2012-05-28 01:57
浏览 232

Mod Auth CAS两个登录系统

I need to support a Universities CAS Authentication system. This is simple with mod_auth_cas on Apache2 and is working fine.

We now need to add non university users to the system. This in effect means we need to support two login systems. The second login system is our own custom flavor that just auths users via POST to PHP.

It seems this is an impossible environment to setup. Any tips?

图片转代码服务由CSDN问答提供 功能建议

我需要支持大学CAS认证系统。 使用Apache2上的mod_auth_cas很简单,工作正常。

我们现在需要将非大学用户添加到系统中。 这实际上意味着我们需要支持两个登录系统。 第二个登录系统是我们自己的自定义风格,它只是通过POST授权用户到PHP。

这似乎是一个不可能的设置环境。 有什么提示吗?

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dongshui2254 2012-05-30 05:22

    The solution turned out to be phpCAS.

    Using regular mod_auth_cas you are jailing entire locations behind CAS with no way to optionally disable it.

    Using phpCAS you can perform the authentication OPTIONALLY in a php file.

    All my php files are communicated to via ajax POST GET requests, so the login mechanism needed to prevent access to these files if not logged in and cause a redirect. Using the php $_SESSION variable we can store whether login was made and successful. On every access we can check the $_SESSION variable and do a quick exit after pushing a JSON message back to the javascript client informing them of the failure and to redirect.

    When the user attempts to login they can choose the CAS route. Using phpCAS it will properly redirect them to the CAS server and back to my App when finished. If they choose the in house login database then they fill out a simple form like any homebrew login system. In both cases the $_SESSION stores the success and that success is checked and verified upon access to the critical PHP files.

    Since it is verified and checked, is CAS expires we will catch it here. The in house login system expires inline with the PHP Session.

    解决 无用
    打赏 举报

相关推荐 更多相似问题