ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilBaseAuthentication.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4
14include_once 'Auth/Auth.php';
15
16define('IL_AUTH_MD5',1);
17define('IL_AUTH_PLAIN',2);
18
19class ilBaseAuthentication
20{
21
22 /*
23 * Pear object (Auth)
24 * @var object
25 */
26 var $auth = null;
27
28
29
30 /*
31 * session id
32 * @var string
33 */
34 var $sid = '';
35
36 /*
37 * username
38 * @var string
39 */
40 var $username = '';
41
42 /*
43 * password
44 * @var string
45 */
46 var $password = '';
47
48
49 /*
50 * client id
51 * @var string
52 */
53 var $client = '';
54
55 function ilBaseAuthentication()
56 {
57 $this->__setMessage('');
58 $this->__setMessageCode('Client');
59 $this->check_setting = true;
60 }
61
62
63 // Set/Get
64 function setClient($a_client)
65 {
66 $this->client = $a_client;
67 $_COOKIE['ilClientId'] = $a_client;
68 }
69 function getClient()
70 {
71 return $this->client;
72 }
73 function setUsername($a_username)
74 {
75 $this->username = $a_username;
76 $_POST['username'] = $a_username;
77 }
78 function getUsername()
79 {
80 return $this->username;
81 }
82 function setPassword($a_password)
83 {
84 $this->password = $a_password;
85 $_POST['password'] = $a_password;
86 }
87 function getPassword()
88 {
89 return $this->password;
90 }
91 function setSid($a_sid)
92 {
93 $this->sid = $a_sid;
94 $_COOKIE['PHPSESSID'] = $this->sid;
95 }
96 function getSid()
97 {
98 return $this->sid;
99 }
100
101 function getMessage()
102 {
103 return $this->message;
104 }
105 function getMessageCode()
106 {
107 return $this->message_code;
108 }
109 function __setMessage($a_message)
110 {
111 $this->message = $a_message;
112 }
113 function __setMessageCode($a_message_code)
114 {
115 $this->message_code = $a_message_code;
116 }
117
118 function setPasswordType($a_type)
119 {
120 $this->password_type = $a_type;
121 }
122 function getPasswordType()
123 {
124 return isset($this->password_type) ? $this->password_type : IL_AUTH_PLAIN;
125 }
126
127 function authenticate()
128 {
129 if(!$this->getClient())
130 {
131 $this->__setMessage('No client given');
132 return false;
133 }
134 if(!$this->getUsername())
135 {
136 $this->__setMessage('No username given');
137 return false;
138 }
139 // Read ilias ini
140 if(!$this->__buildDSN())
141 {
142 return false;
143 }
144 if(!$this->__setSessionSaveHandler())
145 {
146 return false;
147 }
148 if(!$this->__buildAuth())
149 {
150 return false;
151 }
152 $this->auth->start();
153
154 if(!$this->auth->getAuth())
155 {
156 $this->__getAuthStatus();
157
158 return false;
159 }
160
161 $this->setSid(session_id());
162
163 return true;
164 }
165
166 function start()
167 {
168 if(!$this->getSid())
169 {
170 $this->__setMessage('No session id given');
171 return false;
172 }
173
174 $this->auth->start();
175
176 return true;
177 }
178
179 function validateSession()
180 {
181 if(!$this->getClient())
182 {
183 $this->__setMessage('No client given');
184 return false;
185 }
186 if(!$this->getSid())
187 {
188 $this->__setMessage('No session id given');
189 return false;
190 }
191
192 if(!$this->__buildAuth())
193 {
194 return false;
195 }
196 if(!$this->__setSessionSaveHandler())
197 {
198 return false;
199 }
200
201 $this->auth->start();
202 if(!$this->auth->getAuth())
203 {
204 $this->__setMessage('Session not valid');
205
206 return false;
207 }
208
209 return true;
210 }
211
212 function logout()
213 {
214 if(!$this->getClient())
215 {
216 $this->__setMessage('No client given');
217 return false;
218 }
219 if(!$this->getSid())
220 {
221 $this->__setMessage('No session id given');
222 return false;
223 }
224 // logged auth users are authenticated
225 // No preperations are required
226 #if(!$this->__buildAuth())
227 #{
228 # return false;
229 #}
230 #if(!$this->__setSessionSaveHandler())
231 #{
232 # return false;
233 #}
234
235 // And finally logout
236 #$this->auth->start();
237 $this->auth->logout();
238 session_destroy();
239
240 return true;
241
242 }
243
244 function __buildDSN()
245 {
246 include_once './Services/Init/classes/class.ilIniFile.php';
247
248 // get ilias ini file
249 $this->ilias_ini =& new ilIniFile('./ilias.ini.php');
250 $this->ilias_ini->read();
251
252 if(!@file_exists("./".$this->ilias_ini->readVariable('clients','path')."/".$this->getClient()."/client.ini.php"))
253 {
254 $this->__setMessageCode('Client');
255 $this->__setMessage('Client does not exist');
256
257 return false;
258 }
259
260 $this->ini =& new ilIniFile("./".$this->ilias_ini->readVariable('clients','path')."/".$this->getClient()."/client.ini.php");
261 $this->ini->read();
262
263 include_once("./Services/Database/classes/class.ilDBWrapperFactory.php");
264 $this->db = ilDBWrapperFactory::getWrapper($this->ini->readVariable("db","type"),
265 $this->ini->readVariable("db","inactive_mysqli"));
266 $this->db->setDBUser($this->ini->readVariable("db", "user"));
267 $this->db->setDBPassword($this->ini->readVariable("db", "pass"));
268 $this->db->setDBName($this->ini->readVariable("db", "name"));
269 $this->db->setDBHost($this->ini->readVariable("db", "host"));
270 $this->dsn = $this->db->getDSN();
271
272 return true;
273 }
274
275 function __buildAuth()
276 {
277
278 // BEGIN WebDAV
279 // The realm is needed to support a common session between Auth_HTTP and Auth.
280 // It also helps us to distinguish between parallel sessions run on different clients.
281 // Common session only works if we use a common session name starting with "_authhttp".
282 // We must use the "_authttp" prefix, because it is hardcoded in the session name of
283 // class Auth_HTTP.
284 // Note: The realm and sessionName used here, must be the same as in
285 // class ilAuthUtils. Otherwise, Soap clients won't be able to log
286 // in to ILIAS.
287 $realm = $this->getClient();
288 // END WebDAV
289
290 $this->auth_params = array(
291 'dsn' => $this->db->getDSN(),
292 'table' => $this->ini->readVariable("auth", "table"),
293 'usernamecol' => $this->ini->readVariable("auth", "usercol"),
294 'passwordcol' => $this->ini->readVariable("auth", "passcol"),
295 'sessionName' => "_authhttp".md5($realm)
296 );
297
298 if($this->getPasswordType() == IL_AUTH_MD5)
299 {
300 $this->auth_params['cryptType'] = 'none';
301 }
302
303 include_once './Services/Authentication/classes/class.ilAuthContainerDatabase.php';
304 $authContainerDB = new ilAuthContainerDatabase($this->auth_params);
305 $this->auth = new Auth($authContainerDB, $this->auth_params,"",false);
306
307 return true;
308 }
309
310 function __setSessionSaveHandler()
311 {
312 require_once "./Services/Authentication/classes/class.ilSessionDBHandler.php";
313 include_once "./Services/Utilities/classes/class.ilUtil.php";
314 include_once './Services/Init/classes/class.ilErrorHandling.php';
315 include_once './Services/Database/classes/class.ilDB.php';
316
317 $this->db->connect();
318 $GLOBALS['ilDB'] = $this->db;
319
320 if(ini_get('session.save_handler') != 'user')
321 {
322 ini_set("session.save_handler", "user");
323 }
324 $db_session_handler = new ilSessionDBHandler();
325 if (!$db_session_handler->setSaveHandler())
326 {
327 $this->__setMessageCode('Server');
328 $this->__setMessage('Cannot set session handler');
329
330 return false;
331 }
332
333 return true;
334 }
335
336 function __getAuthStatus()
337 {
338 switch($this->auth->getStatus())
339 {
340 case AUTH_EXPIRED:
341 $this->__setMessageCode('Server');
342 $this->__setMessage('Session expired');
343
344 return false;
345
346 case AUTH_IDLED:
347 $this->__setMessageCode('Server');
348 $this->__setMessage('Session idled');
349
350 return false;
351
352 case AUTH_WRONG_LOGIN:
353 default:
354 $this->__setMessageCode('Client');
355 $this->__setMessage('Wrong Login or Password');
356
357 return false;
358
359
360 }
361 }
362}
363?>
AUTH_EXPIRED
const AUTH_EXPIRED
Returned if session has expired.
Definition: Auth.php:34
AUTH_WRONG_LOGIN
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
AUTH_IDLED
const AUTH_IDLED
Returned if session exceeds idle time.
Definition: Auth.php:30
IL_AUTH_PLAIN
const IL_AUTH_PLAIN
Definition: class.ilBaseAuthentication.php:17
IL_AUTH_MD5
const IL_AUTH_MD5
base authentication class
Definition: class.ilBaseAuthentication.php:16
ilAuthContainerDatabase
Storage driver for fetching login data from a database.
Definition: class.ilAuthContainerDatabase.php:28
ilDBWrapperFactory\getWrapper
static getWrapper($a_type, $a_inactive_mysqli=null)
Definition: class.ilDBWrapperFactory.php:17
ilIniFile
INIFile Parser.
Definition: class.ilIniFile.php:38
ilSessionDBHandler
Database Session Handling.
Definition: class.ilSessionDBHandler.php:15
$_POST
$_POST['username']
Definition: cron.php:12
$_COOKIE
$_COOKIE["ilClientId"]
Definition: cron.php:11
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276