Skip to content

alysisLeonis/qa-external-cas

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
config.example.php
config.example.php
 
 
logout.php
logout.php
 
 
qa-external-users.php
qa-external-users.php
 
 

Repository files navigation

qa-external-cas

A custom single sign-on with CAS for Question2Answer. Unlike qa-external-casldap this external authentication plugin does not use ldap, but instead stores created and updated user data directly in the Q2A database.

The functionality of this plugin is not based on qa-external-casldap, but the phpCAS part should behave quite similar. On the contrary, configurations of both these plugins match (except the ldap part of course) to support exchangeability and reusability. Big thanks to brenard for that plugin.

Dependencies

phpCAS

You can get the code here and read the documentation here.

Installation

  • make sure that phpCAS is existing
  • copy the qa-external-cas folder in you app root (i.e. "question2answer")
  • consult the qa-config.php and set external user to true: define('QA_EXTERNAL_USERS', true);
  • use a symlink to point to the external user plugin of your choice: ln -s qa-external-cas qa-external
  • add your configuration
    • copy qa-external-cas/config.example.php to qa-external-cas/config.php: cp qa-external-cas/config.example.php qa-external-cas/config.php
    • configure it.

Configuration

This is based on qa-external-casldap and enhanced with custom field names for the CAS user data (e.g. "additional attributes" when configured with rubyCAS/LDAP)

  • CAS_HOST : Hostname of CAS server (ex : cas.example.com)
  • CAS_PORT : HTTP (or HTTPS) port of CAS server (ex : 443)
  • CAS_CTX : URL context path of CAS server (ex: /cas)
  • CAS_VER : CAS protocol version. Possible values : CAS_VERSION_1_0 or CAS_VERSION_2_0
  • CAS_CA_CERT_FILE : SSL certificate path of CAS server. If empty, the SSL certificate will not be validated.
  • $CAS_USERS_ROLE : PHP array listing specific user role. Users's role must be define using Q2A constant : QA_USER_LEVEL_BASIC, QA_USER_LEVEL_EDITOR, QA_USER_LEVEL_ADMIN, QA_USER_LEVEL_SUPER (ex : array('user1' => QA_USER_LEVEL_SUPER,'user2' => QA_USER_LEVEL_EDITOR))
  • CAS_DEFAULT_USER_ROLE : User default role define using Q2A constant (see $CAS_USERS_ROLE)

Additional configuration:

  • CAS_SERVICE_LOGIN : relative, absolute path or FQDN url to you CAS login service
  • CAS_SERVICE_LOGOUT : relative, absolute path or FQDN url to you CAS logout service
  • CAS_ATTRIBUTE_MAIL : defines the name of the mail attribute retrieved by CAS. See your CAS server configuration and the example.config for more info. Defaults to "mail"
  • CAS_ATTRIBUTE_FULLNAME : defines the name of the "full name" attribute retrieved by CAS. Defaults to "cn"

Question2Answer

About

A custom single sign-on with CAS for Question2Answer

Resources

Readme

License

GPL-2.0 license
Activity
Custom properties

Stars

6 stars

Watchers

9 watching

Forks

3 forks
Report repository

Releases 1

qa-external-cas Latest
Jun 23, 2014

Packages

No packages published

Contributors 2

  •  
  •  

Languages