00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00036 require_once "./classes/class.ilObjectGUI.php";
00037
00038 class ilObjAuthSettingsGUI extends ilObjectGUI
00039 {
00044 function ilObjAuthSettingsGUI($a_data,$a_id,$a_call_by_reference,$a_prepare_output = true)
00045 {
00046 $this->type = "auth";
00047 $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,$a_prepare_output);
00048
00049 $this->lng->loadLanguageModule('registration');
00050
00051 define('LDAP_DEFAULT_PORT',389);
00052 define('RADIUS_DEFAULT_PORT',1812);
00053 }
00054
00055 function viewObject()
00056 {
00057
00058
00059 include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
00060
00061
00062 $this->tabs_gui->setTabActive('registration_settings');
00063
00064 $registration_gui =& new ilRegistrationSettingsGUI();
00065 $this->ctrl->setCmdClass('ilregistrationsettingsgui');
00066 $this->ctrl->forwardCommand($registration_gui);
00067 }
00068
00069
00075 function authSettingsObject()
00076 {
00077 global $rbacsystem, $ilSetting;
00078
00079 if (!$rbacsystem->checkAccess("visible,read",$this->object->getRefId()))
00080 {
00081 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00082 }
00083
00084 $this->tabs_gui->setTabActive('authentication_settings');
00085 $this->setSubTabs('authSettings');
00086 $this->tabs_gui->setSubTabActive("auth_settings");
00087
00088 $this->getTemplateFile("general");
00089
00090 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
00091 $this->tpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
00092
00093 $this->tpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
00094 $this->tpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
00095 $this->tpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
00096 $this->tpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
00097
00098 $this->tpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
00099 $this->tpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
00100 $this->tpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
00101
00102 $this->tpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
00103
00104 $this->tpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
00105 $this->tpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
00106
00107 $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
00108 $auth_modes = ilAuthUtils::_getAllAuthModes();
00109
00110 foreach($auth_modes as $mode => $mode_name)
00111 {
00112
00113 if ($ilSetting->get('auth_mode') == $mode)
00114 {
00115 $this->tpl->setVariable("NUM_".strtoupper($mode_name),
00116 ((int) $auth_cnt[$mode_name] + $auth_cnt["default"])." (".$this->lng->txt("auth_per_default").
00117 ": ".$auth_cnt["default"].")");
00118 }
00119 else
00120 {
00121 $this->tpl->setVariable("NUM_".strtoupper($mode_name),
00122 (int) $auth_cnt[$mode_name]);
00123 }
00124 }
00125
00126 $this->tpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
00127 $this->tpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
00128 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
00129 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
00130 $this->tpl->setVariable("CMD_SUBMIT", "setAuthMode");
00131
00132
00133 $checked = "checked=\"checked\"";
00134 $disabled = "disabled=\"disabled\"";
00135 $style_disabled = "_disabled";
00136
00137
00138 $icon_ok = "<img src=\"".ilUtil::getImagePath("icon_ok.gif")."\" alt=\"".$this->lng->txt("enabled")."\" title=\"".$this->lng->txt("enabled")."\" border=\"0\" vspace=\"0\"/>";
00139 $icon_not_ok = "<img src=\"".ilUtil::getImagePath("icon_not_ok.gif")."\" alt=\"".$this->lng->txt("disabled")."\" title=\"".$this->lng->txt("disabled")."\" border=\"0\" vspace=\"0\"/>";
00140
00141 $this->tpl->setVariable("AUTH_LOCAL_ACTIVE", $icon_ok);
00142
00143 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
00144 $this->tpl->setVariable('AUTH_LDAP_ACTIVE',count(ilLDAPServer::_getActiveServerList()) ? $icon_ok : $icon_not_ok);
00145 #$this->tpl->setVariable("AUTH_LDAP_ACTIVE", $this->ilias->getSetting('ldap_active') ? $icon_ok : $icon_not_ok);
00146 $this->tpl->setVariable("AUTH_RADIUS_ACTIVE", $this->ilias->getSetting('radius_active') ? $icon_ok : $icon_not_ok);
00147 $this->tpl->setVariable("AUTH_SHIB_ACTIVE", $this->ilias->getSetting('shib_active') ? $icon_ok : $icon_not_ok);
00148 $this->tpl->setVariable("AUTH_SCRIPT_ACTIVE", $this->ilias->getSetting('script_active') ? $icon_ok : $icon_not_ok);
00149 $this->tpl->setVariable("AUTH_CAS_ACTIVE", $this->ilias->getSetting('cas_active') ? $icon_ok : $icon_not_ok);
00150
00151
00152 switch ($this->ilias->getSetting('auth_mode'))
00153 {
00154 case AUTH_LOCAL:
00155 $this->tpl->setVariable("CHK_LOCAL", $checked);
00156 break;
00157
00158 case AUTH_LDAP:
00159 $this->tpl->setVariable("CHK_LDAP", $checked);
00160 break;
00161
00162 case AUTH_SHIBBOLETH:
00163 $this->tpl->setVariable("CHK_SHIB", $checked);
00164 break;
00165
00166 case AUTH_RADIUS:
00167 $this->tpl->setVariable("CHK_RADIUS", $checked);
00168 break;
00169
00170 case AUTH_CAS:
00171 $this->tpl->setVariable("CHK_CAS", $checked);
00172 break;
00173
00174 case AUTH_SCRIPT:
00175 $this->tpl->setVariable("CHK_SCRIPT", $checked);
00176 break;
00177 }
00178
00179
00180 if($this->initAuthModeDetermination())
00181 {
00182 $this->tpl->setVariable('TABLE_AUTH_DETERMINATION',$this->form->getHTML());
00183 }
00184
00185
00186 $this->tpl->setVariable("FORMACTION_ROLES",
00187 $this->ctrl->getFormAction($this));
00188 $this->tpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
00189 $this->tpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
00190 $this->tpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
00191 $this->tpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
00192
00193 include_once("classes/class.ilObjRole.php");
00194 $reg_roles = ilObjRole::_lookupRegisterAllowed();
00195
00196
00197 include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
00198 $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
00199
00200 foreach ($reg_roles as $role)
00201 {
00202 foreach ($active_auth_modes as $auth_name => $auth_key)
00203 {
00204
00205
00206
00207 if ($auth_name == "default" || $auth_name == "cas"
00208 || $auth_name == "shibboleth" || $auth_name == 'ldap')
00209 {
00210 continue;
00211 }
00212
00213 $this->tpl->setCurrentBlock("auth_mode_selection");
00214
00215 if ($auth_name == 'default')
00216 {
00217 $name = $this->lng->txt('auth_'.$auth_name)." (".$this->lng->txt('auth_'.ilAuthUtils::_getAuthModeName($auth_key)).")";
00218 }
00219 else
00220 {
00221 $name = $this->lng->txt('auth_'.$auth_name);
00222 }
00223
00224 $this->tpl->setVariable("AUTH_MODE_NAME", $name);
00225
00226 $this->tpl->setVariable("AUTH_MODE", $auth_name);
00227
00228 if ($role['auth_mode'] == $auth_name)
00229 {
00230 $this->tpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
00231 }
00232
00233 $this->tpl->parseCurrentBlock();
00234 }
00235
00236 $this->tpl->setCurrentBlock("roles");
00237 $this->tpl->setVariable("ROLE", $role['title']);
00238 $this->tpl->setVariable("ROLE_ID", $role['id']);
00239 $this->tpl->parseCurrentBlock();
00240 }
00241 }
00242
00250 public function saveLoginInfoObject()
00251 {
00252 global $rbacsystem, $lng,$ilSetting;
00253
00254 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
00255 {
00256 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00257 }
00258 if (is_array($_POST["loginMessage"]))
00259 {
00260 $this->loginSettings = new ilSetting("login_settings");
00261
00262 foreach ($_POST["loginMessage"] as $key => $val)
00263 {
00264 $this->loginSettings->set("login_message_".$key, $val);
00265 }
00266 }
00267
00268 if($_POST['default_auth_mode'])
00269 {
00270 $ilSetting->set('default_auth_mode',(int) $_POST['default_auth_mode']);
00271 }
00272
00273 ilUtil::sendInfo($this->lng->txt("login_information_settings_saved"));
00274
00275 $this->loginInfoObject();
00276 }
00277
00284 public function loginInfoObject()
00285 {
00286 global $rbacsystem, $lng,$ilSetting;
00287
00288 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId()))
00289 {
00290 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
00291 }
00292
00293 $this->tabs_gui->setTabActive("authentication_settings");
00294 $this->setSubTabs("authSettings");
00295 $this->tabs_gui->setSubTabActive("login_information");
00296
00297 $lng->loadLanguageModule("meta");
00298
00299
00300 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
00301
00302 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.auth_login_messages.html");
00303 $form = new ilPropertyFormGUI();
00304 $form->setFormAction($this->ctrl->getFormAction($this));
00305 $form->setTitle($this->lng->txt('login_information'));
00306 #$form->setInfo($this->lng->txt('login_information_desc'));
00307
00308 $form->addCommandButton('saveLoginInfo',$this->lng->txt('save'));
00309 $form->addCommandButton('cancel',$this->lng->txt('cancel'));
00310
00311 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
00312 include_once('Services/Radius/classes/class.ilRadiusSettings.php');
00313 $rad_settings = ilRadiusSettings::_getInstance();
00314 if($ldap_id = ilLDAPServer::_getFirstActiveServer() or $rad_settings->isActive())
00315 {
00316 $select = new ilSelectInputGUI($this->lng->txt('default_auth_mode'),'default_auth_mode');
00317 $select->setValue($ilSetting->get('default_auth_mode',AUTH_LOCAL));
00318 $select->setInfo($this->lng->txt('default_auth_mode_info'));
00319 $options[AUTH_LOCAL] = $this->lng->txt('auth_local');
00320 if($ldap_id)
00321 {
00322 $options[AUTH_LDAP] = $this->lng->txt('auth_ldap');
00323 }
00324 if($rad_settings->isActive())
00325 {
00326 $options [AUTH_RADIUS] = $this->lng->txt('auth_radius');
00327 }
00328 $select->setOptions($options);
00329 $form->addItem($select);
00330 }
00331
00332 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
00333 $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
00334 $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
00335 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
00336
00337 if (!is_object($this->loginSettings))
00338 {
00339 $this->loginSettings = new ilSetting("login_settings");
00340 }
00341
00342 $login_settings = $this->loginSettings->getAll();
00343 $languages = $lng->getInstalledLanguages();
00344 $def_language = $lng->getDefaultLanguage();
00345
00346 foreach ($this->setDefLangFirst($def_language, $languages) as $lang_key)
00347 {
00348 $add = "";
00349 if ($lang_key == $def_language)
00350 {
00351 $add = " (".$lng->txt("default").")";
00352 }
00353
00354 $textarea = new ilTextAreaInputGUI($lng->txt("meta_l_".$lang_key).$add,
00355 'loginMessage['.$lang_key.']');
00356 $textarea->setRows(10);
00357 $textarea->setValue($login_settings["login_message_".$lang_key]);
00358 $textarea->setUseRte(true);
00359 $form->addItem($textarea);
00360
00361 unset($login_settings["login_message_".$lang_key]);
00362 }
00363
00364 foreach ($login_settings as $key => $message)
00365 {
00366 $lang_key = substr($key, strrpos($key, "_") + 1, strlen($key) - strrpos($key, "_"));
00367
00368 $textarea = new ilTextAreaInputGUI($lng->txt("meta_l_".$lang_key).$add,
00369 'loginMessage['.$lang_key.']');
00370 $textarea->setRows(10);
00371 $textarea->setValue($message);
00372 $textarea->setUseRte(true);
00373
00374 if(!in_array($lang_key,$languages))
00375 {
00376 $textarea->setAlert($lng->txt("not_installed"));
00377 }
00378 $form->addItem($textarea);
00379 }
00380 $this->tpl->setVariable('LOGIN_INFO',$form->getHTML());
00381 }
00382
00394 public function setDefLangFirst($a_def_language, $a_languages)
00395 {
00396 if (is_array($a_languages) && $a_def_language != "")
00397 {
00398 $languages = array();
00399 $languages[] = $a_def_language;
00400
00401 foreach ($a_languages as $val)
00402 {
00403 if (!in_array($val, $languages))
00404 {
00405 $languages[] = $val;
00406 }
00407 }
00408
00409 return $languages;
00410 }
00411 else
00412 {
00413 return array();
00414 }
00415 }
00416
00417 function cancelObject()
00418 {
00419 ilUtil::sendInfo($this->lng->txt("msg_cancel"),true);
00420 $this->ctrl->redirect($this, "authSettings");
00421 }
00422
00423 function setAuthModeObject()
00424 {
00425 global $rbacsystem,$ilSetting;
00426
00427 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
00428 {
00429 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00430 }
00431
00432 if (empty($_POST["auth_mode"]))
00433 {
00434 $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"),$this->ilias->error_obj->MESSAGE);
00435 }
00436
00437 if ($_POST["auth_mode"] == AUTH_DEFAULT)
00438 {
00439 ilUtil::sendInfo($this->lng->txt("auth_mode").": ".$this->getAuthModeTitle()." ".$this->lng->txt("auth_mode_not_changed"),true);
00440 $this->ctrl->redirect($this,'authSettings');
00441 }
00442
00443 switch ($_POST["auth_mode"])
00444 {
00445 case AUTH_LDAP:
00446
00447
00448
00449
00450
00451
00452
00453
00454 break;
00455
00456 case AUTH_SHIB:
00457 if ($this->object->checkAuthSHIB() !== true)
00458 {
00459 ilUtil::sendInfo($this->lng->txt("auth_shib_not_configured"),true);
00460 ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editSHIB")));
00461 }
00462 break;
00463
00464 case AUTH_RADIUS:
00465 if ($this->object->checkAuthRADIUS() !== true)
00466 {
00467 ilUtil::sendInfo($this->lng->txt("auth_radius_not_configured"),true);
00468 $this->ctrl->redirect($this,'editRADIUS');
00469 }
00470 break;
00471
00472 case AUTH_SCRIPT:
00473 if ($this->object->checkAuthScript() !== true)
00474 {
00475 ilUtil::sendInfo($this->lng->txt("auth_script_not_configured"),true);
00476 ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editScript")));
00477 }
00478 break;
00479 }
00480
00481 $this->ilias->setSetting("auth_mode",$_POST["auth_mode"]);
00482
00483 ilUtil::sendInfo($this->lng->txt("auth_default_mode_changed_to")." ".$this->getAuthModeTitle(),true);
00484 $this->ctrl->redirect($this,'authSettings');
00485 }
00486
00492 function editLDAPObject()
00493 {
00494 global $rbacsystem;
00495
00496 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
00497 {
00498 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00499 }
00500
00501 $this->tabs_gui->setTabActive('auth_ldap');
00502
00503 if ($_SESSION["error_post_vars"])
00504 {
00505 if ($_SESSION["error_post_vars"]["ldap"]["active"] == "1")
00506 {
00507 $this->tpl->setVariable("CHK_LDAP_ACTIVE", "checked=\"checked\"");
00508 }
00509
00510 if ($_SESSION["error_post_vars"]["ldap"]["tls"] == "1")
00511 {
00512 $this->tpl->setVariable("LDAP_TLS_CHK", "checked=\"checked\"");
00513 }
00514
00515 if ($_SESSION["error_post_vars"]["ldap"]["version"] == "3")
00516 {
00517 $this->tpl->setVariable("LDAP_VERSION3_CHK", "checked=\"checked\"");
00518 }
00519 else
00520 {
00521 $this->tpl->setVariable("LDAP_VERSION2_CHK", "checked=\"checked\"");
00522 }
00523
00524 $this->tpl->setVariable("LDAP_SERVER", $_SESSION["error_post_vars"]["ldap"]["server"]);
00525 $this->tpl->setVariable("LDAP_BASEDN", $_SESSION["error_post_vars"]["ldap"]["basedn"]);
00526 $this->tpl->setVariable("LDAP_SEARCH_BASE", $_SESSION["error_post_vars"]["ldap"]["search_base"]);
00527 $this->tpl->setVariable("LDAP_PORT", $_SESSION["error_post_vars"]["ldap"]["port"]);
00528 $this->tpl->setVariable("LDAP_LOGIN_KEY", $_SESSION["error_post_vars"]["ldap"]["login_key"]);
00529 $this->tpl->setVariable("LDAP_OBJECTCLASS", $_SESSION["error_post_vars"]["ldap"]["objectclass"]);
00530 }
00531 else
00532 {
00533
00534 $settings = $this->ilias->getAllSettings();
00535
00536 if ($settings["ldap_active"] == "1")
00537 {
00538 $this->tpl->setVariable("CHK_LDAP_ACTIVE", "checked=\"checked\"");
00539 }
00540
00541 if ($settings["ldap_tls"] == "1")
00542 {
00543 $this->tpl->setVariable("LDAP_TLS_CHK", "checked=\"checked\"");
00544 }
00545
00546 $this->tpl->setVariable("LDAP_SERVER", $settings["ldap_server"]);
00547 $this->tpl->setVariable("LDAP_BASEDN", $settings["ldap_basedn"]);
00548 $this->tpl->setVariable("LDAP_SEARCH_BASE", $settings["ldap_search_base"]);
00549
00550 if (empty($settings["ldap_port"]))
00551 {
00552 $this->tpl->setVariable("LDAP_PORT", LDAP_DEFAULT_PORT);
00553 }
00554 else
00555 {
00556 $this->tpl->setVariable("LDAP_PORT", $settings["ldap_port"]);
00557 }
00558
00559 if (empty($settings["ldap_login_key"]))
00560 {
00561 $this->tpl->setVariable("LDAP_LOGIN_KEY", "uid");
00562 }
00563 else
00564 {
00565 $this->tpl->setVariable("LDAP_LOGIN_KEY", $settings["ldap_login_key"]);
00566 }
00567
00568 if (empty($settings["ldap_objectclass"]))
00569 {
00570 $this->tpl->setVariable("LDAP_OBJECTCLASS", "posixAccount");
00571 }
00572 else
00573 {
00574 $this->tpl->setVariable("LDAP_OBJECTCLASS", $settings["ldap_objectclass"]);
00575 }
00576
00577 if (empty($settings["ldap_version"]) or $settings["ldap_version"] == "2")
00578 {
00579 $this->tpl->setVariable("LDAP_VERSION2_CHK", "checked=\"checked\"");
00580 }
00581 else
00582 {
00583 $this->tpl->setVariable("LDAP_VERSION3_CHK", "checked=\"checked\"");
00584 }
00585 }
00586
00587 $this->getTemplateFile("ldap");
00588
00589 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
00590 $this->tpl->setVariable("COLSPAN", 3);
00591 $this->tpl->setVariable("TXT_LDAP_TITLE", $this->lng->txt("ldap_configure"));
00592 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
00593 $this->tpl->setVariable("TXT_LDAP_ACTIVE", $this->lng->txt("auth_ldap_enable"));
00594 $this->tpl->setVariable("TXT_LDAP_TLS", $this->lng->txt("ldap_tls"));
00595 $this->tpl->setVariable("TXT_LDAP_SERVER", $this->lng->txt("ldap_server"));
00596 $this->tpl->setVariable("TXT_LDAP_BASEDN", $this->lng->txt("ldap_basedn"));
00597 $this->tpl->setVariable("TXT_LDAP_SEARCH_BASE", $this->lng->txt("ldap_search_base"));
00598 $this->tpl->setVariable("TXT_LDAP_PORT", $this->lng->txt("ldap_port"));
00599 $this->tpl->setVariable("TXT_LDAP_TLS", $this->lng->txt("ldap_tls"));
00600
00601 $this->tpl->setVariable("TXT_LDAP_VERSION", $this->lng->txt("ldap_version"));
00602 $this->tpl->setVariable("TXT_LDAP_VERSION2", $this->lng->txt("ldap_v2"));
00603 $this->tpl->setVariable("TXT_LDAP_VERSION3", $this->lng->txt("ldap_v3"));
00604
00605 $this->tpl->setVariable("TXT_LDAP_LOGIN_KEY", $this->lng->txt("ldap_login_key"));
00606 $this->tpl->setVariable("TXT_LDAP_OBJECTCLASS", $this->lng->txt("ldap_objectclass"));
00607
00608 $this->tpl->setVariable("TXT_LDAP_PASSWD", $this->lng->txt("ldap_passwd"));
00609
00610 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00611 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
00612 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
00613 $this->tpl->setVariable("CMD_SUBMIT", "saveLDAP");
00614 }
00615
00616
00622 function saveLDAPObject()
00623 {
00624 global $ilUser;
00625
00626
00627 if (!$_POST["ldap"]["server"] or !$_POST["ldap"]["basedn"] or !$_POST["ldap"]["port"] or !$_POST["ldap"]["login_key"] or !$_POST["ldap"]["objectclass"])
00628 {
00629 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
00630 }
00631
00632
00633 if (!$_POST["ldap"]["passwd"])
00634 {
00635 $this->ilias->raiseError($this->lng->txt("err_enter_current_passwd"),$this->ilias->error_obj->MESSAGE);
00636 }
00637
00638
00639 if ((preg_match("/^[0-9]{0,5}$/",$_POST["ldap"]["port"])) == false)
00640 {
00641 $this->ilias->raiseError($this->lng->txt("err_invalid_port"),$this->ilias->error_obj->MESSAGE);
00642 }
00643
00644
00645 if ($_POST["ldap"]["tls"] != "1")
00646 {
00647 $_POST["ldap"]["tls"] = "0";
00648 }
00649
00650
00651
00652
00653 $ldap_host = $_POST["ldap"]["server"];
00654 $ldap_port = $_POST["ldap"]["port"];
00655 $ldap_pass = $_POST["ldap"]["passwd"];
00656
00657 $ldap_userattr = $_POST["ldap"]["login_key"];
00658 $ldap_useroc = $_POST["ldap"]["objectclass"];
00659
00660 $ldap_dn = $ldap_userattr."=".$this->ilias->account->getLogin().",";
00661
00662
00663 if ($_POST["ldap"]["search_base"])
00664 {
00665 $ldap_searchbase .= $_POST["ldap"]["search_base"].",";
00666 }
00667
00668 $ldap_searchbase .= $_POST["ldap"]["basedn"];
00669
00670 $ldap_dn .= $ldap_searchbase;
00671
00672
00673 $ldap_conn = ldap_connect($ldap_host,$ldap_port);
00674
00675 @ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $_POST["ldap"]["version"]);
00676
00677
00678 if (($ldap_bind = ldap_bind($ldap_conn)) == false)
00679 {
00680 $this->ilias->raiseError($this->lng->txt("err_ldap_connect_failed"),$this->ilias->error_obj->MESSAGE);
00681 }
00682
00683
00684 $filter = sprintf('(&(objectClass=%s)(%s=%s))', $ldap_useroc, $ldap_userattr, $ilUser->getLogin());
00685
00686
00687 $func_params = array($ldap_conn, $ldap_searchbase, $filter, array($ldap_userattr));
00688
00689
00690 if (($result_id = @call_user_func_array('ldap_search', $func_params)) == false)
00691 {
00692 $this->ilias->raiseError($this->lng->txt("err_ldap_search_failed"),$this->ilias->error_obj->MESSAGE);
00693 }
00694
00695 if (ldap_count_entries($ldap_conn, $result_id) != 1)
00696 {
00697 $this->ilias->raiseError($this->lng->txt("err_ldap_user_not_found"),$this->ilias->error_obj->MESSAGE);
00698 }
00699
00700
00701 $entry_id = ldap_first_entry($ldap_conn, $result_id);
00702 $user_dn = ldap_get_dn($ldap_conn, $entry_id);
00703
00704 ldap_free_result($result_id);
00705
00706
00707 if (@ldap_bind($ldap_conn, $user_dn, $ldap_pass) == false)
00708 {
00709 $this->ilias->raiseError($this->lng->txt("err_ldap_auth_failed"),$this->ilias->error_obj->MESSAGE);
00710 }
00711
00712
00713 @ldap_unbind($ldap_conn);
00714
00715
00716 $this->ilias->setSetting("ldap_tls", $_POST["ldap"]["tls"]);
00717 $this->ilias->setSetting("ldap_server", $_POST["ldap"]["server"]);
00718 $this->ilias->setSetting("ldap_basedn", $_POST["ldap"]["basedn"]);
00719 $this->ilias->setSetting("ldap_search_base", $_POST["ldap"]["search_base"]);
00720 $this->ilias->setSetting("ldap_port", $_POST["ldap"]["port"]);
00721 $this->ilias->setSetting("ldap_version", $_POST["ldap"]["version"]);
00722 $this->ilias->setSetting("ldap_login_key", $_POST["ldap"]["login_key"]);
00723 $this->ilias->setSetting("ldap_objectclass", $_POST["ldap"]["objectclass"]);
00724 $this->ilias->setSetting("ldap_active", $_POST["ldap"]["active"]);
00725
00726 ilUtil::sendInfo($this->lng->txt("auth_ldap_settings_saved"),true);
00727 $this->ctrl->redirect($this,'editLDAP');;
00728 }
00729
00735 function editSHIBObject()
00736 {
00737 global $rbacsystem, $rbacreview;
00738
00739 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
00740 {
00741 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00742 }
00743
00744 $this->tabs_gui->setTabActive('auth_shib');
00745
00746
00747 $settings = $this->ilias->getAllSettings();
00748
00749
00750 $role_list = $rbacreview->getRolesByFilter(2,$this->object->getId());
00751 $selectElement = '<select name="shib[user_default_role]">';
00752
00753 if (!isset($settings["shib_user_default_role"]))
00754 {
00755 $settings["shib_user_default_role"] = 4;
00756 }
00757
00758 foreach ($role_list as $role)
00759 {
00760 $selectElement .= '<option value="'.$role['obj_id'].'"';
00761 if ($settings["shib_user_default_role"] == $role['obj_id'])
00762 $selectElement .= 'selected="selected"';
00763
00764 $selectElement .= '>'.$role['title'].'</option>';
00765 }
00766 $selectElement .= '</select>';
00767
00768
00769
00770 $shib_settings = array(
00771 'shib_login',
00772 'shib_title',
00773 'shib_firstname',
00774 'shib_lastname',
00775 'shib_email',
00776 'shib_gender',
00777 'shib_institution',
00778 'shib_department',
00779 'shib_zipcode',
00780 'shib_city',
00781 'shib_country',
00782 'shib_street',
00783 'shib_phone_office',
00784 'shib_phone_home',
00785 'shib_phone_mobile',
00786 'shib_language'
00787 );
00788
00789 $this->getTemplateFile("shib");
00790
00791 foreach ($shib_settings as $setting)
00792 {
00793 $field = ereg_replace('shib_','',$setting);
00794 $this->tpl->setVariable(strtoupper($setting), $settings[$setting]);
00795 $this->tpl->setVariable('SHIB_UPDATE_'.strtoupper($field), $settings["shib_update_".$field]);
00796
00797 if ($settings["shib_update_".$field])
00798 {
00799 $this->tpl->setVariable('chk_shib_update_'.strtolower($field), 'checked="checked"');
00800 }
00801 }
00802
00803
00804
00805 if (!isset($settings["shib_login_button"]) || $settings["shib_login_button"] == ''){
00806 $this->tpl->setVariable("SHIB_LOGIN_BUTTON", "templates/default/images/shib_login_button.gif");
00807 }
00808
00809 if (isset($settings["shib_active"]) && $settings["shib_active"])
00810 {
00811 $this->tpl->setVariable("chk_shib_active", 'checked="checked"');
00812 }
00813
00814 if (
00815 !isset($settings["shib_hos_type"])
00816 || $settings["shib_hos_type"] == ''
00817 || $settings["shib_hos_type"] != 'external_wayf'
00818 )
00819 {
00820 $this->tpl->setVariable("CHK_SHIB_LOGIN_INTERNAL_WAYF", 'checked="checked"');
00821 $this->tpl->setVariable("CHK_SHIB_LOGIN_EXTERNAL_WAYF", '');
00822 } else {
00823 $this->tpl->setVariable("CHK_SHIB_LOGIN_INTERNAL_WAYF", '');
00824 $this->tpl->setVariable("CHK_SHIB_LOGIN_EXTERNAL_WAYF", 'checked="checked"');
00825 }
00826
00827 if (!isset($settings["shib_idp_list"]) || $settings["shib_idp_list"] == '')
00828 {
00829 $this->tpl->setVariable("SHIB_IDP_LIST", "urn:mace:organization1:providerID, Example Organization 1\nurn:mace:organization2:providerID, Example Organization 2, /Shibboleth.sso/WAYF/SWITCHaai");
00830 } else {
00831 $this->tpl->setVariable("SHIB_IDP_LIST", stripslashes($settings["shib_idp_list"]));
00832 }
00833
00834 $this->tpl->setVariable("SHIB_USER_DEFAULT_ROLE", $selectElement);
00835 $this->tpl->setVariable("SHIB_LOGIN_BUTTON", $settings["shib_login_button"]);
00836 $this->tpl->setVariable("SHIB_LOGIN_INSTRUCTIONS", stripslashes($settings["shib_login_instructions"]));
00837 $this->tpl->setVariable("SHIB_FEDERATION_NAME", stripslashes($settings["shib_federation_name"]));
00838 $this->tpl->setVariable("SHIB_DATA_CONV", $settings["shib_data_conv"]);
00839
00840 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
00841 $this->tpl->setVariable("COLSPAN", 3);
00842 $this->tpl->setVariable("TXT_SHIB_INSTRUCTIONS",
00843 $this->lng->txt("auth_shib_instructions"));
00844 $this->tpl->setVariable("LINK_SHIB_INSTRUCTIONS",
00845 "./Services/AuthShibboleth/README.SHIBBOLETH.txt");
00846 $this->tpl->setVariable("TXT_SHIB", $this->lng->txt("shib"));
00847 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
00848 $this->tpl->setVariable("TXT_SHIB_UPDATE", $this->lng->txt("shib_update"));
00849 $this->tpl->setVariable("TXT_SHIB_ACTIVE", $this->lng->txt("shib_active"));
00850 $this->tpl->setVariable("TXT_SHIB_USER_DEFAULT_ROLE", $this->lng->txt("shib_user_default_role"));
00851 $this->tpl->setVariable("TXT_SHIB_LOGIN_BUTTON", $this->lng->txt("shib_login_button"));
00852 $this->tpl->setVariable("TXT_SHIB_LOGIN_TYPE", $this->lng->txt("shib_login_type"));
00853 $this->tpl->setVariable("TXT_SHIB_LOGIN_INTERNAL_WAYF", $this->lng->txt("shib_login_internal_wayf"));
00854 $this->tpl->setVariable("TXT_SHIB_LOGIN_EXTERNAL_WAYF", $this->lng->txt("shib_login_external_wayf"));
00855 $this->tpl->setVariable("TXT_SHIB_IDP_LIST", $this->lng->txt("shib_idp_list"));
00856 $this->tpl->setVariable("TXT_SHIB_FEDERATION_NAME", $this->lng->txt("shib_federation_name"));
00857 $this->tpl->setVariable("TXT_SHIB_LOGIN_INSTRUCTIONS", $this->lng->txt("auth_login_instructions"));
00858 $this->tpl->setVariable("TXT_SHIB_DATA_CONV", $this->lng->txt("shib_data_conv"));
00859 foreach ($shib_settings as $setting)
00860 {
00861 $this->tpl->setVariable("TXT_".strtoupper($setting), $this->lng->txt($setting));
00862 }
00863
00864 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00865 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
00866 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
00867 $this->tpl->setVariable("CMD_SUBMIT", "saveSHIB");
00868
00869 }
00870
00876 function saveSHIBObject()
00877 {
00878 global $ilUser;
00879
00880
00881 if (
00882 !$_POST["shib"]["login"]
00883 or !$_POST["shib"]["hos_type"]
00884 or !$_POST["shib"]["firstname"]
00885 or !$_POST["shib"]["lastname"]
00886 or !$_POST["shib"]["email"]
00887 or !$_POST["shib"]["user_default_role"]
00888 or !$_POST["shib"]["federation_name"]
00889 )
00890 {
00891 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
00892 }
00893
00894
00895 if (
00896 $_POST["shib"]["data_conv"]
00897 and $_POST["shib"]["data_conv"] != ''
00898 and !is_readable($_POST["shib"]["data_conv"]) )
00899 {
00900 $this->ilias->raiseError($this->lng->txt("shib_data_conv_warning"),$this->ilias->error_obj->MESSAGE);
00901 }
00902
00903
00904 $shib_settings = array(
00905 'shib_login',
00906 'shib_title',
00907 'shib_firstname',
00908 'shib_lastname',
00909 'shib_email',
00910 'shib_gender',
00911 'shib_institution',
00912 'shib_department',
00913 'shib_zipcode',
00914 'shib_city',
00915 'shib_country',
00916 'shib_street',
00917 'shib_phone_office',
00918 'shib_phone_home',
00919 'shib_phone_mobile',
00920 'shib_language'
00921 );
00922
00923 foreach ($shib_settings as $setting)
00924 {
00925 $field = ereg_replace('shib_','',$setting);
00926 if ($_POST["shib"]["update_".$field] != "1")
00927 $_POST["shib"]["update_".$field] = "0";
00928 $this->ilias->setSetting($setting, trim($_POST["shib"][$field]));
00929 $this->ilias->setSetting("shib_update_".$field, $_POST["shib"]["update_".$field]);
00930 }
00931
00932 if ($_POST["shib"]["active"] != "1")
00933 {
00934 $this->ilias->setSetting("shib_active", "0");
00935 }
00936 else
00937 {
00938 $this->ilias->setSetting("shib_active", "1");
00939 }
00940
00941 $this->ilias->setSetting("shib_user_default_role", $_POST["shib"]["user_default_role"]);
00942 $this->ilias->setSetting("shib_hos_type", $_POST["shib"]["hos_type"]);
00943 $this->ilias->setSetting("shib_federation_name", $_POST["shib"]["federation_name"]);
00944 $this->ilias->setSetting("shib_idp_list", $_POST["shib"]["idp_list"]);
00945 $this->ilias->setSetting("shib_login_instructions", $_POST["shib"]["login_instructions"]);
00946 $this->ilias->setSetting("shib_login_button", $_POST["shib"]["login_button"]);
00947 $this->ilias->setSetting("shib_data_conv", $_POST["shib"]["data_conv"]);
00948
00949 ilUtil::sendInfo($this->lng->txt("shib_settings_saved"),true);
00950
00951 $this->ctrl->redirect($this,'editSHIB');
00952 }
00953
00959 function editCASObject()
00960 {
00961 global $rbacsystem, $rbacreview, $ilSetting;
00962
00963 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
00964 {
00965 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00966 }
00967
00968 $this->tabs_gui->setTabActive('auth_cas');
00969
00970
00971 $this->getTemplateFile("cas");
00972
00973
00974 $settings = $ilSetting->getAll();
00975
00976
00977 if ($_SESSION["error_post_vars"])
00978 {
00979 if ($_SESSION["error_post_vars"]["cas"]["active"] == "1")
00980 {
00981 $this->tpl->setVariable("CHK_CAS_ACTIVE", "checked=\"checked\"");
00982 }
00983 if ($_SESSION["error_post_vars"]["cas"]["create_users"] == "1")
00984 {
00985 $this->tpl->setVariable("CHK_CREATE_USERS", "checked=\"checked\"");
00986 }
00987 if ($_SESSION["error_post_vars"]["cas"]["allow_local"] == "1")
00988 {
00989 $this->tpl->setVariable("CHK_ALLOW_LOCAL", "checked=\"checked\"");
00990 }
00991
00992 $this->tpl->setVariable("CAS_SERVER", $_SESSION["error_post_vars"]["cas"]["server"]);
00993 $this->tpl->setVariable("CAS_PORT", $_SESSION["error_post_vars"]["cas"]["port"]);
00994 $this->tpl->setVariable("CAS_URI", $_SESSION["error_post_vars"]["cas"]["uri"]);
00995 $this->tpl->setVariable("CAS_LOGIN_INSTRUCTIONS", $_SESSION["error_post_vars"]["cas"]["login_instructions"]);
00996 $current_default_role = $_SESSION["error_post_vars"]["cas"]["user_default_role"];
00997 }
00998 else
00999 {
01000 if ($settings["cas_active"] == "1")
01001 {
01002 $this->tpl->setVariable("CHK_CAS_ACTIVE", "checked=\"checked\"");
01003 }
01004 if ($settings["cas_create_users"] == "1")
01005 {
01006 $this->tpl->setVariable("CHK_CREATE_USERS", "checked=\"checked\"");
01007 }
01008 if ($settings["cas_allow_local"] == "1")
01009 {
01010 $this->tpl->setVariable("CHK_ALLOW_LOCAL", "checked=\"checked\"");
01011 }
01012
01013 $this->tpl->setVariable("CAS_SERVER", $settings["cas_server"]);
01014 $this->tpl->setVariable("CAS_PORT", $settings["cas_port"]);
01015 $this->tpl->setVariable("CAS_URI", $settings["cas_uri"]);
01016 $this->tpl->setVariable("CAS_LOGIN_INSTRUCTIONS", $settings["cas_login_instructions"]);
01017 $current_default_role = $settings["cas_user_default_role"];
01018 }
01019
01020
01021 $role_list = $rbacreview->getRolesByFilter(2,$this->object->getId());
01022 if (!$current_default_role)
01023 {
01024 $current_default_role = 4;
01025 }
01026 $roles = array();
01027 foreach ($role_list as $role)
01028 {
01029 $roles[$role['obj_id']] = $role['title'];
01030 }
01031 $selectElement = ilUtil::formSelect($current_default_role,
01032 "cas[user_default_role]", $roles, false, true);
01033
01034 $this->tpl->setVariable("CAS_USER_DEFAULT_ROLE", $selectElement);
01035 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
01036 $this->tpl->setVariable("COLSPAN", 3);
01037 $this->tpl->setVariable("TXT_CAS_TITLE", $this->lng->txt("auth_cas_auth"));
01038 $this->tpl->setVariable("TXT_CAS_DESC", $this->lng->txt("auth_cas_auth_desc"));
01039 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
01040 $this->tpl->setVariable("TXT_CAS_ACTIVE", $this->lng->txt("active"));
01041 $this->tpl->setVariable("TXT_CAS_SERVER", $this->lng->txt("server"));
01042 $this->tpl->setVariable("TXT_CAS_SERVER_DESC", $this->lng->txt("auth_cas_server_desc"));
01043 $this->tpl->setVariable("TXT_CAS_PORT", $this->lng->txt("port"));
01044 $this->tpl->setVariable("TXT_CAS_PORT_DESC", $this->lng->txt("auth_cas_port_desc"));
01045 $this->tpl->setVariable("TXT_CAS_URI", $this->lng->txt("uri"));
01046 $this->tpl->setVariable("TXT_CAS_URI_DESC", $this->lng->txt("auth_cas_uri_desc"));
01047 $this->tpl->setVariable("TXT_CAS_LOGIN_INSTRUCTIONS", $this->lng->txt("auth_login_instructions"));
01048 $this->tpl->setVariable("TXT_CREATE_USERS", $this->lng->txt("auth_create_users"));
01049 $this->tpl->setVariable("TXT_CREATE_USERS_DESC", $this->lng->txt("auth_cas_create_users_desc"));
01050 $this->tpl->setVariable("TXT_CAS_USER_DEFAULT_ROLE", $this->lng->txt("auth_user_default_role"));
01051 $this->tpl->setVariable("TXT_CAS_USER_DEFAULT_ROLE_DESC",
01052 $this->lng->txt("auth_cas_user_default_role_desc"));
01053 $this->tpl->setVariable("TXT_ALLOW_LOCAL", $this->lng->txt("auth_allow_local"));
01054 $this->tpl->setVariable("TXT_ALLOW_LOCAL_DESC", $this->lng->txt("auth_cas_allow_local_desc"));
01055 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
01056 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01057 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
01058 $this->tpl->setVariable("CMD_SUBMIT", "saveCAS");
01059 }
01060
01066 function saveCASObject()
01067 {
01068 global $ilUser, $ilSetting;
01069
01070
01071 if (!$_POST["cas"]["server"] or !$_POST["cas"]["port"])
01072 {
01073 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
01074 }
01075
01076
01077 if ((preg_match("/^[0-9]{0,5}$/",$_POST["cas"]["port"])) == false)
01078 {
01079 $this->ilias->raiseError($this->lng->txt("err_invalid_port"),$this->ilias->error_obj->MESSAGE);
01080 }
01081
01082 $ilSetting->set("cas_server", $_POST["cas"]["server"]);
01083 $ilSetting->set("cas_port", $_POST["cas"]["port"]);
01084 $ilSetting->set("cas_uri", $_POST["cas"]["uri"]);
01085 $ilSetting->set("cas_login_instructions", $_POST["cas"]["login_instructions"]);
01086 $ilSetting->set("cas_active", $_POST["cas"]["active"]);
01087 $ilSetting->set("cas_create_users", $_POST["cas"]["create_users"]);
01088 $ilSetting->set("cas_allow_local", $_POST["cas"]["allow_local"]);
01089 $ilSetting->set("cas_active", $_POST["cas"]["active"]);
01090 $ilSetting->set("cas_user_default_role", $_POST["cas"]["user_default_role"]);
01091 ilUtil::sendInfo($this->lng->txt("auth_cas_settings_saved"),true);
01092
01093 $this->ctrl->redirect($this,'editCAS');
01094 }
01095
01101 function editSOAPObject()
01102 {
01103 global $rbacsystem, $rbacreview, $ilSetting, $ilCtrl, $lng;
01104
01105 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
01106 {
01107 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
01108 }
01109
01110 $this->tabs_gui->setTabActive('auth_soap');
01111
01112
01113 $stpl = new ilTemplate("tpl.auth_soap.html", true, true, "");
01114
01115
01116
01117
01118 $settings = $ilSetting->getAll();
01119
01120
01121 if ($_SESSION["error_post_vars"])
01122 {
01123 if ($_SESSION["error_post_vars"]["soap"]["active"] == "1")
01124 {
01125 $stpl->setVariable("CHK_SOAP_ACTIVE", "checked=\"checked\"");
01126 }
01127 if ($_SESSION["error_post_vars"]["soap"]["use_https"] == "1")
01128 {
01129 $stpl->setVariable("CHK_USE_HTTPS", "checked=\"checked\"");
01130 }
01131 if ($_SESSION["error_post_vars"]["soap"]["create_users"] == "1")
01132 {
01133 $stpl->setVariable("CHK_CREATE_USERS", "checked=\"checked\"");
01134 }
01135 if ($_SESSION["error_post_vars"]["soap"]["allow_local"] == "1")
01136 {
01137 $stpl->setVariable("CHK_ALLOW_LOCAL", "checked=\"checked\"");
01138 }
01139 if ($_SESSION["error_post_vars"]["soap"]["account_mail"] == "1")
01140 {
01141 $stpl->setVariable("CHK_ACCOUNT_MAIL", "checked=\"checked\"");
01142 }
01143 if ($_SESSION["error_post_vars"]["soap"]["use_dotnet"] == "1")
01144 {
01145 $stpl->setVariable("CHK_USEDOTNET", "checked=\"checked\"");
01146 }
01147
01148 $stpl->setVariable("SOAP_SERVER", $_SESSION["error_post_vars"]["soap"]["server"]);
01149 $stpl->setVariable("SOAP_PORT", $_SESSION["error_post_vars"]["soap"]["port"]);
01150 $stpl->setVariable("SOAP_URI", $_SESSION["error_post_vars"]["soap"]["uri"]);
01151 $stpl->setVariable("SOAP_NAMESPACE", $_SESSION["error_post_vars"]["soap"]["namespace"]);
01152 $current_default_role = $_SESSION["error_post_vars"]["soap"]["user_default_role"];
01153 }
01154 else
01155 {
01156 if ($settings["soap_auth_active"] == "1")
01157 {
01158 $stpl->setVariable("CHK_SOAP_ACTIVE", "checked=\"checked\"");
01159 }
01160 if ($settings["soap_auth_use_https"] == "1")
01161 {
01162 $stpl->setVariable("CHK_USE_HTTPS", "checked=\"checked\"");
01163 }
01164 if ($settings["soap_auth_create_users"] == "1")
01165 {
01166 $stpl->setVariable("CHK_CREATE_USERS", "checked=\"checked\"");
01167 }
01168 if ($settings["soap_auth_allow_local"] == "1")
01169 {
01170 $stpl->setVariable("CHK_ALLOW_LOCAL", "checked=\"checked\"");
01171 }
01172 if ($settings["soap_auth_account_mail"] == "1")
01173 {
01174 $stpl->setVariable("CHK_ACCOUNT_MAIL", "checked=\"checked\"");
01175 }
01176 if ($settings["soap_auth_use_dotnet"] == "1")
01177 {
01178 $stpl->setVariable("CHK_USE_DOTNET", "checked=\"checked\"");
01179 }
01180
01181 $stpl->setVariable("SOAP_SERVER", $settings["soap_auth_server"]);
01182 $stpl->setVariable("SOAP_PORT", $settings["soap_auth_port"]);
01183 $stpl->setVariable("SOAP_URI", $settings["soap_auth_uri"]);
01184 $stpl->setVariable("SOAP_NAMESPACE", $settings["soap_auth_namespace"]);
01185 $current_default_role = $settings["soap_auth_user_default_role"];
01186 }
01187
01188
01189 $role_list = $rbacreview->getRolesByFilter(2,$this->object->getId());
01190 if (!$current_default_role)
01191 {
01192 $current_default_role = 4;
01193 }
01194 $roles = array();
01195 foreach ($role_list as $role)
01196 {
01197 $roles[$role['obj_id']] = $role['title'];
01198 }
01199 $selectElement = ilUtil::formSelect($current_default_role,
01200 "soap[user_default_role]", $roles, false, true);
01201
01202 $stpl->setVariable("SOAP_USER_DEFAULT_ROLE", $selectElement);
01203 $stpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
01204 $stpl->setVariable("COLSPAN", 3);
01205 $stpl->setVariable("TXT_SOAP_TITLE", $this->lng->txt("auth_soap_auth"));
01206 $stpl->setVariable("TXT_SOAP_DESC", $this->lng->txt("auth_soap_auth_desc"));
01207 $stpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
01208 $stpl->setVariable("TXT_SOAP_ACTIVE", $this->lng->txt("active"));
01209 $stpl->setVariable("TXT_SOAP_SERVER", $this->lng->txt("server"));
01210 $stpl->setVariable("TXT_SOAP_SERVER_DESC", $this->lng->txt("auth_soap_server_desc"));
01211 $stpl->setVariable("TXT_SOAP_PORT", $this->lng->txt("port"));
01212 $stpl->setVariable("TXT_SOAP_PORT_DESC", $this->lng->txt("auth_soap_port_desc"));
01213 $stpl->setVariable("TXT_SOAP_URI", $this->lng->txt("uri"));
01214 $stpl->setVariable("TXT_SOAP_URI_DESC", $this->lng->txt("auth_soap_uri_desc"));
01215 $stpl->setVariable("TXT_SOAP_NAMESPACE", $this->lng->txt("auth_soap_namespace"));
01216 $stpl->setVariable("TXT_SOAP_NAMESPACE_DESC", $this->lng->txt("auth_soap_namespace_desc"));
01217 $stpl->setVariable("TXT_USE_DOTNET", $this->lng->txt("auth_soap_use_dotnet"));
01218 $stpl->setVariable("TXT_USE_HTTPS", $this->lng->txt("auth_soap_use_https"));
01219 $stpl->setVariable("TXT_CREATE_USERS", $this->lng->txt("auth_create_users"));
01220 $stpl->setVariable("TXT_CREATE_USERS_DESC", $this->lng->txt("auth_soap_create_users_desc"));
01221 $stpl->setVariable("TXT_ACCOUNT_MAIL", $this->lng->txt("user_send_new_account_mail"));
01222 $stpl->setVariable("TXT_ACCOUNT_MAIL_DESC", $this->lng->txt("auth_new_account_mail_desc"));
01223 $stpl->setVariable("TXT_SOAP_USER_DEFAULT_ROLE", $this->lng->txt("auth_user_default_role"));
01224 $stpl->setVariable("TXT_SOAP_USER_DEFAULT_ROLE_DESC",
01225 $this->lng->txt("auth_soap_user_default_role_desc"));
01226 $stpl->setVariable("TXT_ALLOW_LOCAL", $this->lng->txt("auth_allow_local"));
01227 $stpl->setVariable("TXT_ALLOW_LOCAL_DESC", $this->lng->txt("auth_soap_allow_local_desc"));
01228 $stpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
01229 $stpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01230 $stpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
01231 $stpl->setVariable("CMD_SUBMIT", "saveSOAP");
01232
01233
01234 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
01235 $form = new ilPropertyFormGUI();
01236 $form->setFormAction($ilCtrl->getFormAction($this));
01237 $form->setTitle("Test Request");
01238 $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
01239 $form->addItem($text_prop);
01240 $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
01241 $form->addItem($text_prop2);
01242 $cb = new ilCheckboxInputGUI("new_user", "new_user");
01243 $form->addItem($cb);
01244
01245 $form->addCommandButton("testSoapAuthConnection",
01246 "Send");
01247
01248 if ($ilCtrl->getCmd() == "testSoapAuthConnection")
01249 {
01250 include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
01251 $ret = "<br />".ilSOAPAuth::testConnection(
01252 ilUtil::stripSlashes($_POST["ext_uid"]),
01253 ilUtil::stripSlashes($_POST["soap_pw"]),
01254 (boolean) $_POST["new_user"]
01255 );
01256 }
01257
01258 $stpl->setVariable("TEST_FORM", $form->getHtml().$ret);
01259 $this->tpl->setContent($stpl->get());
01260 }
01261
01262 function testSoapAuthConnectionObject()
01263 {
01264 $this->editSOAPObject();
01265 }
01266
01272 function saveSOAPObject()
01273 {
01274 global $ilUser, $ilSetting;
01275
01276
01277 if (!$_POST["soap"]["server"])
01278 {
01279 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
01280 }
01281
01282
01283 if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/",$_POST["soap"]["port"])) == false)
01284 {
01285 $this->ilias->raiseError($this->lng->txt("err_invalid_port"),$this->ilias->error_obj->MESSAGE);
01286 }
01287
01288 $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
01289 $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
01290 $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
01291 $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
01292 $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
01293 $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
01294 $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
01295 $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
01296 $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
01297 $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
01298 $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
01299 ilUtil::sendInfo($this->lng->txt("auth_soap_settings_saved"),true);
01300
01301 $this->ctrl->redirect($this,'editSOAP');
01302 }
01303
01309 function editScriptObject()
01310 {
01311 global $rbacsystem;
01312
01313 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
01314 {
01315 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
01316 }
01317
01318 if ($_SESSION["error_post_vars"])
01319 {
01320 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
01321 }
01322 else
01323 {
01324
01325 $settings = $this->ilias->getAllSettings();
01326
01327 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
01328 }
01329
01330 $this->tabs_gui->setTabActive('auth_script');
01331
01332 $this->getTemplateFile("script");
01333
01334 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
01335 $this->tpl->setVariable("COLSPAN", 3);
01336 $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
01337 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
01338 $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
01339
01340 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
01341 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01342 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
01343 $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
01344 }
01345
01351 function saveScriptObject()
01352 {
01353
01354 if (!$_POST["auth_script"]["name"])
01355 {
01356 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
01357 }
01358
01359
01360
01361
01362
01363
01364
01365
01366
01367
01368
01369 $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
01370 $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
01371
01372 ilUtil::sendInfo($this->lng->txt("auth_mode_changed_to")." ".$this->getAuthModeTitle(),true);
01373 $this->ctrl->redirect($this,'editScript');
01374 }
01375
01376
01383 function getAuthModeTitle()
01384 {
01385 switch ($this->ilias->getSetting("auth_mode"))
01386 {
01387 case AUTH_LOCAL:
01388 return $this->lng->txt("auth_local");
01389 break;
01390
01391 case AUTH_LDAP:
01392 return $this->lng->txt("auth_ldap");
01393 break;
01394
01395 case AUTH_SHIBBOLETH:
01396 return $this->lng->txt("auth_shib");
01397 break;
01398
01399 case AUTH_RADIUS:
01400 return $this->lng->txt("auth_radius");
01401 break;
01402
01403 case AUTH_SCRIPT:
01404 return $this->lng->txt("auth_script");
01405 break;
01406
01407 default:
01408 return $this->lng->txt("unknown");
01409 break;
01410 }
01411 }
01412
01413 function updateAuthRolesObject()
01414 {
01415 global $rbacsystem;
01416
01417 if (!$rbacsystem->checkAccess("write",$this->object->getRefId()))
01418 {
01419 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
01420 }
01421
01422 include_once('classes/class.ilObjRole.php');
01423 ilObjRole::_updateAuthMode($_POST['Fobject']);
01424
01425 ilUtil::sendInfo($this->lng->txt("auth_mode_roles_changed"),true);
01426 $this->ctrl->redirect($this,'authSettings');
01427 }
01428
01434 protected function initAuthModeDetermination()
01435 {
01436 if(is_object($this->form))
01437 {
01438 return true;
01439 }
01440
01441
01442 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
01443 $det = ilAuthModeDetermination::_getInstance();
01444 if($det->getCountActiveAuthModes() <= 1)
01445 {
01446 return false;
01447 }
01448
01449 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
01450 $this->form = new ilPropertyFormGUI();
01451 $this->form->setFormAction($this->ctrl->getFormAction($this));
01452 $this->form->setTableWidth('100%');
01453 $this->form->setTitle($this->lng->txt('auth_auth_mode_determination'));
01454 $this->form->addCommandButton('updateAuthModeDetermination',$this->lng->txt('save'));
01455 $this->form->addCommandButton('authSettings',$this->lng->txt('cancel'));
01456
01457 $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'),'kind');
01458 $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
01459 $kind->setValue($det->getKind());
01460 $kind->setRequired(true);
01461
01462 $option_user = new ilRadioOption($this->lng->txt('auth_by_user'),0);
01463 $kind->addOption($option_user);
01464
01465 $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'),1);
01466
01467 include_once('Services/Authentication/classes/class.ilAuthUtils.php');
01468
01469 $auth_sequenced = $det->getAuthModeSequence();
01470 $counter = 1;
01471 foreach($auth_sequenced as $auth_mode)
01472 {
01473 switch($auth_mode)
01474 {
01475 case AUTH_LDAP:
01476 $text = $this->lng->txt('auth_ldap');
01477 break;
01478 case AUTH_RADIUS:
01479 $text = $this->lng->txt('auth_radius');
01480 break;
01481 case AUTH_LOCAL:
01482 $text = $this->lng->txt('auth_local');
01483 break;
01484 }
01485
01486
01487 $pos = new ilTextInputGUI($text,'position['.$auth_mode.']');
01488 $pos->setValue($counter++);
01489 $pos->setSize(1);
01490 $pos->setMaxLength(1);
01491 $option_determination->addSubItem($pos);
01492 }
01493 $kind->addOption($option_determination);
01494 $this->form->addItem($kind);
01495 return true;
01496 }
01497
01504 public function updateAuthModeDeterminationObject()
01505 {
01506 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
01507 $det = ilAuthModeDetermination::_getInstance();
01508
01509 $det->setKind((int) $_POST['kind']);
01510
01511 $pos = $_POST['position'] ? $_POST['position'] : array();
01512 asort($pos,SORT_NUMERIC);
01513
01514 $counter = 0;
01515 foreach($pos as $auth_mode => $dummy)
01516 {
01517 $position[$counter++] = $auth_mode;
01518 }
01519 $det->setAuthModeSequence($position ? $position : array());
01520 $det->save();
01521
01522 ilUtil::sendInfo($this->lng->txt('settings_saved'));
01523 $this->authSettingsObject();
01524 }
01525
01526
01527 function &executeCommand()
01528 {
01529 global $ilAccess,$ilErr;
01530
01531 $next_class = $this->ctrl->getNextClass($this);
01532 $cmd = $this->ctrl->getCmd();
01533 $this->prepareOutput();
01534
01535
01536 if(!$ilAccess->checkAccess('read','',$this->object->getRefId()))
01537 {
01538 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'),$ilErr->WARNING);
01539 }
01540
01541 switch($next_class)
01542 {
01543 case 'ilregistrationsettingsgui':
01544
01545 include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
01546
01547
01548 $this->tabs_gui->setTabActive('registration_settings');
01549 $registration_gui =& new ilRegistrationSettingsGUI();
01550 $this->ctrl->forwardCommand($registration_gui);
01551 break;
01552
01553 case 'ilpermissiongui':
01554
01555
01556 $this->tabs_gui->setTabActive('perm_settings');
01557
01558 include_once("./classes/class.ilPermissionGUI.php");
01559 $perm_gui =& new ilPermissionGUI($this);
01560 $ret =& $this->ctrl->forwardCommand($perm_gui);
01561 break;
01562
01563 case 'illdapsettingsgui':
01564
01565
01566 $this->tabs_gui->setTabActive('auth_ldap');
01567
01568 include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
01569 $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
01570 $this->ctrl->forwardCommand($ldap_settings_gui);
01571 break;
01572
01573 case 'ilradiussettingsgui':
01574
01575 $this->tabs_gui->setTabActive('auth_radius');
01576 include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
01577 $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
01578 $this->ctrl->forwardCommand($radius_settings_gui);
01579 break;
01580
01581
01582 default:
01583 if(!$cmd)
01584 {
01585 $cmd = "authSettings";
01586 }
01587 $cmd .= "Object";
01588 $this->$cmd();
01589
01590 break;
01591 }
01592 return true;
01593 }
01594
01595 function getAdminTabs(&$tabs_gui)
01596 {
01597 $this->getTabs($tabs_gui);
01598 }
01599
01605 function getTabs(&$tabs_gui)
01606 {
01607 global $rbacsystem;
01608
01609 $this->ctrl->setParameter($this,"ref_id",$this->object->getRefId());
01610
01611 if ($rbacsystem->checkAccess("visible,read",$this->object->getRefId()))
01612 {
01613
01614 $tabs_gui->addTarget('registration_settings',
01615 $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui','view'));
01616
01617 $tabs_gui->addTarget("authentication_settings", $this->ctrl->getLinkTarget($this, "authSettings"),
01618 "", "", "");
01619
01620 $tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTargetByClass('illdapsettingsgui','serverList'),
01621 "", "", "");
01622
01623
01624 #$tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
01625 # "", "", "");
01626
01627 $tabs_gui->addTarget("auth_shib", $this->ctrl->getLinkTarget($this, "editSHIB"),
01628 "", "", "");
01629
01630 $tabs_gui->addTarget("auth_cas", $this->ctrl->getLinkTarget($this, "editCAS"),
01631 "", "", "");
01632
01633 $tabs_gui->addTarget("auth_radius", $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
01634 "", "", "");
01635
01636 $tabs_gui->addTarget("auth_soap", $this->ctrl->getLinkTarget($this, "editSOAP"),
01637 "", "", "");
01638
01639 }
01640
01641 if ($rbacsystem->checkAccess('edit_permission',$this->object->getRefId()))
01642 {
01643 $tabs_gui->addTarget("perm_settings",
01644 $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
01645 array("perm","info","owner"), 'ilpermissiongui');
01646 }
01647 }
01648
01652 function setSubTabs($a_tab)
01653 {
01654 global $rbacsystem,$ilUser,$ilAccess;
01655
01656 switch ($a_tab)
01657 {
01658 case 'authSettings':
01659 if($ilAccess->checkAccess('write','',$this->object->getRefId()))
01660 {
01661 $this->tabs_gui->addSubTabTarget("auth_settings",
01662 $this->ctrl->getLinkTarget($this,'authSettings'),
01663 "");
01664 }
01665
01666 if($ilAccess->checkAccess('write','',$this->object->getRefId()))
01667 {
01668 $this->tabs_gui->addSubTabTarget("login_information",
01669 $this->ctrl->getLinkTarget($this,'loginInfo'),
01670 "");
01671 }
01672 break;
01673 }
01674 }
01675 }
01676 ?>
