Restricting allowed users

Last updated on

30 April 2025

This documentation does not apply to Drupal 8 and higher. See the new documentation instead.

You can limit the list of users allowed to log in with CAS by creating a custom module. The basic template for the module is provided below. Note that the CAS API changed from 6.x-2.x to 6.x-3.x/7.x-1.x.

CAS 6.x-2.x

Create a module which implements hook_auth_filter().

/**
 * Implements hook_auth_filter().
 *
 * Limit logins to a list of specified users.
 */
function MODULE_auth_filter($module, $cas_name) {
  if ($module != 'cas') {
    // Do not filter non-CAS users.
    return TRUE;
  }

  $allowed_users = array(
    'netid1',
    'netid2',
    'netid3',
  );

  return in_array($cas_name, $allowed_users);
}

CAS 6.x-3.x or 7.x-1.x

Create a module which implements hook_cas_user_alter(). See the provided cas.api.php for more information. Sample code is provided below:

/**
 * Implements hook_cas_user_alter().
 *
 * Limit logins to a list of specified users.
 */
function MODULE_cas_user_alter(&$cas_user) {
  // Extract the CAS username.
  $cas_name = $cas_user['name'];

  $allowed_users = array(
    'netid1',
    'netid2',
    'netid3',
  );

  if (!in_array($cas_name, $allowed_users)) {
    // If the user is not in the specified list of allowed users,
    // we do not allow the user to log in.
    $cas_user['login'] = FALSE;
  }
}

Help improve this page

Page status: Not set

You can:

Log in, click Edit, and edit this page
Log in, click Discuss, update the Page status value, and suggest an improvement
Log in and create a Documentation issue with your suggestion

On this page

Central Authentication Service

Restricting allowed users

CAS 6.x-2.x

CAS 6.x-3.x or 7.x-1.x

Help improve this page

News items

Our community

Documentation

Drupal code base

Governance of community