Changes between Initial Version and Version 1 of MyHousing


Ignore:
Timestamp:
11/01/12 15:32:36 (12 years ago)
Author:
dabantz@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • MyHousing

    v1 v1  
     1 
     2Correspondence with Adirondack indicates they can rely on CAS for authN.  Adirondack provided a file implementing CAS authentication.  This file replaces the stock distribution file login_student.cfm: 
     3 
     4On Tue, 15 Mar 2011, at 10:51 , Michael J. Sale <msale@adirondacksolutions.com> wrote: 
     5 
     6>... I have attached the CAS authentication script which would replace your current myhousing/security/login_student_local.cfm file.  I have also attached a login failure page for your convenience.  The CAS script is pretty well commented, but please feel free to ask for any clarification you might need. 
     7 
     8>Thanks again, 
     9>Michael J. Salé | Director, Implementation & Training Services 
     10>Adirondack Solutions, Inc. 
     11>P: 908.725.8869 x202  | F: 866.523.7270 
     12>email: msale@adirondacksolutions.com  
     13 
     14 
     15 
     16{{{ 
     17<!------------------------------------------------------------------------------ 
     18TITLE:    Central Authentication Server Authentication - CAS/Jasig 
     19CREATED:  10/19/10 
     20SUMMARY:  Authenticates student against CAS. 
     21-------------------------------------------------------------------------------> 
     22 
     23<CFPARAM name="Session.StudentNumber" default=""> 
     24 
     25<CFLOCK scope="Session" type="ReadOnly" timeout="30" throwontimeout="no"> 
     26        <CFSET MM_Username=Iif(IsDefined("Session.MM_Username"),"Session.MM_Username",DE(""))> 
     27        <CFSET MM_UserAuthorization=Iif(IsDefined("Session.MM_UserAuthorization"),"Session.MM_UserAuthorization",DE(""))> 
     28</CFLOCK> 
     29 
     30<!--- Insert name of CAS Server at your location ---> 
     31<CFSET CAS_Server = "https://casserver.school.edu/cas/"> 
     32 
     33<!--- Insert public name of IIS Server hosting this script 
     34Note: CGI.HTTP_HOST or anything based on the HTTP "Host" header should NOT be used;  
     35this header is supplied by the client and isn't trusted. ---> 
     36<CFSET MyServer = "https://housingserver.school.edu/myhousing/security/"> 
     37 
     38<!--- See if already logged on ---> 
     39<CFIF MM_Username EQ ""> 
     40        <!--- Check for ticket returned by CAS redirect ---> 
     41        <CFSET ticket=Iif(IsDefined("URL.ticket"),"URL.ticket",DE(""))> 
     42        <CFIF ticket EQ ""> 
     43                <!--- No session, no ticket, Redirect to CAS Logon page ---> 
     44                <CFSET casurl = #CAS_Server# & "login?" & "service=" & #MyServer# & "login_student_local.cfm"> 
     45                <CFLOCATION url="#casurl#" addtoken="no"> 
     46        <CFELSE> 
     47                <!--- Back from CAS, validate ticket and get userid ---> 
     48                <CFSET casurl = #CAS_Server# & "validate?ticket=" & #URL.ticket# & "&" & "service=" & MyServer & "login_student_local.cfm"> 
     49                <CFHTTP url="#casurl#" method="get"></CFHTTP> 
     50                <CFSET answer = findnocase("yes", cfhttp.filecontent)> 
     51         
     52                <CFIF answer IS 1> 
     53                        <CFSET thing = cfhttp.filecontent> 
     54                        <CFSET thing = replace(thing, "yes", "")> 
     55                <CFELSE> 
     56                        <CFSET session.message = "You could not be logged in."> 
     57                        <CFLOCATION url="login_student_url.cfm"> 
     58                </CFIF> 
     59         
     60                <CFSET NetId = #lcase(thing)#> 
     61                <CFSET Session.NetID = #lcase(thing)#> 
     62                 
     63                <!--- You can set the Session.StudentNumber to a field returned from CAS, 
     64                or see below to do a crosswalk lookup.---> 
     65                <!---<CFSET Session.StudentNumber = #Refer to the variable here coing back from CAS#> ---> 
     66                 
     67                <!--- If Session.StudentNumber is empty at the point, something went wrong. ---> 
     68                <CFIF Session.StudentNumber EQ ""> 
     69                        <CFLOCATION url="accessdenied.cfm"> 
     70                <CFELSE> 
     71                        <!--- Else, send them on their way. ---> 
     72                        <CFLOCATION url="../index.cfm"> 
     73                </CFIF> 
     74        </CFIF> 
     75</CFIF> 
     76 
     77<!--- If you need to perform a crosswalk lookup, do it here to set StudentNumber. 
     78If you are returning the student's ID from CAS, you can set Session.StudentNumber to that field. ---> 
     79<!--- 
     80<CFQUERY datasource="A_CROSSWALK_SOURCE" name="qGetID"> 
     81        SELECT SOMETHING 
     82        FROM ATABLE 
     83        WHERE ID = '#Session.NetID#' 
     84</CFQUERY> 
     85 
     86<CFIF NOT qGetID.RecordCount> 
     87        <CFLOCATION url="accessdenied.cfm"> 
     88<CFELSE> 
     89        <CFSET Session.StudentNumber = qGetID.StudentNumber> 
     90        <CFLOCATION url="../index.cfm" addtoken="no"> 
     91</CFIF> 
     92--->        
     93 
     94 
     95}}}