7define (
"AUTH_LOCAL",1);
9define (
"AUTH_RADIUS",3);
10define (
"AUTH_SCRIPT",4);
11define (
"AUTH_SHIBBOLETH",5);
13define (
"AUTH_SOAP",7);
15define (
"AUTH_HTTP",8);
18define(
'AUTH_OPENID',10);
20define (
"AUTH_APACHE",11);
22define (
"AUTH_INACTIVE",18);
24define(
'AUTH_MULTIPLE',20);
26define(
'AUTH_SOAP_NO_ILIAS_USER', -100);
27define(
'AUTH_LDAP_NO_ILIAS_USER',-200);
28define(
'AUTH_RADIUS_NO_ILIAS_USER',-300);
29define(
'AUTH_OPENID_NO_ILIAS_USER',-400);
34define(
'AUTH_APACHE_FAILED', -500);
37define(
'AUTH_MODE_INACTIVE',-1000);
41define(
'AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL', -101);
42define(
'AUTH_CAS_NO_ILIAS_USER', -90);
45define(
'AUTH_USER_WRONG_IP', -600);
46define(
'AUTH_USER_INACTIVE', -601);
47define(
'AUTH_USER_TIME_LIMIT_EXCEEDED', -602);
48define(
'AUTH_USER_SIMULTANEOUS_LOGIN', -603);
49define(
'AUTH_CAPTCHA_INVALID', -604);
50define(
'AUTH_USER_INACTIVE_LOGIN_ATTEMPTS', -605);
53include_once
'./Services/Authentication/classes/class.ilAuthFactory.php';
54require_once(
'Services/Authentication/classes/class.ilSessionControl.php');
78 $user_auth_mode =
false;
90 (!isset(
$_SESSION[
'_authsession'][
'registered']) ||
91 $_SESSION[
'_authsession'][
'registered'] !==
true))
94 if (isset(
$_POST[
'username']) and
$_POST[
'username'] !=
'' and
$_POST[
'password'] !=
'' or isset(
$_GET[
'ecs_hash']) or isset(
$_GET[
'ecs_hash_url']) or isset(
$_POST[
'oid_username']) or isset(
$_GET[
'oid_check_status']))
171 define (
"AUTH_CURRENT", $user_auth_mode);
188 $authmode = AUTH_CURRENT;
192 if ($authmode ==
null && AUTH_DEFAULT ==
AUTH_APACHE)
197 switch ((
int) $authmode)
201 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
203 include_once
'./Services/LDAP/classes/class.ilAuthContainerLDAP.php';
209 include_once
'./Services/Radius/classes/class.ilAuthContainerRadius.php';
215 $auth_params = array();
216 $auth_params[
'sessionName'] =
"_authhttp".md5($realm);
217 $ilAuth =
new ShibAuth($auth_params,
true);
222 include_once
'./Services/CAS/classes/class.ilAuthContainerCAS.php';
228 include_once
'./Services/SOAPAuth/classes/class.ilAuthContainerSOAP.php';
234 include_once
'./Services/Authentication/classes/class.ilAuthContainerMultiple.php';
239 include_once
'./Services/WebServices/ECS/classes/class.ilAuthContainerECS.php';
245 include_once
'./Services/OpenId/classes/class.ilAuthContainerOpenId.php';
250 require_once(
'./Services/Authentication/classes/class.ilAuthInactive.php');
255 include_once
'./Services/AuthApache/classes/class.ilAuthContainerApache.php';
263 include_once
'./Services/Database/classes/class.ilAuthContainerMDB2.php';
271 foreach(self::getAuthPlugins() as $pl)
273 $container = $pl->getContainer($authmode);
282 #$GLOBALS['ilLog']->write(__METHOD__.' Using default authentication');
284 include_once
'./Services/Database/classes/class.ilAuthContainerMDB2.php';
297 $ilAuth->setExpire(0);
299 ini_set(
"session.cookie_lifetime",
"0");
312 if(isset(
$_GET[
'ecs_hash']) or isset(
$_GET[
'ecs_hash_url']))
317 if(isset(
$_POST[
'auth_mode']))
320 return $_POST[
'auth_mode'];
323 if(isset(
$_POST[
'oid_username']) or
$_GET[
'oid_check_status'])
329 include_once(
'./Services/Authentication/classes/class.ilAuthModeDetermination.php');
332 if(!$det->isManualSelection() and $det->getCountActiveAuthModes() > 1)
341 if ($a_db_handler !=
'')
343 $db =& $a_db_handler;
348 $q =
"SELECT auth_mode FROM usr_data WHERE ".
349 "login = ".$ilDB->quote($a_username);
360 return in_array($auth_mode,self::_getActiveAuthModes()) ? $auth_mode :
AUTH_INACTIVE;
369 if ($a_db_handler !=
'')
371 $db =& $a_db_handler;
375 if(strpos($a_auth_mode,
'_') !== FALSE)
377 $auth_arr = explode(
'_',$a_auth_mode);
378 $auth_switch = $auth_arr[0];
382 $auth_switch = $a_auth_mode;
384 switch ($auth_switch)
392 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
436 switch ((
int) $a_auth_key)
444 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
491 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
495 $modes[
'ldap_'.$sid] = (
AUTH_LDAP.
'_'.$sid);
505 include_once
'./Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
511 include_once
'./Services/OpenId/classes/class.ilOpenIdSettings.php';
518 foreach(self::getAuthPlugins() as $pl)
520 foreach($pl->getAuthIds() as $auth_id)
522 if($pl->isAuthActive($auth_id))
524 $modes[$pl->getAuthName($auth_id)] = $auth_id;
546 foreach($modes as $mode)
577 $r =
$ilDB->query(
"SELECT login FROM usr_data WHERE login = ".
578 $ilDB->quote($c_login));
579 if (
$r->numRows() > 0)
582 $c_login = $a_login.$postfix;
595 include_once(
'Services/Radius/classes/class.ilRadiusSettings.php');
598 if($rad_settings->isActive())
602 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
616 foreach($pl->getAuthIds() as $auth_id)
618 if($pl->getMultipleAuthModeOptions($auth_id))
635 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
648 include_once(
'Services/Radius/classes/class.ilRadiusSettings.php');
650 if($rad_settings->isActive())
658 $apache_settings =
new ilSetting(
'apache_auth');
676 $default =
$ilSetting->get(
'default_auth_mode',$default);
684 $auths = $pl->getAuthIds();
685 foreach($auths as $auth_id)
687 $pl_auth_option = $pl->getMultipleAuthModeOptions($auth_id);
696 if(array_key_exists($default,
$options))
698 $options[$default][
'checked'] =
true;
733 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
738 include_once
'./Services/OpenId/classes/class.ilOpenIdSettings.php';
745 foreach(self::getAuthPlugins() as $pl)
747 foreach($pl->getAuthIds() as $auth_id)
749 if($pl->isAuthActive($auth_id) and $pl->isExternalAccountNameRequired($auth_id))
772 switch((
int) $a_auth_mode)
807 public static function isPasswordModificationHidden()
812 if (
$ilSetting->get(
'usr_settings_hide_password') ||
$ilSetting->get(
'usr_settings_disable_password')) {
828 if (self::isPasswordModificationHidden()) {
834 switch((
int) $a_authmode)
851 return $ilSetting->get(
"shib_auth_allow_local");
853 return $ilSetting->get(
"soap_auth_allow_local");
868 switch((
int) $a_authmode)
900 $pls =
$GLOBALS[
'ilPluginAdmin']->getActivePluginsForSlot(
908 $pl_objs[] =
$GLOBALS[
'ilPluginAdmin']->getPluginObject(
927 switch((
int) $a_auth_key)
930 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
936 return $lng->txt(
'auth_'.self::_getAuthModeName($a_auth_key));
const DB_FETCHMODE_OBJECT
Authentication against ILIAS database.
@classDescription CAS authentication
Custom PEAR Auth Container for ECS auth checks.
Overwritten Pear class AuthContainerLDAP This class is overwritten to support nested groups.
Authentication against ILIAS database.
@classDescription Pear auth container for openid
@classDescription Overwritten Pear class AuthContainerRadius This class is overwritten to support to ...
@classDescription Authentication against external SOAP server
static factory(ilAuthContainerBase $deco)
The factory.
static setContext($a_context)
set context
static _getInstance()
Get instance.
static utility functions used to manage authentication modes
static _allowPasswordModificationByAuthMode($a_auth_mode)
Allow password modification.
static supportsLocalPasswordValidation($a_authmode)
Check if local password validation is supported.
_getAuthMode($a_auth_mode, $a_db_handler='')
_getAuthModeOfUser($a_username, $a_password, $a_db_handler='')
static _getMultipleAuthModeOptions($lng)
static _isExternalAccountEnabled()
Check if an external account name is required.
static getAuthPlugins()
Get active enabled auth plugins.
static getAuthModeTranslation($a_auth_key)
_generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
static _hasMultipleAuthenticationMethods()
static isPasswordModificationEnabled($a_authmode)
Check if password modification is enabled.
static _needsExternalAccountByAuthMode($a_auth_mode)
Check if chosen auth mode needs an external account entry.
_initAuth()
initialises $ilAuth
static _getAuthModeName($a_auth_key)
static getInstance()
Get singleton instance.
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static _getServerList()
Get list of all configured servers.
static getInstanceByServerId($a_server_id)
Get instance by server id.
static _getActiveServerList()
Get active server list.
static getAuthModeByKey($a_auth_key)
get auth mode by key
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getLogger($a_component_id)
Get component logger.
static getInstance()
Get singleton instance.
static _getInstance()
singleton get instance
static checkExpiredSession()
checks for possibly expired session should be called from ilAuthUtils::__initAuth() so it's called be...
static getIdleValue($fixedMode=false)
Returns the idle time in seconds.
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
if(!is_array($argv)) $options
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
const WebDAV_Authentication