ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Static Public Member Functions | Data Fields | Static Public Attributes | Private Member Functions | Private Attributes | Static Private Attributes
ilSecuritySettings Class Reference

Singleton class that stores all security settings. More...

+ Collaboration diagram for ilSecuritySettings:

Public Member Functions

 getSecuritySettingsRefId ()
 setAccountSecurityMode ($a_mode)
 set the account security mode
 getAccountSecurityMode ()
 get the account security mode
 setPasswordCharsAndNumbersEnabled ($a_chars_and_numbers_enabled)
 set if the passwords have to contain characters and numbers
 isPasswordCharsAndNumbersEnabled ()
 get boolean if the passwords have to contain characters and numbers
 setPasswordSpecialCharsEnabled ($a_password_special_chars_enabled)
 set if the passwords have to contain special characters
 isPasswordSpecialCharsEnabled ()
 get boolean if the passwords have to contain special characters
 setPasswordMinLength ($a_password_min_length)
 set the minimum length for passwords
 getPasswordMinLength ()
 get the minimum length for passwords
 setPasswordMaxLength ($a_password_max_length)
 set the maximum length for passwords
 getPasswordMaxLength ()
 get the maximum length for passwords
 setPasswordMaxAge ($a_password_max_age)
 set the maximum password age
 getPasswordMaxAge ()
 get the maximum password age
 setLoginMaxAttempts ($a_login_max_attempts)
 set the maximum count of login attempts
 getLoginMaxAttempts ()
 get the maximum count of login attempts
 setAutomaticHTTPSEnabled ($varname)
 write access to enable automatic https detection
 setAutomaticHTTPSHeaderName ($varname)
 set header name for automatic https detection
 setAutomaticHTTPSHeaderValue ($varname)
 set header value for automatic https detection
 getAutomaticHTTPSHeaderName ()
 read access to header name for automatic https detection
 getAutomaticHTTPSHeaderValue ()
 read access to header value for automatic https detection
 isAutomaticHTTPSEnabled ()
 read access to switch if automatic https detection is enabled
 setHTTPSEnabled ($value)
 Enable https for certain scripts.
 isHTTPSEnabled ()
 read access to https enabled property
 setPasswordChangeOnFirstLoginEnabled ($a_password_change_on_first_login_enabled)
 set if the passwords have to be changed by users on first login
 isPasswordChangeOnFirstLoginEnabled ()
 get boolean if the passwords have to be changed by users on first login
 isAdminRoleProtected ()
 Check if admin role is protected.
 protectedAdminRole ($a_stat)
 Set admin role protection status.
 checkAdminRoleAccessible ($a_usr_id)
 Check if the administrator role is accessible for a specific user.
 save ()
 Save settings.
 validate ()
 validate settings
 isPreventionOfSimultaneousLoginsEnabled ()
 Prevention of simultaneous logins with the same account.
 setPreventionOfSimultaneousLogins ($value)
 Enable/Disable prevention of simultaneous logins with the same account.

Static Public Member Functions

static _getInstance ()
 Get instance of ilSecuritySettings.

Data Fields

const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5
const SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6
const SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9
const SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10
const ACCOUNT_SECURITY_MODE_DEFAULT = 1
const ACCOUNT_SECURITY_MODE_CUSTOMIZED = 2
const DEFAULT_ACCOUNT_SECURITY_MODE = self::ACCOUNT_SECURITY_MODE_DEFAULT
const DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true
const DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false
const DEFAULT_PASSWORD_MIN_LENGTH = 8
const DEFAULT_PASSWORD_MAX_LENGTH = 0
const DEFAULT_PASSWORD_MAX_AGE = 90
const DEFAULT_LOGIN_MAX_ATTEMPTS = 5
const DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false
const DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false

Static Public Attributes

static $SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
static $SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
static $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3

Private Member Functions

 __construct ()
 Private constructor: use _getInstance()
 read ()
 read settings

Private Attributes

 $db
 $settings
 $https_header_enable
 $https_header_name
 $https_header_value
 $https_enable
 $account_security_mode = self::DEFAULT_ACCOUNT_SECURITY_MODE
 $password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
 $password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
 $password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
 $password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
 $password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
 $login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
 $password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
 $prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
 $protect_admin_role = false

Static Private Attributes

static $instance = null

Detailed Description

Singleton class that stores all security settings.

Author
Roland Küstermann rolan.nosp@m.d@ku.nosp@m.ester.nosp@m.mann.nosp@m..com
Version
$Id$

/

Definition at line 34 of file class.ilSecuritySettings.php.

Constructor & Destructor Documentation

ilSecuritySettings::__construct ( )
private

Private constructor: use _getInstance()

private

Parameters

Definition at line 93 of file class.ilSecuritySettings.php.

References $ilSetting, and read().

{
global $ilSetting,$ilDB;
$this->db = $ilDB;
$this->settings = $ilSetting;
$this->read();
}

+ Here is the call graph for this function:

Member Function Documentation

static ilSecuritySettings::_getInstance ( )
static

Get instance of ilSecuritySettings.

Returns
ilSecuritySettings instance public

Definition at line 111 of file class.ilSecuritySettings.php.

References $instance.

Referenced by ilAuthBase\failedLoginObserver(), ilUtil\generatePasswords(), ilUtil\getPasswordRequirementsInfo(), ilUtil\isPassword(), ilObjUser\isPasswordChangeDemanded(), ilObjUser\isPasswordExpired(), ilAuthBase\loginObserver(), ilObjUserGUI\roleassignmentObject(), ilObjPrivacySecurityGUI\save_security(), ilObjPrivacySecurityGUI\showSecurity(), ilObjUserGUI\updateObject(), and ilObjRoleGUI\userassignmentObject().

{
if(is_object(self::$instance))
{
return self::$instance;
}
return self::$instance = new ilSecuritySettings();
}

+ Here is the caller graph for this function:

ilSecuritySettings::checkAdminRoleAccessible (   $a_usr_id)

Check if the administrator role is accessible for a specific user.

Parameters
int$a_usr_id

Definition at line 406 of file class.ilSecuritySettings.php.

References isAdminRoleProtected().

{
global $rbacreview;
if(!$this->isAdminRoleProtected())
{
return true;
}
if($rbacreview->isAssigned($a_usr_id,SYSTEM_ROLE_ID))
{
return true;
}
return false;
}

+ Here is the call graph for this function:

ilSecuritySettings::getAccountSecurityMode ( )

get the account security mode

Returns
integer account security mode

Definition at line 146 of file class.ilSecuritySettings.php.

References $account_security_mode.

Referenced by save(), and validate().

{
return $this->account_security_mode;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getAutomaticHTTPSHeaderName ( )

read access to header name for automatic https detection

Returns
string header name

Definition at line 315 of file class.ilSecuritySettings.php.

References $https_header_name.

Referenced by save(), and validate().

{
return $this->https_header_name;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getAutomaticHTTPSHeaderValue ( )

read access to header value for automatic https detection

Returns
string header value

Definition at line 325 of file class.ilSecuritySettings.php.

References $https_header_value.

Referenced by save(), and validate().

{
return $this->https_header_value;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getLoginMaxAttempts ( )

get the maximum count of login attempts

Returns
integer password max login attempts

Definition at line 274 of file class.ilSecuritySettings.php.

References $login_max_attempts.

Referenced by save(), and validate().

{
return $this->login_max_attempts;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getPasswordMaxAge ( )

get the maximum password age

Returns
integer password max age

Definition at line 254 of file class.ilSecuritySettings.php.

References $password_max_age.

Referenced by save(), and validate().

{
return $this->password_max_age;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getPasswordMaxLength ( )

get the maximum length for passwords

Returns
integer password max length

Definition at line 234 of file class.ilSecuritySettings.php.

References $password_max_length.

Referenced by save(), and validate().

{
return $this->password_max_length;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getPasswordMinLength ( )

get the minimum length for passwords

Returns
integer password min length

Definition at line 214 of file class.ilSecuritySettings.php.

References $password_min_length.

Referenced by save(), and validate().

{
return $this->password_min_length;
}

+ Here is the caller graph for this function:

ilSecuritySettings::getSecuritySettingsRefId ( )

Definition at line 120 of file class.ilSecuritySettings.php.

References $ref_id.

{
return $this->ref_id;
}
ilSecuritySettings::isAdminRoleProtected ( )

Check if admin role is protected.

Returns
type

Definition at line 388 of file class.ilSecuritySettings.php.

References $protect_admin_role.

Referenced by checkAdminRoleAccessible(), and save().

{
return (bool) $this->protect_admin_role;
}

+ Here is the caller graph for this function:

ilSecuritySettings::isAutomaticHTTPSEnabled ( )

read access to switch if automatic https detection is enabled

Returns
boolean true, if detection is enabled, false otherwise

Definition at line 335 of file class.ilSecuritySettings.php.

References $https_header_enable.

Referenced by save(), and validate().

{
return $this->https_header_enable;
}

+ Here is the caller graph for this function:

ilSecuritySettings::isHTTPSEnabled ( )

read access to https enabled property

Returns
boolean true, if enabled, false otherwise

Definition at line 355 of file class.ilSecuritySettings.php.

References $https_enable.

Referenced by save(), and validate().

{
return $this->https_enable;
}

+ Here is the caller graph for this function:

ilSecuritySettings::isPasswordChangeOnFirstLoginEnabled ( )

get boolean if the passwords have to be changed by users on first login

Returns
boolean password change on first login enabled

Definition at line 379 of file class.ilSecuritySettings.php.

References $password_change_on_first_login_enabled.

Referenced by save().

{
return $this->password_change_on_first_login_enabled;
}

+ Here is the caller graph for this function:

ilSecuritySettings::isPasswordCharsAndNumbersEnabled ( )

get boolean if the passwords have to contain characters and numbers

Returns
boolean characters and numbers enabled

Definition at line 170 of file class.ilSecuritySettings.php.

References $password_chars_and_numbers_enabled.

Referenced by save(), and validate().

{
return $this->password_chars_and_numbers_enabled;
}

+ Here is the caller graph for this function:

ilSecuritySettings::isPasswordSpecialCharsEnabled ( )

get boolean if the passwords have to contain special characters

Returns
boolean password special chars enabled

Definition at line 194 of file class.ilSecuritySettings.php.

References $password_special_chars_enabled.

Referenced by save(), and validate().

{
return $this->password_special_chars_enabled;
}

+ Here is the caller graph for this function:

ilSecuritySettings::isPreventionOfSimultaneousLoginsEnabled ( )

Prevention of simultaneous logins with the same account.

Returns
boolean true, if prevention of simultaneous logins with the same account is enabled, false otherwise

Definition at line 569 of file class.ilSecuritySettings.php.

References $prevent_simultaneous_logins.

Referenced by save().

{
return (bool)$this->prevent_simultaneous_logins;
}

+ Here is the caller graph for this function:

ilSecuritySettings::protectedAdminRole (   $a_stat)

Set admin role protection status.

Parameters
type$a_stat

Definition at line 397 of file class.ilSecuritySettings.php.

{
$this->protect_admin_role = $a_stat;
}
ilSecuritySettings::read ( )
private

read settings

private

Parameters

Definition at line 452 of file class.ilSecuritySettings.php.

References $query, $res, $row, and DB_FETCHMODE_ASSOC.

Referenced by __construct().

{
global $ilDB;
$query = "SELECT object_reference.ref_id FROM object_reference,tree,object_data ".
"WHERE tree.parent = ".$ilDB->quote(SYSTEM_FOLDER_ID,'integer')." ".
"AND object_data.type = 'ps' ".
"AND object_reference.ref_id = tree.child ".
"AND object_reference.obj_id = object_data.obj_id";
$res = $this->db->query($query);
$row = $res->fetchRow(DB_FETCHMODE_ASSOC);
$this->ref_id = $row["ref_id"];
$this->https_header_enable = (bool) $this->settings->get('ps_auto_https_enabled',false);
$this->https_header_name = (string) $this->settings->get('ps_auto_https_headername',"ILIAS_HTTPS_ENABLED");
$this->https_header_value = (string) $this->settings->get('ps_auto_https_headervalue',"1");
$this->https_enable = (boolean) $this->settings->get('https', false);
$this->account_security_mode = (int) $this->settings->get('ps_account_security_mode', self::DEFAULT_ACCOUNT_SECURITY_MODE);
$this->password_chars_and_numbers_enabled = (bool) $this->settings->get('ps_password_chars_and_numbers_enabled', self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED);
$this->password_special_chars_enabled = (bool) $this->settings->get('ps_password_special_chars_enabled', self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED);
$this->password_min_length = (int) $this->settings->get('ps_password_min_length', self::DEFAULT_PASSWORD_MIN_LENGTH);
$this->password_max_length = (int) $this->settings->get('ps_password_max_length', self::DEFAULT_PASSWORD_MAX_LENGTH);
$this->password_max_age = (int) $this->settings->get('ps_password_max_age', self::DEFAULT_PASSWORD_MAX_AGE);
$this->login_max_attempts = (int) $this->settings->get('ps_login_max_attempts', self::DEFAULT_LOGIN_MAX_ATTEMPTS);
$this->password_change_on_first_login_enabled = (bool) $this->settings->get('ps_password_change_on_first_login_enabled', self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED);
$this->prevent_simultaneous_logins = (bool) $this->settings->get('ps_prevent_simultaneous_logins', self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS);
$this->protect_admin_role = (bool) $this->settings->get('ps_protect_admin',$this->protect_admin_role);
}

+ Here is the caller graph for this function:

ilSecuritySettings::save ( )

Save settings.

Definition at line 426 of file class.ilSecuritySettings.php.

References getAccountSecurityMode(), getAutomaticHTTPSHeaderName(), getAutomaticHTTPSHeaderValue(), getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), isAdminRoleProtected(), isAutomaticHTTPSEnabled(), isHTTPSEnabled(), isPasswordChangeOnFirstLoginEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), and isPreventionOfSimultaneousLoginsEnabled().

{
$this->settings->set('ps_auto_https_enabled',(bool) $this->isAutomaticHTTPSEnabled());
$this->settings->set('ps_auto_https_headername',(string) $this->getAutomaticHTTPSHeaderName());
$this->settings->set('ps_auto_https_headervalue',(string) $this->getAutomaticHTTPSHeaderValue());
$this->settings->set('https',(string) $this->isHTTPSEnabled());
$this->settings->set('ps_account_security_mode',(int) $this->getAccountSecurityMode());
$this->settings->set('ps_password_chars_and_numbers_enabled',(bool) $this->isPasswordCharsAndNumbersEnabled());
$this->settings->set('ps_password_special_chars_enabled',(bool) $this->isPasswordSpecialCharsEnabled());
$this->settings->set('ps_password_min_length',(int) $this->getPasswordMinLength());
$this->settings->set('ps_password_max_length',(int) $this->getPasswordMaxLength());
$this->settings->set('ps_password_max_age',(int) $this->getPasswordMaxAge());
$this->settings->set('ps_login_max_attempts',(int) $this->getLoginMaxAttempts());
$this->settings->set('ps_password_change_on_first_login_enabled',(bool) $this->isPasswordChangeOnFirstLoginEnabled());
$this->settings->set('ps_prevent_simultaneous_logins', (int)$this->isPreventionOfSimultaneousLoginsEnabled());
$this->settings->set('ps_protect_admin', (int) $this->isAdminRoleProtected());
}

+ Here is the call graph for this function:

ilSecuritySettings::setAccountSecurityMode (   $a_mode)

set the account security mode

Parameters
integer$a_mode

Definition at line 135 of file class.ilSecuritySettings.php.

{
$this->account_security_mode = $a_mode;
}
ilSecuritySettings::setAutomaticHTTPSEnabled (   $varname)

write access to enable automatic https detection

Parameters
boolean$varname

Definition at line 285 of file class.ilSecuritySettings.php.

{
$this->https_header_enable = $varname;
}
ilSecuritySettings::setAutomaticHTTPSHeaderName (   $varname)

set header name for automatic https detection

Parameters
string$varname

Definition at line 295 of file class.ilSecuritySettings.php.

{
$this->https_header_name = $varname;
}
ilSecuritySettings::setAutomaticHTTPSHeaderValue (   $varname)

set header value for automatic https detection

Parameters
string$varname

Definition at line 305 of file class.ilSecuritySettings.php.

{
$this->https_header_value = $varname;
}
ilSecuritySettings::setHTTPSEnabled (   $value)

Enable https for certain scripts.

Parameters
boolean$value

Definition at line 345 of file class.ilSecuritySettings.php.

{
$this->https_enable = $value;
}
ilSecuritySettings::setLoginMaxAttempts (   $a_login_max_attempts)

set the maximum count of login attempts

Parameters
integer$a_login_max_attempts

Definition at line 264 of file class.ilSecuritySettings.php.

{
$this->login_max_attempts = $a_login_max_attempts;
}
ilSecuritySettings::setPasswordChangeOnFirstLoginEnabled (   $a_password_change_on_first_login_enabled)

set if the passwords have to be changed by users on first login

Parameters
boolean$a_password_change_on_first_login_enabled

Definition at line 367 of file class.ilSecuritySettings.php.

{
$this->password_change_on_first_login_enabled = $a_password_change_on_first_login_enabled;
}
ilSecuritySettings::setPasswordCharsAndNumbersEnabled (   $a_chars_and_numbers_enabled)

set if the passwords have to contain characters and numbers

Parameters
boolean$a_chars_and_numbers_enabled

Definition at line 158 of file class.ilSecuritySettings.php.

{
$this->password_chars_and_numbers_enabled = $a_chars_and_numbers_enabled;
}
ilSecuritySettings::setPasswordMaxAge (   $a_password_max_age)

set the maximum password age

Parameters
integer$a_password_max_age

Definition at line 244 of file class.ilSecuritySettings.php.

{
$this->password_max_age = $a_password_max_age;
}
ilSecuritySettings::setPasswordMaxLength (   $a_password_max_length)

set the maximum length for passwords

Parameters
integer$a_password_max_length

Definition at line 224 of file class.ilSecuritySettings.php.

{
$this->password_max_length = $a_password_max_length;
}
ilSecuritySettings::setPasswordMinLength (   $a_password_min_length)

set the minimum length for passwords

Parameters
integer$a_password_min_length

Definition at line 204 of file class.ilSecuritySettings.php.

{
$this->password_min_length = $a_password_min_length;
}
ilSecuritySettings::setPasswordSpecialCharsEnabled (   $a_password_special_chars_enabled)

set if the passwords have to contain special characters

Parameters
boolean$a_password_special_chars_enabled

Definition at line 182 of file class.ilSecuritySettings.php.

{
$this->password_special_chars_enabled = $a_password_special_chars_enabled;
}
ilSecuritySettings::setPreventionOfSimultaneousLogins (   $value)

Enable/Disable prevention of simultaneous logins with the same account.

Parameters
boolean$value

Definition at line 579 of file class.ilSecuritySettings.php.

{
$this->prevent_simultaneous_logins = (bool)$value;
}
ilSecuritySettings::validate ( )

validate settings

Returns
0, if everything is ok, an error code otherwise

Definition at line 489 of file class.ilSecuritySettings.php.

References $password_min_length, $SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE, ilHTTPS\_checkHTTPS(), getAccountSecurityMode(), getAutomaticHTTPSHeaderName(), getAutomaticHTTPSHeaderValue(), getLoginMaxAttempts(), getPasswordMaxAge(), getPasswordMaxLength(), getPasswordMinLength(), isAutomaticHTTPSEnabled(), isHTTPSEnabled(), isPasswordCharsAndNumbersEnabled(), isPasswordSpecialCharsEnabled(), SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH, SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH, SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2, and SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3.

{
if ($this->isAutomaticHTTPSEnabled() &&
(strlen($this->getAutomaticHTTPSHeaderName()) == 0 ||
strlen($this->getAutomaticHTTPSHeaderValue()) == 0)
)
{
return ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS;
}
include_once './Services/Http/classes/class.ilHTTPS.php';
if ($this->isHTTPSEnabled())
{
if(!ilHTTPS::_checkHTTPS())
{
return ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE;
}
}
#elseif(!ilHTTPS::_checkHTTP())
#{
# return ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE;
#}
if( $this->getAccountSecurityMode() == self::ACCOUNT_SECURITY_MODE_CUSTOMIZED )
{
if( $this->getPasswordMinLength() < 0 )
{
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH;
}
if( $this->getPasswordMaxLength() < 0 )
{
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH;
}
$password_min_length = 1;
if( $this->isPasswordCharsAndNumbersEnabled() )
{
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2;
if( $this->isPasswordSpecialCharsEnabled() )
{
$password_min_length++;
$password_min_length_error_code = self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3;
}
}
if( $this->getPasswordMinLength() > 0 && $this->getPasswordMinLength() < $password_min_length )
{
return $password_min_length_error_code;
}
if( $this->getPasswordMaxLength() > 0 && $this->getPasswordMaxLength() < $this->getPasswordMinLength() )
{
return self::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH;
}
if( $this->getPasswordMaxAge() < 0 )
{
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE;
}
if( $this->getLoginMaxAttempts() < 0 )
{
return self::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS;
}
}
/*
* todo: have to check for local auth if first login password change is enabled??
* than: add errorcode
*/
return 0;
}

+ Here is the call graph for this function:

Field Documentation

ilSecuritySettings::$account_security_mode = self::DEFAULT_ACCOUNT_SECURITY_MODE
private

Definition at line 73 of file class.ilSecuritySettings.php.

Referenced by getAccountSecurityMode().

ilSecuritySettings::$db
private

Definition at line 54 of file class.ilSecuritySettings.php.

ilSecuritySettings::$https_enable
private

Definition at line 60 of file class.ilSecuritySettings.php.

Referenced by isHTTPSEnabled().

ilSecuritySettings::$https_header_enable
private

Definition at line 57 of file class.ilSecuritySettings.php.

Referenced by isAutomaticHTTPSEnabled().

ilSecuritySettings::$https_header_name
private

Definition at line 58 of file class.ilSecuritySettings.php.

Referenced by getAutomaticHTTPSHeaderName().

ilSecuritySettings::$https_header_value
private

Definition at line 59 of file class.ilSecuritySettings.php.

Referenced by getAutomaticHTTPSHeaderValue().

ilSecuritySettings::$instance = null
staticprivate

Definition at line 53 of file class.ilSecuritySettings.php.

Referenced by _getInstance().

ilSecuritySettings::$login_max_attempts = self::DEFAULT_LOGIN_MAX_ATTEMPTS
private

Definition at line 79 of file class.ilSecuritySettings.php.

Referenced by getLoginMaxAttempts().

ilSecuritySettings::$password_change_on_first_login_enabled = self::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED
private

Definition at line 81 of file class.ilSecuritySettings.php.

Referenced by isPasswordChangeOnFirstLoginEnabled().

ilSecuritySettings::$password_chars_and_numbers_enabled = self::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED
private

Definition at line 74 of file class.ilSecuritySettings.php.

Referenced by isPasswordCharsAndNumbersEnabled().

ilSecuritySettings::$password_max_age = self::DEFAULT_PASSWORD_MAX_AGE
private

Definition at line 78 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxAge().

ilSecuritySettings::$password_max_length = self::DEFAULT_PASSWORD_MAX_LENGTH
private

Definition at line 77 of file class.ilSecuritySettings.php.

Referenced by getPasswordMaxLength().

ilSecuritySettings::$password_min_length = self::DEFAULT_PASSWORD_MIN_LENGTH
private

Definition at line 76 of file class.ilSecuritySettings.php.

Referenced by getPasswordMinLength(), and validate().

ilSecuritySettings::$password_special_chars_enabled = self::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED
private

Definition at line 75 of file class.ilSecuritySettings.php.

Referenced by isPasswordSpecialCharsEnabled().

ilSecuritySettings::$prevent_simultaneous_logins = self::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS
private

Definition at line 82 of file class.ilSecuritySettings.php.

Referenced by isPreventionOfSimultaneousLoginsEnabled().

ilSecuritySettings::$protect_admin_role = false
private

Definition at line 84 of file class.ilSecuritySettings.php.

Referenced by isAdminRoleProtected().

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_AUTO_HTTPS = 1
static

Definition at line 36 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct().

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTP_NOT_AVAILABLE = 2
static

Definition at line 37 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct().

ilSecuritySettings::$SECURITY_SETTINGS_ERR_CODE_HTTPS_NOT_AVAILABLE = 3
static

Definition at line 38 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

ilSecuritySettings::$settings
private

Definition at line 55 of file class.ilSecuritySettings.php.

const ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED = 2

Definition at line 50 of file class.ilSecuritySettings.php.

Referenced by ilAuthBase\failedLoginObserver(), ilUtil\getPasswordRequirementsInfo(), ilUtil\isPassword(), ilObjUser\isPasswordExpired(), ilAuthBase\loginObserver(), ilObjPrivacySecurityGUI\showSecurity(), and ilObjUserGUI\updateObject().

const ilSecuritySettings::ACCOUNT_SECURITY_MODE_DEFAULT = 1

Definition at line 49 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\showSecurity().

const ilSecuritySettings::DEFAULT_ACCOUNT_SECURITY_MODE = self::ACCOUNT_SECURITY_MODE_DEFAULT

Definition at line 62 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_LOGIN_MAX_ATTEMPTS = 5

Definition at line 68 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PASSWORD_CHANGE_ON_FIRST_LOGIN_ENABLED = false

Definition at line 70 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PASSWORD_CHARS_AND_NUMBERS_ENABLED = true

Definition at line 63 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_AGE = 90

Definition at line 67 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PASSWORD_MAX_LENGTH = 0

Definition at line 66 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PASSWORD_MIN_LENGTH = 8

Definition at line 65 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PASSWORD_SPECIAL_CHARS_ENABLED = false

Definition at line 64 of file class.ilSecuritySettings.php.

const ilSecuritySettings::DEFAULT_PREVENT_SIMULTANEOUS_LOGINS = false

Definition at line 71 of file class.ilSecuritySettings.php.

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_LOGIN_MAX_ATTEMPTS = 7

Definition at line 43 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_AGE = 6

Definition at line 42 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MAX_LENGTH = 5

Definition at line 41 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_INVALID_PASSWORD_MIN_LENGTH = 4

Definition at line 40 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MAX_LENGTH_LESS_MIN_LENGTH = 10

Definition at line 46 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN2 = 8

Definition at line 44 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

const ilSecuritySettings::SECURITY_SETTINGS_ERR_CODE_PASSWORD_MIN_LENGTH_MIN3 = 9

Definition at line 45 of file class.ilSecuritySettings.php.

Referenced by ilObjPrivacySecurityGUI\__construct(), and validate().

The documentation for this class was generated from the following file: