ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
17 require_once "./Services/Object/classes/class.ilObjectGUI.php";
18 
19 class ilObjAuthSettingsGUI extends ilObjectGUI
20 {
25  public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
26  {
27  $this->type = "auth";
28  parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
29 
30  $this->lng->loadLanguageModule('registration');
31 
32  define('LDAP_DEFAULT_PORT', 389);
33  define('RADIUS_DEFAULT_PORT', 1812);
34  }
35 
36 
37 
38  public function viewObject()
39  {
40  return $this->authSettingsObject();
41  }
42 
43 
49  public function authSettingsObject()
50  {
51  global $rbacsystem, $ilSetting;
52 
53  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
54  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
55  }
56 
57  $this->tabs_gui->setTabActive('authentication_settings');
58  $this->setSubTabs('authSettings');
59  $this->tabs_gui->setSubTabActive("auth_settings");
60 
61  $this->tpl->addBlockFile(
62  "ADM_CONTENT",
63  "adm_content",
64  "tpl.auth_general.html",
65  "Services/Authentication"
66  );
67 
68  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
69  $this->tpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
70 
71  $this->tpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
72  $this->tpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
73  $this->tpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
74  $this->tpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
75 
76  $this->tpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
77  $this->tpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
78  $this->tpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
79 
80  $this->tpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
81 
82  $this->tpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
83  $this->tpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
84 
85  $this->tpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
86 
87  $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
88  $auth_modes = ilAuthUtils::_getAllAuthModes();
89  $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE);
90  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
91  // icon handlers
92  $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
93  $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
94 
95 
96  foreach ($auth_modes as $mode => $mode_name) {
97  if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
98  continue;
99  }
100 
101  $this->tpl->setCurrentBlock('auth_mode');
102 
103  if (ilLDAPServer::isAuthModeLDAP($mode)) {
104  $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
105  $this->tpl->setVariable("AUTH_NAME", $server->getName());
106  $this->tpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
107  } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
108  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
109  $this->tpl->setVariable('AUTH_NAME', $idp->getEntityId());
110  $this->tpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
111  } else {
112  $this->tpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
113  $this->tpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
114  }
115 
116  if ($ilSetting->get('auth_mode') == $mode) {
117  $this->tpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
118 
119  $this->tpl->setVariable(
120  "AUTH_USER_NUM",
121  ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
122  ": " . $auth_cnt["default"] . ")"
123  );
124  } else {
125  $this->tpl->setVariable(
126  "AUTH_USER_NUM",
127  (int) $auth_cnt[$mode_name]
128  );
129  }
130  $this->tpl->setVariable("AUTH_ID", $mode_name);
131  $this->tpl->setVariable("AUTH_VAL", $mode);
132  $this->tpl->parseCurrentBlock();
133  }
134 
135  $this->tpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
136  $this->tpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
137  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
138  $this->tpl->setVariable("CMD_SUBMIT", "setAuthMode");
139 
140  // auth mode determinitation
141  if ($this->initAuthModeDetermination()) {
142  $this->tpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
143  }
144 
145  // roles table
146  $this->tpl->setVariable(
147  "FORMACTION_ROLES",
148  $this->ctrl->getFormAction($this)
149  );
150  $this->tpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
151  $this->tpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
152  $this->tpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
153  $this->tpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
154 
155  include_once("./Services/AccessControl/classes/class.ilObjRole.php");
156  $reg_roles = ilObjRole::_lookupRegisterAllowed();
157 
158  // auth mode selection
159  include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
160  $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
161 
162  foreach ($reg_roles as $role) {
163  foreach ($active_auth_modes as $auth_name => $auth_key) {
164  // do not list auth modes with external login screen
165  // even not default, because it can easily be set to
166  // a non-working auth mode
167  if ($auth_name == "default" || $auth_name == "cas"
168  || $auth_name == 'saml'
169  || $auth_name == "shibboleth" || $auth_name == 'ldap'
170  || $auth_name == 'apache' || $auth_name == "ecs"
171  || $auth_name == "openid") {
172  continue;
173  }
174 
175  $this->tpl->setCurrentBlock("auth_mode_selection");
176 
177  if ($auth_name == 'default') {
178  $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
179  } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
180  $server = ilLDAPServer::getInstanceByServerId($id);
181  $name = $server->getName();
182  } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
183  $idp = ilSamlIdp::getInstanceByIdpId($id);
184  $name = $idp->getEntityId();
185  } else {
186  $name = $this->lng->txt('auth_' . $auth_name);
187  }
188 
189  $this->tpl->setVariable("AUTH_MODE_NAME", $name);
190 
191  $this->tpl->setVariable("AUTH_MODE", $auth_name);
192 
193  if ($role['auth_mode'] == $auth_name) {
194  $this->tpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
195  }
196 
197  $this->tpl->parseCurrentBlock();
198  } // END auth_mode selection
199 
200  $this->tpl->setCurrentBlock("roles");
201  $this->tpl->setVariable("ROLE", $role['title']);
202  $this->tpl->setVariable("ROLE_ID", $role['id']);
203  $this->tpl->parseCurrentBlock();
204  }
205  }
206 
207 
214  public function loginInfoObject()
215  {
216  global $rbacsystem, $lng,$ilSetting;
217 
218  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
219  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
220  }
221 
222  $this->tabs_gui->setTabActive("authentication_settings");
223  $this->setSubTabs("authSettings");
224  $this->tabs_gui->setSubTabActive("auth_login_editor");
225 
226  $lng->loadLanguageModule("meta");
227 
228  $this->tpl->addBlockFile(
229  "ADM_CONTENT",
230  "adm_content",
231  "tpl.auth_login_messages.html",
232  "Services/Authentication"
233  );
234  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
235  $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
236  $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
237  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
238  $this->initLoginForm();
239  $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
240  }
241 
242 
243  public function cancelObject()
244  {
245  $this->ctrl->redirect($this, "authSettings");
246  }
247 
248  public function setAuthModeObject()
249  {
250  global $rbacsystem,$ilSetting;
251 
252  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
253  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
254  }
255 
256  if (empty($_POST["auth_mode"])) {
257  $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
258  }
259 
260  if ($_POST["auth_mode"] == AUTH_DEFAULT) {
261  ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
262  $this->ctrl->redirect($this, 'authSettings');
263  }
264 
265  switch ($_POST["auth_mode"]) {
266  case AUTH_SAML:
267  break;
268 
269  case AUTH_LDAP:
270 
271  /*
272  if ($this->object->checkAuthLDAP() !== true)
273  {
274  ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
275  ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
276  }
277  */
278  break;
279 
280  // @fix changed from AUTH_SHIB > is not defined
281  case AUTH_SHIBBOLETH:
282  if ($this->object->checkAuthSHIB() !== true) {
283  ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
284  ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editSHIB", "", false, false)));
285  }
286  break;
287 
288  case AUTH_RADIUS:
289  if ($this->object->checkAuthRADIUS() !== true) {
290  ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
291  $this->ctrl->redirect($this, 'editRADIUS');
292  }
293  break;
294 
295  case AUTH_SCRIPT:
296  if ($this->object->checkAuthScript() !== true) {
297  ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
298  ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
299  }
300  break;
301  }
302 
303  $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
304 
305  ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
306  $this->ctrl->redirect($this, 'authSettings');
307  }
308 
314  public function editSOAPObject()
315  {
316  global $rbacsystem, $rbacreview, $ilSetting, $ilCtrl, $lng;
317 
318  if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
319  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
320  }
321 
322  $this->tabs_gui->setTabActive('auth_soap');
323 
324  //set Template
325  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
326 
327  // compose role list
328  $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
329  $roles = array();
330 
331  foreach ($role_list as $role) {
332  $roles[$role['obj_id']] = $role['title'];
333  }
334 
335  //set property form gui
336  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
337 
338  $soap_config = new ilPropertyFormGUI();
339  $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
340  $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
341  $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
342  $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
343  $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
344 
345  //set activ
346  $active = new ilCheckboxInputGUI();
347  $active->setTitle($this->lng->txt("active"));
348  $active->setPostVar("soap[active]");
349 
350  //set server
351  $server = new ilTextInputGUI();
352  $server->setTitle($this->lng->txt("server"));
353  $server->setInfo($this->lng->txt("auth_soap_server_desc"));
354  $server->setPostVar("soap[server]");
355  $server->setSize(50);
356  $server->setMaxLength(256);
357  $server->setRequired(true);
358 
359  //set port
360  $port = new ilTextInputGUI();
361  $port->setTitle($this->lng->txt("port"));
362  $port->setInfo($this->lng->txt("auth_soap_port_desc"));
363  $port->setPostVar("soap[port]");
364  $port->setSize(7);
365  $port->setMaxLength(5);
366 
367  //set https
368  $https = new ilCheckboxInputGUI();
369  $https->setTitle($this->lng->txt("auth_soap_use_https"));
370  $https->setPostVar("soap[use_https]");
371 
372  //set uri
373  $uri = new ilTextInputGUI();
374  $uri->setTitle($this->lng->txt("uri"));
375  $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
376  $uri->setPostVar("soap[uri]");
377  $uri->setSize(50);
378  $uri->setMaxLength(256);
379 
380  //set namespace
381  $namespace = new ilTextInputGUI();
382  $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
383  $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
384  $namespace->setPostVar("soap[namespace]");
385  $namespace->setSize(50);
386  $namespace->setMaxLength(256);
387 
388  //set dotnet
389  $dotnet = new ilCheckboxInputGUI();
390  $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
391  $dotnet->setPostVar("soap[use_dotnet]");
392 
393  //set create users
394  $createuser = new ilCheckboxInputGUI();
395  $createuser->setTitle($this->lng->txt("auth_create_users"));
396  $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
397  $createuser->setPostVar("soap[create_users]");
398 
399  //set account mail
400  $sendmail = new ilCheckboxInputGUI();
401  $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
402  $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
403  $sendmail->setPostVar("soap[account_mail]");
404 
405  //set user default role
406  $defaultrole = new ilSelectInputGUI();
407  $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
408  $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
409  $defaultrole->setPostVar("soap[user_default_role]");
410  $defaultrole->setOptions($roles);
411 
412  //set allow local authentication
413  $allowlocal = new ilCheckboxInputGUI();
414  $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
415  $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
416  $allowlocal->setPostVar("soap[allow_local]");
417 
418  // get all settings
419  $settings = $ilSetting->getAll();
420 
421  // get values in error case
422  if ($_SESSION["error_post_vars"]) {
423  $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
424  $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
425  $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
426  $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
427  $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
428  $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
429  $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
430  $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
431  $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
432  $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
433  $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
434  } else {
435  $active ->setChecked($settings["soap_auth_active"]);
436  $server ->setValue($settings["soap_auth_server"]);
437  $port ->setValue($settings["soap_auth_port"]);
438  $https ->setChecked($settings["soap_auth_use_https"]);
439  $uri ->setValue($settings["soap_auth_uri"]);
440  $namespace ->setValue($settings["soap_auth_namespace"]);
441  $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
442  $createuser ->setChecked($settings["soap_auth_create_users"]);
443  $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
444  $defaultrole->setValue($settings["soap_auth_user_default_role"]);
445  $sendmail ->setChecked($settings["soap_auth_account_mail"]);
446  }
447 
448  if (!$defaultrole->getValue()) {
449  $defaultrole->setValue(4);
450  }
451 
452  //add Items to property gui
453  $soap_config->addItem($active);
454  $soap_config->addItem($server);
455  $soap_config->addItem($port);
456  $soap_config->addItem($https);
457  $soap_config->addItem($uri);
458  $soap_config->addItem($namespace);
459  $soap_config->addItem($dotnet);
460  $soap_config->addItem($createuser);
461  $soap_config->addItem($sendmail);
462  $soap_config->addItem($defaultrole);
463  $soap_config->addItem($allowlocal);
464 
465  $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
466 
467  // test form
468  $form = new ilPropertyFormGUI();
469  $form->setFormAction($ilCtrl->getFormAction($this));
470  $form->setTitle("Test Request");
471  $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
472  $form->addItem($text_prop);
473  $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
474  $form->addItem($text_prop2);
475  $cb = new ilCheckboxInputGUI("new_user", "new_user");
476  $form->addItem($cb);
477 
478  $form->addCommandButton(
479  "testSoapAuthConnection",
480  "Send"
481  );
482 
483  if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
484  include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
485  $ret = "<br />" . ilSOAPAuth::testConnection(
486  ilUtil::stripSlashes($_POST["ext_uid"]),
487  ilUtil::stripSlashes($_POST["soap_pw"]),
488  (boolean) $_POST["new_user"]
489  );
490  }
491  $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
492  }
493 
494  public function testSoapAuthConnectionObject()
495  {
496  $this->editSOAPObject();
497  }
498 
504  public function saveSOAPObject()
505  {
506  global $ilUser, $ilSetting, $rbacsystem;
507 
508  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
509  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
510  }
511 
512  // validate required data
513  if (!$_POST["soap"]["server"]) {
514  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
515  }
516 
517  // validate port
518  if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
519  $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
520  }
521 
522  $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
523  $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
524  $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
525  $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
526  $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
527  $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
528  $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
529  $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
530  $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
531  $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
532  $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
533  ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
534 
535  $this->ctrl->redirect($this, 'editSOAP');
536  }
537 
543  public function editScriptObject()
544  {
545  global $rbacsystem;
546 
547  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
548  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
549  }
550 
551  if ($_SESSION["error_post_vars"]) {
552  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
553  } else {
554  // set already saved data
555  $settings = $this->ilias->getAllSettings();
556 
557  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
558  }
559 
560  $this->tabs_gui->setTabActive('auth_script');
561 
562  $this->tpl->addBlockFile(
563  "ADM_CONTENT",
564  "adm_content",
565  "tpl.auth_script.html",
566  "Services/Authentication"
567  );
568 
569  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
570  $this->tpl->setVariable("COLSPAN", 3);
571  $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
572  $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
573  $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
574 
575  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
576  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
577  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
578  $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
579  }
580 
586  public function saveScriptObject()
587  {
588  // validate required data
589  if (!$_POST["auth_script"]["name"]) {
590  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
591  }
592 
593  // validate script url
594  /*
595  if (( TODO ,$_POST["ldap"]["server"])) == false)
596  {
597  $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
598  }*/
599 
600  // TODO: check connection to server
601 
602  // all ok. save settings and activate auth by external script
603  $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
604  $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
605 
606  ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
607  $this->ctrl->redirect($this, 'editScript');
608  }
609 
610 
617  public function getAuthModeTitle()
618  {
619  switch ($this->ilias->getSetting("auth_mode")) {
620  case AUTH_LOCAL:
621  return $this->lng->txt("auth_local");
622  break;
623 
624  case AUTH_LDAP:
625  return $this->lng->txt("auth_ldap");
626  break;
627 
628  case AUTH_SHIBBOLETH:
629  return $this->lng->txt("auth_shib");
630  break;
631 
632  case AUTH_SAML:
633  return $this->lng->txt("auth_saml");
634  break;
635 
636  case AUTH_RADIUS:
637  return $this->lng->txt("auth_radius");
638  break;
639 
640  case AUTH_SCRIPT:
641  return $this->lng->txt("auth_script");
642  break;
643 
644  case AUTH_APACHE:
645  return $this->lng->txt("auth_apache");
646  break;
647 
648  default:
649  return $this->lng->txt("unknown");
650  break;
651  }
652  }
653 
654  public function updateAuthRolesObject()
655  {
656  global $rbacsystem;
657 
658  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
659  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
660  }
661 
662  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
663  ilObjRole::_updateAuthMode($_POST['Fobject']);
664 
665  ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
666  $this->ctrl->redirect($this, 'authSettings');
667  }
668 
674  protected function initAuthModeDetermination()
675  {
676  if (is_object($this->form)) {
677  return true;
678  }
679  // Are there any authentication methods that support automatic determination ?
680 
681  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
682  $det = ilAuthModeDetermination::_getInstance();
683  if ($det->getCountActiveAuthModes() <= 1) {
684  return false;
685  }
686 
687  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
688  $this->form = new ilPropertyFormGUI();
689  $this->form->setFormAction($this->ctrl->getFormAction($this));
690  $this->form->setTableWidth('100%');
691  $this->form->setTitle($this->lng->txt('auth_auth_settings'));
692  $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
693 
694  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
695  $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
696  $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
697  $cap->setValue(1);
698  if (!ilCaptchaUtil::checkFreetype()) {
699  $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
700  }
701  $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
702  $this->form->addItem($cap);
703 
704  $header = new ilFormSectionHeaderGUI();
705  $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
706  $this->form->addItem($header);
707 
708  $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
709  $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
710  $kind->setValue($det->getKind());
711  $kind->setRequired(true);
712 
713  $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
714  $kind->addOption($option_user);
715 
716  $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
717 
718  include_once('Services/Authentication/classes/class.ilAuthUtils.php');
719 
720  $auth_sequenced = $det->getAuthModeSequence();
721  $counter = 1;
722  foreach ($auth_sequenced as $auth_mode) {
723  switch ($auth_mode) {
724  // begin-patch ldap_multiple
725  case ilLDAPServer::isAuthModeLDAP($auth_mode):
726  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
727  $server = ilLDAPServer::getInstanceByServerId($auth_id);
728  $text = $server->getName();
729  // end-patch ldap_multiple
730  break;
731  case AUTH_RADIUS:
732  $text = $this->lng->txt('auth_radius');
733  break;
734  case AUTH_LOCAL:
735  $text = $this->lng->txt('auth_local');
736  break;
737  case AUTH_SOAP:
738  $text = $this->lng->txt('auth_soap');
739  break;
740  case AUTH_APACHE:
741  $text = $this->lng->txt('auth_apache');
742  break;
743  // begin-patch auth_plugin
744  default:
745  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
746  $option = $pl->getMultipleAuthModeOptions($auth_mode);
747  $text = $option[$auth_mode]['txt'];
748  }
749  break;
750  // end-patch auth_plugin
751  }
752 
753  $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
754  $pos->setValue($counter++);
755  $pos->setSize(1);
756  $pos->setMaxLength(1);
757  $option_determination->addSubItem($pos);
758  }
759  $kind->addOption($option_determination);
760  $this->form->addItem($kind);
761  return true;
762  }
763 
770  public function updateAuthModeDeterminationObject()
771  {
772  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
773  $det = ilAuthModeDetermination::_getInstance();
774 
775  $det->setKind((int) $_POST['kind']);
776 
777  $pos = $_POST['position'] ? $_POST['position'] : array();
778  asort($pos, SORT_NUMERIC);
779 
780  $counter = 0;
781  foreach ($pos as $auth_mode => $dummy) {
782  $position[$counter++] = $auth_mode;
783  }
784  $det->setAuthModeSequence($position ? $position : array());
785  $det->save();
786 
787  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
788  ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
789 
790  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
791  $this->authSettingsObject();
792  }
793 
800  public function executeCommand()
801  {
802  global $ilAccess,$ilErr;
803 
804  $next_class = $this->ctrl->getNextClass($this);
805  $cmd = $this->ctrl->getCmd();
806  $this->prepareOutput();
807 
808 
809  if (!$ilAccess->checkAccess('read', '', $this->object->getRefId())) {
810  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
811  }
812 
813  switch ($next_class) {
814  case 'ilsamlsettingsgui':
815  $this->tabs_gui->setTabActive('auth_saml');
816 
817  require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
818  $os = new ilSamlSettingsGUI($this->object->getRefId());
819  $this->ctrl->forwardCommand($os);
820  break;
821 
822  case 'ilregistrationsettingsgui':
823 
824  include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
825 
826  // Enable tabs
827  $this->tabs_gui->setTabActive('registration_settings');
828  $registration_gui = new ilRegistrationSettingsGUI();
829  $this->ctrl->forwardCommand($registration_gui);
830  break;
831 
832  case 'ilpermissiongui':
833 
834  // Enable tabs
835  $this->tabs_gui->setTabActive('perm_settings');
836 
837  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
838  $perm_gui = new ilPermissionGUI($this);
839  $ret =&$this->ctrl->forwardCommand($perm_gui);
840  break;
841 
842  case 'illdapsettingsgui':
843 
844  // Enable Tabs
845  $this->tabs_gui->setTabActive('auth_ldap');
846 
847  include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
848  $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
849  $this->ctrl->forwardCommand($ldap_settings_gui);
850  break;
851 
852  case 'ilauthshibbolethsettingsgui':
853 
854  $this->tabs_gui->setTabActive('auth_shib');
855  include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
856  $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
857  $this->ctrl->forwardCommand($shib_settings_gui);
858  break;
859 
860  case 'ilcassettingsgui':
861 
862  $this->tabs_gui->setTabActive('auth_cas');
863  include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
864  $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
865  $this->ctrl->forwardCommand($cas_settings);
866  break;
867 
868  case 'ilradiussettingsgui':
869 
870  $this->tabs_gui->setTabActive('auth_radius');
871  include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
872  $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
873  $this->ctrl->forwardCommand($radius_settings_gui);
874  break;
875 
876 
877  case 'ilauthloginpageeditorgui':
878 
879  $this->setSubTabs("authSettings");
880  $this->tabs_gui->setTabActive('authentication_settings');
881  $this->tabs_gui->setSubTabActive("auth_login_editor");
882 
883  include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
884  $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
885  $this->ctrl->forwardCommand($lpe);
886  break;
887 
888  default:
889  if (!$cmd) {
890  $cmd = "authSettings";
891  }
892  $cmd .= "Object";
893  $this->$cmd();
894 
895  break;
896  }
897  return true;
898  }
899 
900  public function getAdminTabs()
901  {
902  $this->getTabs();
903  }
904 
910  public function getTabs()
911  {
912  global $rbacsystem;
913 
914  $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
915 
916  if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
917  $this->tabs_gui->addTarget(
918  "authentication_settings",
919  $this->ctrl->getLinkTarget($this, "authSettings"),
920  "",
921  "",
922  ""
923  );
924 
925  $this->tabs_gui->addTarget(
926  'registration_settings',
927  $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
928  );
929 
930  $this->tabs_gui->addTarget(
931  "auth_ldap",
932  $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
933  "",
934  "",
935  ""
936  );
937 
938 
939  #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
940  # "", "", "");
941 
942  $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
943 
944  $this->tabs_gui->addTarget(
945  'auth_cas',
946  $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
947  );
948 
949  $this->tabs_gui->addTarget(
950  "auth_radius",
951  $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
952  "",
953  "",
954  ""
955  );
956 
957  $this->tabs_gui->addTarget(
958  "auth_soap",
959  $this->ctrl->getLinkTarget($this, "editSOAP"),
960  "",
961  "",
962  ""
963  );
964 
965  $this->tabs_gui->addTarget(
966  "apache_auth_settings",
967  $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
968  "",
969  "",
970  ""
971  );
972 
973  require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
974  $this->tabs_gui->addTarget(
975  'auth_saml',
976  $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
977  '',
978  '',
979  ''
980  );
981  }
982 
983  if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
984  $this->tabs_gui->addTarget(
985  "perm_settings",
986  $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
987  array("perm","info","owner"),
988  'ilpermissiongui'
989  );
990  }
991  }
992 
996  public function setSubTabs($a_tab)
997  {
998  global $rbacsystem,$ilUser,$ilAccess;
999 
1000  $GLOBALS['lng']->loadLanguageModule('auth');
1001 
1002  switch ($a_tab) {
1003  case 'authSettings':
1004  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1005  $this->tabs_gui->addSubTabTarget(
1006  "auth_settings",
1007  $this->ctrl->getLinkTarget($this, 'authSettings'),
1008  ""
1009  );
1010  }
1011  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1012  $this->tabs_gui->addSubTabTarget(
1013  'auth_login_editor',
1014  $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1015  ''
1016  );
1017  }
1018  break;
1019  }
1020  }
1021 
1022 
1023  public function apacheAuthSettingsObject($form = false)
1024  {
1025  global $tpl;
1026 
1027  $this->tabs_gui->setTabActive("apache_auth_settings");
1028 
1029  if (!$form) {
1030  $form = $this->getApacheAuthSettingsForm();
1031 
1032  $settings = new ilSetting('apache_auth');
1033  $settingsMap = $settings->getAll();
1034 
1035  $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1036  if (file_exists($path) && is_readable($path)) {
1037  $settingsMap['apache_auth_domains'] = file_get_contents($path);
1038  }
1039 
1040  $form->setValuesByArray($settingsMap);
1041  }
1042  $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1043  }
1044 
1045  public function saveApacheSettingsObject()
1046  {
1047  global $ilCtrl;
1048  $form = $this->getApacheAuthSettingsForm();
1049  $form->setValuesByPost();
1050  /*$items = $form->getItems();
1051  foreach($items as $item)
1052  $item->validate();*/
1053  if ($form->checkInput()) {
1054  $settings = new ilSetting('apache_auth');
1055  $fields = array(
1056  'apache_auth_indicator_name', 'apache_auth_indicator_value',
1057  'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1058  'apache_enable_ldap', 'apache_auth_username_config_type',
1059  'apache_auth_username_direct_mapping_fieldname',
1060  'apache_default_role', 'apache_auth_target_override_login_page',
1061  'apache_auth_enable_override_login_page',
1062  'apache_auth_authenticate_on_login_page',
1063  'apache_ldap_sid'
1064 // 'apache_auth_username_by_function_functionname',
1065  );
1066 
1067  foreach ($fields as $field) {
1068  $settings->set($field, $form->getInput($field));
1069  }
1070 
1071  if ($form->getInput('apache_enable_auth')) {
1072  $this->ilias->setSetting('apache_active', true);
1073  } else {
1074  $this->ilias->setSetting('apache_active', false);
1075  global $ilSetting;
1076  if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1077  $ilSetting->set("auth_mode", AUTH_LOCAL);
1078  }
1079  }
1080 
1081  $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1082  file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1083 
1084  ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1085  $this->ctrl->redirect($this, 'apacheAuthSettings');
1086  } else {
1087  $this->apacheAuthSettingsObject($form);
1088  }
1089  }
1090 
1091  public function getApacheAuthSettingsForm()
1092  {
1093  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1094 
1095  $form = new ilPropertyFormGUI();
1096  $form->setFormAction($this->ctrl->getFormAction($this));
1097  $form->setTitle($this->lng->txt('apache_settings'));
1098 
1099  $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1100  $form->addItem($chb_enabled);
1101 
1102  $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1103  $chb_enabled->addSubitem($chb_local_create_account);
1104 
1105  global $rbacreview;
1106  $roles = $rbacreview->getGlobalRolesArray();
1107  $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1108  $roleOptions = array();
1109  foreach ($roles as $role) {
1110  $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1111  }
1112  $select->setOptions($roleOptions);
1113  $select->setValue(4);
1114 
1115  $chb_local_create_account->addSubitem($select);
1116 
1117  $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1118  $form->addItem($chb_local);
1119 
1120  $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1121  $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1122 
1123  $GLOBALS['lng']->loadLanguageModule('auth');
1124  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1125  $servers = ilLDAPServer::getServerIds();
1126  if (count($servers)) {
1127  $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1128  $options[0] = $this->lng->txt('select_one');
1129  foreach ($servers as $server_id) {
1130  $ldap_server = new ilLDAPServer($server_id);
1131  $options[$server_id] = $ldap_server->getName();
1132  }
1133  $ldap_server_select->setOptions($options);
1134  $ldap_server_select->setRequired(true);
1135 
1136  $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1137  $ldap_server_select->setValue($ds);
1138 
1139  $chb_ldap->addSubItem($ldap_server_select);
1140  }
1141  $form->addItem($chb_ldap);
1142 
1143  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1144  $txt->setRequired(true);
1145  $form->addItem($txt);
1146 
1147  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1148  $txt->setRequired(true);
1149  $form->addItem($txt);
1150 
1151 
1152  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1153  $form->addItem($chb);
1154 
1155  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1156  $txt->setRequired(true);
1157  $chb->addSubItem($txt);
1158 
1159  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1160  $form->addItem($chb);
1161 
1162  $sec = new ilFormSectionHeaderGUI();
1163  $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1164  $form->addItem($sec);
1165 
1166  $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1167  $form->addItem($rag);
1168 
1169  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1170  $rag->addOption($rao);
1171 
1172  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1173  //$txt->setRequired(true);
1174  $rao->addSubItem($txt);
1175 
1176  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1177  $rao->setDisabled(true);
1178  $rag->addOption($rao);
1179 
1180  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1181  $rag->addOption($rao);
1182 
1183  /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1184  $rao->addSubItem($txt);*/
1185 
1186  $sec = new ilFormSectionHeaderGUI();
1187  $sec->setTitle($this->lng->txt('apache_auth_security'));
1188  $form->addItem($sec);
1189 
1190  $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1191  $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1192 
1193  $form->addItem($txt);
1194 
1195  $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1196  $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1197 
1198  return $form;
1199  }
1200 
1201  private function validateApacheAuthAllowedDomains($text)
1202  {
1203  return join("\n", preg_split("/[\r\n]+/", $text));
1204  }
1205 
1210  public function addToExternalSettingsForm($a_form_id)
1211  {
1212  switch ($a_form_id) {
1213  case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1214  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1215  $fields = array(
1216  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1217  );
1218 
1219  return array('authentication_settings' => array('authSettings', $fields));
1220  }
1221  }
1222 } // END class.ilObjAuthSettingsGUI
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:243
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:15
ilUtil\sendSuccess
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
Definition: class.ilUtil.php:4562
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:543
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:357
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:17
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:617
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:325
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:31
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:214
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:509
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId($a_idp_id)
Definition: class.ilSamlIdp.php:102
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:933
$header
$header
Definition: no_cookie.tpl.php:6
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:305
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:245
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:58
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4514
$counter
$counter
Definition: config-scanner.php:59
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:766
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:674
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:314
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:290
$name
if($format !==null) $name
Definition: metadata.php:146
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:586
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids ilDB $ilDB.
Definition: class.ilLDAPServer.php:212
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3751
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor public.
Definition: class.ilSOAPAuth.php:46
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:13
$text
$text
Definition: errorreport.php:18
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:36
$ilUser
$ilUser
Definition: imgupload.php:18
$https
$https
Definition: imgupload.php:19
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:302
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2441
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilSelectInputGUI\setOptions
setOptions($a_options)
Set Options.
Definition: class.ilSelectInputGUI.php:43
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:372
$txt
$txt
Definition: error.php:11
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:49
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4530
$server
$server
Definition: getUserInfo.php:12
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:366
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml($a_auth_mode)
Definition: class.ilSamlIdp.php:228
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:11
$idp
$idp
Definition: prp.php:13
object
Create new PHPExcel object
obj_idprivate
Definition: 01pharSimple.php:37
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:770
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:19
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
$ret
$ret
Definition: parser.php:6
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor public.
Definition: class.ilObjAuthSettingsGUI.php:25
ilRadioOption\setDisabled
setDisabled($a_disabled)
Definition: class.ilRadioOption.php:106
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:504
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:19
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3353
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1449
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$options
if(!isset($_REQUEST['ReturnTo'])) if(!isset($_REQUEST['AuthId'])) $options
Definition: as_login.php:20
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9