Limit users from CAS
- Status
- Closed
- Subject
- Limit users from CAS
- Version
- 1.8.x
1.9.x - Category
- Feature request
- Feature
- External Authentication (LDAP, AD, PAM, CAS, etc)
- Resolution status
- New
- Submitted by
- gpaterno
- Lastmod by
- gpaterno
- Rating
- Description
While CAS authentication is great, it allows multiple users to login if you have a widely common CAS server.
For example, SecurePass 1 strong authentication allow ALL securepass users to login through their CAS.
The need is to optionally limit which users or users domain can login to tikiwiki through CAS.- Solution
A quick and dirty solution is to do a regex check on the CAS username. For our purposes, on userslib.php (ver 8.2) around line 470 add the following:
469a470,477
>
> // Gippa
> // If user is authenticated, but not belong to us, fails
> elseif ( $userCAS && !preg_match("/(.*)@mycompany.com$/", $user) ) {
> return array(false, $user, $result);
> }
>
>That is a quick and dirty patch. You can create an input box to check for regex or domains.
Thank you very much.
Best regards,
Giuseppe- Priority
- 25
- Demonstrate Bug on Tiki 19+
-
This bug has been demonstrated on show2.tiki.org
Please demonstrate your bug on show2.tiki.org
- Demonstrate Bug (older Tiki versions)
-
This bug has been demonstrated on show.tikiwiki.org
Please demonstrate your bug on show.tikiwiki.org
Show.tiki.org is currently unavailableUnable to connect to show.tikiwiki.org. Please let us know of the problem so that we can do something about it. Thanks.
- Ticket ID
- 4083
- Created
- Monday 19 December, 2011 14:35:21 UTC
by gpaterno - LastModif
- Wednesday 26 February, 2020 16:54:40 UTC