ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions
ilCASAuth Class Reference

Class CASAuth. More...

+ Inheritance diagram for ilCASAuth:
+ Collaboration diagram for ilCASAuth:

Public Member Functions

 __construct ($a_params)
 Constructor @access public. More...
 
 checkCASAuth ()
 check cas autehntication More...
 
 forceCASAuth ()
 
 getCASUser ()
 
 login ()
 Checks if the current user is authenticated yet @access public. More...
 
 logout ()
 Register variable in a session telling that the user has logged in successfully. More...
 

Detailed Description

Class CASAuth.

CAS Authentication class.

Definition at line 37 of file class.ilCASAuth.php.

Constructor & Destructor Documentation

◆ __construct()

ilCASAuth::__construct (   $a_params)

Constructor @access public.

Definition at line 43 of file class.ilCASAuth.php.

44 {
45 if ($a_params["sessionName"] != "") {
46 parent::__construct("", array("sessionName" => $a_params["sessionName"]));
47 } else {
48 parent::__construct("");
49 }
50
51 include_once("./Services/CAS/lib/CAS.php");
52 $this->server_version = CAS_VERSION_2_0;
53 $this->server_hostname = $a_params["server_hostname"];
54 $this->server_port = (int) $a_params["server_port"];
55 $this->server_uri = $a_params["server_uri"];
56
57 //phpCAS::setDebug();
58 //echo "-".$_GET['ticket']."-"; exit;
59 phpCAS::client(
60 $this->server_version,
61 $this->server_hostname,
62 $this->server_port,
63 (string) $this->server_uri
64 );
65 }
phpCAS\client
static client( $server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true)
phpCAS client initializer.
Definition: CAS.php:345
CAS_VERSION_2_0
const CAS_VERSION_2_0
Definition: CAS.php:78

References CAS_VERSION_2_0, and phpCAS\client().

+ Here is the call graph for this function:

Member Function Documentation

◆ checkCASAuth()

ilCASAuth::checkCASAuth ( )

check cas autehntication

can be called before forceAuthentication, but forceAuthentication must be called afterwards

Definition at line 73 of file class.ilCASAuth.php.

74 {
75 global $PHPCAS_CLIENT;
76
77 return $PHPCAS_CLIENT->isAuthenticated();
78 }

◆ forceCASAuth()

ilCASAuth::forceCASAuth ( )

Definition at line 80 of file class.ilCASAuth.php.

81 {
82 phpCAS::forceAuthentication();
83 }
phpCAS\forceAuthentication
static forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:1118

References phpCAS\forceAuthentication().

+ Here is the call graph for this function:

◆ getCASUser()

ilCASAuth::getCASUser ( )

Definition at line 85 of file class.ilCASAuth.php.

86 {
87 return phpCAS::getUser();
88 }
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1199

References phpCAS\getUser().

+ Here is the call graph for this function:

◆ login()

ilCASAuth::login ( )

Checks if the current user is authenticated yet @access public.

Returns
boolean true if user is authenticated Set the maximum idle time
Parameters
integertime in seconds
booladd time to current maximum idle time or not
Returns
void @access public Set the maximum expire time
Parameters
integertime in seconds
booladd time to current expire time or not
Returns
void @access public Checks if there is a session with valid auth information.

@access private

Returns
boolean Whether or not the user is authenticated. Start new auth session

@access public

Returns
void Login function

@access private

Returns
void

Definition at line 214 of file class.ilCASAuth.php.

215 {
216 global $ilias, $rbacadmin, $ilSetting;
217
218 if (phpCAS::getUser() != "") {
219 $username = phpCAS::getUser();
220
221 // Authorize this user
222 include_once('./Services/User/classes/class.ilObjUser.php');
223 $local_user = ilObjUser::_checkExternalAuthAccount("cas", $username);
224
225 if ($local_user != "") {
226 $this->setAuth($local_user);
227 } else {
228 if (!$ilSetting->get("cas_create_users")) {
229 $this->status = AUTH_CAS_NO_ILIAS_USER;
230 $this->logout();
231 return;
232 }
233
234 $userObj = new ilObjUser();
235
236 $local_user = ilAuthUtils::_generateLogin($username);
237
238 $newUser["firstname"] = $local_user;
239 $newUser["lastname"] = "";
240
241 $newUser["login"] = $local_user;
242
243 // set "plain md5" password (= no valid password)
244 $newUser["passwd"] = "";
245 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
246
247 //$newUser["gender"] = "m";
248 $newUser["auth_mode"] = "cas";
249 $newUser["ext_account"] = $username;
250 $newUser["profile_incomplete"] = 1;
251
252 // system data
253 $userObj->assignData($newUser);
254 $userObj->setTitle($userObj->getFullname());
255 $userObj->setDescription($userObj->getEmail());
256
257 // set user language to system language
258 $userObj->setLanguage($ilSetting->get("language"));
259
260 // Time limit
261 $userObj->setTimeLimitOwner(7);
262 $userObj->setTimeLimitUnlimited(1);
263 $userObj->setTimeLimitFrom(time());
264 $userObj->setTimeLimitUntil(time());
265
266 // Create user in DB
267 $userObj->setOwner(0);
268 $userObj->create();
269 $userObj->setActive(1);
270
271 $userObj->updateOwner();
272
273 //insert user data in table user_data
274 $userObj->saveAsNew();
275
276 // setup user preferences
277 $userObj->writePrefs();
278
279 // to do: test this
280 $rbacadmin->assignUser($ilSetting->get('cas_user_default_role'), $userObj->getId(), true);
281
282 unset($userObj);
283
284 $this->setAuth($local_user);
285 }
286 } else {
287 // This should never occur unless CAS is not configured properly
288 $this->status = AUTH_WRONG_LOGIN;
289 }
290 }
AUTH_CAS_NO_ILIAS_USER
const AUTH_CAS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:47
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:438
ilCASAuth\logout
logout()
Register variable in a session telling that the user has logged in successfully.
Definition: class.ilCASAuth.php:334
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3909
$ilSetting
global $ilSetting
Definition: privfeed.php:17

References $ilSetting, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS_NO_ILIAS_USER, phpCAS\getUser(), IL_PASSWD_CRYPTED, and logout().

+ Here is the call graph for this function:

◆ logout()

ilCASAuth::logout ( )

Register variable in a session telling that the user has logged in successfully.

@access public

Parameters
stringUsername
Returns
void Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

@access public

Returns
void

Definition at line 334 of file class.ilCASAuth.php.

335 {
336 parent::logout();
337 //PHPCAS::logout(); // CAS logout should be provided separately
338 // maybe on ILISA login screen
339 }

Referenced by login().

+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: