moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'MDL-45981-master' of git://github.com/lameze/moodle

Browse source
This commit is contained in:
Andrew Nicols 2015-10-07 08:18:10 +08:00
commit dabb53c525
3 changed files with 53 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
auth/cas/auth.php
View file

@ -183,6 +183,11 @@ class auth_plugin_cas extends auth_plugin_ldap {
} else { } else {
phpCAS::client($this->config->casversion, $this->config->hostname, (int) $this->config->port, $this->config->baseuri, false); phpCAS::client($this->config->casversion, $this->config->hostname, (int) $this->config->port, $this->config->baseuri, false);
} }
// Some CAS installs require SSLv3 that should be explicitly set.
if (!empty($this->config->curl_ssl_version)) {
phpCAS::setExtraCurlOption(CURLOPT_SSLVERSION, $this->config->curl_ssl_version);
}
$connected = true; $connected = true;
} }
@ -302,6 +307,9 @@ class auth_plugin_cas extends auth_plugin_ldap {
if (!isset($config->certificate_path)) { if (!isset($config->certificate_path)) {
$config->certificate_path = ''; $config->certificate_path = '';
} }
if (!isset($config->curl_ssl_version)) {
$config->curl_ssl_version = '';
}
if (!isset($config->logout_return_url)) { if (!isset($config->logout_return_url)) {
$config->logout_return_url = ''; $config->logout_return_url = '';
} }
@ -374,6 +382,7 @@ class auth_plugin_cas extends auth_plugin_ldap {
set_config('multiauth', $config->multiauth, $this->pluginconfig); set_config('multiauth', $config->multiauth, $this->pluginconfig);
set_config('certificate_check', $config->certificate_check, $this->pluginconfig); set_config('certificate_check', $config->certificate_check, $this->pluginconfig);
set_config('certificate_path', $config->certificate_path, $this->pluginconfig); set_config('certificate_path', $config->certificate_path, $this->pluginconfig);
set_config('curl_ssl_version', $config->curl_ssl_version, $this->pluginconfig);
set_config('logout_return_url', $config->logout_return_url, $this->pluginconfig); set_config('logout_return_url', $config->logout_return_url, $this->pluginconfig);
// save LDAP settings // save LDAP settings

35
auth/cas/config.html
View file

@ -33,6 +33,9 @@ if (!isset ($config->certificate_check)) {
if (!isset ($config->certificate_path)) { if (!isset ($config->certificate_path)) {
$config->certificate_path = ''; $config->certificate_path = '';
} }
if (!isset($config->curl_ssl_version)) {
$config->curl_ssl_version = '';
}
if (!isset($config->logout_return_url)) { if (!isset($config->logout_return_url)) {
$config->logout_return_url = ''; $config->logout_return_url = '';
} }
@ -216,6 +219,38 @@ if (!ldap_paged_results_supported($config->ldap_version)) {
<?php print_string('auth_cas_certificate_path', 'auth_cas') ?> <?php print_string('auth_cas_certificate_path', 'auth_cas') ?>
</td> </td>
</tr> </tr>
<tr valign="top" class="required">
<td align="right"><label for="curl_ ssl_version"><?php print_string('auth_cas_curl_ssl_version_key', 'auth_cas') ?>: </label></td>
<td>
<?php
$sslversions = array();
$sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas');
if (defined('CURL_SSLVERSION_TLSv1')) {
$sslversions[CURL_SSLVERSION_TLSv1] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas');
}
if (defined('CURL_SSLVERSION_TLSv1_0')) {
$sslversions[CURL_SSLVERSION_TLSv1_0] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas');
}
if (defined('CURL_SSLVERSION_TLSv1_1')) {
$sslversions[CURL_SSLVERSION_TLSv1_1] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas');
}
if (defined('CURL_SSLVERSION_TLSv1_2')) {
$sslversions[CURL_SSLVERSION_TLSv1_2] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas');
}
if (defined('CURL_SSLVERSION_SSLv2')) {
$sslversions[CURL_SSLVERSION_SSLv2] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas');
}
if (defined('CURL_SSLVERSION_SSLv3')) {
$sslversions[CURL_SSLVERSION_SSLv3] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas');
}
echo html_writer::select($sslversions, 'curl_ssl_version', $config->curl_ssl_version, false);
if (isset($err['curl_ssl_version'])) echo $OUTPUT->error_text($err['curl_ssl_version']);
?>
</td>
<td>
<?php print_string('auth_cas_curl_ssl_version', 'auth_cas') ?>
</td>
</tr>
<tr valign="top" class="required"> <tr valign="top" class="required">
<td align="right"><?php print_string('auth_cas_logout_return_url_key', 'auth_cas') ?>:</td> <td align="right"><?php print_string('auth_cas_logout_return_url_key', 'auth_cas') ?>:</td>
<td> <td>

9
auth/cas/lang/en/auth_cas.php
View file

@ -37,6 +37,15 @@ $string['auth_cas_certificate_path'] = 'Path of the CA chain file (PEM Format) t
$string['auth_cas_certificate_path_key'] = 'Certificate path'; $string['auth_cas_certificate_path_key'] = 'Certificate path';
$string['auth_cas_create_user'] = 'Turn this on if you want to insert CAS-authenticated users in Moodle database. If not then only users who already exist in the Moodle database can log in.'; $string['auth_cas_create_user'] = 'Turn this on if you want to insert CAS-authenticated users in Moodle database. If not then only users who already exist in the Moodle database can log in.';
$string['auth_cas_create_user_key'] = 'Create user'; $string['auth_cas_create_user_key'] = 'Create user';
$string['auth_cas_curl_ssl_version'] = 'The SSL version (2 or 3) to use. By default PHP will try to determine this itself, although in some cases this must be set manually.';
$string['auth_cas_curl_ssl_version_default'] = 'Default';
$string['auth_cas_curl_ssl_version_key'] = 'cURL SSL Version';
$string['auth_cas_curl_ssl_version_SSLv2'] = 'SSLv2';
$string['auth_cas_curl_ssl_version_SSLv3'] = 'SSLv3';
$string['auth_cas_curl_ssl_version_TLSv1x'] = 'TLSv1.x';
$string['auth_cas_curl_ssl_version_TLSv10'] = 'TLSv1.0';
$string['auth_cas_curl_ssl_version_TLSv11'] = 'TLSv1.1';
$string['auth_cas_curl_ssl_version_TLSv12'] = 'TLSv1.2';
$string['auth_casdescription'] = 'This method uses a CAS server (Central Authentication Service) to authenticate users in a Single Sign On environment (SSO). You can also use a simple LDAP authentication. If the given username and password are valid according to CAS, Moodle creates a new user entry in its database, taking user attributes from LDAP if required. On following logins only the username and password are checked.'; $string['auth_casdescription'] = 'This method uses a CAS server (Central Authentication Service) to authenticate users in a Single Sign On environment (SSO). You can also use a simple LDAP authentication. If the given username and password are valid according to CAS, Moodle creates a new user entry in its database, taking user attributes from LDAP if required. On following logins only the username and password are checked.';
$string['auth_cas_enabled'] = 'Turn this on if you want to use CAS authentication.'; $string['auth_cas_enabled'] = 'Turn this on if you want to use CAS authentication.';
$string['auth_cas_hostname'] = 'Hostname of the CAS server <br />eg: host.domain.fr'; $string['auth_cas_hostname'] = 'Hostname of the CAS server <br />eg: host.domain.fr';