Re: [cas-user] command-line phpCAS client

Romov, Phil Thu, 04 Jun 2015 10:23:13 -0700

So I’ve followed http://jasig.github.io/cas/4.0.x/protocol/REST-Protocol.html 
and edited pom.xml and web.xml (the latter one in tomcat/webapps/cas/WEB-INF 
not in tomcat/conf, not sure if that matters)


But if I try to open /cas/v1/tickets for example it redirects me to /cas/login

What gives?

Thanks
Phil

From: Aaron Grant <[email protected]<mailto:[email protected]>>
Reply-To: "[email protected]<mailto:[email protected]>" 
<[email protected]<mailto:[email protected]>>
Date: Thursday, June 4, 2015 at 10:23 AM
To: "[email protected]<mailto:[email protected]>" 
<[email protected]<mailto:[email protected]>>
Subject: Re: [cas-user] command-line phpCAS client

I'd take a look at the CAS REST API. This might help you out. Note the warning 
on the documentation and protect yourself from any bruce force attacks in you 
enable this (i.e. add locking for multiple incorrect authentications).

http://jasig.github.io/cas/4.0.x/protocol/REST-Protocol.html

On Thu, Jun 4, 2015 at 10:00 AM, Romov, Phil 
<[email protected]<mailto:[email protected]>> wrote:
Hi all,
I want to make a small proof of concept app but first I want to make sure I’m 
not completely off base

I’ve been able to get phpCAS client working with code igniter, but that’s a 
webapp

When I make a simple php cli app (using example_simple.php for starters, code 
pasted below) it gets as far as phpCAS::forceAuthentication() but then it gives 
me:
(IP is blanked out by me)

<html><head><title>CAS Authentication wanted!</title></head><body><h1>CAS 
Authentication wanted!</h1><p>You should already have been redirected to the 
CAS server. Click <a 
href="https://##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A";>here</a> to 
continue.</p><hr><address>phpCAS 1.3.3+ using server <a 
href="https://##.##.##.##:8443/cas/";>https://##.##.##.##:8443/cas/</a> (CAS 
2.0)</a></address></body></html>imac-dd:cas promov$

Is it possible to make a command line sso app like this?  Should I be using 
REST instead?  Something else?

Thanks,
Phil



<?php


date_default_timezone_set('America/New_York');


$cas_host = ‘##.##.##.##’;  //actual IP blanked out in this email

$cas_port = 8443;

$cas_context = '/cas';


require_once('phpCAS/CAS.php');


phpCAS::setDebug();


phpCas::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);


// DEBUG ONLY, do not use this toggle in production

phpCAS::setNoCasServerValidation();


echo "Trying forceAuthentication()...\n";

phpCAS::forceAuthentication();


echo "User:        ".phpCAS::getUser()."\n";

echo "CAS version: ".phpCAS::getVersion()."\n";


// phpCAS::logout();


Debug log:


8A31 .START (2015-06-04 09:55:30) phpCAS-1.3.3+ ****************** [CAS.php:448]

8A31 .=> phpCAS::client('2.0', ‘##.##.##.##', 8443, '/cas') [app.php:13]

8A31 .|    => CAS_Client::__construct('2.0', false, ‘##.##.##.##', 8443, 
'/cas', true) [CAS.php:341]

8A31 .|    |    Starting a new session 9aca782b40a475a5e184850ebff3303c 
[Client.php:906]

8A31 .|    <= ''

8A31 .<= ''

8A31 .=> phpCAS::setNoCasServerValidation() [app.php:16]

8A31 .|    You have configured no validation of the legitimacy of the cas 
server. This is not recommended for production use. [CAS.php:1563]

8A31 .<= ''

8A31 .=> phpCAS::forceAuthentication() [app.php:19]

8A31 .|    => CAS_Client::forceAuthentication() [CAS.php:1025]

8A31 .|    |    => CAS_Client::isAuthenticated() [Client.php:1248]

8A31 .|    |    |    => CAS_Client::_wasPreviouslyAuthenticated() 
[Client.php:1359]

8A31 .|    |    |    |    no user found [Client.php:1601]

8A31 .|    |    |    <= false

8A31 .|    |    |    no ticket found [Client.php:1460]

8A31 .|    |    <= false

8A31 .|    |    => CAS_Client::redirectToCas(false) [Client.php:1257]

8A31 .|    |    |    => CAS_Client::getServerLoginURL(false, false) 
[Client.php:1622]

8A31 .|    |    |    |    => CAS_Client::getURL() [Client.php:342]

8A31 .|    |    |    |    |    Final URI: http://: [Client.php:3491]

8A31 .|    |    |    |    <= 'http://:'

8A31 .|    |    |    <= 
'https://##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A'

8A31 .|    |    |    Redirect to : 
https://##.##.##.##:8443/cas/login?service=http%3A%2F%2F%3A [Client.php:1629]

8A31 .|    |    |    exit()

8A31 .|    |    |    -

8A31 .|    |    -

8A31 .|    -


--
You are currently subscribed to 
[email protected]<mailto:[email protected]> as: 
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user




--
Aaron Grant
Senior Applications Architect
Oakland University - UTS<http://oakland.edu/uts>


--
You are currently subscribed to 
[email protected]<mailto:[email protected]> as: 
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Re: [cas-user] command-line phpCAS client

Reply via email to