ilCASAuth Class Reference
Class CASAuth. More...
Inheritance diagram for ilCASAuth:
Collaboration diagram for ilCASAuth:
Public Member Functions | |
| ilCASAuth ($a_params) | |
| Constructor @access public. More... | |
| checkCASAuth () | |
| check cas autehntication More... | |
| forceCASAuth () | |
| getCASUser () | |
| login () | |
| Checks if the current user is authenticated yet @access public. More... | |
| logout () | |
| Register variable in a session telling that the user has logged in successfully. More... | |
| Public Member Functions inherited from Auth | |
| Auth ($storageDriver, $options='', $loginFunction='', $showLogin=true) | |
| Constructor. More... | |
| & | applyAuthOptions (&$options) |
| Set the Auth options. More... | |
| _loadStorage () | |
| Load Storage Driver if not already loaded. More... | |
| assignData () | |
| Assign data from login form to internal values. More... | |
| start () | |
| Start new auth session. More... | |
| login () | |
| Login function. More... | |
| setExpire ($time, $add=false) | |
| Set the maximum expire time. More... | |
| setIdle ($time, $add=false) | |
| Set the maximum idle time. More... | |
| setSessionName ($name='session') | |
| Set name of the session to a customized value. More... | |
| setShowLogin ($showLogin=true) | |
| Should the login form be displayed if neccessary? More... | |
| setAllowLogin ($allowLogin=true) | |
| Should the login form be displayed if neccessary? More... | |
| setCheckAuthCallback ($checkAuthCallback) | |
| Register a callback function to be called whenever the validity of the login is checked The function will receive two parameters, the username and a reference to the auth object. More... | |
| setLoginCallback ($loginCallback) | |
| Register a callback function to be called on user login. More... | |
| setFailedLoginCallback ($loginFailedCallback) | |
| Register a callback function to be called on failed user login. More... | |
| setLogoutCallback ($logoutCallback) | |
| Register a callback function to be called on user logout. More... | |
| setAuthData ($name, $value, $overwrite=true) | |
| Register additional information that is to be stored in the session. More... | |
| getAuthData ($name=null) | |
| Get additional information that is stored in the session. More... | |
| setAuth ($username) | |
| Register variable in a session telling that the user has logged in successfully. More... | |
| setAdvancedSecurity ($flag=true) | |
| Enables advanced security checks. More... | |
| checkAuth () | |
| Checks if there is a session with valid auth information. More... | |
| getAuth () | |
| Has the user been authenticated? More... | |
| logout () | |
| Logout function. More... | |
| updateIdle () | |
| Update the idletime. More... | |
| getUsername () | |
| Get the username. More... | |
| getStatus () | |
| Get the current status. More... | |
| getPostUsernameField () | |
| Gets the post varible used for the username. More... | |
| getPostPasswordField () | |
| Gets the post varible used for the username. More... | |
| sessionValidThru () | |
| Returns the time up to the session is valid. More... | |
| listUsers () | |
| List all users that are currently available in the storage container. More... | |
| addUser ($username, $password, $additional='') | |
| Add user to the storage container. More... | |
| removeUser ($username) | |
| Remove user from the storage container. More... | |
| changePassword ($username, $password) | |
| Change password for user in the storage container. More... | |
| log ($message, $level=AUTH_LOG_DEBUG) | |
| Log a message from the Auth system. More... | |
| _loadLogger () | |
| Load Log object if not already loaded. More... | |
| attachLogObserver (&$observer) | |
| Attach an Observer to the Auth Log Source. More... | |
| _isAdvancedSecurityEnabled ($feature=null) | |
| Is advanced security enabled? More... | |
| Public Member Functions inherited from ilAuthBase | |
| getSubStatus () | |
| Get sub status. More... | |
| setSubStatus ($a_sub_status) | |
| Set sub status. More... | |
| supportsRedirects () | |
| Returns true, if the current auth mode allows redirects to e.g the login screen, public section ... More... | |
| getContainer () | |
| Get container object. More... | |
| getExceededUserName () | |
Additional Inherited Members | |
| Static Public Member Functions inherited from Auth | |
| & | _factory ($driver, $options='') |
| Return a storage driver based on $driver and $options. More... | |
| staticCheckAuth ($options=null) | |
| Statically checks if there is a session with valid auth information. More... | |
| Data Fields inherited from Auth | |
| $expire = 0 | |
| $expired = false | |
| $idle = 0 | |
| $idled = false | |
| $storage = '' | |
| $loginFunction = '' | |
| $showLogin = true | |
| $allowLogin = true | |
| $status = '' | |
| $username = '' | |
| $password = '' | |
| $checkAuthCallback = '' | |
| $loginCallback = '' | |
| $loginFailedCallback = '' | |
| $logoutCallback = '' | |
| $_sessionName = '_authsession' | |
| $version = "@version@" | |
| $advancedsecurity = false | |
| $_postUsername = 'username' | |
| $_postPassword = 'password' | |
| $session | |
| $server | |
| $post | |
| $cookie | |
| $authdata | |
| $authChecks = 0 | |
| $logger = null | |
| $enableLogging = false | |
| $regenerateSessionId = false | |
| Protected Member Functions inherited from ilAuthBase | |
| initAuth () | |
| Init auth object Enable logging, set callbacks... More... | |
| loginObserver ($a_username, $a_auth) | |
| Called after successful login. More... | |
| checkExceededLoginAttempts (\ilObjUser $user) | |
| failedLoginObserver ($a_username, $a_auth) | |
| Called after failed login. More... | |
| checkAuthObserver ($a_username, $a_auth) | |
| Called after each check auth request. More... | |
| logoutObserver ($a_username, $a_auth) | |
| Called after logout. More... | |
| Protected Attributes inherited from ilAuthBase | |
| $sub_status = null | |
| $exceeded_user_name | |
Detailed Description
Member Function Documentation
◆ checkCASAuth()
| ilCASAuth::checkCASAuth | ( | ) |
check cas autehntication
can be called before forceAuthentication, but forceAuthentication must be called afterwards
Definition at line 72 of file class.ilCASAuth.php.
73 {
74 global $PHPCAS_CLIENT;
75
77 }
References $PHPCAS_CLIENT.
◆ forceCASAuth()
| ilCASAuth::forceCASAuth | ( | ) |
Definition at line 79 of file class.ilCASAuth.php.
80 {
82 }
forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:961
References phpCAS\forceAuthentication().
Here is the call graph for this function:
◆ getCASUser()
| ilCASAuth::getCASUser | ( | ) |
Definition at line 84 of file class.ilCASAuth.php.
85 {
87 }
References phpCAS\getUser().
Here is the call graph for this function:
◆ ilCASAuth()
| ilCASAuth::ilCASAuth | ( | $a_params | ) |
Constructor @access public.
Definition at line 43 of file class.ilCASAuth.php.
44 {
45 if ($a_params["sessionName"] != "")
46 {
47 parent::Auth("", array("sessionName" => $a_params["sessionName"]));
48 }
49 else
50 {
51 parent::Auth("");
52 }
53
54 include_once("./Services/CAS/lib/CAS.php");
55 $this->server_version = CAS_VERSION_2_0;
56 $this->server_hostname = $a_params["server_hostname"];
57 $this->server_port = (int) $a_params["server_port"];
58 $this->server_uri = $a_params["server_uri"];
59
60 //phpCAS::setDebug();
61//echo "-".$_GET['ticket']."-"; exit;
62 phpCAS::client($this->server_version, $this->server_hostname,
63 $this->server_port, (string) $this->server_uri);
64 }
client($server_version, $server_hostname, $server_port, $server_uri, $start_session=true)
phpCAS client initializer.
Definition: CAS.php:366
References CAS_VERSION_2_0, and phpCAS\client().
Here is the call graph for this function:
◆ login()
| ilCASAuth::login | ( | ) |
Checks if the current user is authenticated yet @access public.
- Returns
- boolean true if user is authenticated Set the maximum idle time
- Parameters
-
integer time in seconds bool add time to current maximum idle time or not
- Returns
- void @access public Set the maximum expire time
- Parameters
-
integer time in seconds bool add time to current expire time or not
- Returns
- void @access public Checks if there is a session with valid auth information.
@access private
- Returns
- boolean Whether or not the user is authenticated. Start new auth session
@access public
- Returns
- void Login function
@access private
- Returns
- void
Reimplemented from Auth.
Definition at line 213 of file class.ilCASAuth.php.
214 {
215 global $ilias, $rbacadmin, $ilSetting;
216
218 {
220
221 // Authorize this user
222 include_once('./Services/User/classes/class.ilObjUser.php');
224
225 if ($local_user != "")
226 {
227 $this->setAuth($local_user);
228 }
229 else
230 {
232 {
233 $this->status = AUTH_CAS_NO_ILIAS_USER;
234 $this->logout();
235 return;
236 }
237
239
241
242 $newUser["firstname"] = $local_user;
243 $newUser["lastname"] = "";
244
245 $newUser["login"] = $local_user;
246
247 // set "plain md5" password (= no valid password)
248 $newUser["passwd"] = "";
250
251 //$newUser["gender"] = "m";
252 $newUser["auth_mode"] = "cas";
254 $newUser["profile_incomplete"] = 1;
255
256 // system data
257 $userObj->assignData($newUser);
258 $userObj->setTitle($userObj->getFullname());
259 $userObj->setDescription($userObj->getEmail());
260
261 // set user language to system language
263
264 // Time limit
265 $userObj->setTimeLimitOwner(7);
266 $userObj->setTimeLimitUnlimited(1);
267 $userObj->setTimeLimitFrom(time());
268 $userObj->setTimeLimitUntil(time());
269
270 // Create user in DB
271 $userObj->setOwner(0);
272 $userObj->create();
273 $userObj->setActive(1);
274
275 $userObj->updateOwner();
276
277 //insert user data in table user_data
278 $userObj->saveAsNew();
279
280 // setup user preferences
281 $userObj->writePrefs();
282
283 // to do: test this
285
286 unset($userObj);
287
288 $this->setAuth($local_user);
289
290 }
291 }
292 else
293 {
294 // This should never occur unless CAS is not configured properly
295 $this->status = AUTH_WRONG_LOGIN;
296 }
297 }
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
setAuth($username)
Register variable in a session telling that the user has logged in successfully.
Definition: Auth.php:823
_generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:567
logout()
Register variable in a session telling that the user has logged in successfully.
Definition: class.ilCASAuth.php:341
Definition: class.ilObjUser.php:24
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3766
References $ilSetting, Auth\$username, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS_NO_ILIAS_USER, AUTH_WRONG_LOGIN, phpCAS\getUser(), IL_PASSWD_CRYPTED, logout(), and Auth\setAuth().
Here is the call graph for this function:
◆ logout()
| ilCASAuth::logout | ( | ) |
Register variable in a session telling that the user has logged in successfully.
@access public
- Parameters
-
string Username
- Returns
- void Logout function
This function clears any auth tokens in the currently active session and executes the logout callback function, if any
@access public
- Returns
- void
Reimplemented from Auth.
Definition at line 341 of file class.ilCASAuth.php.
342 {
343 parent::logout();
344 //PHPCAS::logout(); // CAS logout should be provided separately
345 // maybe on ILISA login screen
346 }
Referenced by login().
Here is the caller graph for this function:
The documentation for this class was generated from the following file:
- Services/CAS/classes/class.ilCASAuth.php
