Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This documentation does not apply to Drupal 8 and higher. See the new documentation instead.
You can limit the list of users allowed to log in with CAS by creating a custom module. The basic template for the module is provided below. Note that the CAS API changed from 6.x-2.x to 6.x-3.x/7.x-1.x.
CAS 6.x-2.x
Create a module which implements hook_auth_filter()
.
/**
* Implements hook_auth_filter().
*
* Limit logins to a list of specified users.
*/
function MODULE_auth_filter($module, $cas_name) {
if ($module != 'cas') {
// Do not filter non-CAS users.
return TRUE;
}
$allowed_users = array(
'netid1',
'netid2',
'netid3',
);
return in_array($cas_name, $allowed_users);
}
CAS 6.x-3.x or 7.x-1.x
Create a module which implements hook_cas_user_alter()
. See the provided cas.api.php
for more information. Sample code is provided below:
/**
* Implements hook_cas_user_alter().
*
* Limit logins to a list of specified users.
*/
function MODULE_cas_user_alter(&$cas_user) {
// Extract the CAS username.
$cas_name = $cas_user['name'];
$allowed_users = array(
'netid1',
'netid2',
'netid3',
);
if (!in_array($cas_name, $allowed_users)) {
// If the user is not in the specified list of allowed users,
// we do not allow the user to log in.
$cas_user['login'] = FALSE;
}
}