function getConnexionBar() { if (CASUser::checkAuth()) { $service = SITE_CAS_CONNEXIONBAR_URL; phpCAS::serviceWeb($service, $err_code, $output); $xml = simplexml_load_string($output); $result = $xml->xpath('/reportoutput/reportdata'); return html_entity_decode($result[0]->asXML()); } else { return ""; } }
function getConnexionBar() { if (CASUser::checkAuth()) { $service = SITE_CAS_CONNEXIONBAR_URL; phpCAS::serviceWeb($service, $err_code, $output); $xml = simplexml_load_string($output); $result = $xml->xpath('/reportoutput/reportdata'); return str_replace("https://signin.mygcx.org/cas/logout", "https://intranet.campusforchrist.org/index.php?p_Mod=Logout", html_entity_decode($result[0]->asXML())); } else { return ""; } }
/** * function start * Takes control of the application and displays the page. * <pre><code> * Begin Output Buffering (? or keep in includes file) * create a new viewer * get requested PageContent Module Name * if none provided then set default to PAGE_MODULE_DEFAULT * if viewer is NOT authenticated then * Store requested PageContent Module & QueryString info * set current PageContent Module to Login * end if * * Load Module particulars from DB * Create new instance of desired PageContent Module * Setup any desired Module Parameters * Load PageContent information * Path to PageContent Module Root * CSS Styles * Javascripts * Database Object * Labels Object * Viewer Object * Call PageContent LoadData() * Call PageContent ProcessData() * Call PageContent PrepareDisplay() * Get Page Content XML * Open up Template * Set PageContent information * Get Template HTML * display HTML * flush Output Buffer * </code></pre> * @return [void] */ function start($validate = true) { // Begin Output Buffering (? or keep in includes file) ob_start(); /* * Setup Site DB. */ // Create a new DB connection $this->db = new Database_Site(SITE_DB_NAME, SITE_DB_PATH, SITE_DB_USER, SITE_DB_PWORD); /* * Setup viewer information. */ // create a new viewer $this->viewer = new Viewer(); // if there was a Language Change requested on current page: if (isset($_REQUEST[Page::QS_LANGUAGE]) == true) { // store this in the user's session $_SESSION[Page::QS_LANGUAGE] = $_REQUEST[Page::QS_LANGUAGE]; } // if there is a current Language setting in the stored session info if (isset($_SESSION[Page::QS_LANGUAGE])) { // update viewer's desired language ID to given value. $this->viewer->setLanguageID($_SESSION[Page::QS_LANGUAGE]); } /* * Setup Site Label data. */ // Create a new Label object $this->labels = new XMLObject_MultilingualManager($this->viewer->getLanguageID()); /* * Decide on which AppController Object to Load */ // get requested AppController Module Name // if none provided then set default to PAGE_MODULE_DEFAULT if (isset($_REQUEST[Page::QS_MODULE]) == true) { $this->moduleKey = $_REQUEST[Page::QS_MODULE]; } else { $this->moduleKey = PAGE_MODULE_DEFAULT; } if ($validate == true) { // if viewer is NOT authenticated then if (!$this->viewer->isAuthenticated()) { // if the requested page wasn't PAGE_MODULE_LOGIN then if ($this->moduleKey != PAGE_MODULE_LOGIN) { // Store requested PageContent Module & QueryString info in Session CallBack // NOTE: I use SERVER_ADDR + SCRIPT_URL instead of SCRIPT_URI // since mac web servers tend to use rendezvous names which // means nothing on Windows systems ... $baseCallBack = $this->getBaseURL() . '?' . $_SERVER['QUERY_STRING']; $_SESSION[SESSION_ID_CALLBACK] = $baseCallBack; $this->debug('Viewer NOT Authenticated.<br>Storing baseCallBack=[' . $baseCallBack . ']<br>'); // set current PageContent Module to Login $this->moduleKey = PAGE_MODULE_LOGIN; } // end if moduleKey != PAGE_MODULE_LOGIN } // end if } $this->debug('moduleKey=[' . $this->moduleKey . ']<br>'); // Load Module particulars from DB $this->moduleManager = new RowManager_siteModuleManager(); $this->moduleManager->loadByKey($this->moduleKey); if (!$this->moduleManager->isLoaded()) { // Couldn't find requested ModuleKey so load Default $this->moduleManager->loadByKey(PAGE_MODULE_DEFAULT); } /* * Create new instance of desired Module's AppController Object * * Note: the AppController is generating the Content for the page. * it will be referred to as the pageContent variable. */ // 1) Get path and name of Module's include file $path = $this->moduleManager->getPath(); $includeFile = $this->moduleManager->getIncludeFile(); // 2) include the Module's Include file ( if it exists ) $this->debug('moduleIncludeFile=[' . $path . $includeFile . ']<br>'); if (file_exists($path . $includeFile)) { $this->includeFile($path . $includeFile); } // 3) include the Module's Application File $moduleFile = $this->moduleManager->getApplicationFile(); $this->includeFile($path . $moduleFile); // 4) create a new instance of the module application as $pageContent $moduleClassName = $this->moduleManager->getName(); $pageContent = new $moduleClassName($this->db, $this->viewer, $this->labels); // $this->debugDumpArray( $pageContent ); /* * Setup any desired Module Parameters * NOTE: the ModuleParameters should be in the form of: * Key1=Val1;Key2=Val2;...;KeyN=ValN */ $parameterList = $this->moduleManager->getParameters(); if (!is_null($parameterList) && $parameterList != '') { // Break into array of KEY=VAL statements $parameterArray = explode(';', $parameterList); // for each set of KEY=VAL statements ... for ($paramIndx = 0; $paramIndx < count($parameterArray); $paramIndx++) { // Seperate the KEY and VALUE $paramKeyVal = explode('=', $parameterArray[$paramIndx]); // Store Key & Val in $_REQUEST array // $_REQUEST[ KEY ] = VALUE; $_REQUEST[$paramKeyVal[0]] = $paramKeyVal[1]; } } /* *** *** Loading PageContent information *** */ // Path to PageContent Module Root $pageContent->setModuleRootPath($path); /* * Save Page CallBack string. This value is primarily used in * the language Menu switching link. Here we need to make sure * the languageID link isn't included. */ $queryString = ''; $rawQueryString = $_SERVER['QUERY_STRING']; // for each set of query string values $queryStringList = explode('&', $rawQueryString); for ($indx = 0; $indx < count($queryStringList); $indx++) { // if querystring is not the Language Switch Key $keyValue = explode('=', $queryStringList[$indx]); if ($keyValue[0] != Page::QS_LANGUAGE) { // add the query string entry if ($queryString != '') { $queryString .= '&'; } $queryString .= $queryStringList[$indx]; } } // put together the desired page call back $pageCallBack = $this->getBaseURL() . '?' . $queryString; $pageContent->setPageCallBack($pageCallBack); /* * Save Base CallBack string to return to this page/module. * This value is used for the PageObject's getCallBack() function. * * NOTE: callBack=http://URL/here/base_page.php?p_Mod=[ModuleKey] * * NOTE: in the case of the Logout Module, we want the baseCallBack * to be the Login module, not Logout module... */ $baseCallBack = $this->getBaseURL() . '?' . Page::QS_MODULE . '=' . $this->moduleKey; $pageContent->setBaseCallBack($baseCallBack); // CSS Styles // Adding default site css file $pageContent->addStyleSheet('site.css'); // Javascripts // These are some of the standard scripts ... $pageContent->addScript('GoogleAnalytics1.js'); $pageContent->addScript('GoogleAnalytics2.js'); $pageContent->addScript('milonic_src.jsp'); $pageContent->addScript('menu_data.jsp'); $pageContent->addScript('MM_swapImage.jsp'); $pageContent->addScript('MM_preloadImages.jsp'); $pageContent->addScript('MM_findObj.jsp'); //$this->debug( $pageContent->getXML() ); // Call PageContent LoadData() $pageContent->loadData(); // Call PageContent ProcessData() $pageContent->processData(); // Call PageContent PrepareDisplay() $pageContent->prepareDisplayData(); // Now get the Template requested by the PageContent object $templateFile = $pageContent->getPageTemplate(); $this->parseTemplateData($templateFile); // Open up Template $template = new Template($this->pageTemplatePath); // NOTE: early versions of the framework used XML as the data // transfer medium to the templates. Newer versions pass // the information using arrays // // if this is a XMLObject then use XML method ... if (is_a($pageContent, 'XMLObject_PageContent')) { // Get Page Content XML $pageContentXML = $pageContent->getXML(); // Set PageContent information $template->setXML('page', $pageContentXML); } else { // Get Page Content XML $pageContentData = $pageContent->getPageContent(); // Set PageContent information $template->set('page', $pageContentData); } $template->set('userID', $this->viewer->getUserID()); // NEW CODE $template->set('GCX_ConnexionBar', CASUser::getConnexionBar()); // END NEW CODE // Get Template HTML // display HTML echo $template->fetch($this->pageTemplate); // flush Output Buffer ob_end_flush(); }
/** * function __construct * This is the class constructor for Viewer class * Initialize a Viewer and determine if they are properly authenticated. * <pre><code> * Save the DB connection Info * If no session ID is set then * set the Session ID to empty string * end if * Get current viewer ID from session ID * If viewer ID is empty then * if isDestroySession is set then * Destroy the Session * end if * initialize Empty UnAuthorized Viewer ID * else * User Credientials are valid so ... * Mark as Valid Authentication * * Prepare an SQL statement to lookup the viewer info from the DB * Now load the Data from the DB * end if * </pre> * @param $isDestroySession [BOOL] Should we destroy the session data if not authenticated? * @param $dbName [STRING] The name of the database the viewer info is stored in * @param $dbPath [STRING] The path of the database the viewer info is stored in * @param $dbUser [STRING] The login ID for the database the viewer info is stored in * @param $dbPassword [STRING] The password of the database the viewer info is stored in */ function __construct($isDestroySession = true, $dbName = SITE_DB_NAME, $dbPath = SITE_DB_PATH, $dbUser = SITE_DB_USER, $dbPassword = SITE_DB_PWORD) { // if no session ID is set then if (!isset($_SESSION[SESSION_ID_ID])) { // set the Session ID to empty string $_SESSION[SESSION_ID_ID] = ''; } if ($_SESSION[SESSION_ID_ID] == '') { $_SESSION[SESSION_ID_ID] = 0; } // Get current viewer ID from session ID $this->viewerID = $_SESSION[SESSION_ID_ID]; // attempt to load a viewerManager object with current viewerID $this->viewerManager = new RowManager_ViewerManager($this->viewerID); if ($this->viewerManager->isLoaded()) { // Update current Session ID with current ViewerID $_SESSION[SESSION_ID_ID] = $this->viewerID; if ($this->viewerManager->isActive()) { $this->isAuthenticated = true; } else { $this->isAuthenticated = false; } } else { // Info not stored in session, get from GCX $this->isAuthenticated = false; if (CASUser::checkAuth()) { if (!empty($_SESSION['phpCAS']['guid'])) { if ($this->validateLogin($_SESSION['phpCAS']['guid'])) { // a user with this GUID exists in our system $this->isAuthenticated = true; } else { // code added by Russ September 11, 2009 // a user with this GUID does not exist in our system - create them $guid = $_SESSION['phpCAS']['guid']; // echo "The GUID[".$guid."]<br/>"; $gcxUsername = $_SESSION['phpCAS']['user']; // echo "The gcxUsername[".$gcxUsername."]<br/>"; // the gcxUsername is (supposed to be) an email // check to see if there is a cim_hrdb_person record with this email // the comparison needs to be case insensitive (since mysql is insensitive by default, no special doctoring is needed) // search for person record $personManager = new RowManager_PersonManager(); $foundPerson = $personManager->loadByEmail($gcxUsername); // get the personID of the person that was searched $personID = $personManager->getID(); // if record does not exist // create one // update the personID if (!$foundPerson) { // create a new person record $newpersonManager = new RowManager_PersonManager(); $newpersonManager->setEmail($gcxUsername); $newpersonManager->createNewEntry(); $personID = $newpersonManager->getID(); } // link the personID to the GUID/viewer in the cim_hrdb_access table // first, check to see if any entry already exists in the access table // if foundPerson is true above, it's possible (may have been linked to old viewer/username but not promoted to GCX account yet) $accessManager = new RowManager_AccessManager(); $accessEntryFound = $accessManager->loadByPersonID($personID); $viewerID = -1; $createNewViewer = true; if ($accessEntryFound) { $viewerID = $accessManager->getViewerID(); $viewerManager = new RowManager_ViewerManager($viewerID); // double check to make sure the viewer referenced in the access table actually exists $viewerAlreadyExists = $viewerManager->isLoaded(); if ($viewerAlreadyExists) { // no need to create a new viewer $createNewViewer = false; // update the existing viewer with the GUID and gcxUsername $viewerManager->setGUID($guid); $viewerManager->setUserID($gcxUsername); $viewerManager->setLastLogin(); $viewerManager->updateDBTable(); } // viewerAlreadyExists } // accessEntryFound if ($createNewViewer) { // create new viewer (user) $newviewerManager = new RowManager_ViewerManager(); $newviewerManager->setPassWord('xxx'); $newviewerManager->setUserID($gcxUsername); $newviewerManager->setLanguageID(1); // english // TODO this value should not be hard-coded for the account group $newviewerManager->setAccountGroupID(15); // the 'unknown' group $newviewerManager->setIsActive(true); $newviewerManager->setGUID($guid); $newviewerManager->setLastLogin(); $newviewerManager->createNewEntry(); $viewerID = $newviewerManager->getID(); // get the ID of the newly created viewer if ($accessEntryFound) { // update the access table to reference the newly created viewer for the persoa // this is the case where an access table entry may have been orphaned due to the deletion of a viewer $accessManager->setViewerID($viewerID); $accessManager->updateDBTable(); } else { // create an access table entry $newaccessManager = new RowManager_AccessManager(); $newaccessManager->setViewerID($viewerID); $newaccessManager->setPersonID($personID); $newaccessManager->createNewEntry(); } } // put into the 'all' access group $viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager(); $viewerAccessGroupManager->setViewerID($viewerID); $viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP); // add to the 'all' access group $viewerAccessGroupManager->createNewEntry(); // Debugging code added by Russ Martin // echo "validate login failed<br/>"; // echo "<pre>".print_r($_SESSION,true)."</pre>"; // try again to see if everything updated correctly if ($this->validateLogin($guid)) { // a user/viewer with this GUID now exists in our system $this->isAuthenticated = true; } else { echo "Something has gone wrong: gcxUsername[" . $gcxUsername . "], guid[" . $guid . "]<br/>"; } } } else { // Debugging code added by Russ Martin // echo "session variable for storing GUID is empty<br/>"; } } else { // Debugging code added by Russ Martin // echo "CASUser::checkAuth() failed<br/>"; } } // set hasSession $this->hasSession = $this->viewerID != ''; // if no session if (!$this->hasSession) { // User Credentials are invalid so // if they want me to destroy the session then if ($isDestroySession == true) { // Remove session // session_destroy(); } } }
/** * Initializes the authority objects based on an associative array of arguments * @param array $args an associate array of arguments. The argument list is dependent on the authority * * General - Required keys: * TITLE => The human readable title of the AuthorityImage * INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority * * General - Optional keys: * LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in * * CAS - Required keys: * CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0": * CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1' * CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu" * CAS_PORT => The port the CAS server is listening on, e.g. "443" * CAS_PATH => The path of the CAS application, e.g. "/cas/" * CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity * of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate * validation will be performed (not recommended for production). * * CAS - Optional keys: * ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * * NOTE: Any subclass MUST call parent::init($args) to ensure proper operation * */ public function init($args) { parent::init($args); // include the PHPCAS library if (empty($args['CAS_PHPCAS_PATH'])) { require_once 'CAS.php'; } else { require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php'; } if (empty($args['CAS_PROTOCOL'])) { throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_HOST'])) { throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PORT'])) { throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PATH'])) { throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PROXY_INIT'])) { phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); } else { phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); if (!empty($args['CAS_PROXY_TICKET_PATH'])) { phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']); } if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) { phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']); } } if (empty($args['CAS_CA_CERT'])) { phpCAS::setNoCasServerValidation(); } else { phpCAS::setCasServerCACert($args['CAS_CA_CERT']); } // Record any attribute mapping configured. if (!empty($args['ATTRA_EMAIL'])) { CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']); } if (!empty($args['ATTRA_FIRST_NAME'])) { CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']); } if (!empty($args['ATTRA_LAST_NAME'])) { CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']); } if (!empty($args['ATTRA_FULL_NAME'])) { CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']); } // Store an attribute for group membership if configured. if (!empty($args['ATTRA_MEMBER_OF'])) { CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']); } }
/** * Initializes the authority objects based on an associative array of arguments * @param array $args an associate array of arguments. The argument list is dependent on the authority * * General - Required keys: * TITLE => The human readable title of the AuthorityImage * INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority * * General - Optional keys: * LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in * * CAS - Required keys: * CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0": * CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1' * CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu" * CAS_PORT => The port the CAS server is listening on, e.g. "443" * CAS_PATH => The path of the CAS application, e.g. "/cas/" * CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity * of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate * validation will be performed (not recommended for production). * * CAS - Optional keys: * ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your * CAS server returns attributes in a SAML-1.1 or CAS-2.0 response. * * NOTE: Any subclass MUST call parent::init($args) to ensure proper operation * */ public function init($args) { parent::init($args); // include the PHPCAS library if (empty($args['CAS_PHPCAS_PATH'])) { require_once 'CAS.php'; } else { require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php'; } if (!empty($args['CAS_DEBUG_LOG'])) { phpCAS::setDebug($args['CAS_DEBUG_LOG']); } if (empty($args['CAS_PROTOCOL'])) { throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_HOST'])) { throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PORT'])) { throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PATH'])) { throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle); } if (empty($args['CAS_PROXY_INIT'])) { phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); } else { phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false); if (!empty($args['CAS_PROXY_TICKET_PATH']) && !empty($args['CAS_PROXY_TICKET_DB_DSN'])) { throw new KurogoConfigurationException('Only one of CAS_PROXY_TICKET_PATH or CAS_PROXY_TICKET_DB_DSN may be set for ' . $this->AuthorityTitle); } if (!empty($args['CAS_PROXY_TICKET_PATH'])) { if (version_compare(PHPCAS_VERSION, '1.3', '>=')) { phpCAS::setPGTStorageFile($args['CAS_PROXY_TICKET_PATH']); } else { phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']); } } if (!empty($args['CAS_PROXY_TICKET_DB_DSN'])) { $user = $pass = $table = $driver_opts = ''; if (!empty($args['CAS_PROXY_TICKET_DB_USER'])) { $user = $args['CAS_PROXY_TICKET_DB_USER']; } if (!empty($args['CAS_PROXY_TICKET_DB_PASS'])) { $pass = $args['CAS_PROXY_TICKET_DB_PASS']; } if (!empty($args['CAS_PROXY_TICKET_DB_TABLE'])) { $table = $args['CAS_PROXY_TICKET_DB_TABLE']; } if (!empty($args['CAS_PROXY_TICKET_DB_DRIVER_OPTS'])) { $driver_opts = $args['CAS_PROXY_TICKET_DB_DRIVER_OPTS']; } phpCAS::setPGTStorageDb($args['CAS_PROXY_TICKET_DB_DSN'], $user, $pass, $table, $driver_opts); } if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) { phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']); } } if (empty($args['CAS_CA_CERT'])) { phpCAS::setNoCasServerValidation(); } else { phpCAS::setCasServerCACert($args['CAS_CA_CERT']); } // Record any attribute mapping configured. if (!empty($args['ATTRA_EMAIL'])) { CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']); } if (!empty($args['ATTRA_FIRST_NAME'])) { CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']); } if (!empty($args['ATTRA_LAST_NAME'])) { CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']); } if (!empty($args['ATTRA_FULL_NAME'])) { CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']); } // Store an attribute for group membership if configured. if (!empty($args['ATTRA_MEMBER_OF'])) { CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']); } }
<div id="whitebox"> <img id="wcLogo" src="<?php echo $pageContent->pathToRoot; ?> ../../Images/loggin_screen_wcLogo.gif" alt="Winter Conference Logo" /> <span id="registerForWC"> Register for <span id="WCBlue">Winter Conference:</span> </span> <div id="gcxSection"> <img id="gcxlogo" src="<?php echo $pageContent->pathToRoot; ?> ../../Images/loggin_screen_GCXlogo.gif" alt="GCX" /> <a id="loginWithGXC" href="<?php print CASUser::login_link(); ?> ">Log-in with GCX</a> <span id="createGcxAccount"> If you don't have an existing GCX identity: <a href="https://signin.mygcx.org/sso/selfservice/ssoSignup.jsp">Create an Account</a> </span> <a id='whatisgcxlink' href='javascript:ShowWhatIsGCX();'>What is GCX login?</a> <div style='position: relative;'> <div id='whatisgcxlogin' class='NotShowed'> <div style="float:right"><a href='javascript:ShowWhatIsGCX();'>close</a></div><h2>What is GCX login?</h2> GCX is a single sign on login that authenticates you to use Campus for Christ web applications including: <ul> <li><a target='_blank' href='https://pulse.campusforchrist.org/'>Pulse</a></li> <li><a target='_blank' href='https://pat.powertochange.org/'>Project Application Tool</a></li> <li><a target='_blank' href='http://intranet.campusforchrist.org/'>Registration/Intranet</a></li> <li><a target='_blank' href='http://resources.campusforchrist.org/'>Resources</a></li>
<?php require "General/gen_Includes.php"; CASUser::setup("/var/www/campus/dev.intranet.campusforchrist.org/callback.log"); CASUser::checkAuth();
function processData() { switch ($this->mode) { case moduleLogin::MODE_SUBMIT: $this->viewer->assumeValidSession(); if ($this->viewer->validateLogin($this->userID, $this->passWord)) { $this->processForms(); } else { $this->errorMessages = 'Invalid UserID & Password.'; } break; case moduleLogin::MODE_FORM: if ($this->viewer->isAuthenticated() == false) { $this->mode = moduleLogin::MODE_DISPLAY; } break; case moduleLogin::MODE_LOGOUT: $this->viewer->deleteSession(); CASUser::logout(); // now redirect the page BACK to the LOGIN page header("Location:" . Page::getLoginURL()); break; } }