diff --git a/DotNetCasClient/CasAuthentication.cs b/DotNetCasClient/CasAuthentication.cs
index 4ff6d26..e4f9188 100644
--- a/DotNetCasClient/CasAuthentication.cs
+++ b/DotNetCasClient/CasAuthentication.cs
@@ -241,10 +241,10 @@ public static void Initialize()
configLogger.Info("requireCasForMissingContentTypes = " + requireCasForMissingContentTypes);
requireCasForContentTypes = CasClientConfig.RequireCasForContentTypes;
- configLogger.Info("requireCasForContentTypes = " + requireCasForContentTypes);
+ configLogger.Info("requireCasForContentTypes = " + string.Join(",", requireCasForContentTypes));
- bypassCasForHandlers = CasClientConfig.BypassCasForHandlers;
- configLogger.Info("bypassCasForHandlers = " + bypassCasForHandlers);
+ bypassCasForHandlers = CasClientConfig.BypassCasForHandlers;
+ configLogger.Info("bypassCasForHandlers = " + string.Join(",", bypassCasForHandlers));
if (String.Compare(ticketValidatorName, CasClientConfiguration.CAS10_TICKET_VALIDATOR_NAME, true) == 0)
{
@@ -770,8 +770,8 @@ internal static void ProcessTicketValidation()
CasAuthenticationTicket casTicket;
ICasPrincipal principal;
- string ticket = request[TicketValidator.ArtifactParameterName];
-
+ string ticket = request[TicketValidator.ArtifactParameterName];
+
try
{
// Attempt to authenticate the ticket and resolve to an ICasPrincipal
diff --git a/DotNetCasClient/CasAuthenticationModule.cs b/DotNetCasClient/CasAuthenticationModule.cs
index 19ba3e5..0deabad 100644
--- a/DotNetCasClient/CasAuthenticationModule.cs
+++ b/DotNetCasClient/CasAuthenticationModule.cs
@@ -17,7 +17,7 @@
* under the License.
*/
-using System;
+using System;
using System.Web;
using DotNetCasClient.Logging;
using DotNetCasClient.Utils;
@@ -33,26 +33,26 @@ namespace DotNetCasClient
/// Catherine D. Winfrey
public sealed class CasAuthenticationModule : IHttpModule
{
- private static readonly Logger logger = new Logger(Category.HttpModule);
+ private static readonly Logger logger = new Logger(Category.HttpModule);
///
/// Performs initializations / startup functionality when an instance of this HttpModule
/// is being created.
///
/// the current HttpApplication
- public void Init(HttpApplication context)
- {
- // Register our event handlers. These are fired on every HttpRequest.
+ public void Init(HttpApplication context)
+ {
+ // Register our event handlers. These are fired on every HttpRequest.
context.BeginRequest += OnBeginRequest;
context.AuthenticateRequest += OnAuthenticateRequest;
- context.EndRequest += OnEndRequest;
+ context.EndRequest += OnEndRequest;
}
///
/// Performs cleanup when an instance of this HttpModule is being destroyed.
///
public void Dispose()
- {
+ {
}
///
@@ -68,15 +68,21 @@ public void Dispose()
///
/// The HttpApplication that sent the request
/// Not used
- private static void OnBeginRequest(object sender, EventArgs e)
- {
+ private static void OnBeginRequest(object sender, EventArgs e)
+ {
+ // Validate the ticket coming back from the CAS server
+ if (!RequestEvaluator.GetRequestIsAppropriateForCasAuthentication())
+ {
+ logger.Debug("BeginRequest bypassed for " + HttpContext.Current.Request.RawUrl);
+ return;
+ }
CasAuthentication.Initialize();
HttpContext context = HttpContext.Current;
- HttpRequest request = context.Request;
+ HttpRequest request = context.Request;
+
+ logger.Debug("Starting BeginRequest for " + request.RawUrl);
- logger.Debug("Starting BeginRequest for " + request.RawUrl);
-
// Cleanup expired ServiceTickets in the ServiceTicketManager
if (CasAuthentication.ServiceTicketManager != null)
{
@@ -103,8 +109,8 @@ private static void OnBeginRequest(object sender, EventArgs e)
logger.Info("Processing Proxy Callback request");
CasAuthentication.ProcessProxyCallbackRequest();
return;
- }
-
+ }
+
logger.Debug("Ending BeginRequest for " + request.RawUrl);
}
@@ -126,17 +132,16 @@ private static void OnBeginRequest(object sender, EventArgs e)
/// The HttpApplication that sent the request
/// Not used
private static void OnAuthenticateRequest(object sender, EventArgs e)
- {
- HttpContext context = HttpContext.Current;
- HttpRequest request = context.Request;
-
- // Validate the ticket coming back from the CAS server
+ {
if (!RequestEvaluator.GetRequestIsAppropriateForCasAuthentication())
- {
- logger.Debug("AuthenticateRequest bypassed for " + request.RawUrl);
+ {
+ logger.Debug("AuthenticateRequest bypassed for " + HttpContext.Current.Request.RawUrl);
return;
- }
-
+ }
+
+ HttpContext context = HttpContext.Current;
+ HttpRequest request = context.Request;
+
// Validate the ticket coming back from the CAS server
if (RequestEvaluator.GetRequestHasCasTicket())
{
@@ -145,7 +150,7 @@ private static void OnAuthenticateRequest(object sender, EventArgs e)
}
logger.Debug("Starting AuthenticateRequest for " + request.RawUrl);
- CasAuthentication.ProcessRequestAuthentication();
+ CasAuthentication.ProcessRequestAuthentication();
logger.Debug("Ending AuthenticateRequest for " + request.RawUrl);
}
@@ -177,13 +182,17 @@ private static void OnAuthenticateRequest(object sender, EventArgs e)
/// The HttpApplication that sent the request
/// Not used
private static void OnEndRequest(object sender, EventArgs e)
- {
+ {
+ if (!RequestEvaluator.GetRequestIsAppropriateForCasAuthentication())
+ {
+ logger.Debug("EndRequest bypassed for " + HttpContext.Current.Request.RawUrl);
+ return;
+ }
+
HttpContext context = HttpContext.Current;
HttpRequest request = context.Request;
- if (RequestEvaluator.GetRequestIsAppropriateForCasAuthentication())
- {
- logger.Debug("Starting EndRequest for " + request.RawUrl);
+ logger.Debug("Starting EndRequest for " + request.RawUrl);
if (RequestEvaluator.GetRequestRequiresGateway())
{
@@ -219,14 +228,8 @@ private static void OnEndRequest(object sender, EventArgs e)
{
logger.Info(" Redirecting to CAS Login Page");
CasAuthentication.RedirectToLoginPage();
- }
-
+ }
logger.Debug("Ending EndRequest for " + request.RawUrl);
- }
- else
- {
- logger.Debug("No EndRequest processing for " + request.RawUrl);
- }
}
}
}
\ No newline at end of file
diff --git a/DotNetCasClient/Configuration/CasClientConfiguration.cs b/DotNetCasClient/Configuration/CasClientConfiguration.cs
index 9939ba6..a1abb1a 100644
--- a/DotNetCasClient/Configuration/CasClientConfiguration.cs
+++ b/DotNetCasClient/Configuration/CasClientConfiguration.cs
@@ -254,11 +254,16 @@ public bool RequireCasForMissingContentTypes
///
/// Content-types for which CAS authentication will be required
///
- [ConfigurationProperty(REQUIRE_CAS_FOR_CONTENT_TYPES_PARAMETER_NAME, IsRequired = false, DefaultValue = new[] { "text/plain", "text/html" })]
- public string[] RequireCasForContentTypes {
+ [ConfigurationProperty(REQUIRE_CAS_FOR_CONTENT_TYPES_PARAMETER_NAME, IsRequired = false,DefaultValue = "text/plain,text/html")]
+ private string _RequireCasForContentTypes
+ {
+ get { return this[REQUIRE_CAS_FOR_CONTENT_TYPES_PARAMETER_NAME] as string; }
+ }
+
+ public string[] RequireCasForContentTypes {
get
{
- string[] types = ((this[REQUIRE_CAS_FOR_CONTENT_TYPES_PARAMETER_NAME] as string) ?? "text/plain,text/html").Split(',');
+ string[] types = _RequireCasForContentTypes.Split(',');
for (int i = 0; i < types.Length; i++)
{
string type = types[i];
@@ -274,12 +279,20 @@ public string[] RequireCasForContentTypes {
///
/// Handlers for which CAS authentication will be bypassed.
///
- [ConfigurationProperty(BYPASS_CAS_FOR_HANDLERS_PARAMETER_NAME, IsRequired = false, DefaultValue = new[] { "trace.axd", "webresource.axd" })]
+ [ConfigurationProperty(BYPASS_CAS_FOR_HANDLERS_PARAMETER_NAME, IsRequired = false, DefaultValue = "trace.axd,webresource.axd")]
+ private string _BypassCasForHandlers
+ {
+ get { return this[BYPASS_CAS_FOR_HANDLERS_PARAMETER_NAME] as string; }
+ }
+
+ ///
+ /// Handlers for which CAS authentication will be bypassed.
+ ///
public string[] BypassCasForHandlers
{
get
{
- string[] types = ((this[REQUIRE_CAS_FOR_CONTENT_TYPES_PARAMETER_NAME] as string) ?? "trace.axd,webresource.axd").Split(',');
+ string[] types = _BypassCasForHandlers.Split(',');
for (int i = 0; i < types.Length; i++)
{
string type = types[i];
diff --git a/DotNetCasClient/Utils/RequestEvaluator.cs b/DotNetCasClient/Utils/RequestEvaluator.cs
index 844aff7..c135280 100644
--- a/DotNetCasClient/Utils/RequestEvaluator.cs
+++ b/DotNetCasClient/Utils/RequestEvaluator.cs
@@ -333,8 +333,6 @@ private static bool GetRequestIsCookiesRequiredUrl()
/// True if the request is appropriate for CAS authentication, otherwise False
internal static bool GetRequestIsAppropriateForCasAuthentication()
{
- CasAuthentication.Initialize();
-
HttpContext context = HttpContext.Current;
HttpRequest request = context.Request;
HttpResponse response = context.Response;