#1991 CAS Authentication

v1.9.1
open
nobody
5
2012-12-08
2005-10-12
Jacquot Frederic
No

To make it work, I had to patch tikiwiki a little bit :

1/ In tiki-login.php, I commented a block of code which
prevented CAS authentication (because no login or
password is sent) :

$bypass_siteclose_check = 'y';
require_once('tiki-setup.php');
/*
if (!(isset($_REQUEST['user']) or
isset($_REQUEST['username']))) {
header("Location: tiki-login_scr.php");
die;
}*/
// Alert user if cookies are switched off
if (ini_get('session.use_cookies') == 1) {

This is a quick fix to make CAS work but it certainly
breaks the other authentication methods.

2/ In tiki-login.php, I replaced
phpCAS::authenticateIfNeeded() with
phpCAS::forceAuthentication() because the function
doesn't exist anymore in the lastest phpCAS versions.

3/ I unzipped a phpCAS release and rename the "CAS"
folder to "phpcas" and move it in the tikiwiki "/lib"
folder. This is trivial but not mentioned anywhere
(perhaps tikiwiki should include phpCAS).

That's all for the moment, it works really fine :)

Discussion