Hello Joachim, Thanks for the response.
The CAS server doesn't send logout requests to gateway CAS clients, so there is no point of putting "phpCAS::handleLogoutRequests();". The renewAuthentication() function will redirect you to CAS every time. I'm wanting the gateway functionality, where if the user is authenticated already then phpCAS does the handshake and returns the user, but if not authenticated don't redirect to CAS login. I'd like a way to do this gateway functionality every time the abc.com page is loaded (ie. Check authentication against the CAS server every time, but not force user to be authenticated). Thanks, Matt On 11/14/10 3:09 AM, "Joachim Fritschi" <[email protected]> wrote: Please have a look at the documentation [1] how to handle logout requests. Using the gateway feature _does_ work with the logout request. As far as i can tell from your code snippet you are missing the phpCAS::handleLogoutRequests(); that would handle the incoming logout request. Aside from that you can try using the phpCAS::renewAuthentication() function that will reauthenticate your phpcas session with a new ticket from the cas server. The function phpCAS::setCacheTimesForAuthRecheck(0) you are using only "works" for non authenticated users. It's used to set how often a gatewayed page will recheck for an existing CAS session for an anonymous user. Best Regards, Joachim [1] https://wiki.jasig.org/display/CASC/phpCAS+examples#phpCASexamples-HandlelogoutrequestsfromtheCASserver Am 14.11.2010 03:10, schrieb Matthew Selwood: > I meant to include the snippet of my code performing the gateway: > > //initialize the CAS library require_once('CAS.php'); $CASAUTH = array( > "version" => "2.0", "proxy" => FALSE, "server" => "abc.com", "port" => > 8444, "uri" => "/cas", "start_session" => TRUE ); > phpCAS::client($CASAUTH["version"], $CASAUTH["server"], > $CASAUTH["port"], $CASAUTH["uri"], $CASAUTH["start_session"]); // no SSL > validation for the CAS server phpCAS::setNoCasServerValidation(); > phpCAS::setCacheTimesForAuthRecheck(0); $auth = > phpCAS::checkAuthentication(); > echo "authenticated: ".$auth; echo "phpCAS user: > ".$_SESSION['phpCAS']['user']; > > I'm always getting user A in my echo statement. > > Thanks again, > Matt > > On 11/13/10 5:47 PM, "Matthew Selwood" <[email protected]> wrote: > > Hello all, > > I'm having an issue using the gateway feature with phpCAS. > > Here's my scenario: > > 1. User A logs in to CAS and then goes to website abc.com which > is gateway'ing using phpCAS. PhpCAS stores the user as 'A' in > $_SESSION['phpCAS']['user']. > 2. User A now logs out of CAS. Note: no logout request is sent to > abc.com because it was using the gateway feature. > 3. On the same computer, user B logs in to CAS and then goes to > website abc.com. > 4. Website abc.com doesn't gateway back to CAS, because it still > has the $_SESSION['phpCAS']['user'] set to 'A'. > > > PhpCAS on website abc.com thinks user B is user A. > > How do you clear the session between each phpCAS gateway? Is the > only way to get around such an issue to gateway against the CAS > server each visit to website abc.com? > > Thanks, > Matt > > > ------------------------------- > Matthew Selwood > Web and Identity Services Developer - Web Services > University of Victoria > 250.472.5565 | [email protected]_ <_mailto:[email protected]_> | CLE C006 > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user ------------------------------- Matthew Selwood Web and Identity Services Developer - Web Services University of Victoria 250.472.5565 | [email protected] <mailto:[email protected]> | CLE C006 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
