Yale Cas Client开发实例
2012-07-13 17:27:31   来源：我爱运维网   评论：0 点击：

// Advanced example for SAML with attributes and single logout

 

include_once('conf/cas_config.php');

// Load the CAS lib

include_once($phpcas_path.'/CAS.php');

 

// Uncomment to enable debugging

phpCAS::setDebug();

    

// Initialize phpCAS

phpCAS::client(SAML_VERSION_1_1, $cas_host, $cas_port, $cas_context);

    

// For production use set the CA certificate that is the issuer of the cert 

// on the CAS server and uncomment the line below

//phpCAS::setCasServerCACert($cas_server_ca_cert_path);

 

// For quick testing you can disable SSL validation of the CAS server. 

// THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION. 

// VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL! 

phpCAS::setNoCasServerValidation();

 

// Handle SAML logout requests that emanate from the CAS host exclusively.

// Failure to restrict SAML logout requests to authorized hosts could

// allow denial of service attacks where at the least the server is

// tied up parsing bogus XML messages.

phpCAS::handleLogoutRequests(true, $cas_real_hosts);

 

// Force CAS authentication on any page that includes this file

phpCAS::forceAuthentication();

 

 

// logout if desired

if (isset($_REQUEST['logout'])) {

        phpCAS::logout();

}

 

?>

<h2>Secure Page</h2>

<?php include 'script_info.php' ?>

 

Authentication succeeded for user

<strong><?php echo phpCAS::getUser(); ?></strong>.

 

<h3>User Attributes</h3>

<ul>

<?php

foreach (phpCAS::getAttributes() as $key => $value) {

if (is_array($value)) {

echo '<li>', $key, ':<ol>';

foreach($value as $item) {

      echo '<li><strong>', $item, '</strong></li>';

    }

echo '</ol></li>';

} else {

    echo '<li>', $key, ': <strong>', $value, '</strong></li>';

  }

}

?>

</ul>

 <p><a href="?logout=">Logout</a></p>​