22 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output =
true)
25 parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
27 $this->lng->loadLanguageModule(
'registration');
28 $this->lng->loadLanguageModule(
'auth');
30 define(
'LDAP_DEFAULT_PORT', 389);
31 define(
'RADIUS_DEFAULT_PORT', 1812);
51 $rbacsystem =
$DIC[
'rbacsystem'];
54 if (!$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
55 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
58 $this->tabs_gui->setTabActive(
'authentication_settings');
60 $this->tabs_gui->setSubTabActive(
"auth_settings");
62 $this->tpl->addBlockFile(
65 "tpl.auth_general.html",
66 "Services/Authentication"
69 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
70 $this->tpl->setVariable(
"TXT_AUTH_TITLE", $this->lng->txt(
"auth_select"));
72 $this->tpl->setVariable(
"TXT_AUTH_MODE", $this->lng->txt(
"auth_mode"));
73 $this->tpl->setVariable(
"TXT_AUTH_DEFAULT", $this->lng->txt(
"default"));
74 $this->tpl->setVariable(
"TXT_AUTH_ACTIVE", $this->lng->txt(
"active"));
75 $this->tpl->setVariable(
"TXT_AUTH_NUM_USERS", $this->lng->txt(
"num_users"));
77 $this->tpl->setVariable(
"TXT_LOCAL", $this->lng->txt(
"auth_local"));
78 $this->tpl->setVariable(
"TXT_LDAP", $this->lng->txt(
"auth_ldap"));
79 $this->tpl->setVariable(
"TXT_SHIB", $this->lng->txt(
"auth_shib"));
81 $this->tpl->setVariable(
"TXT_CAS", $this->lng->txt(
"auth_cas"));
83 $this->tpl->setVariable(
"TXT_RADIUS", $this->lng->txt(
"auth_radius"));
84 $this->tpl->setVariable(
"TXT_SCRIPT", $this->lng->txt(
"auth_script"));
86 $this->tpl->setVariable(
"TXT_APACHE", $this->lng->txt(
"auth_apache"));
91 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
93 $icon_ok =
"<img src=\"" .
ilUtil::getImagePath(
"icon_ok.svg") .
"\" alt=\"" . $this->lng->txt(
"enabled") .
"\" title=\"" . $this->lng->txt(
"enabled") .
"\" border=\"0\" vspace=\"0\"/>";
94 $icon_not_ok =
"<img src=\"" .
ilUtil::getImagePath(
"icon_not_ok.svg") .
"\" alt=\"" . $this->lng->txt(
"disabled") .
"\" title=\"" . $this->lng->txt(
"disabled") .
"\" border=\"0\" vspace=\"0\"/>";
97 foreach ($auth_modes as $mode => $mode_name) {
102 $this->tpl->setCurrentBlock(
'auth_mode');
106 $this->tpl->setVariable(
"AUTH_NAME",
$server->getName());
107 $this->tpl->setVariable(
'AUTH_ACTIVE',
$server->isActive() ? $icon_ok : $icon_not_ok);
110 $this->tpl->setVariable(
'AUTH_NAME',
$idp->getEntityId());
111 $this->tpl->setVariable(
'AUTH_ACTIVE',
$idp->isActive() ? $icon_ok : $icon_not_ok);
113 $this->tpl->setVariable(
"AUTH_NAME", $this->lng->txt(
"auth_" . $mode_name));
114 $this->tpl->setVariable(
'AUTH_ACTIVE', $this->
ilias->getSetting($mode_name .
'_active') || $mode ==
AUTH_LOCAL ? $icon_ok : $icon_not_ok);
118 $this->tpl->setVariable(
"AUTH_CHECKED",
"checked=\"checked\"");
120 $this->tpl->setVariable(
122 ((
int) $auth_cnt[$mode_name] + $auth_cnt[
"default"]) .
" (" . $this->lng->txt(
"auth_per_default") .
123 ": " . $auth_cnt[
"default"] .
")"
126 $this->tpl->setVariable(
128 (
int) $auth_cnt[$mode_name]
131 $this->tpl->setVariable(
"AUTH_ID", $mode_name);
132 $this->tpl->setVariable(
"AUTH_VAL", $mode);
133 $this->tpl->parseCurrentBlock();
136 $this->tpl->setVariable(
"TXT_CONFIGURE", $this->lng->txt(
"auth_configure"));
137 $this->tpl->setVariable(
"TXT_AUTH_REMARK", $this->lng->txt(
"auth_remark_non_local_auth"));
138 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
139 $this->tpl->setVariable(
"CMD_SUBMIT",
"setAuthMode");
143 $this->tpl->setVariable(
'TABLE_AUTH_DETERMINATION', $this->form->getHTML());
147 $this->tpl->setVariable(
149 $this->ctrl->getFormAction($this)
151 $this->tpl->setVariable(
"TXT_AUTH_ROLES", $this->lng->txt(
"auth_active_roles"));
152 $this->tpl->setVariable(
"TXT_ROLE", $this->lng->txt(
"obj_role"));
153 $this->tpl->setVariable(
"TXT_ROLE_AUTH_MODE", $this->lng->txt(
"auth_role_auth_mode"));
154 $this->tpl->setVariable(
"CMD_SUBMIT_ROLES",
"updateAuthRoles");
156 include_once(
"./Services/AccessControl/classes/class.ilObjRole.php");
160 include_once(
'./Services/Authentication/classes/class.ilAuthUtils.php');
163 foreach ($reg_roles as $role) {
164 foreach ($active_auth_modes as $auth_name => $auth_key) {
168 if ($auth_name ==
"default" || $auth_name ==
"cas"
169 || $auth_name ==
'saml'
170 || $auth_name ==
"shibboleth" || $auth_name ==
'ldap'
171 || $auth_name ==
'apache' || $auth_name ==
"ecs"
172 || $auth_name ==
"openid") {
176 $this->tpl->setCurrentBlock(
"auth_mode_selection");
178 if ($auth_name ==
'default') {
187 $name = $this->lng->txt(
'auth_' . $auth_name);
190 $this->tpl->setVariable(
"AUTH_MODE_NAME",
$name);
192 $this->tpl->setVariable(
"AUTH_MODE", $auth_name);
194 if ($role[
'auth_mode'] == $auth_name) {
195 $this->tpl->setVariable(
"SELECTED_AUTH_MODE",
"selected=\"selected\"");
198 $this->tpl->parseCurrentBlock();
201 $this->tpl->setCurrentBlock(
"roles");
202 $this->tpl->setVariable(
"ROLE", $role[
'title']);
203 $this->tpl->setVariable(
"ROLE_ID", $role[
'id']);
204 $this->tpl->parseCurrentBlock();
219 $rbacsystem =
$DIC[
'rbacsystem'];
223 if (!$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
224 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
227 $this->tabs_gui->setTabActive(
"authentication_settings");
229 $this->tabs_gui->setSubTabActive(
"auth_login_editor");
231 $lng->loadLanguageModule(
"meta");
233 $this->tpl->addBlockFile(
236 "tpl.auth_login_messages.html",
237 "Services/Authentication"
239 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
240 $this->tpl->setVariable(
"TXT_HEADLINE", $this->lng->txt(
"login_information"));
241 $this->tpl->setVariable(
"TXT_DESCRIPTION", $this->lng->txt(
"login_information_desc"));
242 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
243 $this->initLoginForm();
244 $this->tpl->setVariable(
'LOGIN_INFO', $this->form->getHTML());
250 $this->ctrl->redirect($this,
"authSettings");
257 $rbacsystem =
$DIC[
'rbacsystem'];
260 if (!$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
261 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
264 if (empty(
$_POST[
"auth_mode"])) {
265 $this->
ilias->raiseError($this->lng->txt(
"auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
268 $current_auth_mode =
$ilSetting->get(
'auth_mode',
'');
269 if (
$_POST[
"auth_mode"] == $current_auth_mode) {
270 ilUtil::sendInfo($this->lng->txt(
"auth_mode") .
": " . $this->getAuthModeTitle() .
" " . $this->lng->txt(
"auth_mode_not_changed"),
true);
271 $this->ctrl->redirect($this,
'authSettings');
274 switch (
$_POST[
"auth_mode"]) {
291 if ($this->object->checkAuthSHIB() !==
true) {
296 $this->ctrl->getLinkTargetByClass(
297 ilAuthShibbolethSettingsGUI::class,
309 if ($this->object->checkAuthRADIUS() !==
true) {
311 $this->ctrl->redirect($this,
'editRADIUS');
316 if ($this->object->checkAuthScript() !==
true) {
323 $this->
ilias->setSetting(
"auth_mode",
$_POST[
"auth_mode"]);
325 ilUtil::sendSuccess($this->lng->txt(
"auth_default_mode_changed_to") .
" " . $this->getAuthModeTitle(),
true);
326 $this->ctrl->redirect($this,
'authSettings');
338 $rbacsystem =
$DIC[
'rbacsystem'];
344 if (!$rbacsystem->checkAccess(
"read", $this->object->getRefId())) {
345 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
348 $this->tabs_gui->setTabActive(
'auth_soap');
351 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.auth_soap.html',
'Services/Authentication');
354 $role_list =
$rbacreview->getRolesByFilter(2, $this->object->getId());
357 foreach ($role_list as $role) {
358 $roles[$role[
'obj_id']] = $role[
'title'];
362 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
365 $soap_config->setTitle($this->lng->txt(
"auth_soap_auth"));
366 $soap_config->setDescription($this->lng->txt(
"auth_soap_auth_desc"));
367 $soap_config->setFormAction($this->ctrl->getFormAction($this,
"editSOAP"));
368 $soap_config->addCommandButton(
"saveSOAP", $this->lng->txt(
"save"));
369 $soap_config->addCommandButton(
"editSOAP", $this->lng->txt(
"cancel"));
373 $active->setTitle($this->lng->txt(
"active"));
374 $active->setPostVar(
"soap[active]");
378 $server->setTitle($this->lng->txt(
"server"));
379 $server->setInfo($this->lng->txt(
"auth_soap_server_desc"));
380 $server->setPostVar(
"soap[server]");
387 $port->setTitle($this->lng->txt(
"port"));
388 $port->setInfo($this->lng->txt(
"auth_soap_port_desc"));
389 $port->setPostVar(
"soap[port]");
391 $port->setMaxLength(5);
395 $https->setTitle($this->lng->txt(
"auth_soap_use_https"));
396 $https->setPostVar(
"soap[use_https]");
400 $uri->setTitle($this->lng->txt(
"uri"));
401 $uri->setInfo($this->lng->txt(
"auth_soap_uri_desc"));
402 $uri->setPostVar(
"soap[uri]");
404 $uri->setMaxLength(256);
408 $namespace->setTitle($this->lng->txt(
"auth_soap_namespace"));
409 $namespace->setInfo($this->lng->txt(
"auth_soap_namespace_desc"));
416 $dotnet->setTitle($this->lng->txt(
"auth_soap_use_dotnet"));
417 $dotnet->setPostVar(
"soap[use_dotnet]");
421 $createuser->setTitle($this->lng->txt(
"auth_create_users"));
422 $createuser->setInfo($this->lng->txt(
"auth_soap_create_users_desc"));
423 $createuser->setPostVar(
"soap[create_users]");
427 $sendmail->setTitle($this->lng->txt(
"user_send_new_account_mail"));
428 $sendmail->setInfo($this->lng->txt(
"auth_new_account_mail_desc"));
429 $sendmail->setPostVar(
"soap[account_mail]");
433 $defaultrole->setTitle($this->lng->txt(
"auth_user_default_role"));
434 $defaultrole->setInfo($this->lng->txt(
"auth_soap_user_default_role_desc"));
435 $defaultrole->setPostVar(
"soap[user_default_role]");
436 $defaultrole->setOptions($roles);
440 $allowlocal->setTitle($this->lng->txt(
"auth_allow_local"));
441 $allowlocal->setInfo($this->lng->txt(
"auth_soap_allow_local_desc"));
442 $allowlocal->setPostVar(
"soap[allow_local]");
449 $active ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"active"]);
451 $port ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"port"]);
452 $https ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_https"]);
453 $uri ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"uri"]);
455 $dotnet ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_dotnet"]);
456 $createuser ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"create_users"]);
457 $allowlocal ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"allow_local"]);
458 $defaultrole->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"user_default_role"]);
459 $sendmail ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"account_mail"]);
461 $active ->setChecked(
$settings[
"soap_auth_active"]);
463 $port ->setValue(
$settings[
"soap_auth_port"]);
465 $uri ->setValue(
$settings[
"soap_auth_uri"]);
467 $dotnet ->setChecked(
$settings[
"soap_auth_use_dotnet"]);
468 $createuser ->setChecked(
$settings[
"soap_auth_create_users"]);
469 $allowlocal ->setChecked(
$settings[
"soap_auth_allow_local"]);
470 $defaultrole->setValue(
$settings[
"soap_auth_user_default_role"]);
471 $sendmail ->setChecked(
$settings[
"soap_auth_account_mail"]);
474 if (!$defaultrole->getValue()) {
475 $defaultrole->setValue(4);
479 $soap_config->addItem($active);
480 $soap_config->addItem(
$server);
481 $soap_config->addItem($port);
482 $soap_config->addItem(
$https);
483 $soap_config->addItem($uri);
485 $soap_config->addItem($dotnet);
486 $soap_config->addItem($createuser);
487 $soap_config->addItem($sendmail);
488 $soap_config->addItem($defaultrole);
489 $soap_config->addItem($allowlocal);
491 $this->tpl->setVariable(
"CONFIG_FORM", $soap_config->getHTML());
496 $form->setTitle(
"Test Request");
498 $form->addItem($text_prop);
500 $form->addItem($text_prop2);
504 $form->addCommandButton(
505 "testSoapAuthConnection",
509 if (
$ilCtrl->getCmd() ==
"testSoapAuthConnection") {
510 include_once(
"./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
514 (
boolean)
$_POST[
"new_user"]
517 $this->tpl->setVariable(
"TEST_FORM",
$form->getHTML() .
$ret);
536 $rbacsystem =
$DIC[
'rbacsystem'];
538 if (!$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
539 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
543 if (!
$_POST[
"soap"][
"server"]) {
544 $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
548 if (
$_POST[
"soap"][
"server"] !=
"" && (preg_match(
"/^[0-9]{0,5}$/",
$_POST[
"soap"][
"port"])) ==
false) {
549 $this->
ilias->raiseError($this->lng->txt(
"err_invalid_port"), $this->ilias->error_obj->MESSAGE);
562 $ilSetting->set(
"soap_auth_user_default_role",
$_POST[
"soap"][
"user_default_role"]);
563 ilUtil::sendSuccess($this->lng->txt(
"auth_soap_settings_saved"),
true);
565 $this->ctrl->redirect($this,
'editSOAP');
577 $rbacsystem =
$DIC[
'rbacsystem'];
579 if (!$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
580 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
584 $this->tpl->setVariable(
"AUTH_SCRIPT_NAME",
$_SESSION[
"error_post_vars"][
"auth_script"][
"name"]);
589 $this->tpl->setVariable(
"AUTH_SCRIPT_NAME",
$settings[
"auth_script_name"]);
592 $this->tabs_gui->setTabActive(
'auth_script');
594 $this->tpl->addBlockFile(
597 "tpl.auth_script.html",
598 "Services/Authentication"
601 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
602 $this->tpl->setVariable(
"COLSPAN", 3);
603 $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_TITLE", $this->lng->txt(
"auth_script_configure"));
604 $this->tpl->setVariable(
"TXT_OPTIONS", $this->lng->txt(
"options"));
605 $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_NAME", $this->lng->txt(
"auth_script_name"));
607 $this->tpl->setVariable(
"TXT_REQUIRED_FLD", $this->lng->txt(
"required_field"));
608 $this->tpl->setVariable(
"TXT_CANCEL", $this->lng->txt(
"cancel"));
609 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
610 $this->tpl->setVariable(
"CMD_SUBMIT",
"saveScript");
621 if (!
$_POST[
"auth_script"][
"name"]) {
622 $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
635 $this->
ilias->setSetting(
"auth_script_name",
$_POST[
"auth_script"][
"name"]);
638 ilUtil::sendSuccess($this->lng->txt(
"auth_mode_changed_to") .
" " . $this->getAuthModeTitle(),
true);
639 $this->ctrl->redirect($this,
'editScript');
651 switch ($this->
ilias->getSetting(
"auth_mode")) {
653 return $this->lng->txt(
"auth_local");
657 return $this->lng->txt(
"auth_ldap");
661 return $this->lng->txt(
"auth_shib");
665 return $this->lng->txt(
"auth_saml");
669 return $this->lng->txt(
"auth_radius");
673 return $this->lng->txt(
"auth_script");
677 return $this->lng->txt(
"auth_apache");
681 return $this->lng->txt(
"unknown");
690 $rbacsystem =
$DIC[
'rbacsystem'];
692 if (!$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
693 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
696 include_once(
'./Services/AccessControl/classes/class.ilObjRole.php');
699 ilUtil::sendSuccess($this->lng->txt(
"auth_mode_roles_changed"),
true);
700 $this->ctrl->redirect($this,
'authSettings');
710 if (is_object($this->form)) {
714 include_once(
'./Services/Form/classes/class.ilPropertyFormGUI.php');
716 $this->form->setFormAction($this->ctrl->getFormAction($this));
717 $this->form->setTableWidth(
'100%');
718 $this->form->setTitle($this->lng->txt(
'auth_auth_settings'));
719 $this->form->addCommandButton(
'updateAuthModeDetermination', $this->lng->txt(
'save'));
721 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
722 $cap =
new ilCheckboxInputGUI($this->lng->txt(
'adm_captcha_anonymous_short'),
'activate_captcha_anonym');
723 $cap->setInfo($this->lng->txt(
'adm_captcha_anonymous_auth'));
726 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
728 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
729 $this->form->addItem($cap);
732 include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
734 if ($det->getCountActiveAuthModes() <= 1) {
739 $header->setTitle($this->lng->txt(
'auth_auth_mode_determination'));
743 $kind->setInfo($this->lng->txt(
'auth_mode_determination_info'));
744 $kind->setValue($det->getKind());
745 $kind->setRequired(
true);
747 $option_user =
new ilRadioOption($this->lng->txt(
'auth_by_user'), 0);
748 $kind->addOption($option_user);
750 $option_determination =
new ilRadioOption($this->lng->txt(
'auth_automatic'), 1);
752 include_once(
'Services/Authentication/classes/class.ilAuthUtils.php');
754 $auth_sequenced = $det->getAuthModeSequence();
756 foreach ($auth_sequenced as $auth_mode) {
757 switch ($auth_mode) {
766 $text = $this->lng->txt(
'auth_radius');
769 $text = $this->lng->txt(
'auth_local');
772 $text = $this->lng->txt(
'auth_soap');
775 $text = $this->lng->txt(
'auth_apache');
780 $option = $pl->getMultipleAuthModeOptions($auth_mode);
781 $text = $option[$auth_mode][
'txt'];
788 $pos->setValue($counter++);
790 $pos->setMaxLength(1);
791 $option_determination->addSubItem($pos);
793 $kind->addOption($option_determination);
794 $this->form->addItem($kind);
806 include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
809 $det->setKind((
int)
$_POST[
'kind']);
811 $pos =
$_POST[
'position'] ?
$_POST[
'position'] : array();
812 asort($pos, SORT_NUMERIC);
815 foreach ($pos as $auth_mode => $dummy) {
816 $position[$counter++] = $auth_mode;
818 $det->setAuthModeSequence($position ? $position : array());
821 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
822 ilCaptchaUtil::setActiveForLogin((
bool)
$_POST[
'activate_captcha_anonym']);
824 ilUtil::sendSuccess($this->lng->txt(
'settings_saved'));
838 $ilAccess =
$DIC[
'ilAccess'];
841 $next_class = $this->ctrl->getNextClass($this);
842 $cmd = $this->ctrl->getCmd();
846 if (!$ilAccess->checkAccess(
'read',
'', $this->object->getRefId())) {
847 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_read'),
$ilErr->WARNING);
850 switch ($next_class) {
851 case 'ilopenidconnectsettingsgui':
853 $this->tabs_gui->activateTab(
'auth_oidconnect');
856 $this->ctrl->forwardCommand($oid);
859 case 'ilsamlsettingsgui':
860 $this->tabs_gui->setTabActive(
'auth_saml');
862 require_once
'./Services/Saml/classes/class.ilSamlSettingsGUI.php';
864 $this->ctrl->forwardCommand($os);
867 case 'ilregistrationsettingsgui':
869 include_once
'./Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
872 $this->tabs_gui->setTabActive(
'registration_settings');
874 $this->ctrl->forwardCommand($registration_gui);
877 case 'ilpermissiongui':
880 $this->tabs_gui->setTabActive(
'perm_settings');
882 include_once(
"Services/AccessControl/classes/class.ilPermissionGUI.php");
884 $ret =&$this->ctrl->forwardCommand($perm_gui);
887 case 'illdapsettingsgui':
890 $this->tabs_gui->setTabActive(
'auth_ldap');
892 include_once
'./Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
894 $this->ctrl->forwardCommand($ldap_settings_gui);
897 case 'ilauthshibbolethsettingsgui':
899 $this->tabs_gui->setTabActive(
'auth_shib');
900 include_once(
'./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
902 $this->ctrl->forwardCommand($shib_settings_gui);
905 case 'ilcassettingsgui':
907 $this->tabs_gui->setTabActive(
'auth_cas');
908 include_once
'./Services/CAS/classes/class.ilCASSettingsGUI.php';
910 $this->ctrl->forwardCommand($cas_settings);
913 case 'ilradiussettingsgui':
915 $this->tabs_gui->setTabActive(
'auth_radius');
916 include_once
'./Services/Radius/classes/class.ilRadiusSettingsGUI.php';
918 $this->ctrl->forwardCommand($radius_settings_gui);
922 case 'ilauthloginpageeditorgui':
925 $this->tabs_gui->setTabActive(
'authentication_settings');
926 $this->tabs_gui->setSubTabActive(
"auth_login_editor");
928 include_once
'./Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
930 $this->ctrl->forwardCommand($lpe);
935 $cmd =
"authSettings";
959 $rbacsystem =
$DIC[
'rbacsystem'];
961 $this->ctrl->setParameter($this,
"ref_id", $this->object->getRefId());
963 if ($rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
964 $this->tabs_gui->addTarget(
965 "authentication_settings",
966 $this->ctrl->getLinkTarget($this,
"authSettings"),
972 $this->tabs_gui->addTarget(
973 'registration_settings',
974 $this->ctrl->getLinkTargetByClass(
'ilregistrationsettingsgui',
'view')
977 $this->tabs_gui->addTarget(
979 $this->ctrl->getLinkTargetByClass(
'illdapsettingsgui',
'serverList'),
986 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
989 $this->tabs_gui->addTarget(
'auth_shib', $this->ctrl->getLinkTargetByClass(
'ilauthshibbolethsettingsgui',
'settings'));
991 $this->tabs_gui->addTarget(
993 $this->ctrl->getLinkTargetByClass(
'ilcassettingsgui',
'settings')
996 $this->tabs_gui->addTarget(
998 $this->ctrl->getLinkTargetByClass(
'ilradiussettingsgui',
"settings"),
1004 $this->tabs_gui->addTarget(
1006 $this->ctrl->getLinkTarget($this,
"editSOAP"),
1012 $this->tabs_gui->addTarget(
1013 "apache_auth_settings",
1014 $this->ctrl->getLinkTarget($this,
'apacheAuthSettings'),
1020 require_once
'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1021 $this->tabs_gui->addTarget(
1029 $this->tabs_gui->addTab(
1031 $this->lng->txt(
'auth_oidconnect'),
1032 $this->ctrl->getLinkTargetByClass(
'ilopenidconnectsettingsgui')
1036 if ($rbacsystem->checkAccess(
'edit_permission', $this->object->getRefId())) {
1037 $this->tabs_gui->addTarget(
1039 $this->ctrl->getLinkTargetByClass(array(get_class($this),
'ilpermissiongui'),
"perm"),
1040 array(
"perm",
"info",
"owner"),
1053 $rbacsystem =
$DIC[
'rbacsystem'];
1055 $ilAccess =
$DIC[
'ilAccess'];
1057 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
1060 case 'authSettings':
1061 if ($ilAccess->checkAccess(
'write',
'', $this->object->getRefId())) {
1062 $this->tabs_gui->addSubTabTarget(
1064 $this->ctrl->getLinkTarget($this,
'authSettings'),
1068 if ($ilAccess->checkAccess(
'write',
'', $this->object->getRefId())) {
1069 $this->tabs_gui->addSubTabTarget(
1070 'auth_login_editor',
1071 $this->ctrl->getLinkTargetByClass(
'ilauthloginpageeditorgui',
''),
1086 $this->tabs_gui->setTabActive(
"apache_auth_settings");
1094 $path = ILIAS_DATA_DIR .
'/' . CLIENT_ID .
'/apache_auth_allowed_domains.txt';
1095 if (file_exists(
$path) && is_readable(
$path)) {
1096 $settingsMap[
'apache_auth_domains'] = file_get_contents(
$path);
1099 $form->setValuesByArray($settingsMap);
1101 $tpl->setVariable(
'ADM_CONTENT',
$form->getHtml());
1110 $form->setValuesByPost();
1114 if (
$form->checkInput()) {
1117 'apache_auth_indicator_name',
'apache_auth_indicator_value',
1118 'apache_enable_auth',
'apache_enable_local',
'apache_local_autocreate',
1119 'apache_enable_ldap',
'apache_auth_username_config_type',
1120 'apache_auth_username_direct_mapping_fieldname',
1121 'apache_default_role',
'apache_auth_target_override_login_page',
1122 'apache_auth_enable_override_login_page',
1123 'apache_auth_authenticate_on_login_page',
1128 foreach ($fields as $field) {
1132 if (
$form->getInput(
'apache_enable_auth')) {
1133 $this->
ilias->setSetting(
'apache_active',
true);
1135 $this->
ilias->setSetting(
'apache_active',
false);
1145 file_put_contents(ILIAS_DATA_DIR .
'/' . CLIENT_ID .
'/apache_auth_allowed_domains.txt', $allowedDomains);
1147 ilUtil::sendSuccess($this->lng->txt(
'apache_settings_changed_success'),
true);
1148 $this->ctrl->redirect($this,
'apacheAuthSettings');
1156 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
1159 $form->setFormAction($this->ctrl->getFormAction($this));
1160 $form->setTitle($this->lng->txt(
'apache_settings'));
1162 $chb_enabled =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_auth'),
'apache_enable_auth');
1163 $form->addItem($chb_enabled);
1165 $chb_local_create_account =
new ilCheckboxInputGUI($this->lng->txt(
'apache_autocreate'),
'apache_local_autocreate');
1166 $chb_enabled->addSubitem($chb_local_create_account);
1172 $select =
new ilSelectInputGUI($this->lng->txt(
'apache_default_role'),
'apache_default_role');
1173 $roleOptions = array();
1174 foreach ($roles as $role) {
1177 $select->setOptions($roleOptions);
1178 $select->setValue(4);
1180 $chb_local_create_account->addSubitem($select);
1182 $chb_local =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_local'),
'apache_enable_local');
1183 $form->addItem($chb_local);
1185 $chb_ldap =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_ldap'),
'apache_enable_ldap');
1186 $chb_ldap->setInfo($this->lng->txt(
'apache_ldap_hint_ldap_must_be_configured'));
1188 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
1189 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
1191 if (count($servers)) {
1192 $ldap_server_select =
new ilSelectInputGUI($this->lng->txt(
'auth_ldap_server_ds'),
'apache_ldap_sid');
1193 $options[0] = $this->lng->txt(
'select_one');
1194 foreach ($servers as $server_id) {
1196 $options[$server_id] = $ldap_server->getName();
1198 $ldap_server_select->setOptions(
$options);
1199 $ldap_server_select->setRequired(
true);
1202 $ldap_server_select->setValue($ds);
1204 $chb_ldap->addSubItem($ldap_server_select);
1206 $form->addItem($chb_ldap);
1208 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_name'),
'apache_auth_indicator_name');
1209 $txt->setRequired(
true);
1212 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_value'),
'apache_auth_indicator_value');
1213 $txt->setRequired(
true);
1217 $chb =
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_enable_override_login'),
'apache_auth_enable_override_login_page');
1218 $form->addItem($chb);
1220 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_target_override_login'),
'apache_auth_target_override_login_page');
1221 $txt->setRequired(
true);
1222 $chb->addSubItem(
$txt);
1224 $chb =
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_authenticate_on_login_page'),
'apache_auth_authenticate_on_login_page');
1225 $form->addItem($chb);
1228 $sec->setTitle($this->lng->txt(
'apache_auth_username_config'));
1229 $form->addItem($sec);
1231 $rag =
new ilRadioGroupInputGUI($this->lng->txt(
'apache_auth_username_config_type'),
'apache_auth_username_config_type');
1232 $form->addItem($rag);
1234 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_direct_mapping'), 1);
1235 $rag->addOption($rao);
1237 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_username_direct_mapping_fieldname'),
'apache_auth_username_direct_mapping_fieldname');
1239 $rao->addSubItem(
$txt);
1241 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_extended_mapping'), 2);
1242 $rao->setDisabled(
true);
1243 $rag->addOption($rao);
1245 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_by_function'), 3);
1246 $rag->addOption($rao);
1252 $sec->setTitle($this->lng->txt(
'apache_auth_security'));
1253 $form->addItem($sec);
1256 $txt->setInfo($this->lng->txt(
'apache_auth_domains_description'));
1260 $form->addCommandButton(
'saveApacheSettings', $this->lng->txt(
'save'));
1261 $form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
1268 return join(
"\n", preg_split(
"/[\r\n]+/",
$text));
1274 $this->ctrl->redirect($registration_gui);
1283 switch ($a_form_id) {
1285 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
1286 $fields_login = array(
1290 $fields_registration = array(
1295 return array(
'adm_auth_login' => array(
'authSettings', $fields_login),
'adm_auth_reg' => array(
'registrationSettings', $fields_registration));
An exception for terminatinating execution or to throw for unit testing.
Login page editor settings GUI ILIAS page editor or richtext editor.
static _getInstance()
Get instance.
Class ilAuthShibbolethSettingsGUI.
static _getActiveAuthModes()
static getAuthPlugins()
Get active enabled auth plugins.
static _getAllAuthModes()
static _getAuthModeName($a_auth_key)
static checkFreetype()
Check whether captcha support is active.
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getDataSource($a_auth_mode)
static getInstanceByServerId($a_server_id)
Get instance by server id.
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
static getServerIds()
Get all server ids @global ilDB $ilDB.
Class ilObjAuthSettingsGUI.
validateApacheAuthAllowedDomains($text)
getAdminTabs()
administration tabs show only permissions and trash folder
setSubTabs($a_tab)
set sub tabs
addToExternalSettingsForm($a_form_id)
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
getApacheAuthSettingsForm()
updateAuthModeDeterminationObject()
update auth mode determination
loginInfoObject()
displays login information of all installed languages
registrationSettingsObject()
executeCommand()
Execute command.
apacheAuthSettingsObject($form=false)
getAuthModeTitle()
get the title of auth mode
saveApacheSettingsObject()
editSOAPObject()
Configure soap settings.
cancelObject()
cancel action and go back to previous page @access public
authSettingsObject()
display settings menu
viewObject()
list childs of current object
testSoapAuthConnectionObject()
initAuthModeDetermination()
init auth mode determinitation form
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
getTabs()
get tabs @access public
editScriptObject()
Configure Custom settings.
static _lookupRegisterAllowed()
get all roles that are activated in user registration
static _updateAuthMode($a_roles)
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Class ilObjectGUI Basic methods of all Output classes.
prepareOutput($a_show_subobjects=true)
prepare output
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
static _lookupTitle($a_id)
lookup object title
Class ilOpenIdConnectSettingsGUI.
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
This class represents an option in a radio group.
Class ilRegistrationSettingsGUI.
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
static getInstanceByIdpId($a_idp_id)
static getIdpIdByAuthMode($a_auth_mode)
static isAuthModeSaml($a_auth_mode)
This class represents a text area property in a property form.
This class represents a text property in a property form.
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
if($err=$client->getError()) $namespace
if(!array_key_exists('StateId', $_REQUEST)) $id
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
redirection script todo: (a better solution should control the processing via a xml file)
if(isset($_POST['submit'])) $form