Using CAS with Sugar

[idlelife]

Has anyone tried integrating the CAS (Central Authentication Service) with Sugar? Any tips on getting this done?

Thanks for your time.

[idlelife]

In case anyone is curious, I've gotten Sugar CRM working with the CAS. Only two pieces of code need to be changed:

1. In index.php, there's a section that checks to see if the $_SESSION['authenticated_user_id'] has been set, and, if not, redirects to the login page. Search for the debug log entry that says "The current user does not have a session. Going to the login page" You need to comment out the interior of this else block and replace it with something like the following code:


include_once('CAS/CAS.php');
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0,'localhost',8443,'c as');
phpCAS::forceAuthentication();
$name = phpCAS::getUser();

$query = "SELECT * from users where user_name='$name'";
$result =$GLOBALS['db']->limitQuery($query,0,1,false);
$row = $GLOBALS['db']->fetchByAssoc($result);
if (empty ($row)) {
//Need to add new user
} else {
$_SESSION['authenticated_user_id'] = $row['id'];
}
$action = 'Authenticate';
$module = 'Users';
$_REQUEST['action'] = $action;
$_REQUEST['module'] = $module;


2. At this point, Sugar will think the user is coming in from another site (which is what is happening) and destroy the session. You need to alter the code found in SugarAuthenticate.php (in postSessionAuthenticate) to deal with this. You don't want the session destroyed, but you still need to deal with users potentially coming in from another site, while not going through CAS.

I hope this is useful for someone.