ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions
ilCASAuth Class Reference

Class CASAuth. More...

+ Inheritance diagram for ilCASAuth:
+ Collaboration diagram for ilCASAuth:

Public Member Functions

 __construct ($a_params)
 Constructor public. More...
 
 checkCASAuth ()
 check cas autehntication More...
 
 forceCASAuth ()
 
 getCASUser ()
 
 login ()
 Checks if the current user is authenticated yet public. More...
 
 logout ()
 Register variable in a session telling that the user has logged in successfully. More...
 

Detailed Description

Class CASAuth.

CAS Authentication class.

Definition at line 37 of file class.ilCASAuth.php.

Constructor & Destructor Documentation

◆ __construct()

ilCASAuth::__construct (   $a_params)

Constructor public.

Definition at line 43 of file class.ilCASAuth.php.

References array, CAS_VERSION_2_0, and phpCAS\client().

44  {
45  if ($a_params["sessionName"] != "")
46  {
47  parent::__construct("", array("sessionName" => $a_params["sessionName"]));
48  }
49  else
50  {
51  parent::__construct("");
52  }
53 
54  include_once("./Services/CAS/lib/CAS.php");
55  $this->server_version = CAS_VERSION_2_0;
56  $this->server_hostname = $a_params["server_hostname"];
57  $this->server_port = (int) $a_params["server_port"];
58  $this->server_uri = $a_params["server_uri"];
59 
60  //phpCAS::setDebug();
61 //echo "-".$_GET['ticket']."-"; exit;
62  phpCAS::client($this->server_version, $this->server_hostname,
63  $this->server_port, (string) $this->server_uri);
64  }
CAS_VERSION_2_0
const CAS_VERSION_2_0
Definition: CAS.php:78
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
phpCAS\client
static client($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true)
phpCAS client initializer.
Definition: CAS.php:338
+ Here is the call graph for this function:

Member Function Documentation

◆ checkCASAuth()

ilCASAuth::checkCASAuth ( )

check cas autehntication

can be called before forceAuthentication, but forceAuthentication must be called afterwards

Definition at line 72 of file class.ilCASAuth.php.

73  {
74  global $PHPCAS_CLIENT;
75 
76  return $PHPCAS_CLIENT->isAuthenticated();
77  }

◆ forceCASAuth()

ilCASAuth::forceCASAuth ( )

Definition at line 79 of file class.ilCASAuth.php.

References phpCAS\forceAuthentication().

80  {
81  phpCAS::forceAuthentication();
82  }
phpCAS\forceAuthentication
static forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:1094
+ Here is the call graph for this function:

◆ getCASUser()

ilCASAuth::getCASUser ( )

Definition at line 84 of file class.ilCASAuth.php.

References phpCAS\getUser().

85  {
86  return phpCAS::getUser();
87  }
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1175
+ Here is the call graph for this function:

◆ login()

ilCASAuth::login ( )

Checks if the current user is authenticated yet public.

Returns
boolean true if user is authenticated Set the maximum idle time
Parameters
integertime in seconds
booladd time to current maximum idle time or not
Returns
void public Set the maximum expire time
Parameters
integertime in seconds
booladd time to current expire time or not
Returns
void public Checks if there is a session with valid auth information.

private

Returns
boolean Whether or not the user is authenticated. Start new auth session

public

Returns
void Login function

private

Returns
void

Definition at line 213 of file class.ilCASAuth.php.

References $ilSetting, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS_NO_ILIAS_USER, phpCAS\getUser(), IL_PASSWD_CRYPTED, logout(), and time.

214  {
215  global $ilias, $rbacadmin, $ilSetting;
216 
217  if (phpCAS::getUser() != "")
218  {
219  $username = phpCAS::getUser();
220 
221  // Authorize this user
222  include_once('./Services/User/classes/class.ilObjUser.php');
223  $local_user = ilObjUser::_checkExternalAuthAccount("cas", $username);
224 
225  if ($local_user != "")
226  {
227  $this->setAuth($local_user);
228  }
229  else
230  {
231  if (!$ilSetting->get("cas_create_users"))
232  {
233  $this->status = AUTH_CAS_NO_ILIAS_USER;
234  $this->logout();
235  return;
236  }
237 
238  $userObj = new ilObjUser();
239 
240  $local_user = ilAuthUtils::_generateLogin($username);
241 
242  $newUser["firstname"] = $local_user;
243  $newUser["lastname"] = "";
244 
245  $newUser["login"] = $local_user;
246 
247  // set "plain md5" password (= no valid password)
248  $newUser["passwd"] = "";
249  $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
250 
251  //$newUser["gender"] = "m";
252  $newUser["auth_mode"] = "cas";
253  $newUser["ext_account"] = $username;
254  $newUser["profile_incomplete"] = 1;
255 
256  // system data
257  $userObj->assignData($newUser);
258  $userObj->setTitle($userObj->getFullname());
259  $userObj->setDescription($userObj->getEmail());
260 
261  // set user language to system language
262  $userObj->setLanguage($ilSetting->get("language"));
263 
264  // Time limit
265  $userObj->setTimeLimitOwner(7);
266  $userObj->setTimeLimitUnlimited(1);
267  $userObj->setTimeLimitFrom(time());
268  $userObj->setTimeLimitUntil(time());
269 
270  // Create user in DB
271  $userObj->setOwner(0);
272  $userObj->create();
273  $userObj->setActive(1);
274 
275  $userObj->updateOwner();
276 
277  //insert user data in table user_data
278  $userObj->saveAsNew();
279 
280  // setup user preferences
281  $userObj->writePrefs();
282 
283  // to do: test this
284  $rbacadmin->assignUser($ilSetting->get('cas_user_default_role'), $userObj->getId(),true);
285 
286  unset($userObj);
287 
288  $this->setAuth($local_user);
289 
290  }
291  }
292  else
293  {
294  // This should never occur unless CAS is not configured properly
295  $this->status = AUTH_WRONG_LOGIN;
296  }
297  }
ilCASAuth\logout
logout()
Register variable in a session telling that the user has logged in successfully.
Definition: class.ilCASAuth.php:341
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1175
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:611
AUTH_CAS_NO_ILIAS_USER
const AUTH_CAS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:42
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3721
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
+ Here is the call graph for this function:

◆ logout()

ilCASAuth::logout ( )

Register variable in a session telling that the user has logged in successfully.

public

Parameters
stringUsername
Returns
void Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

public

Returns
void

Definition at line 341 of file class.ilCASAuth.php.

Referenced by login().

342  {
343  parent::logout();
344  //PHPCAS::logout(); // CAS logout should be provided separately
345  // maybe on ILISA login screen
346  }
+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: