1# Dokuwiki CAS extension
2
3The **CAS** extension extends :
4- the [authsplit](https://www.dokuwiki.org/plugin:authsplit) extension
5- the [authldap](https://www.dokuwiki.org/plugin:authldap) extension
6to provide authentication using [Apereo CAS phpCAS](https://github.com/apereo/phpCAS).
7
8Recommended Dokuwiki version: **54.1+**
9
10## Required
11
12- Apache 2.4
13- PHP 8.3+
14- Dokuwiki 54.1 or possibly earlier
15- Extension authsplit (version of 2024-02-22) or possibly earlier
16- Extension authldap (version of 2024-02-17) or possibly earlier
17
18## Installation
19
20> This extension requires :
21- the [authsplit](https://www.dokuwiki.org/plugin:authsplit) extension
22- the [authldap](https://www.dokuwiki.org/plugin:authldap) extension
23to be installed first.
24
25* Download and place the file(s) in a directory called authcas in your lib/plugins/ folder.
26* Launch this command in the directory to install composer packages (dependencies of Cas package like apereo/phpcas) from composer.json and composer.lock :
27```
28composer install
29```
30* Add the following code at the bottom of your local.protected.php and configures settings:
31
32```php
33$conf['superuser'] = $conf['superuser'].',@GROUP-ADMIN';
34$conf['authtype']    = 'authsplit';
35$conf['plugin']['authsplit']['primary_authplugin'] = 'authcas';
36$conf['plugin']['authsplit']['secondary_authplugin'] = 'authldap';
37
38$conf['plugin']['authcas']['handlelogoutrequestTrustedHosts'] = Array("");
39$conf['plugin']['authcas']['server'] = 'cas.univ.fr';
40$conf['plugin']['authcas']['port'] = 443;
41// CAS server root parameter
42$conf['plugin']['authcas']['rootcas'] = '';
43$conf['plugin']['authcas']['hostURL'] = 'https://dokuwiki.host.com';
44// automatically log the user when there is already a CAS session opened
45$conf['plugin']['authcas']['autologin'] = 1;
46$conf['plugin']['authcas']['caslogout'] = 1;
47// log out from wiki when loggin out from CAS(should work with CAS V3, experimental)
48$conf['plugin']['authcas']['handlelogoutrequest'] = 1;
49// force cas connection (set to false if you want an anonymous page on your wiki)
50$conf['plugin']['authcas']['forceauthentication'] = 'false';
51
52$conf['plugin']['authcas']['logFile']="";
53
54$conf['plugin']['authldap']['binddn']     = 'uid=app-user,ou=ldapusers,dc=univ,dc=fr';
55$conf['plugin']['authldap']['bindpw']     = '***********';
56$conf['plugin']['authldap']['server']      = 'ldap://ldap.univ.fr:389'; #instead of the above two settings
57$conf['plugin']['authldap']['usertree']    = 'ou=people,dc=univ,dc=fr';
58$conf['plugin']['authldap']['grouptree']   = 'ou=groups,dc=univ,dc=fr';
59$conf['plugin']['authldap']['userfilter']  = '(uid=%{user})';
60$conf['plugin']['authldap']['groupfilter'] = '(member=uid=%{user},ou=people,dc=univ,dc=fr)';
61$conf['plugin']['authldap']['version']    = 3;
62```
63