ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilAuthFrontendCredentialsApache.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
5include_once './Services/Authentication/interfaces/interface.ilAuthCredentials.php';
6
13class ilAuthFrontendCredentialsApache extends ilAuthFrontendCredentials implements ilAuthCredentials
14{
15 private $settings = null;
16
20 public function __construct()
21 {
22 parent::__construct();
23
24 include_once './Services/Administration/classes/class.ilSetting.php';
25 $this->settings = new ilSetting('apache_auth');
26 }
27
32 public function tryAuthenticationOnLoginPage()
33 {
34 if(strcmp((string) $_REQUEST['cmd'], 'force_login') === 0)
35 {
36 return false;
37 }
38
39 if(!$this->getSettings()->get('apache_enable_auth',false))
40 {
41 return false;
42 }
43
44 if(!$this->getSettings()->get('apache_auth_authenticate_on_login_page',false))
45 {
46 return false;
47 }
48
49 if(
50 !ilContext::supportsRedirects() ||
51 isset($_GET['passed_sso']) ||
52 (defined('IL_CERT_SSO') && IL_CERT_SSO == '1')
53 )
54 {
55 return false;
56 }
57
58 $path = $_SERVER['REQUEST_URI'];
59 if(substr($path,0,1) === '/')
60 {
61 $path = substr($path, 1);
62 }
63
64 if(substr($path, 0, 4) !== 'http')
65 {
66 $parts = parse_url(ILIAS_HTTP_PATH);
67 $path = $parts['scheme'] . '://'. $parts['host'] . '/' . $path;
68 }
69
70 ilUtil::redirect(
71 ilUtil::getHtmlPath(
72 './sso/index.php?force_mode_apache=1&' .
73 'r=' . urlencode($path) .
74 '&cookie_path=' . urlencode(IL_COOKIE_PATH) .
75 '&ilias_path=' . urlencode(ILIAS_HTTP_PATH)
76 )
77 );
78 }
79
83 protected function getSettings()
84 {
85 return $this->settings;
86 }
87
91 public function initFromRequest()
92 {
93 $this->getLogger()->dump($_SERVER, ilLogLevel::DEBUG);
94 $this->getLogger()->debug($this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', ''));
95
96 include_once './Services/AuthApache/classes/class.ilAuthProviderApache.php';
97
98 switch($this->getSettings()->get('apache_auth_username_config_type'))
99 {
100 case ilAuthProviderApache::APACHE_AUTH_TYPE_DIRECT_MAPPING:
101 if(array_key_exists($this->getSettings()->get('apache_auth_username_direct_mapping_fieldname'), $_SERVER))
102 {
103 $this->setUsername($_SERVER[$this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', '')]);
104 }
105 break;
106
107 case ilAuthProviderApache::APACHE_AUTH_TYPE_BY_FUNCTION:
108 include_once 'Services/AuthApache/classes/custom_username_func.php';
109 $this->setUsername(ApacheCustom::getUsername());
110 break;
111 }
112 }
113
117 public function hasValidTargetUrl()
118 {
119 if(!isset($_GET['r']) || 0 == strlen(trim($_GET['r'])))
120 {
121 return false;
122 }
123
124 $url = trim($_GET['r']);
125
126 $validDomains = array();
127 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
128 if(file_exists($path) && is_readable($path))
129 {
130 foreach(file($path) as $line)
131 {
132 if(trim($line))
133 {
134 $validDomains[] = trim($line);
135 }
136 }
137 }
138
139 $urlParts = parse_url($url);
140 $redirectDomain = $urlParts['host'];
141
142 $validRedirect = false;
143 foreach($validDomains as $validDomain)
144 {
145 if($redirectDomain === $validDomain)
146 {
147 $validRedirect = true;
148 break;
149 }
150
151 if(strlen($redirectDomain) > (strlen($validDomain) + 1))
152 {
153 if(substr($redirectDomain, (0 - strlen($validDomain) - 1)) === '.' . $validDomain)
154 {
155 $validRedirect = true;
156 break;
157 }
158 }
159 }
160
161 return $validRedirect;
162 }
163
167 public function getTargetUrl()
168 {
169 return ilUtil::appendUrlParameterString(trim($_GET['r']), 'passed_sso=1');
170 }
171}
$path
$path
Definition: aliased.php:25
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
php
An exception for terminatinating execution or to throw for unit testing.
ilAuthFrontendCredentialsApache\tryAuthenticationOnLoginPage
tryAuthenticationOnLoginPage()
Check if an authentication attempt should be done when login page has been called.
Definition: class.ilAuthFrontendCredentialsApache.php:32
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:71
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:33
ilUtil\appendUrlParameterString
static appendUrlParameterString($a_url, $a_par, $xml_style=false)
append URL parameter string ("par1=value1&par2=value2...") to given URL string
Definition: class.ilUtil.php:2366
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3567
ilUtil\getHtmlPath
static getHtmlPath($relative_path)
get url of path
Definition: class.ilUtil.php:148
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:12
defined
defined( 'APPLICATION_ENV')||define( 'APPLICATION_ENV'
Definition: bootstrap.php:27
$url
$url
Definition: shib_logout.php:72
settings
settings()
Definition: settings.php:2
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: index.php:26
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54