3 * FusionForge AuthCas login page
5 * This is main login page. It takes care of different account states
6 * (by disallowing logging in with non-active account, with appropriate
9 * Copyright 1999-2001 (c) VA Linux Systems
10 * Copyright 2011, Roland Mas
12 * This file is part of FusionForge. FusionForge is free software;
13 * you can redistribute it and/or modify it under the terms of the
14 * GNU General Public License as published by the Free Software
15 * Foundation; either version 2 of the Licence, or (at your option)
18 * FusionForge is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License along
24 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 // FIXME : WTF ?!?!?!?
29 Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
30 Header( "Cache-Control: no-cache");
31 Header( "Cache-Control: must-revalidate");
33 require_once('../../../www/env.inc.php');
34 require_once $gfcommon.'include/pre.php';
35 require_once('../../../www/include/login-form.php');
37 $plugin = plugin_get_object('authcas');
39 $return_to = getStringFromRequest('return_to');
40 $login = getStringFromRequest('login');
41 $postcas = getStringFromRequest('postcas');
42 $triggered = getIntFromRequest('triggered');
44 if (forge_get_config('use_ssl') && !session_issecure()) {
45 //force use of SSL for login
47 session_redirect_external('https://'.getStringFromServer('HTTP_HOST').getStringFromServer('REQUEST_URI'));
48 //header('Location: https://'.getStringFromServer('HTTP_HOST').getStringFromServer('REQUEST_URI'));
51 // Here comes CAS standard magic (which will redirect to the CAS server, etc.)
55 if (phpCAS::isAuthenticated()) {
56 if ($plugin->isSufficient()) {
57 $plugin->startSession(phpCAS::getUser());
60 validate_return_to($return_to);
61 session_redirect($return_to);
62 //header ("Location: " . util_make_url($return_to));
65 session_redirect("/my");
66 //header ("Location: " . util_make_url("/my"));
70 if ($login) { // The user just clicked the Login button
71 // Let's send them to CAS
73 $return_url = util_make_url('/plugins/authcas/post-login.php?postcas=true&return_to='.htmlspecialchars($return_to));
75 $GLOBALS['PHPCAS_CLIENT']->setURL($return_url);
77 phpCAS::forceAuthentication();
79 } elseif ($postcas) { // The user is coming back from CAS
80 if (phpCAS::isAuthenticated()) {
81 if ($plugin->isSufficient()) {
82 $plugin->startSession(phpCAS::getUser());
85 validate_return_to($return_to);
87 session_redirect($return_to);
88 //header ("Location: " . util_make_url($return_to));
91 session_redirect("/my");
92 //header ("Location: " . util_make_url("/my"));
99 // Otherwise, display the login form again
100 display_login_page($return_to, $triggered);
104 // c-file-style: "bsd"