phpCAS requirements

Owned by Pascal AUBRY
Last updated: May 19, 2016 by Joachim Fritschi

Webserver

Any webserver like Apache, IIS and others should work.

CURL (7.5+)

CURL libs must be present on your system, and they must have been compiled with SSL support.

PHP >= 5.4 (PHP >= 4.2.2 for 1.1.x)

phpCAS users must have PHP compiled with the following options:

  • --with-curl: CURL support, needed to access proxies.
  • --with-openssl: SSL support, needed for fopen('https://...'), to validate CAS tickets;
  • --with-dom: DOM support, to read the XML responses of the CAS server (PHP4);
  • --with-zlib: Zlib support, needed by DOM.

When used within the Horde FrameWork:

  • --with-gettext: gettext support.

When used within Horde IMP:

  • --with-imap: IMAP and POP support, needed when using IMP;
  • --with-kerberos: Kerberos support, needed by IMAP.

When storing Horde user preferences to MySQL databases:

  • --with-mysql: MySQL support.

Notes:

  • PHP >= 4.3.0 is needed to get full logging information (thanks to debug_backtrace()).
  • On some systems (Fedora Core 2 for instance), package php_domxml is required.

SSL

If you plan to write a CAS proxy, you will need to secure your Apache server with OpenSSL. HTTPS configuration is needed to use CAS proxies (the callback URL given to the CAS server to transmit the PGTIou must be secured). To achieve this, edit your httpd.conf file and add lines such as:

SSLCertificateFile /etc/x509/cert.server.pem
SSLCertificateKeyFile /etc/x509/key.server.pem
SSLCertificateChainFile /etc/x509/cachain.pem
SSLCACertificateFile /etc/x509/cacert.pem

Furthermore, the CAS server should trust the CAS proxy. If not, no PGTiou (a token that is required by CAs proxies to get PGTs) will be transmitted.