ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
16 class ilObjAuthSettingsGUI extends ilObjectGUI
17 {
22  public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
23  {
24  $this->type = "auth";
25  parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
26 
27  $this->lng->loadLanguageModule('registration');
28  $this->lng->loadLanguageModule('auth');
29 
30  define('LDAP_DEFAULT_PORT', 389);
31  define('RADIUS_DEFAULT_PORT', 1812);
32  }
33 
34 
35 
36  public function viewObject()
37  {
38  return $this->authSettingsObject();
39  }
40 
41 
47  public function authSettingsObject()
48  {
49  global $DIC;
50 
51  $rbacsystem = $DIC['rbacsystem'];
52  $ilSetting = $DIC['ilSetting'];
53 
54  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
55  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
56  }
57 
58  $this->tabs_gui->setTabActive('authentication_settings');
59  $this->setSubTabs('authSettings');
60  $this->tabs_gui->setSubTabActive("auth_settings");
61 
62  $this->tpl->addBlockFile(
63  "ADM_CONTENT",
64  "adm_content",
65  "tpl.auth_general.html",
66  "Services/Authentication"
67  );
68 
69  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
70  $this->tpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
71 
72  $this->tpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
73  $this->tpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
74  $this->tpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
75  $this->tpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
76 
77  $this->tpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
78  $this->tpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
79  $this->tpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
80 
81  $this->tpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
82 
83  $this->tpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
84  $this->tpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
85 
86  $this->tpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
87 
88  $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
89  $auth_modes = ilAuthUtils::_getAllAuthModes();
90  $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE);
91  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
92  // icon handlers
93  $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
94  $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
95 
96 
97  foreach ($auth_modes as $mode => $mode_name) {
98  if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
99  continue;
100  }
101 
102  $this->tpl->setCurrentBlock('auth_mode');
103 
104  if (ilLDAPServer::isAuthModeLDAP($mode)) {
105  $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
106  $this->tpl->setVariable("AUTH_NAME", $server->getName());
107  $this->tpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
108  } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
109  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
110  $this->tpl->setVariable('AUTH_NAME', $idp->getEntityId());
111  $this->tpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
112  } else {
113  $this->tpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
114  $this->tpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
115  }
116 
117  if ($ilSetting->get('auth_mode') == $mode) {
118  $this->tpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
119 
120  $this->tpl->setVariable(
121  "AUTH_USER_NUM",
122  ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
123  ": " . $auth_cnt["default"] . ")"
124  );
125  } else {
126  $this->tpl->setVariable(
127  "AUTH_USER_NUM",
128  (int) $auth_cnt[$mode_name]
129  );
130  }
131  $this->tpl->setVariable("AUTH_ID", $mode_name);
132  $this->tpl->setVariable("AUTH_VAL", $mode);
133  $this->tpl->parseCurrentBlock();
134  }
135 
136  $this->tpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
137  $this->tpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
138  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
139  $this->tpl->setVariable("CMD_SUBMIT", "setAuthMode");
140 
141  // auth mode determinitation
142  if ($this->initAuthModeDetermination()) {
143  $this->tpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
144  }
145 
146  // roles table
147  $this->tpl->setVariable(
148  "FORMACTION_ROLES",
149  $this->ctrl->getFormAction($this)
150  );
151  $this->tpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
152  $this->tpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
153  $this->tpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
154  $this->tpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
155 
156  include_once("./Services/AccessControl/classes/class.ilObjRole.php");
157  $reg_roles = ilObjRole::_lookupRegisterAllowed();
158 
159  // auth mode selection
160  include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
161  $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
162 
163  foreach ($reg_roles as $role) {
164  foreach ($active_auth_modes as $auth_name => $auth_key) {
165  // do not list auth modes with external login screen
166  // even not default, because it can easily be set to
167  // a non-working auth mode
168  if ($auth_name == "default" || $auth_name == "cas"
169  || $auth_name == 'saml'
170  || $auth_name == "shibboleth" || $auth_name == 'ldap'
171  || $auth_name == 'apache' || $auth_name == "ecs"
172  || $auth_name == "openid") {
173  continue;
174  }
175 
176  $this->tpl->setCurrentBlock("auth_mode_selection");
177 
178  if ($auth_name == 'default') {
179  $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
180  } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
181  $server = ilLDAPServer::getInstanceByServerId($id);
182  $name = $server->getName();
183  } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
184  $idp = ilSamlIdp::getInstanceByIdpId($id);
185  $name = $idp->getEntityId();
186  } else {
187  $name = $this->lng->txt('auth_' . $auth_name);
188  }
189 
190  $this->tpl->setVariable("AUTH_MODE_NAME", $name);
191 
192  $this->tpl->setVariable("AUTH_MODE", $auth_name);
193 
194  if ($role['auth_mode'] == $auth_name) {
195  $this->tpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
196  }
197 
198  $this->tpl->parseCurrentBlock();
199  } // END auth_mode selection
200 
201  $this->tpl->setCurrentBlock("roles");
202  $this->tpl->setVariable("ROLE", $role['title']);
203  $this->tpl->setVariable("ROLE_ID", $role['id']);
204  $this->tpl->parseCurrentBlock();
205  }
206  }
207 
208 
215  public function loginInfoObject()
216  {
217  global $DIC;
218 
219  $rbacsystem = $DIC['rbacsystem'];
220  $lng = $DIC['lng'];
221  $ilSetting = $DIC['ilSetting'];
222 
223  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
224  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
225  }
226 
227  $this->tabs_gui->setTabActive("authentication_settings");
228  $this->setSubTabs("authSettings");
229  $this->tabs_gui->setSubTabActive("auth_login_editor");
230 
231  $lng->loadLanguageModule("meta");
232 
233  $this->tpl->addBlockFile(
234  "ADM_CONTENT",
235  "adm_content",
236  "tpl.auth_login_messages.html",
237  "Services/Authentication"
238  );
239  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
240  $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
241  $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
242  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
243  $this->initLoginForm();
244  $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
245  }
246 
247 
248  public function cancelObject()
249  {
250  $this->ctrl->redirect($this, "authSettings");
251  }
252 
253  public function setAuthModeObject()
254  {
255  global $DIC;
256 
257  $rbacsystem = $DIC['rbacsystem'];
258  $ilSetting = $DIC['ilSetting'];
259 
260  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
261  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
262  }
263 
264  if (empty($_POST["auth_mode"])) {
265  $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
266  }
267 
268  $current_auth_mode = $ilSetting->get('auth_mode','');
269  if ($_POST["auth_mode"] == $current_auth_mode) {
270  ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
271  $this->ctrl->redirect($this, 'authSettings');
272  }
273 
274  switch ($_POST["auth_mode"]) {
275  case AUTH_SAML:
276  break;
277 
278  case AUTH_LDAP:
279 
280  /*
281  if ($this->object->checkAuthLDAP() !== true)
282  {
283  ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
284  ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
285  }
286  */
287  break;
288 
289  // @fix changed from AUTH_SHIB > is not defined
290  case AUTH_SHIBBOLETH:
291  if ($this->object->checkAuthSHIB() !== true) {
292  ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
293  ilUtil::redirect(
294  $this->getReturnLocation(
295  'authSettings',
296  $this->ctrl->getLinkTargetByClass(
297  ilAuthShibbolethSettingsGUI::class,
298  'settings',
299  '',
300  false,
301  false
302  )
303  )
304  );
305  }
306  break;
307 
308  case AUTH_RADIUS:
309  if ($this->object->checkAuthRADIUS() !== true) {
310  ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
311  $this->ctrl->redirect($this, 'editRADIUS');
312  }
313  break;
314 
315  case AUTH_SCRIPT:
316  if ($this->object->checkAuthScript() !== true) {
317  ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
318  ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
319  }
320  break;
321  }
322 
323  $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
324 
325  ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
326  $this->ctrl->redirect($this, 'authSettings');
327  }
328 
334  public function editSOAPObject()
335  {
336  global $DIC;
337 
338  $rbacsystem = $DIC['rbacsystem'];
339  $rbacreview = $DIC['rbacreview'];
340  $ilSetting = $DIC['ilSetting'];
341  $ilCtrl = $DIC['ilCtrl'];
342  $lng = $DIC['lng'];
343 
344  if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
345  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
346  }
347 
348  $this->tabs_gui->setTabActive('auth_soap');
349 
350  //set Template
351  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
352 
353  // compose role list
354  $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
355  $roles = array();
356 
357  foreach ($role_list as $role) {
358  $roles[$role['obj_id']] = $role['title'];
359  }
360 
361  //set property form gui
362  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
363 
364  $soap_config = new ilPropertyFormGUI();
365  $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
366  $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
367  $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
368  $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
369  $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
370 
371  //set activ
372  $active = new ilCheckboxInputGUI();
373  $active->setTitle($this->lng->txt("active"));
374  $active->setPostVar("soap[active]");
375 
376  //set server
377  $server = new ilTextInputGUI();
378  $server->setTitle($this->lng->txt("server"));
379  $server->setInfo($this->lng->txt("auth_soap_server_desc"));
380  $server->setPostVar("soap[server]");
381  $server->setSize(50);
382  $server->setMaxLength(256);
383  $server->setRequired(true);
384 
385  //set port
386  $port = new ilTextInputGUI();
387  $port->setTitle($this->lng->txt("port"));
388  $port->setInfo($this->lng->txt("auth_soap_port_desc"));
389  $port->setPostVar("soap[port]");
390  $port->setSize(7);
391  $port->setMaxLength(5);
392 
393  //set https
394  $https = new ilCheckboxInputGUI();
395  $https->setTitle($this->lng->txt("auth_soap_use_https"));
396  $https->setPostVar("soap[use_https]");
397 
398  //set uri
399  $uri = new ilTextInputGUI();
400  $uri->setTitle($this->lng->txt("uri"));
401  $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
402  $uri->setPostVar("soap[uri]");
403  $uri->setSize(50);
404  $uri->setMaxLength(256);
405 
406  //set namespace
407  $namespace = new ilTextInputGUI();
408  $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
409  $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
410  $namespace->setPostVar("soap[namespace]");
411  $namespace->setSize(50);
412  $namespace->setMaxLength(256);
413 
414  //set dotnet
415  $dotnet = new ilCheckboxInputGUI();
416  $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
417  $dotnet->setPostVar("soap[use_dotnet]");
418 
419  //set create users
420  $createuser = new ilCheckboxInputGUI();
421  $createuser->setTitle($this->lng->txt("auth_create_users"));
422  $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
423  $createuser->setPostVar("soap[create_users]");
424 
425  //set account mail
426  $sendmail = new ilCheckboxInputGUI();
427  $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
428  $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
429  $sendmail->setPostVar("soap[account_mail]");
430 
431  //set user default role
432  $defaultrole = new ilSelectInputGUI();
433  $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
434  $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
435  $defaultrole->setPostVar("soap[user_default_role]");
436  $defaultrole->setOptions($roles);
437 
438  //set allow local authentication
439  $allowlocal = new ilCheckboxInputGUI();
440  $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
441  $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
442  $allowlocal->setPostVar("soap[allow_local]");
443 
444  // get all settings
445  $settings = $ilSetting->getAll();
446 
447  // get values in error case
448  if ($_SESSION["error_post_vars"]) {
449  $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
450  $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
451  $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
452  $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
453  $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
454  $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
455  $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
456  $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
457  $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
458  $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
459  $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
460  } else {
461  $active ->setChecked($settings["soap_auth_active"]);
462  $server ->setValue($settings["soap_auth_server"]);
463  $port ->setValue($settings["soap_auth_port"]);
464  $https ->setChecked($settings["soap_auth_use_https"]);
465  $uri ->setValue($settings["soap_auth_uri"]);
466  $namespace ->setValue($settings["soap_auth_namespace"]);
467  $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
468  $createuser ->setChecked($settings["soap_auth_create_users"]);
469  $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
470  $defaultrole->setValue($settings["soap_auth_user_default_role"]);
471  $sendmail ->setChecked($settings["soap_auth_account_mail"]);
472  }
473 
474  if (!$defaultrole->getValue()) {
475  $defaultrole->setValue(4);
476  }
477 
478  //add Items to property gui
479  $soap_config->addItem($active);
480  $soap_config->addItem($server);
481  $soap_config->addItem($port);
482  $soap_config->addItem($https);
483  $soap_config->addItem($uri);
484  $soap_config->addItem($namespace);
485  $soap_config->addItem($dotnet);
486  $soap_config->addItem($createuser);
487  $soap_config->addItem($sendmail);
488  $soap_config->addItem($defaultrole);
489  $soap_config->addItem($allowlocal);
490 
491  $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
492 
493  // test form
494  $form = new ilPropertyFormGUI();
495  $form->setFormAction($ilCtrl->getFormAction($this));
496  $form->setTitle("Test Request");
497  $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
498  $form->addItem($text_prop);
499  $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
500  $form->addItem($text_prop2);
501  $cb = new ilCheckboxInputGUI("new_user", "new_user");
502  $form->addItem($cb);
503 
504  $form->addCommandButton(
505  "testSoapAuthConnection",
506  "Send"
507  );
508 
509  if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
510  include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
511  $ret = "<br />" . ilSOAPAuth::testConnection(
512  ilUtil::stripSlashes($_POST["ext_uid"]),
513  ilUtil::stripSlashes($_POST["soap_pw"]),
514  (boolean) $_POST["new_user"]
515  );
516  }
517  $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
518  }
519 
520  public function testSoapAuthConnectionObject()
521  {
522  $this->editSOAPObject();
523  }
524 
530  public function saveSOAPObject()
531  {
532  global $DIC;
533 
534  $ilUser = $DIC['ilUser'];
535  $ilSetting = $DIC['ilSetting'];
536  $rbacsystem = $DIC['rbacsystem'];
537 
538  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
539  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
540  }
541 
542  // validate required data
543  if (!$_POST["soap"]["server"]) {
544  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
545  }
546 
547  // validate port
548  if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
549  $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
550  }
551 
552  $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
553  $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
554  $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
555  $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
556  $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
557  $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
558  $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
559  $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
560  $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
561  $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
562  $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
563  ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
564 
565  $this->ctrl->redirect($this, 'editSOAP');
566  }
567 
573  public function editScriptObject()
574  {
575  global $DIC;
576 
577  $rbacsystem = $DIC['rbacsystem'];
578 
579  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
580  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
581  }
582 
583  if ($_SESSION["error_post_vars"]) {
584  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
585  } else {
586  // set already saved data
587  $settings = $this->ilias->getAllSettings();
588 
589  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
590  }
591 
592  $this->tabs_gui->setTabActive('auth_script');
593 
594  $this->tpl->addBlockFile(
595  "ADM_CONTENT",
596  "adm_content",
597  "tpl.auth_script.html",
598  "Services/Authentication"
599  );
600 
601  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
602  $this->tpl->setVariable("COLSPAN", 3);
603  $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
604  $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
605  $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
606 
607  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
608  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
609  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
610  $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
611  }
612 
618  public function saveScriptObject()
619  {
620  // validate required data
621  if (!$_POST["auth_script"]["name"]) {
622  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
623  }
624 
625  // validate script url
626  /*
627  if (( TODO ,$_POST["ldap"]["server"])) == false)
628  {
629  $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
630  }*/
631 
632  // TODO: check connection to server
633 
634  // all ok. save settings and activate auth by external script
635  $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
636  $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
637 
638  ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
639  $this->ctrl->redirect($this, 'editScript');
640  }
641 
642 
649  public function getAuthModeTitle()
650  {
651  switch ($this->ilias->getSetting("auth_mode")) {
652  case AUTH_LOCAL:
653  return $this->lng->txt("auth_local");
654  break;
655 
656  case AUTH_LDAP:
657  return $this->lng->txt("auth_ldap");
658  break;
659 
660  case AUTH_SHIBBOLETH:
661  return $this->lng->txt("auth_shib");
662  break;
663 
664  case AUTH_SAML:
665  return $this->lng->txt("auth_saml");
666  break;
667 
668  case AUTH_RADIUS:
669  return $this->lng->txt("auth_radius");
670  break;
671 
672  case AUTH_SCRIPT:
673  return $this->lng->txt("auth_script");
674  break;
675 
676  case AUTH_APACHE:
677  return $this->lng->txt("auth_apache");
678  break;
679 
680  default:
681  return $this->lng->txt("unknown");
682  break;
683  }
684  }
685 
686  public function updateAuthRolesObject()
687  {
688  global $DIC;
689 
690  $rbacsystem = $DIC['rbacsystem'];
691 
692  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
693  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
694  }
695 
696  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
697  ilObjRole::_updateAuthMode($_POST['Fobject']);
698 
699  ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
700  $this->ctrl->redirect($this, 'authSettings');
701  }
702 
708  protected function initAuthModeDetermination()
709  {
710  if (is_object($this->form)) {
711  return true;
712  }
713 
714  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
715  $this->form = new ilPropertyFormGUI();
716  $this->form->setFormAction($this->ctrl->getFormAction($this));
717  $this->form->setTableWidth('100%');
718  $this->form->setTitle($this->lng->txt('auth_auth_settings'));
719  $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
720 
721  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
722  $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
723  $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
724  $cap->setValue(1);
725  if (!ilCaptchaUtil::checkFreetype()) {
726  $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
727  }
728  $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
729  $this->form->addItem($cap);
730 
731  // Are there any authentication methods that support automatic determination ?
732  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
733  $det = ilAuthModeDetermination::_getInstance();
734  if ($det->getCountActiveAuthModes() <= 1) {
735  return true;
736  }
737 
738  $header = new ilFormSectionHeaderGUI();
739  $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
740  $this->form->addItem($header);
741 
742  $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
743  $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
744  $kind->setValue($det->getKind());
745  $kind->setRequired(true);
746 
747  $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
748  $kind->addOption($option_user);
749 
750  $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
751 
752  include_once('Services/Authentication/classes/class.ilAuthUtils.php');
753 
754  $auth_sequenced = $det->getAuthModeSequence();
755  $counter = 1;
756  foreach ($auth_sequenced as $auth_mode) {
757  switch ($auth_mode) {
758  // begin-patch ldap_multiple
759  case ilLDAPServer::isAuthModeLDAP($auth_mode):
760  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
761  $server = ilLDAPServer::getInstanceByServerId($auth_id);
762  $text = $server->getName();
763  // end-patch ldap_multiple
764  break;
765  case AUTH_RADIUS:
766  $text = $this->lng->txt('auth_radius');
767  break;
768  case AUTH_LOCAL:
769  $text = $this->lng->txt('auth_local');
770  break;
771  case AUTH_SOAP:
772  $text = $this->lng->txt('auth_soap');
773  break;
774  case AUTH_APACHE:
775  $text = $this->lng->txt('auth_apache');
776  break;
777  // begin-patch auth_plugin
778  default:
779  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
780  $option = $pl->getMultipleAuthModeOptions($auth_mode);
781  $text = $option[$auth_mode]['txt'];
782  }
783  break;
784  // end-patch auth_plugin
785  }
786 
787  $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
788  $pos->setValue($counter++);
789  $pos->setSize(1);
790  $pos->setMaxLength(1);
791  $option_determination->addSubItem($pos);
792  }
793  $kind->addOption($option_determination);
794  $this->form->addItem($kind);
795  return true;
796  }
797 
804  public function updateAuthModeDeterminationObject()
805  {
806  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
807  $det = ilAuthModeDetermination::_getInstance();
808 
809  $det->setKind((int) $_POST['kind']);
810 
811  $pos = $_POST['position'] ? $_POST['position'] : array();
812  asort($pos, SORT_NUMERIC);
813 
814  $counter = 0;
815  foreach ($pos as $auth_mode => $dummy) {
816  $position[$counter++] = $auth_mode;
817  }
818  $det->setAuthModeSequence($position ? $position : array());
819  $det->save();
820 
821  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
822  ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
823 
824  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
825  $this->authSettingsObject();
826  }
827 
834  public function executeCommand()
835  {
836  global $DIC;
837 
838  $ilAccess = $DIC['ilAccess'];
839  $ilErr = $DIC['ilErr'];
840 
841  $next_class = $this->ctrl->getNextClass($this);
842  $cmd = $this->ctrl->getCmd();
843  $this->prepareOutput();
844 
845 
846  if (!$ilAccess->checkAccess('read', '', $this->object->getRefId())) {
847  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
848  }
849 
850  switch ($next_class) {
851  case 'ilopenidconnectsettingsgui':
852 
853  $this->tabs_gui->activateTab('auth_oidconnect');
854 
855  $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
856  $this->ctrl->forwardCommand($oid);
857  break;
858 
859  case 'ilsamlsettingsgui':
860  $this->tabs_gui->setTabActive('auth_saml');
861 
862  require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
863  $os = new ilSamlSettingsGUI($this->object->getRefId());
864  $this->ctrl->forwardCommand($os);
865  break;
866 
867  case 'ilregistrationsettingsgui':
868 
869  include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
870 
871  // Enable tabs
872  $this->tabs_gui->setTabActive('registration_settings');
873  $registration_gui = new ilRegistrationSettingsGUI();
874  $this->ctrl->forwardCommand($registration_gui);
875  break;
876 
877  case 'ilpermissiongui':
878 
879  // Enable tabs
880  $this->tabs_gui->setTabActive('perm_settings');
881 
882  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
883  $perm_gui = new ilPermissionGUI($this);
884  $ret =&$this->ctrl->forwardCommand($perm_gui);
885  break;
886 
887  case 'illdapsettingsgui':
888 
889  // Enable Tabs
890  $this->tabs_gui->setTabActive('auth_ldap');
891 
892  include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
893  $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
894  $this->ctrl->forwardCommand($ldap_settings_gui);
895  break;
896 
897  case 'ilauthshibbolethsettingsgui':
898 
899  $this->tabs_gui->setTabActive('auth_shib');
900  include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
901  $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
902  $this->ctrl->forwardCommand($shib_settings_gui);
903  break;
904 
905  case 'ilcassettingsgui':
906 
907  $this->tabs_gui->setTabActive('auth_cas');
908  include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
909  $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
910  $this->ctrl->forwardCommand($cas_settings);
911  break;
912 
913  case 'ilradiussettingsgui':
914 
915  $this->tabs_gui->setTabActive('auth_radius');
916  include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
917  $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
918  $this->ctrl->forwardCommand($radius_settings_gui);
919  break;
920 
921 
922  case 'ilauthloginpageeditorgui':
923 
924  $this->setSubTabs("authSettings");
925  $this->tabs_gui->setTabActive('authentication_settings');
926  $this->tabs_gui->setSubTabActive("auth_login_editor");
927 
928  include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
929  $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
930  $this->ctrl->forwardCommand($lpe);
931  break;
932 
933  default:
934  if (!$cmd) {
935  $cmd = "authSettings";
936  }
937  $cmd .= "Object";
938  $this->$cmd();
939 
940  break;
941  }
942  return true;
943  }
944 
945  public function getAdminTabs()
946  {
947  $this->getTabs();
948  }
949 
955  public function getTabs()
956  {
957  global $DIC;
958 
959  $rbacsystem = $DIC['rbacsystem'];
960 
961  $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
962 
963  if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
964  $this->tabs_gui->addTarget(
965  "authentication_settings",
966  $this->ctrl->getLinkTarget($this, "authSettings"),
967  "",
968  "",
969  ""
970  );
971 
972  $this->tabs_gui->addTarget(
973  'registration_settings',
974  $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
975  );
976 
977  $this->tabs_gui->addTarget(
978  "auth_ldap",
979  $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
980  "",
981  "",
982  ""
983  );
984 
985 
986  #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
987  # "", "", "");
988 
989  $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
990 
991  $this->tabs_gui->addTarget(
992  'auth_cas',
993  $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
994  );
995 
996  $this->tabs_gui->addTarget(
997  "auth_radius",
998  $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
999  "",
1000  "",
1001  ""
1002  );
1003 
1004  $this->tabs_gui->addTarget(
1005  "auth_soap",
1006  $this->ctrl->getLinkTarget($this, "editSOAP"),
1007  "",
1008  "",
1009  ""
1010  );
1011 
1012  $this->tabs_gui->addTarget(
1013  "apache_auth_settings",
1014  $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1015  "",
1016  "",
1017  ""
1018  );
1019 
1020  require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1021  $this->tabs_gui->addTarget(
1022  'auth_saml',
1023  $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1024  '',
1025  '',
1026  ''
1027  );
1028 
1029  $this->tabs_gui->addTab(
1030  'auth_oidconnect',
1031  $this->lng->txt('auth_oidconnect'),
1032  $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1033  );
1034  }
1035 
1036  if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1037  $this->tabs_gui->addTarget(
1038  "perm_settings",
1039  $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1040  array("perm","info","owner"),
1041  'ilpermissiongui'
1042  );
1043  }
1044  }
1045 
1049  public function setSubTabs($a_tab)
1050  {
1051  global $DIC;
1052 
1053  $rbacsystem = $DIC['rbacsystem'];
1054  $ilUser = $DIC['ilUser'];
1055  $ilAccess = $DIC['ilAccess'];
1056 
1057  $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1058 
1059  switch ($a_tab) {
1060  case 'authSettings':
1061  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1062  $this->tabs_gui->addSubTabTarget(
1063  "auth_settings",
1064  $this->ctrl->getLinkTarget($this, 'authSettings'),
1065  ""
1066  );
1067  }
1068  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1069  $this->tabs_gui->addSubTabTarget(
1070  'auth_login_editor',
1071  $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1072  ''
1073  );
1074  }
1075  break;
1076  }
1077  }
1078 
1079 
1080  public function apacheAuthSettingsObject($form = false)
1081  {
1082  global $DIC;
1083 
1084  $tpl = $DIC['tpl'];
1085 
1086  $this->tabs_gui->setTabActive("apache_auth_settings");
1087 
1088  if (!$form) {
1089  $form = $this->getApacheAuthSettingsForm();
1090 
1091  $settings = new ilSetting('apache_auth');
1092  $settingsMap = $settings->getAll();
1093 
1094  $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1095  if (file_exists($path) && is_readable($path)) {
1096  $settingsMap['apache_auth_domains'] = file_get_contents($path);
1097  }
1098 
1099  $form->setValuesByArray($settingsMap);
1100  }
1101  $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1102  }
1103 
1104  public function saveApacheSettingsObject()
1105  {
1106  global $DIC;
1107 
1108  $ilCtrl = $DIC['ilCtrl'];
1109  $form = $this->getApacheAuthSettingsForm();
1110  $form->setValuesByPost();
1111  /*$items = $form->getItems();
1112  foreach($items as $item)
1113  $item->validate();*/
1114  if ($form->checkInput()) {
1115  $settings = new ilSetting('apache_auth');
1116  $fields = array(
1117  'apache_auth_indicator_name', 'apache_auth_indicator_value',
1118  'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1119  'apache_enable_ldap', 'apache_auth_username_config_type',
1120  'apache_auth_username_direct_mapping_fieldname',
1121  'apache_default_role', 'apache_auth_target_override_login_page',
1122  'apache_auth_enable_override_login_page',
1123  'apache_auth_authenticate_on_login_page',
1124  'apache_ldap_sid'
1125 // 'apache_auth_username_by_function_functionname',
1126  );
1127 
1128  foreach ($fields as $field) {
1129  $settings->set($field, $form->getInput($field));
1130  }
1131 
1132  if ($form->getInput('apache_enable_auth')) {
1133  $this->ilias->setSetting('apache_active', true);
1134  } else {
1135  $this->ilias->setSetting('apache_active', false);
1136  global $DIC;
1137 
1138  $ilSetting = $DIC['ilSetting'];
1139  if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1140  $ilSetting->set("auth_mode", AUTH_LOCAL);
1141  }
1142  }
1143 
1144  $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1145  file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1146 
1147  ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1148  $this->ctrl->redirect($this, 'apacheAuthSettings');
1149  } else {
1150  $this->apacheAuthSettingsObject($form);
1151  }
1152  }
1153 
1154  public function getApacheAuthSettingsForm()
1155  {
1156  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1157 
1158  $form = new ilPropertyFormGUI();
1159  $form->setFormAction($this->ctrl->getFormAction($this));
1160  $form->setTitle($this->lng->txt('apache_settings'));
1161 
1162  $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1163  $form->addItem($chb_enabled);
1164 
1165  $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1166  $chb_enabled->addSubitem($chb_local_create_account);
1167 
1168  global $DIC;
1169 
1170  $rbacreview = $DIC['rbacreview'];
1171  $roles = $rbacreview->getGlobalRolesArray();
1172  $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1173  $roleOptions = array();
1174  foreach ($roles as $role) {
1175  $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1176  }
1177  $select->setOptions($roleOptions);
1178  $select->setValue(4);
1179 
1180  $chb_local_create_account->addSubitem($select);
1181 
1182  $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1183  $form->addItem($chb_local);
1184 
1185  $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1186  $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1187 
1188  $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1189  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1190  $servers = ilLDAPServer::getServerIds();
1191  if (count($servers)) {
1192  $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1193  $options[0] = $this->lng->txt('select_one');
1194  foreach ($servers as $server_id) {
1195  $ldap_server = new ilLDAPServer($server_id);
1196  $options[$server_id] = $ldap_server->getName();
1197  }
1198  $ldap_server_select->setOptions($options);
1199  $ldap_server_select->setRequired(true);
1200 
1201  $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1202  $ldap_server_select->setValue($ds);
1203 
1204  $chb_ldap->addSubItem($ldap_server_select);
1205  }
1206  $form->addItem($chb_ldap);
1207 
1208  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1209  $txt->setRequired(true);
1210  $form->addItem($txt);
1211 
1212  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1213  $txt->setRequired(true);
1214  $form->addItem($txt);
1215 
1216 
1217  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1218  $form->addItem($chb);
1219 
1220  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1221  $txt->setRequired(true);
1222  $chb->addSubItem($txt);
1223 
1224  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1225  $form->addItem($chb);
1226 
1227  $sec = new ilFormSectionHeaderGUI();
1228  $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1229  $form->addItem($sec);
1230 
1231  $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1232  $form->addItem($rag);
1233 
1234  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1235  $rag->addOption($rao);
1236 
1237  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1238  //$txt->setRequired(true);
1239  $rao->addSubItem($txt);
1240 
1241  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1242  $rao->setDisabled(true);
1243  $rag->addOption($rao);
1244 
1245  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1246  $rag->addOption($rao);
1247 
1248  /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1249  $rao->addSubItem($txt);*/
1250 
1251  $sec = new ilFormSectionHeaderGUI();
1252  $sec->setTitle($this->lng->txt('apache_auth_security'));
1253  $form->addItem($sec);
1254 
1255  $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1256  $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1257 
1258  $form->addItem($txt);
1259 
1260  $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1261  $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1262 
1263  return $form;
1264  }
1265 
1266  private function validateApacheAuthAllowedDomains($text)
1267  {
1268  return join("\n", preg_split("/[\r\n]+/", $text));
1269  }
1270 
1271  public function registrationSettingsObject()
1272  {
1273  $registration_gui = new ilRegistrationSettingsGUI();
1274  $this->ctrl->redirect($registration_gui);
1275  }
1276 
1281  public function addToExternalSettingsForm($a_form_id)
1282  {
1283  switch ($a_form_id) {
1284  case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1285  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1286  $fields_login = array(
1287  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1288  );
1289 
1290  $fields_registration = array(
1291  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1292  );
1293 
1294 
1295  return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1296  }
1297  }
1298 } // END class.ilObjAuthSettingsGUI
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:243
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:15
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:573
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
$path
$path
Definition: aliased.php:25
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:385
ilOpenIdConnectSettingsGUI
Class ilOpenIdConnectSettingsGUI.
Definition: class.ilOpenIdConnectSettingsGUI.php:11
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:17
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:649
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:349
$DIC
global $DIC
Definition: saml.php:7
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:31
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:215
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:590
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId($a_idp_id)
Definition: class.ilSamlIdp.php:102
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
$header
$header
Definition: no_cookie.tpl.php:6
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:322
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
$server
$server
Definition: sabredav.php:48
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:256
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:811
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:708
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:334
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:296
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:618
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids ilDB $ilDB.
Definition: class.ilLDAPServer.php:226
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3968
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor public.
Definition: class.ilSOAPAuth.php:45
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:13
$text
$text
Definition: errorreport.php:18
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:36
$ilUser
$ilUser
Definition: imgupload.php:18
$https
$https
Definition: imgupload.php:19
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:324
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilSelectInputGUI\setOptions
setOptions($a_options)
Set Options.
Definition: class.ilSelectInputGUI.php:43
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
$txt
$txt
Definition: error.php:11
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:47
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:388
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml($a_auth_mode)
Definition: class.ilSamlIdp.php:228
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:11
$idp
$idp
Definition: prp.php:13
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:804
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:16
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
$ret
$ret
Definition: parser.php:6
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor public.
Definition: class.ilObjAuthSettingsGUI.php:22
$name
$name
Definition: client_example.php:35
ilRadioOption\setDisabled
setDisabled($a_disabled)
Definition: class.ilRadioOption.php:106
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:530
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:19
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3318
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1459
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9