My central IT folks have a CAS server (3.4.2.1)
They let me setup one and only one valid url for CAS. Yeah! It works great.
Problem is, I want every page in a directory to use CAS.
So what I tried to do was this (in a new page):
<?php
if (!isset($_SESSION['page'])) {
session_start();
$_SESSION['page'] = $_SERVER['PHP_SELF'];
header('Location: http://lawtech.pepperdine.edu/castest.html');
exit;
}
?>
Makes sense to me. If there is no session variable called page; start a
session, set the page variable and send the request over to the only page
on my server that can initiate a CAS request.
Then in the only page I am allowed to use CAS with, I do this:
<?php
require_once($_SERVER['DOCUMENT_ROOT'].'/cas/CAS.php');
phpCAS::client(CAS_VERSION_2_0, 'cas.pepperdine.edu', 8443, 'cas');
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
if (isset($_REQUEST['logout'])) {
phpCAS::logout();
} elseif (isset($_SESSION['page'])) {
header('Location: http://lawtech.pepperdine.edu/'.$_SESSION['page']);
}
?>
To me this makes total sense. Do the CAS shuffle and if we want to logout,
do that. Otherwise, if we have a session variable called page, go back
there.
The problem is that this sets up some sort of bizarre loop. It should be
impossible. isset($_SESSION['page']) != !isset($_SESSION['page'])
One of those ifs MUST fail and so not create a loop.
Any ideas?
--
David Dickens, Consulting Technologist and Systems Architect
Pepperdine University School of Law / 310-506-4047
Follow along at LawTech
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
