phpCAS client initializer.
public static client ( string $server_version, string $server_hostname, string $server_port, string $server_uri, boolean $changeSessionID = true ) : a | ||
$server_version | string | the version of the CAS server |
$server_hostname | string | the hostname of the CAS server |
$server_port | string | the port the CAS server is running on |
$server_uri | string | the URI the CAS server is responding on |
$changeSessionID | boolean | Allow phpCAS to change the session_id (Single Sign Out/handleLogoutRequests is based on that change) |
return | a | newly created CAS_Client object |
public function __construct() { // These are default values for the first login and should be changed via GUI $CAS_HOSTNAME = 'your.domain.org'; $CAS_PORT = '443'; $CAS_PATH = '/cas'; $this->autocreate = OCP\Config::getAppValue('user_cas', 'cas_autocreate', true); $this->updateUserData = OCP\Config::getAppValue('user_cas', 'cas_update_user_data', true); $this->defaultGroup = OCP\Config::getAppValue('user_cas', 'cas_default_group', ''); $this->protectedGroups = explode(',', str_replace(' ', '', OCP\Config::getAppValue('user_cas', 'cas_protected_groups', ''))); $this->mailMapping = OCP\Config::getAppValue('user_cas', 'cas_email_mapping', ''); $this->displayNameMapping = OCP\Config::getAppValue('user_cas', 'cas_displayName_mapping', ''); $this->groupMapping = OCP\Config::getAppValue('user_cas', 'cas_group_mapping', ''); $casVersion = OCP\Config::getAppValue('user_cas', 'cas_server_version', '2.0'); $casHostname = OCP\Config::getAppValue('user_cas', 'cas_server_hostname', $CAS_HOSTNAME); $casPort = OCP\Config::getAppValue('user_cas', 'cas_server_port', $CAS_PORT); $casPath = OCP\Config::getAppValue('user_cas', 'cas_server_path', $CAS_PATH); $casCertPath = OCP\Config::getAppValue('user_cas', 'cas_cert_path', ''); global $initialized_cas; if (!$initialized_cas) { phpCAS::client($casVersion, $casHostname, (int) $casPort, $casPath, false); if (!empty($casCertPath)) { phpCAS::setCasServerCACert($casCertPath); } else { phpCAS::setNoCasServerValidation(); } $initialized_cas = true; } }
public function get_login() { Logger::debug('main', 'AuthMethod_CAS::get_login()'); if (!isset($_SESSION['backup_sso']) || !is_array($_SESSION['backup_sso'])) { $_SESSION['backup_sso'] = array(); } foreach ($_REQUEST as $k => $v) { $_SESSION['backup_sso'][$k] = $v; } $buf = $this->prefs->get('AuthMethod', 'CAS'); $CAS_server_url = $buf['user_authenticate_cas_server_url']; if (!isset($CAS_server_url) || $CAS_server_url == '') { Logger::error('main', 'AuthMethod_CAS::get_login() - Unable to find CAS server url in Preferences'); return NULL; } phpCAS::client(CAS_VERSION_2_0, parse_url($CAS_server_url, PHP_URL_HOST), parse_url($CAS_server_url, PHP_URL_PORT), parse_url($CAS_server_url, PHP_URL_PATH)); Logger::debug('main', 'AuthMethod_CAS::get_login() - Parsing URL - Host:"' . parse_url($CAS_server_url, PHP_URL_HOST) . '" Port:"' . parse_url($CAS_server_url, PHP_URL_PORT) . '" Path:"' . parse_url($CAS_server_url, PHP_URL_PATH) . '"'); phpCAS::setNoCasServerValidation(); if (!phpCAS::forceAuthentication()) { Logger::error('main', 'AuthMethod_CAS::get_login() - phpCAS::forceAuthentication failed'); return NULL; } if (!phpCAS::isAuthenticated()) { Logger::error('main', 'AuthMethod_CAS::get_login() - phpCAS::isAuthenticated failed'); return NULL; } $this->login = phpCAS::getUser(); foreach ($_SESSION['backup_sso'] as $k => $v) { if (isset($_REQUEST[$k])) { continue; } $_REQUEST[$k] = $v; } return $this->login; }
private function init_cas_client() { if (class_exists('phpCAS')) { return true; } require getConfig('casldap_phpcas_path'); $cas_debug_file = getConfig('cas_debug_file_path'); if (!empty($cas_debug_file)) { phpCAS::setDebug($cas_debug_file); } $cas_host = getConfig('cas_host'); $cas_port = getConfig('cas_port') or 443; $cas_context = getConfig('cas_context'); switch (getConfig('cas_version')) { case 1: $cas_version = CAS_VERSION_1_0; break; case 2: $cas_version = CAS_VERSION_2_0; break; case 3: $cas_version = CAS_VERSION_3_0; break; default: $cas_version = CAS_VERSION_2_0; break; } phpCAS::client($cas_version, $cas_host, intval($cas_port), $cas_context); $cas_server_ca_cert_path = getConfig('cas_server_ca_cert_path'); if ($cas_server_ca_cert_path) { phpCAS::setCasServerCACert($cas_server_ca_cert_path); } else { phpCAS::setNoCasServerValidation(); } }
public static function initialized_php_cas() { if (!self::$_initialized_php_cas) { $casVersion = OCP\Config::getAppValue('user_cas', 'cas_server_version', '2.0'); $casHostname = OCP\Config::getAppValue('user_cas', 'cas_server_hostname', $_SERVER['SERVER_NAME']); $casPort = OCP\Config::getAppValue('user_cas', 'cas_server_port', 443); $casPath = OCP\Config::getAppValue('user_cas', 'cas_server_path', '/cas'); $casDebugFile = OCP\Config::getAppValue('user_cas', 'cas_debug_file', ''); $casCertPath = OCP\Config::getAppValue('user_cas', 'cas_cert_path', ''); $php_cas_path = OCP\Config::getAppValue('user_cas', 'cas_php_cas_path', 'CAS.php'); if (!class_exists('phpCAS')) { if (empty($php_cas_path)) { $php_cas_path = 'CAS.php'; } OC_Log::write('cas', "Try to load phpCAS library ({$php_cas_path})", OC_Log::DEBUG); include_once $php_cas_path; if (!class_exists('phpCAS')) { OC_Log::write('cas', 'Fail to load phpCAS library !', OC_Log::ERROR); return false; } } if ($casDebugFile !== '') { phpCAS::setDebug($casDebugFile); } phpCAS::client($casVersion, $casHostname, (int) $casPort, $casPath, false); if (!empty($casCertPath)) { phpCAS::setCasServerCACert($casCertPath); } else { phpCAS::setNoCasServerValidation(); } self::$_initialized_php_cas = true; } return self::$_initialized_php_cas; }
public function execute($filterChain) { $user = $this->getContext()->getUser(); // We put an LDAP object in the context in order to reuse it later $this->getContext()->set('ldap', new uapvLdap()); // Filters can be called several times (because of internal forwards) // Authentication is only done the first time if ($this->isFirstCall() && (sfConfig::get('app_cas_server_force_authentication', false) || !$user->isAuthenticated())) { // phpCAS is not php5-compliant, we remove php warnings and strict errors $errorReporting = ini_get('error_reporting'); error_reporting($errorReporting & ~E_STRICT & ~E_NOTICE); if (sfConfig::get('app_cas_server_debug', false)) { phpCAS::setDebug(); } // see /tmp/phpCAS.log phpCAS::client(sfConfig::get('app_cas_server_version', CAS_VERSION_2_0), sfConfig::get('app_cas_server_host', 'localhost'), sfConfig::get('app_cas_server_port', 443), sfConfig::get('app_cas_server_path', ''), false); // Don't call session_start again, // symfony already did it //phpCAS::handleLogoutRequests (); phpCAS::setNoCasServerValidation(); phpCAS::forceAuthentication(); // if necessary the user will be // redirected to the cas server // At this point the user is authenticated, we log him in $user->signIn(phpCAS::getUser()); // Previous settings can now be restored error_reporting($errorReporting); } // "credential" verification parent::execute($filterChain); }
/** * Initialize the class, this must be called before anything else * @param $config * @param bool $changeSessionID Allow phpCAS to change the session_id (Single Sign Out/handleLogoutRequests is based on that change) * @param $debugLog Set to a path to enable debug log */ public static function init($config, $changeSessionID = true, $debugLog = null) { if ($debugLog != null) { phpCAS::setDebug($debugLog); } phpCAS::client(CAS_VERSION_2_0, $config['site'], $config['port'], "cas", $changeSessionID); self::$config = $config; $private_key = null; if (isset($config['private_key'])) { $key = static::resolve_filename($config['private_key']); $private_key = openssl_get_privatekey("file:///{$key}"); if ($private_key === false) { throw new NXAuthError("Failed to open private key {$key}"); } } if (isset($config['ca_cert']) && $config['ca_cert'] != null) { self::$ca_cert = static::resolve_filename($config['ca_cert']); phpCAS::setCasServerCACert(self::$ca_cert); } else { phpCAS::setNoCasServerValidation(); // Disable curl ssl verification phpCAS::setExtraCurlOption(CURLOPT_SSL_VERIFYHOST, 0); phpCAS::setExtraCurlOption(CURLOPT_SSL_VERIFYPEER, 0); } NXAPI::init(array('private_key' => $private_key, 'key_id' => $config['key_id'], 'url' => "https://" . $config['site'], 'ca_cert' => self::$ca_cert)); }
/** * Attempts to authenticate users via CAS */ public function index() { // If they don't have CAS configured, send them onto the application's // internal authentication system if (!defined('CAS')) { header('Location: ' . BASE_URL . '/login/login?return_url=' . $this->return_url); exit; } require_once CAS . '/CAS.php'; \phpCAS::client(CAS_VERSION_2_0, CAS_SERVER, 443, CAS_URI, false); \phpCAS::setNoCasServerValidation(); \phpCAS::forceAuthentication(); // at this step, the user has been authenticated by the CAS server // and the user's login name can be read with phpCAS::getUser(). // They may be authenticated according to CAS, // but that doesn't mean they have person record // and even if they have a person record, they may not // have a user account for that person record. try { $_SESSION['USER'] = new Person(\phpCAS::getUser()); header("Location: {$this->return_url}"); exit; } catch (\Exception $e) { $_SESSION['errorMessages'][] = $e; } $this->template->blocks[] = new Block('loginForm.inc', array('return_url' => $this->return_url)); }
function metodillo() { $sSQL = "SELECT * FROM PM_PARAMETERS WHERE PRM_ID = 'CAS_URL' "; $aResSQL = executeQuery($sSQL); if (count($aResSQL)) { $sURL = $aResSQL[1]['PRM_VALUE']; $sURI = $aResSQL[1]['PRM_VALUE_2']; $res = false; $RBAC = RBAC::getSingleton(); $RBAC->initRBAC(); require_once 'CAS-1.2.2/CAS.php'; phpCAS::client(CAS_VERSION_2_0, $sURL, 443, $sURI, false); phpCAS::setNoCasServerValidation(); phpCAS::forceAuthentication(); if (phpCAS::isAuthenticated() == true) { $sCasUser = phpCAS::getUser(); $sSQL = "SELECT USR_UID FROM USERS WHERE USR_USERNAME = '******' "; $aResSQL = executeQuery($sSQL); if (count($aResSQL)) { $nUserId = $aResSQL[1]['USR_UID']; $RBAC->singleSignOn = true; $RBAC->userObj->fields['USR_UID'] = $nUserId; $RBAC->userObj->fields['USR_USERNAME'] = $sCasUser; $res = true; } else { $res = false; } } else { $res = false; } } else { $res = false; } return $res; }
function checkAndSetUserSession() { // store session data if (!isset($_SESSION['user'])) { $_SESSION['user'] = null; } if (isset($_REQUEST['login']) or isset($_REQUEST['logout'])) { // initialize phpCAS phpCAS::client(CAS_VERSION_2_0, 'login.kth.se', 443, ''); //phpCAS::proxy(CAS_VERSION_2_0,'login.kth.se',443,''); phpCAS::setNoCasServerValidation(); // If you want the redirect back from the login server to enter your application by some // specfic URL rather than just back to the current request URI, call setFixedCallbackURL. //phpCAS::setFixedCallbackURL('http://xml.csc.kth.se/~wiiala/DM2517/project/php/index.php'); // force CAS authentication phpCAS::forceAuthentication(); // at this step, the user has been authenticated by the CAS server // and the user's login name can be read with phpCAS::getUser(). $_SESSION['user'] = phpCAS::getUser(); //Logga ut och redirecta till vår standardsida if (isset($_REQUEST['logout'])) { unset($_SESSION['user']); phpCAS::logoutWithRedirectService('http://kth.kribba.com/'); } } }
/** * [Put your description here] */ function main($content, $conf) { $this->conf = $conf; $this->pi_setPiVarDefaults(); $this->pi_USER_INT_obj = 1; // Configuring so caching is not expected. This value means that no cHash params are ever set. We do this, because it's a USER_INT object! $this->pi_loadLL(); $this->typeExecution = "prod"; $urlCas = "none"; $portCas = "none"; if ($this->typeExecution == "dev") { $urlCas = "xinf-devlinux.intranet.haras-nationaux.fr"; $portCas = 7777; } else { if ($this->typeExecution == "prod") { $urlCas = "cerbere.haras-nationaux.fr"; $portCas = 443; } } session_start(); if (isset($_GET["action"]) && $_GET["action"] == "disconnect") { phpCAS::setDebug(); phpCAS::client(CAS_VERSION_2_0, $urlCas, $portCas, 'cas', 'true'); $ur = phpCAS::getServerLogoutURL(); phpCAS::killSession(); //Suppression de la sesssion de harasire setcookie("netid", "", time() - 3600, "/", ".haras-nationaux.fr"); //$urCid = "http://www4.haras-nationaux.fr/cid-internet-web/InvalidateSessionServlet?service=".$ur; $content .= '<IFRAME src="' . $ur . '" frameborder="no" height="600" width="670"></IFRAME>'; return $this->pi_wrapInBaseClass($content); } }
public function __construct() { \phpCAS::setDebug(); \phpCAS::client(CAS_VERSION_2_0, "itebeta.baidu.com", 443, ""); \phpCAS::setNoCasServerValidation(); \phpCAS::forceAuthentication(); $this->username = \phpCAS::getUser(); }
public function __construct() { $setup = self::loadSetup(); $this->client = phpCAS::client(CAS_VERSION_2_0, $setup['host'], $setup['port'], $setup['context']); // For simplicities sake at the moment we are not validating the server auth. phpCAS::setNoCasServerValidation(); phpCAS::setPostAuthenticateCallback(array($this, 'loginCallback')); }
public function init($options) { parent::init($options); $this->cas_server = $this->getOption("CAS_SERVER"); $this->cas_port = $this->getOption("CAS_PORT"); $this->cas_uri = $this->getOption("CAS_URI"); phpCAS::client(CAS_VERSION_1_0, $this->cas_server, $this->cas_port, $this->cas_uri, false); phpCAS::setNoCasServerValidation(); }
private function prepare() { \phpCAS::client(CAS_VERSION_2_0, $this->casUrl, $this->casPort, $this->casUri, false); //\phpCAS::setDebug('/tmp/cas.log'); \phpCAS::setNoCasServerValidation(); //\phpCAS::setSingleSignoutCallback(array($this, 'casSingleSignOut')); //\phpCAS::setPostAuthenticateCallback(array($this, 'casPostAuth')); \phpCAS::handleLogoutRequests(true, $this->casAllowedIpClients); }
function initPhpCAS($host, $port, $context, $CA_certificate_file) { phpCAS::client(SAML_VERSION_1_1, $host, intval($port), $context, false); if ($CA_certificate_file) { phpCAS::setCasServerCACert($CA_certificate_file); } else { phpCAS::setNoCasServerValidation(); } //phpCAS::setLang(PHPCAS_LANG_FRENCH); }
public function __construct() { parent::__construct(); $this->load->database(); $this->load->library('grocery_CRUD'); include_once 'CAS.php'; phpCAS::client('2.0', 'cas.uhp-nancy.fr', 443, '/cas', false); phpCAS::setNoCasServerValidation(); phpCAS::handleLogoutRequests(false); }
public function __construct(ComponentCollection $collection, $settings) { $this->settings['host'] = 'cas.ucdavis.edu'; $this->settings['context'] = '/cas'; $this->settings['port'] = 443; $this->settings['ca_cert_path'] = '/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt'; phpCAS::client(CAS_VERSION_2_0, $this->settings['host'], $this->settings['port'], $this->settings['context']); phpCAS::setCasServerCACert($this->settings['ca_cert_path']); parent::__construct($collection, $settings); }
private function initCasClient() { if (!$this->_casInitialized) { require_once 'CAS.php'; phpCAS::setDebug(); phpCAS::client(CAS_VERSION_2_0, $this->getOption('cas_server_host', 'localhost'), (int) $this->getOption('cas_server_port', 443), $this->getOption('cas_server_path', ''), false); // Don't call session_start again $this->_casInitialized = true; } }
/** * Initializes the authority objects based on an associative array of arguments * @param array $args an associate array of arguments. The argument list is dependent on the authority * * General - Required keys: * TITLE => The human readable title of the AuthorityImage * INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority * * General - Optional keys: * LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in * * CAS - Required keys: * CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0": * CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1' * CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu" * CAS_PORT => The port the CAS server is listening on, e.g. "443" * CAS_PATH => The path of the CAS application, e.g. "/cas/" * CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity * of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate * validation will be performed (not recommended for production). * * CAS - Optional keys: * ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * * NOTE: Any subclass MUST call parent::init($args) to ensure proper operation * */ public function init($args) { parent::init($args); // include the PHPCAS library if (empty($args['CAS_PHPCAS_PATH'])) { require_once 'CAS.php'; } else { require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php'; } if (empty($args['CAS_PROTOCOL'])) { throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_HOST'])) { throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PORT'])) { throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PATH'])) { throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PROXY_INIT'])) { phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); } else { phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); if (!empty($args['CAS_PROXY_TICKET_PATH'])) { phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']); } if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) { phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']); } } if (empty($args['CAS_CA_CERT'])) { phpCAS::setNoCasServerValidation(); } else { phpCAS::setCasServerCACert($args['CAS_CA_CERT']); } // Record any attribute mapping configured. if (!empty($args['ATTRA_EMAIL'])) { CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']); } if (!empty($args['ATTRA_FIRST_NAME'])) { CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']); } if (!empty($args['ATTRA_LAST_NAME'])) { CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']); } if (!empty($args['ATTRA_FULL_NAME'])) { CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']); } // Store an attribute for group membership if configured. if (!empty($args['ATTRA_MEMBER_OF'])) { CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']); } }
function check_auth() { if (!isset($GLOBALS['PHPCAS_CLIENT'])) { phpCAS::client(CAS_VERSION_2_0, 'cas.byu.edu', 443, 'cas'); //phpCAS::setCasServerCACert("../CAS/cas_ca.pem"); phpCAS::setNoCasServerValidation(); phpCAS::setDebug("cas_error.txt"); phpCAS::handleLogoutRequests(true, array('cas.byu.edu', 'cas1.byu.edu', 'cas2.byu.edu', 'cas3.byu.edu')); } return phpCAS::isAuthenticated(); }
/** * Plugin initialization, action & filters register, etc */ function init($run_cas = true) { global $error; if ($run_cas) { /** * phpCAS initialization */ include_once $this->phpcas_path; if ($this->settings['server_hostname'] == '' || intval($this->settings['server_port']) == 0) { $this->cas_configured = false; } if ($this->cas_configured) { //If everything is alright, let's initialize the phpCAS client phpCAS::client($this->settings['cas_version'], $this->settings['server_hostname'], intval($this->settings['server_port']), $this->settings['server_path'], false); // function added in phpCAS v. 0.6.0 // checking for static method existance is frustrating in php4 $phpCas = new phpCas(); if (method_exists($phpCas, 'setCasServerCACert') && $this->settings['cert_path']) { phpCAS::setCasServerCACert($this->settings['cert_path']); } elseif (method_exists($phpCas, 'setNoCasServerValidation')) { phpCAS::setNoCasServerValidation(); } unset($phpCas); if (defined('CAS_MAESTRO_DEBUG_ON') && CAS_MAESTRO_DEBUG_ON == true) { phpCAS::setDebug(CAS_MAESTRO_PLUGIN_PATH . 'debug.log'); } /** * Filters and actions registration */ add_filter('authenticate', array(&$this, 'validate_login'), 30, 3); add_filter('login_url', array(&$this, 'bypass_reauth')); add_action('lost_password', array(&$this, 'disable_function')); add_action('retrieve_password', array(&$this, 'disable_function')); add_action('password_reset', array(&$this, 'disable_function')); add_filter('show_password_fields', array(&$this, 'show_password_fields')); } else { $error = __("wpCAS is not configured. Please, login, go to the settings and configure with your credentials.", "CAS_Maestro"); //add_filter( 'login_head', array(&$this, 'display_login_notconfigured')); } } add_action('wp_logout', array(&$this, 'process_logout')); //Register the language initialization add_action('init', array(&$this, 'lang_init')); add_action('admin_init', array(&$this, 'add_meta_boxes')); add_action('profile_update', array(&$this, 'onSaveProfile'), 10, 2); add_action('admin_notices', array(&$this, 'notify_email_update')); add_action('admin_menu', array(&$this, 'register_menus'), 50); add_action('admin_enqueue_scripts', array(&$this, 'register_javascript')); //Filter to rewrite the login form action to bypass cas if ($this->bypass_cas) { add_filter('site_url', array(&$this, 'bypass_cas_login_form'), 20, 3); add_filter('authenticate', array(&$this, 'validate_noncas_login'), 30, 3); } }
/** * This function returns false if the used auth method cannot be * done without user action (ie needs filling login/password in the * form...). If it can be done automatically (SSL, CAS, etc...), then * try to authenticate the user, and return the username if it succeeds, * false otherwise). * * @returns The username if the authentification succeeds, false if * it fails or is not applicable. */ function autoAuth() { // Instanciate phpCAS include_once 'CAS/CAS.php'; phpCAS::client(CAS_VERSION_2_0, $this->casServerHostname, $this->casServerPort, $this->casServerURI); // Do CAS authentication (force it) phpCAS::forceAuthentication(); // If the CAS authentification was successful, phpCAS will get us back // here and return the user login. Just what we needed ! return phpCAS::getUser(); }
/** * Stores the configuration. Calls the parent configuration first, * then does additional operations. * * @param object Properties $configuration * @return object * @access public * @since 3/24/05 */ function assignConfiguration(Properties $configuration) { parent::assignConfiguration($configuration); $format = $configuration->getProperty('DISPLAY_NAME_FORMAT'); ArgumentValidator::validate($format, RegexValidatorRule::getRule('/\\[\\[([^]]+)\\]\\]/')); $this->displayNameFormat = $format; if ($debug = $configuration->getProperty('CAS_DEBUG_PATH')) { ArgumentValidator::validate($debug, StringValidatorRule::getRule()); phpCAS::setDebug($debug); } $host = $configuration->getProperty('CAS_HOST'); ArgumentValidator::validate($host, RegexValidatorRule::getRule('/^[a-z0-9]+\\.[a-z0-9]+.[a-z]+$/')); $port = $configuration->getProperty('CAS_PORT'); ArgumentValidator::validate($port, RegexValidatorRule::getRule('/^[0-9]+$/')); $path = $configuration->getProperty('CAS_PATH'); ArgumentValidator::validate($path, RegexValidatorRule::getRule('/^\\/.*$/')); phpCAS::client(CAS_VERSION_2_0, $host, intval($port), $path, false); if ($cert = $configuration->getProperty('CAS_CERT')) { phpCAS::setCasServerCACert($cert); } else { phpCAS::setNoCasServerValidation(); } // Allow group lookup via a CASDirectory: // https://mediawiki.middlebury.edu/wiki/LIS/CAS_Directory $dirUrl = $configuration->getProperty('CASDIRECTORY_BASE_URL'); ArgumentValidator::validate($dirUrl, StringValidatorRule::getRule()); $this->directoryUrl = $dirUrl; // set the callback URL for the PGT to be sent to. This must be an https url // whose certificate is trusted by CAS. // $callbackUrl = $configuration->getProperty('CALLBACK_URL'); // ArgumentValidator::validate($callbackUrl, RegexValidatorRule::getRule('/^https:\/\/.*$/')); // phpCAS::setFixedCallbackURL($callbackUrl); $adminAccess = $configuration->getProperty('CASDIRECTORY_ADMIN_ACCESS'); ArgumentValidator::validate($adminAccess, StringValidatorRule::getRule()); $this->adminAccess = $adminAccess; $classRoot = $configuration->getProperty('CASDIRECTORY_CLASS_ROOT'); if ($classRoot) { ArgumentValidator::validate($classRoot, StringValidatorRule::getRule()); $this->classRoot = $classRoot; } else { $this->classRoot = null; } $groupIdRegex = $configuration->getProperty('CASDIRECTORY_GROUP_ID_REGEX'); if ($groupIdRegex) { ArgumentValidator::validate($groupIdRegex, StringValidatorRule::getRule()); $this->groupIdRegex = $groupIdRegex; } else { $this->groupIdRegex = null; } // Root Groups to expose ArgumentValidator::validate($configuration->getProperty('ROOT_GROUPS'), ArrayValidatorRuleWithRule::getRule(StringValidatorRule::getRule())); $this->rootGroups = array_unique($configuration->getProperty('ROOT_GROUPS')); }
function logoutCAS($config, $wwwroot) { require_once dirname(__FILE__) . '/CAS/CAS.php'; // get module configuration $cas_validate = true; $cas_version = CAS_VERSION_2_0; $cas_language = 'english'; phpCAS::client($cas_version, $config->cashostname, (int) $config->casport, $config->casbaseuri, false); error_log("CAS: Logout"); phpCAS::logout($wwwroot); error_log("CAS: Logout Exit"); return true; }
protected function initializeCASClient() { if (!phpCAS::isInitialized()) { // Set debug mode phpCAS::setDebug(false); //Initialize phpCAS phpCAS::client(CAS_VERSION_2_0, Configure::read('user_config.cas.hostname'), Configure::read('user_config.cas.port'), Configure::read('user_config.cas.uri'), true); phpCAS::setFixedServiceURL($this->loginRedirectURL()); // No SSL validation for the CAS server phpCAS::setNoCasServerValidation(); } return true; }
public static function init() { if (self::$_init) { return true; } $config = new \Yaf\Config\Ini(APPLICATION_CONFIG_PATH . '/phpcas.ini', \Yaf\ENVIRON); phpCAS::setDebug(''); phpCAS::client($config->cas_version, $config->cas_host, intval($config->cas_port), $config->cas_context); phpCAS::setNoCasServerValidation(); phpCAS::handleLogoutRequests(false); self::$_init = true; return true; }
function __construct() { if (!self::$initialized) { global $cas_cfg; phpCAS::client(CAS_VERSION_2_0, $cas_cfg['host'], $cas_cfg['port'], $cas_cfg['context']); // Perform SSL validation only if server_ca_cert path is provided. if (isset($cas_cfg['server_ca_cert'])) { phpCAS::setCasServerCACert($cas_cfg['server_ca_cert']); } else { phpCAS::setNoCasServerValidation(); } self::$initialized = true; } }
function __construct($collection, $settings) { $this->_Collection = $collection; if (Configure::read('CAS.debug_log_enabled')) { phpCAS::setDebug(TMP . 'phpCas.log.txt'); } phpCAS::client(CAS_VERSION_2_0, Configure::read('CAS.hostname'), Configure::read('CAS.port'), Configure::read('CAS.uri')); $certServer = Configure::read('CAS.cert_path'); if (empty($certServer)) { phpCAS::setNoCasServerValidation(); } else { phpCAS::setCasServerCACert($certServer); } }
private function setCASSettings() { if ($this->options->IsCasDebugOn()) { phpCAS::setDebug($this->options->DebugFile()); } phpCAS::client($this->options->CasVersion(), $this->options->HostName(), $this->options->Port(), $this->options->ServerUri(), $this->options->ChangeSessionId()); if ($this->options->CasHandlesLogouts()) { phpCAS::handleLogoutRequests(true, $this->options->LogoutServers()); } if ($this->options->HasCertificate()) { phpCAS::setCasServerCACert($this->options->Certificate()); } phpCAS::setNoCasServerValidation(); }
/** * Logout execution method. Initializes CAS client and force logout if required before returning to parent logout method. * * @param mixed $url Optional URL to redirect the user to after logout * @return string AuthComponent::$loginAction * @see AuthComponent::$loginAction * @access public */ function logout() { // Set debug mode phpCAS::setDebug(false); //Initialize phpCAS phpCAS::client(CAS_VERSION_2_0, Configure::read('CAS.hostname'), Configure::read('CAS.port'), Configure::read('CAS.uri'), true); // No SSL validation for the CAS server phpCAS::setNoCasServerValidation(); // Force CAS logout if required if (phpCAS::isAuthenticated()) { phpCAS::logout(array('url' => 'http://www.cakephp.org')); // Provide login url for your application } return parent::logout(); }