public static function initialized_php_cas()
{
if (!self::$_initialized_php_cas) {
$casVersion = OCP\Config::getAppValue('user_cas', 'cas_server_version', '2.0');
$casHostname = OCP\Config::getAppValue('user_cas', 'cas_server_hostname', $_SERVER['SERVER_NAME']);
$casPort = OCP\Config::getAppValue('user_cas', 'cas_server_port', 443);
$casPath = OCP\Config::getAppValue('user_cas', 'cas_server_path', '/cas');
$casDebugFile = OCP\Config::getAppValue('user_cas', 'cas_debug_file', '');
$casCertPath = OCP\Config::getAppValue('user_cas', 'cas_cert_path', '');
$php_cas_path = OCP\Config::getAppValue('user_cas', 'cas_php_cas_path', 'CAS.php');
if (!class_exists('phpCAS')) {
if (empty($php_cas_path)) {
$php_cas_path = 'CAS.php';
}
OC_Log::write('cas', "Try to load phpCAS library ({$php_cas_path})", OC_Log::DEBUG);
include_once $php_cas_path;
if (!class_exists('phpCAS')) {
OC_Log::write('cas', 'Fail to load phpCAS library !', OC_Log::ERROR);
return false;
}
}
if ($casDebugFile !== '') {
phpCAS::setDebug($casDebugFile);
}
phpCAS::client($casVersion, $casHostname, (int) $casPort, $casPath, false);
if (!empty($casCertPath)) {
phpCAS::setCasServerCACert($casCertPath);
} else {
phpCAS::setNoCasServerValidation();
}
self::$_initialized_php_cas = true;
}
return self::$_initialized_php_cas;
}
/**
* Initialize the class, this must be called before anything else
* @param $config
* @param bool $changeSessionID Allow phpCAS to change the session_id (Single Sign Out/handleLogoutRequests is based on that change)
* @param $debugLog Set to a path to enable debug log
*/
public static function init($config, $changeSessionID = true, $debugLog = null)
{
if ($debugLog != null) {
phpCAS::setDebug($debugLog);
}
phpCAS::client(CAS_VERSION_2_0, $config['site'], $config['port'], "cas", $changeSessionID);
self::$config = $config;
$private_key = null;
if (isset($config['private_key'])) {
$key = static::resolve_filename($config['private_key']);
$private_key = openssl_get_privatekey("file:///{$key}");
if ($private_key === false) {
throw new NXAuthError("Failed to open private key {$key}");
}
}
if (isset($config['ca_cert']) && $config['ca_cert'] != null) {
self::$ca_cert = static::resolve_filename($config['ca_cert']);
phpCAS::setCasServerCACert(self::$ca_cert);
} else {
phpCAS::setNoCasServerValidation();
// Disable curl ssl verification
phpCAS::setExtraCurlOption(CURLOPT_SSL_VERIFYHOST, 0);
phpCAS::setExtraCurlOption(CURLOPT_SSL_VERIFYPEER, 0);
}
NXAPI::init(array('private_key' => $private_key, 'key_id' => $config['key_id'], 'url' => "https://" . $config['site'], 'ca_cert' => self::$ca_cert));
}
public function execute($filterChain)
{
$user = $this->getContext()->getUser();
// We put an LDAP object in the context in order to reuse it later
$this->getContext()->set('ldap', new uapvLdap());
// Filters can be called several times (because of internal forwards)
// Authentication is only done the first time
if ($this->isFirstCall() && (sfConfig::get('app_cas_server_force_authentication', false) || !$user->isAuthenticated())) {
// phpCAS is not php5-compliant, we remove php warnings and strict errors
$errorReporting = ini_get('error_reporting');
error_reporting($errorReporting & ~E_STRICT & ~E_NOTICE);
if (sfConfig::get('app_cas_server_debug', false)) {
phpCAS::setDebug();
}
// see /tmp/phpCAS.log
phpCAS::client(sfConfig::get('app_cas_server_version', CAS_VERSION_2_0), sfConfig::get('app_cas_server_host', 'localhost'), sfConfig::get('app_cas_server_port', 443), sfConfig::get('app_cas_server_path', ''), false);
// Don't call session_start again,
// symfony already did it
//phpCAS::handleLogoutRequests ();
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
// if necessary the user will be
// redirected to the cas server
// At this point the user is authenticated, we log him in
$user->signIn(phpCAS::getUser());
// Previous settings can now be restored
error_reporting($errorReporting);
}
// "credential" verification
parent::execute($filterChain);
}
private function init_cas_client()
{
if (class_exists('phpCAS')) {
return true;
}
require getConfig('casldap_phpcas_path');
$cas_debug_file = getConfig('cas_debug_file_path');
if (!empty($cas_debug_file)) {
phpCAS::setDebug($cas_debug_file);
}
$cas_host = getConfig('cas_host');
$cas_port = getConfig('cas_port') or 443;
$cas_context = getConfig('cas_context');
switch (getConfig('cas_version')) {
case 1:
$cas_version = CAS_VERSION_1_0;
break;
case 2:
$cas_version = CAS_VERSION_2_0;
break;
case 3:
$cas_version = CAS_VERSION_3_0;
break;
default:
$cas_version = CAS_VERSION_2_0;
break;
}
phpCAS::client($cas_version, $cas_host, intval($cas_port), $cas_context);
$cas_server_ca_cert_path = getConfig('cas_server_ca_cert_path');
if ($cas_server_ca_cert_path) {
phpCAS::setCasServerCACert($cas_server_ca_cert_path);
} else {
phpCAS::setNoCasServerValidation();
}
}
/**
* [Put your description here]
*/
function main($content, $conf)
{
$this->conf = $conf;
$this->pi_setPiVarDefaults();
$this->pi_USER_INT_obj = 1;
// Configuring so caching is not expected. This value means that no cHash params are ever set. We do this, because it's a USER_INT object!
$this->pi_loadLL();
$this->typeExecution = "prod";
$urlCas = "none";
$portCas = "none";
if ($this->typeExecution == "dev") {
$urlCas = "xinf-devlinux.intranet.haras-nationaux.fr";
$portCas = 7777;
} else {
if ($this->typeExecution == "prod") {
$urlCas = "cerbere.haras-nationaux.fr";
$portCas = 443;
}
}
session_start();
if (isset($_GET["action"]) && $_GET["action"] == "disconnect") {
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0, $urlCas, $portCas, 'cas', 'true');
$ur = phpCAS::getServerLogoutURL();
phpCAS::killSession();
//Suppression de la sesssion de harasire
setcookie("netid", "", time() - 3600, "/", ".haras-nationaux.fr");
//$urCid = "http://www4.haras-nationaux.fr/cid-internet-web/InvalidateSessionServlet?service=".$ur;
$content .= '<IFRAME src="' . $ur . '" frameborder="no" height="600" width="670"></IFRAME>';
return $this->pi_wrapInBaseClass($content);
}
}
public function __construct()
{
\phpCAS::setDebug();
\phpCAS::client(CAS_VERSION_2_0, "itebeta.baidu.com", 443, "");
\phpCAS::setNoCasServerValidation();
\phpCAS::forceAuthentication();
$this->username = \phpCAS::getUser();
}
public function __construct(array $options = array())
{
$this->options = $options;
\phpCAS::getVersion();
\phpCAS::setDebug('/tmp/cas-log.log');
\phpCAS::setVerbose(true);
$this->client = new \CAS_Client(SAML_VERSION_1_1, false, $this->options['webnet.sso_auth.client.option.cas_host.value'], $this->options['webnet.sso_auth.client.option.cas_port.value'], $this->options['webnet.sso_auth.client.option.cas_context.value']);
$this->client->setNoCasServerValidation();
$this->client->handleLogoutRequests(false, false);
}
private function initCasClient()
{
if (!$this->_casInitialized) {
require_once 'CAS.php';
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0, $this->getOption('cas_server_host', 'localhost'), (int) $this->getOption('cas_server_port', 443), $this->getOption('cas_server_path', ''), false);
// Don't call session_start again
$this->_casInitialized = true;
}
}
function check_auth()
{
if (!isset($GLOBALS['PHPCAS_CLIENT'])) {
phpCAS::client(CAS_VERSION_2_0, 'cas.byu.edu', 443, 'cas');
//phpCAS::setCasServerCACert("../CAS/cas_ca.pem");
phpCAS::setNoCasServerValidation();
phpCAS::setDebug("cas_error.txt");
phpCAS::handleLogoutRequests(true, array('cas.byu.edu', 'cas1.byu.edu', 'cas2.byu.edu', 'cas3.byu.edu'));
}
return phpCAS::isAuthenticated();
}
/**
* Stores the configuration. Calls the parent configuration first,
* then does additional operations.
*
* @param object Properties $configuration
* @return object
* @access public
* @since 3/24/05
*/
function assignConfiguration(Properties $configuration)
{
parent::assignConfiguration($configuration);
$format = $configuration->getProperty('DISPLAY_NAME_FORMAT');
ArgumentValidator::validate($format, RegexValidatorRule::getRule('/\\[\\[([^]]+)\\]\\]/'));
$this->displayNameFormat = $format;
if ($debug = $configuration->getProperty('CAS_DEBUG_PATH')) {
ArgumentValidator::validate($debug, StringValidatorRule::getRule());
phpCAS::setDebug($debug);
}
$host = $configuration->getProperty('CAS_HOST');
ArgumentValidator::validate($host, RegexValidatorRule::getRule('/^[a-z0-9]+\\.[a-z0-9]+.[a-z]+$/'));
$port = $configuration->getProperty('CAS_PORT');
ArgumentValidator::validate($port, RegexValidatorRule::getRule('/^[0-9]+$/'));
$path = $configuration->getProperty('CAS_PATH');
ArgumentValidator::validate($path, RegexValidatorRule::getRule('/^\\/.*$/'));
phpCAS::client(CAS_VERSION_2_0, $host, intval($port), $path, false);
if ($cert = $configuration->getProperty('CAS_CERT')) {
phpCAS::setCasServerCACert($cert);
} else {
phpCAS::setNoCasServerValidation();
}
// Allow group lookup via a CASDirectory:
// https://mediawiki.middlebury.edu/wiki/LIS/CAS_Directory
$dirUrl = $configuration->getProperty('CASDIRECTORY_BASE_URL');
ArgumentValidator::validate($dirUrl, StringValidatorRule::getRule());
$this->directoryUrl = $dirUrl;
// set the callback URL for the PGT to be sent to. This must be an https url
// whose certificate is trusted by CAS.
// $callbackUrl = $configuration->getProperty('CALLBACK_URL');
// ArgumentValidator::validate($callbackUrl, RegexValidatorRule::getRule('/^https:\/\/.*$/'));
// phpCAS::setFixedCallbackURL($callbackUrl);
$adminAccess = $configuration->getProperty('CASDIRECTORY_ADMIN_ACCESS');
ArgumentValidator::validate($adminAccess, StringValidatorRule::getRule());
$this->adminAccess = $adminAccess;
$classRoot = $configuration->getProperty('CASDIRECTORY_CLASS_ROOT');
if ($classRoot) {
ArgumentValidator::validate($classRoot, StringValidatorRule::getRule());
$this->classRoot = $classRoot;
} else {
$this->classRoot = null;
}
$groupIdRegex = $configuration->getProperty('CASDIRECTORY_GROUP_ID_REGEX');
if ($groupIdRegex) {
ArgumentValidator::validate($groupIdRegex, StringValidatorRule::getRule());
$this->groupIdRegex = $groupIdRegex;
} else {
$this->groupIdRegex = null;
}
// Root Groups to expose
ArgumentValidator::validate($configuration->getProperty('ROOT_GROUPS'), ArrayValidatorRuleWithRule::getRule(StringValidatorRule::getRule()));
$this->rootGroups = array_unique($configuration->getProperty('ROOT_GROUPS'));
}
public static function init()
{
if (self::$_init) {
return true;
}
$config = new \Yaf\Config\Ini(APPLICATION_CONFIG_PATH . '/phpcas.ini', \Yaf\ENVIRON);
phpCAS::setDebug('');
phpCAS::client($config->cas_version, $config->cas_host, intval($config->cas_port), $config->cas_context);
phpCAS::setNoCasServerValidation();
phpCAS::handleLogoutRequests(false);
self::$_init = true;
return true;
}
protected function initializeCASClient()
{
if (!phpCAS::isInitialized()) {
// Set debug mode
phpCAS::setDebug(false);
//Initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, Configure::read('user_config.cas.hostname'), Configure::read('user_config.cas.port'), Configure::read('user_config.cas.uri'), true);
phpCAS::setFixedServiceURL($this->loginRedirectURL());
// No SSL validation for the CAS server
phpCAS::setNoCasServerValidation();
}
return true;
}
private function setCASSettings()
{
if ($this->options->IsCasDebugOn()) {
phpCAS::setDebug($this->options->DebugFile());
}
phpCAS::client($this->options->CasVersion(), $this->options->HostName(), $this->options->Port(), $this->options->ServerUri(), $this->options->ChangeSessionId());
if ($this->options->CasHandlesLogouts()) {
phpCAS::handleLogoutRequests(true, $this->options->LogoutServers());
}
if ($this->options->HasCertificate()) {
phpCAS::setCasServerCACert($this->options->Certificate());
}
phpCAS::setNoCasServerValidation();
}
function __construct($collection, $settings)
{
$this->_Collection = $collection;
if (Configure::read('CAS.debug_log_enabled')) {
phpCAS::setDebug(TMP . 'phpCas.log.txt');
}
phpCAS::client(CAS_VERSION_2_0, Configure::read('CAS.hostname'), Configure::read('CAS.port'), Configure::read('CAS.uri'));
$certServer = Configure::read('CAS.cert_path');
if (empty($certServer)) {
phpCAS::setNoCasServerValidation();
} else {
phpCAS::setCasServerCACert($certServer);
}
}
/**
* Logout execution method. Initializes CAS client and force logout if required before returning to parent logout method.
*
* @param mixed $url Optional URL to redirect the user to after logout
* @return string AuthComponent::$loginAction
* @see AuthComponent::$loginAction
* @access public
*/
function logout()
{
// Set debug mode
phpCAS::setDebug(false);
//Initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, Configure::read('CAS.hostname'), Configure::read('CAS.port'), Configure::read('CAS.uri'), true);
// No SSL validation for the CAS server
phpCAS::setNoCasServerValidation();
// Force CAS logout if required
if (phpCAS::isAuthenticated()) {
phpCAS::logout(array('url' => 'http://www.cakephp.org'));
// Provide login url for your application
}
return parent::logout();
}
/**
* [Put your description here]
*/
function main($content, $conf)
{
$this->conf = $conf;
$this->pi_setPiVarDefaults();
$this->pi_USER_INT_obj = 1;
// Configuring so caching is not expected. This value means that no cHash params are ever set. We do this, because it's a USER_INT object!
$this->pi_loadLL();
session_start();
$this->typeExecution = "prod";
$urlCas = "none";
$portCas = "none";
if ($this->typeExecution == "dev") {
$urlCas = "xinf-devlinux.intranet.haras-nationaux.fr";
$portCas = 7777;
} else {
if ($this->typeExecution == "prod") {
$urlCas = "cerbere.haras-nationaux.fr";
$portCas = 443;
}
}
if (isset($_GET["userdebug"])) {
include_once "typo3conf/ext/dlcube_hn_01/class.WebservicesCompte.php";
include_once "typo3conf/ext/dlcube_hn_01/class.WebservicesAccess.php";
$param[] = array("login" => $_GET["userdebug"], "ctx" => null);
$ws = new WebservicesCompte();
if (!$ws->connectIdent()) {
$content = "ERROR:" . $ws->getErrorMessage();
return $content;
}
$result = $ws->getPersonneByLogin($param);
debug($result);
print_r($result);
}
if (isset($_GET["action"]) && $_GET["action"] == "auth" && !isset($_GET["ticket"])) {
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0, $urlCas, $portCas, 'cas', 'true');
$ur = phpCAS::getServerLoginURL(false);
$content .= '<IFRAME src="' . $ur . '" frameborder="no" height="600" width="670"></IFRAME>';
return $this->pi_wrapInBaseClass($content);
}
phpCAS::client(CAS_VERSION_2_0, $urlCas, $portCas, 'cas', 'true');
phpCAS::checkAuthentication();
$_SESSION["portalId"] = phpCAS::getUser();
echo '<html><body><script type="text/javascript">
window.open( "' . $this->pi_getPageLink($_SESSION["service_id_auth"]) . '", "_top");
</script></body>';
exit;
}
function setup()
{
//Only setup if we haven't already
global $PHPCAS_CLIENT;
if (!is_object($PHPCAS_CLIENT)) {
phpCAS::setDebug("/var/www/campus/dev.intranet.campusforchrist.org/cas.log");
phpCAS::proxy(SITE_CAS_VERSION, SITE_CAS_HOSTNAME, SITE_CAS_PORT, SITE_CAS_PATH, SITE_CAS_SESSION);
phpCAS::setFixedCallbackURL(SITE_CAS_CALLBACK);
//No SSL
phpCAS::setNoCasServerValidation();
phpCAS::setPGTStorageFile('xml', SITE_CAS_PGT_STORE);
//session_save_path());
return true;
}
return false;
}
protected function casUser()
{
$cas_host = \Config::get('app.cas_host');
$cas_context = \Config::get('app.cas_context');
$cas_port = \Config::get('app.cas_port');
\phpCAS::setDebug();
\phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);
\phpCAS::setNoCasServerValidation();
if (\phpCAS::isAuthenticated()) {
$attributes = array('id' => \phpCAS::getUser(), 'name' => \phpCAS::getUser());
return new GenericUser($attributes);
} else {
\phpCAS::setServerURL(\Config::get('app.url'));
\phpCAS::forceAuthentication();
}
return null;
}
public function __construct()
{
parent::__construct();
// $this->load->helper('url');
// $this->cismarty->assign("baseurl", base_url());
$this->cismarty->assign("curruser", "");
// $this->cismarty->assign("module", "manage");
//return;
require_once 'lib/phpcas/CAS.php';
phpCAS::setDebug();
/* phpCAS::client(CAS_VERSION_2_0, $this->config->item('cas_host'),
$this->config->item('cas_port'),
$this->config->item('cas_context'));
$this->load->library("session");
*/
//phpCAS::client(CAS_VERSION_2_0,'uuap.baidu.com',80,'');
phpCAS::client(CAS_VERSION_2_0, 'itebeta.baidu.com', 443, '');
$_SESSION['CAS_USER_LEVEL'] = 2;
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
if (isset($_REQUEST['logout'])) {
phpCAS::logout();
}
$this->cismarty->assign("curruser", phpCAS::getUser());
$this->currUser = phpCAS::getUser();
/*
$sessionPid = $this->session->userdata('productid');
if (isset($_REQUEST['productid'])) {
$this->session->set_userdata('productid', $_REQUEST['productid']);
}
$this->currProductId = $this->session->userdata('productid');
if (empty($this->currProductId)) {
$this->currProductId = 1;
}
$this->cismarty->assign('productid', $this->currProductId);
$this->cismarty->assign("module", strtolower(get_class($this)));
$this->load->model('product_model');
$products = $this->product_model->getProducts();
$currProduct = $this->product_model->getProduct($this->currProductId);
$this->currDbInfo = $currProduct->dbinfo;
$this->cismarty->assign("products", $products);
$this->cismarty->assign('product', $this->product_model->getProduct($this->currProductId));
*/
}
public function FilterApplicationConfig(&$oConfig)
{
$sCasHost = \trim($this->Config()->Get('plugin', 'cas_server_host', ''));
$iCasPort = $this->Config()->Get('plugin', 'cas_server_port', 8443);
phpCAS::setDebug('/tmp/phpCAS-rl.log');
// Schrijft debug informatie naar een log-file
// Parameters: CAS version, CAS server url, CAS server port, CAS server URI (same as host),
// boolean indicating session start, communication protocol (SAML) between application and CAS server
phpCAS::client(CAS_VERSION_3_0, $sCasHost, $iCasPort, '', true, 'saml');
// Server from which logout requests are sent
// phpCAS::handleLogoutRequests(true, array('cas1.ugent.be','cas2.ugent.be','cas3.ugent.be','cas4.ugent.be','cas5.ugent.be','cas6.ugent.be'));
phpCAS::handleLogoutRequests(true, array('http://localhost:8080/php_cas_login/home.html'));
// Path to the "trusted certificate authorities" file:
// phpCAS::setCasServerCACert('/etc/ssl/certs/ca-certificates.crt');
// No server verification (less safe!):
phpCAS::setNoCasServerValidation();
// The actual user authentication
phpCAS::forceAuthentication();
$this->oAccountManagementProvider = $this->AccountManagementProvider($oConfig);
}
public function __construct()
{
if (!function_exists('curl_init')) {
show_error('<strong>ERROR:</strong> You need to install the PHP module
<strong><a href="http://php.net/curl">curl</a></strong> to be able
to use CAS authentication.');
}
$CI =& get_instance();
$this->CI = $CI;
$CI->config->load('cas');
$this->phpcas_path = $CI->config->item('phpcas_path');
$this->cas_server_url = $CI->config->item('cas_server_url');
if (empty($this->phpcas_path) or filter_var($this->cas_server_url, FILTER_VALIDATE_URL) === FALSE) {
$this->_cas_show_config_error();
}
$cas_lib_file = $this->phpcas_path . '/CAS.php';
if (!file_exists($cas_lib_file)) {
show_error("<strong>ERROR:</strong> Could not find a file <em>CAS.php</em> in directory\n\t\t\t\t<strong>{$this->phpcas_path}</strong><br /><br />\n\t\t\t\tPlease, check your config file <strong>config/cas.php</strong> and make sure the\n\t\t\t\tconfiguration <em>phpcas_path</em> is a valid phpCAS installation.");
}
require_once $cas_lib_file;
if ($CI->config->item('cas_debug')) {
phpCAS::setDebug();
}
// init CAS client
$defaults = array('path' => '', 'port' => 443);
$cas_url = array_merge($defaults, parse_url($this->cas_server_url));
phpCAS::client(CAS_VERSION_2_0, $cas_url['host'], $cas_url['port'], $cas_url['path'], false);
// configures SSL behavior
if ($CI->config->item('cas_disable_server_validation')) {
phpCAS::setNoCasServerValidation();
} else {
$ca_cert_file = $CI->config->item('cas_server_ca_cert');
if (empty($ca_cert_file)) {
$this->_cas_show_config_error();
}
phpCAS::setCasServerCACert($ca_cert_file);
}
}
# vers la page de login classique.
if (!$auth_sso) {
session_write_close();
header("Location:login.php");
die();
}
// Authentification CAS : la session doit être gérée par phpCAS directement
// Il est donc indispensable de placer toute l'initialisation ici, et
// d'instancier la classe 'Session' sans initialiser la session php, qui
// sera déjà initialisée.
if ($gepiSettings['auth_sso'] == 'cas') {
include_once('./lib/CAS.php');
if ($mode_debug) {
phpCAS::setDebug($debug_log_file);
}
// config_cas.inc.php est le fichier d'informations de connexions au serveur cas
$path = "./secure/config_cas.inc.php";
include($path);
# On défini l'URL de base, pour que phpCAS ne se trompe pas dans la génération
# de l'adresse de retour vers le service (attention, requiert patchage manuel
# de phpCAS !!)
if (isset($gepiBaseUrl)) {
$url_base = $gepiBaseUrl;
} else {
$url_base = Session::https_request() ? 'https' : 'http';
$url_base .= '://';
$url_base .= $_SERVER['SERVER_NAME'];
}
/**
* @brief 全局初始化接口
*
* @return success-true failed-false
* @retval boolean
* @see getCasInit()
* @note 这个函数修改了session的存储文件路径为/odp/data/phpcas,并关闭了phpCAS第三方库本身的日志
* @note 在一个CGI中phpCAS client对象只能被初始化一次,因此设置$isCasClientInit属性用来控制
* @author chenyijie
* @date 2012/09/28 22:28:43
**/
private static function init()
{
if (self::$isCasClientInit) {
return true;
}
if (!self::getCasInit()) {
Bd_Log::warning('UUAP CAS protocol init failed');
return false;
}
$link = self::$arrConf['Server'][0]['Hostname'];
$port = self::$arrConf['DefaultPort'];
phpCAS::setDebug('');
phpCAS::client(CAS_VERSION_2_0, $link, intval($port), '', false);
// 自己管理session,最后参数为false by yuliang
phpCAS::setNoCasServerValidation();
phpCAS::handleLogoutRequests(false);
self::$isCasClientInit = true;
return true;
}
/**
* Plugin initialization, action & filters register, etc
*/
function init($run_cas = true)
{
global $error;
if ($run_cas) {
/**
* phpCAS initialization
*/
include_once $this->phpcas_path;
if ($this->settings['server_hostname'] == '' || intval($this->settings['server_port']) == 0) {
$this->cas_configured = false;
}
if ($this->cas_configured) {
//If everything is alright, let's initialize the phpCAS client
phpCAS::client($this->settings['cas_version'], $this->settings['server_hostname'], intval($this->settings['server_port']), $this->settings['server_path'], false);
// function added in phpCAS v. 0.6.0
// checking for static method existance is frustrating in php4
$phpCas = new phpCas();
if (method_exists($phpCas, 'setCasServerCACert') && $this->settings['cert_path']) {
phpCAS::setCasServerCACert($this->settings['cert_path']);
} elseif (method_exists($phpCas, 'setNoCasServerValidation')) {
phpCAS::setNoCasServerValidation();
}
unset($phpCas);
if (defined('CAS_MAESTRO_DEBUG_ON') && CAS_MAESTRO_DEBUG_ON == true) {
phpCAS::setDebug(CAS_MAESTRO_PLUGIN_PATH . 'debug.log');
}
/**
* Filters and actions registration
*/
add_filter('authenticate', array(&$this, 'validate_login'), 30, 3);
add_filter('login_url', array(&$this, 'bypass_reauth'));
add_action('lost_password', array(&$this, 'disable_function'));
add_action('retrieve_password', array(&$this, 'disable_function'));
add_action('password_reset', array(&$this, 'disable_function'));
add_filter('show_password_fields', array(&$this, 'show_password_fields'));
} else {
$error = __("wpCAS is not configured. Please, login, go to the settings and configure with your credentials.", "CAS_Maestro");
//add_filter( 'login_head', array(&$this, 'display_login_notconfigured'));
}
}
add_action('wp_logout', array(&$this, 'process_logout'));
//Register the language initialization
add_action('init', array(&$this, 'lang_init'));
add_action('admin_init', array(&$this, 'add_meta_boxes'));
add_action('profile_update', array(&$this, 'onSaveProfile'), 10, 2);
add_action('admin_notices', array(&$this, 'notify_email_update'));
add_action('admin_menu', array(&$this, 'register_menus'), 50);
add_action('admin_enqueue_scripts', array(&$this, 'register_javascript'));
//Filter to rewrite the login form action to bypass cas
if ($this->bypass_cas) {
add_filter('site_url', array(&$this, 'bypass_cas_login_form'), 20, 3);
add_filter('authenticate', array(&$this, 'validate_noncas_login'), 30, 3);
}
}
// This may be useful for using the directory as a datasource for updater
// scripts.
// Allow clearing of the APC cache via a POST request with ADMIN_ACCESS
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'clear_cache') {
apc_clear_cache('user');
print "Cache Cleared";
exit;
}
} else {
if (ALLOW_CAS_AUTHENTICATION) {
/*********************************************************
* Do proxy authentication and return an error state if
* authentication fails.
*********************************************************/
// set debug mode
phpCAS::setDebug('/tmp/phpCAS_directory.log');
// initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, CAS_HOST, CAS_PORT, CAS_PATH, false);
// no SSL validation for the CAS server
phpCAS::setNoCasServerValidation();
// force CAS authentication
phpCAS::forceAuthentication();
// If we are being proxied, limit the the attributes to those allowed to
// be passed to the proxying application. As defined in the CAS Protocol
// http://www.jasig.org/cas/protocol
// The first proxy listed is the most recent in the request chain. Limit
// to that services' allowed attributes.
$proxies = phpCAS::getProxies();
if (count($proxies)) {
$proxy = $proxies[0];
} else {
public static function init()
{
\phpCAS::setDebug('assets/cas.log');
\phpCAS::client(CAS_VERSION_2_0, CAS_HOST, CAS_PORT, CAS_PATH);
\phpCAS::setNoCasServerValidation();
}
protected function initCAS()
{
global $ilSetting;
include_once "./Services/CAS/lib/CAS.php";
$this->server_version = CAS_VERSION_2_0;
$this->server_hostname = $ilSetting->get('cas_server');
$this->server_port = (int) $ilSetting->get('cas_port');
$this->server_uri = (string) $ilSetting->get('cas_uri');
phpCAS::setDebug();
phpCAS::client($this->server_version, $this->server_hostname, $this->server_port, $this->server_uri);
phpCAS::setNoCasServerValidation();
}
foreach ($DB_TAB as $DB_ROW) {
${$DB_ROW['parametre_nom']} = $DB_ROW['parametre_valeur'];
}
if ($connexion_mode == 'normal') {
exit_error('Configuration manquante', 'Etablissement non paramétré par l\'administrateur pour utiliser un service d\'authentification externe.<br />Un administrateur doit renseigner cette configuration dans le menu [Paramétrages][Mode d\'identification].');
}
// ////////////////////////////////////////////////////////////////////////////////////////////////////
// Déconnexion avec le protocole CAS
// ////////////////////////////////////////////////////////////////////////////////////////////////////
if ($connexion_mode == 'cas') {
// Pour tester, cette méthode statique créé un fichier de log sur ce qui se passe avec CAS
if (DEBUG_PHPCAS) {
if (HEBERGEUR_INSTALLATION == 'mono-structure' || !PHPCAS_ETABL_ID_LISTING || strpos(PHPCAS_ETABL_ID_LISTING, ',' . $BASE . ',') !== FALSE) {
$fichier_nom_debut = 'debugcas_' . $BASE;
$fichier_nom_fin = fabriquer_fin_nom_fichier__pseudo_alea($fichier_nom_debut);
phpCAS::setDebug(PHPCAS_CHEMIN_LOGS . $fichier_nom_debut . '_' . $fichier_nom_fin . '.txt');
}
}
// Initialiser la connexion avec CAS ; le premier argument est la version du protocole CAS ; le dernier argument indique qu'on utilise la session existante
phpCAS::client(CAS_VERSION_2_0, $cas_serveur_host, (int) $cas_serveur_port, $cas_serveur_root, FALSE);
phpCAS::setLang(PHPCAS_LANG_FRENCH);
// Surcharge éventuelle des URL
if ($cas_serveur_url_login) {
phpCAS::setServerLoginURL($cas_serveur_url_login);
}
if ($cas_serveur_url_logout) {
phpCAS::setServerLogoutURL($cas_serveur_url_logout);
}
if ($cas_serveur_url_validate) {
phpCAS::setServerServiceValidateURL($cas_serveur_url_validate);
}
* PHP Version 5 * * @file example_logout.php * @category Authentication * @package PhpCAS * @author Joachim Fritschi <*****@*****.**> * @author Adam Franco <*****@*****.**> * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 * @link https://wiki.jasig.org/display/CASC/phpCAS */ // Load the settings from the central config file require_once 'config.php'; // Load the CAS lib require_once $phpcas_path . '/CAS.php'; // Enable debugging phpCAS::setDebug(); // Enable verbose error messages. Disable in production! phpCAS::setVerbose(true); // Initialize phpCAS phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context); // For production use set the CA certificate that is the issuer of the cert // on the CAS server and uncomment the line below // phpCAS::setCasServerCACert($cas_server_ca_cert_path); // For quick testing you can disable SSL validation of the CAS server. // THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION. // VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL! phpCAS::setNoCasServerValidation(); // handle incoming logout requests phpCAS::handleLogoutRequests(); // Or as an advanced featue handle SAML logout requests that emanate from the // CAS host exclusively.
<?php
include_once 'phpCAS/CAS.php';
phpCAS::setDebug("/tmp/cas.log");
phpCAS::client(CAS_VERSION_2_0, 'fed.princeton.edu', 443, 'cas');
// force CAS authentication
phpCAS::setNoCasServerValidation();
phpCAS::setFixedServiceURL(BASE_URL . "admin");
if (!phpCAS::checkAuthentication()) {
phpCAS::forceAuthentication();
}
if (isset($_REQUEST['logout'])) {
phpCAS::logout();
}
$loginUsername = phpCAS::getUser();
//$loginUsername = "******";
#mysql_select_db($database_Locator, $Locator);
$LoginRS__query = sprintf("SELECT username_usr, level_usr FROM lctr_User_usr WHERE username_usr='******'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername));
$LoginRS = $dbconnects["stage"]->query($LoginRS__query) or die(mysql_error());
$loginFoundUser = $LoginRS->num_rows;
if (!$loginFoundUser) {
header("Location: denied.php");
}
