Extension:CASAuthentication

This version of the CAS Authentication plug-in is an attempt to implement CAS Authentication in MediaWiki 1.13+ without having to edit any of the core application files, but by using Hooks. It is based on a previous version by Christophe Naslain.

Feel free to suggest improvements.

What can this extension do?
This extension implements Central Authentication Service (CAS) authentication in place of MediaWiki's standard authentication.

Requirements
You need the phpCAS php classes in order to use this extension (note: phpCAS need curl, openssl, zlib and dom php extensions compiled).

Installation
In your extensions directory, create a folder called CASAuth. In the new directory, create a file called CASAuth.php from the code included below.

You then need to extract phpCAS inside the new CASAuth directory. Rename the phpCAS directory to "CAS" (from something like "CAS-1.0.1"), or edit the configuration variable to point to the directory.

Then add the following to LocalSettings.php:

Configuration parameters
In the code, there's a single array with configuration variables.

phpCAS - Path to phpCAS directory.

Server - Address to CAS server.

Port - Port to CAS server. Default: 443.

Url - Subdir to CAS authentication.

Version - CAS version, should be either 1.0 or 2.0.

CreateAccounts - Should CASAuth create accounts on the wiki? Should be true unless all accounts already exists on the wiki!

PwdSecret - A random string that is used when generating the MediaWiki password for this user. YOU SHOULD EDIT THIS TO A VERY RANDOM STRING! YOU SHOULD ALSO KEEP THIS A SECRET!

EmailDomain - The default domain for new users email address (is appended to the username).

About CreateAccounts
If the user you are logging in as does not exist on the wiki, and this extension is not configured to automatically create accounts, then you will show up as an anonymous user. Just because you are logging in via a CAS server, that does not mean you do not need an account on the wiki. This extension only makes logging in a lot easier (and the user will be oblivious to the fact that an account has been created on the wiki).