Since CAS is capable of integrating applications made in many different languages, you may want to take the time to get everything you can authenticating through it. Every different language needs a separate client though, which needs to be installed and configured. The official client for PHP is phpCAS. The instructions I have here were originally done in 3.4.8 of CAS and 1.2.2 of phpCAS on the 11.04 version of Ubuntu. If you’re using a different flavor of linux the commands may differ slightly, and if you’re using Windows, all of the example directories and commands will probably be different. I will make notes where applicable.
- A CAS server accessible through https. It may be possible to get phpCAS to work without it, but it is safer and probably easier just to set up the https.
- A webserver such as Apache, but any that will be capable of running PHP will do.
- PHP5 with cURL installed on the machine.
- The easiest way to install is through PEAR with the command “pear install http://downloads.jasig.org/cas-clients/php/current.tgz”. If PEAR is not already installed, it will tell you the command needed to install it. If on Windows or a flavor of linux that does not provide a command to install PEAR, a manual install would probably be easier. Just download from the link in the command above and extract somewhere logical (if you’re on Windows, you’ll need something like 7zip to open the .tgz) and add the include_path to your php.ini file.
- Go to the directory web pages are served from for that server (/var/www/) and copy config.php and example_simple.php from the examples directory provided with phpCAS’s documentation (/usr/share/php/doc/CAS/docs/examples). Other examples can be copied if desired, but this is all that is necessary to test the connection.
- Modify Config.php to reflect the setup of the machine it is install on. This file is included in all of the example files, so you should only need to change this once. For a typical machine, the following changes were made:
- $phpcas_path = ‘/usr/share/php’;
- $cas_host = ‘localhost’;
- $cas_context = ‘/cas-server-webapp-3.4.8’;
- $cas_port = 8443;
While it may not seem like much as it is, the examples included with phpCAS will give you a good basis for using this client with your own PHP applications. Do keep in mind that Single Sign On with CAS does not mean Single Sign Off, so always log out of your applications separately. Also remember that Authentication and Authorization are separate concepts and CAS will only decide if a valid username and password were provided. It is up to your application to determine if that username should have access.