gnu-social/plugins/CasAuthentication
Diogo Cordeiro 8c0601816f [CORE] Move core plugins to a new modules directory
For reference (raised by rozzin in IRC):

* http://foldoc.org/module
* http://foldoc.org/library
* http://foldoc.org/plugin

As noted by XRevan86, modules are not necessarily non-essential.
As we will keep the modules directory in GS root [therefore, near to
plugins/], it is evidenced the difference between both.

This is a simple yet fundamental structural change. It doesn't change
functionality but makes clearer the way we understand GNU social's
internals.
2019-08-22 03:13:58 +01:00
..
actions Test if $casSettings['user_whitelist'] is an array - and then perform in_array(...) instead of just checking if it's != null. 2017-12-17 17:37:24 +00:00
locale [CORE] Move core plugins to a new modules directory 2019-08-22 03:13:58 +01:00
CasAuthenticationPlugin.php [VersionBump] 1.19.0, fairly late 2019-06-07 15:02:08 +01:00
README Added CAS user whitelist feature 2017-04-17 12:41:49 -04:00

The CAS Authentication plugin allows for StatusNet to handle authentication
through CAS (Central Authentication Service).

Installation
============
add "addPlugin('casAuthentication',
    array('setting'=>'value', 'setting2'=>'value2', ...);"
to the bottom of your config.php

Settings
========
provider_name*: a unique name for this authentication provider.
authoritative (false): Set to true if CAS's responses are authoritative
    (if authorative and CAS fails, no other password checking will be done).
autoregistration (false): Set to true if users should be automatically created
    when they attempt to login.
email_changeable (true): Are users allowed to change their email address?
    (true or false)
password_changeable*: must be set to false. This plugin does not support changing passwords.

server*: CAS server to authentication against
port (443): Port the CAS server listens on. Almost always 443
path (): Path on the server to CAS. Usually blank.
takeOverLogin (false): Take over the main login action. If takeOverLogin is
    set, anytime the standard username/password login form would be shown,
    a CAS login will be done instead.
user_whitelist (null): Only allow login via CAS for users listed in this
    array. This is useful when both CAS and password authentication is enabled
    and there is a mismatch between some GNU social account names and CAS user
    names. This prevents CAS users from logging in as someone else on GNU
    social. When set to null, no CAS logins are filtered by this feature.

* required
default values are in (parenthesis)

Example
=======
addPlugin('casAuthentication', array(
    'provider_name'=>'Example',
    'authoritative'=>true,
    'autoregistration'=>true,
    'server'=>'sso-cas.univ-rennes1.fr',
    'port'=>443,
    'path'=>'',
    'takeOverLogin'=>true
));