4 * Example for proxied service with session support and POST support
8 * @file example_service_POST.php
9 * @category Authentication
11 * @author Joachim Fritschi <jfritschi@freenet.de>
12 * @author Adam Franco <afranco@middlebury.edu>
13 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
14 * @link https://wiki.jasig.org/display/CASC/phpCAS
17 // Load the settings from the central config file
18 require_once 'config.php';
20 require_once $phpcas_path . '/CAS.php';
22 // Uncomment to enable debugging
26 phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);
28 // For production use set the CA certificate that is the issuer of the cert
29 // on the CAS server and uncomment the line below
30 // phpCAS::setCasServerCACert($cas_server_ca_cert_path);
32 // For quick testing you can disable SSL validation of the CAS server.
33 // THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION.
34 // VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL!
35 phpCAS::setNoCasServerValidation();
37 // If you want your service to be proxied you have to enable it (default
38 // disabled) and define an accepable list of proxies that are allowed to
39 // proxy your service.
41 // Add each allowed proxy definition object. For the normal CAS_ProxyChain
42 // class, the constructor takes an array of proxies to match. The list is in
43 // reverse just as seen from the service. Proxies have to be defined in reverse
44 // from the service to the user. If a user hits service A and gets proxied via
45 // B to service C the list of acceptable on C would be array(B,A). The definition
46 // of an individual proxy can be either a string or a regexp (preg_match is used)
47 // that will be matched against the proxy list supplied by the cas server
48 // when validating the proxy tickets. The strings are compared starting from
49 // the beginning and must fully match with the proxies in the list.
51 // phpCAS::allowProxyChain(new CAS_ProxyChain(array(
52 // 'https://app.example.com/'
54 // phpCAS::allowProxyChain(new CAS_ProxyChain(array(
55 // '/^https:\/\/app[0-9]\.example\.com\/rest\//',
56 // 'http://client.example.com/'
58 phpCAS::allowProxyChain(new CAS_ProxyChain(array($pgtUrlRegexp)));
60 // For quick testing or in certain production screnarios you might want to
61 // allow allow any other valid service to proxy your service. To do so, add
63 // phpcas::allowProxyChain(new CAS_ProxyChain_Any);
64 // THIS SETTING IS HOWEVER NOT RECOMMENDED FOR PRODUCTION AND HAS SECURITY
65 // IMPLICATIONS: YOU ARE ALLOWING ANY SERVICE TO ACT ON BEHALF OF A USER
67 //phpcas::allowProxyChain(new CAS_ProxyChain_Any);
69 // force CAS authentication
70 phpCAS::forceAuthentication();
72 if ($_SERVER['REQUEST_METHOD'] != 'POST') {
73 header('HTTP/1.1 400 Bad Request');
75 "<h1>I only respond to POST requests. This is a "
76 . $_SERVER['REQUEST_METHOD'] . " request.</h1>";
79 if (empty($_POST['favorite_color'])) {
80 header('HTTP/1.1 400 Bad Request');
81 print '<h1>You must post a <strong>favorite_color</strong>.</h1>';
85 print '<h1>I am a service that responds to POST requests.</h1>';
87 // at this step, the user has been authenticated by the CAS server
88 // and the user's login name can be read with phpCAS::getUser().
89 require 'script_info.php';
91 // for this test, simply print that the authentication was successfull
92 echo '<p>The user\'s login is <b>' . phpCAS::getUser() . '</b>.</p>';
95 '<h1>Your favorite color is ' . htmlentities($_POST['favorite_color'])
98 // increment the number of requests of the session and print it
99 if (!isset($_SESSION['n'])) {
102 echo '<p>request #' . (++$_SESSION['n']) . '</p>';
fnp / piwik-CASLogin.git / blob