ilAuthProviderShibboleth Class Reference

Shibboleth authentication provider. More...

Inheritance diagram for ilAuthProviderShibboleth:

Collaboration diagram for ilAuthProviderShibboleth:

Public Member Functions
	__construct (\ilAuthCredentials $credentials)
	Constructor. More...
	doAuthentication (\ilAuthStatus $status)
	Do apache auth. More...
Public Member Functions inherited from ilAuthProvider
	__construct (ilAuthCredentials $credentials)
	Constructor. More...
	getLogger ()
	Get logger. More...
	getCredentials ()
	doAuthentication (\ilAuthStatus $status)
	Do authentication. More...

Private Attributes
	$migration_account = ''

Additional Inherited Members
Data Fields inherited from ilAuthProvider
const	STATUS_UNDEFINED = 0
const	STATUS_AUTHENTICATION_SUCCESS = 1
const	STATUS_AUTHENTICATION_FAILED = 2
const	STATUS_MIGRATION = 3
Protected Member Functions inherited from ilAuthProvider
	handleAuthenticationFail (ilAuthStatus $status, $a_reason)
	Handle failed authentication. More...

Detailed Description

Shibboleth authentication provider.

Definition at line 21 of file class.ilAuthProviderShibboleth.php.

Constructor & Destructor Documentation

__construct()

ilAuthProviderShibboleth::__construct

(

\ilAuthCredentials

$credentials

)

Constructor.

Parameters

\ilAuthCredentials

$credentials

Definition at line 30 of file class.ilAuthProviderShibboleth.php.

    {
        parent::__construct($credentials);
    }

References ilAuthProvider\$credentials.

Member Function Documentation

doAuthentication()

ilAuthProviderShibboleth::doAuthentication

(

\ilAuthStatus

$status

)

Do apache auth.

Parameters

\ilAuthStatus

$status

Implements ilAuthProviderInterface.

Definition at line 39 of file class.ilAuthProviderShibboleth.php.

    {
        global $DIC; // for backword compatibility of hook environment variables
        $ilias = $DIC['ilias'];
        $ilSetting = $DIC['ilSetting'];
        $shibServerData = shibServerData::getInstance();
        
        //$this->getLogger()->dump($shibServerData);
        
        if ($shibServerData->getLogin()) {
            $shibUser = shibUser::buildInstance($shibServerData);
            // for backword compatibility of hook environment variables
            $userObj = &$shibUser; // For shib_data_conv included Script
            $newUser = $shibUser->isNew(); // For shib_data_conv included Script
            if ($shibUser->isNew()) {
                $shibUser->createFields();
                $shibUser->setPref('hits_per_page', $ilSetting->get('hits_per_page'));
 
                // Modify user data before creating the user
                // Include custom code that can be used to further modify
                // certain Shibboleth user attributes
                if ($ilias->getSetting('shib_data_conv') and $ilias->getSetting('shib_data_conv') != ''
                    and is_readable($ilias->getSetting('shib_data_conv'))
                ) {
                    include($ilias->getSetting('shib_data_conv'));
                }
                $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shibUser);
                $shibUser->create();
                $shibUser->updateOwner();
                $shibUser->saveAsNew();
                $shibUser->writePrefs();
                $shibUser = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shibUser);
                ilShibbolethRoleAssignmentRules::doAssignments($shibUser->getId(), $_SERVER);
            } else {
                $shibUser->updateFields();
                // Include custom code that can be used to further modify
                // certain Shibboleth user attributes
                if ($ilias->getSetting('shib_data_conv') and $ilias->getSetting('shib_data_conv') != ''
                    and is_readable($ilias->getSetting('shib_data_conv'))
                ) {
                    include($ilias->getSetting('shib_data_conv'));
                }
                //                              $shibUser->update();
                $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shibUser);
                $shibUser->update();
                $shibUser = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shibUser);
                ilShibbolethRoleAssignmentRules::updateAssignments($shibUser->getId(), $_SERVER);
            }
 
            $c = shibConfig::getInstance();
            if (($newUser && !$c->isActivateNew()) || !$newUser) {
                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
                $status->setAuthenticatedUserId(ilObjUser::_lookupId($shibUser->getLogin()));
            } elseif ($newUser && $c->isActivateNew()) {
                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
                $status->setReason('err_inactive');
            }
        } else {
            $this->getLogger()->info('Shibboleth authentication failed.');
            $this->handleAuthenticationFail($status, 'err_wrong_login');
            return false;
        }
    }

References $_SERVER, $c, $DIC, $ilSetting, ilAuthProvider\$status, ilObjUser\_lookupId(), shibUser\buildInstance(), ilShibbolethRoleAssignmentRules\doAssignments(), ilShibbolethPluginWrapper\getInstance(), shibConfig\getInstance(), shibServerData\getInstance(), ilAuthProvider\getLogger(), ilAuthProvider\handleAuthenticationFail(), ilAuthStatus\STATUS_AUTHENTICATED, ilAuthStatus\STATUS_AUTHENTICATION_FAILED, and ilShibbolethRoleAssignmentRules\updateAssignments().

Here is the call graph for this function:

Field Documentation

$migration_account

ilAuthProviderShibboleth::$migration_account = ''

private

Definition at line 23 of file class.ilAuthProviderShibboleth.php.

---

The documentation for this class was generated from the following file:

• Services/AuthShibboleth/classes/class.ilAuthProviderShibboleth.php