3 * FusionForge AuthCas login page
5 * This is main login page. It takes care of different account states
6 * (by disallowing logging in with non-active account, with appropriate
9 * Copyright 1999-2001 (c) VA Linux Systems
10 * Copyright 2011, Roland Mas
12 * This file is part of FusionForge.
14 * FusionForge is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * FusionForge is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with FusionForge; if not, write to the Free Software
26 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 // FIXME : WTF ?!?!?!?
30 Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
31 Header( "Cache-Control: no-cache");
32 Header( "Cache-Control: must-revalidate");
34 require_once('../../../www/env.inc.php');
35 require_once $gfcommon.'include/pre.php';
36 require_once('../../../www/include/login-form.php');
38 $plugin = plugin_get_object('authcas');
40 $return_to = getStringFromRequest('return_to');
41 $login = getStringFromRequest('login');
42 $postcas = getStringFromRequest('postcas');
43 $feedback = htmlspecialchars(getStringFromRequest('feedback'));
44 $warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
45 $error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
46 $triggered = getIntFromRequest('triggered');
48 if (forge_get_config('use_ssl') && !session_issecure()) {
49 //force use of SSL for login
51 header('Location: https://'.getStringFromServer('HTTP_HOST').getStringFromServer('REQUEST_URI'));
54 // Here comes CAS standard magic (which will redirect to the CAS server, etc.)
58 if (phpCAS::isAuthenticated()) {
59 if ($plugin->isSufficient()) {
60 $plugin->startSession(phpCAS::getUser());
63 validate_return_to($return_to);
65 header ("Location: " . util_make_url($return_to));
68 header ("Location: " . util_make_url("/my"));
72 if ($login) { // The user just clicked the Login button
73 // Let's send them to CAS
75 $return_url = util_make_url('/plugins/authcas/post-login.php?postcas=true&return_to='.htmlspecialchars($return_to));
77 $GLOBALS['PHPCAS_CLIENT']->setURL($return_url);
79 phpCAS::forceAuthentication();
81 } elseif ($postcas) { // The user is coming back from CAS
82 if (phpCAS::isAuthenticated()) {
83 if ($plugin->isSufficient()) {
84 $plugin->startSession(phpCAS::getUser());
87 validate_return_to($return_to);
89 header ("Location: " . util_make_url($return_to));
92 header ("Location: " . util_make_url("/my"));
99 // Otherwise, display the login form again
100 display_login_page($return_to, $triggered);
104 // c-file-style: "bsd"