CAS session check
| Project: | CAS |
| Version: | 6.x-2.0-beta1 |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
I have a website that use CAS to authenticate(non-drupal-site). I'm now building a drupal site. I installed the cas module and i have is set so that Drupal user accounts are not automatically created. The reason for this is because i do not want drupal creating accounts for these users. If a users is authenticate on CAS from the non drupal site and visit a link taking them to the drupal site, is there a variable or session variable that i can call to see whether or not the user is already authenticate throught cas. If they are authenticate i want to show a different set of links that i coded in a block.
Example. the variable will check if the user session is authenticated or not. If authenticated it will show link1,2,and 3, if the user not authenticated it will show link4,5,and 6.
I know i will be able to use "if ($user->uid)" to check if they are login, but this is only if they have a drupal account but i do not want drupal accounts for these users. I just want to check for the cas ticket.
#1
I'm not sure the cas module is going to work really well for you here, as it's really designed to tie cas logins to drupal. But to answer your question yes there is.
$_SESSION['phpCAS']['user']
Will get you the information that you're looking for.
#2
We do not want drupal account created for everyone but there will be limited number of users that will get drupal account and login with cas into drupal. For the users without drupal account we just want to present them with a different set of content if they are login through the other non drupal site that we have. In order to do this we have to check if they are logged in to cas yet. An example is to present them with a cas logout/login(showing only one depending on status) button across all of our sites, whether if it is drupal or not. This way they can logout/login to cas no matter where they are.
I tried using $_SESSION['phpCAS']['user'] with no luck. Is this variable accessible within a block? it is the block content that i'm trying to alter based on their cas login status.
I'm new to drupal and still trying to find my way around. Thanks for the help.
#3
Again, given that you're new to drupal, I'll continue to encourage you to let your CAS users get created on your drupal site, and just control what they can do in your site. (post comments, see user information, see which posts they've already read, etc). Your strategy is not really a supported way of using the drupal cas module, and it really isn't going to work well with the way drupal treats anonymous users. I want you to have a good experience with drupal, and I'm worried that this strategic decision will make you unhappy with the way drupal works.
If you still want to try and make this work, you'll need to enable the "check to see if a user is logged in" setting in the cas module, so that you always get redirected back to the cas server so that you can check to see if the user is logged in. Note that there will be NO session variables set until that happens. Also you will have to make sure that you don't use caching, because by default block caching will treat all anonymous drupal users the same, so they see the same block information displayed from the cache. To be more specific disable page and block caching for your site in administer->site configuration->performance page.
Good luck,
Dave
#4
Drupal been working out great but it was part of the requirement and requested that i do not create drupal accounts for anyone except for those limited users.
I followed the steps above and was able to get it to work except that setting only checks when someone first access the site. the setting doesnt get carry over after refreshing the page or traveling to another page.
Can i call the function("check to see if a user is logged in") within a block to have it check every time and not only once during the first visit?
if that not possible i see what i can do with what i have so far, it definitely gotten me a lot further than if i went about it alone. Your help was much appreciated.
#5
Not really. Do do that would mean that you were redirecting to the cas server and back on every single page load, which would put an undo load on the cas server. It might be possible to develop a patch to the cas module to dynamically set cookie expiration timeout so that it checks every so often, but I wouldn't want to do it on every page load. IF you're a coder, and want to submit a patch, I'd be willing to consider it.
#6
Or alternatively you could write your own code that periodically unset the cookie that is set by CAS.
#7
I don't know exactly where to place this question, but this thread looked likely :-)
Like calphoz, I have an existing web site, but at this moment, no one logs in to it.
All I need to do is "Drupal"-ify the existing
web site, which is static content, apart from the apps. Later I'll let authenticated users
edit and change these static pages :-) I don't want to let everyone who can authenticate to our
campus CAS server log on to my site, at least initially. There would be nothing for them
to really do, so it seems pointless... maybe in the future.
I installed Drupal (6.14) and the latest cas module (cas-6.x-2.0-beta1.tar.gz). Hooked it
up to my university's CAS server, created a user (other than admin), and entered a static
page. The CAS block shows up correctly in the anonymous user page (though I would
*like* this to be plain text, not a regular HTML submit button?). Clicking the login button
and authenticating to CAS works fine. I get a message in my CAS block saying that
I've logged in via CAS. Great so far. There is no CAS logout button though, so how
do my users log out? I manually went to the /logout page and logged this user out, but
is this the right log out? They don't seem to have been logged out of CAS, just Drupal,
because clicking the login button again just logs them in without them going to the
CAS server page.
Thanks in advance for any help. Sorry if there's documentation on all this, but I just couldn't
find it.
Brian
#8
If you just want login and logout links, try enabling the CAS Login and CAS Logout menu items (which default to being disabled). You can then hide/disable the normal drupal logout button.
I'd encourage you to create a different role, and not just let authentiated users edit the site. That way you'll have less editing to do if you want to allow other campus members to be able to comment on your site (but not edit) in the future. Since you'll be creating accounts for people manually to begin with, It won't cost you anything to add them to an editors role to begin with.
Dave
#9
Thanks for the help and advice, Dave. This worked out well in the end. I created a menu just to contain the CAS login/logout menu items, then placed the containing block on the top of my content area. Had to fiddle with the CSS a bit to override the default menu button formatting but it looks good now.
I'll keep what you say in mind, but at this moment (shame on us ;-) ) , we are just pushing static information at our audience, not requesting interaction with them (like comments, blogging). I am hoping that this will change, then yes, we'll need to address what the minimal functionality for the authenticated user should be.
Thanks again for all of your hard work and dedication in making and maintaining this module.
Brian