Ñò ô†³Kc @sàdZddkZddklZddklZlZdefd„ƒYZdefd„ƒYZd „Z e Z ddd gZ d e joMd Z dd klZddklZddkTeee ee ƒƒƒndS(ss CAS 1.0 Authentication The Central Authentication System is a straight-forward single sign-on mechanism developed by Yale University's ITS department. It has since enjoyed widespread success and is deployed at many major universities and some corporations. https://clearinghouse.ja-sig.org/wiki/display/CAS/Home http://www.yale.edu/tp/auth/usingcasatyale.html This implementation has the goal of maintaining current path arguments passed to the system so that it can be used as middleware at any stage of processing. It has the secondary goal of allowing for other authentication methods to be used concurrently. iÿÿÿÿN(t construct_url(t HTTPSeeOthert HTTPForbiddentCASLoginFailurecBseZdZRS(s4 The exception raised if the authority returns 'no' (t__name__t __module__t__doc__(((s2/usr/lib/python2.6/site-packages/paste/auth/cas.pyRstCASAuthenticatecBseZdZRS(s/ The exception raised to authenticate the user (RRR(((s2/usr/lib/python2.6/site-packages/paste/auth/cas.pyRscs=ˆidƒoˆidƒpt‚‡‡fd†}|S(s8 middleware to implement CAS 1.0 authentication There are several possible outcomes: 0. If the REMOTE_USER environment variable is already populated; then this middleware is a no-op, and the request is passed along to the application. 1. If a query argument 'ticket' is found, then an attempt to validate said ticket /w the authentication service done. If the ticket is not validated; an 403 'Forbidden' exception is raised. Otherwise, the REMOTE_USER variable is set with the NetID that was validated and AUTH_TYPE is set to "cas". 2. Otherwise, a 303 'See Other' is returned to the client directing them to login using the CAS service. After logon, the service will send them back to this same URL, only with a 'ticket' query argument. Parameters: ``authority`` This is a fully-qualified URL to a CAS 1.0 service. The URL should end with a '/' and have the 'login' and 'validate' sub-paths as described in the CAS 1.0 documentation. t/thttpc sq|iddƒ}|oˆ||ƒS|iddƒidƒ}|oÜ|didƒoÈ|iƒiddƒd}di|ƒ|ds,     (tendswithRtAssertionError(R'R(R)((R'R(s2/usr/lib/python2.6/site-packages/paste/auth/cas.pytAuthCASHandlers'R,t__main__s(https://secure.its.yale.edu/cas/servlet/(t dump_environ(tserve(t*(RRt paste.requestRtpaste.httpexceptionsRRRRR,t middlewaret__all__RR(t paste.wsgilibR.tpaste.httpserverR/tHTTPExceptionHandler(((s2/usr/lib/python2.6/site-packages/paste/auth/cas.pyts  :