ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilAuthProviderRadius.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
4
5include_once './Services/Authentication/classes/Provider/class.ilAuthProvider.php';
6include_once './Services/Authentication/interfaces/interface.ilAuthProviderInterface.php';
7include_once './Services/Authentication/interfaces/interface.ilAuthProviderAccountMigrationInterface.php';
8
15class ilAuthProviderRadius extends ilAuthProvider implements ilAuthProviderInterface, ilAuthProviderAccountMigrationInterface
16{
17 const CONNECT_TIMEOUT = 3;
18 const RETRIES = 1;
19
23 private $settings = null;
24
25 private $external_account = '';
26
27
28 public function __construct(\ilAuthCredentials $credentials)
29 {
30 parent::__construct($credentials);
31
32 include_once './Services/Radius/classes/class.ilRadiusSettings.php';
33 $this->settings = ilRadiusSettings::_getInstance();
34 }
35
36
41 public function createNewAccount(\ilAuthStatus $status)
42 {
43 }
44
49 public function doAuthentication(\ilAuthStatus $status)
50 {
51 $radius = radius_auth_open();
52
53 foreach ($this->settings->getServers() as $server) {
54 $this->getLogger()->debug('Using: ' . $server . ':' . $this->settings->getPort());
55 radius_add_server(
56 $radius,
57 trim($server),
58 $this->settings->getPort(),
59 $this->settings->getSecret(),
60 self::CONNECT_TIMEOUT,
61 self::RETRIES
62 );
63 }
64
65 radius_create_request($radius, RADIUS_ACCESS_REQUEST);
66 radius_put_attr($radius, RADIUS_USER_NAME, $this->getCredentials()->getUsername());
67 radius_put_attr($radius, RADIUS_USER_PASSWORD, $this->getCredentials()->getPassword());
68
69 $this->getLogger()->debug('username: ' . $this->getCredentials()->getUsername());
70
71 $result = radius_send_request($radius);
72
73 switch ($result) {
74 case RADIUS_ACCESS_ACCEPT:
75 $this->getLogger()->info('Radius authentication successful.');
76 $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
77
78 $local_login = ilObjUser::_checkExternalAuthAccount('radius', $this->getCredentials()->getUsername());
79 $status->setAuthenticatedUserId(ilObjUser::_lookupId($local_login));
80 return true;
81
82 case RADIUS_ACCESS_REJECT:
83 $this->getLogger()->info('Radius authentication rejected with message: ' . radius_strerror($radius));
84 $this->handleAuthenticationFail($status, 'err_wrong_login');
85 return false;
86
87 case RADIUS_ACCESS_CHALLENGE:
88 $this->getLogger()->info('Radius authentication failed (access challenge): ' . radius_strerror($radius));
89 $this->handleAuthenticationFail($status, 'err_wrong_login');
90 return false;
91
92 default:
93 $this->getLogger()->error('Radius authentication failed with message: ' . radius_strerror($radius));
94 $this->handleAuthenticationFail($status, 'err_wrong_login');
95 return false;
96 }
97 }
98
103 public function getExternalAccountName()
104 {
105 return $this->external_account;
106 }
107
112 public function getTriggerAuthMode()
113 {
114 return AUTH_RADIUS;
115 }
116
121 public function getUserAuthModeName()
122 {
123 return 'radius';
124 }
125
130 public function migrateAccount(ilAuthStatus $status)
131 {
132 }
133}
$result
$result
Definition: CleanUpTest.php:463
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9
ilAuthProviderRadius
Description of class class.
Definition: class.ilAuthProviderRadius.php:16
ilAuthProviderRadius\createNewAccount
createNewAccount(\ilAuthStatus $status)
create new account
Definition: class.ilAuthProviderRadius.php:41
ilAuthProviderRadius\__construct
__construct(\ilAuthCredentials $credentials)
Definition: class.ilAuthProviderRadius.php:28
ilAuthProviderRadius\getTriggerAuthMode
getTriggerAuthMode()
get trigger auth mode
Definition: class.ilAuthProviderRadius.php:112
ilAuthProviderRadius\doAuthentication
doAuthentication(\ilAuthStatus $status)
do authentication
Definition: class.ilAuthProviderRadius.php:49
ilAuthProviderRadius\getExternalAccountName
getExternalAccountName()
get external account name
Definition: class.ilAuthProviderRadius.php:103
ilAuthProviderRadius\getUserAuthModeName
getUserAuthModeName()
get user auth mode name
Definition: class.ilAuthProviderRadius.php:121
ilAuthProviderRadius\migrateAccount
migrateAccount(ilAuthStatus $status)
Migrate existing account to radius authentication Create new account..
Definition: class.ilAuthProviderRadius.php:130
ilAuthProvider
Base class for authentication providers (radius, ldap, apache, ...)
Definition: class.ilAuthProvider.php:12
ilAuthProvider\getLogger
getLogger()
Get logger.
Definition: class.ilAuthProvider.php:38
ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, $a_reason)
Handle failed authentication.
Definition: class.ilAuthProvider.php:55
ilAuthStatus
Auth status implementation.
Definition: class.ilAuthStatus.php:12
ilAuthStatus\setStatus
setStatus($a_status)
Set auth status.
Definition: class.ilAuthStatus.php:63
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3909
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:827
ilRadiusSettings\_getInstance
static _getInstance()
singleton get instance
Definition: class.ilRadiusSettings.php:74
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:12
ilAuthProviderInterface
Standard interface for auth provider implementations.
Definition: interface.ilAuthProviderInterface.php:12
$server
$server
Definition: sabredav.php:48
settings
settings()
Definition: settings.php:2