CactiEZ中文版10.1为网上下载的镜像,344MB,该镜像是精简的CentOS6.0的版本。
cas phpClient为1.3.3,详细的使用说明及下载最新版本可以点击此处
在虚拟机安装的CactiEZ中文版10.1镜像,地址为:192.168.217.130,使用NAT方式访问,DHCP获取的IP地址(如果想访问外网,可以将系统自带的网关删掉,我安装之后的默认网关是192.168.0.1,删了之后就能正常上网了)
1.将下载下载的CAS-1.3.3.tgz解压文件中的/CAS文件夹和CAS.php复制到/ver/www/html/目下。
2.在/ver/www/html/目下创建一个ssoLogin.php,该名字不是可以随便起,也可以直接修改index.php文件,将原来的内部登录方法屏蔽掉。
代码如下:
<?php /** * Example for a simple cas 2.0 client * * PHP Version 5 * * @file example_simple.php * @file ssoLogin.php * @category Authentication * @package PhpCAS * @author Joachim Fritschi <[email protected]> * @author Adam Franco <[email protected]> * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 * @link https://wiki.jasig.org/display/CASC/phpCAS */ // Load the cactiEZ lib include("./include/global.php"); // Load the CAS lib require_once 'CAS.php'; // Enable debugging phpCAS::setDebug(); // Initialize phpCAS // phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context); phpCAS::client(CAS_VERSION_2_0, "127.0.0.1", 8080, "/cas"); // For production use set the CA certificate that is the issuer of the cert // on the CAS server and uncomment the line below // phpCAS::setCasServerCACert($cas_server_ca_cert_path); // For quick testing you can disable SSL validation of the CAS server. // THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION. // VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL! phpCAS::setNoCasServerValidation(); // force CAS authentication phpCAS::forceAuthentication(); // at this step, the user has been authenticated by the CAS server // and the user's login name can be read with phpCAS::getUser(). // logout if desired if (isset($_REQUEST['logout'])) { phpCAS::logout(); } // 通过修改的casLogin函数授权 //-------------------------------------start------------------------------------- $casUser = phpCAS::getUser(); $username = $casUser; $user = db_fetch_row("SELECT * FROM user_auth WHERE username = '" . $username . "'"); /* Process the user */ if (sizeof($user) > 0) { cacti_log("LOGIN: User '" . $user["username"] . "' Authenticated", false, "AUTH"); db_execute("INSERT INTO user_log (username,user_id,result,ip,time) VALUES ('" . $username ."'," . $user["id"] . ",1,'" . $_SERVER["REMOTE_ADDR"] . "',NOW())"); /* is user enabled */ $user_enabled = $user["enabled"]; if ($user_enabled != "on") { /* Display error */ auth_display_custom_error_message("访问被拒绝,用户账户被禁用."); exit; } /* set the php session */ $_SESSION["sess_user_id"] = $user["id"]; /* handle "force change password" */ if (($user["must_change_password"] == "on") && (read_config_option("auth_method") == 1)) { $_SESSION["sess_change_password"] = true; } /* ok, at the point the user has been sucessfully authenticated; so we must decide what to do next */ $referer = $_REQUEST['logout']; if(!$referer){ $referer = 'index.php'; } header("Location: $referer"); exit; }else{ /* No guest account defined */ auth_display_custom_error_message("访问被拒绝,请联系您的CactiEZ管理员."); cacti_log("LOGIN: Access Denied, No guest enabled or template user to copy", false, "AUTH"); exit; } //-------------------------------------end------------------------------------- // for this test, simply print that the authentication was successfull ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>欢迎登录到CactiEZ中文版 | 认证成功</title> </head> <body> <h1>认证成功!</h1> <p>the user's login is <b><?php echo $casUser; ?></b>.</p> <p>CAS登录的用户名为 <b><?php echo $casUser; ?></b>.</p> <p>phpCAS version is <b><?php echo phpCAS::getVersion(); ?></b>.</p> <p>phpCAS版本为 <b><?php echo phpCAS::getVersion(); ?></b>.</p> <p><a href="index.php">点击进入主页</a></p> <p><a href="?logout=">注销</a></p> <table align="center"> <?php if ($user_enabled == "0") {?> <tr style="height:10px;"><td></td></tr> <tr> <td colspan="2"><font color="#FF0000"><strong>用户账户已禁用</strong></font></td> </tr> <?php } ?> </body> </html>
#yum install php-dom
如果没有网络也没关系,找个CentOS6 X86的镜像,将该镜像作为yum的源安装,
2)mount CenotOS光驱(系统为CentOS6 X86),
$mount /dev/cdrom /media/cdrom/
$cp /etc/yum.repos.d/CentOS_Base /etc/yum.repos.d/CentOS_Base.bak
$vim /etc/yum.repos.d/CentOS_Media
$yum list
yum -y install php-dom
$service httpd restart