diff --git a/DotNetCasClient/Validation/Schema/Cas20/AuthenticationSuccess.cs b/DotNetCasClient/Validation/Schema/Cas20/AuthenticationSuccess.cs index 93bfcae..f879777 100644 --- a/DotNetCasClient/Validation/Schema/Cas20/AuthenticationSuccess.cs +++ b/DotNetCasClient/Validation/Schema/Cas20/AuthenticationSuccess.cs @@ -20,8 +20,10 @@ #pragma warning disable 1591 using System; +using System.Collections.Generic; using System.ComponentModel; using System.Diagnostics; +using System.Xml; using System.Xml.Serialization; namespace DotNetCasClient.Validation.Schema.Cas20 @@ -41,6 +43,27 @@ public string User set; } + [XmlElement("attributes")] + public Object AttributesNodes { get; set; } + + [XmlIgnore] + public Dictionary> Attributes + { + get + { + var result = new Dictionary>(); + foreach (var element in AttributesNodes as IEnumerable) + { + if (!result.ContainsKey(element.Name)) + { + result[element.Name] = new List(); + } + result[element.Name].Add(element.InnerText); + } + return result; + } + } + [XmlElement("proxyGrantingTicket")] public string ProxyGrantingTicket { diff --git a/DotNetCasClient/Validation/Schema/Saml20/Metadata/localizedNameType.cs b/DotNetCasClient/Validation/Schema/Saml20/Metadata/LocalizedNameType.cs similarity index 100% rename from DotNetCasClient/Validation/Schema/Saml20/Metadata/localizedNameType.cs rename to DotNetCasClient/Validation/Schema/Saml20/Metadata/LocalizedNameType.cs diff --git a/DotNetCasClient/Validation/Schema/Saml20/Metadata/localizedURIType.cs b/DotNetCasClient/Validation/Schema/Saml20/Metadata/LocalizedUriType.cs similarity index 100% rename from DotNetCasClient/Validation/Schema/Saml20/Metadata/localizedURIType.cs rename to DotNetCasClient/Validation/Schema/Saml20/Metadata/LocalizedUriType.cs diff --git a/DotNetCasClient/Validation/TicketValidator/Cas20ServiceTicketValidator.cs b/DotNetCasClient/Validation/TicketValidator/Cas20ServiceTicketValidator.cs index bbec989..494951c 100644 --- a/DotNetCasClient/Validation/TicketValidator/Cas20ServiceTicketValidator.cs +++ b/DotNetCasClient/Validation/TicketValidator/Cas20ServiceTicketValidator.cs @@ -125,11 +125,11 @@ protected override ICasPrincipal ParseResponseFromServer(string response, string if (authSuccessResponse.Proxies != null && authSuccessResponse.Proxies.Length > 0) { - return new CasPrincipal(new Assertion(authSuccessResponse.User), proxyGrantingTicketIou, authSuccessResponse.Proxies); + return new CasPrincipal(new Assertion(authSuccessResponse.User, authSuccessResponse.Attributes), proxyGrantingTicketIou, authSuccessResponse.Proxies); } else { - return new CasPrincipal(new Assertion(authSuccessResponse.User), proxyGrantingTicketIou); + return new CasPrincipal(new Assertion(authSuccessResponse.User, authSuccessResponse.Attributes), proxyGrantingTicketIou); } } diff --git a/README.md b/README.md index e95cbf2..ba8e8b3 100644 --- a/README.md +++ b/README.md @@ -146,6 +146,13 @@ Configure the ASP.NET Forms authentication section, ``, so that it points ### Configure Authorization Configure authorization roles and resources using the familiar ASP.NET directives. We recommend the user of a role provider that queries a role store given the principal name returned from the CAS server. There is not support at present for extracting authorization data from the attributes released from CAS via the SAML protocol. +### CAS attributes + +I added a hack so that you can access your CAS attributes. E.g., we have an attribute that's called `ad_nummer`, and I use it like this: + + var principal = System.Web.HttpContext.Current.User as CasPrincipal; + myAdNr = int.Parse(principal.Assertion.Attributes["cas:ad_nummer"].First()); + ### Configure Diagnostic Tracing (optional) `CasAuthenticationModule` uses the .NET Framework `System.Diagnostics` tracing facility for internal logging. Enabling the internal trace switches should be the first step taken to troubleshoot integration problems.