Versions Compared

Old Version 3

changes.mady.by.user Neil Sabol

Saved on

compared with

New Version Current

changes.mady.by.user Neil Sabol

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Very similar to process above but ended up being less invasive in our environment. Also, in ZPanel 10.1.1, it appears that ctrl_auth::RequireUser() requires an additional parameter. Code for phpCAS needs minor modification but I've not tested the change.

...

  1. Install and configure both ZPanel and mod_auth_cas for Apache
    1. README for mod_auth_cas is very useful
    2. At a high level, you need to:
      1. Build mod_auth_cas on your ZPanel server
      2. Configure your ZPanel server's Apache instance to use mod_auth_cas
  2.  Make sure mod_auth_cas is configured to protect the ZPanel directory (%zpanel-root%/panel - typically /etc/zpanel/panel)
      1. Use .htaccess or the main Apache configuration



    Code Block
    languagetext
    titleCAS Authentication Sample
    AuthType CAS
require user someuser
  3.  Edit ZPanel's auth.class.php as follows: (%zpanel-root%/panel/dryden/ctrl/auth.class.php - typically /etc/zpanel/panel/dryden/ctrl/auth.class.php)
    1. Make ZPanel use REMOTE_USER (set by CAS) for authentication

      1. Add self::Authenticate line to beginning of RequireUser() as follows

        Code Block
        languagephp
        title auth.class.php -> static function RequireUser()
        static function RequireUser()
    {
        //Modifications for CAS login
        self::Authenticate($_SERVER['REMOTE_USER'], $_COOKIE['zPass'], false, true, false);
        //End modifications for CAS login
 
        global $zdbh;
        if (!isset($_SESSION['zpuid'])) {
            if (isset($_COOKIE['zUser'])) {
                if (isset($_COOKIE['zSec'])) {

      2. Remove password line from SQL and change array near beginning of Authenticate() as follows:

        Code Block
        languagephp
        titleauth.class.php -> static function Authenticate
        static function Authenticate($username, $password, $rememberme = false, $iscookie = false, $sessionSecuirty)
    {
        global $zdbh;
        $sqlString = "SELECT * FROM
                      x_accounts WHERE
                      ac_user_vc = :username AND
                      ac_enabled_in = 1 AND
                      ac_deleted_ts IS NULL";
 
        $bindArray = array(':username' => $username);

       

    2. That should be all

      1. Navigate to your ZPanel URL and you should receive a CAS login screen

      2. Login via CAS and you will see your ZPanel account