ilAuthContainerCAS Class Reference
@classDescription CAS authentication More...
Inheritance diagram for ilAuthContainerCAS:
Collaboration diagram for ilAuthContainerCAS:
Public Member Functions | |
| __construct () | |
| forceAuthentication ($username, $status, $auth) | |
| Force CAS authentication. More... | |
| loginObserver ($a_username, $a_auth) | |
| fetchData ($a_username, $a_password, $isChallengeResponse=false) | |
| Public Member Functions inherited from Auth_Container | |
| Auth_Container () | |
| Constructor. More... | |
| fetchData ($username, $password, $isChallengeResponse=false) | |
| Fetch data from storage container. More... | |
| verifyPassword ($password1, $password2, $cryptType="md5") | |
| Crypt and verfiy the entered password. More... | |
| supportsChallengeResponse () | |
| Returns true if the container supports Challenge Response password authentication. More... | |
| getCryptType () | |
| Returns the crypt current crypt type of the container. More... | |
| listUsers () | |
| List all users that are available from the storage container. More... | |
| getUser ($username) | |
| Returns a user assoc array. More... | |
| addUser ($username, $password, $additional=null) | |
| Add a new user to the storage container. More... | |
| removeUser ($username) | |
| Remove user from the storage container. More... | |
| changePassword ($username, $password) | |
| Change password for user in the storage container. More... | |
| log ($message, $level=AUTH_LOG_DEBUG) | |
| Log a message to the Auth log. More... | |
| Public Member Functions inherited from ilAuthContainerBase | |
| loginObserver ($a_username, $a_auth) | |
| Called after successful login. More... | |
| failedLoginObserver ($a_username, $a_auth) | |
| Called after failed login. More... | |
| checkAuthObserver ($a_username, $a_auth) | |
| Called after check auth requests. More... | |
| logoutObserver ($a_username, $a_auth) | |
| Called after logout. More... | |
| supportsCaptchaVerification () | |
| Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form. More... | |
Protected Member Functions | |
| handleLDAPDataSource ($a_auth, $ext_account) | |
| Handle ldap as data source. More... | |
| initCAS () | |
Protected Attributes | |
| $server_version = null | |
| $server_hostname = null | |
| $server_port = null | |
| $server_uri = null | |
Additional Inherited Members | |
| Data Fields inherited from Auth_Container | |
| $activeUser = "" | |
| User that is currently selected from the storage container. More... | |
| $_auth_obj = null | |
| The Auth object this container is attached to. More... | |
Detailed Description
@classDescription CAS authentication
- Version
- $Id$
Definition at line 14 of file class.ilAuthContainerCAS.php.
Constructor & Destructor Documentation
◆ __construct()
| ilAuthContainerCAS::__construct | ( | ) |
Definition at line 26 of file class.ilAuthContainerCAS.php.
References initCAS().
Here is the call graph for this function:
Member Function Documentation
◆ fetchData()
| ilAuthContainerCAS::fetchData | ( | $a_username, | |
| $a_password, | |||
$isChallengeResponse = false |
|||
| ) |
- Returns
- bool
- Parameters
-
string $a_username string $a_password bool $isChallengeResponse,[optional]
Reimplemented from Auth_Container.
Definition at line 208 of file class.ilAuthContainerCAS.php.
209 {
211
214 }
References $ilLog, and $PHPCAS_CLIENT.
◆ forceAuthentication()
| ilAuthContainerCAS::forceAuthentication | ( | $username, | |
| $status, | |||
| $auth | |||
| ) |
Force CAS authentication.
- Returns
- Parameters
-
object $username object $status object $auth
Definition at line 39 of file class.ilAuthContainerCAS.php.
References $ilLog, and $PHPCAS_CLIENT.
◆ handleLDAPDataSource()
|
protected |
Handle ldap as data source.
- Parameters
-
Auth $auth string $ext_account
Definition at line 157 of file class.ilAuthContainerCAS.php.
158 {
159 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
162 );
163
165
166 include_once './Services/LDAP/classes/class.ilLDAPUserSynchronisation.php';
168 $sync->setExternalAccount($ext_account);
169 $sync->setUserData(array());
170 #$sync->forceCreation($this->force_creation);
171 // TODO: Check this
172 $sync->forceCreation(true);
173
174 try {
175 $internal_account = $sync->sync();
176 }
177 catch(UnexpectedValueException $e) {
179 $a_auth->status = AUTH_WRONG_LOGIN;
180 $a_auth->logout();
181 return false;
182 }
184 // No syncronisation allowed => create Error
186 $a_auth->status = AUTH_CAS_NO_ILIAS_USER;
187 $a_auth->logout();
188 return false;
189 }
192 $a_auth->logout();
193 ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
194 }
195 $a_auth->setAuth($internal_account);
196 return true;
197 }
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
Description of ilLDAPAccountMigrationRequiredException.
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:58
Description of ilLDAPSyncronisationException.
Synchronization of user accounts used in auth container ldap, radius , cas,...
Definition: class.ilLDAPUserSynchronisation.php:15
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
References $GLOBALS, $server, AUTH_CAS, AUTH_CAS_NO_ILIAS_USER, AUTH_WRONG_LOGIN, ilLDAPServer\getDataSource(), ilLDAPServer\getInstanceByServerId(), and ilUtil\redirect().
Referenced by loginObserver().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ initCAS()
|
protected |
Definition at line 216 of file class.ilAuthContainerCAS.php.
217 {
218 global $ilSetting;
219
220 include_once("./Services/CAS/lib/CAS.php");
221
222 $this->server_version = CAS_VERSION_2_0;
226
227 phpCAS::setDebug();
228 phpCAS::client(
229 $this->server_version,
230 $this->server_hostname,
231 $this->server_port,
232 $this->server_uri
233 );
235 }
client($server_version, $server_hostname, $server_port, $server_uri, $start_session=true)
phpCAS client initializer.
Definition: CAS.php:366
References $ilSetting, CAS_VERSION_2_0, phpCAS\client(), phpCAS\setDebug(), and phpCAS\setNoCasServerValidation().
Referenced by __construct().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ loginObserver()
| ilAuthContainerCAS::loginObserver | ( | $a_username, | |
| $a_auth | |||
| ) |
Reimplemented from ilAuthContainerBase.
Definition at line 52 of file class.ilAuthContainerCAS.php.
53 {
55
57
58 // Radius with ldap as data source
59 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
61 {
63 }
64
65 include_once("./Services/CAS/lib/CAS.php");
67 {
68 $username = $PHPCAS_CLIENT->getUser();
70
71 // Authorize this user
72 include_once('./Services/User/classes/class.ilObjUser.php');
74
75 if ($local_user != "")
76 {
77 $a_auth->setAuth($local_user);
78 }
79 else
80 {
82 {
83 $a_auth->status = AUTH_CAS_NO_ILIAS_USER;
84 $a_auth->logout();
85 return false;
86 }
87
89
90 $local_user = ilAuthUtils::_generateLogin($username);
91
92 $newUser["firstname"] = $local_user;
93 $newUser["lastname"] = "";
94
95 $newUser["login"] = $local_user;
96
97 // set "plain md5" password (= no valid password)
98 $newUser["passwd"] = "";
100
101 //$newUser["gender"] = "m";
102 $newUser["auth_mode"] = "cas";
103 $newUser["ext_account"] = $username;
104 $newUser["profile_incomplete"] = 1;
105
106 // system data
107 $userObj->assignData($newUser);
108 $userObj->setTitle($userObj->getFullname());
109 $userObj->setDescription($userObj->getEmail());
110
111 // set user language to system language
113
114 // Time limit
115 $userObj->setTimeLimitOwner(7);
116 $userObj->setTimeLimitUnlimited(1);
117 $userObj->setTimeLimitFrom(time());
118 $userObj->setTimeLimitUntil(time());
119
120 // Create user in DB
121 $userObj->setOwner(0);
122 $userObj->create();
123 $userObj->setActive(1);
124
125 $userObj->updateOwner();
126
127 //insert user data in table user_data
128 $userObj->saveAsNew();
129
130 // setup user preferences
131 $userObj->writePrefs();
132
133 // to do: test this
135 unset($userObj);
136
137 $a_auth->setAuth($local_user);
138 return true;
139 }
140 }
141 else
142 {
144
145 // This should never occur unless CAS is not configured properly
146 $a_auth->status = AUTH_WRONG_LOGIN;
147 return false;
148 }
149 return false;
150 }
handleLDAPDataSource($a_auth, $ext_account)
Handle ldap as data source.
Definition: class.ilAuthContainerCAS.php:157
_generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:567
static isDataSourceActive($a_auth_mode)
Check if a data source is active for a specific auth mode @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:299
Definition: class.ilObjUser.php:24
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3766
References $ilLog, $ilSetting, $PHPCAS_CLIENT, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS, AUTH_CAS_NO_ILIAS_USER, AUTH_WRONG_LOGIN, handleLDAPDataSource(), IL_PASSWD_CRYPTED, and ilLDAPServer\isDataSourceActive().
Here is the call graph for this function:
Field Documentation
◆ $server_hostname
|
protected |
Definition at line 19 of file class.ilAuthContainerCAS.php.
◆ $server_port
|
protected |
Definition at line 20 of file class.ilAuthContainerCAS.php.
◆ $server_uri
|
protected |
Definition at line 21 of file class.ilAuthContainerCAS.php.
◆ $server_version
|
protected |
Definition at line 18 of file class.ilAuthContainerCAS.php.
The documentation for this class was generated from the following file:
- Services/CAS/classes/class.ilAuthContainerCAS.php
