Closed Getekid closed 4 years ago
tmerrick1
commented
8 years ago This looks like a fairly major task. Is there any way to get this working in the meantime? Right now it correctly goes to the CAS server, but then goes right back to the login page without logging in.
Getekid
commented
8 years ago The bug you mention is already in the issue #4 ! The above is possible but agreed it's a major task, too. The reason for it is to avoid using the $this->request->enable_super_globals(); line as it has security implications.
Getekid
commented
4 years ago Unnecessary feature, the phpCAS library should be included using composer.
The global variable issue can be tackled as now, by turning them on and off when needed.
The phpCAS library from Jasig has a lot of "GET" and "SERVER" requests which are disabled in phpBB for security reasons.
Enabling the global variables has a security issue plus it creates a few bugs (e.g. the CAS settings doesn't change once set).
Therefore the phpCAS library needs to be translated to phpBB language.