CAS Access User Names Changed

  • Resolved lostxfer

    (@lostxfer)


    9 years, 1 month ago

    Hey,

    Loving the potential of this plugin for our organization, but we’ve run into a problem that is preventing usage of it. Our CAS returns an ID number of the user upon successful login. When I add users to Authorize, I do so by putting in there emails. However, when people login via CAS, Authorize is taking the result from the CAS login and prefixing it to the front of the email domain – which in turn causes it not to validate as an authorized user in the system. Example:

    Added to list as: [email protected]
    Successful CAS login changes it to: [email protected]

    Thanks

    https://www.ads-software.com/plugins/authorizer/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Paul Ryan

    (@figureone)

    Do you know if your CAS server releases an attribute containing the email address? If so, I could make that a configurable option in Authorizer.

    Plugin Author Paul Ryan

    (@figureone)

    FYI the latest version of Authorizer has a configurable option for “CAS attribute containing email.” You can specify the CAS attribute with the email address here, and that one will get used (instead of the fallback to phpCAS::getUser() @ CAS server top level domain).

    For example, my university’s CAS server releases the email address in the “mail” attribute. If you’re unsure what attributes your CAS server releases, you can check with the server admin, or you can inspect it by tossing in an error log message in the plugin code:

    authorizer.php line 859:

    $cas_attributes = phpCAS::getAttributes();

// debug: write out cas attribtues to the web server's error log:
error_log( print_r( $cas_attributes, true ) );

    Plugin Author Paul Ryan

    (@figureone)

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘CAS Access User Names Changed’ is closed to new replies.