If your project is going to require users to log in with a Princeton netid, you should use this code, which has the great advantage that the user's password is sent only to a trusted third party (i.e., not you) that determines securely whether it is a valid Princeton netid and does not return to your code unless it is.
Your system might display a welcome page like this one, with a login link that points to the authentication page. After a successful call to CASClient's Authenticate(), the authentication page would set a session cookie indicating successful login and redirect to a page inside the site.
Here is a PHP version:
The PHP client code is here and the PHP test script is here.
Here is a Python version:
The Python client code is here, the Python CGI script is here, and the test program is here.
The PHP version is by Alex Halderman '03, with contributions from Avi Flamholz '07 and Scott Karlin *03; thanks to all of them. The Python version is bwk's transliteration from the PHP.
A pretty cryptic description of the underlying system is now found at this OIT site.