ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilAuthFrontendCredentialsApache.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
5 include_once './Services/Authentication/interfaces/interface.ilAuthCredentials.php';
6 
13 class ilAuthFrontendCredentialsApache extends ilAuthFrontendCredentials implements ilAuthCredentials
14 {
15  private $settings = null;
16 
20  public function __construct()
21  {
22  parent::__construct();
23 
24  include_once './Services/Administration/classes/class.ilSetting.php';
25  $this->settings = new ilSetting('apache_auth');
26  }
27 
32  public function tryAuthenticationOnLoginPage()
33  {
34  if (strcmp((string) $_REQUEST['cmd'], 'force_login') === 0) {
35  return false;
36  }
37 
38  if (!$this->getSettings()->get('apache_enable_auth', false)) {
39  return false;
40  }
41 
42  if (!$this->getSettings()->get('apache_auth_authenticate_on_login_page', false)) {
43  return false;
44  }
45 
46  if (
47  !ilContext::supportsRedirects() ||
48  isset($_GET['passed_sso']) ||
49  (defined('IL_CERT_SSO') && IL_CERT_SSO == '1')
50  ) {
51  return false;
52  }
53 
54  $path = $_SERVER['REQUEST_URI'];
55  if (substr($path, 0, 1) === '/') {
56  $path = substr($path, 1);
57  }
58 
59  if (substr($path, 0, 4) !== 'http') {
60  $parts = parse_url(ILIAS_HTTP_PATH);
61  $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
62  }
63 
64  ilUtil::redirect(
65  ilUtil::getHtmlPath(
66  './sso/index.php?force_mode_apache=1&' .
67  'r=' . urlencode($path) .
68  '&cookie_path=' . urlencode(IL_COOKIE_PATH) .
69  '&ilias_path=' . urlencode(ILIAS_HTTP_PATH)
70  )
71  );
72  }
73 
77  protected function getSettings()
78  {
79  return $this->settings;
80  }
81 
85  public function initFromRequest()
86  {
87  $this->getLogger()->dump($_SERVER, ilLogLevel::DEBUG);
88  $this->getLogger()->debug($this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', ''));
89 
90  include_once './Services/AuthApache/classes/class.ilAuthProviderApache.php';
91 
92  switch ($this->getSettings()->get('apache_auth_username_config_type')) {
93  case ilAuthProviderApache::APACHE_AUTH_TYPE_DIRECT_MAPPING:
94  if (array_key_exists($this->getSettings()->get('apache_auth_username_direct_mapping_fieldname'), $_SERVER)) {
95  $this->setUsername($_SERVER[$this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', '')]);
96  }
97  break;
98 
99  case ilAuthProviderApache::APACHE_AUTH_TYPE_BY_FUNCTION:
100  include_once 'Services/AuthApache/classes/custom_username_func.php';
101  $this->setUsername(ApacheCustom::getUsername());
102  break;
103  }
104  }
105 
109  public function hasValidTargetUrl()
110  {
111  if (!isset($_GET['r']) || 0 == strlen(trim($_GET['r']))) {
112  return false;
113  }
114 
115  $url = trim($_GET['r']);
116 
117  $validDomains = array();
118  $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
119  if (file_exists($path) && is_readable($path)) {
120  foreach (file($path) as $line) {
121  if (trim($line)) {
122  $validDomains[] = trim($line);
123  }
124  }
125  }
126 
127  $urlParts = parse_url($url);
128  $redirectDomain = $urlParts['host'];
129 
130  $validRedirect = false;
131  foreach ($validDomains as $validDomain) {
132  if ($redirectDomain === $validDomain) {
133  $validRedirect = true;
134  break;
135  }
136 
137  if (strlen($redirectDomain) > (strlen($validDomain) + 1)) {
138  if (substr($redirectDomain, (0 - strlen($validDomain) - 1)) === '.' . $validDomain) {
139  $validRedirect = true;
140  break;
141  }
142  }
143  }
144 
145  return $validRedirect;
146  }
147 
151  public function getTargetUrl()
152  {
153  return ilUtil::appendUrlParameterString(trim($_GET['r']), 'passed_sso=1');
154  }
155 }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
ilAuthFrontendCredentialsApache\tryAuthenticationOnLoginPage
tryAuthenticationOnLoginPage()
Check if an authentication attempt should be done when login page has been called.
Definition: class.ilAuthFrontendCredentialsApache.php:32
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:11
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilUtil\appendUrlParameterString
static appendUrlParameterString($a_url, $a_par, $xml_style=false)
append URL parameter string ("par1=value1&par2=value2...") to given URL string
Definition: class.ilUtil.php:2170
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:36
file
Reload workbook from saved file
Definition: 02types-xls.php:163
ilUtil\getHtmlPath
static getHtmlPath($relative_path)
get url of path
Definition: class.ilUtil.php:150
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
settings
settings()
Definition: settings.php:2
$url
$url
Definition: proxy_ylocal.php:28
defined
defined( 'APPLICATION_ENV')||define( 'APPLICATION_ENV'
Definition: bootstrap.php:27
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3353
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:90