Check out the LimeSurvey source code on GitHub!

CAS-ifying LimeSurvey 2.0 (the dirty way)

More
4 years 1 week ago #92652 by Adrax
I've looking for an official way to CAS-authenticate the admin pages of LimeSurvey, but couldn't find anything suitable.

This is a quick and dirty way to do so. It just "cheats" the app into thinking that the authentication is web server based.

1- First of all download the phpCAS client library into /third_party/CAS.

2- Modify /application/config/config.php:
$config => array(
...
,'auth_webserver'=>true
,'auth_cas'=>true
,'cas_settings'=>array(
	'casAuthServer' => 'my_cas_server.my_site.com',
	'casAuthPort' => 443,
	'casAuthUri' => '/cas-auth-service-uri/'
);
(change the parameters accordingly)

3- Modify /application/core/UserIdentity.php:
(At the beginning of the "authenticate" function, inside of it)
if (Yii::app()->getConfig("auth_cas") == true && (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['LOGON_USER']))) 
{
	require_once Yii::app()->getConfig("rootdir") . DIRECTORY_SEPARATOR . 'third_party' . DIRECTORY_SEPARATOR . 'CAS' . DIRECTORY_SEPARATOR . 'CAS.php';
 
	$cas_settings = Yii::app()->getConfig('cas_settings');
	phpCAS::client(CAS_VERSION_2_0, $cas_settings['casAuthServer'], $cas_settings['casAuthPort'], $cas_settings['casAuthUri'], false);
	phpCAS::setNoCasServerValidation();
	phpCAS::forceAuthentication();
 
	$_SERVER['PHP_AUTH_USER'] = $_SERVER['LOGON_USER'] = phpCAS::getUser();
}

As I said, this is just a workaround. If the developers wish, it could be easily improved.

Any suggestions are welcome.

Please Log in to join the conversation.

More
2 years 2 months ago #115066 by plegrand1
Hello, i'm trying your solution to CAS-ifying LimeSurvey and i cant make it works. Does that means that as LDAP authentication, user has to exist into limesurvey database ?

Thanks for your help

Please Log in to join the conversation.

More
2 years 2 months ago #115067 by Adrax
CAS authentication is not LDAP authentication, although it usually has a LDAP user repository behind it. User authenticated by CAS must exist in the Limesurvey database.

Please Log in to join the conversation.

More
2 years 2 months ago - 2 years 2 months ago #115068 by plegrand1
Thanks a lot for your quick answer !!
and sorry for my poor englih ;-)
But, if the user must exist in limesurvey database, i cant understand the interest of cas authentication ?
thanks again

I just made a try with user existing in db and i can login but i cant see any traffic to the server cas
Do i have to enable webauth plugin ?
Last Edit: 2 years 2 months ago by plegrand1.

Please Log in to join the conversation.

More
2 years 2 months ago #115069 by Adrax
CAS is a Single Sign On application. Users can validate at any casified application with just one user and password and a single login. Users must exist in Limesurvey, but their Limesurvey passwords are ignored.

Please Log in to join the conversation.

More
2 years 2 months ago #115071 by plegrand1
I just made a try with user existing in db and i can login but i cant see any traffic to the server cas
Do i have to enable webauth plugin ?

Please Log in to join the conversation.

More
2 years 2 months ago #115072 by Adrax
If there is no traffic with the CAS server, you must be using your local Limesurvey credentials and you did't patch the code correctly.

Please Log in to join the conversation.

More
2 years 2 months ago #115073 by plegrand1
as you say i think i'm using limesurvey credentials, i think i done what you told to do

Please Log in to join the conversation.

More
2 years 2 months ago #115074 by Adrax
I don't know, I did this modification some time ago. Maybe you're using a different version and the code needs to be adapted.

Please Log in to join the conversation.

More
2 years 2 months ago #115075 by plegrand1
i'm using Version 2.05+ Build 141123

Please Log in to join the conversation.

More
2 years 2 months ago #115076 by Adrax
Maybe that's the reason, I used version 2.0.

Let me know if you manage to make it work, thanks!

Please Log in to join the conversation.

More
2 years 2 months ago #115078 by plegrand1
May be your solution is for 1.9xxx version of limesurvey ?


i saw on other post that there was no more cas solution for 2.0 version
anyway thanks for your answers

Please Log in to join the conversation.

More
2 years 2 months ago #115080 by plegrand1
oups i didnt see the second page of the post....


I'm not sure to have competences to do that

Please Log in to join the conversation.

More
2 years 2 months ago #115082 by plegrand1
i saw that there is no more "login_check_cas.php" file. Does your solution used this file ?

Please Log in to join the conversation.

Imprint                   Privacy policy         General Terms & Conditions         Revocation information and revocation form