ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions
ilCASAuth Class Reference

Class CASAuth. More...

+ Inheritance diagram for ilCASAuth:
+ Collaboration diagram for ilCASAuth:

Public Member Functions

 __construct ($a_params)
 Constructor @access public. More...
 
 checkCASAuth ()
 check cas autehntication More...
 
 forceCASAuth ()
 
 getCASUser ()
 
 login ()
 Checks if the current user is authenticated yet @access public. More...
 
 logout ()
 Register variable in a session telling that the user has logged in successfully. More...
 

Detailed Description

Class CASAuth.

CAS Authentication class.

Definition at line 37 of file class.ilCASAuth.php.

Constructor & Destructor Documentation

◆ __construct()

ilCASAuth::__construct (   $a_params)

Constructor @access public.

Definition at line 43 of file class.ilCASAuth.php.

44 {
45 if ($a_params["sessionName"] != "")
46 {
47 parent::__construct("", array("sessionName" => $a_params["sessionName"]));
48 }
49 else
50 {
51 parent::__construct("");
52 }
53
54 include_once("./Services/CAS/lib/CAS.php");
55 $this->server_version = CAS_VERSION_2_0;
56 $this->server_hostname = $a_params["server_hostname"];
57 $this->server_port = (int) $a_params["server_port"];
58 $this->server_uri = $a_params["server_uri"];
59
60 //phpCAS::setDebug();
61//echo "-".$_GET['ticket']."-"; exit;
62 phpCAS::client($this->server_version, $this->server_hostname,
63 $this->server_port, (string) $this->server_uri);
64 }
phpCAS\client
static client($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true)
phpCAS client initializer.
Definition: CAS.php:338
CAS_VERSION_2_0
const CAS_VERSION_2_0
Definition: CAS.php:78

References CAS_VERSION_2_0, and phpCAS\client().

+ Here is the call graph for this function:

Member Function Documentation

◆ checkCASAuth()

ilCASAuth::checkCASAuth ( )

check cas autehntication

can be called before forceAuthentication, but forceAuthentication must be called afterwards

Definition at line 72 of file class.ilCASAuth.php.

73 {
74 global $PHPCAS_CLIENT;
75
76 return $PHPCAS_CLIENT->isAuthenticated();
77 }

◆ forceCASAuth()

ilCASAuth::forceCASAuth ( )

Definition at line 79 of file class.ilCASAuth.php.

80 {
81 phpCAS::forceAuthentication();
82 }
phpCAS\forceAuthentication
static forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:1094

References phpCAS\forceAuthentication().

+ Here is the call graph for this function:

◆ getCASUser()

ilCASAuth::getCASUser ( )

Definition at line 84 of file class.ilCASAuth.php.

85 {
86 return phpCAS::getUser();
87 }
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1175

References phpCAS\getUser().

+ Here is the call graph for this function:

◆ login()

ilCASAuth::login ( )

Checks if the current user is authenticated yet @access public.

Returns
boolean true if user is authenticated Set the maximum idle time
Parameters
integertime in seconds
booladd time to current maximum idle time or not
Returns
void @access public Set the maximum expire time
Parameters
integertime in seconds
booladd time to current expire time or not
Returns
void @access public Checks if there is a session with valid auth information.

@access private

Returns
boolean Whether or not the user is authenticated. Start new auth session

@access public

Returns
void Login function

@access private

Returns
void

Definition at line 213 of file class.ilCASAuth.php.

214 {
215 global $ilias, $rbacadmin, $ilSetting;
216
217 if (phpCAS::getUser() != "")
218 {
219 $username = phpCAS::getUser();
220
221 // Authorize this user
222 include_once('./Services/User/classes/class.ilObjUser.php');
223 $local_user = ilObjUser::_checkExternalAuthAccount("cas", $username);
224
225 if ($local_user != "")
226 {
227 $this->setAuth($local_user);
228 }
229 else
230 {
231 if (!$ilSetting->get("cas_create_users"))
232 {
233 $this->status = AUTH_CAS_NO_ILIAS_USER;
234 $this->logout();
235 return;
236 }
237
238 $userObj = new ilObjUser();
239
240 $local_user = ilAuthUtils::_generateLogin($username);
241
242 $newUser["firstname"] = $local_user;
243 $newUser["lastname"] = "";
244
245 $newUser["login"] = $local_user;
246
247 // set "plain md5" password (= no valid password)
248 $newUser["passwd"] = "";
249 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
250
251 //$newUser["gender"] = "m";
252 $newUser["auth_mode"] = "cas";
253 $newUser["ext_account"] = $username;
254 $newUser["profile_incomplete"] = 1;
255
256 // system data
257 $userObj->assignData($newUser);
258 $userObj->setTitle($userObj->getFullname());
259 $userObj->setDescription($userObj->getEmail());
260
261 // set user language to system language
262 $userObj->setLanguage($ilSetting->get("language"));
263
264 // Time limit
265 $userObj->setTimeLimitOwner(7);
266 $userObj->setTimeLimitUnlimited(1);
267 $userObj->setTimeLimitFrom(time());
268 $userObj->setTimeLimitUntil(time());
269
270 // Create user in DB
271 $userObj->setOwner(0);
272 $userObj->create();
273 $userObj->setActive(1);
274
275 $userObj->updateOwner();
276
277 //insert user data in table user_data
278 $userObj->saveAsNew();
279
280 // setup user preferences
281 $userObj->writePrefs();
282
283 // to do: test this
284 $rbacadmin->assignUser($ilSetting->get('cas_user_default_role'), $userObj->getId(),true);
285
286 unset($userObj);
287
288 $this->setAuth($local_user);
289
290 }
291 }
292 else
293 {
294 // This should never occur unless CAS is not configured properly
295 $this->status = AUTH_WRONG_LOGIN;
296 }
297 }
AUTH_CAS_NO_ILIAS_USER
const AUTH_CAS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:42
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:611
ilCASAuth\logout
logout()
Register variable in a session telling that the user has logged in successfully.
Definition: class.ilCASAuth.php:341
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3721
$ilSetting
global $ilSetting
Definition: privfeed.php:17

References $ilSetting, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS_NO_ILIAS_USER, phpCAS\getUser(), IL_PASSWD_CRYPTED, and logout().

+ Here is the call graph for this function:

◆ logout()

ilCASAuth::logout ( )

Register variable in a session telling that the user has logged in successfully.

@access public

Parameters
stringUsername
Returns
void Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

@access public

Returns
void

Definition at line 341 of file class.ilCASAuth.php.

342 {
343 parent::logout();
344 //PHPCAS::logout(); // CAS logout should be provided separately
345 // maybe on ILISA login screen
346 }

Referenced by login().

+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: