dongmu9253 2013-05-21 17:28
浏览 86
已采纳

使用PHP处理CAS登录(从JSP迁移)

Background:

We currently have a fully functional CAS implementation using JSP, but want to migrate it to a PHP implementation.

Currently, we have a central CAS server that authenticates the user and redirects them to a landing page(in JSP), which then takes their authentication data and passes it onto a third-party-application.

In this JSP we use the following snippet to retrieve the user's data

String usr = request.getParameter("id");
String nid = session.getAttribute("netid");

Question

How do I retrieve this information using PHP?

I have tried doing:

  • $_GET
  • $_POST
  • $_REQUEST
  • $_SESSION

and more.

I have a feeling that I may need to install phpCAS in order to do this, but do not want to do so unless absolutely necessary.

Thank you for your time.

  • 写回答

1条回答 默认 最新

  • doufuhao0566 2013-05-22 02:35
    关注

    Every consumer of a CAS service ticket needs to be able to validate a token, parse the response, etc. It seems like you're currently using some JSP-based CAS client which is doing the work for you? (possibly Yale's, as the Jasig one does not deal with JSP). If you want to switch your client to a non-JSP/Java application, but to a PHP one, your best option is to protect that page/client application with phpCAS. phpCAS will intercept the ticket in the url, validate it against the CAS server and set the appropriate session variables.

    Here's a simple example of phpCAS in action: https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_simple.php

    Alternatively, you can write your own interception/validation/parsing code, but since this is a security product, I recommend using one of the well-known/tested clients.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料