ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilBaseAuthentication.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 
14 include_once 'Auth/Auth.php';
15 
16 define('IL_AUTH_MD5',1);
17 define('IL_AUTH_PLAIN',2);
18 
19 class ilBaseAuthentication
20 {
21 
22  /*
23  * Pear object (Auth)
24  * @var object
25  */
26  var $auth = null;
27 
28 
29 
30  /*
31  * session id
32  * @var string
33  */
34  var $sid = '';
35 
36  /*
37  * username
38  * @var string
39  */
40  var $username = '';
41 
42  /*
43  * password
44  * @var string
45  */
46  var $password = '';
47 
48 
49  /*
50  * client id
51  * @var string
52  */
53  var $client = '';
54 
55  function ilBaseAuthentication()
56  {
57  $this->__setMessage('');
58  $this->__setMessageCode('Client');
59  $this->check_setting = true;
60  }
61 
62 
63  // Set/Get
64  function setClient($a_client)
65  {
66  $this->client = $a_client;
67  $_COOKIE['ilClientId'] = $a_client;
68  }
69  function getClient()
70  {
71  return $this->client;
72  }
73  function setUsername($a_username)
74  {
75  $this->username = $a_username;
76  $_POST['username'] = $a_username;
77  }
78  function getUsername()
79  {
80  return $this->username;
81  }
82  function setPassword($a_password)
83  {
84  $this->password = $a_password;
85  $_POST['password'] = $a_password;
86  }
87  function getPassword()
88  {
89  return $this->password;
90  }
91  function setSid($a_sid)
92  {
93  $this->sid = $a_sid;
94  $_COOKIE['PHPSESSID'] = $this->sid;
95  }
96  function getSid()
97  {
98  return $this->sid;
99  }
100 
101  function getMessage()
102  {
103  return $this->message;
104  }
105  function getMessageCode()
106  {
107  return $this->message_code;
108  }
109  function __setMessage($a_message)
110  {
111  $this->message = $a_message;
112  }
113  function __setMessageCode($a_message_code)
114  {
115  $this->message_code = $a_message_code;
116  }
117 
118  function setPasswordType($a_type)
119  {
120  $this->password_type = $a_type;
121  }
122  function getPasswordType()
123  {
124  return isset($this->password_type) ? $this->password_type : IL_AUTH_PLAIN;
125  }
126 
127  function authenticate()
128  {
129  if(!$this->getClient())
130  {
131  $this->__setMessage('No client given');
132  return false;
133  }
134  if(!$this->getUsername())
135  {
136  $this->__setMessage('No username given');
137  return false;
138  }
139  // Read ilias ini
140  if(!$this->__buildDSN())
141  {
142  return false;
143  }
144  if(!$this->__setSessionSaveHandler())
145  {
146  return false;
147  }
148  if(!$this->__buildAuth())
149  {
150  return false;
151  }
152  $this->auth->start();
153 
154  if(!$this->auth->getAuth())
155  {
156  $this->__getAuthStatus();
157 
158  return false;
159  }
160 
161  $this->setSid(session_id());
162 
163  return true;
164  }
165 
166  function start()
167  {
168  if(!$this->getSid())
169  {
170  $this->__setMessage('No session id given');
171  return false;
172  }
173 
174  $this->auth->start();
175 
176  return true;
177  }
178 
179  function validateSession()
180  {
181  if(!$this->getClient())
182  {
183  $this->__setMessage('No client given');
184  return false;
185  }
186  if(!$this->getSid())
187  {
188  $this->__setMessage('No session id given');
189  return false;
190  }
191 
192  if(!$this->__buildAuth())
193  {
194  return false;
195  }
196  if(!$this->__setSessionSaveHandler())
197  {
198  return false;
199  }
200 
201  $this->auth->start();
202  if(!$this->auth->getAuth())
203  {
204  $this->__setMessage('Session not valid');
205 
206  return false;
207  }
208 
209  return true;
210  }
211 
212  function logout()
213  {
214  if(!$this->getClient())
215  {
216  $this->__setMessage('No client given');
217  return false;
218  }
219  if(!$this->getSid())
220  {
221  $this->__setMessage('No session id given');
222  return false;
223  }
224  // logged auth users are authenticated
225  // No preperations are required
226  #if(!$this->__buildAuth())
227  #{
228  # return false;
229  #}
230  #if(!$this->__setSessionSaveHandler())
231  #{
232  # return false;
233  #}
234 
235  // And finally logout
236  #$this->auth->start();
237  $this->auth->logout();
238  session_destroy();
239 
240  return true;
241 
242  }
243 
244  function __buildDSN()
245  {
246  include_once './Services/Init/classes/class.ilIniFile.php';
247 
248  // get ilias ini file
249  $this->ilias_ini =& new ilIniFile('./ilias.ini.php');
250  $this->ilias_ini->read();
251 
252  if(!@file_exists("./".$this->ilias_ini->readVariable('clients','path')."/".$this->getClient()."/client.ini.php"))
253  {
254  $this->__setMessageCode('Client');
255  $this->__setMessage('Client does not exist');
256 
257  return false;
258  }
259 
260  $this->ini =& new ilIniFile("./".$this->ilias_ini->readVariable('clients','path')."/".$this->getClient()."/client.ini.php");
261  $this->ini->read();
262 
263  include_once("./Services/Database/classes/class.ilDBWrapperFactory.php");
264  $this->db = ilDBWrapperFactory::getWrapper($this->ini->readVariable("db","type"),
265  $this->ini->readVariable("db","inactive_mysqli"));
266  $this->db->setDBUser($this->ini->readVariable("db", "user"));
267  $this->db->setDBPassword($this->ini->readVariable("db", "pass"));
268  $this->db->setDBName($this->ini->readVariable("db", "name"));
269  $this->db->setDBHost($this->ini->readVariable("db", "host"));
270  $this->dsn = $this->db->getDSN();
271 
272  return true;
273  }
274 
275  function __buildAuth()
276  {
277 
278  // BEGIN WebDAV
279  // The realm is needed to support a common session between Auth_HTTP and Auth.
280  // It also helps us to distinguish between parallel sessions run on different clients.
281  // Common session only works if we use a common session name starting with "_authhttp".
282  // We must use the "_authttp" prefix, because it is hardcoded in the session name of
283  // class Auth_HTTP.
284  // Note: The realm and sessionName used here, must be the same as in
285  // class ilAuthUtils. Otherwise, Soap clients won't be able to log
286  // in to ILIAS.
287  $realm = $this->getClient();
288  // END WebDAV
289 
290  $this->auth_params = array(
291  'dsn' => $this->db->getDSN(),
292  'table' => $this->ini->readVariable("auth", "table"),
293  'usernamecol' => $this->ini->readVariable("auth", "usercol"),
294  'passwordcol' => $this->ini->readVariable("auth", "passcol"),
295  'sessionName' => "_authhttp".md5($realm)
296  );
297 
298  if($this->getPasswordType() == IL_AUTH_MD5)
299  {
300  $this->auth_params['cryptType'] = 'none';
301  }
302 
303  include_once './Services/Authentication/classes/class.ilAuthContainerDatabase.php';
304  $authContainerDB = new ilAuthContainerDatabase($this->auth_params);
305  $this->auth = new Auth($authContainerDB, $this->auth_params,"",false);
306 
307  return true;
308  }
309 
310  function __setSessionSaveHandler()
311  {
312  require_once "./Services/Authentication/classes/class.ilSessionDBHandler.php";
313  include_once "./Services/Utilities/classes/class.ilUtil.php";
314  include_once './Services/Init/classes/class.ilErrorHandling.php';
315  include_once './Services/Database/classes/class.ilDB.php';
316 
317  $this->db->connect();
318  $GLOBALS['ilDB'] = $this->db;
319 
320  if(ini_get('session.save_handler') != 'user')
321  {
322  ini_set("session.save_handler", "user");
323  }
324  $db_session_handler = new ilSessionDBHandler();
325  if (!$db_session_handler->setSaveHandler())
326  {
327  $this->__setMessageCode('Server');
328  $this->__setMessage('Cannot set session handler');
329 
330  return false;
331  }
332 
333  return true;
334  }
335 
336  function __getAuthStatus()
337  {
338  switch($this->auth->getStatus())
339  {
340  case AUTH_EXPIRED:
341  $this->__setMessageCode('Server');
342  $this->__setMessage('Session expired');
343 
344  return false;
345 
346  case AUTH_IDLED:
347  $this->__setMessageCode('Server');
348  $this->__setMessage('Session idled');
349 
350  return false;
351 
352  case AUTH_WRONG_LOGIN:
353  default:
354  $this->__setMessageCode('Client');
355  $this->__setMessage('Wrong Login or Password');
356 
357  return false;
358 
359 
360  }
361  }
362 }
363 ?>
$_POST
$_POST['username']
Definition: cron.php:12
ilAuthContainerDatabase
Storage driver for fetching login data from a database.
Definition: class.ilAuthContainerDatabase.php:27
ilSessionDBHandler
Database Session Handling.
Definition: class.ilSessionDBHandler.php:14
IL_AUTH_MD5
const IL_AUTH_MD5
base authentication class
Definition: class.ilBaseAuthentication.php:16
$_COOKIE
$_COOKIE["ilClientId"]
Definition: cron.php:11
ilDBWrapperFactory\getWrapper
static getWrapper($a_type, $a_inactive_mysqli=null)
Definition: class.ilDBWrapperFactory.php:17
AUTH_IDLED
const AUTH_IDLED
Returned if session exceeds idle time.
Definition: Auth.php:30
IL_AUTH_PLAIN
const IL_AUTH_PLAIN
Definition: class.ilBaseAuthentication.php:17
AUTH_WRONG_LOGIN
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
AUTH_EXPIRED
const AUTH_EXPIRED
Returned if session has expired.
Definition: Auth.php:34
ilIniFile
INIFile Parser.
Definition: class.ilIniFile.php:37