Set the fixed URL that will be used by the CAS server to transmit the
PGT. When this method is not called, a phpCAS script uses its own URL
for the callback.
public static setFixedCallbackURL ( string $url = '' ) : void | ||
$url | string | the URL |
return | void |
function setup() { //Only setup if we haven't already global $PHPCAS_CLIENT; if (!is_object($PHPCAS_CLIENT)) { phpCAS::setDebug("/var/www/campus/dev.intranet.campusforchrist.org/cas.log"); phpCAS::proxy(SITE_CAS_VERSION, SITE_CAS_HOSTNAME, SITE_CAS_PORT, SITE_CAS_PATH, SITE_CAS_SESSION); phpCAS::setFixedCallbackURL(SITE_CAS_CALLBACK); //No SSL phpCAS::setNoCasServerValidation(); phpCAS::setPGTStorageFile('xml', SITE_CAS_PGT_STORE); //session_save_path()); return true; } return false; }
$_SESSION['phpCAS']['service_cookies'] = array(); } $sm = $_SESSION['ovd-client']['sessionmanager']; foreach ($sm->get_cookies() as $k => $v) { $cookie = array('domain' => parse_url($sm->get_base_url(), PHP_URL_HOST), 'path' => '/', 'secure' => false, 'name' => $k, 'value' => $v); $_SESSION['phpCAS']['service_cookies'][] = $cookie; } } $port = parse_url($CAS_server_url, PHP_URL_PORT); if (is_null($port)) { if (parse_url($CAS_server_url, PHP_URL_SCHEME) == 'https') { $port = 443; } else { $port = 80; } } $path = !parse_url($CAS_server_url, PHP_URL_PATH) ? '' : parse_url($CAS_server_url, PHP_URL_PATH); phpCAS::proxy(CAS_VERSION_2_0, parse_url($CAS_server_url, PHP_URL_HOST), $port, $path, false); phpCAS::setNoCasServerValidation(); phpCAS::setPGTStorageFile(CAS_PGT_STORAGE_FILE_FORMAT_PLAIN, session_save_path()); phpCAS::setFixedCallbackURL($CAS_callback_url); //HTTPS required, and Apache's CRT must be added in Tomcat's keystore (CAS server) phpCAS::forceAuthentication(); if (!phpCAS::serviceWeb($_SESSION['ovd-client']['sessionmanager_url'] . '/start', $errno, $output)) { $_SESSION['ovd-client']['from_SM_start_XML'] = 'ERROR'; finish(); die; } $_SESSION['ovd-client']['from_SM_start_XML'] = $output; finish(); die;
function tryToLogUser(&$httpVars, $isLast = false) { if (isset($_SESSION["CURRENT_MINISITE"])) { return false; } $this->loadConfig(); if (isset($_SESSION['AUTHENTICATE_BY_CAS'])) { $flag = $_SESSION['AUTHENTICATE_BY_CAS']; } else { $flag = 0; } $pgtIou = !empty($httpVars['pgtIou']); $logged = isset($_SESSION['LOGGED_IN_BY_CAS']); $enre = !empty($httpVars['put_action_enable_redirect']); $ticket = !empty($httpVars['ticket']); $pgt = !empty($_SESSION['phpCAS']['pgt']); $clientModeTicketPendding = isset($_SESSION['AUTHENTICATE_BY_CAS_CLIENT_MOD_TICKET_PENDDING']); if ($this->cas_modify_login_page) { if ($flag == 0 && $enre && !$logged && !$pgtIou) { $_SESSION['AUTHENTICATE_BY_CAS'] = 1; } elseif ($flag == 1 && !$enre && !$logged && !$pgtIou && !$ticket && !$pgt) { $_SESSION['AUTHENTICATE_BY_CAS'] = 0; } elseif ($flag == 1 && $enre && !$logged && !$pgtIou) { $_SESSION['AUTHENTICATE_BY_CAS'] = 1; } elseif ($pgtIou || $pgt) { $_SESSION['AUTHENTICATE_BY_CAS'] = 1; } elseif ($ticket) { $_SESSION['AUTHENTICATE_BY_CAS'] = 1; $_SESSION['AUTHENTICATE_BY_CAS_CLIENT_MOD_TICKET_PENDDING'] = 1; } elseif ($logged && $pgtIou) { $_SESSION['AUTHENTICATE_BY_CAS'] = 2; } else { $_SESSION['AUTHENTICATE_BY_CAS'] = 0; } if ($_SESSION['AUTHENTICATE_BY_CAS'] < 1) { if ($clientModeTicketPendding) { unset($_SESSION['AUTHENTICATE_BY_CAS_CLIENT_MOD_TICKET_PENDDING']); } else { return false; } } } /** * Depend on phpCAS mode configuration */ switch ($this->cas_mode) { case PHPCAS_MODE_CLIENT: if ($this->checkConfigurationForClientMode()) { AJXP_Logger::info(__FUNCTION__, "Start phpCAS mode Client: ", "sucessfully"); phpCAS::client(CAS_VERSION_2_0, $this->cas_server, $this->cas_port, $this->cas_uri, false); if (!empty($this->cas_certificate_path)) { phpCAS::setCasServerCACert($this->cas_certificate_path); } else { phpCAS::setNoCasServerValidation(); } /** * Debug */ if ($this->cas_debug_mode) { // logfile name by date: $today = getdate(); $file_path = AJXP_DATA_PATH . '/logs/phpcas_' . $today['year'] . '-' . $today['month'] . '-' . $today['mday'] . '.txt'; empty($this->cas_debug_file) ? $file_path : ($file_path = $this->cas_debug_file); phpCAS::setDebug($file_path); } phpCAS::forceAuthentication(); } else { AJXP_Logger::error(__FUNCTION__, "Could not start phpCAS mode CLIENT, please verify the configuration", ""); return false; } break; case PHPCAS_MODE_PROXY: /** * If in login page, user click on login via CAS, the page will be reload with manuallyredirectocas is set. * Or force redirect to cas login page even the force redirect is set in configuration of this module * */ if ($this->checkConfigurationForProxyMode()) { AJXP_Logger::info(__FUNCTION__, "Start phpCAS mode Proxy: ", "sucessfully"); /** * init phpCAS in mode proxy */ phpCAS::proxy(CAS_VERSION_2_0, $this->cas_server, $this->cas_port, $this->cas_uri, false); if (!empty($this->cas_certificate_path)) { phpCAS::setCasServerCACert($this->cas_certificate_path); } else { phpCAS::setNoCasServerValidation(); } /** * Debug */ if ($this->cas_debug_mode) { // logfile name by date: $today = getdate(); $file_path = AJXP_DATA_PATH . '/logs/phpcas_' . $today['year'] . '-' . $today['month'] . '-' . $today['mday'] . '.txt'; empty($this->cas_debug_file) ? $file_path : ($file_path = $this->cas_debug_file); phpCAS::setDebug($file_path); } if (!empty($this->cas_setFixedCallbackURL)) { phpCAS::setFixedCallbackURL($this->cas_setFixedCallbackURL); } // /** * PTG storage */ $this->setPTGStorage(); phpCAS::forceAuthentication(); /** * Get proxy ticket (PT) for SAMBA to authentication at CAS via pam_cas * In fact, we can use any other service. Of course, it should be enabled in CAS * */ $err_code = null; $serviceURL = $this->cas_proxied_service; AJXP_Logger::debug(__FUNCTION__, "Try to get proxy ticket for service: ", $serviceURL); $res = phpCAS::serviceSMB($serviceURL, $err_code); if (!empty($res)) { $_SESSION['PROXYTICKET'] = $res; AJXP_Logger::info(__FUNCTION__, "Get Proxy ticket successfully ", ""); } else { AJXP_Logger::info(__FUNCTION__, "Could not get Proxy ticket. ", ""); } break; } else { AJXP_Logger::error(__FUNCTION__, "Could not start phpCAS mode PROXY, please verify the configuration", ""); return false; } default: return false; break; } AJXP_Logger::debug(__FUNCTION__, "Call phpCAS::getUser() after forceAuthentication ", ""); $cas_user = phpCAS::getUser(); if (!AuthService::userExists($cas_user) && $this->is_AutoCreateUser) { AuthService::createUser($cas_user, openssl_random_pseudo_bytes(20)); } if (AuthService::userExists($cas_user)) { $res = AuthService::logUser($cas_user, "", true); if ($res > 0) { AJXP_Safe::storeCredentials($cas_user, $_SESSION['PROXYTICKET']); $_SESSION['LOGGED_IN_BY_CAS'] = true; if (!empty($this->cas_additional_role)) { $userObj = ConfService::getConfStorageImpl()->createUserObject($cas_user); $roles = $userObj->getRoles(); $cas_RoleID = $this->cas_additional_role; $userObj->addRole(AuthService::getRole($cas_RoleID, true)); AuthService::updateUser($userObj); } return true; } } return false; }
function RWSPCReqs() { global $RWSESL3; global $RWSCRURL; $r_rwc = RWSGSOpt("rwscas", PARAM_ALPHANUM); if ($r_rwc === false || strlen($r_rwc) == 0) { return; } if ($r_rwc != "1" && $r_rwc != "2" && $r_rwc != "3") { return; } $r_ver = RWSGSOpt("version", PARAM_ALPHANUMEXT); if ($r_ver === false || strlen($r_ver) == 0) { return; } $r_rwu = RWSGSOpt("rwsuser", PARAM_RAW); if ($r_rwu === false || strlen($r_rwu) == 0) { unset($r_rwu); } $r_rwp = RWSGSOpt("rwspass", PARAM_RAW); if ($r_rwp === false || strlen($r_rwp) == 0) { unset($r_rwp); } $r_tkt = RWSGSOpt("ticket", PARAM_RAW); if ($r_tkt === false || strlen($r_tkt) == 0) { unset($r_tkt); } $r_pid = RWSGSOpt("pgtId", PARAM_RAW); if ($r_pid === false || strlen($r_pid) == 0) { unset($r_pid); } $r_piou = RWSGSOpt("pgtIou", PARAM_RAW); if ($r_piou === false || strlen($r_piou) == 0) { unset($r_piou); } $r_aus = get_enabled_auth_plugins(); foreach ($r_aus as $r_aun) { $r_aup = get_auth_plugin($r_aun); if (strcasecmp($r_aup->authtype, RWSCAS) == 0) { $r_csp = $r_aup; break; } } if (!isset($r_csp)) { return; } if (empty($r_csp->config->hostname)) { return; } list($r_v1, $r_v2, $r_v3) = explode(".", phpCAS::getVersion()); $r_csp->connectCAS(); if ($r_rwc == "1") { if (isset($r_tkt)) { RWSRHXml(); echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n"; echo "<rwscas>\r\n"; echo "\t<st>"; echo utf8_encode(htmlspecialchars(trim($r_tkt))); echo "\t</st>\r\n"; echo "</rwscas>\r\n"; exit; } else { if ($_SERVER['REQUEST_METHOD'] == "GET") { $r_ok = phpCAS::checkAuthentication(); if (!isset($r_rwu)) { $r_rwu = phpCAS::getUser(); } if (!isset($r_rwp)) { $r_rwp = "passwdCas"; } RWSLIMUser($r_rwu, $r_rwp, $r_ok); } else { if ($_SERVER['REQUEST_METHOD'] == "POST") { $r_psd = urldecode(file_get_contents("php://input")); if (stripos($r_psd, "<samlp:LogoutRequest ") !== false) { RWSAOLog(); } } } } } else { if ($r_rwc == "2") { if (isset($r_pid) && isset($r_piou)) { if ($r_csp->config->proxycas) { phpCAS::checkAuthentication(); } } else { if ($_SERVER['REQUEST_METHOD'] == "POST") { $r_psd = urldecode(file_get_contents("php://input")); if (stripos($r_psd, "<samlp:LogoutRequest ") !== false) { RWSAOLog(); } } } } else { if ($r_rwc == "3") { if (isset($r_tkt)) { if (strlen($RWSCRURL) > 0) { $r_svu = $RWSCRURL; } else { $r_svu = RWSGSUrl(false, false); } $r_svu .= "?rwscas=1"; if (isset($r_ver)) { $r_svu .= "&version="; $r_svu .= urlencode($r_ver); } if (isset($r_rwu)) { $r_svu .= "&rwsuser="******"&rwspass="******"?rwscas=2"; if (isset($r_ver)) { $r_cbu .= "&version="; $r_cbu .= urlencode($r_ver); } if (isset($r_rwu)) { $r_cbu .= "&rwsuser="******"&rwspass="******"2008"); }
/** * Initialize CAS client * */ private function cas_init() { if (!$this->cas_inited) { // retrieve configurations $cfg = rcmail::get_instance()->config->all(); // include phpCAS require_once('/usr/share/php/CAS/CAS.php'); phpCAS::setDebug('/var/log/lcs/casdebug.log'); // initialize CAS client if ($cfg['cas_proxy']) { phpCAS::proxy(CAS_VERSION_2_0, $cfg['cas_hostname'], $cfg['cas_port'], $cfg['cas_uri'], false); // set URL for PGT callback phpCAS::setFixedCallbackURL($this->generate_url(array('action' => 'pgtcallback'))); // set PGT storage #phpCAS::setPGTStorageFile('xml', $cfg['cas_pgt_dir']); phpCAS::setPGTStorageFile($cfg['cas_pgt_dir']); } else { phpCAS::client(CAS_VERSION_2_0, $cfg['cas_hostname'], $cfg['cas_port'], $cfg['cas_uri'], false); } // set service URL for authorization with CAS server phpCAS::setFixedServiceURL($this->generate_url(array('action' => 'login', 'task' => 'mail'))); // set SSL validation for the CAS server if ($cfg['cas_validation'] == 'self') { phpCAS::setCasServerCert($cfg['cas_cert']); } else if ($cfg['cas_validation'] == 'ca') { phpCAS::setCasServerCACert($cfg['cas_cert']); } else { phpCAS::setNoCasServerValidation(); } // set login and logout URLs of the CAS server phpCAS::setServerLoginURL($cfg['cas_login_url']); phpCAS::setServerLogoutURL($cfg['cas_logout_url']); $this->cas_inited = true; } }
/** * Initializes the authority objects based on an associative array of arguments * @param array $args an associate array of arguments. The argument list is dependent on the authority * * General - Required keys: * TITLE => The human readable title of the AuthorityImage * INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority * * General - Optional keys: * LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in * * CAS - Required keys: * CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0": * CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1' * CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu" * CAS_PORT => The port the CAS server is listening on, e.g. "443" * CAS_PATH => The path of the CAS application, e.g. "/cas/" * CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity * of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate * validation will be performed (not recommended for production). * * CAS - Optional keys: * ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * * NOTE: Any subclass MUST call parent::init($args) to ensure proper operation * */ public function init($args) { parent::init($args); // include the PHPCAS library if (empty($args['CAS_PHPCAS_PATH'])) { require_once 'CAS.php'; } else { require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php'; } if (empty($args['CAS_PROTOCOL'])) { throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_HOST'])) { throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PORT'])) { throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PATH'])) { throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PROXY_INIT'])) { phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); } else { phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); if (!empty($args['CAS_PROXY_TICKET_PATH'])) { phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']); } if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) { phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']); } } if (empty($args['CAS_CA_CERT'])) { phpCAS::setNoCasServerValidation(); } else { phpCAS::setCasServerCACert($args['CAS_CA_CERT']); } // Record any attribute mapping configured. if (!empty($args['ATTRA_EMAIL'])) { CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']); } if (!empty($args['ATTRA_FIRST_NAME'])) { CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']); } if (!empty($args['ATTRA_LAST_NAME'])) { CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']); } if (!empty($args['ATTRA_FULL_NAME'])) { CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']); } // Store an attribute for group membership if configured. if (!empty($args['ATTRA_MEMBER_OF'])) { CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']); } }
/** * Initializes the authority objects based on an associative array of arguments * @param array $args an associate array of arguments. The argument list is dependent on the authority * * General - Required keys: * TITLE => The human readable title of the AuthorityImage * INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority * * General - Optional keys: * LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in * * CAS - Required keys: * CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0": * CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1' * CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu" * CAS_PORT => The port the CAS server is listening on, e.g. "443" * CAS_PATH => The path of the CAS application, e.g. "/cas/" * CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity * of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate * validation will be performed (not recommended for production). * * CAS - Optional keys: * ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * * NOTE: Any subclass MUST call parent::init($args) to ensure proper operation * */ public function init($args) { parent::init($args); // include the PHPCAS library if (empty($args['CAS_PHPCAS_PATH'])) { require_once 'CAS.php'; } else { require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php'; } if (!empty($args['CAS_DEBUG_LOG'])) { phpCAS::setDebug($args['CAS_DEBUG_LOG']); } if (empty($args['CAS_PROTOCOL'])) { throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_HOST'])) { throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PORT'])) { throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PATH'])) { throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PROXY_INIT'])) { phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); } else { phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); if (!empty($args['CAS_PROXY_TICKET_PATH']) && !empty($args['CAS_PROXY_TICKET_DB_DSN'])) { throw new KurogoConfigurationException('Only one of CAS_PROXY_TICKET_PATH or CAS_PROXY_TICKET_DB_DSN may be set for ' . $this->AuthorityTitle); } if (!empty($args['CAS_PROXY_TICKET_PATH'])) { if (version_compare(PHPCAS_VERSION, '1.3', '>=')) { phpCAS::setPGTStorageFile($args['CAS_PROXY_TICKET_PATH']); } else { phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']); } } if (!empty($args['CAS_PROXY_TICKET_DB_DSN'])) { $user = $pass = $table = $driver_opts = ''; if (!empty($args['CAS_PROXY_TICKET_DB_USER'])) { $user = $args['CAS_PROXY_TICKET_DB_USER']; } if (!empty($args['CAS_PROXY_TICKET_DB_PASS'])) { $pass = $args['CAS_PROXY_TICKET_DB_PASS']; } if (!empty($args['CAS_PROXY_TICKET_DB_TABLE'])) { $table = $args['CAS_PROXY_TICKET_DB_TABLE']; } if (!empty($args['CAS_PROXY_TICKET_DB_DRIVER_OPTS'])) { $driver_opts = $args['CAS_PROXY_TICKET_DB_DRIVER_OPTS']; } phpCAS::setPGTStorageDb($args['CAS_PROXY_TICKET_DB_DSN'], $user, $pass, $table, $driver_opts); } if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) { phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']); } } if (empty($args['CAS_CA_CERT'])) { phpCAS::setNoCasServerValidation(); } else { phpCAS::setCasServerCACert($args['CAS_CA_CERT']); } // Record any attribute mapping configured. if (!empty($args['ATTRA_EMAIL'])) { CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']); } if (!empty($args['ATTRA_FIRST_NAME'])) { CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']); } if (!empty($args['ATTRA_LAST_NAME'])) { CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']); } if (!empty($args['ATTRA_FULL_NAME'])) { CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']); } // Store an attribute for group membership if configured. if (!empty($args['ATTRA_MEMBER_OF'])) { CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']); } }
include 'prefix.php'; ?> <xrecipe> <?php include_once 'CAS-1.3.2/CAS.php'; include 'xmlGen.php'; $user = null; //Skall ändras till post i slutversionen if (isset($_REQUEST['login']) or isset($_REQUEST['logout'])) { // initialize phpCAS phpCAS::client(CAS_VERSION_2_0, 'login.kth.se', 443, ''); phpCAS::setNoCasServerValidation(); // If you want the redirect back from the login server to enter your application by some // specfic URL rather than just back to the current request URI, call setFixedCallbackURL. phpCAS::setFixedCallbackURL('http://xml.csc.kth.se/~wiiala/DM2517/project/php/index.php'); // force CAS authentication phpCAS::forceAuthentication(); // at this step, the user has been authenticated by the CAS server // and the user's login name can be read with phpCAS::getUser(). $user = phpCAS::getUser(); // logout if desired if (isset($_REQUEST['logout'])) { phpCAS::logout(); } } $xml = new xmlGen("", $user); $returnstring = $xml->getGeneratedXML(); print utf8_encode($returnstring); ?> </xrecipe>