prayno / casauth-bundle
Basic CAS (SSO) authenticator for Symfony 3, 4 and 5
Installs: 63 513
Dependents: 0
Suggesters: 0
Security: 0
Stars: 16
Watchers: 7
Forks: 20
Open Issues: 14
Type:symfony-bundle
Requires
- guzzlehttp/guzzle: ^6.2
- symfony/config: ^3.0|^4.0|^5.0
- symfony/dependency-injection: ^3.0|^4.0|^5.0
- symfony/http-foundation: ^3.0|^4.0|^5.0
- symfony/http-kernel: ^3.0|^4.0|^5.0
- symfony/security-bundle: ^3.0|^4.0|^5.0
README
Basic CAS (SSO) authenticator for Symfony 3 and 4
This bundle provides a -very- basic CAS (http://jasig.github.io/cas/4.1.x/index.html) authentication client for Symfony 3 and 4.
Installation
Install the library via Composer by running the following command:
composer require prayno/casauth-bundle
Next, enable the bundle in your app/AppKernel.php file:
<?php // app/AppKernel.php public function registerBundles() { $bundles = array( // ... new PRayno\CasAuthBundle\PRaynoCasAuthBundle(), // ... ); }
In config.yml (Symfony 3) or config/packages/p_rayno_cas_auth.yaml (create this file in Symfony 4), add these settings :
p_rayno_cas_auth: server_login_url: https://mycasserver/cas/ server_validation_url: https://mycasserver/cas/serviceValidate server_logout_url: https://mycasserver/cas/logout xml_namespace: cas options:[] see http://docs.guzzlephp.org/en/latest/request-options.html
Note : the xml_namespace and options parameters are optionals
Modify your security.yml with the following values (the provider in the following settings should not be used as it's just a very basic example ; in production, create your own UserProvider and add its service name in providers:cas:id) :
security: providers: cas: id: prayno.cas_user_provider firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: ~ logout: ~ guard: authenticators: - prayno.cas_authenticator access_control: - { path: ^/, roles: ROLE_USER }
And voila ! Your secured route should redirect you to your CAS login page which should authenticate you.
CAS global logout option
If you want your users to logout from the remote CAS server when logging out from your app, you should apply the following settings :
security.yaml:
# ... firewalls: # ... main: # ... logout: path: /logout success_handler: PRayno\CasAuthBundle\Event\LogoutSuccessHandler
services.yaml
# ... services: # ... PRayno\CasAuthBundle\Event\LogoutSuccessHandler: arguments: $logoutUrl: "%cas_logout_url%"
Of course, you must set a "cas_logout_url" parameter in your app (eg. https://my_remote_cas_server/logout)
Don't forget to define a /logout route in your app