ILIAS  Release_4_3_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Protected Member Functions | Private Member Functions | Private Attributes
ilAuthContainerRadius Class Reference
ServicesRadius

Overwritten Pear class AuthContainerRadius This class is overwritten to support to perform Radius authentication with specific ILIAS options. More...

+ Inheritance diagram for ilAuthContainerRadius:
+ Collaboration diagram for ilAuthContainerRadius:

Public Member Functions

 __construct ()
 Constructor.
 forceCreation ($a_status)
 Force creation of user accounts.
 loginObserver ($a_username, $a_auth)
 Called from base class after successful login.

Protected Member Functions

 handleLDAPDataSource ($a_auth, $ext_account)
 Handle ldap as data source.

Private Member Functions

 initSettings ()
 Init radius settings.
 initRADIUSAttributeToUser ()
 Init RADIUS attribute mapping.

Private Attributes

 $radius_settings = null
 $rad_to_user = null
 $log = null
 $force_creation = false

Detailed Description

Overwritten Pear class AuthContainerRadius This class is overwritten to support to perform Radius authentication with specific ILIAS options.

Author
Stefan Meyer <smeyer.de>
Version
$Id$

Definition at line 37 of file class.ilAuthContainerRadius.php.

Constructor & Destructor Documentation

ilAuthContainerRadius::__construct ( )

Constructor.

public

Parameters
arrayAn associative array of pear parameters

Definition at line 51 of file class.ilAuthContainerRadius.php.

References initSettings(), and ilRadiusSettings\RADIUS_CHARSET_LATIN1.

{
$this->initSettings();
// Convert password to latin1
if($this->radius_settings->getCharset() == ilRadiusSettings::RADIUS_CHARSET_LATIN1)
{
#$_POST['username'] = utf8_decode($_POST['username']);
#$_POST['password'] = utf8_decode($_POST['password']);
$this->log->write(__METHOD__.': Decoded username and password to latin1.');
}
parent::__construct($this->radius_settings->toPearAuthArray());
}

+ Here is the call graph for this function:

Member Function Documentation

ilAuthContainerRadius::forceCreation (   $a_status)

Force creation of user accounts.

public

Parameters
boolforce_creation

Definition at line 81 of file class.ilAuthContainerRadius.php.

{
$this->force_creation = true;
}
ilAuthContainerRadius::handleLDAPDataSource (   $a_auth,
  $ext_account 
)
protected

Handle ldap as data source.

Parameters
Auth$auth
string$ext_account

Definition at line 166 of file class.ilAuthContainerRadius.php.

References $GLOBALS, $server, AUTH_RADIUS, AUTH_RADIUS_NO_ILIAS_USER, AUTH_WRONG_LOGIN, ilLDAPServer\getDataSource(), ilLDAPServer\getInstanceByServerId(), ilUtil\redirect(), and ilLDAPUserSynchronisation\setExternalAccount().

Referenced by loginObserver().

{
include_once './Services/LDAP/classes/class.ilLDAPServer.php';
$server = ilLDAPServer::getInstanceByServerId(
ilLDAPServer::getDataSource(AUTH_RADIUS)
);
$GLOBALS['ilLog']->write(__METHOD__.'Using ldap data source');
include_once './Services/LDAP/classes/class.ilLDAPUserSynchronisation.php';
$sync = new ilLDAPUserSynchronisation('radius', $server->getServerId());
$sync->setExternalAccount($ext_account);
$sync->setUserData(array());
$sync->forceCreation($this->force_creation);
try {
$internal_account = $sync->sync();
}
catch(UnexpectedValueException $e) {
$GLOBALS['ilLog']->write(__METHOD__.': Login failed with message: '. $e->getMessage());
$a_auth->status = AUTH_WRONG_LOGIN;
$a_auth->logout();
return false;
}
catch(ilLDAPSynchronisationForbiddenException $e) {
// No syncronisation allowed => create Error
$GLOBALS['ilLog']->write(__METHOD__.': Login failed with message: '. $e->getMessage());
$a_auth->status = AUTH_RADIUS_NO_ILIAS_USER;
$a_auth->logout();
return false;
}
catch(ilLDAPAccountMigrationRequiredException $e) {
$GLOBALS['ilLog']->write(__METHOD__.': Starting account migration.');
$a_auth->logout();
ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
}
$a_auth->setAuth($internal_account);
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilAuthContainerRadius::initRADIUSAttributeToUser ( )
private

Init RADIUS attribute mapping.

private

Definition at line 155 of file class.ilAuthContainerRadius.php.

Referenced by loginObserver().

{
include_once('Services/Radius/classes/class.ilRadiusAttributeToUser.php');
$this->radius_user = new ilRadiusAttributeToUser();
}

+ Here is the caller graph for this function:

ilAuthContainerRadius::initSettings ( )
private

Init radius settings.

Returns
void

Definition at line 142 of file class.ilAuthContainerRadius.php.

References ilRadiusSettings\_getInstance().

Referenced by __construct().

{
include_once 'Services/Radius/classes/class.ilRadiusSettings.php';
$this->radius_settings = ilRadiusSettings::_getInstance();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilAuthContainerRadius::loginObserver (   $a_username,
  $a_auth 
)

Called from base class after successful login.

Parameters
stringusername

Definition at line 91 of file class.ilAuthContainerRadius.php.

References $_POST, $_SESSION, $force_creation, ilObjUser\_checkExternalAuthAccount(), AUTH_RADIUS, AUTH_RADIUS_NO_ILIAS_USER, handleLDAPDataSource(), initRADIUSAttributeToUser(), ilLDAPServer\isDataSourceActive(), and ilUtil\redirect().

{
// Radius with ldap as data source
include_once './Services/LDAP/classes/class.ilLDAPServer.php';
if(ilLDAPServer::isDataSourceActive(AUTH_RADIUS))
{
return $this->handleLDAPDataSource($a_auth,$a_username);
}
$user_data = array_change_key_case($a_auth->getAuthData(),CASE_LOWER);
$user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("radius",$a_username);
if(!$user_data['ilInternalAccount'])
{
if($this->radius_settings->enabledCreation())
{
if($this->radius_settings->isAccountMigrationEnabled() and !$this->force_creation)
{
$a_auth->logout();
$_SESSION['tmp_auth_mode'] = 'radius';
$_SESSION['tmp_external_account'] = $a_username;
$_SESSION['tmp_pass'] = $_POST['password'];
$_SESSION['tmp_roles'] = array(0 => $this->radius_settings->getDefaultRole());
ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
}
$this->initRADIUSAttributeToUser();
$new_name = $this->radius_user->create($a_username);
$a_auth->setAuth($new_name);
return true;
}
else
{
// No syncronisation allowed => create Error
$a_auth->status = AUTH_RADIUS_NO_ILIAS_USER;
$a_auth->logout();
return false;
}
}
else
{
$a_auth->setAuth($user_data['ilInternalAccount']);
return true;
}
}

+ Here is the call graph for this function:

Field Documentation

ilAuthContainerRadius::$force_creation = false
private

Definition at line 42 of file class.ilAuthContainerRadius.php.

Referenced by loginObserver().

ilAuthContainerRadius::$log = null
private

Definition at line 41 of file class.ilAuthContainerRadius.php.

ilAuthContainerRadius::$rad_to_user = null
private

Definition at line 40 of file class.ilAuthContainerRadius.php.

ilAuthContainerRadius::$radius_settings = null
private

Definition at line 39 of file class.ilAuthContainerRadius.php.

The documentation for this class was generated from the following file: