00001 <?php 00002 // Example for handling logout requests 00003 00004 // Load the settings from the central config file 00005 include_once('config.php'); 00006 // Load the CAS lib 00007 include_once($phpcas_path.'/CAS.php'); 00008 00009 // Uncomment to enable debugging 00010 phpCAS::setDebug(); 00011 00012 // Initialize phpCAS 00013 phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context); 00014 00015 // For production use set the CA certificate that is the issuer of the cert 00016 // on the CAS server and uncomment the line below 00017 // phpCAS::setCasServerCACert($cas_server_ca_cert_path); 00018 00019 // For quick testing you can disable SSL validation of the CAS server. 00020 // THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION. 00021 // VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL! 00022 phpCAS::setNoCasServerValidation(); 00023 00024 // handle incoming logout requests 00025 phpCAS::handleLogoutRequests(); 00026 00027 // Or as an advanced featue handle SAML logout requests that emanate from the CAS host exclusively. 00028 // Failure to restrict SAML logout requests to authorized hosts could 00029 // allow denial of service attacks where at the least the server is 00030 // tied up parsing bogus XML messages. 00031 // phpCAS::handleLogoutRequests(true, $cas_real_hosts); 00032 00033 00034 // force CAS authentication 00035 phpCAS::forceAuthentication(); 00036 00037 // for this test, simply print that the authentication was successfull 00038 ?> 00039 <html> 00040 <head> 00041 <title>phpCAS simple client</title> 00042 </head> 00043 <body> 00044 <h1>Successfull Authentication!</h1> 00045 <?php include 'script_info.php' ?> 00046 <p>the user's login is <b><?php echo phpCAS::getUser(); ?></b>.</p> 00047 <p>phpCAS version is <b><?php echo phpCAS::getVersion(); ?></b>.</p> 00048 </body> 00049 </html>