ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthContainerMDB2.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 include_once 'Auth/Container/MDB2.php';
25 
35 class ilAuthContainerMDB2 extends Auth_Container_MDB2
36 {
37 
41  public function __construct()
42  {
43  global $ilClientIniFile, $ilDB, $ilIliasIniFile;
44 
45  $options['dsn'] = $ilDB->getDSN();
46  $options['table'] = $ilClientIniFile->readVariable('auth', 'table');
47  $options['usernamecol'] = $ilClientIniFile->readVariable('auth', 'usercol');
48  $options['passwordcol'] = $ilClientIniFile->readVariable('auth', 'passcol');
49 
50  // studip mode: check against submitted md5 password for ilSoapUserAdministration::login()
51  // todo: check whether we should put this to another place
52  include_once "Services/Context/classes/class.ilContext.php";
53  if(ilContext::getType() == ilContext::CONTEXT_SOAP) {
54  if (isset($_POST['password']) && (preg_match('/^[a-f0-9]{32,32}$/i', $_POST['password']) || preg_match('/\$2[aby]\$\d{2}\$.{53}/i', $_POST['password'])))
55  {
56  if ($ilIliasIniFile->readVariable('server', 'studip'))
57  {
58  $options['cryptType'] = 'none';
59  }
60  }
61  }
62 
63  parent::__construct($options);
64  }
65 
66 
70  public static function toUsernameWithoutDomain($username)
71  {
72  // Remove all characters including the last slash or the last backslash
73  // in the username
74  $pos = strrpos($username, '/');
75  $pos2 = strrpos($username, '\\');
76  if ($pos === false || $pos < $pos2)
77  {
78  $pos = $pos2;
79  }
80  if ($pos !== false)
81  {
82  $username = substr($username, $pos + 1);
83  }
84  return $username;
85  }
86 
93  function fetchData($username, $password, $isChallengeResponse = false)
94  {
95  $usr_id = ilObjUser::_lookupId($username);
96  $auth_mode = ilObjUser::_lookupAuthMode($usr_id);
97  $auth_id = ilAuthUtils::_getAuthMode($auth_mode);
98 
99  ilLoggerFactory::getLogger('auth')->debug('Current auth id of user: ' . $auth_id);
100 
101  $local_passwords_allowed = false;
102  switch($auth_id)
103  {
104  case AUTH_APACHE:
105  case AUTH_LOCAL:
106  $local_passwords_allowed = true;
107 
108  default:
109  if(ilAuthUtils::isPasswordModificationEnabled($auth_id))
110  {
111  $local_passwords_allowed = true;
112  }
113  }
114  if($local_passwords_allowed)
115  {
116  return parent::fetchData($username, $password, $isChallengeResponse);
117  }
118 
119  ilLoggerFactory::getLogger('auth')->debug('No local password authentication allowed');
120  return false;
121  }
122 
126  public function supportsCaptchaVerification()
127  {
128  return true;
129  }
130 
137  public function verifyPassword($raw, $encoded, $crypt_type = 'md5')
138  {
139  $this->log(__METHOD__ . ' called.', AUTH_LOG_DEBUG);
140 
141  if(in_array($crypt_type, array('none', '')))
142  {
143  return parent::verifyPassword($raw, $encoded, $crypt_type);
144  }
145 
146  require_once 'Services/User/classes/class.ilUserPasswordManager.php';
147  $crypt_type = ilUserPasswordManager::getInstance()->getEncoderName();
148 
149  if(ilUserPasswordManager::getInstance()->isEncodingTypeSupported($crypt_type))
150  {
154  $user = ilObjectFactory::getInstanceByObjId(ilObjUser::_loginExists($this->_auth_obj->username));
155  $user->setPasswd($encoded, IL_PASSWD_CRYPTED);
156 
157  return ilUserPasswordManager::getInstance()->verifyPassword($user, $raw);
158  }
159 
160  // Fall through: Let pear verify the password
161  return parent::verifyPassword($raw, $encoded, $crypt_type);
162  }
163 }
$_POST
$_POST['username']
Definition: cron.php:12
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
AUTH_LOG_DEBUG
const AUTH_LOG_DEBUG
Auth Log level - DEBUG.
Definition: Auth.php:59
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:824
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:20
ilAuthContainerMDB2
Authentication against ILIAS database.
Definition: class.ilAuthContainerMDB2.php:35
Auth_Container_MDB2
Definition: MDB2.php:51
ilObjUser\_loginExists
static _loginExists($a_login, $a_user_id=0)
check if a login name already exists You may exclude a user from the check by giving his user id as 2...
Definition: class.ilObjUser.php:4458
ilAuthContainerMDB2\toUsernameWithoutDomain
static toUsernameWithoutDomain($username)
Static function removes Microsoft domain name from username.
Definition: class.ilAuthContainerMDB2.php:70
Auth_Container_MDB2\$options
$options
Definition: MDB2.php:60
$ilIliasIniFile
global $ilIliasIniFile
Definition: imagemanager.php:32
ilAuthContainerMDB2\fetchData
fetchData($username, $password, $isChallengeResponse=false)
Check for local password in case of auth modes, which allow local authentication. ...
Definition: class.ilAuthContainerMDB2.php:93
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilAuthUtils\_getAuthMode
_getAuthMode($a_auth_mode, $a_db_handler='')
Definition: class.ilAuthUtils.php:363
Auth_Container\verifyPassword
verifyPassword($password1, $password2, $cryptType="md5")
Crypt and verfiy the entered password.
Definition: Container.php:101
ilObjUser\_lookupAuthMode
static _lookupAuthMode($a_usr_id)
lookup auth mode
Definition: class.ilObjUser.php:3755
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
Auth_Container\log
log($message, $level=AUTH_LOG_DEBUG)
Log a message to the Auth log.
Definition: Container.php:246
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
ilContext\getType
static getType()
Get context type.
Definition: class.ilContext.php:204
ilContext\CONTEXT_SOAP
const CONTEXT_SOAP
Definition: class.ilContext.php:22
ilAuthUtils\isPasswordModificationEnabled
static isPasswordModificationEnabled($a_authmode)
Check if password modification is enabled.
Definition: class.ilAuthUtils.php:824
ilUserPasswordManager\getInstance
static getInstance()
Single method to reduce footprint (included files, created instances)
Definition: class.ilUserPasswordManager.php:77