function forceCASAuthentication()
{
require_once 'CAS.php';
global $CAS_HOST, $CAS_CONTEXT, $CA_certificate_file;
initPhpCAS($CAS_HOST, '443', $CAS_CONTEXT, $CA_certificate_file);
//phpCAS::setNoClearTicketsFromUrl(); // ensure things work without cookies (for safari on cross-domain)
phpCAS::forceAuthentication();
if (isset($_REQUEST['logout'])) {
phpCAS::logout();
}
// will be used by function "GET_uid"
$_SERVER["HTTP_CAS_USER"] = phpCAS::getUser();
}
$person = array();
$is_old = false;
} else {
$haveTicket = isset($_GET["ticket"]);
// must be done before initPhpCAS which removes it
$noCache = isset($_GET["noCache"]);
if (@$_GET["PHPSESSID"]) {
$_COOKIE["PHPSESSID"] = $_GET["PHPSESSID"];
}
session_start();
if ($noCache && !isset($_GET["auth_checked"])) {
// cleanup SESSION, esp. to force CAS authentification again
debug_msg("cleaning SESSION");
$_SESSION = array();
}
initPhpCAS($cas_host, '443', $cas_context, $CA_certificate_file);
list($isAuthenticated, $noCookies, $wasPreviouslyAuthenticated) = checkAuthentication($noCache, $haveTicket);
if (!$isAuthenticated) {
setcookie("PHPSESSID", "", 1, "/");
}
$uid = $isAuthenticated ? get_uid() : '';
$person = $uid ? $ldap_server ? getLdapPeopleInfo($uid) : array("uid" => array($uid)) : array();
$person['id'] = $person['uid'];
$is_old = is_old() && !$noCache;
}
}
list($validApps, $layout) = computeLayout($person);
$bandeauHeader = computeBandeauHeader($person, $validApps);
$exportApps = exportApps($person);
$static_js = file_get_contents('bandeau-ENT-static.js');
$default_logout_url = @$ent_base_url ? $ent_base_url . '/Logout' : (@$layout[0] ? via_CAS($cas_login_url, $APPS[$layout[0]["apps"][0]]["url"]) : '');