* authentication fails. *********************************************************/ // set debug mode phpCAS::setDebug('/tmp/phpCAS_directory.log'); // initialize phpCAS phpCAS::client(CAS_VERSION_2_0, CAS_HOST, CAS_PORT, CAS_PATH, false); // no SSL validation for the CAS server phpCAS::setNoCasServerValidation(); // force CAS authentication phpCAS::forceAuthentication(); // If we are being proxied, limit the the attributes to those allowed to // be passed to the proxying application. As defined in the CAS Protocol // http://www.jasig.org/cas/protocol // The first proxy listed is the most recent in the request chain. Limit // to that services' allowed attributes. $proxies = phpCAS::getProxies(); if (count($proxies)) { $proxy = $proxies[0]; } else { // If we not are allowing users to directly authenticate and use the service exit if (!ALLOW_DIRECT_CAS_AUTHENTICATION) { throw new PermissionDeniedException("Direct access to this service is not allowed."); } } } else { throw new PermissionDeniedException("No access key passed. Access denied."); } } /********************************************************* * Parse/validate our arguments and run the specified action. *********************************************************/