|
static | client ($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true, \SessionHandlerInterface $sessionHandler=null) |
|
static | proxy ($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true, \SessionHandlerInterface $sessionHandler=null) |
|
static | isInitialized () |
|
static | setLogger ($logger=null) |
|
static | setDebug ($filename='') |
|
static | setVerbose ($verbose) |
|
static | getVerbose () |
|
static | log ($str) |
|
static | error ($msg) |
|
static | trace ($str) |
|
static | traceBegin () |
|
static | traceEnd ($res='') |
|
static | traceExit () |
|
static | setLang ($lang) |
|
static | getVersion () |
|
static | getSupportedProtocols () |
|
static | setHTMLHeader ($header) |
|
static | setHTMLFooter ($footer) |
|
static | setPGTStorage ($storage) |
|
static | setPGTStorageDb ($dsn_or_pdo, $username='', $password='', $table='', $driver_options=null) |
|
static | setPGTStorageFile ($path='') |
|
static | getProxiedService ($type) |
|
static | initializeProxiedService (CAS_ProxiedService $proxiedService) |
|
static | serviceWeb ($url, & $err_code, & $output) |
|
static | serviceMail ($url, $service, $flags, & $err_code, & $err_msg, & $pt) |
|
static | setCacheTimesForAuthRecheck ($n) |
|
static | setCasAttributeParserCallback ($function, array $additionalArgs=array()) |
|
static | setPostAuthenticateCallback ($function, array $additionalArgs=array()) |
|
static | setSingleSignoutCallback ($function, array $additionalArgs=array()) |
|
static | checkAuthentication () |
|
static | forceAuthentication () |
|
static | renewAuthentication () |
|
static | isAuthenticated () |
|
static | isSessionAuthenticated () |
|
static | getUser () |
|
static | getAttributes () |
|
static | hasAttributes () |
|
static | hasAttribute ($key) |
|
static | getAttribute ($key) |
|
static | handleLogoutRequests ($check_client=true, $allowed_clients=array()) |
|
static | getServerLoginURL () |
|
static | setServerLoginURL ($url='') |
|
static | setServerServiceValidateURL ($url='') |
|
static | setServerProxyValidateURL ($url='') |
|
static | setServerSamlValidateURL ($url='') |
|
static | getServerLogoutURL () |
|
static | setServerLogoutURL ($url='') |
|
static | logout ($params="") |
|
static | logoutWithRedirectService ($service) |
|
static | logoutWithUrl ($url) |
|
static | logoutWithRedirectServiceAndUrl ($service, $url) |
|
static | setFixedCallbackURL ($url='') |
|
static | setFixedServiceURL ($url) |
|
static | getServiceURL () |
|
static | retrievePT ($target_service, & $err_code, & $err_msg) |
|
static | setCasServerCACert ($cert, $validate_cn=true) |
|
static | setNoCasServerValidation () |
|
static | setNoClearTicketsFromUrl () |
|
static | setExtraCurlOption ($key, $value) |
|
static | setSessionIdSalt ($salt) |
|
static | allowProxyChain (CAS_ProxyChain_Interface $proxy_chain) |
|
static | getProxies () |
|
static | addRebroadcastNode ($rebroadcastNodeUrl) |
|
static | addRebroadcastHeader ($header) |
|
static | getCasClient () |
|
static | setCasClient (\CAS_Client $client) |
|
The phpCAS class is a simple container for the phpCAS library. It provides CAS authentication for web applications written in PHP.
- Examples:
- example_custom_urls.php, example_gateway.php, example_html.php, example_lang.php, example_logout.php, example_pgt_storage_db.php, example_pgt_storage_file.php, example_proxy_GET.php, example_proxy_POST.php, example_proxy_serviceWeb.php, example_proxy_serviceWeb_chaining.php, example_service_that_proxies.php, and example_simple.php.
Definition at line 281 of file CAS.php.
If you want your service to be proxied you have to enable it (default disabled) and define an accepable list of proxies that are allowed to proxy your service.
Add each allowed proxy definition object. For the normal CAS_ProxyChain class, the constructor takes an array of proxies to match. The list is in reverse just as seen from the service. Proxies have to be defined in reverse from the service to the user. If a user hits service A and gets proxied via B to service C the list of acceptable on C would be array(B,A). The definition of an individual proxy can be either a string or a regexp (preg_match is used) that will be matched against the proxy list supplied by the cas server when validating the proxy tickets. The strings are compared starting from the beginning and must fully match with the proxies in the list. Example: phpCAS::allowProxyChain(new CAS_ProxyChain(array( 'https://app.example.com/' ))); phpCAS::allowProxyChain(new CAS_ProxyChain(array( '/^https:\/\/app[0-9].example.com\/rest\//', 'http://client.example.com/' )));
For quick testing or in certain production screnarios you might want to allow allow any other valid service to proxy your service. To do so, add the "Any" chain: phpCAS::allowProxyChain(new CAS_ProxyChain_Any); THIS SETTING IS HOWEVER NOT RECOMMENDED FOR PRODUCTION AND HAS SECURITY IMPLICATIONS: YOU ARE ALLOWING ANY SERVICE TO ACT ON BEHALF OF A USER ON THIS SERVICE.
- Parameters
-
- Returns
- void
- Examples:
- example_service.php, example_service_POST.php, and example_service_that_proxies.php.
Definition at line 1795 of file CAS.php.
References _validateClientExists(), CAS_VERSION_2_0, CAS_VERSION_3_0, error(), traceBegin(), and traceEnd().
static phpCAS::setSessionIdSalt |
( |
|
$salt | ) |
|
|
static |
Set a salt/seed for the session-id hash to make it harder to guess.
When $changeSessionID = true phpCAS will create a session-id that is derived from the service ticket. Doing so allows phpCAS to look-up and destroy the proper session on single-log-out requests. While the service tickets provided by the CAS server may include enough data to generate a strong hash, clients may provide an additional salt to ensure that session ids are not guessable if the session tickets do not have enough entropy.
- Parameters
-
string | $salt | The salt to combine with the session ticket. |
- Returns
- void
Definition at line 1752 of file CAS.php.
References _validateClientExists(), traceBegin(), and traceEnd().