::check_login("--your protected page--") method before allowing the user to execute the perl code that needs to be protected. An example of this configuration is in validate.cgi. This code will redirect the user if they have not logged in to the CAS login page. When the user logs in, they will be redirected back to the page you pass into the check_login routine. If the user has logged in and has a valid session with the CAS server, the code will fall through and continue executing. A cookie that is stored in the users browser will be used to look up the session number stored on the CAS server so logging in through one service will also log the user into other services.

 

Sample Implementation

You can also implement the checks in your perl code without including the CASUtils.pm modules. You will still need to SSLeay routines. The sample code can be found in the sample code secure.cgi. In this sample code we use the netid-test server to authenticate our perl code located in the secure.cgi script. The first thing that we do in the code is to see if we have a valid ticket which on first pass we should not. Since we don't have a valid ticket, we perform a redirection to the login service and request that we return back to our routine by passing the location of our routine in the service variable. When we come back into the code, we should have a valid ticket. With this ticket, we validate our service by calling the cas server a second time. The validate routine returns a yes or a no and values of NetID, UIN, and SSN. These values are returned through the https return value and are surrounded by XML con structs.

_______________________________________________________________________________________________