Added CAS as a new authentication option

[jaronkk]

We use CAS for most of our authentication so I added CAS as a new authentication option.

Here are the files I added/modified

• app/Plugin/FlexAuth/Controller/Component/Auth/CasAuthenticate.php
• app/Plugin/FlexAuth/View/FlexAuth/login_cas.ctp (I don't think this us used unless something goes wrong)
• config.sample.yml
• app/Vendor/CAS-1.3.3/* (from https://wiki.jasig.org/display/CASC/phpCAS )

I based CasAuthenticate heavily off of the existing ShibbolethAuthenticate implementation.

[michaelhagedon]

Wow... thanks! We'll review soon.

[jaronkk]

I updated the pull request with a new change.

I modified login_cas.ctp to give information to the user if they sign in successfully through CAS but don't have access.

The "Request access" link is a mailto link to the email.send_all_feedback_to email address and populates the subject and body with helpful information, it looks like this:

[simpsonw]

I will go ahead an take a look at this.

[simpsonw]

I was able to get this to work locally using the UA WebAuth service (which uses CAS). I tested the following cases:

• A garbage user who was neither in the CAS system nor the local db
• A user who was in the local db but not in CAS
• A user who was in CAS and the local db with admin privs
• A user who was in CAS and the local db with creator privs
• A user who was in CAS but not the local db (I got the page as @jaronkk mentioned above)

All these use cases worked as expected and the code seems to match best practices. Pending @michaelhagedon's approval, I will merge the pull request. Thanks for your work, @jaronkk!

[michaelhagedon]

It looks good to me. Thanks, @jaronkk and @simpsonw!