CAS-ifying LimeSurvey 2.0 (the dirty way)

More
4 years 6 months ago #92652 by Adrax
Adrax created the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
I've looking for an official way to CAS-authenticate the admin pages of LimeSurvey, but couldn't find anything suitable.

This is a quick and dirty way to do so. It just "cheats" the app into thinking that the authentication is web server based.

1- First of all download the phpCAS client library into /third_party/CAS.

2- Modify /application/config/config.php:
$config => array(
...
,'auth_webserver'=>true
,'auth_cas'=>true
,'cas_settings'=>array(
	'casAuthServer' => 'my_cas_server.my_site.com',
	'casAuthPort' => 443,
	'casAuthUri' => '/cas-auth-service-uri/'
);
(change the parameters accordingly)

3- Modify /application/core/UserIdentity.php:
(At the beginning of the "authenticate" function, inside of it)
if (Yii::app()->getConfig("auth_cas") == true && (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['LOGON_USER']))) 
{
	require_once Yii::app()->getConfig("rootdir") . DIRECTORY_SEPARATOR . 'third_party' . DIRECTORY_SEPARATOR . 'CAS' . DIRECTORY_SEPARATOR . 'CAS.php';
 
	$cas_settings = Yii::app()->getConfig('cas_settings');
	phpCAS::client(CAS_VERSION_2_0, $cas_settings['casAuthServer'], $cas_settings['casAuthPort'], $cas_settings['casAuthUri'], false);
	phpCAS::setNoCasServerValidation();
	phpCAS::forceAuthentication();
 
	$_SERVER['PHP_AUTH_USER'] = $_SERVER['LOGON_USER'] = phpCAS::getUser();
}

As I said, this is just a workaround. If the developers wish, it could be easily improved.

Any suggestions are welcome.

Please Log in to join the conversation.

More
2 years 8 months ago #115066 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
Hello, i'm trying your solution to CAS-ifying LimeSurvey and i cant make it works. Does that means that as LDAP authentication, user has to exist into limesurvey database ?

Thanks for your help

Please Log in to join the conversation.

More
2 years 8 months ago #115067 by Adrax
Adrax replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
CAS authentication is not LDAP authentication, although it usually has a LDAP user repository behind it. User authenticated by CAS must exist in the Limesurvey database.

Please Log in to join the conversation.

More
2 years 8 months ago - 2 years 8 months ago #115068 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
Thanks a lot for your quick answer !!
and sorry for my poor englih ;-)
But, if the user must exist in limesurvey database, i cant understand the interest of cas authentication ?
thanks again

I just made a try with user existing in db and i can login but i cant see any traffic to the server cas
Do i have to enable webauth plugin ?
Last Edit: 2 years 8 months ago by plegrand1.

Please Log in to join the conversation.

More
2 years 8 months ago #115069 by Adrax
Adrax replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
CAS is a Single Sign On application. Users can validate at any casified application with just one user and password and a single login. Users must exist in Limesurvey, but their Limesurvey passwords are ignored.

Please Log in to join the conversation.

More
2 years 8 months ago #115071 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
I just made a try with user existing in db and i can login but i cant see any traffic to the server cas
Do i have to enable webauth plugin ?

Please Log in to join the conversation.

More
2 years 8 months ago #115072 by Adrax
Adrax replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
If there is no traffic with the CAS server, you must be using your local Limesurvey credentials and you did't patch the code correctly.

Please Log in to join the conversation.

More
2 years 8 months ago #115073 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
as you say i think i'm using limesurvey credentials, i think i done what you told to do

Please Log in to join the conversation.

More
2 years 8 months ago #115074 by Adrax
Adrax replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
I don't know, I did this modification some time ago. Maybe you're using a different version and the code needs to be adapted.

Please Log in to join the conversation.

More
2 years 8 months ago #115075 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
i'm using Version 2.05+ Build 141123

Please Log in to join the conversation.

More
2 years 8 months ago #115076 by Adrax
Adrax replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
Maybe that's the reason, I used version 2.0.

Let me know if you manage to make it work, thanks!

Please Log in to join the conversation.

More
2 years 8 months ago #115078 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
May be your solution is for 1.9xxx version of limesurvey ?


i saw on other post that there was no more cas solution for 2.0 version
anyway thanks for your answers

Please Log in to join the conversation.

More
2 years 8 months ago #115080 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
oups i didnt see the second page of the post....


I'm not sure to have competences to do that

Please Log in to join the conversation.

More
2 years 8 months ago #115082 by plegrand1
plegrand1 replied the topic: CAS-ifying LimeSurvey 2.0 (the dirty way)
i saw that there is no more "login_check_cas.php" file. Does your solution used this file ?

Please Log in to join the conversation.

Did you already participate in our customer survey?

Don't miss your chance for great prices.

Please click here to participate:

Start now

Start now!

Just create your account and start using Limesurvey today.

Register now