Integrating CAS with Perl

At work we are trying to setup CAS (Central Authentication Service from JA-SIG) with Perl and Java. Java worked out fine especially JSPs. Guys are trying to integrate it with acegi framework. So I decided to try out perl. As it turned out JSSE stores the certs in binary format called 'DER' while perl's SSL expects the certs to be in 'PEM' format. So after browsing a bit here is how I managed to get the cert

% openssl s_client -connect myserver:port -showcerts

This produced an output that contained something like

-----BEGIN CERTIFICATE-----
MIICoTCCAgqgAwIBAgIERui89jANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMC
U0cxEjAQBgNVBAgTCVNpbmdhcG9yZTESMBAGA1UEBxMJU2luZ2Fwb3JlMSYwJAYD
VQQKEx1HZW5vbWUgSW5zdGl0dXRlIG9mIFNpbmdhcG9yZTEVMBMGA1UECxMMQXBw
bGljYXRpb25zMR4wHAYDVQQDExVzc28uZ2lzLmEtc3Rhci5lZHUuc2cwHhcNMDcw
OTEzMDQzMDQ2WhcNMjcwOTA4MDQzMDQ2WjCBlDELMAkGA1UEBhMCU0cxEjAQBgNV
-----END CERTIFICATE-----

I Just copied that into a file called /etc/cacert.pem.

To get things to work, I had to install AuthCAS version 1.3. However, there was an error in the module. It contained a line

unless (defined $xmlRef)

which should have read

unless (defined @xml)

After making the change, the following code ran without any problem

#!/usr/bin/env perl

use AuthCAS;
use CGI;
use CGI::Carp qw( fatalsToBrowser );
use File::Spec::Functions qw(splitpath);

my $q = new CGI();
my ($volume, $directories, $file) = splitpath($0);
my $cas = new AuthCAS(casUrl => "https://server:port",
                    CAFile => "/tmp/cacert.pem",
                      );
my $ticket = $q->param('ticket');
# if no ticket exists then redirect to login
if( $ticket eq "") {
      my $login_url = $cas->getServerLoginURL("http://localhost/cgi-bin/$file");
      print $q->redirect($login_url);
} else {
      my $user = $cas->validateST("http://localhost/cgi-bin/$file", $ticket) or die AuthCAS::get_errors();
print <<END_OF_MESSAGE;
Content-type: text/html

<html>
      <body>
              Hello $user
      </body>
</html>
END_OF_MESSAGE
}