You are here

function cas_admin_settings in CAS 5.3

Same name and namespace in other branches
  1. 5.4 cas.module \cas_admin_settings()
  2. 5 cas.module \cas_admin_settings()
  3. 6.3 cas.admin.inc \cas_admin_settings()
  4. 6 cas.module \cas_admin_settings()
  5. 6.2 cas.module \cas_admin_settings()
  6. 7 cas.admin.inc \cas_admin_settings()

Provides settings pages.

1 string reference to 'cas_admin_settings'
cas_menu in ./cas.module
Implements hook_menu.

File

./cas.module, line 379

Code

function cas_admin_settings() {
  $form['server'] = array(
    '#type' => 'fieldset',
    '#title' => t('CAS server settings'),
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );
  $form['server']['cas_version'] = array(
    '#type' => 'radios',
    '#title' => t('CAS version'),
    '#default_value' => variable_get('cas_version', '2.0'),
    '#options' => array(
      '1.0' => '1.0',
      '2.0' => '2.0 or higher',
    ),
  );
  $form['server']['cas_server'] = array(
    '#type' => 'textfield',
    '#title' => t('CAS server'),
    '#default_value' => variable_get('cas_server', ''),
    '#size' => 30,
    '#maxlength' => 55,
    '#description' => t('Location of CAS authentication service.'),
  );
  $form['server']['cas_port'] = array(
    '#type' => 'textfield',
    '#title' => t('CAS port'),
    '#default_value' => variable_get('cas_port', '443'),
    '#size' => 30,
    '#maxlength' => 8,
    '#description' => '443 is the standard ssl port. 8443 is the standard non-root port for Tomcat.',
  );
  $form['server']['cas_uri'] = array(
    '#type' => 'textfield',
    '#title' => t('CAS URI'),
    '#default_value' => variable_get('cas_uri', ''),
    '#size' => 30,
    '#description' => 'If CAS is not at the root of the host, include a URI (e.g., /cas).',
  );
  $form['server']['cas_check_first'] = array(
    '#type' => 'checkbox',
    '#title' => t('Check to see if a user is allready logged in?'),
    '#default_value' => variable_get('cas_check_first', 0),
    '#description' => t('This check is performed once the first time a user visits your site, so that the local drupal logout is still useful for site admins. '),
  );
  $form['server']['cas_verify'] = array(
    '#type' => 'radios',
    '#title' => t('CAS PEM certificate verification'),
    '#default_value' => variable_get('cas_verify', CAS_NO_VERIFY),
    '#options' => array(
      CAS_NO_VERIFY => 'Do not verify the certificate',
      CAS_VERIFY => 'Verify the server using PEM cerificate',
      CAS_CA_VERIFY => 'Verify the Certificate Authority using PEM certificate',
    ),
  );
  $form['server']['cas_cert'] = array(
    '#type' => 'textfield',
    '#title' => t('CAS PEM Certificate (phpCAS 0.6 or greater)'),
    '#default_value' => variable_get('cas_cert', ''),
    '#size' => 30,
    '#description' => 'With client version 0.6 or greater this is the certificate for validating cas or the cas CA as appropriate.',
  );
  $form['server']['cas_proxy'] = array(
    '#type' => 'checkbox',
    '#title' => t('Initialize CAS as proxy'),
    '#default_value' => variable_get('cas_proxy', 0),
    '#description' => t('When using a proxy it is required to set the option "Require CAS login for:" to "specific pages" with "node/*" as a specific page or "all pages except specific pages" on the "Redirection settings".'),
  );
  $form['server']['cas_pgtformat'] = array(
    '#type' => 'radios',
    '#title' => t('CAS PGT storage file format'),
    '#default_value' => variable_get('cas_pgtformat', 'plain'),
    '#options' => array(
      'plain' => 'Plain Text',
      'xml' => 'XML',
    ),
  );
  $form['server']['cas_pgtpath'] = array(
    '#type' => 'textfield',
    '#title' => t('CAS PGT storage path'),
    '#default_value' => variable_get('cas_pgtpath', ''),
    '#size' => 30,
    '#description' => "Only needed if 'Use CAS proxy initializer' is configured. Leave empty for default.",
  );
  $form['server']['cas_signout'] = array(
    '#type' => 'checkbox',
    '#title' => t('Enable CAS Single Sign Out (CAS server 3.1 or greater)'),
    '#default_value' => variable_get('cas_signout', FALSE),
    '#description' => t('For more details see <a href="http://www.ja-sig.org/wiki/display/CASUM/Single+Sign+Out">http://www.ja-sig.org/wiki/display/CASUM/Single+Sign+Out</a>.'),
  );
  $form['server']['cas_debugfile'] = array(
    '#type' => 'textfield',
    '#title' => t('CAS debugging output filename'),
    '#default_value' => variable_get('cas_debugfile', ''),
    '#size' => 30,
    '#description' => "Leave empty if you don't want debugging output.",
  );
  $form['account'] = array(
    '#type' => 'fieldset',
    '#title' => t('User account settings'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );
  $form['account']['cas_authmap'] = array(
    '#type' => 'checkbox',
    '#title' => t('Is Drupal also the CAS user repository?'),
    '#default_value' => variable_get('cas_authmap', 0),
    '#description' => t('In most cases, the answer will be no; an LDAP repository will be the source of CAS users. But in some cases, the Drupal user database could be used as the central user store for single sign-on. If this is the case, select this option.'),
  );
  $form['account']['cas_hijack_user'] = array(
    '#type' => 'checkbox',
    '#title' => t('If Drupal is not the user repository, should cas highjack users with the same name?'),
    '#default_value' => variable_get('cas_hijack_user', 0),
    '#description' => t('If you have pre-created regular accounts in cas that you want converted to mapped accounts, check this box.  Otherwise CAS will likely throw duplicate key violation errors on new users.'),
  );
  $form['account']['cas_user_register'] = array(
    '#type' => 'checkbox',
    '#title' => t('Should Drupal user accounts be automatically created?'),
    '#default_value' => variable_get('cas_user_register', 1),
    '#description' => t('If a CAS user logs in, his Drupal account will automatically be created. If you don\'t check this option, you will have to pre-create accounts for the users you want to allow.'),
  );
  $form['account']['cas_domain'] = array(
    '#type' => 'textfield',
    '#title' => t('Email Domain'),
    '#default_value' => variable_get('cas_domain', ''),
    '#size' => 30,
    '#maxlength' => 55,
    '#description' => t('Append this domain name to each new user in order generate his email address.'),
  );
  $form['account']['cas_hide_email'] = array(
    '#type' => 'checkbox',
    '#title' => t('Users canot change email address'),
    '#default_value' => variable_get('cas_hide_email', 0),
    '#description' => t('Hide email address field on the edit user form.'),
  );
  $form['account']['cas_hide_password'] = array(
    '#type' => 'checkbox',
    '#title' => t('Users canot change password'),
    '#default_value' => variable_get('cas_hide_password', 0),
    '#description' => t('Hide password field on the edit user form.'),
  );
  if (module_exists('persistent_login')) {
    $form['account']['cas_allow_rememberme'] = array(
      '#type' => 'checkbox',
      '#title' => t('Users can stay logged in between sessions'),
      '#default_value' => variable_get('cas_allow_rememberme', 0),
      '#description' => t('If Persistent Login is enabled, users can choose to stay logged in between browser sessions'),
    );
  }
  $form['account']['cas_auto_assigned_role'] = array(
    '#type' => 'select',
    '#title' => t('Auto-assign users to the role(s)'),
    '#default_value' => variable_get('cas_auto_assigned_role', array(
      DRUPAL_AUTHENTICATED_RID,
    )),
    '#options' => user_roles(TRUE),
    '#multiple' => TRUE,
    '#description' => t('This value can be used to establish a role automatically for all CAS users.  As an example, if you are also using the simple_ldap module, you can use this role to establish a tie between CAS and LDAP-populated data.  i.e. Users with the role of \'cas:user\' should have their LDAP data updated automatically.'),
  );
  $form['pages'] = array(
    '#type' => 'fieldset',
    '#title' => t('Redirection settings'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );
  $form['pages']['cas_access'] = array(
    '#type' => 'radios',
    '#title' => t('Require CAS login for'),
    '#default_value' => variable_get('cas_access', 0),
    '#options' => array(
      t('specific pages'),
      t('all pages except specific pages'),
    ),
  );
  $form['pages']['cas_pages'] = array(
    '#type' => 'textarea',
    '#title' => t('Specific pages'),
    '#default_value' => variable_get('cas_pages', ''),
    '#cols' => 40,
    '#rows' => 5,
    '#description' => t("Enter one page per line as Drupal paths. The '*' character is a wildcard. Example paths are '<em>blog</em>' for the blog page and '<em>blog/*</em>' for every personal blog. '<em>&lt;front&gt;</em>' is the front page."),
  );
  $form['pages']['cas_exclude'] = array(
    '#type' => 'textarea',
    '#title' => t('Excluded Pages'),
    '#default_value' => variable_get('cas_exclude', CAS_EXCLUDE),
    '#cols' => 40,
    '#rows' => 5,
    '#description' => t("Indicates which pages will be ignored (no login checks). Enter one page per line as Drupal paths. The '*' character is a wildcard. Example paths are '<em>blog</em>' for the blog page and '<em>blog/*</em>' for every personal blog. '<em>&lt;front&gt;</em>' is the front page."),
  );

  // Settings for redirection upon first login
  $form['pages']['cas_first_login'] = array(
    '#type' => 'checkbox',
    '#title' => t('Force redirection on initial login'),
    '#default_value' => variable_get('cas_first_login', 0),
    '#description' => t("Activate this option if you want a user to be directed to the following page after their first CAS login."),
  );
  $form['pages']['cas_first_login_destination'] = array(
    '#type' => 'textfield',
    '#title' => t('Initial login landing page'),
    '#default_value' => variable_get('cas_first_login_destination', ''),
    '#size' => 30,
    '#maxlength' => 55,
    '#description' => t("Drupal path or URL. An example path is '<em>blog</em>' for the blog page. '&lt;front&gt;' is the front page. An example URL is '<em>http://www.example.com</em>'."),
  );

  // Setting for message displayed to user upon successfull login
  $form['pages']['cas_login_message'] = array(
    '#type' => 'textfield',
    '#title' => t('Successful login message'),
    '#default_value' => variable_get('cas_login_message', 'Logged in via CAS as %cas_username.'),
    '#description' => 'The message displayed to a user when he successfully logs in via CAS. You may specify \'%cas_username\', the username of the user.',
  );

  // Setting for page to return to after a CAS logout
  $form['pages']['cas_logout_redirect'] = array(
    '#type' => 'checkbox',
    '#title' => t('Redirect user on logout'),
    '#default_value' => variable_get('cas_logout_redirect', 0),
    '#description' => t("Activate this option if you want a user to be directed to the following page after logging out of CAS. The logout destination must be specified below."),
  );
  $form['pages']['cas_logout_destination'] = array(
    '#type' => 'textfield',
    '#title' => t('Logout destination'),
    '#default_value' => variable_get('cas_logout_destination', ''),
    '#size' => 30,
    '#maxlength' => 55,
    '#description' => t("URL. An example URL is '<em>http://www.example.com</em>'. You can also use '&lt;front&gt;' for the front page."),
  );
  $form['misc'] = array(
    '#type' => 'fieldset',
    '#title' => t('Miscellaneous settings'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );
  $form['misc']['cas_changePasswordURL'] = array(
    '#type' => 'textfield',
    '#title' => t('Change password URL'),
    '#default_value' => variable_get('cas_changePasswordURL', ''),
    '#description' => t('The URL users should use for changing their password.  Leave blank to use the standard Drupal page.'),
  );
  $form['misc']['cas_registerURL'] = array(
    '#type' => 'textfield',
    '#title' => t('Registration URL'),
    '#default_value' => variable_get('cas_registerURL', ''),
    '#description' => t('The URL users should use for changing registering.  Leave blank to use the standard Drupal page.'),
  );
  $form['ldap'] = array(
    '#type' => 'fieldset',
    '#title' => t('LDAP settings'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );
  $form['ldap']['cas_useldap'] = array(
    '#type' => 'checkbox',
    '#title' => t('Should we extract the user email from an LDAP directory?'),
    '#default_value' => variable_get('cas_useldap', 0),
    '#description' => t('Activate this option if you want to extract the user email from an LDAP directory. <strong>Ldapauth module must be enabled and configured</strong>.'),
  );
  $form['ldap']['cas_ldap_email_attribute'] = array(
    '#type' => 'textfield',
    '#title' => t('Email attribute'),
    '#default_value' => variable_get('cas_ldap_email_attribute', 'mail'),
    '#size' => 30,
    '#maxlength' => 55,
    '#description' => t('LDAP entry attribute containing the email address.'),
  );
  $form['ldap']['cas_useldap_groups'] = array(
    '#type' => 'checkbox',
    '#title' => t('Should we extract user groups from an LDAP directory?'),
    '#default_value' => variable_get('cas_useldap_groups', 0),
    '#description' => t('Activate this option if you want to extract the user groups from an LDAP directory. <strong>Ldapgroups module must be enabled and configured</strong>.'),
  );
  return system_settings_form($form);
}