ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthApache.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 define ('APACHE_AUTH_TYPE_DIRECT_MAPPING', 1);
25 define ('APACHE_AUTH_TYPE_EXTENDED_MAPPING', 2);
26 define ('APACHE_AUTH_TYPE_BY_FUNCTION', 3);
27 
35 class ilAuthApache extends Auth
36 {
37  private $apache_settings;
38 
44  public function supportsRedirects()
45  {
46  return true;
47  }
48 
55  public function __construct($a_container,$a_addition_options = array())
56  {
57  global $lng;
58 
59  parent::__construct($a_container,$a_addition_options,'',false);
60  $this->setSessionName("_authhttp".md5(CLIENT_ID));
61 
62  $this->apache_settings = new ilSetting('apache_auth');
63 
64  if (defined('IL_CERT_SSO') && IL_CERT_SSO) {
65  // DO NOT DELETE!!!
66  // faking post values is REQUIRED to avoid canceling of the
67  // startup routines
68  // $_POST['username'] = 'xxx';
69  $_POST['password'] = 'yyy';
70  $_POST['sendLogin'] = '1';
71  $_POST['auth_mode'] = AUTH_APACHE;
72  $_POST['cmd[butSubmit]'] = 'Submit';
73 
74  if ($_POST['username'] != 'anonymous') {
75 
76  switch($this->apache_settings->get('apache_auth_username_config_type'))
77  {
78  case APACHE_AUTH_TYPE_DIRECT_MAPPING:
79  $_POST['username'] = $_SERVER[$this->apache_settings->get('apache_auth_username_direct_mapping_fieldname')];
80  break;
81  case APACHE_AUTH_TYPE_EXTENDED_MAPPING:
82  throw new ilException("APACHE_AUTH_TYPE_EXTENDED_MAPPING not yet implemented");
83  case APACHE_AUTH_TYPE_BY_FUNCTION:
84  include_once 'Services/AuthApache/classes/custom_username_func.php';
85  $_POST['username'] = ApacheCustom::getUsername();
86  break;
87  }
88 
89  }
90  }
91 
92  if (defined('IL_CERT_SSO') && IL_CERT_SSO && !$_POST['username']) {
93  $_POST['username'] = '§invalid';
94  $_POST['password'] = 'anonymous';
95  $_SESSION['username_invalid'] = true;
96  }
97 
98  $this->initAuth();
99  }
100 
101 
102  public function login() {
103  $skipClasses = array('ilpasswordassistancegui', 'ilaccountregistrationgui');
104  $skipFiles = array('pwassist.php');
105  if(in_array(strtolower($_REQUEST['cmdClass']), $skipClasses))
106  {
107  return;
108  }
109  else
110  {
111  $script = pathinfo($_SERVER['PHP_SELF'], PATHINFO_BASENAME);
112  if(in_array(strtolower($script), $skipFiles))
113  return;
114  }
115  if(
116  !$this->apache_settings->get('apache_auth_authenticate_on_login_page') &&
117  (
118  preg_match('/.*login\.php$/', $_SERVER['SCRIPT_NAME']) ||
119  ((in_array($_REQUEST['cmd'], array('showLogin', 'showTermsOfService')) || isset($_POST['change_lang_to'])) && strtolower($_REQUEST['cmdClass']) == 'ilstartupgui')
120  )
121  )
122  {
123  return;
124  }
125 
126  if(!$this->apache_settings->get('apache_auth_authenticate_on_login_page') && preg_match('/.*login\.php$/', $_SERVER['SCRIPT_NAME']))
127  {
128  return;
129  }
130 
131  if (ilContext::supportsRedirects() && !isset($_GET['passed_sso']) && (!defined('IL_CERT_SSO') || IL_CERT_SSO == false)) {
132 
133  // redirect to sso
134  // this part is executed in default ilias context...
135 
136  $path = $_SERVER['REQUEST_URI'];
137 
138  if ($path{0} == '/') {
139  $path = substr($path, 1);
140  }
141 
142  if (substr($path, 0, 4) != 'http') {
143  $parts = parse_url(ILIAS_HTTP_PATH);
144  $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
145  }
146 
147  $path = urlencode($path);
148  ilUtil::redirect(ilUtil::getHtmlPath('/sso/index.php?force_mode_apache=1&r=' . $path . '&cookie_path='.IL_COOKIE_PATH . '&ilias_path=' . ILIAS_HTTP_PATH));
149  }
150  else {
151  return parent::login();
152  }
153  }
154 }
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:32
ilException
Base class for ILIAS Exception handling.
Definition: class.ilException.php:34
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_POST
$_POST['username']
Definition: cron.php:12
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
IL_CERT_SSO
const IL_CERT_SSO
Definition: index.php:5
ilAuthBase\initAuth
initAuth()
Init auth object Enable logging, set callbacks...
Definition: class.ilAuthBase.php:84
APACHE_AUTH_TYPE_DIRECT_MAPPING
const APACHE_AUTH_TYPE_DIRECT_MAPPING
Definition: class.ilAuthApache.php:24
APACHE_AUTH_TYPE_BY_FUNCTION
const APACHE_AUTH_TYPE_BY_FUNCTION
Definition: class.ilAuthApache.php:26
IL_COOKIE_PATH
const IL_COOKIE_PATH
Definition: index.php:6
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:20
APACHE_AUTH_TYPE_EXTENDED_MAPPING
const APACHE_AUTH_TYPE_EXTENDED_MAPPING
Definition: class.ilAuthApache.php:25
ilAuthApache\__construct
__construct($a_container, $a_addition_options=array())
Contructor.
Definition: class.ilAuthApache.php:55
ilAuthApache
Apache based authentication
Definition: class.ilAuthApache.php:35
ilAuthApache\supportsRedirects
supportsRedirects()
Returns true, if the current auth mode allows redirection to e.g to loginScreen, public section...
Definition: class.ilAuthApache.php:44
ilUtil\getHtmlPath
static getHtmlPath($relative_path)
get url of path
Definition: class.ilUtil.php:150
Auth\setSessionName
setSessionName($name='session')
Set name of the session to a customized value.
Definition: Auth.php:656
$lng
global $lng
Definition: privfeed.php:40
$path
$path
Definition: index.php:22
$_REQUEST
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3635
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:126