CAS as an Authentication Provider
- Xibo for Android
- DSDevices DSCS9X/95 Set-up Guide
- Install a White Label or a different Player version on DSDevices
- CEC Screen Power on/off with DSDevices
- Hardware Recommendations
- Philips Signage SoC Monitors
- Sony Bravia SoC
- Hisense Commercial Displays SoC
- Managing Storage on the Android Device
- Player Settings
- Players without an Internet Connection
- Remote Administration with SS Helper
- Restart Rooted Device with a Shell Command
- Running Xibo for Android
- Resolving Common Issues
- Error shown when I try to licence my Player?
- Player not updating from the CMS?
- I can see my Licence entry but the Player appears unlicensed?
- Error message - Player is missing dependencies
- My scheduled Layouts are not working?
- Layout won't play? Splash screen plays?
- Watchdog error message
- Troubleshooting for Administrators
- Audit Trail
- Log Information
- Player Logs
- Getting the Player Status
- Request Player Status via CMS - Logged in Players only
- Request Player Status directly from a Device
- Can I use the Xibo name / logo?
- Can I run a Xibo Player on Raspberry Pi?
- How can I increase the upload file size limit?
- How do Players communicate with the CMS?
- How many displays can Xibo support?
- How do I reset the Xibo_admin account password?
- Power On/Off for Players
- Testing with Xibo
- Why do I need a Default Layout?
- Xibo for Android FAQ's
- Autoplaying Embedded Youtube Videos
- Closing to Home screen
- Displaying Images
- Embedded TV
- External SD card not listed when running Banana-Pi
- Helper Command to change Time zone
- HTML5 Video
- Memory Notifications
- Menu not accessible
- SSL Support
- Using Portrait Displays
- Video wont play properly
On this page
CAS as an Authentication Provider
The CMS can be configured to use CAS as its authentication provider
The Central Authentication Service ( CAS ) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user’s security credentials, such as a password. Wikipedia
CAS integration is enabled via the settings.php
file in the CMS installation.
If Docker has been used settings.php
will not be accessible, however, it is possible to create a settings-custom.php
file in the /custom
mount point. The below Configuration can be added to that file instead.
The purpose of the integration is to configure a CAS enabled IdP (identity provider) for authentication with the Xibo CMS.
A User already authenticated with the IdP will automatically be logged into the CMS. If the User does not exist they will optionally be created with a set of default credentials.
Configuration
CAS integration is configured in the settings.php
file of the CMS installation. This file can be found in your /web
folder.
There are two sections to adjust, the $authentication
middleware and the $samlSettings
configuration array.
The authentication middleware should be changed to CASAuthentication
, shown below:
$authentication = new \Xibo\Middleware\CASAuthentication();
The CAS settings array contains all the necessary information for the CMS to connect and use a CAS enabled IdP. The configuration is split into 3 main sections:
-
server
: options for the server provider (these are used by the CMS to identify and communicate with the identity provider). -
port
: specify which port to use. -
uri
: the location of the CAS application at theserver
specified above.
Example Settings
$authentication = new \Xibo\Middleware\CASAuthentication();
$casSettings = array(
'config' => array (
'service_base_url' => 'https://*url of xibo server*',
'server' => 'your.cas.server',
'port' => '443',
'uri' => '/cas',
)
);