Cassava CAS Server

Cassava CAS Server

0

Cassava allows WordPress to act as a single sign-on authenticator using the Central Authentication Service (CAS) protocol. That way, users on your WordPress install may be able to acces

Version

1.2.3
Last updated

2015.10.10
Active installations

30
WordPress Version

3.9
Tested up to

4.4.30
pa_languages

English,(US),Portuguese,(Portugal)
Rating

5.00
Total ratings

2
Tags
This plugin is outdated and might not be supported anymore.
Go back
View on WordPress site

Description

Cassava allows WordPress to act as a single sign-on authenticator using the Central Authentication Service (CAS) protocol.

That way, users on your WordPress install may be able to access different applications that support the CAS protocol by providing a single set of credentials and without exposing the user’s password.

By default, CAS method URIs are provided under the wp-cas endpoint:

  • /wp-cas/login: Allows a remote service to request that a user authenticate on the CAS server. Will redirect back to the remote service along with a service ticket.
  • /wp-cas/logout: Terminates the single sign-on session. May optionally redirect the user back to the remote service.
  • /wp-cas/validate [CAS 1.0]: Allows a remote service to validate a service ticket forwarded by the user on redirect. Returns a plaintext response.
  • /wp-cas/proxy [CAS 2.0]: Provides access to remote services with proxy tickets in exchange for proxy-granting tickets. Returns an XML response.
  • /wp-cas/proxyValidate [CAS 2.0]: Allows a remote service to validate a service or proxy ticket forwarded by the user on redirect. Returns an XML response.
  • /wp-cas/serviceValidate [CAS 2.0]: Allows a remote service to validate a service ticket forwarded by the user on redirect. Returns an XML response.
  • /wp-cas/p3/proxyValidate [CAS 3.0]: Allows a remote service to validate a service or proxy ticket forwarded by the user on redirect. Returns an XML response.
  • /wp-cas/p3/serviceValidate [CAS 3.0]: Allows a remote service to validate a service ticket forwarded by the user on redirect. Returns an XML response.

There are a few client integration libraries available for CAS, as well as a handy guide for CASifying several existing applications. Independent WordPress installations may integrate with Cassava using a client plugin such as CAS Maestro.

Please follow and contribute to Cassava’s development on Github.

Hooks

Action: cas_server_before_request

Fires before a CAS request is processed.

Parameters:

  • string $path: Requested URI path.

Action: cas_server_after_request

Fires after a CAS request is processed.

Parameters:

  • string $path: Requested URI path.

Action: cas_server_error

Fires if the CAS server has to return an XML error.

Parameters:

  • WP_Error $error: WordPress error to return as XML.

Action: cas_server_validation_success

Fires on successful ticket validation.

Parameters:

  • WP_User $user: WordPress user validated by ticket.
  • string $ticket: Valid ticket string.

Filter: cas_enabled

Allows developers to disable CAS.

Parameters:

  • boolean $cas_enabled: Whether the server should respond to single sign-on requests.

Filter: cas_server_routes

Allows developers to override the default controller mapping, define additional endpoints and provide alternative implementations to the provided controllers.

Controllers provided in this fashion should extend the CassavaCASControllerBaseController class.

Parameters:

  • array $cas_routes: CAS endpoint to controller mapping.

Filter: cas_server_response

Lets developers change the CAS server response string.

Parameters:

  • string $output: Response output string.
  • string $path: Requested URI path.

Filter: cas_server_dispatch_args

Filters the callback arguments to be dispatched for the request. Plugin developers may return a WP_Error object here to abort the request.

Parameters:

  • array $args: Arguments to pass the callback.
  • (string|array) $callback: Callback function or method.
  • string $path: Requested URI path.

Filter: cas_server_login_args

Allows developers to change the request parameters passed to a /login request.

Parameters:

  • array $args: HTTP request (GET, POST) parameters.

Filter: cas_server_redirect_service

Filters the redirect URI for the service requesting user authentication.

Parameters:

  • string $service: Service URI requesting user authentication.
  • WP_User $user: Logged in WordPress user.

Filter: cas_server_custom_auth_uri

Allows developers to redirect the user to a custom login form.

Parameters:

  • string $custom_login_url: URI for the custom login page.
  • array $args: Login request parameters.

Filter: cas_server_ticket_expiration

This filter allows developers to override the default ticket expiration period.

Parameters:

  • int $expiration: Ticket expiration period (in seconds).
  • string $type: Type of ticket to set.
  • WP_User $user: Authenticated user associated with the ticket.

Filter: cas_server_validation_user_attributes

Allows developers to change the list of (key, value) pairs before they’re included in a /serviceValidate response.

Parameters:

  • array $attributes: List of attributes to output.
  • WP_User $user: Authenticated user.

Filter: cas_server_settings_user_attribute_options

Allows developers to change the list of user attributes that appear in the dashboard for an administrator to set to return on successful validation requests.

Options are stored in an associative array, with user attribute slugs as array keys and option labels as array values.

These settings are valid only for CAS 2.0 validation requests.

Parameters:

  • array $attributeOptions Attribute options an administrator can set on the dashboard.