yraiso/casauth-bundle
Composer 安装命令:
composer require yraiso/casauth-bundle
包简介
Basic CAS (SSO) authenticator for Symfony 5.4, 6.0, 7.0 and 8.0
README 文档
README
Basic CAS (SSO) authenticator for Symfony 5.4, 6.0, 7.0 and 8.0 (no use guard component && no old authentication)
This bundle provides a -very- basic CAS (https://github.com/apereo/cas/tree/4.1.x) authentication client for Symfony 5.4, 6.0, 7.0 and 8.0 with new security authentication system
Installation
Install the library via Composer by running the following command:
composer require yraiso/casauth-bundle
Next, enable the bundle in your config/bundles.php file:
<?php return [ //..... YRaiso\CasAuthBundle\YRaisoCasAuthBundle::class => ['all' => true], ];
Create this file config/packages/y_raiso_cas_auth.yaml, add these settings :
y_raiso_cas_auth: server_login_url: https://mycasserver/cas/ server_validation_url: https://mycasserver/cas/serviceValidate server_logout_url: https://mycasserver/cas/logout server_force_redirect_https: false # only for app with vhost set to 80 and behind reverse proxy (443) - if in env file must be cast to boolean value like('%env(bool:CAS_FORCE_REDIRECT_HTTPS)%')! xml_namespace: cas options: [] # you can add request options (or override global ones) (cf https://symfony.com/doc/current/http_client.html#making-requests)
Note :
- the xml_namespace and options parameters are optionals
- to set proxy => options: -proxy: '%env(CAS_PROXY_URL)%'
Modify your security.yml with the following values (the provider in the following settings should not be used as it's just a very basic example ) :
security: enable_authenticator_manager: true providers: cas_user_provider: id: yraiso.cas_user_provider firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: logout: ~ remote_user: provider: cas_user_provider custom_authenticator: yraiso.cas_authenticator entry_point: yraiso.cas_auth_entry_point access_control: - { path: ^/, roles: ROLE_USER }
In production, create your own UserProvider ( implements UserProviderInterface, PasswordUpgraderInterface) and User (implements UserInterface, this class it is not mandatory) then add its service name in providers:cas_user_provider:id: (security.yml file) :
services.yaml:
# ... services: cas_user_provider: class: App\Security\User\CasUserProvider
And voila ! Your secured route should redirect you to your CAS login page which should authenticate you.
Note : if you create your own User you must declare the following attributes and their accessors :
// .... private $uid; private $roles = []; private $casAttributes;
CAS global logout option
If you want your users to logout from the remote CAS server when logging out from your app, you should apply the following settings :
security.yaml:
# ... firewalls: # ... main: # ... logout: path: app_logout
services.yaml
# ... services: # ... YRaiso\CasAuthBundle\EventListener\LogoutListener: arguments: $logoutUrl: "%cas_server_logout_url%" tags: - name: 'kernel.event_listener' event: 'Symfony\Component\Security\Http\Event\LogoutEvent' dispatcher: security.event_dispatcher.main
Next, you need to create a route for this URL (but not a controller):
/** * @Route("/logout", name="app_logout", methods={"GET"}) * */ public function logout(): void { // controller can be blank: it will never be called! throw new \Exception('Don\'t forget to activate logout in security.yaml'); }
yraiso/casauth-bundle 适用场景与选型建议
yraiso/casauth-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 8.69k 次下载、GitHub Stars 达 2, 最近一次更新时间为 2022 年 01 月 19 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「SSO」 「cas」 「authenticator」 「YRaiso」 「Symfony 5.4」 「Symfony 6.0」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 yraiso/casauth-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 yraiso/casauth-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 yraiso/casauth-bundle 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Add CAS server SSO authentication to Laravel 4 and 5
CAS bundle for PuMuKIT
Symfony Lock Component
Time-based One-time Password implementation for Nette framework
Provides a simple API for authenticating users against a CAS server
统计信息
- 总下载量: 8.69k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 3
- 点击次数: 11
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2022-01-19