static utility functions used to manage authentication modes More...
Public Member Functions | |
| _initAuth () | |
| initialises $ilAuth | |
| _getAuthModeOfUser ($a_username, $a_password, $a_db_handler= '') | |
| _getAuthMode ($a_auth_mode, $a_db_handler= '') | |
| _getAuthModeName ($a_auth_key) | |
| _getActiveAuthModes () | |
| _getAllAuthModes () | |
| _generateLogin ($a_login) | |
| generate free login by starting with a default string and adding postfix numbers | |
Detailed Description
static utility functions used to manage authentication modes
- Version:
- Id:
- class.ilAuthUtils.php 12622 2006-11-27 11:02:11Z smeyer
Definition at line 48 of file class.ilAuthUtils.php.
Member Function Documentation
| ilAuthUtils::_generateLogin | ( | $ | a_login | ) |
generate free login by starting with a default string and adding postfix numbers
Definition at line 426 of file class.ilAuthUtils.php.
Referenced by ilSOAPAuth::login(), and ilCASAuth::login().
{
global $ilDB;
// Check if username already exists
$found = false;
$postfix = 0;
$c_login = $a_login;
while(!$found)
{
$r = $ilDB->query("SELECT login FROM usr_data WHERE login = ".
$ilDB->quote($c_login));
if ($r->numRows() > 0)
{
$postfix++;
$c_login = $a_login.$postfix;
}
else
{
$found = true;
}
}
return $c_login;
}
Here is the caller graph for this function:
| ilAuthUtils::_getActiveAuthModes | ( | ) |
Definition at line 393 of file class.ilAuthUtils.php.
References $ilias.
Referenced by ilObjAuthSettingsGUI::authSettingsObject(), ilObjUserGUI::createObject(), and ilObjUserGUI::editObject().
{
global $ilias;
$modes = array(
'default' => $ilias->getSetting("auth_mode"),
'local' => AUTH_LOCAL
);
if ($ilias->getSetting("ldap_active")) $modes['ldap'] = AUTH_LDAP;
if ($ilias->getSetting("radius_active")) $modes['radius'] = AUTH_RADIUS;
if ($ilias->getSetting("shib_active")) $modes['shibboleth'] = AUTH_SHIBBOLETH;
if ($ilias->getSetting("script_active")) $modes['script'] = AUTH_SCRIPT;
if ($ilias->getSetting("cas_active")) $modes['cas'] = AUTH_CAS;
if ($ilias->getSetting("soap_auth_active")) $modes['soap'] = AUTH_SOAP;
return $modes;
}
Here is the caller graph for this function:
| ilAuthUtils::_getAllAuthModes | ( | ) |
Definition at line 411 of file class.ilAuthUtils.php.
References _getAuthModeName().
Referenced by ilObjAuthSettingsGUI::authSettingsObject().
{
return array(
AUTH_LOCAL => ilAuthUtils::_getAuthModeName(AUTH_LOCAL),
AUTH_LDAP => ilAuthUtils::_getAuthModeName(AUTH_LDAP),
AUTH_SHIBBOLETH => ilAuthUtils::_getAuthModeName(AUTH_SHIBBOLETH),
AUTH_CAS => ilAuthUtils::_getAuthModeName(AUTH_CAS),
AUTH_SOAP => ilAuthUtils::_getAuthModeName(AUTH_SOAP),
AUTH_RADIUS => ilAuthUtils::_getAuthModeName(AUTH_RADIUS));
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilAuthUtils::_getAuthMode | ( | $ | a_auth_mode, | |
| $ | a_db_handler = '' | |||
| ) |
Definition at line 302 of file class.ilAuthUtils.php.
Referenced by _getAuthModeOfUser(), and ilObjUser::getAuthMode().
{
global $ilDB;
$db =& $ilDB;
if ($a_db_handler != '')
{
$db =& $a_db_handler;
}
switch ($a_auth_mode)
{
case "local":
return AUTH_LOCAL;
break;
case "ldap":
return AUTH_LDAP;
break;
case "radius":
return AUTH_RADIUS;
break;
case "script":
return AUTH_SCRIPT;
break;
case "shibboleth":
return AUTH_SHIBBOLETH;
break;
case "cas":
return AUTH_CAS;
break;
case "soap":
return AUTH_SOAP;
break;
default:
$q = "SELECT value FROM settings WHERE ".
"keyword='auth_mode'";
$r = $db->query($q);
$row = $r->fetchRow();
return $row[0];
break;
}
}
Here is the caller graph for this function:
| ilAuthUtils::_getAuthModeName | ( | $ | a_auth_key | ) |
Definition at line 353 of file class.ilAuthUtils.php.
References $ilias.
Referenced by _getAllAuthModes(), ilObjAuthSettingsGUI::authSettingsObject(), ilObjUserGUI::createObject(), ilObjUserGUI::editObject(), ilUserImportParser::importEndTag(), ilObjUserGUI::updateObject(), and ilUserImportParser::verifyEndTag().
{
global $ilias;
switch ($a_auth_key)
{
case AUTH_LOCAL:
return "local";
break;
case AUTH_LDAP:
return "ldap";
break;
case AUTH_RADIUS:
return "radius";
break;
case AUTH_CAS:
return "cas";
break;
case AUTH_SCRIPT:
return "script";
break;
case AUTH_SHIBBOLETH:
return "shibboleth";
break;
case AUTH_SOAP:
return "soap";
break;
default:
return "default";
break;
}
}
Here is the caller graph for this function:
| ilAuthUtils::_getAuthModeOfUser | ( | $ | a_username, | |
| $ | a_password, | |||
| $ | a_db_handler = '' | |||
| ) |
Definition at line 281 of file class.ilAuthUtils.php.
References $q, $row, and _getAuthMode().
Referenced by _initAuth().
{
global $ilDB;
$db =& $ilDB;
if ($a_db_handler != '')
{
$db =& $a_db_handler;
}
$q = "SELECT auth_mode FROM usr_data WHERE ".
"login = ".$ilDB->quote($a_username);
// deleting this line should fix login problems of radius user with changed passwords
#"passwd = ".$ilDB->quote(md5($a_password))."";
$r = $db->query($q);
$row = $r->fetchRow(DB_FETCHMODE_OBJECT);
//echo "+".$row->auth_mode."+";
return ilAuthUtils::_getAuthMode($row->auth_mode,$db);
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilAuthUtils::_initAuth | ( | ) |
initialises $ilAuth
Definition at line 54 of file class.ilAuthUtils.php.
References $_GET, $_POST, $_SESSION, $GLOBALS, _getAuthModeOfUser(), and ilRADIUSAuthentication::_getServers().
Referenced by ilInitialisation::goToPublicSection(), and ilInitialisation::initILIAS().
{
global $ilAuth, $ilSetting, $ilDB, $ilClientIniFile;
//var_dump($_SESSION);
// check whether settings object is available
if (!is_object($ilSetting))
{
die ("Fatal Error: ilAuthUtils::_initAuth called without ilSetting.");
}
// check whether database object is available
if (!is_object($ilDB))
{
die ("Fatal Error: ilAuthUtils::_initAuth called without ilDB.");
}
// check whether client ini file object is available
if (!is_object($ilClientIniFile))
{
die ("Fatal Error: ilAuthUtils::_initAuth called without ilClientIniFile.");
}
// get default auth mode
//$default_auth_mode = $this->getSetting("auth_mode");
define ("AUTH_DEFAULT", $ilSetting->get("auth_mode") ? $ilSetting->get("auth_mode") : AUTH_LOCAL);
// set local auth mode (1) in case database wasn't updated
/*if ($default_auth_mode === false)
{
$default_auth_mode = AUTH_LOCAL;
}*/
//var_dump($_SESSION);
// determine authentication method if no session is found and username & password is posted
// does this if statement make any sense? we enter this block nearly everytime.
if (empty($_SESSION) ||
(!isset($_SESSION['_authsession']['registered']) ||
$_SESSION['_authsession']['registered'] !== true))
{
// no sesssion found
if ($_POST['username'] != '' and $_POST['password'] != '')
{
//include_once(ILIAS_ABSOLUTE_PATH.'/classes/class.ilAuthUtils.php');
$user_auth_mode = ilAuthUtils::_getAuthModeOfUser($_POST['username'], $_POST['password'], $ilDB);
if ($user_auth_mode == AUTH_CAS && $ilSetting->get("cas_allow_local"))
{
$user_auth_mode = AUTH_LOCAL;
}
if ($user_auth_mode == AUTH_SOAP && $ilSetting->get("soap_auth_allow_local"))
{
$user_auth_mode = AUTH_LOCAL;
}
}
}
// to do: other solution?
if (!$ilSetting->get("soap_auth_active") && $user_auth_mode == AUTH_SOAP)
{
$user_auth_mode = AUTH_LOCAL;
}
//var_dump($_SESSION);
//echo "1-".$ilSetting->get("soap_auth_active")."-";
// if soap authentication activated and soap credentials given
if (($ilSetting->get("soap_auth_active") && !empty($_GET["ext_uid"])
&& !empty($_GET["soap_pw"])) || $user_auth_mode == AUTH_SOAP)
{
include_once("Services/SOAPAuth/classes/class.ilSOAPAuth.php");
if (!is_object($GLOBALS['ilSOAPAuth']))
{
$auth_params = array(
"server_hostname" => $ilSetting->get("soap_auth_server"),
"server_port" => $ilSetting->get("soap_auth_port"),
"server_uri" => $ilSetting->get("soap_auth_uri"),
"https" => $ilSetting->get("soap_auth_use_https"),
"namespace" => $ilSetting->get("soap_auth_namespace"),
"use_dotnet" => $ilSetting->get("soap_auth_use_dotnet")
);
// this starts already the session, AccountId is '' _authsession is null
// (assuming that ilSOAPAuth constructor calls Auth constructor
$ilSOAPAuth = new ilSOAPAuth($auth_params);
$GLOBALS['ilSOAPAuth'] =& $ilSOAPAuth;
}
else
{
$ilSOAPAuth =& $GLOBALS['ilSOAPAuth'];
}
define ("AUTH_CURRENT", AUTH_SOAP);
}
// if Shibboleth is active and the user is authenticated
// we set auth_mode to Shibboleth
else if ( $ilSetting->get("shib_active")
&& $_SERVER[$ilSetting->get("shib_login")])
{
define ("AUTH_CURRENT", AUTH_SHIBBOLETH);
}
// check CAS authentication
else if ($ilSetting->get("cas_active"))
{
include_once("Services/CAS/classes/class.ilCASAuth.php");
if (!is_object($GLOBALS['ilCASAuth']))
{
$auth_params = array(
"server_version" => CAS_VERSION_2_0,
"server_hostname" => $ilSetting->get("cas_server"),
"server_port" => $ilSetting->get("cas_port"),
"server_uri" => $ilSetting->get("cas_uri"));
//echo "II";
//var_dump($_SESSION);
$ilCASAuth = new ilCASAuth($auth_params);
//var_dump($_SESSION);
$GLOBALS['ilCASAuth'] =& $ilCASAuth;
}
else
{
$ilCASAuth =& $GLOBALS['ilCASAuth'];
}
if ($_GET["forceCASLogin"] == "1")
{
$ilCASAuth->forceCASAuth();
}
if ($ilCASAuth->checkCASAuth())
{
define ("AUTH_CURRENT", AUTH_CAS);
}
else
{
define ("AUTH_CURRENT", $user_auth_mode);
//session_unset();
}
}
else
{
define ("AUTH_CURRENT", $user_auth_mode);
}
//var_dump($_SESSION);
switch (AUTH_CURRENT)
{
case AUTH_LOCAL:
// build option string for PEAR::Auth
$auth_params = array(
'dsn' => IL_DSN,
'table' => $ilClientIniFile->readVariable("auth", "table"),
'usernamecol' => $ilClientIniFile->readVariable("auth", "usercol"),
'passwordcol' => $ilClientIniFile->readVariable("auth", "passcol")
);
// We use MySQL as storage container
// this starts already the session, AccountId is '' _authsession is null
$ilAuth = new Auth("DB", $auth_params,"",false);
break;
case AUTH_LDAP:
$settings = $ilSetting->getAll();
// build option string for PEAR::Auth
$auth_params = array(
'host' => $settings["ldap_server"],
'port' => $settings["ldap_port"],
'basedn' => $settings["ldap_basedn"],
'userdn' => $settings["ldap_search_base"],
'useroc' => $settings["ldap_objectclass"],
'userattr' => $settings["ldap_login_key"]
);
$ilAuth = new Auth("LDAP", $auth_params,"",false);
break;
case AUTH_RADIUS:
include_once('classes/class.ilRADIUSAuthentication.php');
$radius_servers = ilRADIUSAuthentication::_getServers($ilDB);
$settings = $ilSetting->getAll();
foreach ($radius_servers as $radius_server)
{
$rad_params['servers'][] = array($radius_server,$settings["radius_port"],$settings["radius_shared_secret"]);
}
// build option string for PEAR::Auth
//$this->auth_params = array($rad_params);
$auth_params = $rad_params;
$ilAuth = new Auth("RADIUS", $auth_params,"",false);
break;
case AUTH_SHIBBOLETH:
// build option string for SHIB::Auth
$auth_params = array();
$ilAuth = new ShibAuth($auth_params,true);
break;
case AUTH_CAS:
$ilAuth =& $ilCASAuth;
$ilAuth->forceCASAuth();
break;
case AUTH_SOAP:
$ilAuth =& $ilSOAPAuth;
break;
default:
// build option string for PEAR::Auth
$auth_params = array(
'dsn' => IL_DSN,
'table' => $ilClientIniFile->readVariable("auth", "table"),
'usernamecol' => $ilClientIniFile->readVariable("auth", "usercol"),
'passwordcol' => $ilClientIniFile->readVariable("auth", "passcol")
);
// We use MySQL as storage container
//var_dump($_SESSION);
$ilAuth = new Auth("DB", $auth_params,"",false);
//var_dump($_SESSION);
break;
}
$ilAuth->setIdle($ilClientIniFile->readVariable("session","expire"), false);
$ilAuth->setExpire(0);
ini_set("session.cookie_lifetime", "0");
//echo "-".get_class($ilAuth)."-";
$GLOBALS['ilAuth'] =& $ilAuth;
}
Here is the call graph for this function:
Here is the caller graph for this function:
The documentation for this class was generated from the following file:
- classes/class.ilAuthUtils.php
