CAS as an authentication provider
The CMS can be configured to use CAS as its authentication provider (CMS version 2.0 and later)
The Central Authentication Service ( CAS ) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user’s security credentials, such as a password.
CAS integration is enabled via the
settings.php file in the CMS installation. If Docker has been used
settings.php will not be accessible, however, it is possible to create a
settings-custom.php file in the
/custom mount point. The below Configuration can be added to that file instead.
The purpose of the integration is to configure a CAS enabled IdP (identity provider) for authentication with the Xibo CMS.
A User already authenticated with the IdP will automatically be logged into the CMS. If the User does not exist they will optionally be created with a set of default credentials.
CAS integration is configured in the
settings.php file of the CMS installation. This file can be found in your
There are two sections to adjust, the
$authentication middleware and the
$samlSettings configuration array.
The authentication middleware should be changed to
CASAuthentication , shown below:
$authentication = new \Xibo\Middleware\CASAuthentication();
The CAS settings array contains all the necessary information for the CMS to connect and use a CAS enabled IdP. An example settings file can be seen below. the configuration is split into 3 main sections:
server: options for the server provider (these are used by the CMS to identify and communicate with the identity provider).
port: specify which port to use.
uri: the location of the CAS application at the
$authentication = new \Xibo\Middleware\CASAuthentication(); $casSettings = array( 'config' => array ( 'server' => 'your.cas.server', 'port' => '443', 'uri' => '/cas' ) );