24include_once
'Auth/Container/LDAP.php';
58 include_once
'Services/LDAP/classes/class.ilLDAPServer.php';
71 parent::__construct($this->server->toPearAuthArray());
76 self::$force_creation = $a_status;
88 $this->optional_check =
true;
111 if(!$this->server->doConnectionCheck())
117 $res = parent::fetchData($username,$password);
121 $this->
log->notice(
'Authentication failed with message:' .
$res->getMessage());
124 elseif (
$res ==
true)
126 $this->
log->debug(
'Authentication successful');
132 return parent::fetchData($username,$password);
148 $this->
log->debug(
'Checking group restrictions...');
151 $groups = $this->server->getGroupNames();
155 $this->
log->debug(
'no group restrictions found');
158 elseif($this->server->isMembershipOptional() and !$this->optional_check)
160 $this->
log->debug(
'Group membership is otional');
164 foreach($groups as $group)
166 $this->options[
'group'] = $group;
168 if(parent::checkGroup($a_name))
184 $this->options[
'userfilter'] = $this->server->getGroupUserFilter();
196 $user_data = array_change_key_case($a_auth->getAuthData(),CASE_LOWER);
200 include_once
'./Services/LDAP/classes/class.ilLDAPUserSynchronisation.php';
202 $sync->setExternalAccount($a_username);
203 $sync->setUserData($user_data);
204 $sync->forceCreation(self::$force_creation);
207 $internal_account = $sync->sync();
209 catch(UnexpectedValueException $e) {
210 $this->
log->info(
'Login failed with message: ' . $e->getMessage());
217 $this->
log->info(
'Login failed with message: ' . $e->getMessage());
223 $this->
log->info(
'Starting account migration');
225 ilUtil::redirect(
'ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
228 $a_auth->setAuth($internal_account);
239 include_once(
'Services/LDAP/classes/class.ilLDAPAttributeToUser.php');
260 $a_username = isset($a_user_data[strtolower($this->server->getUserAttribute())]) ?
261 $a_user_data[strtolower($this->server->getUserAttribute())] :
265 if(!is_array($a_username))
269 foreach($a_username as $name)
278 return $a_username[0];
290 #$GLOBALS['ilLog']->write(__METHOD__.': Required 1');
294 include_once
'./Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
297 #$GLOBALS['ilLog']->write(__METHOD__.': Required 2');
300 include_once
'./Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
303 #$GLOBALS['ilLog']->write(__METHOD__.': Required 3');
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
isError($data, $code=null)
Tell whether a value is a PEAR error.
const AUTH_LDAP_NO_ILIAS_USER
Overwritten Pear class AuthContainerLDAP This class is overwritten to support nested groups.
loginObserver($a_username, $a_auth)
Called from fetchData after successful login.
supportsCaptchaVerification()
updateRequired($a_username)
Check if an update is required.
updateUserFilter()
Update user filter.
extractUserName($a_user_data)
initLDAPAttributeToUser()
Init LDAP attribute mapping.
checkGroup($a_name)
check group overwritten base class
fetchData($username, $password)
Overwritten from base class.
__construct($a_server_id=null)
Constructor.
failedLoginObserver($a_username, $a_auth)
Called from fetchData after failed login.
enableOptionalGroupCheck()
enable optional group check
enabledOptionalGroupCheck()
Check if optional group check is enabled.
Description of ilLDAPAccountMigrationRequiredException.
static hasRulesForUpdate($a_server_id)
Check if there is ldap attribute -> user data mapping which which is updated on login.
Update/create ILIAS user account by given LDAP attributes according to user attribute mapping setting...
static hasRulesForUpdate()
Check if there any rule for updates.
static getInstanceByServerId($a_server_id)
Get instance by server id.
static _getFirstActiveServer()
Get first active server.
Description of ilLDAPSyncronisationException.
Synchronization of user accounts used in auth container ldap, radius , cas,...
static getLogger($a_component_id)
Get component logger.
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
static redirect($a_script)
http redirect to other script