Added support for CAS authentication
git-svn-id: https://rosehill.googlecode.com/svn/trunk@64 100bd78a-fc82-11de-b5bc-ffd2847a4b57
This commit is contained in:
parent
96572f37d4
commit
8fd7dd0210
|
@ -114,6 +114,35 @@ if (!defined('STDIN')) {
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* We now do single sign-on using CAS http://www.jasig.org/cas
|
||||||
|
*
|
||||||
|
* http://code.google.com/p/simplecas/
|
||||||
|
*
|
||||||
|
* SimpleCAS is a PHP library for handling the calls to the CAS service
|
||||||
|
* The version we're running right now has been modified to remove
|
||||||
|
* the depency on HTTP_Request2. Instead, it uses curl
|
||||||
|
*/
|
||||||
|
define('CAS','/var/www/libraries/SimpleCAS');
|
||||||
|
define('CAS_SERVER','cas.somewhere.org');
|
||||||
|
define('CAS_URI','cas');
|
||||||
|
define('CAS_COOKIE','cas_session');
|
||||||
|
define('CAS_DOMAIN','.localhost');
|
||||||
|
if (session_id()) {
|
||||||
|
if (!isset($_SESSION['USER']) && isset($_COOKIE[CAS_COOKIE])) {
|
||||||
|
require_once CAS.'/SimpleCAS/Autoload.php';
|
||||||
|
$options = array('hostname'=>CAS_SERVER,'uri'=>CAS_URI);
|
||||||
|
$protocol = new SimpleCAS_Protocol_Version2($options);
|
||||||
|
$client = SimpleCAS::client($protocol);
|
||||||
|
$client->forceAuthentication();
|
||||||
|
|
||||||
|
if ($client->isAuthenticated()) {
|
||||||
|
$user = new User($client->getUsername());
|
||||||
|
$user->startNewSession();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Load the Zend_Acl
|
* Load the Zend_Acl
|
||||||
* Access control is going to handled using the Zend_Acl
|
* Access control is going to handled using the Zend_Acl
|
||||||
|
|
|
@ -1,9 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
* Logs a user into the system.
|
* Logs a user into the system using CAS
|
||||||
*
|
|
||||||
* A logged in user will have a $_SESSION['USER']
|
|
||||||
* $_SESSION['IP_ADDRESS']
|
|
||||||
*
|
*
|
||||||
* @copyright 2006-2010 City of Bloomington, Indiana
|
* @copyright 2006-2010 City of Bloomington, Indiana
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
|
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
|
||||||
|
@ -14,17 +11,15 @@ if (isset($_REQUEST['return_url'])) {
|
||||||
}
|
}
|
||||||
require_once '/var/www/libraries/SimpleCAS/SimpleCAS/Autoload.php';
|
require_once '/var/www/libraries/SimpleCAS/SimpleCAS/Autoload.php';
|
||||||
|
|
||||||
$options = array('hostname'=>'bandit.bloomington.in.gov',
|
$options = array('hostname'=>CAS_SERVER,'uri'=>CAS_URI);
|
||||||
'uri'=>'cas');
|
|
||||||
$protocol = new SimpleCAS_Protocol_Version2($options);
|
$protocol = new SimpleCAS_Protocol_Version2($options);
|
||||||
|
|
||||||
$client = SimpleCAS::client($protocol);
|
$client = SimpleCAS::client($protocol);
|
||||||
$client->forceAuthentication();
|
$client->forceAuthentication();
|
||||||
|
|
||||||
if ($client->isAuthenticated()) {
|
if ($client->isAuthenticated()) {
|
||||||
$user = new User($client->getUsername());
|
$user = new User($client->getUsername());
|
||||||
$user->startNewSession();
|
$user->startNewSession();
|
||||||
setcookie('cas_session','true',0,'/','.bloomington.in.gov');
|
setcookie(CAS_COOKIE,'true',0,'/',CAS_DOMAIN);
|
||||||
|
|
||||||
if (isset($_SESSION['return_url'])) {
|
if (isset($_SESSION['return_url'])) {
|
||||||
header('Location: '.$_SESSION['return_url']);
|
header('Location: '.$_SESSION['return_url']);
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
* Logs a user into the system.
|
* Logs a user into the system using this application's internal authentication
|
||||||
*
|
|
||||||
* A logged in user will have a $_SESSION['USER']
|
|
||||||
*
|
*
|
||||||
* @copyright 2006-2009 City of Bloomington, Indiana
|
* @copyright 2006-2009 City of Bloomington, Indiana
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
|
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
|
||||||
|
|
|
@ -1,9 +1,21 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
* Logs a user out of the system
|
* Logs a user out of the system
|
||||||
* @copyright 2008 City of Bloomington, Indiana
|
*
|
||||||
|
* @copyright 2008-2010 City of Bloomington, Indiana
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
|
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
|
||||||
* @author Cliff Ingham <inghamn@bloomington.in.gov>
|
* @author Cliff Ingham <inghamn@bloomington.in.gov>
|
||||||
*/
|
*/
|
||||||
|
if (isset($_COOKIE[CAS_COOKIE])) {
|
||||||
|
setcookie(CAS_COOKIE,'true',time()-3600,'/',CAS_DOMAIN);
|
||||||
|
|
||||||
|
require_once CAS.'/SimpleCAS/Autoload.php';
|
||||||
|
|
||||||
|
$options = array('hostname'=>CAS_SERVER,'uri'=>CAS_URI);
|
||||||
|
$protocol = new SimpleCAS_Protocol_Version2($options);
|
||||||
|
$client = SimpleCAS::client($protocol);
|
||||||
|
$client->logout(BASE_URL);
|
||||||
|
}
|
||||||
|
|
||||||
session_destroy();
|
session_destroy();
|
||||||
header('Location: '.BASE_URL);
|
header('Location: '.BASE_URL);
|
||||||
|
|
Loading…
Reference in New Issue