.net integrated CAS SSO single sign-on, log out, redirection, Complete Works

Premise: offline development, the page using asp.net, using CAS SSO login, CAS Server for enterprise ready;

Use Code integrated package: DotNetCasClient, Download:

https://download.csdn.net/download/soulman1234/11584023

1, the DotNetCasClient extract to a local:

2, generate DotNetCasClient

3, the reference to the dll own landing project to go;

4, configure web.config

The first node configuration plus:

<configSections>
        <section name="casClientConfig" type="DotNetCasClient.Configuration.CasClientConfiguration, DotNetCasClient"/>
    </configSections>

Continue to add, according to its own configuration, change their CASlogin, urlPrefix, ServerName, other default to:

<casClientConfig 
        casServerLoginUrl="https://cas.example.com/cas/login" 
        casServerUrlPrefix="https://cas.example.com/cas/" 
        serverName="cas.example.com" 
        notAuthorizedUrl="~/NotAuthorized.aspx" 
        cookiesRequiredUrl="~/CookiesRequired.aspx" 
        redirectAfterValidation="true" 
        gateway="false" 
        renew="false" 
        singleSignOut="true" 
        ticketTimeTolerance="5000" 
        ticketValidatorName="Cas20" 
        proxyTicketManager="CacheProxyTicketManager" 
        serviceTicketManager="CacheServiceTicketManager" 
        gatewayStatusCookieName="CasGatewayStatus" />

Continue to join in the system.web, configured similarly modified for your own:

<authentication mode="Forms">
            <forms 
                loginUrl="https://cas.example.com/cas/login" 
                timeout="30" 
                defaultUrl="~/Default.aspx" 
                cookieless="UseCookies" 
                slidingExpiration="true" 
                path="/example/" />
        </authentication>
<authentication>
    <deny users="?" />
</authentication>
 <httpModules>
            <add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/>
        </httpModules>

Continue to join in system.webServer:

<modules>
            <remove name="DotNetCasClient"/>
            <add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/>
        </modules>

After configuration ok, system access to the landing page will automatically jump to the SSO page.

5, the landing page

Single point out here by clicking on the logout button to write a cookie parameter passing, receiving the jump page Logout according cookie parameters, the main role is to:

FormsAuthentication.SignOut()；

Response.Redirect();

Why do it? We found two problems here:

1, wanted by deleting .DotNetCasClientAuth this cookie, to complete write-off, can not find how to delete!

2, want to carry the cancellation after cancellation of parameters behind the url string to jump back to the landing page complete write-off, log off, although successful, but when jumping to the SSO login page, they will be the parameter with the past!

Redirection Jump has been a problem, you can refer Lv Zhenyu blog, written in great detail:

https://www.cnblogs.com/zhenyulu/archive/2013/01/22/2870936.html

At the same time, I also found a redirect problem, if the client is deployed to the server, the server must have access to the SSO server's domain name. Otherwise there will be a problem :

Visit the local SSO ,, changed at this time if the local host, you can access to the domain SSO server deployment, it can jump to the SSO login address, and then enter the account number, password, it has been redirected mistake. This is actually your server get the tickets, can not access ServiceValidate address validation ticket. To ensure that the client server host is configured SSO server's domain name resolution!