ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Public Member Functions | Private Attributes
ilAuthApache Class Reference

Apache based authentication More...

+ Inheritance diagram for ilAuthApache:
+ Collaboration diagram for ilAuthApache:

Public Member Functions

 supportsRedirects ()
 Returns true, if the current auth mode allows redirection to e.g to loginScreen, public section... More...
 
 __construct ($a_container, $a_addition_options=array())
 Contructor. More...
 
 login ()
 
- Public Member Functions inherited from Auth
 Auth ($storageDriver, $options='', $loginFunction='', $showLogin=true)
 Constructor. More...
 
applyAuthOptions (&$options)
 Set the Auth options. More...
 
 _loadStorage ()
 Load Storage Driver if not already loaded. More...
 
 assignData ()
 Assign data from login form to internal values. More...
 
 start ()
 Start new auth session. More...
 
 login ()
 Login function. More...
 
 setExpire ($time, $add=false)
 Set the maximum expire time. More...
 
 setIdle ($time, $add=false)
 Set the maximum idle time. More...
 
 setSessionName ($name='session')
 Set name of the session to a customized value. More...
 
 setShowLogin ($showLogin=true)
 Should the login form be displayed if neccessary? More...
 
 setAllowLogin ($allowLogin=true)
 Should the login form be displayed if neccessary? More...
 
 setCheckAuthCallback ($checkAuthCallback)
 Register a callback function to be called whenever the validity of the login is checked The function will receive two parameters, the username and a reference to the auth object. More...
 
 setLoginCallback ($loginCallback)
 Register a callback function to be called on user login. More...
 
 setFailedLoginCallback ($loginFailedCallback)
 Register a callback function to be called on failed user login. More...
 
 setLogoutCallback ($logoutCallback)
 Register a callback function to be called on user logout. More...
 
 setAuthData ($name, $value, $overwrite=true)
 Register additional information that is to be stored in the session. More...
 
 getAuthData ($name=null)
 Get additional information that is stored in the session. More...
 
 setAuth ($username)
 Register variable in a session telling that the user has logged in successfully. More...
 
 setAdvancedSecurity ($flag=true)
 Enables advanced security checks. More...
 
 checkAuth ()
 Checks if there is a session with valid auth information. More...
 
 getAuth ()
 Has the user been authenticated? More...
 
 logout ()
 Logout function. More...
 
 updateIdle ()
 Update the idletime. More...
 
 getUsername ()
 Get the username. More...
 
 getStatus ()
 Get the current status. More...
 
 getPostUsernameField ()
 Gets the post varible used for the username. More...
 
 getPostPasswordField ()
 Gets the post varible used for the username. More...
 
 sessionValidThru ()
 Returns the time up to the session is valid. More...
 
 listUsers ()
 List all users that are currently available in the storage container. More...
 
 addUser ($username, $password, $additional='')
 Add user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message from the Auth system. More...
 
 _loadLogger ()
 Load Log object if not already loaded. More...
 
 attachLogObserver (&$observer)
 Attach an Observer to the Auth Log Source. More...
 
 _isAdvancedSecurityEnabled ($feature=null)
 Is advanced security enabled? More...
 
- Public Member Functions inherited from ilAuthBase
 getSubStatus ()
 Get sub status. More...
 
 setSubStatus ($a_sub_status)
 Set sub status. More...
 
 supportsRedirects ()
 Returns true, if the current auth mode allows redirects to e.g the login screen, public section ... More...
 
 getContainer ()
 Get container object. More...
 
 getExceededUserName ()
 

Private Attributes

 $apache_settings
 

Additional Inherited Members

- Static Public Member Functions inherited from Auth
_factory ($driver, $options='')
 Return a storage driver based on $driver and $options. More...
 
 staticCheckAuth ($options=null)
 Statically checks if there is a session with valid auth information. More...
 
- Data Fields inherited from Auth
 $expire = 0
 
 $expired = false
 
 $idle = 0
 
 $idled = false
 
 $storage = ''
 
 $loginFunction = ''
 
 $showLogin = true
 
 $allowLogin = true
 
 $status = ''
 
 $username = ''
 
 $password = ''
 
 $checkAuthCallback = ''
 
 $loginCallback = ''
 
 $loginFailedCallback = ''
 
 $logoutCallback = ''
 
 $_sessionName = '_authsession'
 
 $version = "@version@"
 
 $advancedsecurity = false
 
 $_postUsername = 'username'
 
 $_postPassword = 'password'
 
 $session
 
 $server
 
 $post
 
 $cookie
 
 $authdata
 
 $authChecks = 0
 
 $logger = null
 
 $enableLogging = false
 
 $regenerateSessionId = false
 
- Protected Member Functions inherited from ilAuthBase
 initAuth ()
 Init auth object Enable logging, set callbacks... More...
 
 loginObserver ($a_username, $a_auth)
 Called after successful login. More...
 
 checkExceededLoginAttempts (\ilObjUser $user)
 
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login. More...
 
 checkAuthObserver ($a_username, $a_auth)
 Called after each check auth request. More...
 
 logoutObserver ($a_username, $a_auth)
 Called after logout. More...
 
- Protected Attributes inherited from ilAuthBase
 $sub_status = null
 
 $exceeded_user_name
 

Detailed Description

Apache based authentication

Author
Jan Posselt jposs.nosp@m.elt@.nosp@m.datab.nosp@m.ay.d.nosp@m.e
Version
$id$

Definition at line 35 of file class.ilAuthApache.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthApache::__construct (   $a_container,
  $a_addition_options = array() 
)

Contructor.

Returns
Parameters
object$a_container
object$a_addition_options,[optional]

Definition at line 55 of file class.ilAuthApache.php.

References $_POST, $_SERVER, $_SESSION, $lng, APACHE_AUTH_TYPE_BY_FUNCTION, APACHE_AUTH_TYPE_DIRECT_MAPPING, APACHE_AUTH_TYPE_EXTENDED_MAPPING, AUTH_APACHE, ApacheCustom\getUsername(), IL_CERT_SSO, ilAuthBase\initAuth(), and Auth\setSessionName().

56  {
57  global $lng;
58 
59  parent::__construct($a_container,$a_addition_options,'',false);
60  $this->setSessionName("_authhttp".md5(CLIENT_ID));
61 
62  $this->apache_settings = new ilSetting('apache_auth');
63 
64  if (defined('IL_CERT_SSO') && IL_CERT_SSO) {
65  // DO NOT DELETE!!!
66  // faking post values is REQUIRED to avoid canceling of the
67  // startup routines
68  // $_POST['username'] = 'xxx';
69  $_POST['password'] = 'yyy';
70  $_POST['sendLogin'] = '1';
71  $_POST['auth_mode'] = AUTH_APACHE;
72  $_POST['cmd[butSubmit]'] = 'Submit';
73 
74  if ($_POST['username'] != 'anonymous') {
75 
76  switch($this->apache_settings->get('apache_auth_username_config_type'))
77  {
78  case APACHE_AUTH_TYPE_DIRECT_MAPPING:
79  $_POST['username'] = $_SERVER[$this->apache_settings->get('apache_auth_username_direct_mapping_fieldname')];
80  break;
81  case APACHE_AUTH_TYPE_EXTENDED_MAPPING:
82  throw new ilException("APACHE_AUTH_TYPE_EXTENDED_MAPPING not yet implemented");
83  case APACHE_AUTH_TYPE_BY_FUNCTION:
84  include_once 'Services/AuthApache/classes/custom_username_func.php';
85  $_POST['username'] = ApacheCustom::getUsername();
86  break;
87  }
88 
89  }
90  }
91 
92  if (defined('IL_CERT_SSO') && IL_CERT_SSO && !$_POST['username']) {
93  $_POST['username'] = '§invalid';
94  $_POST['password'] = 'anonymous';
95  $_SESSION['username_invalid'] = true;
96  }
97 
98  $this->initAuth();
99  }
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:32
ilException
Base class for ILIAS Exception handling.
Definition: class.ilException.php:34
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_POST
$_POST['username']
Definition: cron.php:12
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
IL_CERT_SSO
const IL_CERT_SSO
Definition: index.php:5
ilAuthBase\initAuth
initAuth()
Init auth object Enable logging, set callbacks...
Definition: class.ilAuthBase.php:84
APACHE_AUTH_TYPE_DIRECT_MAPPING
const APACHE_AUTH_TYPE_DIRECT_MAPPING
Definition: class.ilAuthApache.php:24
APACHE_AUTH_TYPE_BY_FUNCTION
const APACHE_AUTH_TYPE_BY_FUNCTION
Definition: class.ilAuthApache.php:26
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:20
APACHE_AUTH_TYPE_EXTENDED_MAPPING
const APACHE_AUTH_TYPE_EXTENDED_MAPPING
Definition: class.ilAuthApache.php:25
Auth\setSessionName
setSessionName($name='session')
Set name of the session to a customized value.
Definition: Auth.php:656
$lng
global $lng
Definition: privfeed.php:40
+ Here is the call graph for this function:

Member Function Documentation

◆ login()

ilAuthApache::login ( )

Definition at line 102 of file class.ilAuthApache.php.

References $_GET, $_POST, $_REQUEST, $_SERVER, $path, ilUtil\getHtmlPath(), IL_CERT_SSO, IL_COOKIE_PATH, ilUtil\redirect(), and ilContext\supportsRedirects().

102  {
103  $skipClasses = array('ilpasswordassistancegui', 'ilaccountregistrationgui');
104  $skipFiles = array('pwassist.php');
105  if(in_array(strtolower($_REQUEST['cmdClass']), $skipClasses))
106  {
107  return;
108  }
109  else
110  {
111  $script = pathinfo($_SERVER['PHP_SELF'], PATHINFO_BASENAME);
112  if(in_array(strtolower($script), $skipFiles))
113  return;
114  }
115  if(
116  !$this->apache_settings->get('apache_auth_authenticate_on_login_page') &&
117  (
118  preg_match('/.*login\.php$/', $_SERVER['SCRIPT_NAME']) ||
119  ((in_array($_REQUEST['cmd'], array('showLogin', 'showTermsOfService')) || isset($_POST['change_lang_to'])) && strtolower($_REQUEST['cmdClass']) == 'ilstartupgui')
120  )
121  )
122  {
123  return;
124  }
125 
126  if(!$this->apache_settings->get('apache_auth_authenticate_on_login_page') && preg_match('/.*login\.php$/', $_SERVER['SCRIPT_NAME']))
127  {
128  return;
129  }
130 
131  if (ilContext::supportsRedirects() && !isset($_GET['passed_sso']) && (!defined('IL_CERT_SSO') || IL_CERT_SSO == false)) {
132 
133  // redirect to sso
134  // this part is executed in default ilias context...
135 
136  $path = $_SERVER['REQUEST_URI'];
137 
138  if ($path{0} == '/') {
139  $path = substr($path, 1);
140  }
141 
142  if (substr($path, 0, 4) != 'http') {
143  $parts = parse_url(ILIAS_HTTP_PATH);
144  $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
145  }
146 
147  $path = urlencode($path);
148  ilUtil::redirect(ilUtil::getHtmlPath('/sso/index.php?force_mode_apache=1&r=' . $path . '&cookie_path='.IL_COOKIE_PATH . '&ilias_path=' . ILIAS_HTTP_PATH));
149  }
150  else {
151  return parent::login();
152  }
153  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_POST
$_POST['username']
Definition: cron.php:12
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
IL_CERT_SSO
const IL_CERT_SSO
Definition: index.php:5
IL_COOKIE_PATH
const IL_COOKIE_PATH
Definition: index.php:6
ilUtil\getHtmlPath
static getHtmlPath($relative_path)
get url of path
Definition: class.ilUtil.php:150
$path
$path
Definition: index.php:22
$_REQUEST
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3635
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:126
+ Here is the call graph for this function:

◆ supportsRedirects()

ilAuthApache::supportsRedirects ( )

Returns true, if the current auth mode allows redirection to e.g to loginScreen, public section...

Returns

Definition at line 44 of file class.ilAuthApache.php.

45  {
46  return true;
47  }

Field Documentation

◆ $apache_settings

ilAuthApache::$apache_settings
private

Definition at line 37 of file class.ilAuthApache.php.

The documentation for this class was generated from the following file: