7define (
"AUTH_LOCAL",1);
9define (
"AUTH_RADIUS",3);
10define (
"AUTH_SCRIPT",4);
11define (
"AUTH_SHIBBOLETH",5);
13define (
"AUTH_SOAP",7);
15define (
"AUTH_HTTP",8);
19define (
"AUTH_APACHE",11);
21define (
"AUTH_INACTIVE",18);
23define(
'AUTH_MULTIPLE',20);
25define (
'AUTH_SESSION', 21);
27define(
'AUTH_SOAP_NO_ILIAS_USER', -100);
28define(
'AUTH_LDAP_NO_ILIAS_USER',-200);
29define(
'AUTH_RADIUS_NO_ILIAS_USER',-300);
34define(
'AUTH_APACHE_FAILED', -500);
37define(
'AUTH_MODE_INACTIVE',-1000);
41define(
'AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL', -101);
42define(
'AUTH_CAS_NO_ILIAS_USER', -90);
45define(
'AUTH_USER_WRONG_IP', -600);
46define(
'AUTH_USER_INACTIVE', -601);
47define(
'AUTH_USER_TIME_LIMIT_EXCEEDED', -602);
48define(
'AUTH_USER_SIMULTANEOUS_LOGIN', -603);
49define(
'AUTH_CAPTCHA_INVALID', -604);
52include_once
'./Services/Authentication/classes/class.ilAuthFactory.php';
53require_once(
'Services/Authentication/classes/class.ilSessionControl.php');
80 if(isset(
$_GET[
'ecs_hash']) or isset(
$_GET[
'ecs_hash_url']))
82 include_once
'./Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
84 $credentials->setUsername(
$_GET[
'ecs_login']);
87 include_once
'./Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
89 $providers = $provider_factory->getProviders($credentials);
91 include_once
'./Services/Authentication/classes/class.ilAuthStatus.php';
94 include_once
'./Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
97 $frontend = $frontend_factory->getFrontend(
104 $frontend->authenticate();
106 switch($status->getStatus())
126 $user_auth_mode =
false;
139 (!isset(
$_SESSION[
'_authsession'][
'registered']) ||
140 $_SESSION[
'_authsession'][
'registered'] !==
true))
145 if (isset(
$_POST[
'username']) and
$_POST[
'username'] !=
'' and
$_POST[
'password'] !=
'' or isset(
$_GET[
'ecs_hash']) or isset(
$_GET[
'ecs_hash_url']) or isset(
$_POST[
'oid_username']) or isset(
$_GET[
'oid_check_status']))
226 define (
"AUTH_CURRENT", $user_auth_mode);
243 $authmode = AUTH_CURRENT;
247 if ($authmode ==
null && AUTH_DEFAULT ==
AUTH_APACHE)
252 switch ((
int) $authmode)
256 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
258 include_once
'./Services/LDAP/classes/class.ilAuthContainerLDAP.php';
264 include_once
'./Services/Radius/classes/class.ilAuthContainerRadius.php';
269 include_once
'./Services/AuthShibboleth/classes/class.ilShibboleth.php';
270 $ilAuth =
new ShibAuth(array(),
true);
275 include_once
'./Services/CAS/classes/class.ilAuthContainerCAS.php';
281 include_once
'./Services/SOAPAuth/classes/class.ilAuthContainerSOAP.php';
287 include_once
'./Services/Authentication/classes/class.ilAuthContainerMultiple.php';
292 include_once
'./Services/WebServices/ECS/classes/class.ilAuthContainerECS.php';
298 require_once(
'./Services/Authentication/classes/class.ilAuthInactive.php');
303 include_once
'./Services/AuthApache/classes/class.ilAuthContainerApache.php';
312 require_once
'Services/Authentication/classes/PDO/class.ilPDOAuthentication.php';
315 include_once
'./Services/Database/classes/class.ilAuthContainerMDB2.php';
327 foreach(self::getAuthPlugins() as $pl)
329 $container = $pl->getContainer($authmode);
338 #$GLOBALS['ilLog']->write(__METHOD__.' Using default authentication');
341 require_once
'Services/Authentication/classes/PDO/class.ilPDOAuthentication.php';
344 include_once
'./Services/Database/classes/class.ilAuthContainerMDB2.php';
358 $ilAuth->setExpire(0);
360 ini_set(
"session.cookie_lifetime",
"0");
373 if(isset(
$_GET[
'ecs_hash']) or isset(
$_GET[
'ecs_hash_url']))
378 if(isset(
$_POST[
'auth_mode']))
381 return $_POST[
'auth_mode'];
385 include_once(
'./Services/Authentication/classes/class.ilAuthModeDetermination.php');
388 if(!$det->isManualSelection() and $det->getCountActiveAuthModes() > 1)
397 if ($a_db_handler !=
'')
399 $db =& $a_db_handler;
404 $q =
"SELECT auth_mode FROM usr_data WHERE ".
405 "login = ".$ilDB->quote($a_username);
416 return in_array($auth_mode,self::_getActiveAuthModes()) ? $auth_mode :
AUTH_INACTIVE;
425 if ($a_db_handler !=
'')
427 $db =& $a_db_handler;
431 if(strpos($a_auth_mode,
'_') !== FALSE)
433 $auth_arr = explode(
'_',$a_auth_mode);
434 $auth_switch = $auth_arr[0];
438 $auth_switch = $a_auth_mode;
440 switch ($auth_switch)
448 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
489 switch ((
int) $a_auth_key)
497 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
541 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
545 $modes[
'ldap_'.$sid] = (
AUTH_LDAP.
'_'.$sid);
555 include_once
'./Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
562 foreach(self::getAuthPlugins() as $pl)
564 foreach($pl->getAuthIds() as $auth_id)
566 if($pl->isAuthActive($auth_id))
568 $modes[$pl->getAuthName($auth_id)] = $auth_id;
590 foreach($modes as $mode)
621 $r =
$ilDB->query(
"SELECT login FROM usr_data WHERE login = ".
622 $ilDB->quote($c_login));
623 if (
$r->numRows() > 0)
626 $c_login = $a_login.$postfix;
639 include_once(
'Services/Radius/classes/class.ilRadiusSettings.php');
642 if($rad_settings->isActive())
646 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
660 foreach($pl->getAuthIds() as $auth_id)
662 if($pl->getMultipleAuthModeOptions($auth_id))
679 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
692 include_once(
'Services/Radius/classes/class.ilRadiusSettings.php');
694 if($rad_settings->isActive())
702 $apache_settings =
new ilSetting(
'apache_auth');
720 $default =
$ilSetting->get(
'default_auth_mode',$default);
721 $default = (int) $_REQUEST[
'auth_mode'] ? (
int) $_REQUEST[
'auth_mode'] : $default;
728 $auths = $pl->getAuthIds();
729 foreach($auths as $auth_id)
731 $pl_auth_option = $pl->getMultipleAuthModeOptions($auth_id);
740 if(array_key_exists($default,
$options))
742 $options[$default][
'checked'] =
true;
777 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
784 foreach(self::getAuthPlugins() as $pl)
786 foreach($pl->getAuthIds() as $auth_id)
788 if($pl->isAuthActive($auth_id) and $pl->isExternalAccountNameRequired($auth_id))
811 switch((
int) $a_auth_mode)
845 public static function isPasswordModificationHidden()
850 if (
$ilSetting->get(
'usr_settings_hide_password') ||
$ilSetting->get(
'usr_settings_disable_password')) {
866 switch((
int) $a_authmode)
881 return $ilSetting->get(
"shib_auth_allow_local");
883 return $ilSetting->get(
"soap_auth_allow_local");
902 if (self::isPasswordModificationHidden()) {
908 switch((
int) $a_authmode)
924 return $ilSetting->get(
"shib_auth_allow_local");
926 return $ilSetting->get(
"soap_auth_allow_local");
941 switch((
int) $a_authmode)
972 $pls =
$GLOBALS[
'ilPluginAdmin']->getActivePluginsForSlot(
980 $pl_objs[] =
$GLOBALS[
'ilPluginAdmin']->getPluginObject(
999 switch((
int) $a_auth_key)
1002 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
1008 return $lng->txt(
'auth_'.self::_getAuthModeName($a_auth_key));
An exception for terminatinating execution or to throw for unit testing.
Authentication against ILIAS database.
@classDescription CAS authentication
Custom PEAR Auth Container for ECS auth checks.
Overwritten Pear class AuthContainerLDAP This class is overwritten to support nested groups.
Authentication against ILIAS database.
@classDescription Overwritten Pear class AuthContainerRadius This class is overwritten to support to ...
@classDescription Authentication against external SOAP server
static factory(ilAuthContainerBase $deco)
The factory.
static getContextOptions()
Get options for a specific context.
static setContext($a_context)
set context
Description of class class.
Factory for auth frontend classes.
const CONTEXT_STANDARD_FORM
static _getInstance()
Get instance.
const STATUS_AUTHENTICATED
static getInstance()
Get status instance.
const STATUS_AUTHENTICATION_FAILED
static utility functions used to manage authentication modes
static _allowPasswordModificationByAuthMode($a_auth_mode)
Allow password modification.
static _getAuthMode($a_auth_mode, $a_db_handler='')
static _getActiveAuthModes()
static initSession()
Initialize session.
static supportsLocalPasswordValidation($a_authmode)
Check if local password validation is supported.
static isLocalPasswordEnabledForAuthMode($a_authmode)
Check if local password validation is enabled for a specific auth_mode.
static _getAuthModeOfUser($a_username, $a_password, $a_db_handler='')
static _getMultipleAuthModeOptions($lng)
static _isExternalAccountEnabled()
Check if an external account name is required.
static getAuthPlugins()
Get active enabled auth plugins.
static getAuthModeTranslation($a_auth_key)
static _initAuth()
initialises $ilAuth
static _hasMultipleAuthenticationMethods()
static isPasswordModificationEnabled($a_authmode)
Check if password modification is enabled.
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
static _needsExternalAccountByAuthMode($a_auth_mode)
Check if chosen auth mode needs an external account entry.
static handleForcedAuthentication()
static _getAllAuthModes()
static _getAuthModeName($a_auth_key)
static getInstance()
Get singleton instance.
static goToPublicSection()
go to public section
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static _getServerList()
Get list of all configured servers.
static getInstanceByServerId($a_server_id)
Get instance by server id.
static _getActiveServerList()
Get active server list.
static getAuthModeByKey($a_auth_key)
get auth mode by key
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getLogger($a_component_id)
Get component logger.
static _getInstance()
singleton get instance
static checkExpiredSession()
checks for possibly expired session should be called from ilAuthUtils::__initAuth() so it's called be...
static getIdleValue($fixedMode=false)
Returns the idle time in seconds.
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
defined( 'APPLICATION_ENV')||define( 'APPLICATION_ENV'
if(!is_array($argv)) $options
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
const WebDAV_Authentication