@classDescription Overwritten Pear class AuthContainerRadius This class is overwritten to support to perform Radius authentication with specific ILIAS options. More...

Inheritance diagram for ilAuthContainerRadius:

Collaboration diagram for ilAuthContainerRadius:

Public Member Functions
	__construct ()
	Constructor. More...

	forceCreation ($a_status)
	Force creation of user accounts. More...

	loginObserver ($a_username, $a_auth)
	Called from base class after successful login. More...

	supportsCaptchaVerification ()

Protected Member Functions
	handleLDAPDataSource ($a_auth, $ext_account)
	Handle ldap as data source. More...

Private Member Functions
	initSettings ()
	Init radius settings. More...

	initRADIUSAttributeToUser ()
	Init RADIUS attribute mapping. More...

Private Attributes
	$radius_settings = null

	$rad_to_user = null

	$log = null

	$force_creation = false

Detailed Description

@classDescription Overwritten Pear class AuthContainerRadius This class is overwritten to support to perform Radius authentication with specific ILIAS options.

Author: Stefan Meyer <smeyer@ilias@gmx.de>

Version: $Id$

Definition at line 37 of file class.ilAuthContainerRadius.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthContainerRadius::__construct ( )

Constructor.

@access public

Parameters

array An associative array of pear parameters

Definition at line 51 of file class.ilAuthContainerRadius.php.

        {
                $this->initSettings();
                
                // Convert password to latin1
                if($this->radius_settings->getCharset() == ilRadiusSettings::RADIUS_CHARSET_LATIN1)
                {
                        #$_POST['username'] = utf8_decode($_POST['username']);
                        #$_POST['password'] = utf8_decode($_POST['password']);
                        $GLOBALS['ilLog']->write(__METHOD__.': Decoded username and password to latin1.');
                }
 
                parent::__construct($this->radius_settings->toPearAuthArray());
 
        }

References $GLOBALS, initSettings(), and ilRadiusSettings\RADIUS_CHARSET_LATIN1.

Here is the call graph for this function:

Member Function Documentation

◆ forceCreation()

ilAuthContainerRadius::forceCreation ( $a_status )

Force creation of user accounts.

@access public

Parameters

bool	force_creation

Definition at line 81 of file class.ilAuthContainerRadius.php.

        {
                $this->force_creation = true;
        }

◆ handleLDAPDataSource()

ilAuthContainerRadius::handleLDAPDataSource	(	$a_auth,
		$ext_account
	)

protected

Handle ldap as data source.

Parameters

Auth	$auth
string	$ext_account

Definition at line 167 of file class.ilAuthContainerRadius.php.

        {
                include_once './Services/LDAP/classes/class.ilLDAPServer.php';
                $server = ilLDAPServer::getInstanceByServerId(
                        ilLDAPServer::getDataSource(AUTH_RADIUS)
                );
 
                $GLOBALS['ilLog']->write(__METHOD__.'Using ldap data source');
 
                include_once './Services/LDAP/classes/class.ilLDAPUserSynchronisation.php';
                $sync = new ilLDAPUserSynchronisation('radius', $server->getServerId());
                $sync->setExternalAccount($ext_account);
                $sync->setUserData(array());
                $sync->forceCreation($this->force_creation);
 
                try {
                        $internal_account = $sync->sync();
                }
                catch(UnexpectedValueException $e) {
                        $GLOBALS['ilLog']->write(__METHOD__.': Login failed with message: '. $e->getMessage());
                        $a_auth->status = AUTH_WRONG_LOGIN;
                        $a_auth->logout();
                        return false;
                }
                catch(ilLDAPSynchronisationForbiddenException $e) {
                        // No syncronisation allowed => create Error
                        $GLOBALS['ilLog']->write(__METHOD__.': Login failed with message: '. $e->getMessage());
                        $a_auth->status = AUTH_RADIUS_NO_ILIAS_USER;
                        $a_auth->logout();
                        return false;
                }
                catch(ilLDAPAccountMigrationRequiredException $e) {
                        $GLOBALS['ilLog']->write(__METHOD__.': Starting account migration.');
                        $a_auth->logout();
                        ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
                }
 
                $a_auth->setAuth($internal_account);
                return true;
        }

References $GLOBALS, $server, AUTH_RADIUS, AUTH_RADIUS_NO_ILIAS_USER, ilLDAPServer\getDataSource(), ilLDAPServer\getInstanceByServerId(), and ilUtil\redirect().

Referenced by loginObserver().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ initRADIUSAttributeToUser()

ilAuthContainerRadius::initRADIUSAttributeToUser ( )

private

Init RADIUS attribute mapping.

@access private

Definition at line 156 of file class.ilAuthContainerRadius.php.

        {
                include_once('Services/Radius/classes/class.ilRadiusAttributeToUser.php');
                $this->radius_user = new ilRadiusAttributeToUser();
        }

Referenced by loginObserver().

Here is the caller graph for this function:

◆ initSettings()

ilAuthContainerRadius::initSettings ( )

private

Init radius settings.

Returns: void

Definition at line 143 of file class.ilAuthContainerRadius.php.

        {
                include_once 'Services/Radius/classes/class.ilRadiusSettings.php';
                $this->radius_settings = ilRadiusSettings::_getInstance();
        }

References ilRadiusSettings\_getInstance().

Referenced by __construct().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ loginObserver()

ilAuthContainerRadius::loginObserver	(	$a_username,
		$a_auth
	)

Called from base class after successful login.

Parameters

string username

Definition at line 91 of file class.ilAuthContainerRadius.php.

        {
                // Radius with ldap as data source
                include_once './Services/LDAP/classes/class.ilLDAPServer.php';
                if(ilLDAPServer::isDataSourceActive(AUTH_RADIUS))
                {
                        return $this->handleLDAPDataSource($a_auth,$a_username);
                }
 
                $user_data = array_change_key_case($a_auth->getAuthData(),CASE_LOWER);
                $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("radius",$a_username);
 
                if(!$user_data['ilInternalAccount'])
                {
                        if($this->radius_settings->enabledCreation())
                        {
                                if($this->radius_settings->isAccountMigrationEnabled() and !$this->force_creation)
                                {
                                        $a_auth->logout();
                                        $_SESSION['tmp_auth_mode'] = 'radius';
                                        $_SESSION['tmp_auth_mode_type'] = 'radius';
                                        $_SESSION['tmp_external_account'] = $a_username;
                                        $_SESSION['tmp_pass'] = $_POST['password'];
                                        $_SESSION['tmp_roles'] = array(0 => $this->radius_settings->getDefaultRole());
                                
                                        ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
                                }
                                $this->initRADIUSAttributeToUser();
                                $new_name = $this->radius_user->create($a_username);
                                $a_auth->setAuth($new_name);
                                return true;
                        }
                        else
                        {
                                // No syncronisation allowed => create Error
                                $a_auth->status = AUTH_RADIUS_NO_ILIAS_USER;
                                $a_auth->logout();
                                return false;
                        }
                        
                }
                else
                {
                        $a_auth->setAuth($user_data['ilInternalAccount']);
                        return true;
                }
        }

References $_POST, $_SESSION, ilObjUser\_checkExternalAuthAccount(), AUTH_RADIUS, AUTH_RADIUS_NO_ILIAS_USER, handleLDAPDataSource(), initRADIUSAttributeToUser(), ilLDAPServer\isDataSourceActive(), and ilUtil\redirect().

Here is the call graph for this function:

◆ supportsCaptchaVerification()

ilAuthContainerRadius::supportsCaptchaVerification ( )

Returns: bool

Definition at line 211 of file class.ilAuthContainerRadius.php.

        {
                return true;
        }

Field Documentation

◆ $force_creation

ilAuthContainerRadius::$force_creation = false

private

Definition at line 42 of file class.ilAuthContainerRadius.php.

◆ $log

ilAuthContainerRadius::$log = null

private

Definition at line 41 of file class.ilAuthContainerRadius.php.

◆ $rad_to_user

ilAuthContainerRadius::$rad_to_user = null

private

Definition at line 40 of file class.ilAuthContainerRadius.php.

◆ $radius_settings

ilAuthContainerRadius::$radius_settings = null

private

Definition at line 39 of file class.ilAuthContainerRadius.php.

The documentation for this class was generated from the following file:

Services/Radius/classes/class.ilAuthContainerRadius.php

Public Member Functions

Protected Member Functions

Private Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ forceCreation()

◆ handleLDAPDataSource()

◆ initRADIUSAttributeToUser()

◆ initSettings()

◆ loginObserver()

◆ supportsCaptchaVerification()

Field Documentation

◆ $force_creation

◆ $log

◆ $rad_to_user

◆ $radius_settings