You are here

function _cas_force_login in CAS 6.3

Same name and namespace in other branches
  1. 5.4 cas.module \_cas_force_login()
  2. 5 cas.module \_cas_force_login()
  3. 5.3 cas.module \_cas_force_login()
  4. 6 cas.module \_cas_force_login()
  5. 6.2 cas.module \_cas_force_login()
  6. 7 cas.module \_cas_force_login()

Determine if we should require the user be authenticated.

Return value

TRUE if we should require the user be authenticated, FALSE otherwise.

1 call to _cas_force_login()
cas_init in ./cas.module
Implementation of hook_init().

File

./cas.module, line 794
Enables users to authenticate via a Central Authentication Service (CAS) Cas will currently work if the auto registration is turned on and will create user accounts automatically.

Code

function _cas_force_login() {

  // The 'cas' page is a shortcut to force authentication.
  if (arg(0) == 'cas') {
    return TRUE;
  }

  // Do not force login for XMLRPC, Cron, or Drush.
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'xmlrpc.php')) {
    return FALSE;
  }
  if (stristr($_SERVER['SCRIPT_FILENAME'], 'cron.php')) {
    return FALSE;
  }
  if (function_exists('drush_verify_cli') && drush_verify_cli()) {
    return FALSE;
  }

  // Excluded page do not need login.
  if ($pages = variable_get('cas_exclude', CAS_EXCLUDE)) {
    $path = drupal_get_path_alias($_GET['q']);
    if (drupal_match_path($path, $pages)) {
      return FALSE;
    }
  }

  // Set the default behavior.
  $force_login = variable_get('cas_access', 0);

  // If we match the speficied paths, reverse the behavior.
  if ($pages = variable_get('cas_pages', '')) {
    $path = drupal_get_path_alias($_GET['q']);
    if (drupal_match_path($path, $pages)) {
      $force_login = !$force_login;
    }
  }
  return $force_login;
}