static function casLoginProcess()
{
global $config, $message, $ui;
self::init();
/* Reset error messages */
$message = '';
//~ phpCAS::setDebug();
// Initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, $config->get_cfg_value('casHost', 'localhost'), (int) $config->get_cfg_value('casPort', 443), $config->get_cfg_value('casContext', ''));
// Set the CA certificate that is the issuer of the cert
phpCAS::setCasServerCACert($config->get_cfg_value('casServerCaCertPath'));
//~ phpCAS::setNoCasServerValidation();
// force CAS authentication
phpCAS::forceAuthentication();
self::$username = phpCAS::getUser();
$ldap = $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
$verify_attr = explode(',', $config->get_cfg_value('loginAttribute', 'uid'));
$filter = '';
foreach ($verify_attr as $attr) {
$filter .= '(' . $attr . '=' . self::$username . ')';
}
$ldap->search('(&(|' . $filter . ')(objectClass=inetOrgPerson))');
$attrs = $ldap->fetch();
if ($ldap->count() < 1) {
msg_dialog::display(_('Error'), sprintf(_('CAS user "%s" could not be found in the LDAP'), self::$username), FATAL_ERROR_DIALOG);
exit;
} elseif ($ldap->count() > 1) {
msg_dialog::display(_('Error'), sprintf(_('CAS user "%s" match several users in the LDAP'), self::$username), FATAL_ERROR_DIALOG);
exit;
}
$ui = new userinfo($config, $attrs['dn']);
$ui->loadACL();
$success = self::runSteps(array('loginAndCheckExpired', 'runSchemaCheck', 'checkForLockingBranch'));
if ($success) {
/* Everything went well, redirect to main.php */
self::redirect();
}
}
