Retrieve a Proxy Ticket from the CAS server.
public static retrievePT ( string $target_service, &$err_code, &$err_msg ) : string | ||
$target_service | string | Url string of service to proxy |
Résultat | string | Proxy Ticket |
/** * Inject IMAP authentication credentials * * @param array $args arguments from rcmail * @return array modified arguments */ function imap_connect($args) { // retrieve configurations $cfg = rcmail::get_instance()->config->all(); // RoundCube is acting as CAS proxy if ($cfg['cas_proxy']) { // a proxy ticket has been retrieved, the IMAP server caches proxy tickets, and this is the first connection attempt if ($_SESSION['cas_pt'][php_uname('n')] && $cfg['cas_imap_caching'] && $args['attempt'] == 1) { // use existing proxy ticket in session $args['pass'] = $_SESSION['cas_pt'][php_uname('n')]; } // no proxy tickets have been retrieved, the IMAP server doesn't cache proxy tickets, or the first connection attempt has failed else { // initialize CAS client $this->cas_init(); // retrieve a new proxy ticket and store it in session if (phpCAS::forceAuthentication()) { $_SESSION['cas_pt'][php_uname('n')] = phpCAS::retrievePT($cfg['cas_imap_name'], $err_code, $output); $args['pass'] = $_SESSION['cas_pt'][php_uname('n')]; } } // enable retry on the first connection attempt only if ($args['attempt'] <= 1) { $args['retry'] = true; } } $args['valid'] = true; return $args; }
// Uncomment to enable debugging phpCAS::setDebug(); // Initialize phpCAS phpCAS::proxy(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context); // For production use set the CA certificate that is the issuer of the cert // on the CAS server and uncomment the line below // phpCAS::setCasServerCACert($cas_server_ca_cert_path); // For quick testing you can disable SSL validation of the CAS server. // THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION. // VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL! phpCAS::setNoCasServerValidation(); // force CAS authentication phpCAS::forceAuthentication(); // at this step, the user has been authenticated by the CAS server // and the user's login name can be read with phpCAS::getUser(). $pt = phpCAS::retrievePT('http://localhost/test', $err_code, $err_msg); // logout if desired if (isset($_REQUEST['logout'])) { phpCAS::logout(); } // for this test, simply print that the authentication was successfull ?> <html> <head> <title>phpCAS simple client</title> </head> <body> <h1>Successfull Authentication!</h1> <?php require 'script_info.php'; ?>