Skip to content
GitLab
Unverified Commit f40c5df1 authored by Côme Chilliet's avatar Côme Chilliet
Browse files

:sparkles: feat(cas) Add a verbose flag for CAS 

issue #6150
parent 258ea9c3
dev 6342-update-the-locales-for-1-5 6344-template-issue-when-creating-a-template-with-empty-password-error-message-should-not-be-seen 6365-core-locking-mechanism-is-not-changing-the-mail-ressource-it-does-lock-the-mail-account 6365-core-when-lock-mechanism-is-trigger-the-user-should-not-be-editable-if-not-unlock 6378-orcid-test-method-is-wrong-and-break-orcid-saving core-php8 master fusiondirectory-1.5 fusiondirectory-1.4
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 33 additions and 21 deletions
+33 -21
contrib/openldap/core-fd-conf.schema
+ 7
1
View file @ f40c5df1
...@@ -506,6 +506,12 @@ attributetype ( 1.3.6.1.4.1.38414.8.21.5 NAME 'fdCasContext' ...@@ -506,6 +506,12 @@ attributetype ( 1.3.6.1.4.1.38414.8.21.5 NAME 'fdCasContext'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE) SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.38414.8.21.6 NAME 'fdCasVerbose'
DESC 'FusionDirectory - CAS verbose flag'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
# merged from dashboard-fd.schema - Needed by Fusion Directory for dashboard options # merged from dashboard-fd.schema - Needed by Fusion Directory for dashboard options
attributetype ( 1.3.6.1.4.1.38414.27.1.1 NAME 'fdDashboardPrefix' attributetype ( 1.3.6.1.4.1.38414.27.1.1 NAME 'fdDashboardPrefix'
...@@ -619,7 +625,7 @@ objectclass ( 1.3.6.1.4.1.38414.8.2.1 NAME 'fusionDirectoryConf' ...@@ -619,7 +625,7 @@ objectclass ( 1.3.6.1.4.1.38414.8.2.1 NAME 'fusionDirectoryConf'
fdAclTabOnObjects $ fdDepartmentCategories $ fdAclTargetFilterLimit $ fdAclTabOnObjects $ fdDepartmentCategories $ fdAclTargetFilterLimit $
fdIncrementalModifierStates $ fdIncrementalModifierStates $
fdSslCaCertPath $ fdSslKeyPath $ fdSslCertPath $ fdSslCaCertPath $ fdSslKeyPath $ fdSslCertPath $
fdCasActivated $ fdCasServerCaCertPath $ fdCasHost $ fdCasPort $ fdCasContext $ fdCasActivated $ fdCasServerCaCertPath $ fdCasHost $ fdCasPort $ fdCasContext $ fdCasVerbose $
fdLoginMethod fdLoginMethod
) ) ) )
......
html/index.php
+ 1
12
View file @ f40c5df1
...@@ -50,18 +50,7 @@ if (isset($_REQUEST['signout']) && $_REQUEST['signout']) { ...@@ -50,18 +50,7 @@ if (isset($_REQUEST['signout']) && $_REQUEST['signout']) {
if (session::is_set('connected')) { if (session::is_set('connected')) {
$config = session::get('config'); $config = session::get('config');
if ($config->get_cfg_value('casActivated') == 'TRUE') { if ($config->get_cfg_value('casActivated') == 'TRUE') {
require_once('CAS.php'); LoginCAS::initCAS();
/* Move FD autoload after CAS autoload */
spl_autoload_unregister('__fusiondirectory_autoload');
spl_autoload_register('__fusiondirectory_autoload');
phpCAS::client(
CAS_VERSION_2_0,
$config->get_cfg_value('casHost', 'localhost'),
(int) $config->get_cfg_value('casPort', '443'),
$config->get_cfg_value('casContext', '')
);
// Set the CA certificate that is the issuer of the cert
phpCAS::setCasServerCACert($config->get_cfg_value('casServerCaCertPath'));
phpCAS::logout(); phpCAS::logout();
} }
$reason = 'Sign out'; $reason = 'Sign out';
......
include/login/class_LoginCAS.inc
+ 20
8
View file @ f40c5df1
...@@ -29,31 +29,43 @@ class LoginCAS extends LoginMethod ...@@ -29,31 +29,43 @@ class LoginCAS extends LoginMethod
return _('CAS'); return _('CAS');
} }
/*! \brief All login steps in the right order for CAS login */ /*! \brief Initialize phpCAS library */
static function loginProcess () static function initCAS ()
{ {
global $config, $message, $ui; global $config;
require_once('CAS.php'); require_once('CAS.php');
/* Move FD autoload after CAS autoload */ /* Move FD autoload after CAS autoload */
spl_autoload_unregister('__fusiondirectory_autoload'); spl_autoload_unregister('__fusiondirectory_autoload');
spl_autoload_register('__fusiondirectory_autoload'); spl_autoload_register('__fusiondirectory_autoload');
static::init(); if ($config->get_cfg_value('casVerbose') == 'TRUE') {
phpCAS::setVerbose(TRUE);
/* Reset error messages */ }
$message = '';
// Initialize phpCAS // Initialize phpCAS
phpCAS::client( phpCAS::client(
CAS_VERSION_2_0, CAS_VERSION_2_0,
$config->get_cfg_value('casHost', 'localhost'), $config->get_cfg_value('casHost', 'localhost'),
(int)($config->get_cfg_value('casPort', 443)), (int) ($config->get_cfg_value('casPort', 443)),
$config->get_cfg_value('casContext', '') $config->get_cfg_value('casContext', '')
); );
// Set the CA certificate that is the issuer of the cert // Set the CA certificate that is the issuer of the cert
phpCAS::setCasServerCACert($config->get_cfg_value('casServerCaCertPath')); phpCAS::setCasServerCACert($config->get_cfg_value('casServerCaCertPath'));
}
/*! \brief All login steps in the right order for CAS login */
static function loginProcess ()
{
global $config, $message, $ui;
static::init();
static::initCAS();
/* Reset error messages */
$message = '';
// force CAS authentication // force CAS authentication
phpCAS::forceAuthentication(); phpCAS::forceAuthentication();
......
plugins/config/class_configInLdap.inc
+ 5
0
View file @ f40c5df1
...@@ -243,6 +243,10 @@ class configInLdap extends simplePlugin ...@@ -243,6 +243,10 @@ class configInLdap extends simplePlugin
'fdCasContext', FALSE, 'fdCasContext', FALSE,
'/cas' '/cas'
), ),
new BooleanAttribute(
_('Verbose error'), _('Activate verbose errors in phpCAS. Avoid in production.'),
'fdCasVerbose', FALSE
),
] ]
], ],
'people_and_group' => [ 'people_and_group' => [
...@@ -505,6 +509,7 @@ class configInLdap extends simplePlugin ...@@ -505,6 +509,7 @@ class configInLdap extends simplePlugin
'fdCasHost', 'fdCasHost',
'fdCasPort', 'fdCasPort',
'fdCasContext', 'fdCasContext',
'fdCasVerbose',
], ],
'nonheader' => [ 'nonheader' => [
'fdHttpHeaderAuthHeaderName', 'fdHttpHeaderAuthHeaderName',
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment