Hi,
I am trying to get an automatic login to the admin panel based on a phpCAS authentifcation server.
I have extended MemberLoginform and managed to include the CAS classes.
I have been able to get the authentifcation from CAS and to automatically login to the front end.
However, I can then no longer login to admin, I just get a blank page.
The user I am using is an admin user, but it doesn't redirect to admin section, it displays the front end "you are now logged in as ...".
any ideas what is wrong ? possibly a conflict between SS classes and the phpCAS external classes I am calling ?
here is the content of my class:
<?php
//let SS know to use the new class rather than the default one for the login form
//Object::useCustomClass('MemberLoginForm', 'CustomLoginForm');
class CustomLoginForm extends MemberLoginForm {
function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true) {
////////START CASified/////////////
//CAS required classes and configs
include_once 'cas/config-lab.php';
include_once 'cas/CAS.php';
// Initialize phpCAS
/* @link https://wiki.jasig.org/display/CASC/phpCAS*/
//last param disable session handling as SS already has session running
phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context, $start_session=false);
// Uncomment to enable debugging
//phpCAS::setDebug();
// For production use set the CA certificate that is the issuer of the cert
// on the CAS server and uncomment the line below
// phpCAS::setCasServerCACert($cas_server_ca_cert_path);
// For quick testing you can disable SSL validation of the CAS server.
// THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION.
// VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL!
phpCAS::setNoCasServerValidation();
// force CAS authentication
phpCAS::forceAuthentication();
// at this step, the user has been authenticated by the CAS server
// and the user's login name can be read with phpCAS::getUser().
$CASusername = phpCAS::getUser();
///////////END CASified////////////////
// This is now set on the class directly to make it easier to create subclasses
// $this->authenticator_class = $authenticatorClassName;
$customCSS = project() . '/css/member_login.css';
if(Director::fileExists($customCSS)) {
Requirements::css($customCSS);
}
if(isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = Session::get('BackURL');
}
if($checkCurrentUser && Member::currentUser() && Member::logged_in_session_exists()) {
$fields = new FieldSet(
new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this)
);
$actions = new FieldSet(
new FormAction("logout", _t('Member.BUTTONLOGINOTHER', "Log in as someone else"))
);
} else {
if($CASusername == 'mycasusername') {
//CAS authentified
$emailAddress='myemail';
$password='mypassword';
$member = false;
$emailAddress = Convert::raw2sql($emailAddress);
$password = Convert::raw2sql($password);
$member = MemberAuthenticator::authenticate(array(
'Email' => $emailAddress,
'Password' => $password
));
if ($member) {
$member->logIn();
}
}
else {
//else regular login form
//new TextareaField( name, title, rows, cols, value, form)
if(!$fields) {
$label=singleton('Member')->fieldLabel(Member::get_unique_identifier_field());
$fields = new FieldSet(
new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this),
//Regardless of what the unique identifer field is (usually 'Email'), it will be held in the 'Email' value, below:
new TextField("Email", $label, Session::get('SessionForms.MemberLoginForm.Email'), null, $this),
new PasswordField("Password", _t('Member.PASSWORD', 'Password'))
);
if(Security::$autologin_enabled) {
$fields->push(new CheckboxField(
"Remember",
_t('Member.REMEMBERME', "Remember me next time?")
));
}
}
if(!$actions) {
$actions = new FieldSet(
new FormAction('dologin', _t('Member.BUTTONLOGIN', "Log in")),
new LiteralField(
'forgotPassword',
'<p id="ForgotPassword"><a href="Security/lostpassword">' . _t('Member.BUTTONLOSTPASSWORD', "I've lost my password") . '</a></p>'
)
);
}
}
}
if(isset($backURL)) {
$fields->push(new HiddenField('BackURL', 'BackURL', $backURL));
}
parent::__construct($controller, $name, $fields, $actions);
// Focus on the email input when the page is loaded
// Only include this if other form JS validation is enabled
if($this->getValidator()->getJavascriptValidationHandler() != 'none') {
Requirements::customScript(<<<JS
(function() {
var el = document.getElementById("MemberLoginForm_LoginForm_Email");
if(el && el.focus) el.focus();
})();
JS
);
}
}
}
thanks