ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthContainerMDB2.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once 'Auth/Container/MDB2.php';
25
36{
37
41 public function __construct()
42 {
43 global $ilClientIniFile, $ilDB, $ilIliasIniFile;
44
45 $options['dsn'] = $ilDB->getDSN();
46 $options['table'] = $ilClientIniFile->readVariable('auth', 'table');
47 $options['usernamecol'] = $ilClientIniFile->readVariable('auth', 'usercol');
48 $options['passwordcol'] = $ilClientIniFile->readVariable('auth', 'passcol');
49
50 // studip mode: check against submitted md5 password for ilSoapUserAdministration::login()
51 // todo: check whether we should put this to another place
52 include_once "Services/Context/classes/class.ilContext.php";
54 if (isset($_POST['password']) && (preg_match('/^[a-f0-9]{32,32}$/i', $_POST['password']) || preg_match('/\$2[aby]\$\d{2}\$.{53}/i', $_POST['password'])))
55 {
56 if ($ilIliasIniFile->readVariable('server', 'studip'))
57 {
58 $options['cryptType'] = 'none';
59 }
60 }
61 }
62
63 parent::__construct($options);
64 }
65
66
70 public static function toUsernameWithoutDomain($username)
71 {
72 // Remove all characters including the last slash or the last backslash
73 // in the username
74 $pos = strrpos($username, '/');
75 $pos2 = strrpos($username, '\\');
76 if ($pos === false || $pos < $pos2)
77 {
78 $pos = $pos2;
79 }
80 if ($pos !== false)
81 {
82 $username = substr($username, $pos + 1);
83 }
84 return $username;
85 }
86
93 function fetchData($username, $password, $isChallengeResponse = false)
94 {
95 $usr_id = ilObjUser::_lookupId($username);
96 $auth_mode = ilObjUser::_lookupAuthMode($usr_id);
97 $auth_id = ilAuthUtils::_getAuthMode($auth_mode);
98
99 ilLoggerFactory::getLogger('auth')->debug('Current auth id of user: ' . $auth_id);
100
101 $local_passwords_allowed = false;
102 switch($auth_id)
103 {
104 case AUTH_APACHE:
105 case AUTH_LOCAL:
106 $local_passwords_allowed = true;
107
108 default:
110 {
111 $local_passwords_allowed = true;
112 }
113 }
114 if($local_passwords_allowed)
115 {
116 return parent::fetchData($username, $password, $isChallengeResponse);
117 }
118
119 ilLoggerFactory::getLogger('auth')->debug('No local password authentication allowed');
120 return false;
121 }
122
127 {
128 return true;
129 }
130
137 public function verifyPassword($raw, $encoded, $crypt_type = 'md5')
138 {
139 $this->log(__METHOD__ . ' called.', AUTH_LOG_DEBUG);
140
141 if(in_array($crypt_type, array('none', '')))
142 {
143 return parent::verifyPassword($raw, $encoded, $crypt_type);
144 }
145
146 require_once 'Services/User/classes/class.ilUserPasswordManager.php';
147 $crypt_type = ilUserPasswordManager::getInstance()->getEncoderName();
148
149 if(ilUserPasswordManager::getInstance()->isEncodingTypeSupported($crypt_type))
150 {
154 $user = ilObjectFactory::getInstanceByObjId(ilObjUser::_loginExists($this->_auth_obj->username));
155 $user->setPasswd($encoded, IL_PASSWD_CRYPTED);
156
157 return ilUserPasswordManager::getInstance()->verifyPassword($user, $raw);
158 }
159
160 // Fall through: Let pear verify the password
161 return parent::verifyPassword($raw, $encoded, $crypt_type);
162 }
163}
const AUTH_LOG_DEBUG
Auth Log level - DEBUG.
Definition: Auth.php:59
verifyPassword($password1, $password2, $cryptType="md5")
Crypt and verfiy the entered password.
Definition: Container.php:101
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
Definition: Container.php:246
const AUTH_APACHE
const AUTH_LOCAL
const IL_PASSWD_CRYPTED
Authentication against ILIAS database.
static toUsernameWithoutDomain($username)
Static function removes Microsoft domain name from username.
fetchData($username, $password, $isChallengeResponse=false)
Check for local password in case of auth modes, which allow local authentication.
_getAuthMode($a_auth_mode, $a_db_handler='')
static isPasswordModificationEnabled($a_authmode)
Check if password modification is enabled.
static getType()
Get context type.
const CONTEXT_SOAP
static getLogger($a_component_id)
Get component logger.
static _lookupId($a_user_str)
Lookup id by login.
static _lookupAuthMode($a_usr_id)
lookup auth mode
static _loginExists($a_login, $a_user_id=0)
check if a login name already exists You may exclude a user from the check by giving his user id as 2...
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
static getInstance()
Single method to reduce footprint (included files, created instances)
$_POST['username']
Definition: cron.php:12
global $ilDB
global $ilIliasIniFile