ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilAuthProviderRadius.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 include_once './Services/Authentication/classes/Provider/class.ilAuthProvider.php';
6 include_once './Services/Authentication/interfaces/interface.ilAuthProviderInterface.php';
7 include_once './Services/Authentication/interfaces/interface.ilAuthProviderAccountMigrationInterface.php';
8 
15 class ilAuthProviderRadius extends ilAuthProvider implements ilAuthProviderInterface, ilAuthProviderAccountMigrationInterface
16 {
17  const CONNECT_TIMEOUT = 3;
18  const RETRIES = 1;
19 
23  private $settings = null;
24 
25  private $external_account = '';
26 
27 
28  public function __construct(\ilAuthCredentials $credentials)
29  {
30  parent::__construct($credentials);
31 
32  include_once './Services/Radius/classes/class.ilRadiusSettings.php';
33  $this->settings = ilRadiusSettings::_getInstance();
34  }
35 
36 
41  public function createNewAccount(\ilAuthStatus $status)
42  {
43 
44  }
45 
50  public function doAuthentication(\ilAuthStatus $status)
51  {
52  $radius = radius_auth_open();
53 
54  foreach($this->settings->getServers() as $server)
55  {
56  $this->getLogger()->debug('Using: ' . $server.':'. $this->settings->getPort());
57  radius_add_server(
58  $radius,
59  trim($server),
60  $this->settings->getPort(),
61  $this->settings->getSecret(),
62  self::CONNECT_TIMEOUT,
63  self::RETRIES
64  );
65  }
66 
67  radius_create_request($radius, RADIUS_ACCESS_REQUEST);
68  radius_put_attr($radius, RADIUS_USER_NAME, $this->getCredentials()->getUsername());
69  radius_put_attr($radius, RADIUS_USER_PASSWORD, $this->getCredentials()->getPassword());
70 
71  $this->getLogger()->debug('username: ' . $this->getCredentials()->getUsername());
72 
73  $result = radius_send_request($radius);
74 
75  switch($result)
76  {
77  case RADIUS_ACCESS_ACCEPT:
78  $this->getLogger()->info('Radius authentication successful.');
79  $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
80 
81  $local_login = ilObjUser::_checkExternalAuthAccount('radius',$this->getCredentials()->getUsername());
82  $status->setAuthenticatedUserId(ilObjUser::_lookupId($local_login));
83  return true;
84 
85  case RADIUS_ACCESS_REJECT:
86  $this->getLogger()->info('Radius authentication rejected with message: ' . radius_strerror($radius));
87  $this->handleAuthenticationFail($status, 'err_wrong_login');
88  return false;
89 
90  case RADIUS_ACCESS_CHALLENGE:
91  $this->getLogger()->info('Radius authentication failed (access challenge): ' . radius_strerror($radius));
92  $this->handleAuthenticationFail($status, 'err_wrong_login');
93  return false;
94 
95  default:
96  $this->getLogger()->error('Radius authentication failed with message: ' . radius_strerror($radius));
97  $this->handleAuthenticationFail($status, 'err_wrong_login');
98  return false;
99  }
100  }
101 
106  public function getExternalAccountName()
107  {
108  return $this->external_account;
109  }
110 
115  public function getTriggerAuthMode()
116  {
117  return AUTH_RADIUS;
118  }
119 
124  public function getUserAuthModeName()
125  {
126  return 'radius';
127  }
128 
133  public function migrateAccount(ilAuthStatus $status)
134  {
135 
136  }
137 
138 }
139 ?>
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:11
ilAuthProviderRadius\getExternalAccountName
getExternalAccountName()
get external account name
Definition: class.ilAuthProviderRadius.php:106
$result
$result
Definition: CleanUpTest.php:407
ilAuthProviderRadius\getUserAuthModeName
getUserAuthModeName()
get user auth mode name
Definition: class.ilAuthProviderRadius.php:124
ilAuthProviderRadius
Description of class class.
Definition: class.ilAuthProviderRadius.php:15
ilAuthProviderRadius\createNewAccount
createNewAccount(\ilAuthStatus $status)
create new account
Definition: class.ilAuthProviderRadius.php:41
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:787
ilAuthStatus\setAuthenticatedUserId
setAuthenticatedUserId($a_id)
Definition: class.ilAuthStatus.php:118
ilAuthProviderRadius\__construct
__construct(\ilAuthCredentials $credentials)
Definition: class.ilAuthProviderRadius.php:28
ilAuthProvider
Base class for authentication providers (radius, ldap, apache, ...)
Definition: class.ilAuthProvider.php:11
ilAuthProviderInterface
Standard interface for auth provider implementations.
Definition: interface.ilAuthProviderInterface.php:11
ilAuthStatus\setStatus
setStatus($a_status)
Set auth status.
Definition: class.ilAuthStatus.php:64
ilAuthProviderRadius\doAuthentication
doAuthentication(\ilAuthStatus $status)
do authentication
Definition: class.ilAuthProviderRadius.php:50
ilRadiusSettings\_getInstance
static _getInstance()
singleton get instance
Definition: class.ilRadiusSettings.php:74
ilAuthProvider\getLogger
getLogger()
Get logger.
Definition: class.ilAuthProvider.php:38
$server
$server
Definition: dummy_client.php:12
settings
settings()
Definition: settings.php:2
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3721
ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, $a_reason)
Handle failed authentication.
Definition: class.ilAuthProvider.php:55
ilAuthProviderRadius\getTriggerAuthMode
getTriggerAuthMode()
get trigger auth mode
Definition: class.ilAuthProviderRadius.php:115
ilAuthStatus
Auth status implementation.
Definition: class.ilAuthStatus.php:11
ilAuthProviderRadius\migrateAccount
migrateAccount(ilAuthStatus $status)
Migrate existing account to radius authentication Create new account..
Definition: class.ilAuthProviderRadius.php:133
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9