CAS Authentication Loop

Information and discussion on Server Side Includes and PHP and ASP variants.

Moderators: rcrisler1, saltybeagle

CAS Authentication Loop

Postby s-mweinga1 » Fri Jan 30, 2009 11:22 am

I am testing out CAS Authentication for part of a feature I am developing. I DLed the phpCAS from ja-sig and dropped it into my "test" directory (such that CAS.php was in /test/CAS.php). I then copied the following test page to use it the authentication:
Code: Select all
<?php

//
// phpCAS proxied client (service) with sessioning
//

// import phpCAS lib
include_once('CAS.php');

// set debug mode
phpCAS::setDebug();
echo "heelo";

// initialize phpCAS
phpCAS::client(CAS_VERSION_2_0,'login.unl.edu',443,'/cas');

// no SSL validation for the CAS server
phpCAS::setNoCasServerValidation();

// force CAS authentication
phpCAS::forceAuthentication();

//phpCAS::isAuthenticated();

// at this step, the user has been authenticated by the CAS server
// and the user's login name can be read with phpCAS::getUser().

// for this test, simply print that the authentication was successfull
echo '<p>The user\'s login is <b>'.phpCAS::getUser().'</b>.</p>';

// increment the number of requests of the session and print it
echo '<p>request #'.(++$_SESSION\['n'\]).'</p>';

?>


When entering the site, it works well, redirecting to login.unl.edu/cas. However after the login, the system gets caught in a loop. phpCAS::forceAuthenication() is the culprit. phpCAS::isAuthenticated() always returns false . What is my problem?

http://engineering.unl.edu/test/alex.php
s-mweinga1
 
Posts: 2
Joined: Fri Jan 30, 2009 11:13 am

Postby saltybeagle » Mon Feb 02, 2009 6:02 pm

Take a look at the log from phpcas and from PHP and see if that has any info. If you're in a redirect loop, that means that you aren't catching the ticket and validating it.

You could also try another CAS library, like SimpleCAS:
http://code.google.com/p/simplecas/
Brett Bieber
Image
saltybeagle
 
Posts: 376
Joined: Fri Jan 16, 2004 3:10 pm
Location: 321 Admin

Postby jthiltges2 » Mon Feb 02, 2009 6:34 pm

I tried your sample code and it worked for me (using both the 1.0.1 and trunk phpCAS clients).

I'd double-check that the session handling is working. And then as Brett mentioned, check the CAS and webserver error logs. On linux, the CAS log is at /tmp/phpCAS.log.
jthiltges2
 
Posts: 1
Joined: Mon Feb 02, 2009 6:27 pm

Postby s-mweinga1 » Tue Feb 03, 2009 4:15 pm

I realized that the server isn't configured with "--with-dom" Would this be the source of the problem? I am guessing it is, but I don't want to tell my boss that it is unless I am sure.

I can't use SimpleCAS, as the server is running php4.

I don't have access to /tmp. :? So I can't check that information very easily.

Thanks for you help so far.
s-mweinga1
 
Posts: 2
Joined: Fri Jan 30, 2009 11:13 am


Return to PHP, ASP, mod_include

Who is online

Users browsing this forum: No registered users and 1 guest

cron