getAllowedProxyChains() public method

Answer the CAS_ProxyChain_AllowedList object for this client.
public getAllowedProxyChains ( ) : CAS_ProxyChain_AllowedList
return CAS_ProxyChain_AllowedList
Ejemplo n.º 1
1
 /**
  * Wrong order of valid regexp
  *
  * @return void
  *
  * @expectedException CAS_AuthenticationException
  * @outputBuffering enabled
  */
 public function testAllowedProxiesRegexpFailureWrongOrder()
 {
     $this->object->setTicket('ST-123456-asdfasdfasgww2323radf3');
     $this->object->getAllowedProxyChains()->allowProxyChain(new CAS_ProxyChain(array('/^https\\:\\/\\/anotherdomain.org\\/mysite\\/test2$/', '/http\\:\\/\\/firstproxy\\.com.*$/')));
     $result = $this->object->validateCAS20($url, $text_response, $tree_response);
     $this->assertFalse($result);
 }
 private function initializeCAS()
 {
     $casClient = new \CAS_Client(CAS_VERSION_2_0, true, Config::get('cas.hostname'), Config::get('cas.port'), Config::get('cas.context'));
     $casClient->setNoCasServerValidation();
     if (true === Config::get('pgtservice.enabled', false)) {
         $casClient->setCallbackURL(Config::get('pgtservice.callback'));
         $casClient->setPGTStorage(new ProxyTicketServiceStorage($casClient));
     } else {
         if (false !== Config::get('redis.hostname', false)) {
             $casClient->setCallbackURL($this->url->getURL() . '/callback.php');
             $redis = new \Redis();
             $redis->connect(Config::get('redis.hostname'), Config::get('redis.port', 6379), 2, null, 100);
             $redis->setOption(\Redis::OPT_SERIALIZER, \Redis::SERIALIZER_PHP);
             $redis->setOption(\Redis::OPT_PREFIX, Config::get('application.project_name') . ':PHPCAS_TICKET_STORAGE:');
             $redis->select((int) Config::get('redis.hostname', 2));
             $casClient->setPGTStorage(new RedisTicketStorage($casClient, $redis));
         } else {
             $casClient->setCallbackURL($this->url->getURL() . '/callback.php');
             $casClient->setPGTStorageFile(session_save_path());
             // Handle logout requests but do not validate the server
             $casClient->handleLogoutRequests(false);
         }
     }
     // Accept all proxy chains
     $casClient->getAllowedProxyChains()->allowProxyChain(new \CAS_ProxyChain_Any());
     return $casClient;
 }
Ejemplo n.º 3
0
 /**
  * If you want your service to be proxied you have to enable it (default
  * disabled) and define an accepable list of proxies that are allowed to
  * proxy your service.
  *
  * Add each allowed proxy definition object. For the normal CAS_ProxyChain
  * class, the constructor takes an array of proxies to match. The list is in
  * reverse just as seen from the service. Proxies have to be defined in reverse
  * from the service to the user. If a user hits service A and gets proxied via
  * B to service C the list of acceptable on C would be array(B,A). The definition
  * of an individual proxy can be either a string or a regexp (preg_match is used)
  * that will be matched against the proxy list supplied by the cas server
  * when validating the proxy tickets. The strings are compared starting from
  * the beginning and must fully match with the proxies in the list.
  * Example:
  * 		phpCAS::allowProxyChain(new CAS_ProxyChain(array(
  *				'https://app.example.com/'
  *			)));
  * 		phpCAS::allowProxyChain(new CAS_ProxyChain(array(
  *				'/^https:\/\/app[0-9]\.example\.com\/rest\//',
  *				'http://client.example.com/'
  *			)));
  *
  * For quick testing or in certain production screnarios you might want to
  * allow allow any other valid service to proxy your service. To do so, add
  * the "Any" chain:
  *		phpcas::allowProxyChain(new CAS_ProxyChain_Any);
  * THIS SETTING IS HOWEVER NOT RECOMMENDED FOR PRODUCTION AND HAS SECURITY
  * IMPLICATIONS: YOU ARE ALLOWING ANY SERVICE TO ACT ON BEHALF OF A USER
  * ON THIS SERVICE.
  *
  * @param CAS_ProxyChain_Interface $proxy_chain A proxy-chain that will be
  * matched against the proxies requesting access
  *
  * @return void
  */
 public static function allowProxyChain(CAS_ProxyChain_Interface $proxy_chain)
 {
     phpCAS::traceBegin();
     phpCAS::_validateClientExists();
     if (self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_2_0 && self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_3_0) {
         phpCAS::error('this method can only be used with the cas 2.0/3.0 protocols');
     }
     self::$_PHPCAS_CLIENT->getAllowedProxyChains()->allowProxyChain($proxy_chain);
     phpCAS::traceEnd();
 }