Set the fixed URL that will be used by the CAS server to transmit the
PGT. When this method is not called, a phpCAS script uses its own URL
for the callback.
| public static setFixedCallbackURL ( string $url = '' ) : void | ||
| $url | string | the URL |
| return | void | |
function setup()
{
//Only setup if we haven't already
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
phpCAS::setDebug("/var/www/campus/dev.intranet.campusforchrist.org/cas.log");
phpCAS::proxy(SITE_CAS_VERSION, SITE_CAS_HOSTNAME, SITE_CAS_PORT, SITE_CAS_PATH, SITE_CAS_SESSION);
phpCAS::setFixedCallbackURL(SITE_CAS_CALLBACK);
//No SSL
phpCAS::setNoCasServerValidation();
phpCAS::setPGTStorageFile('xml', SITE_CAS_PGT_STORE);
//session_save_path());
return true;
}
return false;
}
$_SESSION['phpCAS']['service_cookies'] = array();
}
$sm = $_SESSION['ovd-client']['sessionmanager'];
foreach ($sm->get_cookies() as $k => $v) {
$cookie = array('domain' => parse_url($sm->get_base_url(), PHP_URL_HOST), 'path' => '/', 'secure' => false, 'name' => $k, 'value' => $v);
$_SESSION['phpCAS']['service_cookies'][] = $cookie;
}
}
$port = parse_url($CAS_server_url, PHP_URL_PORT);
if (is_null($port)) {
if (parse_url($CAS_server_url, PHP_URL_SCHEME) == 'https') {
$port = 443;
} else {
$port = 80;
}
}
$path = !parse_url($CAS_server_url, PHP_URL_PATH) ? '' : parse_url($CAS_server_url, PHP_URL_PATH);
phpCAS::proxy(CAS_VERSION_2_0, parse_url($CAS_server_url, PHP_URL_HOST), $port, $path, false);
phpCAS::setNoCasServerValidation();
phpCAS::setPGTStorageFile(CAS_PGT_STORAGE_FILE_FORMAT_PLAIN, session_save_path());
phpCAS::setFixedCallbackURL($CAS_callback_url);
//HTTPS required, and Apache's CRT must be added in Tomcat's keystore (CAS server)
phpCAS::forceAuthentication();
if (!phpCAS::serviceWeb($_SESSION['ovd-client']['sessionmanager_url'] . '/start', $errno, $output)) {
$_SESSION['ovd-client']['from_SM_start_XML'] = 'ERROR';
finish();
die;
}
$_SESSION['ovd-client']['from_SM_start_XML'] = $output;
finish();
die;
function tryToLogUser(&$httpVars, $isLast = false)
{
if (isset($_SESSION["CURRENT_MINISITE"])) {
return false;
}
$this->loadConfig();
if (isset($_SESSION['AUTHENTICATE_BY_CAS'])) {
$flag = $_SESSION['AUTHENTICATE_BY_CAS'];
} else {
$flag = 0;
}
$pgtIou = !empty($httpVars['pgtIou']);
$logged = isset($_SESSION['LOGGED_IN_BY_CAS']);
$enre = !empty($httpVars['put_action_enable_redirect']);
$ticket = !empty($httpVars['ticket']);
$pgt = !empty($_SESSION['phpCAS']['pgt']);
$clientModeTicketPendding = isset($_SESSION['AUTHENTICATE_BY_CAS_CLIENT_MOD_TICKET_PENDDING']);
if ($this->cas_modify_login_page) {
if ($flag == 0 && $enre && !$logged && !$pgtIou) {
$_SESSION['AUTHENTICATE_BY_CAS'] = 1;
} elseif ($flag == 1 && !$enre && !$logged && !$pgtIou && !$ticket && !$pgt) {
$_SESSION['AUTHENTICATE_BY_CAS'] = 0;
} elseif ($flag == 1 && $enre && !$logged && !$pgtIou) {
$_SESSION['AUTHENTICATE_BY_CAS'] = 1;
} elseif ($pgtIou || $pgt) {
$_SESSION['AUTHENTICATE_BY_CAS'] = 1;
} elseif ($ticket) {
$_SESSION['AUTHENTICATE_BY_CAS'] = 1;
$_SESSION['AUTHENTICATE_BY_CAS_CLIENT_MOD_TICKET_PENDDING'] = 1;
} elseif ($logged && $pgtIou) {
$_SESSION['AUTHENTICATE_BY_CAS'] = 2;
} else {
$_SESSION['AUTHENTICATE_BY_CAS'] = 0;
}
if ($_SESSION['AUTHENTICATE_BY_CAS'] < 1) {
if ($clientModeTicketPendding) {
unset($_SESSION['AUTHENTICATE_BY_CAS_CLIENT_MOD_TICKET_PENDDING']);
} else {
return false;
}
}
}
/**
* Depend on phpCAS mode configuration
*/
switch ($this->cas_mode) {
case PHPCAS_MODE_CLIENT:
if ($this->checkConfigurationForClientMode()) {
AJXP_Logger::info(__FUNCTION__, "Start phpCAS mode Client: ", "sucessfully");
phpCAS::client(CAS_VERSION_2_0, $this->cas_server, $this->cas_port, $this->cas_uri, false);
if (!empty($this->cas_certificate_path)) {
phpCAS::setCasServerCACert($this->cas_certificate_path);
} else {
phpCAS::setNoCasServerValidation();
}
/**
* Debug
*/
if ($this->cas_debug_mode) {
// logfile name by date:
$today = getdate();
$file_path = AJXP_DATA_PATH . '/logs/phpcas_' . $today['year'] . '-' . $today['month'] . '-' . $today['mday'] . '.txt';
empty($this->cas_debug_file) ? $file_path : ($file_path = $this->cas_debug_file);
phpCAS::setDebug($file_path);
}
phpCAS::forceAuthentication();
} else {
AJXP_Logger::error(__FUNCTION__, "Could not start phpCAS mode CLIENT, please verify the configuration", "");
return false;
}
break;
case PHPCAS_MODE_PROXY:
/**
* If in login page, user click on login via CAS, the page will be reload with manuallyredirectocas is set.
* Or force redirect to cas login page even the force redirect is set in configuration of this module
*
*/
if ($this->checkConfigurationForProxyMode()) {
AJXP_Logger::info(__FUNCTION__, "Start phpCAS mode Proxy: ", "sucessfully");
/**
* init phpCAS in mode proxy
*/
phpCAS::proxy(CAS_VERSION_2_0, $this->cas_server, $this->cas_port, $this->cas_uri, false);
if (!empty($this->cas_certificate_path)) {
phpCAS::setCasServerCACert($this->cas_certificate_path);
} else {
phpCAS::setNoCasServerValidation();
}
/**
* Debug
*/
if ($this->cas_debug_mode) {
// logfile name by date:
$today = getdate();
$file_path = AJXP_DATA_PATH . '/logs/phpcas_' . $today['year'] . '-' . $today['month'] . '-' . $today['mday'] . '.txt';
empty($this->cas_debug_file) ? $file_path : ($file_path = $this->cas_debug_file);
phpCAS::setDebug($file_path);
}
if (!empty($this->cas_setFixedCallbackURL)) {
phpCAS::setFixedCallbackURL($this->cas_setFixedCallbackURL);
}
//
/**
* PTG storage
*/
$this->setPTGStorage();
phpCAS::forceAuthentication();
/**
* Get proxy ticket (PT) for SAMBA to authentication at CAS via pam_cas
* In fact, we can use any other service. Of course, it should be enabled in CAS
*
*/
$err_code = null;
$serviceURL = $this->cas_proxied_service;
AJXP_Logger::debug(__FUNCTION__, "Try to get proxy ticket for service: ", $serviceURL);
$res = phpCAS::serviceSMB($serviceURL, $err_code);
if (!empty($res)) {
$_SESSION['PROXYTICKET'] = $res;
AJXP_Logger::info(__FUNCTION__, "Get Proxy ticket successfully ", "");
} else {
AJXP_Logger::info(__FUNCTION__, "Could not get Proxy ticket. ", "");
}
break;
} else {
AJXP_Logger::error(__FUNCTION__, "Could not start phpCAS mode PROXY, please verify the configuration", "");
return false;
}
default:
return false;
break;
}
AJXP_Logger::debug(__FUNCTION__, "Call phpCAS::getUser() after forceAuthentication ", "");
$cas_user = phpCAS::getUser();
if (!AuthService::userExists($cas_user) && $this->is_AutoCreateUser) {
AuthService::createUser($cas_user, openssl_random_pseudo_bytes(20));
}
if (AuthService::userExists($cas_user)) {
$res = AuthService::logUser($cas_user, "", true);
if ($res > 0) {
AJXP_Safe::storeCredentials($cas_user, $_SESSION['PROXYTICKET']);
$_SESSION['LOGGED_IN_BY_CAS'] = true;
if (!empty($this->cas_additional_role)) {
$userObj = ConfService::getConfStorageImpl()->createUserObject($cas_user);
$roles = $userObj->getRoles();
$cas_RoleID = $this->cas_additional_role;
$userObj->addRole(AuthService::getRole($cas_RoleID, true));
AuthService::updateUser($userObj);
}
return true;
}
}
return false;
}
function RWSPCReqs()
{
global $RWSESL3;
global $RWSCRURL;
$r_rwc = RWSGSOpt("rwscas", PARAM_ALPHANUM);
if ($r_rwc === false || strlen($r_rwc) == 0) {
return;
}
if ($r_rwc != "1" && $r_rwc != "2" && $r_rwc != "3") {
return;
}
$r_ver = RWSGSOpt("version", PARAM_ALPHANUMEXT);
if ($r_ver === false || strlen($r_ver) == 0) {
return;
}
$r_rwu = RWSGSOpt("rwsuser", PARAM_RAW);
if ($r_rwu === false || strlen($r_rwu) == 0) {
unset($r_rwu);
}
$r_rwp = RWSGSOpt("rwspass", PARAM_RAW);
if ($r_rwp === false || strlen($r_rwp) == 0) {
unset($r_rwp);
}
$r_tkt = RWSGSOpt("ticket", PARAM_RAW);
if ($r_tkt === false || strlen($r_tkt) == 0) {
unset($r_tkt);
}
$r_pid = RWSGSOpt("pgtId", PARAM_RAW);
if ($r_pid === false || strlen($r_pid) == 0) {
unset($r_pid);
}
$r_piou = RWSGSOpt("pgtIou", PARAM_RAW);
if ($r_piou === false || strlen($r_piou) == 0) {
unset($r_piou);
}
$r_aus = get_enabled_auth_plugins();
foreach ($r_aus as $r_aun) {
$r_aup = get_auth_plugin($r_aun);
if (strcasecmp($r_aup->authtype, RWSCAS) == 0) {
$r_csp = $r_aup;
break;
}
}
if (!isset($r_csp)) {
return;
}
if (empty($r_csp->config->hostname)) {
return;
}
list($r_v1, $r_v2, $r_v3) = explode(".", phpCAS::getVersion());
$r_csp->connectCAS();
if ($r_rwc == "1") {
if (isset($r_tkt)) {
RWSRHXml();
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n";
echo "<rwscas>\r\n";
echo "\t<st>";
echo utf8_encode(htmlspecialchars(trim($r_tkt)));
echo "\t</st>\r\n";
echo "</rwscas>\r\n";
exit;
} else {
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$r_ok = phpCAS::checkAuthentication();
if (!isset($r_rwu)) {
$r_rwu = phpCAS::getUser();
}
if (!isset($r_rwp)) {
$r_rwp = "passwdCas";
}
RWSLIMUser($r_rwu, $r_rwp, $r_ok);
} else {
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$r_psd = urldecode(file_get_contents("php://input"));
if (stripos($r_psd, "<samlp:LogoutRequest ") !== false) {
RWSAOLog();
}
}
}
}
} else {
if ($r_rwc == "2") {
if (isset($r_pid) && isset($r_piou)) {
if ($r_csp->config->proxycas) {
phpCAS::checkAuthentication();
}
} else {
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$r_psd = urldecode(file_get_contents("php://input"));
if (stripos($r_psd, "<samlp:LogoutRequest ") !== false) {
RWSAOLog();
}
}
}
} else {
if ($r_rwc == "3") {
if (isset($r_tkt)) {
if (strlen($RWSCRURL) > 0) {
$r_svu = $RWSCRURL;
} else {
$r_svu = RWSGSUrl(false, false);
}
$r_svu .= "?rwscas=1";
if (isset($r_ver)) {
$r_svu .= "&version=";
$r_svu .= urlencode($r_ver);
}
if (isset($r_rwu)) {
$r_svu .= "&rwsuser="******"&rwspass="******"?rwscas=2";
if (isset($r_ver)) {
$r_cbu .= "&version=";
$r_cbu .= urlencode($r_ver);
}
if (isset($r_rwu)) {
$r_cbu .= "&rwsuser="******"&rwspass="******"2008");
}
/**
* Initialize CAS client
*
*/
private function cas_init() {
if (!$this->cas_inited) {
// retrieve configurations
$cfg = rcmail::get_instance()->config->all();
// include phpCAS
require_once('/usr/share/php/CAS/CAS.php');
phpCAS::setDebug('/var/log/lcs/casdebug.log');
// initialize CAS client
if ($cfg['cas_proxy']) {
phpCAS::proxy(CAS_VERSION_2_0, $cfg['cas_hostname'], $cfg['cas_port'], $cfg['cas_uri'], false);
// set URL for PGT callback
phpCAS::setFixedCallbackURL($this->generate_url(array('action' => 'pgtcallback')));
// set PGT storage
#phpCAS::setPGTStorageFile('xml', $cfg['cas_pgt_dir']);
phpCAS::setPGTStorageFile($cfg['cas_pgt_dir']);
}
else {
phpCAS::client(CAS_VERSION_2_0, $cfg['cas_hostname'], $cfg['cas_port'], $cfg['cas_uri'], false);
}
// set service URL for authorization with CAS server
phpCAS::setFixedServiceURL($this->generate_url(array('action' => 'login', 'task' => 'mail')));
// set SSL validation for the CAS server
if ($cfg['cas_validation'] == 'self') {
phpCAS::setCasServerCert($cfg['cas_cert']);
}
else if ($cfg['cas_validation'] == 'ca') {
phpCAS::setCasServerCACert($cfg['cas_cert']);
}
else {
phpCAS::setNoCasServerValidation();
}
// set login and logout URLs of the CAS server
phpCAS::setServerLoginURL($cfg['cas_login_url']);
phpCAS::setServerLogoutURL($cfg['cas_logout_url']);
$this->cas_inited = true;
}
}
/**
* Initializes the authority objects based on an associative array of arguments
* @param array $args an associate array of arguments. The argument list is dependent on the authority
*
* General - Required keys:
* TITLE => The human readable title of the AuthorityImage
* INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority
*
* General - Optional keys:
* LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in
*
* CAS - Required keys:
* CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0":
* CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1'
* CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu"
* CAS_PORT => The port the CAS server is listening on, e.g. "443"
* CAS_PATH => The path of the CAS application, e.g. "/cas/"
* CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity
* of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate
* validation will be performed (not recommended for production).
*
* CAS - Optional keys:
* ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
*
* NOTE: Any subclass MUST call parent::init($args) to ensure proper operation
*
*/
public function init($args)
{
parent::init($args);
// include the PHPCAS library
if (empty($args['CAS_PHPCAS_PATH'])) {
require_once 'CAS.php';
} else {
require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php';
}
if (empty($args['CAS_PROTOCOL'])) {
throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_HOST'])) {
throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PORT'])) {
throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PATH'])) {
throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PROXY_INIT'])) {
phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
} else {
phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
if (!empty($args['CAS_PROXY_TICKET_PATH'])) {
phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']);
}
if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) {
phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']);
}
}
if (empty($args['CAS_CA_CERT'])) {
phpCAS::setNoCasServerValidation();
} else {
phpCAS::setCasServerCACert($args['CAS_CA_CERT']);
}
// Record any attribute mapping configured.
if (!empty($args['ATTRA_EMAIL'])) {
CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']);
}
if (!empty($args['ATTRA_FIRST_NAME'])) {
CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']);
}
if (!empty($args['ATTRA_LAST_NAME'])) {
CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']);
}
if (!empty($args['ATTRA_FULL_NAME'])) {
CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']);
}
// Store an attribute for group membership if configured.
if (!empty($args['ATTRA_MEMBER_OF'])) {
CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']);
}
}
/**
* Initializes the authority objects based on an associative array of arguments
* @param array $args an associate array of arguments. The argument list is dependent on the authority
*
* General - Required keys:
* TITLE => The human readable title of the AuthorityImage
* INDEX => The tag used to identify this authority @see AuthenticationAuthority::getAuthenticationAuthority
*
* General - Optional keys:
* LOGGEDIN_IMAGE_URL => a url to an image/badge that is placed next to the user name when logged in
*
* CAS - Required keys:
* CAS_PROTOCOL => The protocol to use. Should be equivalent to one of the phpCAS constants, e.g. "2.0":
* CAS_VERSION_1_0 => '1.0', CAS_VERSION_2_0 => '2.0', SAML_VERSION_1_1 => 'S1'
* CAS_HOST => The host name of the CAS server, e.g. "cas.example.edu"
* CAS_PORT => The port the CAS server is listening on, e.g. "443"
* CAS_PATH => The path of the CAS application, e.g. "/cas/"
* CAS_CA_CERT => The filesystem path to a CA certificate that will be used to validate the authenticity
* of the CAS server, e.g. "/etc/tls/pki/certs/my_ca_cert.crt". If empty, no certificate
* validation will be performed (not recommended for production).
*
* CAS - Optional keys:
* ATTRA_EMAIL => Attribute name for the user's email adress, e.g. "email". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FIRST_NAME => Attribute name for the user's first name, e.g. "givename". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_LAST_NAME => Attribute name for the user's last name, e.g. "surname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_FULL_NAME => Attribute name for the user's full name, e.g. "displayname". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
* ATTRA_MEMBER_OF => Attribute name for the user's groups, e.g. "memberof". This only applies if your
* CAS server returns attributes in a SAML-1.1 or CAS-2.0 response.
*
* NOTE: Any subclass MUST call parent::init($args) to ensure proper operation
*
*/
public function init($args)
{
parent::init($args);
// include the PHPCAS library
if (empty($args['CAS_PHPCAS_PATH'])) {
require_once 'CAS.php';
} else {
require_once $args['CAS_PHPCAS_PATH'] . '/CAS.php';
}
if (!empty($args['CAS_DEBUG_LOG'])) {
phpCAS::setDebug($args['CAS_DEBUG_LOG']);
}
if (empty($args['CAS_PROTOCOL'])) {
throw new KurogoConfigurationException('CAS_PROTOCOL value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_HOST'])) {
throw new KurogoConfigurationException('CAS_HOST value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PORT'])) {
throw new KurogoConfigurationException('CAS_PORT value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PATH'])) {
throw new KurogoConfigurationException('CAS_PATH value not set for ' . $this->AuthorityTitle);
}
if (empty($args['CAS_PROXY_INIT'])) {
phpCAS::client($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
} else {
phpCAS::proxy($args['CAS_PROTOCOL'], $args['CAS_HOST'], intval($args['CAS_PORT']), $args['CAS_PATH'], false);
if (!empty($args['CAS_PROXY_TICKET_PATH']) && !empty($args['CAS_PROXY_TICKET_DB_DSN'])) {
throw new KurogoConfigurationException('Only one of CAS_PROXY_TICKET_PATH or CAS_PROXY_TICKET_DB_DSN may be set for ' . $this->AuthorityTitle);
}
if (!empty($args['CAS_PROXY_TICKET_PATH'])) {
if (version_compare(PHPCAS_VERSION, '1.3', '>=')) {
phpCAS::setPGTStorageFile($args['CAS_PROXY_TICKET_PATH']);
} else {
phpCAS::setPGTStorageFile('', $args['CAS_PROXY_TICKET_PATH']);
}
}
if (!empty($args['CAS_PROXY_TICKET_DB_DSN'])) {
$user = $pass = $table = $driver_opts = '';
if (!empty($args['CAS_PROXY_TICKET_DB_USER'])) {
$user = $args['CAS_PROXY_TICKET_DB_USER'];
}
if (!empty($args['CAS_PROXY_TICKET_DB_PASS'])) {
$pass = $args['CAS_PROXY_TICKET_DB_PASS'];
}
if (!empty($args['CAS_PROXY_TICKET_DB_TABLE'])) {
$table = $args['CAS_PROXY_TICKET_DB_TABLE'];
}
if (!empty($args['CAS_PROXY_TICKET_DB_DRIVER_OPTS'])) {
$driver_opts = $args['CAS_PROXY_TICKET_DB_DRIVER_OPTS'];
}
phpCAS::setPGTStorageDb($args['CAS_PROXY_TICKET_DB_DSN'], $user, $pass, $table, $driver_opts);
}
if (!empty($args['CAS_PROXY_FIXED_CALLBACK_URL'])) {
phpCAS::setFixedCallbackURL($args['CAS_PROXY_FIXED_CALLBACK_URL']);
}
}
if (empty($args['CAS_CA_CERT'])) {
phpCAS::setNoCasServerValidation();
} else {
phpCAS::setCasServerCACert($args['CAS_CA_CERT']);
}
// Record any attribute mapping configured.
if (!empty($args['ATTRA_EMAIL'])) {
CASUser::mapAttribute('Email', $args['ATTRA_EMAIL']);
}
if (!empty($args['ATTRA_FIRST_NAME'])) {
CASUser::mapAttribute('FirstName', $args['ATTRA_FIRST_NAME']);
}
if (!empty($args['ATTRA_LAST_NAME'])) {
CASUser::mapAttribute('LastName', $args['ATTRA_LAST_NAME']);
}
if (!empty($args['ATTRA_FULL_NAME'])) {
CASUser::mapAttribute('FullName', $args['ATTRA_FULL_NAME']);
}
// Store an attribute for group membership if configured.
if (!empty($args['ATTRA_MEMBER_OF'])) {
CASUser::mapAttribute('MemberOf', $args['ATTRA_MEMBER_OF']);
}
}
include 'prefix.php';
?>
<xrecipe>
<?php
include_once 'CAS-1.3.2/CAS.php';
include 'xmlGen.php';
$user = null;
//Skall ändras till post i slutversionen
if (isset($_REQUEST['login']) or isset($_REQUEST['logout'])) {
// initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, 'login.kth.se', 443, '');
phpCAS::setNoCasServerValidation();
// If you want the redirect back from the login server to enter your application by some
// specfic URL rather than just back to the current request URI, call setFixedCallbackURL.
phpCAS::setFixedCallbackURL('http://xml.csc.kth.se/~wiiala/DM2517/project/php/index.php');
// force CAS authentication
phpCAS::forceAuthentication();
// at this step, the user has been authenticated by the CAS server
// and the user's login name can be read with phpCAS::getUser().
$user = phpCAS::getUser();
// logout if desired
if (isset($_REQUEST['logout'])) {
phpCAS::logout();
}
}
$xml = new xmlGen("", $user);
$returnstring = $xml->getGeneratedXML();
print utf8_encode($returnstring);
?>
</xrecipe>
