dc/dd1/class_8ilAuthRadius_8php_source.html

<?php

/*

        +-----------------------------------------------------------------------------+

        | ILIAS open source                                                           |

        +-----------------------------------------------------------------------------+

        | Copyright (c) 1998-2006 ILIAS open source, University of Cologne            |

        |                                                                             |

        | This program is free software; you can redistribute it and/or               |

        | modify it under the terms of the GNU General Public License                 |

        | as published by the Free Software Foundation; either version 2              |

        | of the License, or (at your option) any later version.                      |

        |                                                                             |

        | This program is distributed in the hope that it will be useful,             |

        | but WITHOUT ANY WARRANTY; without even the implied warranty of              |

        | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |

        | GNU General Public License for more details.                                |

        |                                                                             |

        | You should have received a copy of the GNU General Public License           |

        | along with this program; if not, write to the Free Software                 |

        | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |

        +-----------------------------------------------------------------------------+

*/


include_once('Auth/Auth.php');


class ilAuthRadius extends Auth

{

        private $radius_settings = null;

        private $rad_to_user = null;

        private $log = null;


        private $force_creation = false;


        public function __construct($a_options)

        {

                global $ilLog;


                $this->log = $ilLog;


                // Read setting of LDAP server

                $this->initSettings();


                // Convert password to latin1

                if($this->radius_settings->getCharset() == ilRadiusSettings::RADIUS_CHARSET_LATIN1)

                {

                        #$_POST['username'] = utf8_decode($_POST['username']);

                        $_POST['password'] = utf8_decode($_POST['password']);

                        $this->log->write(__METHOD__.': Decoded username and password to latin1.');

                }

                if(is_array($a_options))

                {

                        $options = array_merge($this->radius_settings->toPearAuthArray(),$a_options);

                }

                else

                {

                        $options = $this->radius_settings->toPearAuthArray();

                }


                parent::Auth('RADIUS',$options,'',false);


                // Set callbacks

                $this->setCallbacks();

        }


        public function forceCreation($a_status)

        {

                $this->force_creation = true;

        }


        protected function loginObserver($a_username)

        {

                $user_data = array_change_key_case($this->getAuthData(),CASE_LOWER);


                $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("radius",$a_username);


                if(!$user_data['ilInternalAccount'])

                {

                        if($this->radius_settings->enabledCreation())

                        {

                                if($this->radius_settings->isAccountMigrationEnabled() and !$this->force_creation)

                                {

                                        $this->logout();

                                        $_SESSION['tmp_auth_mode'] = 'radius';

                                        $_SESSION['tmp_external_account'] = $a_username;

                                        $_SESSION['tmp_pass'] = $_POST['password'];

                                        $_SESSION['tmp_roles'] = array(0 => $this->radius_settings->getDefaultRole());


                                        ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');

                                }

                                $this->initAttributeToUser();

                                $new_name = $this->radius_user->create($a_username);

                                $this->setAuth($new_name);

                                return true;

                        }

                        else

                        {

                                // No syncronisation allowed => create Error

                                $this->status = AUTH_RADIUS_NO_ILIAS_USER;

                                $this->logout();

                                return false;

                        }


                }

                else

                {

                        $this->setAuth($user_data['ilInternalAccount']);

                        return true;

                }

        }


        protected function failedLoginObserver()

        {

                #$this->log->write($this->logCache);

                $this->logCache = '';

        }


        private function initSettings()

        {

                include_once 'Services/Radius/classes/class.ilRadiusSettings.php';

                $this->radius_settings = ilRadiusSettings::_getInstance();

        }


        private function initAttributeToUser()

        {

                include_once('Services/Radius/classes/class.ilRadiusAttributeToUser.php');

                $this->radius_user = new ilRadiusAttributeToUser();

        }


        private function setCallbacks()

        {

                $this->setLoginCallback(array($this,'loginObserver'));

                $this->setFailedLoginCallback(array($this,'failedLoginObserver'));

        }


}


?>