Hi Pete and others,
I know this is not really MAGNet-specific, but since the post started
here, I'll reply here. I will also be putting this code on the CalNet
Developers site.
This code requires the use of the HTTP and Net classes from PEAR.
Alternatively, you can do this with the HTTP extensions to PHP
(<http://us.php.net/manual/en/ref.http.php>), but I do not have that
compiled into my version of PHP.
Also, in the example below, you need to make sure $thisService is the
fully-qualified URL of your service, including the http(s):// and the
page that is doing the request to CAS, e.g., "https://aws-
dev.berkeley.edu/cas-tests/authenticate.php".
A graphical view of how CAS works can be found here:
<https://calnet.berkeley.edu/developers/developerResources/cas/
CAS-Flow.pdf>
If you view that file in Preview instead of Acrobat, you can zoom it
properly.
Let me know if you have any questions.
-lucas
<?php
// Include the PEAR HTTP Request class
require_once "HTTP/Request.php";
// Set up some variables for CAS
$casService = 'https://auth-test.berkeley.edu/cas';
$thisService = '<fully-qualified URL for your service>';
/*
* Check to see if there is a ticket in the GET request.
* CAS uses "ticket" for the service ticket. Bad choice of words, but
* it is what CAS uses.
*
* If the ticket exists, validate it with CAS. If not, redirect the user
* to CAS.
*
* Of course, you will want to hook this in with your application's
* session management system, i.e., if you user already has a session,
* you don't want to do either of these two things.
*
*/
if ($_SERVER["REQUEST_METHOD"] && $_GET["ticket"]) {
if ($response = validTicket($_GET["ticket"])) {
if ($uid = getUid($response)) {
echo "The user is: $uid";
}
else {
echo "Could not get UID from response.";
}
}
else {
echo "The response was not valid.";
}
}
else {
header("Location: $casService/login?service=$thisService");
}
/*
* Returns the CAS response if the ticket is valid, and false if not.
*/
function validTicket($ticket) {
global $casService, $thisService;
$request = &new HTTP_Request("$casService/serviceValidate?ticket=
$ticket&service=$thisService");
$request->sendRequest();
$response = $request->getResponseBody();
if (preg_match('/cas:authenticationSuccess/', $response)) {
return $response;
}
else {
return false;
}
}
/*
* Returns the UID from the passed in response, or it
* returns false if there is no UID.
*/
function getUid($response) {
// Turn the response into an array
$a = preg_split("/\n/", $response);
// The UID is on the 3rd line of the response
$uid = strip_tags($a[2]);
if (is_numeric($uid)) {
return $uid;
}
else {
return false;
}
}
?>
On Dec 5, 2007, at 5:17 PM, Lucas Rockwell wrote:
> Pete,
>
> Well, my PHP is pretty rusty. I have the script done, but I want to
> double check it, so I will send it to the list in the morning.
>
> -lucas
>
> On Dec 5, 2007, at 2:27 PM, Pedro Alvarez Jr wrote:
>
>> Hi All,
>> Anyone out there experimenting with CAS and PHP 4.4.7 running on
>> Macintosh Server 10.4.11?
>> We're not having any luck using simple_example.php provided in the
>> download from either CAS .5.1 or CAS .6.0RC4
>> Any success stories out there? Any suggestions?
>> Thanks
>> Pete Alvarez
>> Student Learning Center
>> -
>> ---------------------------------------------------------------------
>> ----
>> The following was automatically added to this message by the list
>> server:
>> -
>> To learn more about MAGNet, including how to subscribe to or
>> unsubscribe
>> from its mailing list, please visit the MAGNet Web site:
>> -
>> http://magnet.berkeley.edu/
>> -
>> Messages you send to this mailing list are public and world-viewable,
>> and the list's archives can be browsed and searched on the Internet.
>> This means these messages can be viewed by (among others) your
>> bosses,
>> prospective employers, and people who have known you in the past.
>
> -
> ----------------------------------------------------------------------
> ---
> The following was automatically added to this message by the list
> server:
> -
> To learn more about MAGNet, including how to subscribe to or
> unsubscribe
> from its mailing list, please visit the MAGNet Web site:
> -
> http://magnet.berkeley.edu/
> -
> Messages you send to this mailing list are public and world-viewable,
> and the list's archives can be browsed and searched on the Internet.
> This means these messages can be viewed by (among others) your bosses,
> prospective employers, and people who have known you in the past.
-
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:
-
To learn more about MAGNet, including how to subscribe to or unsubscribe
from its mailing list, please visit the MAGNet Web site:
-
http://magnet.berkeley.edu/
-
Messages you send to this mailing list are public and world-viewable,
and the list's archives can be browsed and searched on the Internet.
This means these messages can be viewed by (among others) your bosses,
prospective employers, and people who have known you in the past.
Received on Thu Dec 06 2007 - 08:46:37 PST
This archive was generated by hypermail 2.2.0 : Thu Dec 06 2007 - 08:46:38 PST