moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 00:46:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-22469 auth_cas: CAS module : parameter authCAS=NOCAS not properly handled

Browse source
This commit is contained in:
Gilles-Philippe Leblanc 2014-07-07 17:14:40 -04:00
parent 5fd0df97c5
commit 886601cf45
1 changed files with 20 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

41
auth/cas/auth.php
View file

@ -111,6 +111,26 @@ class auth_plugin_cas extends auth_plugin_ldap {
return; return;
} }
// If the multi-authentication setting is used, check for the param before connecting to CAS.
if ($this->config->multiauth) {
$authCAS = optional_param('authCAS', '', PARAM_RAW);
if ($authCAS == 'NOCAS') {
return;
}
// Show authentication form for multi-authentication.
// Test pgtIou parameter for proxy mode (https connection in background from CAS server to the php server).
if ($authCAS != 'CAS' && !isset($_GET['pgtIou'])) {
$PAGE->set_url('/login/index.php');
$PAGE->navbar->add($CASform);
$PAGE->set_title("$site->fullname: $CASform");
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();
include($CFG->dirroot.'/auth/cas/cas_form.html');
echo $OUTPUT->footer();
exit();
}
}
// Connection to CAS server // Connection to CAS server
$this->connectCAS(); $this->connectCAS();
@ -134,27 +154,6 @@ class auth_plugin_cas extends auth_plugin_ldap {
return; return;
} }
if ($this->config->multiauth) {
$authCAS = optional_param('authCAS', '', PARAM_RAW);
if ($authCAS == 'NOCAS') {
return;
}
// Show authentication form for multi-authentication
// test pgtIou parameter for proxy mode (https connection
// in background from CAS server to the php server)
if ($authCAS != 'CAS' && !isset($_GET['pgtIou'])) {
$PAGE->set_url('/login/index.php');
$PAGE->navbar->add($CASform);
$PAGE->set_title("$site->fullname: $CASform");
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();
include($CFG->dirroot.'/auth/cas/cas_form.html');
echo $OUTPUT->footer();
exit();
}
}
// Force CAS authentication (if needed). // Force CAS authentication (if needed).
if (!phpCAS::isAuthenticated()) { if (!phpCAS::isAuthenticated()) {
phpCAS::setLang($this->config->language); phpCAS::setLang($this->config->language);