ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
16class ilObjAuthSettingsGUI extends ilObjectGUI
17{
22 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
23 {
24 $this->type = "auth";
25 parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
26
27 $this->lng->loadLanguageModule('registration');
28 $this->lng->loadLanguageModule('auth');
29
30 define('LDAP_DEFAULT_PORT', 389);
31 define('RADIUS_DEFAULT_PORT', 1812);
32 }
33
34
35
36 public function viewObject()
37 {
38 return $this->authSettingsObject();
39 }
40
41
47 public function authSettingsObject()
48 {
49 global $DIC;
50
51 $rbacsystem = $DIC['rbacsystem'];
52 $ilSetting = $DIC['ilSetting'];
53
54 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
55 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
56 }
57
58 $this->tabs_gui->setTabActive('authentication_settings');
59 $this->setSubTabs('authSettings');
60 $this->tabs_gui->setSubTabActive("auth_settings");
61
62 $this->tpl->addBlockFile(
63 "ADM_CONTENT",
64 "adm_content",
65 "tpl.auth_general.html",
66 "Services/Authentication"
67 );
68
69 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
70 $this->tpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
71
72 $this->tpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
73 $this->tpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
74 $this->tpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
75 $this->tpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
76
77 $this->tpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
78 $this->tpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
79 $this->tpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
80
81 $this->tpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
82
83 $this->tpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
84 $this->tpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
85
86 $this->tpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
87
88 $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
89 $auth_modes = ilAuthUtils::_getAllAuthModes();
90 $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE);
91 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
92 // icon handlers
93 $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
94 $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
95
96
97 foreach ($auth_modes as $mode => $mode_name) {
98 if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
99 continue;
100 }
101
102 $this->tpl->setCurrentBlock('auth_mode');
103
104 if (ilLDAPServer::isAuthModeLDAP($mode)) {
105 $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
106 $this->tpl->setVariable("AUTH_NAME", $server->getName());
107 $this->tpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
108 } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
109 $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
110 $this->tpl->setVariable('AUTH_NAME', $idp->getEntityId());
111 $this->tpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
112 } else {
113 $this->tpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
114 $this->tpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
115 }
116
117 if ($ilSetting->get('auth_mode') == $mode) {
118 $this->tpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
119
120 $this->tpl->setVariable(
121 "AUTH_USER_NUM",
122 ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
123 ": " . $auth_cnt["default"] . ")"
124 );
125 } else {
126 $this->tpl->setVariable(
127 "AUTH_USER_NUM",
128 (int) $auth_cnt[$mode_name]
129 );
130 }
131 $this->tpl->setVariable("AUTH_ID", $mode_name);
132 $this->tpl->setVariable("AUTH_VAL", $mode);
133 $this->tpl->parseCurrentBlock();
134 }
135
136 $this->tpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
137 $this->tpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
138 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
139 $this->tpl->setVariable("CMD_SUBMIT", "setAuthMode");
140
141 // auth mode determinitation
142 if ($this->initAuthModeDetermination()) {
143 $this->tpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
144 }
145
146 // roles table
147 $this->tpl->setVariable(
148 "FORMACTION_ROLES",
149 $this->ctrl->getFormAction($this)
150 );
151 $this->tpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
152 $this->tpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
153 $this->tpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
154 $this->tpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
155
156 include_once("./Services/AccessControl/classes/class.ilObjRole.php");
157 $reg_roles = ilObjRole::_lookupRegisterAllowed();
158
159 // auth mode selection
160 include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
161 $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
162
163 foreach ($reg_roles as $role) {
164 foreach ($active_auth_modes as $auth_name => $auth_key) {
165 // do not list auth modes with external login screen
166 // even not default, because it can easily be set to
167 // a non-working auth mode
168 if ($auth_name == "default" || $auth_name == "cas"
169 || $auth_name == 'saml'
170 || $auth_name == "shibboleth" || $auth_name == 'ldap'
171 || $auth_name == 'apache' || $auth_name == "ecs"
172 || $auth_name == "openid") {
173 continue;
174 }
175
176 $this->tpl->setCurrentBlock("auth_mode_selection");
177
178 if ($auth_name == 'default') {
179 $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
180 } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
181 $server = ilLDAPServer::getInstanceByServerId($id);
182 $name = $server->getName();
183 } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
184 $idp = ilSamlIdp::getInstanceByIdpId($id);
185 $name = $idp->getEntityId();
186 } else {
187 $name = $this->lng->txt('auth_' . $auth_name);
188 }
189
190 $this->tpl->setVariable("AUTH_MODE_NAME", $name);
191
192 $this->tpl->setVariable("AUTH_MODE", $auth_name);
193
194 if ($role['auth_mode'] == $auth_name) {
195 $this->tpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
196 }
197
198 $this->tpl->parseCurrentBlock();
199 } // END auth_mode selection
200
201 $this->tpl->setCurrentBlock("roles");
202 $this->tpl->setVariable("ROLE", $role['title']);
203 $this->tpl->setVariable("ROLE_ID", $role['id']);
204 $this->tpl->parseCurrentBlock();
205 }
206 }
207
208
215 public function loginInfoObject()
216 {
217 global $DIC;
218
219 $rbacsystem = $DIC['rbacsystem'];
220 $lng = $DIC['lng'];
221 $ilSetting = $DIC['ilSetting'];
222
223 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
224 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
225 }
226
227 $this->tabs_gui->setTabActive("authentication_settings");
228 $this->setSubTabs("authSettings");
229 $this->tabs_gui->setSubTabActive("auth_login_editor");
230
231 $lng->loadLanguageModule("meta");
232
233 $this->tpl->addBlockFile(
234 "ADM_CONTENT",
235 "adm_content",
236 "tpl.auth_login_messages.html",
237 "Services/Authentication"
238 );
239 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
240 $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
241 $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
242 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
243 $this->initLoginForm();
244 $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
245 }
246
247
248 public function cancelObject()
249 {
250 $this->ctrl->redirect($this, "authSettings");
251 }
252
253 public function setAuthModeObject()
254 {
255 global $DIC;
256
257 $rbacsystem = $DIC['rbacsystem'];
258 $ilSetting = $DIC['ilSetting'];
259
260 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
261 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
262 }
263
264 if (empty($_POST["auth_mode"])) {
265 $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
266 }
267
268 $current_auth_mode = $ilSetting->get('auth_mode','');
269 if ($_POST["auth_mode"] == $current_auth_mode) {
270 ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
271 $this->ctrl->redirect($this, 'authSettings');
272 }
273
274 switch ($_POST["auth_mode"]) {
275 case AUTH_SAML:
276 break;
277
278 case AUTH_LDAP:
279
280 /*
281 if ($this->object->checkAuthLDAP() !== true)
282 {
283 ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
284 ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
285 }
286 */
287 break;
288
289 // @fix changed from AUTH_SHIB > is not defined
290 case AUTH_SHIBBOLETH:
291 if ($this->object->checkAuthSHIB() !== true) {
292 ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
293 ilUtil::redirect(
294 $this->getReturnLocation(
295 'authSettings',
296 $this->ctrl->getLinkTargetByClass(
297 ilAuthShibbolethSettingsGUI::class,
298 'settings',
299 '',
300 false,
301 false
302 )
303 )
304 );
305 }
306 break;
307
308 case AUTH_RADIUS:
309 if ($this->object->checkAuthRADIUS() !== true) {
310 ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
311 $this->ctrl->redirect($this, 'editRADIUS');
312 }
313 break;
314
315 case AUTH_SCRIPT:
316 if ($this->object->checkAuthScript() !== true) {
317 ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
318 ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
319 }
320 break;
321 }
322
323 $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
324
325 ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
326 $this->ctrl->redirect($this, 'authSettings');
327 }
328
334 public function editSOAPObject()
335 {
336 global $DIC;
337
338 $rbacsystem = $DIC['rbacsystem'];
339 $rbacreview = $DIC['rbacreview'];
340 $ilSetting = $DIC['ilSetting'];
341 $ilCtrl = $DIC['ilCtrl'];
342 $lng = $DIC['lng'];
343
344 if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
345 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
346 }
347
348 $this->tabs_gui->setTabActive('auth_soap');
349
350 //set Template
351 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
352
353 // compose role list
354 $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
355 $roles = array();
356
357 foreach ($role_list as $role) {
358 $roles[$role['obj_id']] = $role['title'];
359 }
360
361 //set property form gui
362 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
363
364 $soap_config = new ilPropertyFormGUI();
365 $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
366 $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
367 $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
368 $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
369 $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
370
371 //set activ
372 $active = new ilCheckboxInputGUI();
373 $active->setTitle($this->lng->txt("active"));
374 $active->setPostVar("soap[active]");
375
376 //set server
377 $server = new ilTextInputGUI();
378 $server->setTitle($this->lng->txt("server"));
379 $server->setInfo($this->lng->txt("auth_soap_server_desc"));
380 $server->setPostVar("soap[server]");
381 $server->setSize(50);
382 $server->setMaxLength(256);
383 $server->setRequired(true);
384
385 //set port
386 $port = new ilTextInputGUI();
387 $port->setTitle($this->lng->txt("port"));
388 $port->setInfo($this->lng->txt("auth_soap_port_desc"));
389 $port->setPostVar("soap[port]");
390 $port->setSize(7);
391 $port->setMaxLength(5);
392
393 //set https
394 $https = new ilCheckboxInputGUI();
395 $https->setTitle($this->lng->txt("auth_soap_use_https"));
396 $https->setPostVar("soap[use_https]");
397
398 //set uri
399 $uri = new ilTextInputGUI();
400 $uri->setTitle($this->lng->txt("uri"));
401 $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
402 $uri->setPostVar("soap[uri]");
403 $uri->setSize(50);
404 $uri->setMaxLength(256);
405
406 //set namespace
407 $namespace = new ilTextInputGUI();
408 $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
409 $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
410 $namespace->setPostVar("soap[namespace]");
411 $namespace->setSize(50);
412 $namespace->setMaxLength(256);
413
414 //set dotnet
415 $dotnet = new ilCheckboxInputGUI();
416 $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
417 $dotnet->setPostVar("soap[use_dotnet]");
418
419 //set create users
420 $createuser = new ilCheckboxInputGUI();
421 $createuser->setTitle($this->lng->txt("auth_create_users"));
422 $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
423 $createuser->setPostVar("soap[create_users]");
424
425 //set account mail
426 $sendmail = new ilCheckboxInputGUI();
427 $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
428 $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
429 $sendmail->setPostVar("soap[account_mail]");
430
431 //set user default role
432 $defaultrole = new ilSelectInputGUI();
433 $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
434 $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
435 $defaultrole->setPostVar("soap[user_default_role]");
436 $defaultrole->setOptions($roles);
437
438 //set allow local authentication
439 $allowlocal = new ilCheckboxInputGUI();
440 $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
441 $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
442 $allowlocal->setPostVar("soap[allow_local]");
443
444 // get all settings
445 $settings = $ilSetting->getAll();
446
447 // get values in error case
448 if ($_SESSION["error_post_vars"]) {
449 $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
450 $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
451 $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
452 $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
453 $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
454 $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
455 $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
456 $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
457 $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
458 $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
459 $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
460 } else {
461 $active ->setChecked($settings["soap_auth_active"]);
462 $server ->setValue($settings["soap_auth_server"]);
463 $port ->setValue($settings["soap_auth_port"]);
464 $https ->setChecked($settings["soap_auth_use_https"]);
465 $uri ->setValue($settings["soap_auth_uri"]);
466 $namespace ->setValue($settings["soap_auth_namespace"]);
467 $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
468 $createuser ->setChecked($settings["soap_auth_create_users"]);
469 $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
470 $defaultrole->setValue($settings["soap_auth_user_default_role"]);
471 $sendmail ->setChecked($settings["soap_auth_account_mail"]);
472 }
473
474 if (!$defaultrole->getValue()) {
475 $defaultrole->setValue(4);
476 }
477
478 //add Items to property gui
479 $soap_config->addItem($active);
480 $soap_config->addItem($server);
481 $soap_config->addItem($port);
482 $soap_config->addItem($https);
483 $soap_config->addItem($uri);
484 $soap_config->addItem($namespace);
485 $soap_config->addItem($dotnet);
486 $soap_config->addItem($createuser);
487 $soap_config->addItem($sendmail);
488 $soap_config->addItem($defaultrole);
489 $soap_config->addItem($allowlocal);
490
491 $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
492
493 // test form
494 $form = new ilPropertyFormGUI();
495 $form->setFormAction($ilCtrl->getFormAction($this));
496 $form->setTitle("Test Request");
497 $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
498 $form->addItem($text_prop);
499 $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
500 $form->addItem($text_prop2);
501 $cb = new ilCheckboxInputGUI("new_user", "new_user");
502 $form->addItem($cb);
503
504 $form->addCommandButton(
505 "testSoapAuthConnection",
506 "Send"
507 );
508
509 if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
510 include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
511 $ret = "<br />" . ilSOAPAuth::testConnection(
512 ilUtil::stripSlashes($_POST["ext_uid"]),
513 ilUtil::stripSlashes($_POST["soap_pw"]),
514 (boolean) $_POST["new_user"]
515 );
516 }
517 $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
518 }
519
520 public function testSoapAuthConnectionObject()
521 {
522 $this->editSOAPObject();
523 }
524
530 public function saveSOAPObject()
531 {
532 global $DIC;
533
534 $ilUser = $DIC['ilUser'];
535 $ilSetting = $DIC['ilSetting'];
536 $rbacsystem = $DIC['rbacsystem'];
537
538 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
539 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
540 }
541
542 // validate required data
543 if (!$_POST["soap"]["server"]) {
544 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
545 }
546
547 // validate port
548 if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
549 $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
550 }
551
552 $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
553 $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
554 $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
555 $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
556 $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
557 $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
558 $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
559 $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
560 $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
561 $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
562 $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
563 ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
564
565 $this->ctrl->redirect($this, 'editSOAP');
566 }
567
573 public function editScriptObject()
574 {
575 global $DIC;
576
577 $rbacsystem = $DIC['rbacsystem'];
578
579 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
580 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
581 }
582
583 if ($_SESSION["error_post_vars"]) {
584 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
585 } else {
586 // set already saved data
587 $settings = $this->ilias->getAllSettings();
588
589 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
590 }
591
592 $this->tabs_gui->setTabActive('auth_script');
593
594 $this->tpl->addBlockFile(
595 "ADM_CONTENT",
596 "adm_content",
597 "tpl.auth_script.html",
598 "Services/Authentication"
599 );
600
601 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
602 $this->tpl->setVariable("COLSPAN", 3);
603 $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
604 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
605 $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
606
607 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
608 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
609 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
610 $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
611 }
612
618 public function saveScriptObject()
619 {
620 // validate required data
621 if (!$_POST["auth_script"]["name"]) {
622 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
623 }
624
625 // validate script url
626 /*
627 if (( TODO ,$_POST["ldap"]["server"])) == false)
628 {
629 $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
630 }*/
631
632 // TODO: check connection to server
633
634 // all ok. save settings and activate auth by external script
635 $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
636 $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
637
638 ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
639 $this->ctrl->redirect($this, 'editScript');
640 }
641
642
649 public function getAuthModeTitle()
650 {
651 switch ($this->ilias->getSetting("auth_mode")) {
652 case AUTH_LOCAL:
653 return $this->lng->txt("auth_local");
654 break;
655
656 case AUTH_LDAP:
657 return $this->lng->txt("auth_ldap");
658 break;
659
660 case AUTH_SHIBBOLETH:
661 return $this->lng->txt("auth_shib");
662 break;
663
664 case AUTH_SAML:
665 return $this->lng->txt("auth_saml");
666 break;
667
668 case AUTH_RADIUS:
669 return $this->lng->txt("auth_radius");
670 break;
671
672 case AUTH_SCRIPT:
673 return $this->lng->txt("auth_script");
674 break;
675
676 case AUTH_APACHE:
677 return $this->lng->txt("auth_apache");
678 break;
679
680 default:
681 return $this->lng->txt("unknown");
682 break;
683 }
684 }
685
686 public function updateAuthRolesObject()
687 {
688 global $DIC;
689
690 $rbacsystem = $DIC['rbacsystem'];
691
692 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
693 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
694 }
695
696 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
697 ilObjRole::_updateAuthMode($_POST['Fobject']);
698
699 ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
700 $this->ctrl->redirect($this, 'authSettings');
701 }
702
708 protected function initAuthModeDetermination()
709 {
710 if (is_object($this->form)) {
711 return true;
712 }
713
714 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
715 $this->form = new ilPropertyFormGUI();
716 $this->form->setFormAction($this->ctrl->getFormAction($this));
717 $this->form->setTableWidth('100%');
718 $this->form->setTitle($this->lng->txt('auth_auth_settings'));
719 $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
720
721 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
722 $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
723 $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
724 $cap->setValue(1);
725 if (!ilCaptchaUtil::checkFreetype()) {
726 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
727 }
728 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
729 $this->form->addItem($cap);
730
731 // Are there any authentication methods that support automatic determination ?
732 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
733 $det = ilAuthModeDetermination::_getInstance();
734 if ($det->getCountActiveAuthModes() <= 1) {
735 return true;
736 }
737
738 $header = new ilFormSectionHeaderGUI();
739 $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
740 $this->form->addItem($header);
741
742 $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
743 $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
744 $kind->setValue($det->getKind());
745 $kind->setRequired(true);
746
747 $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
748 $kind->addOption($option_user);
749
750 $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
751
752 include_once('Services/Authentication/classes/class.ilAuthUtils.php');
753
754 $auth_sequenced = $det->getAuthModeSequence();
755 $counter = 1;
756 foreach ($auth_sequenced as $auth_mode) {
757 switch ($auth_mode) {
758 // begin-patch ldap_multiple
759 case ilLDAPServer::isAuthModeLDAP($auth_mode):
760 $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
761 $server = ilLDAPServer::getInstanceByServerId($auth_id);
762 $text = $server->getName();
763 // end-patch ldap_multiple
764 break;
765 case AUTH_RADIUS:
766 $text = $this->lng->txt('auth_radius');
767 break;
768 case AUTH_LOCAL:
769 $text = $this->lng->txt('auth_local');
770 break;
771 case AUTH_SOAP:
772 $text = $this->lng->txt('auth_soap');
773 break;
774 case AUTH_APACHE:
775 $text = $this->lng->txt('auth_apache');
776 break;
777 // begin-patch auth_plugin
778 default:
779 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
780 $option = $pl->getMultipleAuthModeOptions($auth_mode);
781 $text = $option[$auth_mode]['txt'];
782 }
783 break;
784 // end-patch auth_plugin
785 }
786
787 $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
788 $pos->setValue($counter++);
789 $pos->setSize(1);
790 $pos->setMaxLength(1);
791 $option_determination->addSubItem($pos);
792 }
793 $kind->addOption($option_determination);
794 $this->form->addItem($kind);
795 return true;
796 }
797
804 public function updateAuthModeDeterminationObject()
805 {
806 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
807 $det = ilAuthModeDetermination::_getInstance();
808
809 $det->setKind((int) $_POST['kind']);
810
811 $pos = $_POST['position'] ? $_POST['position'] : array();
812 asort($pos, SORT_NUMERIC);
813
814 $counter = 0;
815 foreach ($pos as $auth_mode => $dummy) {
816 $position[$counter++] = $auth_mode;
817 }
818 $det->setAuthModeSequence($position ? $position : array());
819 $det->save();
820
821 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
822 ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
823
824 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
825 $this->authSettingsObject();
826 }
827
834 public function executeCommand()
835 {
836 global $DIC;
837
838 $ilAccess = $DIC['ilAccess'];
839 $ilErr = $DIC['ilErr'];
840
841 $next_class = $this->ctrl->getNextClass($this);
842 $cmd = $this->ctrl->getCmd();
843 $this->prepareOutput();
844
845
846 if (!$ilAccess->checkAccess('read', '', $this->object->getRefId())) {
847 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
848 }
849
850 switch ($next_class) {
851 case 'ilopenidconnectsettingsgui':
852
853 $this->tabs_gui->activateTab('auth_oidconnect');
854
855 $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
856 $this->ctrl->forwardCommand($oid);
857 break;
858
859 case 'ilsamlsettingsgui':
860 $this->tabs_gui->setTabActive('auth_saml');
861
862 require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
863 $os = new ilSamlSettingsGUI($this->object->getRefId());
864 $this->ctrl->forwardCommand($os);
865 break;
866
867 case 'ilregistrationsettingsgui':
868
869 include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
870
871 // Enable tabs
872 $this->tabs_gui->setTabActive('registration_settings');
873 $registration_gui = new ilRegistrationSettingsGUI();
874 $this->ctrl->forwardCommand($registration_gui);
875 break;
876
877 case 'ilpermissiongui':
878
879 // Enable tabs
880 $this->tabs_gui->setTabActive('perm_settings');
881
882 include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
883 $perm_gui = new ilPermissionGUI($this);
884 $ret =&$this->ctrl->forwardCommand($perm_gui);
885 break;
886
887 case 'illdapsettingsgui':
888
889 // Enable Tabs
890 $this->tabs_gui->setTabActive('auth_ldap');
891
892 include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
893 $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
894 $this->ctrl->forwardCommand($ldap_settings_gui);
895 break;
896
897 case 'ilauthshibbolethsettingsgui':
898
899 $this->tabs_gui->setTabActive('auth_shib');
900 include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
901 $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
902 $this->ctrl->forwardCommand($shib_settings_gui);
903 break;
904
905 case 'ilcassettingsgui':
906
907 $this->tabs_gui->setTabActive('auth_cas');
908 include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
909 $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
910 $this->ctrl->forwardCommand($cas_settings);
911 break;
912
913 case 'ilradiussettingsgui':
914
915 $this->tabs_gui->setTabActive('auth_radius');
916 include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
917 $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
918 $this->ctrl->forwardCommand($radius_settings_gui);
919 break;
920
921
922 case 'ilauthloginpageeditorgui':
923
924 $this->setSubTabs("authSettings");
925 $this->tabs_gui->setTabActive('authentication_settings');
926 $this->tabs_gui->setSubTabActive("auth_login_editor");
927
928 include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
929 $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
930 $this->ctrl->forwardCommand($lpe);
931 break;
932
933 default:
934 if (!$cmd) {
935 $cmd = "authSettings";
936 }
937 $cmd .= "Object";
938 $this->$cmd();
939
940 break;
941 }
942 return true;
943 }
944
945 public function getAdminTabs()
946 {
947 $this->getTabs();
948 }
949
955 public function getTabs()
956 {
957 global $DIC;
958
959 $rbacsystem = $DIC['rbacsystem'];
960
961 $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
962
963 if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
964 $this->tabs_gui->addTarget(
965 "authentication_settings",
966 $this->ctrl->getLinkTarget($this, "authSettings"),
967 "",
968 "",
969 ""
970 );
971
972 $this->tabs_gui->addTarget(
973 'registration_settings',
974 $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
975 );
976
977 $this->tabs_gui->addTarget(
978 "auth_ldap",
979 $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
980 "",
981 "",
982 ""
983 );
984
985
986 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
987 # "", "", "");
988
989 $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
990
991 $this->tabs_gui->addTarget(
992 'auth_cas',
993 $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
994 );
995
996 $this->tabs_gui->addTarget(
997 "auth_radius",
998 $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
999 "",
1000 "",
1001 ""
1002 );
1003
1004 $this->tabs_gui->addTarget(
1005 "auth_soap",
1006 $this->ctrl->getLinkTarget($this, "editSOAP"),
1007 "",
1008 "",
1009 ""
1010 );
1011
1012 $this->tabs_gui->addTarget(
1013 "apache_auth_settings",
1014 $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1015 "",
1016 "",
1017 ""
1018 );
1019
1020 require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1021 $this->tabs_gui->addTarget(
1022 'auth_saml',
1023 $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1024 '',
1025 '',
1026 ''
1027 );
1028
1029 $this->tabs_gui->addTab(
1030 'auth_oidconnect',
1031 $this->lng->txt('auth_oidconnect'),
1032 $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1033 );
1034 }
1035
1036 if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1037 $this->tabs_gui->addTarget(
1038 "perm_settings",
1039 $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1040 array("perm","info","owner"),
1041 'ilpermissiongui'
1042 );
1043 }
1044 }
1045
1049 public function setSubTabs($a_tab)
1050 {
1051 global $DIC;
1052
1053 $rbacsystem = $DIC['rbacsystem'];
1054 $ilUser = $DIC['ilUser'];
1055 $ilAccess = $DIC['ilAccess'];
1056
1057 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1058
1059 switch ($a_tab) {
1060 case 'authSettings':
1061 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1062 $this->tabs_gui->addSubTabTarget(
1063 "auth_settings",
1064 $this->ctrl->getLinkTarget($this, 'authSettings'),
1065 ""
1066 );
1067 }
1068 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1069 $this->tabs_gui->addSubTabTarget(
1070 'auth_login_editor',
1071 $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1072 ''
1073 );
1074 }
1075 break;
1076 }
1077 }
1078
1079
1080 public function apacheAuthSettingsObject($form = false)
1081 {
1082 global $DIC;
1083
1084 $tpl = $DIC['tpl'];
1085
1086 $this->tabs_gui->setTabActive("apache_auth_settings");
1087
1088 if (!$form) {
1089 $form = $this->getApacheAuthSettingsForm();
1090
1091 $settings = new ilSetting('apache_auth');
1092 $settingsMap = $settings->getAll();
1093
1094 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1095 if (file_exists($path) && is_readable($path)) {
1096 $settingsMap['apache_auth_domains'] = file_get_contents($path);
1097 }
1098
1099 $form->setValuesByArray($settingsMap);
1100 }
1101 $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1102 }
1103
1104 public function saveApacheSettingsObject()
1105 {
1106 global $DIC;
1107
1108 $ilCtrl = $DIC['ilCtrl'];
1109 $form = $this->getApacheAuthSettingsForm();
1110 $form->setValuesByPost();
1111 /*$items = $form->getItems();
1112 foreach($items as $item)
1113 $item->validate();*/
1114 if ($form->checkInput()) {
1115 $settings = new ilSetting('apache_auth');
1116 $fields = array(
1117 'apache_auth_indicator_name', 'apache_auth_indicator_value',
1118 'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1119 'apache_enable_ldap', 'apache_auth_username_config_type',
1120 'apache_auth_username_direct_mapping_fieldname',
1121 'apache_default_role', 'apache_auth_target_override_login_page',
1122 'apache_auth_enable_override_login_page',
1123 'apache_auth_authenticate_on_login_page',
1124 'apache_ldap_sid'
1125// 'apache_auth_username_by_function_functionname',
1126 );
1127
1128 foreach ($fields as $field) {
1129 $settings->set($field, $form->getInput($field));
1130 }
1131
1132 if ($form->getInput('apache_enable_auth')) {
1133 $this->ilias->setSetting('apache_active', true);
1134 } else {
1135 $this->ilias->setSetting('apache_active', false);
1136 global $DIC;
1137
1138 $ilSetting = $DIC['ilSetting'];
1139 if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1140 $ilSetting->set("auth_mode", AUTH_LOCAL);
1141 }
1142 }
1143
1144 $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1145 file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1146
1147 ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1148 $this->ctrl->redirect($this, 'apacheAuthSettings');
1149 } else {
1150 $this->apacheAuthSettingsObject($form);
1151 }
1152 }
1153
1154 public function getApacheAuthSettingsForm()
1155 {
1156 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1157
1158 $form = new ilPropertyFormGUI();
1159 $form->setFormAction($this->ctrl->getFormAction($this));
1160 $form->setTitle($this->lng->txt('apache_settings'));
1161
1162 $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1163 $form->addItem($chb_enabled);
1164
1165 $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1166 $chb_enabled->addSubitem($chb_local_create_account);
1167
1168 global $DIC;
1169
1170 $rbacreview = $DIC['rbacreview'];
1171 $roles = $rbacreview->getGlobalRolesArray();
1172 $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1173 $roleOptions = array();
1174 foreach ($roles as $role) {
1175 $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1176 }
1177 $select->setOptions($roleOptions);
1178 $select->setValue(4);
1179
1180 $chb_local_create_account->addSubitem($select);
1181
1182 $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1183 $form->addItem($chb_local);
1184
1185 $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1186 $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1187
1188 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1189 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1190 $servers = ilLDAPServer::getServerIds();
1191 if (count($servers)) {
1192 $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1193 $options[0] = $this->lng->txt('select_one');
1194 foreach ($servers as $server_id) {
1195 $ldap_server = new ilLDAPServer($server_id);
1196 $options[$server_id] = $ldap_server->getName();
1197 }
1198 $ldap_server_select->setOptions($options);
1199 $ldap_server_select->setRequired(true);
1200
1201 $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1202 $ldap_server_select->setValue($ds);
1203
1204 $chb_ldap->addSubItem($ldap_server_select);
1205 }
1206 $form->addItem($chb_ldap);
1207
1208 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1209 $txt->setRequired(true);
1210 $form->addItem($txt);
1211
1212 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1213 $txt->setRequired(true);
1214 $form->addItem($txt);
1215
1216
1217 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1218 $form->addItem($chb);
1219
1220 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1221 $txt->setRequired(true);
1222 $chb->addSubItem($txt);
1223
1224 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1225 $form->addItem($chb);
1226
1227 $sec = new ilFormSectionHeaderGUI();
1228 $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1229 $form->addItem($sec);
1230
1231 $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1232 $form->addItem($rag);
1233
1234 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1235 $rag->addOption($rao);
1236
1237 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1238 //$txt->setRequired(true);
1239 $rao->addSubItem($txt);
1240
1241 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1242 $rao->setDisabled(true);
1243 $rag->addOption($rao);
1244
1245 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1246 $rag->addOption($rao);
1247
1248 /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1249 $rao->addSubItem($txt);*/
1250
1251 $sec = new ilFormSectionHeaderGUI();
1252 $sec->setTitle($this->lng->txt('apache_auth_security'));
1253 $form->addItem($sec);
1254
1255 $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1256 $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1257
1258 $form->addItem($txt);
1259
1260 $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1261 $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1262
1263 return $form;
1264 }
1265
1266 private function validateApacheAuthAllowedDomains($text)
1267 {
1268 return join("\n", preg_split("/[\r\n]+/", $text));
1269 }
1270
1271 public function registrationSettingsObject()
1272 {
1273 $registration_gui = new ilRegistrationSettingsGUI();
1274 $this->ctrl->redirect($registration_gui);
1275 }
1276
1281 public function addToExternalSettingsForm($a_form_id)
1282 {
1283 switch ($a_form_id) {
1284 case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1285 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1286 $fields_login = array(
1287 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1288 );
1289
1290 $fields_registration = array(
1291 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1292 );
1293
1294
1295 return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1296 }
1297 }
1298} // END class.ilObjAuthSettingsGUI
$path
$path
Definition: aliased.php:25
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:16
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:14
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:322
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:811
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:388
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:256
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:32
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:324
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:385
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:226
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:17
ilObjAuthSettingsGUI\getAdminTabs
getAdminTabs()
administration tabs show only permissions and trash folder
Definition: class.ilObjAuthSettingsGUI.php:945
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
Definition: class.ilObjAuthSettingsGUI.php:22
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
Definition: class.ilObjAuthSettingsGUI.php:618
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:804
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:215
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:649
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:334
ilObjAuthSettingsGUI\cancelObject
cancelObject()
cancel action and go back to previous page @access public
Definition: class.ilObjAuthSettingsGUI.php:248
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:47
ilObjAuthSettingsGUI\viewObject
viewObject()
list childs of current object
Definition: class.ilObjAuthSettingsGUI.php:36
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:708
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
Definition: class.ilObjAuthSettingsGUI.php:530
ilObjAuthSettingsGUI\getTabs
getTabs()
get tabs @access public
Definition: class.ilObjAuthSettingsGUI.php:955
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:573
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:349
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:590
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3968
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:14
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:296
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1459
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilOpenIdConnectSettingsGUI
Class ilOpenIdConnectSettingsGUI.
Definition: class.ilOpenIdConnectSettingsGUI.php:12
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:20
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:34
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:32
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:37
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
Definition: class.ilSOAPAuth.php:45
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId($a_idp_id)
Definition: class.ilSamlIdp.php:102
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:243
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml($a_auth_mode)
Definition: class.ilSamlIdp.php:228
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:12
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:18
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:33
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:35
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3318
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
$name
$name
Definition: client_example.php:35
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
$txt
$txt
Definition: error.php:11
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
ilias
redirection script todo: (a better solution should control the processing via a xml file)
$header
$header
Definition: no_cookie.tpl.php:6
$ret
$ret
Definition: parser.php:6
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$idp
$idp
Definition: prp.php:13
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
$server
$server
Definition: sabredav.php:48
$DIC
global $DIC
Definition: saml.php:7
$https
$https
Definition: imgupload.php:19
$ilUser
$ilUser
Definition: imgupload.php:18
$text
$text
Definition: errorreport.php:18