ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilAuthProviderRadius.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 include_once './Services/Authentication/classes/Provider/class.ilAuthProvider.php';
6 include_once './Services/Authentication/interfaces/interface.ilAuthProviderInterface.php';
7 include_once './Services/Authentication/interfaces/interface.ilAuthProviderAccountMigrationInterface.php';
8 
15 class ilAuthProviderRadius extends ilAuthProvider implements ilAuthProviderInterface, ilAuthProviderAccountMigrationInterface
16 {
17  const CONNECT_TIMEOUT = 3;
18  const RETRIES = 1;
19 
23  private $settings = null;
24 
25  private $external_account = '';
26 
27 
28  public function __construct(\ilAuthCredentials $credentials)
29  {
30  parent::__construct($credentials);
31 
32  include_once './Services/Radius/classes/class.ilRadiusSettings.php';
33  $this->settings = ilRadiusSettings::_getInstance();
34  }
35 
36 
41  public function createNewAccount(\ilAuthStatus $status)
42  {
43  }
44 
49  public function doAuthentication(\ilAuthStatus $status)
50  {
51  $radius = radius_auth_open();
52 
53  foreach ($this->settings->getServers() as $server) {
54  $this->getLogger()->debug('Using: ' . $server . ':' . $this->settings->getPort());
55  radius_add_server(
56  $radius,
57  trim($server),
58  $this->settings->getPort(),
59  $this->settings->getSecret(),
60  self::CONNECT_TIMEOUT,
61  self::RETRIES
62  );
63  }
64 
65  radius_create_request($radius, RADIUS_ACCESS_REQUEST);
66  radius_put_attr($radius, RADIUS_USER_NAME, $this->getCredentials()->getUsername());
67  radius_put_attr($radius, RADIUS_USER_PASSWORD, $this->getCredentials()->getPassword());
68 
69  $this->getLogger()->debug('username: ' . $this->getCredentials()->getUsername());
70 
71  $result = radius_send_request($radius);
72 
73  switch ($result) {
74  case RADIUS_ACCESS_ACCEPT:
75  $this->getLogger()->info('Radius authentication successful.');
76  $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
77 
78  $local_login = ilObjUser::_checkExternalAuthAccount('radius', $this->getCredentials()->getUsername());
79  $status->setAuthenticatedUserId(ilObjUser::_lookupId($local_login));
80  return true;
81 
82  case RADIUS_ACCESS_REJECT:
83  $this->getLogger()->info('Radius authentication rejected with message: ' . radius_strerror($radius));
84  $this->handleAuthenticationFail($status, 'err_wrong_login');
85  return false;
86 
87  case RADIUS_ACCESS_CHALLENGE:
88  $this->getLogger()->info('Radius authentication failed (access challenge): ' . radius_strerror($radius));
89  $this->handleAuthenticationFail($status, 'err_wrong_login');
90  return false;
91 
92  default:
93  $this->getLogger()->error('Radius authentication failed with message: ' . radius_strerror($radius));
94  $this->handleAuthenticationFail($status, 'err_wrong_login');
95  return false;
96  }
97  }
98 
103  public function getExternalAccountName()
104  {
105  return $this->external_account;
106  }
107 
112  public function getTriggerAuthMode()
113  {
114  return AUTH_RADIUS;
115  }
116 
121  public function getUserAuthModeName()
122  {
123  return 'radius';
124  }
125 
130  public function migrateAccount(ilAuthStatus $status)
131  {
132  }
133 }
settings
settings()
Definition: settings.php:2
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:11
ilAuthProviderRadius\getExternalAccountName
getExternalAccountName()
get external account name
Definition: class.ilAuthProviderRadius.php:103
$result
$result
Definition: CleanUpTest.php:463
ilAuthProviderRadius\getUserAuthModeName
getUserAuthModeName()
get user auth mode name
Definition: class.ilAuthProviderRadius.php:121
ilAuthProviderRadius
Description of class class.
Definition: class.ilAuthProviderRadius.php:15
ilAuthProviderRadius\createNewAccount
createNewAccount(\ilAuthStatus $status)
create new account
Definition: class.ilAuthProviderRadius.php:41
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:827
$server
$server
Definition: sabredav.php:48
ilAuthStatus\setAuthenticatedUserId
setAuthenticatedUserId($a_id)
Definition: class.ilAuthStatus.php:116
ilAuthProviderRadius\__construct
__construct(\ilAuthCredentials $credentials)
Definition: class.ilAuthProviderRadius.php:28
ilAuthProvider
Base class for authentication providers (radius, ldap, apache, ...)
Definition: class.ilAuthProvider.php:11
ilAuthProviderInterface
Standard interface for auth provider implementations.
Definition: interface.ilAuthProviderInterface.php:11
ilAuthStatus\setStatus
setStatus($a_status)
Set auth status.
Definition: class.ilAuthStatus.php:63
ilAuthProviderRadius\doAuthentication
doAuthentication(\ilAuthStatus $status)
do authentication
Definition: class.ilAuthProviderRadius.php:49
ilRadiusSettings\_getInstance
static _getInstance()
singleton get instance
Definition: class.ilRadiusSettings.php:74
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3909
ilAuthProvider\getLogger
getLogger()
Get logger.
Definition: class.ilAuthProvider.php:38
ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, $a_reason)
Handle failed authentication.
Definition: class.ilAuthProvider.php:55
ilAuthProviderRadius\getTriggerAuthMode
getTriggerAuthMode()
get trigger auth mode
Definition: class.ilAuthProviderRadius.php:112
ilAuthStatus
Auth status implementation.
Definition: class.ilAuthStatus.php:11
ilAuthProviderRadius\migrateAccount
migrateAccount(ilAuthStatus $status)
Migrate existing account to radius authentication Create new account..
Definition: class.ilAuthProviderRadius.php:130
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9