I've looking for an official way to CAS-authenticate the admin pages of LimeSurvey, but couldn't find anything suitable.
This is a quick and dirty way to do so. It just "cheats" the app into thinking that the authentication is web server based.
1- First of all download the
phpCAS client library into /third_party/CAS.
2- Modify /application/config/config.php:
$config => array(
...
,'auth_webserver'=>true
,'auth_cas'=>true
,'cas_settings'=>array(
'casAuthServer' => 'my_cas_server.my_site.com',
'casAuthPort' => 443,
'casAuthUri' => '/cas-auth-service-uri/'
);
(change the parameters accordingly)
3- Modify /application/core/UserIdentity.php:
(At the beginning of the "authenticate" function, inside of it)
if (Yii::app()->getConfig("auth_cas") == true && (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['LOGON_USER'])))
{
require_once Yii::app()->getConfig("rootdir") . DIRECTORY_SEPARATOR . 'third_party' . DIRECTORY_SEPARATOR . 'CAS' . DIRECTORY_SEPARATOR . 'CAS.php';
$cas_settings = Yii::app()->getConfig('cas_settings');
phpCAS::client(CAS_VERSION_2_0, $cas_settings['casAuthServer'], $cas_settings['casAuthPort'], $cas_settings['casAuthUri'], false);
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
$_SERVER['PHP_AUTH_USER'] = $_SERVER['LOGON_USER'] = phpCAS::getUser();
}
As I said, this is just a workaround. If the developers wish, it could be easily improved.
Any suggestions are welcome.
