/**
  * This method is used to print the HTML output when the user was not authenticated.
  *
  * @param $client phpcas client
  * @param $failure the failure that occured
  * @param $cas_url the URL the CAS server was asked for
  * @param $no_response the response from the CAS server (other
  * parameters are ignored if TRUE)
  * @param $bad_response bad response from the CAS server ($err_code
  * and $err_msg ignored if TRUE)
  * @param $cas_response the response of the CAS server
  * @param $err_code the error code given by the CAS server
  * @param $err_msg the error message given by the CAS server
  */
 public function __construct($client, $failure, $cas_url, $no_response, $bad_response = '', $cas_response = '', $err_code = '', $err_msg = '')
 {
     phpCAS::traceBegin();
     $client->printHTMLHeader($client->getString(CAS_STR_AUTHENTICATION_FAILED));
     printf($client->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED), htmlentities($client->getURL()), $_SERVER['SERVER_ADMIN']);
     phpCAS::trace('CAS URL: ' . $cas_url);
     phpCAS::trace('Authentication failure: ' . $failure);
     if ($no_response) {
         phpCAS::trace('Reason: no response from the CAS server');
     } else {
         if ($bad_response) {
             phpCAS::trace('Reason: bad response from the CAS server');
         } else {
             switch ($client->getServerVersion()) {
                 case CAS_VERSION_1_0:
                     phpCAS::trace('Reason: CAS error');
                     break;
                 case CAS_VERSION_2_0:
                     if (empty($err_code)) {
                         phpCAS::trace('Reason: no CAS error');
                     } else {
                         phpCAS::trace('Reason: [' . $err_code . '] CAS error: ' . $err_msg);
                     }
                     break;
             }
         }
         phpCAS::trace('CAS response: ' . $cas_response);
     }
     $client->printHTMLFooter();
     phpCAS::traceExit();
 }
Example #2
0
function checkAndSetUserSession()
{
    // store session data
    if (!isset($_SESSION['user'])) {
        $_SESSION['user'] = null;
    }
    if (isset($_REQUEST['login']) or isset($_REQUEST['logout'])) {
        // initialize phpCAS
        phpCAS::client(CAS_VERSION_2_0, 'login.kth.se', 443, '');
        //phpCAS::proxy(CAS_VERSION_2_0,'login.kth.se',443,'');
        phpCAS::setNoCasServerValidation();
        // If you want the redirect back from the login server to enter your application by some
        // specfic URL rather than just back to the current request URI, call setFixedCallbackURL.
        //phpCAS::setFixedCallbackURL('http://xml.csc.kth.se/~wiiala/DM2517/project/php/index.php');
        // force CAS authentication
        phpCAS::forceAuthentication();
        // at this step, the user has been authenticated by the CAS server
        // and the user's login name can be read with phpCAS::getUser().
        $_SESSION['user'] = phpCAS::getUser();
        //Logga ut och redirecta till vår standardsida
        if (isset($_REQUEST['logout'])) {
            unset($_SESSION['user']);
            phpCAS::logoutWithRedirectService('http://kth.kribba.com/');
        }
    }
}
Example #3
0
function forceAuth()
{
    if (!phpCAS::isAuthenticated()) {
        // If they're not currently logged in, take them to the RPI CAS page
        phpCAS::forceAuthentication();
    }
}
 /**
  * [Put your description here]
  */
 function main($content, $conf)
 {
     $this->conf = $conf;
     $this->pi_setPiVarDefaults();
     $this->pi_USER_INT_obj = 1;
     // Configuring so caching is not expected. This value means that no cHash params are ever set. We do this, because it's a USER_INT object!
     $this->pi_loadLL();
     $this->typeExecution = "prod";
     $urlCas = "none";
     $portCas = "none";
     if ($this->typeExecution == "dev") {
         $urlCas = "xinf-devlinux.intranet.haras-nationaux.fr";
         $portCas = 7777;
     } else {
         if ($this->typeExecution == "prod") {
             $urlCas = "cerbere.haras-nationaux.fr";
             $portCas = 443;
         }
     }
     session_start();
     if (isset($_GET["action"]) && $_GET["action"] == "disconnect") {
         phpCAS::setDebug();
         phpCAS::client(CAS_VERSION_2_0, $urlCas, $portCas, 'cas', 'true');
         $ur = phpCAS::getServerLogoutURL();
         phpCAS::killSession();
         //Suppression de la sesssion de harasire
         setcookie("netid", "", time() - 3600, "/", ".haras-nationaux.fr");
         //$urCid = "http://www4.haras-nationaux.fr/cid-internet-web/InvalidateSessionServlet?service=".$ur;
         $content .= '<IFRAME src="' . $ur . '" frameborder="no" height="600" width="670"></IFRAME>';
         return $this->pi_wrapInBaseClass($content);
     }
 }
Example #5
0
 function getAttributes()
 {
     if (phpCAS::isAuthenticated()) {
         return phpCAS::getAttributes();
     }
     return null;
 }
 public function execute($filterChain)
 {
     $user = $this->getContext()->getUser();
     // We put an LDAP object in the context in order to reuse it later
     $this->getContext()->set('ldap', new uapvLdap());
     // Filters can be called several times (because of internal forwards)
     // Authentication is only done the first time
     if ($this->isFirstCall() && (sfConfig::get('app_cas_server_force_authentication', false) || !$user->isAuthenticated())) {
         // phpCAS is not php5-compliant, we remove php warnings and strict errors
         $errorReporting = ini_get('error_reporting');
         error_reporting($errorReporting & ~E_STRICT & ~E_NOTICE);
         if (sfConfig::get('app_cas_server_debug', false)) {
             phpCAS::setDebug();
         }
         // see /tmp/phpCAS.log
         phpCAS::client(sfConfig::get('app_cas_server_version', CAS_VERSION_2_0), sfConfig::get('app_cas_server_host', 'localhost'), sfConfig::get('app_cas_server_port', 443), sfConfig::get('app_cas_server_path', ''), false);
         // Don't call session_start again,
         // symfony already did it
         //phpCAS::handleLogoutRequests ();
         phpCAS::setNoCasServerValidation();
         phpCAS::forceAuthentication();
         // if necessary the user will be
         // redirected to the cas server
         // At this point the user is authenticated, we log him in
         $user->signIn(phpCAS::getUser());
         // Previous settings can now be restored
         error_reporting($errorReporting);
     }
     // "credential" verification
     parent::execute($filterChain);
 }
Example #7
0
 public function __construct()
 {
     $this->attr = phpCAS::getAttributes();
     $this->attr['username'] = phpCAS::getUser();
     $this->id = $this->attr['user_id'];
     unset($this->attr['sequence_token']);
 }
Example #8
0
function force_login()
{
    if (!isset($GLOBALS['PHPCAS_CLIENT'])) {
        check_auth();
    }
    phpCAS::forceAuthentication();
}
Example #9
0
 public function get_login()
 {
     Logger::debug('main', 'AuthMethod_CAS::get_login()');
     if (!isset($_SESSION['backup_sso']) || !is_array($_SESSION['backup_sso'])) {
         $_SESSION['backup_sso'] = array();
     }
     foreach ($_REQUEST as $k => $v) {
         $_SESSION['backup_sso'][$k] = $v;
     }
     $buf = $this->prefs->get('AuthMethod', 'CAS');
     $CAS_server_url = $buf['user_authenticate_cas_server_url'];
     if (!isset($CAS_server_url) || $CAS_server_url == '') {
         Logger::error('main', 'AuthMethod_CAS::get_login() - Unable to find CAS server url in Preferences');
         return NULL;
     }
     phpCAS::client(CAS_VERSION_2_0, parse_url($CAS_server_url, PHP_URL_HOST), parse_url($CAS_server_url, PHP_URL_PORT), parse_url($CAS_server_url, PHP_URL_PATH));
     Logger::debug('main', 'AuthMethod_CAS::get_login() - Parsing URL - Host:"' . parse_url($CAS_server_url, PHP_URL_HOST) . '" Port:"' . parse_url($CAS_server_url, PHP_URL_PORT) . '" Path:"' . parse_url($CAS_server_url, PHP_URL_PATH) . '"');
     phpCAS::setNoCasServerValidation();
     if (!phpCAS::forceAuthentication()) {
         Logger::error('main', 'AuthMethod_CAS::get_login() - phpCAS::forceAuthentication failed');
         return NULL;
     }
     if (!phpCAS::isAuthenticated()) {
         Logger::error('main', 'AuthMethod_CAS::get_login() - phpCAS::isAuthenticated failed');
         return NULL;
     }
     $this->login = phpCAS::getUser();
     foreach ($_SESSION['backup_sso'] as $k => $v) {
         if (isset($_REQUEST[$k])) {
             continue;
         }
         $_REQUEST[$k] = $v;
     }
     return $this->login;
 }
Example #10
0
 function metodillo()
 {
     $sSQL = "SELECT * FROM PM_PARAMETERS WHERE PRM_ID = 'CAS_URL' ";
     $aResSQL = executeQuery($sSQL);
     if (count($aResSQL)) {
         $sURL = $aResSQL[1]['PRM_VALUE'];
         $sURI = $aResSQL[1]['PRM_VALUE_2'];
         $res = false;
         $RBAC = RBAC::getSingleton();
         $RBAC->initRBAC();
         require_once 'CAS-1.2.2/CAS.php';
         phpCAS::client(CAS_VERSION_2_0, $sURL, 443, $sURI, false);
         phpCAS::setNoCasServerValidation();
         phpCAS::forceAuthentication();
         if (phpCAS::isAuthenticated() == true) {
             $sCasUser = phpCAS::getUser();
             $sSQL = "SELECT USR_UID FROM USERS WHERE USR_USERNAME = '{$sCasUser}' ";
             $aResSQL = executeQuery($sSQL);
             if (count($aResSQL)) {
                 $nUserId = $aResSQL[1]['USR_UID'];
                 $RBAC->singleSignOn = true;
                 $RBAC->userObj->fields['USR_UID'] = $nUserId;
                 $RBAC->userObj->fields['USR_USERNAME'] = $sCasUser;
                 $res = true;
             } else {
                 $res = false;
             }
         } else {
             $res = false;
         }
     } else {
         $res = false;
     }
     return $res;
 }
Example #11
0
 public static function logout($parameters)
 {
     if (phpCAS::isAuthenticated()) {
         phpCAS::logoutWithRedirectService(OC::$server->getURLGenerator()->getAbsoluteURL(""));
     }
     return true;
 }
 /**
  * Attempts to authenticate users via CAS
  */
 public function index()
 {
     // If they don't have CAS configured, send them onto the application's
     // internal authentication system
     if (!defined('CAS')) {
         header('Location: ' . BASE_URL . '/login/login?return_url=' . $this->return_url);
         exit;
     }
     require_once CAS . '/CAS.php';
     \phpCAS::client(CAS_VERSION_2_0, CAS_SERVER, 443, CAS_URI, false);
     \phpCAS::setNoCasServerValidation();
     \phpCAS::forceAuthentication();
     // at this step, the user has been authenticated by the CAS server
     // and the user's login name can be read with phpCAS::getUser().
     // They may be authenticated according to CAS,
     // but that doesn't mean they have person record
     // and even if they have a person record, they may not
     // have a user account for that person record.
     try {
         $_SESSION['USER'] = new Person(\phpCAS::getUser());
         header("Location: {$this->return_url}");
         exit;
     } catch (\Exception $e) {
         $_SESSION['errorMessages'][] = $e;
     }
     $this->template->blocks[] = new Block('loginForm.inc', array('return_url' => $this->return_url));
 }
 /**
  * Collect any tokens that the user may have supplied. Reply NULL if none
  * are found.
  * 
  * @return mixed
  * @access public
  * @since 3/16/05
  */
 function collect()
 {
     if (phpCAS::isAuthenticated()) {
         return phpCAS::getUser();
     } else {
         return null;
     }
 }
Example #14
0
 private function setName()
 {
     if ($this->config->get('cas-name-attribute-key') !== null && phpCAS::hasAttribute($this->config->get('cas-name-attribute-key'))) {
         $_SESSION[':cas']['name'] = phpCAS::getAttribute($this->config->get('cas-name-attribute-key'));
     } else {
         $_SESSION[':cas']['name'] = $this->getUser();
     }
 }
 public function loginCallback()
 {
     $attributes = phpCAS::getAttributes();
     $this->updateLocalUserFromBackend($attributes);
     $usr_id = User::getUserIDByEmail($attributes['mail'], true);
     $user = User::getDetails($usr_id);
     Auth::createLoginCookie(APP_COOKIE, $user['usr_email'], true);
 }
Example #16
0
 public function checkPassword($uid, $password)
 {
     if (!phpCAS::isAuthenticated()) {
         return false;
     }
     $uid = phpCAS::getUser();
     return $uid;
 }
Example #17
0
 public function logout()
 {
     $curruser = $this->session->userdata("curruser");
     if ($curruser) {
         $this->session->sess_destroy();
     }
     phpCAS::logout();
 }
Example #18
0
 public function __construct()
 {
     \phpCAS::setDebug();
     \phpCAS::client(CAS_VERSION_2_0, "itebeta.baidu.com", 443, "");
     \phpCAS::setNoCasServerValidation();
     \phpCAS::forceAuthentication();
     $this->username = \phpCAS::getUser();
 }
Example #19
0
 public static function modelAttributes()
 {
     $userInfo = array_combine(array('username', 'email', 'user_id'), explode('|', \phpCAS::getUser()));
     $casInfo = array_change_key_case(array_map('urldecode', \phpCAS::getAttributes()), CASE_LOWER);
     $casInfo['realname'] = $casInfo['username'];
     unset($casInfo['useraccountcontrol'], $casInfo['usernum'], $casInfo['useremail']);
     $return = array_merge($casInfo, $userInfo);
     return $return;
 }
 /**
  * Logs the user out / destroys the CAS session
  */
 public function index()
 {
     if (\phpCAS::checkAuthentication()) {
         \phpCAS::logout();
     }
     session_destroy();
     header("Location: /landing");
     return;
 }
Example #21
0
 private function initCasClient()
 {
     if (!$this->_casInitialized) {
         require_once 'CAS.php';
         phpCAS::setDebug();
         phpCAS::client(CAS_VERSION_2_0, $this->getOption('cas_server_host', 'localhost'), (int) $this->getOption('cas_server_port', 443), $this->getOption('cas_server_path', ''), false);
         // Don't call session_start again
         $this->_casInitialized = true;
     }
 }
Example #22
0
 public function __construct()
 {
     parent::__construct();
     $this->load->database();
     $this->load->library('grocery_CRUD');
     include_once 'CAS.php';
     phpCAS::client('2.0', 'cas.uhp-nancy.fr', 443, '/cas', false);
     phpCAS::setNoCasServerValidation();
     phpCAS::handleLogoutRequests(false);
 }
 public function __construct(array $options = array())
 {
     $this->options = $options;
     \phpCAS::getVersion();
     \phpCAS::setDebug('/tmp/cas-log.log');
     \phpCAS::setVerbose(true);
     $this->client = new \CAS_Client(SAML_VERSION_1_1, false, $this->options['webnet.sso_auth.client.option.cas_host.value'], $this->options['webnet.sso_auth.client.option.cas_port.value'], $this->options['webnet.sso_auth.client.option.cas_context.value']);
     $this->client->setNoCasServerValidation();
     $this->client->handleLogoutRequests(false, false);
 }
Example #24
0
 public function getSambaProxyTicket()
 {
     phpCAS::traceBegin();
     if ($this->hasGot()) {
         throw new CAS_OutOfSequenceException('Cannot set the URL, request already sent.');
     }
     $this->count = 1;
     $this->initializeProxyTicket();
     phpCAS::traceEnd();
     return $this->getProxyTicket();
 }
Example #25
0
 function getConnexionBar()
 {
     if (CASUser::checkAuth()) {
         $service = SITE_CAS_CONNEXIONBAR_URL;
         phpCAS::serviceWeb($service, $err_code, $output);
         $xml = simplexml_load_string($output);
         $result = $xml->xpath('/reportoutput/reportdata');
         return str_replace("https://signin.mygcx.org/cas/logout", "https://intranet.campusforchrist.org/index.php?p_Mod=Logout", html_entity_decode($result[0]->asXML()));
     } else {
         return "";
     }
 }
Example #26
0
 public function checkPassword($uid, $password)
 {
     if (!phpCAS::forceAuthentication()) {
         return false;
     }
     $uid = phpCAS::getUser();
     if ($uid === false) {
         OCP\Util::writeLog('user_cas', 'phpCAS return no user !', OCP\Util::ERROR);
         return false;
     }
     return $uid;
 }
 function getConnexionBar()
 {
     if (CASUser::checkAuth()) {
         $service = SITE_CAS_CONNEXIONBAR_URL;
         phpCAS::serviceWeb($service, $err_code, $output);
         $xml = simplexml_load_string($output);
         $result = $xml->xpath('/reportoutput/reportdata');
         return html_entity_decode($result[0]->asXML());
     } else {
         return "";
     }
 }
Example #28
0
 /**
  * Logout the user form the current symfony application and from the
  *  CAS server
  * @param  boolean $onlyLocal   Set it to true, to logout from the application, but stay login in the CAS
  */
 public function logout($url = null, $onlyLocal = false)
 {
     parent::signOut();
     $this->username = null;
     if (!$onlyLocal) {
         sfCAS::initPhpCAS();
         if (!empty($url)) {
             phpCAS::logoutWithUrl($url);
         } else {
             phpCas::logout();
         }
     }
 }
Example #29
0
function logoutCAS($config, $wwwroot)
{
    require_once dirname(__FILE__) . '/CAS/CAS.php';
    // get module configuration
    $cas_validate = true;
    $cas_version = CAS_VERSION_2_0;
    $cas_language = 'english';
    phpCAS::client($cas_version, $config->cashostname, (int) $config->casport, $config->casbaseuri, false);
    error_log("CAS: Logout");
    phpCAS::logout($wwwroot);
    error_log("CAS: Logout Exit");
    return true;
}
Example #30
0
/**
 * Check username against CAS authentication backend. User needs to exist in MySQL to be able to log in.
 *
 * @param string $username User name to check
 * @param string $password User password to check
 * @return int Authentication success (0 = fail, 1 = success) FIXME bool
 */
function cas_authenticate($username, $password)
{
    $row = dbFetchRow("SELECT `username`, `password` FROM `users` WHERE `username`= ?", array($username));
    if ($row['username'] && $row['username'] == $username) {
        if ($username == phpCAS::getUser()) {
            return 1;
        }
        dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER["REMOTE_ADDR"], 'result' => 'CAS: username does not match CAS user'), 'authlog');
    } else {
        dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER["REMOTE_ADDR"], 'result' => 'CAS: NOT found in DB'), 'authlog');
    }
    //session_logout();
    return 0;
}