Integrate .NET to CAS (improving)

Last week, I have written a tutorial how to integrate Pentaho to CAS. Now I want to share about .NET application to CAS. For me it is important because it is useless to integrate Pentaho to CAS if we don't have other application to be integrated with. I'm doing Pentaho integration to CAS to integrate MaxLogistix: a low cost cloud warehouse management system (WMS) that my team developed. The goal is we want to integrate Pentaho to our application (in my case that application is MaxLogistix) without passing username and password parameter. I have explained this in previous tutorials:

1. Embed Pentaho Report Viewer to Web Application
2. Integrating Pentaho to CAS

This tutorial is based on tutorial and sample from https://www.everit.biz/web/guest/everit-blog/-/blogs/single-sign-out-with-cas-in-net and improved some codes to make it working perfectly.

Jasig has already released its .NET CAS client provider. You can check it from Jasig official .NET CAS Client. But in my case I can't use it because I'm not using pure ASP .NET form. Furthermore I'm not using ASP .NET tag at all because I'm using Castle Framework especially Monorail and ActiveRecord. I must use different approach to integrate MaxLogistix to CAS. Then I found and tried this wonderful .NET CAS tutorial. The result is.... it's working!

When I open http://localhost:50780/default.aspx from my web browser, I'm redirected to CAS login screen https://localhost:8443/cas/login?service=http://localhost:50780/CASLogin.aspx. Login service is working well.

CAS Login

Login from CAS bring me to http://localhost:50780/default.aspx and it shows welcoming screen and Pentaho Report Viewer that I embed using iframe.

Pentaho Report Viewer in .NET using CAS

I also open Pentaho and it shows Home screen, not login screen. Seems CAS working well.

Is it done? Not yet because I haven't tried single sign out. Let's try single sign out. I log out directly from CAS server.

CAS Logout

And I refresh Pentaho Home screen, I'm redirected to CAS login screen.

Pentaho Logged Out from CAS

BUT... when I refreshed http://localhost:50780/default.aspx, I got INTERESTING view. I wasn't redirected to CAS login screen and still in welcome screen, but the embedded Pentaho Report Viewer showed CAS login screen.

Logged in or logged out?

The question is... was I logged out or still logged in CAS? The answer is I was already logged out from CAS. Open https://localhost:8443/cas and it will bring you to login screen.

Furthermore, I always got this error when I was debugging this sample

Ticket error

After spent several hours debugging and learning this source code, I found two things that made these two problems.

1. When CAS logging out, .NET sample application still hold its ticket in its session so that it won't bring us to login screen. The solution is adding several codes to remove ticket from session when get logout request from CAS.
2. There is an overlap event between checking ticket function and other function. When checking ticket function triggered (via timer), another function hasn't finished its process. The error is created because a function is trying to read a variable that locked in another function. The solution for this problem is adding exception handler that do nothing when this overlap event happened.

I added several codes to original sample codes and redid the same steps (login and logout). Tada.. now .NET sample application also logged out when I log out from CAS.

.NET also logged out

Now we can embed Pentaho dashboard and report viewer using CAS perfectly ;)

You can download and compare these sample codes:

1. Original sample
2. Original sample+iframe
3. Updated sample

NOTE:

My sample code doesn't use URL Rewrite so that it won't be displayed in other browser but Chrome. You can use URL Rewrite I wrote about in Embed Pentaho Report Viewer.

MaxLogistix Mobile

Nowadays, mobile application is booming. It's everywhere and everyone use it. Why? Because it's easy to use and it's in our grasp. My developer team in Fordiso also made mobile application for MaxLogistix: a low cost cloud warehouse management system. We have been using it for almost a year and we enjoy its benefits. Read MaxLogistix blog for complete story and information about MaxLogistix mobile.

IIS 8 Odd Compression, Is It Intended?

I just encountered odd compression behaviour in IIS 8 when I did testing for MaxLogistix. I don't know whether it's intended by the maker but I think it's not right. In IIS 7 when I enable static content compression, .css files are compressed but .js (javascript) files are not. I've read this article and still don't understand why Microsoft think that javascript is NOT static content (but css is static content, I've tried to change javacript MIME type to text/javascript but the result is same) so that I must enable dynamic content compression to make javascript files compressed in IIS. But right now in IIS 8, I'm shocked! Both of them (.css and .js) are TREATED as DYNAMIC content!

This is what I've done and I've found:
IIS version: 8

IIS 8

I added a new website

Add new site

Compression was disabled

No compression

And yes, transfer size = file size, nothing wrong

Working perfectly

Then I enabled static content compression

Enable static content compression

But still had same result, no matter how I tried to restart IIS server, restart application pool, restart site, and clear browser cache.

Static compression not working

Temporary folder used to store compressed files still empty

Empty temp folder

I tried enabling dynamic content compression

Enabling dynamic content compression

After restart IIS, restart application pool, restart site, and clear browser cache, tada... it's working!

Dynamic content compression is working

And temporary folder was as clean as before

Still empty temp folder