How to log in to this CAS system via Android

Question

I've been trying for the better part of a month to figure out how to login to my university's CAS system via Android. I'm a total noob to HTTP and authentication, I've spent a lot of time googling terms, but I've got them pretty much down now.

Anyway, I'm trying to login the CAS system and I was able to find a diagram of how the system works which I've posted below.

http://www.middleware.vt.edu/lib/exe/detail.php?id=middleware%3Acas%3Aprotocol&media=middleware:cas:cas_v1_authentication.png

I have the following code so far:

DefaultHttpClient httpClient = new DefaultHttpClient();
    
    try {
        
        HttpGet httpGet = new HttpGet(LOGIN);
        
        HttpResponse response = httpClient.execute(httpGet);
        HttpEntity entity = response.getEntity();
        
        Log.i(TAG, "Login form get: " + response.getStatusLine());
        if (entity != null) {
            
            entity.consumeContent();
        }
        Log.i(TAG, "Initial set of cookies: ");
        List<Cookie> cookies = httpClient.getCookieStore().getCookies();
        if (cookies.isEmpty()) {
            
            Log.i(TAG, "THere are no cookies");
        }
        else {
            
            for (int i = 0; i < cookies.size(); i++) {
                
                Log.i(TAG, " - " + cookies.get(i).toString());
            }
        }
        
        HttpPost httpPost = new HttpPost(LOGIN);
        
        List<NameValuePair> nvps = new ArrayList<NameValuePair>();
        nvps.add(new BasicNameValuePair("username", "MyUserName"));
        nvps.add(new BasicNameValuePair("password", "MyPassword"));
        
        httpPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
        
        Log.i(TAG, "The last header's value is.... " + response.getAllHeaders().length);
 
        response = httpClient.execute(httpPost);
        entity = response.getEntity();
        
        Log.i(TAG, "Login form get: " + response.getStatusLine());
        if (entity != null) {
            
            entity.consumeContent();
        }
        
        Log.i(TAG, "Post login cookies: ");
        cookies = httpClient.getCookieStore().getCookies();
        if (cookies.isEmpty()) {
            
            Log.i(TAG, "No Cookies");
        }
        else {
            
            for (int i = 0; i < cookies.size(); i++) {
                
                Log.i(TAG, " - " + cookies.get(i).toString());
            }
        }
        
        httpClient.getConnectionManager().shutdown();

This code doesn't return me any errors but it only grabs one cookie, when I think I need one more, the CASTGC cookie......

I'm hoping someone with more experience than I can make some sense of the diagram above and at least tell me if I'm on the right track.

Thanks for reading.

Answer 1

Got it to work! I just had to pass the correct SSL certificate and use Jsoup as one logically would. Also there were some hidden fields I had to grab and some cookies I had to follow responses to get....

Answer 2

You be interested in the CAS RESTful API: https://wiki.jasig.org/display/CASUM/RESTful+API

The RESTful API follows the same basic protocol as the original CAS2 protocol, augmented with some additional well-defined resource urls. This is particularly helpful for applications that need to programmatically access CAS.

Hope this helps.