ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilAuthFrontendCredentialsApache.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
5include_once './Services/Authentication/interfaces/interface.ilAuthCredentials.php';
6
13class ilAuthFrontendCredentialsApache extends ilAuthFrontendCredentials implements ilAuthCredentials
14{
15 private $settings = null;
16
20 public function __construct()
21 {
22 parent::__construct();
23
24 include_once './Services/Administration/classes/class.ilSetting.php';
25 $this->settings = new ilSetting('apache_auth');
26 }
27
32 public function tryAuthenticationOnLoginPage()
33 {
34 if (strcmp((string) $_REQUEST['cmd'], 'force_login') === 0) {
35 return false;
36 }
37
38 if (!$this->getSettings()->get('apache_enable_auth', false)) {
39 return false;
40 }
41
42 if (!$this->getSettings()->get('apache_auth_authenticate_on_login_page', false)) {
43 return false;
44 }
45
46 if (
47 !ilContext::supportsRedirects() ||
48 isset($_GET['passed_sso']) ||
49 (defined('IL_CERT_SSO') && IL_CERT_SSO == '1')
50 ) {
51 return false;
52 }
53
54 $path = $_SERVER['REQUEST_URI'];
55 if (substr($path, 0, 1) === '/') {
56 $path = substr($path, 1);
57 }
58
59 if (substr($path, 0, 4) !== 'http') {
60 $parts = parse_url(ILIAS_HTTP_PATH);
61 $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
62 }
63
64 ilUtil::redirect(
65 ilUtil::getHtmlPath(
66 './sso/index.php?force_mode_apache=1&' .
67 'r=' . urlencode($path) .
68 '&cookie_path=' . urlencode(IL_COOKIE_PATH) .
69 '&ilias_path=' . urlencode(ILIAS_HTTP_PATH)
70 )
71 );
72 }
73
77 protected function getSettings()
78 {
79 return $this->settings;
80 }
81
85 public function initFromRequest()
86 {
87 $this->getLogger()->dump($_SERVER, ilLogLevel::DEBUG);
88 $this->getLogger()->debug($this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', ''));
89
90 include_once './Services/AuthApache/classes/class.ilAuthProviderApache.php';
91
92 switch ($this->getSettings()->get('apache_auth_username_config_type')) {
93 case ilAuthProviderApache::APACHE_AUTH_TYPE_DIRECT_MAPPING:
94 if (array_key_exists($this->getSettings()->get('apache_auth_username_direct_mapping_fieldname'), $_SERVER)) {
95 $this->setUsername($_SERVER[$this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', '')]);
96 }
97 break;
98
99 case ilAuthProviderApache::APACHE_AUTH_TYPE_BY_FUNCTION:
100 include_once 'Services/AuthApache/classes/custom_username_func.php';
101 $this->setUsername(ApacheCustom::getUsername());
102 break;
103 }
104 }
105
109 public function hasValidTargetUrl()
110 {
111 if (!isset($_GET['r']) || 0 == strlen(trim($_GET['r']))) {
112 return false;
113 }
114
115 $url = trim($_GET['r']);
116
117 $validDomains = array();
118 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
119 if (file_exists($path) && is_readable($path)) {
120 foreach (file($path) as $line) {
121 if (trim($line)) {
122 $validDomains[] = trim($line);
123 }
124 }
125 }
126
127 $urlParts = parse_url($url);
128 $redirectDomain = $urlParts['host'];
129
130 $validRedirect = false;
131 foreach ($validDomains as $validDomain) {
132 if ($redirectDomain === $validDomain) {
133 $validRedirect = true;
134 break;
135 }
136
137 if (strlen($redirectDomain) > (strlen($validDomain) + 1)) {
138 if (substr($redirectDomain, (0 - strlen($validDomain) - 1)) === '.' . $validDomain) {
139 $validRedirect = true;
140 break;
141 }
142 }
143 }
144
145 return $validRedirect;
146 }
147
151 public function getTargetUrl()
152 {
153 return ilUtil::appendUrlParameterString(trim($_GET['r']), 'passed_sso=1');
154 }
155}
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:36
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
php
An exception for terminatinating execution or to throw for unit testing.
ilAuthFrontendCredentialsApache\tryAuthenticationOnLoginPage
tryAuthenticationOnLoginPage()
Check if an authentication attempt should be done when login page has been called.
Definition: class.ilAuthFrontendCredentialsApache.php:32
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:90
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:33
ilUtil\appendUrlParameterString
static appendUrlParameterString($a_url, $a_par, $xml_style=false)
append URL parameter string ("par1=value1&par2=value2...") to given URL string
Definition: class.ilUtil.php:2170
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3353
ilUtil\getHtmlPath
static getHtmlPath($relative_path)
get url of path
Definition: class.ilUtil.php:150
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:12
defined
defined( 'APPLICATION_ENV')||define( 'APPLICATION_ENV'
Definition: bootstrap.php:27
$url
$url
Definition: proxy_ylocal.php:28
settings
settings()
Definition: settings.php:2
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54