ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
16class ilObjAuthSettingsGUI extends ilObjectGUI
17{
18
22 private $dic;
23
28 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
29 {
30 global $DIC;
31
32 $this->dic = $DIC;
33 $this->type = "auth";
34 parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
35
36 $this->lng->loadLanguageModule('registration');
37 $this->lng->loadLanguageModule('auth');
38
39 define('LDAP_DEFAULT_PORT', 389);
40 define('RADIUS_DEFAULT_PORT', 1812);
41 }
42
43
44
45 public function viewObject()
46 {
47 return $this->authSettingsObject();
48 }
49
50
56 public function authSettingsObject()
57 {
58 global $DIC;
59
60 $rbacsystem = $DIC['rbacsystem'];
61 $ilSetting = $DIC['ilSetting'];
62
63 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
64 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
65 }
66
67 $this->tabs_gui->setTabActive('authentication_settings');
68 $this->setSubTabs('authSettings');
69 $this->tabs_gui->setSubTabActive("auth_settings");
70
71 $generalSettingsTpl = new ilTemplate('tpl.auth_general.html', true, true, 'Services/Authentication');
72
73 $generalSettingsTpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
74 $generalSettingsTpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
75
76 $generalSettingsTpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
77 $generalSettingsTpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
78 $generalSettingsTpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
79 $generalSettingsTpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
80
81 $generalSettingsTpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
82 $generalSettingsTpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
83 $generalSettingsTpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
84
85 $generalSettingsTpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
86
87 $generalSettingsTpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
88 $generalSettingsTpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
89
90 $generalSettingsTpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
91
92 $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
93 $auth_modes = ilAuthUtils::_getAllAuthModes();
94 $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE,AUTH_OPENID_CONNECT);
95 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
96 // icon handlers
97 $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
98 $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
99
100
101 foreach ($auth_modes as $mode => $mode_name) {
102 if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
103 continue;
104 }
105
106 $generalSettingsTpl->setCurrentBlock('auth_mode');
107
108 if (ilLDAPServer::isAuthModeLDAP($mode)) {
109 $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
110 $generalSettingsTpl->setVariable("AUTH_NAME", $server->getName());
111 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
112 } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
113 $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
114 $generalSettingsTpl->setVariable('AUTH_NAME', $idp->getEntityId());
115 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
116 } else {
117 $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
118 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
119 }
120
121 if ($ilSetting->get('auth_mode') == $mode) {
122 $generalSettingsTpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
123
124 $generalSettingsTpl->setVariable(
125 "AUTH_USER_NUM",
126 ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
127 ": " . $auth_cnt["default"] . ")"
128 );
129 } else {
130 $generalSettingsTpl->setVariable(
131 "AUTH_USER_NUM",
132 (int) $auth_cnt[$mode_name]
133 );
134 }
135 $generalSettingsTpl->setVariable("AUTH_ID", $mode_name);
136 $generalSettingsTpl->setVariable("AUTH_VAL", $mode);
137 $generalSettingsTpl->parseCurrentBlock();
138 }
139
140 $generalSettingsTpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
141
142 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
143 $generalSettingsTpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
144 $generalSettingsTpl->setCurrentBlock('auth_mode_submit');
145 $generalSettingsTpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
146 $generalSettingsTpl->setVariable("CMD_SUBMIT", "setAuthMode");
147 $generalSettingsTpl->parseCurrentBlock();
148 }
149
150 // auth mode determinitation
151 if ($this->initAuthModeDetermination()) {
152 $generalSettingsTpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
153 }
154
155 // roles table
156 $generalSettingsTpl->setVariable(
157 "FORMACTION_ROLES",
158 $this->ctrl->getFormAction($this)
159 );
160 $generalSettingsTpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
161 $generalSettingsTpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
162 $generalSettingsTpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
163 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
164 $generalSettingsTpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
165 $generalSettingsTpl->setVariable('BTN_SUBMIT_ROLES', $this->lng->txt('save'));
166 }
167
168 include_once("./Services/AccessControl/classes/class.ilObjRole.php");
169 $reg_roles = ilObjRole::_lookupRegisterAllowed();
170
171 // auth mode selection
172 include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
173 $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
174
175 foreach ($reg_roles as $role) {
176 foreach ($active_auth_modes as $auth_name => $auth_key) {
177 // do not list auth modes with external login screen
178 // even not default, because it can easily be set to
179 // a non-working auth mode
180 if ($auth_name == "default" || $auth_name == "cas"
181 || $auth_name == 'saml'
182 || $auth_name == "shibboleth" || $auth_name == 'ldap'
183 || $auth_name == 'apache' || $auth_name == "ecs"
184 || $auth_name == "openid") {
185 continue;
186 }
187
188 $generalSettingsTpl->setCurrentBlock("auth_mode_selection");
189
190 if ($auth_name == 'default') {
191 $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
192 } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
193 $server = ilLDAPServer::getInstanceByServerId($id);
194 $name = $server->getName();
195 } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
196 $idp = ilSamlIdp::getInstanceByIdpId($id);
197 $name = $idp->getEntityId();
198 } else {
199 $name = $this->lng->txt('auth_' . $auth_name);
200 }
201
202 $generalSettingsTpl->setVariable("AUTH_MODE_NAME", $name);
203
204 $generalSettingsTpl->setVariable("AUTH_MODE", $auth_name);
205
206 if ($role['auth_mode'] == $auth_name) {
207 $generalSettingsTpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
208 }
209
210 $generalSettingsTpl->parseCurrentBlock();
211 }
212
213 $generalSettingsTpl->setCurrentBlock("roles");
214 $generalSettingsTpl->setVariable("ROLE", $role['title']);
215 $generalSettingsTpl->setVariable("ROLE_ID", $role['id']);
216 $generalSettingsTpl->parseCurrentBlock();
217 }
218
219 $this->tpl->setContent($generalSettingsTpl->get());
220 }
221
222
229 public function loginInfoObject()
230 {
231 global $DIC;
232
233 $rbacsystem = $DIC['rbacsystem'];
234 $lng = $DIC['lng'];
235 $ilSetting = $DIC['ilSetting'];
236
237 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
238 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
239 }
240
241 $this->tabs_gui->setTabActive("authentication_settings");
242 $this->setSubTabs("authSettings");
243 $this->tabs_gui->setSubTabActive("auth_login_editor");
244
245 $lng->loadLanguageModule("meta");
246
247 $this->tpl->addBlockFile(
248 "ADM_CONTENT",
249 "adm_content",
250 "tpl.auth_login_messages.html",
251 "Services/Authentication"
252 );
253 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
254 $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
255 $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
256 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
257 $this->initLoginForm();
258 $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
259 }
260
261
262 public function cancelObject()
263 {
264 $this->ctrl->redirect($this, "authSettings");
265 }
266
267 public function setAuthModeObject()
268 {
269 global $DIC;
270
271 $rbacsystem = $DIC['rbacsystem'];
272 $ilSetting = $DIC['ilSetting'];
273
274 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
275 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
276 }
277
278 if (empty($_POST["auth_mode"])) {
279 $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
280 }
281
282 $current_auth_mode = $ilSetting->get('auth_mode', '');
283 if ($_POST["auth_mode"] == $current_auth_mode) {
284 ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
285 $this->ctrl->redirect($this, 'authSettings');
286 }
287
288 switch ($_POST["auth_mode"]) {
289 case AUTH_SAML:
290 break;
291
292 case AUTH_LDAP:
293
294 /*
295 if ($this->object->checkAuthLDAP() !== true)
296 {
297 ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
298 ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
299 }
300 */
301 break;
302
303 // @fix changed from AUTH_SHIB > is not defined
304 case AUTH_SHIBBOLETH:
305 if ($this->object->checkAuthSHIB() !== true) {
306 ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
307 ilUtil::redirect(
308 $this->getReturnLocation(
309 'authSettings',
310 $this->ctrl->getLinkTargetByClass(
311 ilAuthShibbolethSettingsGUI::class,
312 'settings',
313 '',
314 false,
315 false
316 )
317 )
318 );
319 }
320 break;
321
322 case AUTH_RADIUS:
323 if ($this->object->checkAuthRADIUS() !== true) {
324 ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
325 $this->ctrl->redirect($this, 'editRADIUS');
326 }
327 break;
328
329 case AUTH_SCRIPT:
330 if ($this->object->checkAuthScript() !== true) {
331 ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
332 ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
333 }
334 break;
335 }
336
337 $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
338
339 ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
340 $this->ctrl->redirect($this, 'authSettings');
341 }
342
348 public function editSOAPObject()
349 {
350 global $DIC;
351
352 $rbacsystem = $DIC['rbacsystem'];
353 $rbacreview = $DIC['rbacreview'];
354 $ilSetting = $DIC['ilSetting'];
355 $ilCtrl = $DIC['ilCtrl'];
356 $lng = $DIC['lng'];
357
358 if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
359 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
360 }
361
362 $this->tabs_gui->setTabActive('auth_soap');
363
364 //set Template
365 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
366
367 // compose role list
368 $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
369 $roles = array();
370
371 foreach ($role_list as $role) {
372 $roles[$role['obj_id']] = $role['title'];
373 }
374
375 //set property form gui
376 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
377
378 $soap_config = new ilPropertyFormGUI();
379 $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
380 $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
381 $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
382 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
383 $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
384 $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
385 }
386 //set activ
387 $active = new ilCheckboxInputGUI();
388 $active->setTitle($this->lng->txt("active"));
389 $active->setPostVar("soap[active]");
390
391 //set server
392 $server = new ilTextInputGUI();
393 $server->setTitle($this->lng->txt("server"));
394 $server->setInfo($this->lng->txt("auth_soap_server_desc"));
395 $server->setPostVar("soap[server]");
396 $server->setSize(50);
397 $server->setMaxLength(256);
398 $server->setRequired(true);
399
400 //set port
401 $port = new ilTextInputGUI();
402 $port->setTitle($this->lng->txt("port"));
403 $port->setInfo($this->lng->txt("auth_soap_port_desc"));
404 $port->setPostVar("soap[port]");
405 $port->setSize(7);
406 $port->setMaxLength(5);
407
408 //set https
409 $https = new ilCheckboxInputGUI();
410 $https->setTitle($this->lng->txt("auth_soap_use_https"));
411 $https->setPostVar("soap[use_https]");
412
413 //set uri
414 $uri = new ilTextInputGUI();
415 $uri->setTitle($this->lng->txt("uri"));
416 $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
417 $uri->setPostVar("soap[uri]");
418 $uri->setSize(50);
419 $uri->setMaxLength(256);
420
421 //set namespace
422 $namespace = new ilTextInputGUI();
423 $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
424 $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
425 $namespace->setPostVar("soap[namespace]");
426 $namespace->setSize(50);
427 $namespace->setMaxLength(256);
428
429 //set dotnet
430 $dotnet = new ilCheckboxInputGUI();
431 $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
432 $dotnet->setPostVar("soap[use_dotnet]");
433
434 //set create users
435 $createuser = new ilCheckboxInputGUI();
436 $createuser->setTitle($this->lng->txt("auth_create_users"));
437 $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
438 $createuser->setPostVar("soap[create_users]");
439
440 //set account mail
441 $sendmail = new ilCheckboxInputGUI();
442 $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
443 $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
444 $sendmail->setPostVar("soap[account_mail]");
445
446 //set user default role
447 $defaultrole = new ilSelectInputGUI();
448 $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
449 $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
450 $defaultrole->setPostVar("soap[user_default_role]");
451 $defaultrole->setOptions($roles);
452
453 //set allow local authentication
454 $allowlocal = new ilCheckboxInputGUI();
455 $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
456 $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
457 $allowlocal->setPostVar("soap[allow_local]");
458
459 // get all settings
460 $settings = $ilSetting->getAll();
461
462 // get values in error case
463 if ($_SESSION["error_post_vars"]) {
464 $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
465 $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
466 $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
467 $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
468 $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
469 $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
470 $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
471 $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
472 $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
473 $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
474 $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
475 } else {
476 $active ->setChecked($settings["soap_auth_active"]);
477 $server ->setValue($settings["soap_auth_server"]);
478 $port ->setValue($settings["soap_auth_port"]);
479 $https ->setChecked($settings["soap_auth_use_https"]);
480 $uri ->setValue($settings["soap_auth_uri"]);
481 $namespace ->setValue($settings["soap_auth_namespace"]);
482 $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
483 $createuser ->setChecked($settings["soap_auth_create_users"]);
484 $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
485 $defaultrole->setValue($settings["soap_auth_user_default_role"]);
486 $sendmail ->setChecked($settings["soap_auth_account_mail"]);
487 }
488
489 if (!$defaultrole->getValue()) {
490 $defaultrole->setValue(4);
491 }
492
493 //add Items to property gui
494 $soap_config->addItem($active);
495 $soap_config->addItem($server);
496 $soap_config->addItem($port);
497 $soap_config->addItem($https);
498 $soap_config->addItem($uri);
499 $soap_config->addItem($namespace);
500 $soap_config->addItem($dotnet);
501 $soap_config->addItem($createuser);
502 $soap_config->addItem($sendmail);
503 $soap_config->addItem($defaultrole);
504 $soap_config->addItem($allowlocal);
505
506 $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
507
508 // test form
509 $form = new ilPropertyFormGUI();
510 $form->setFormAction($ilCtrl->getFormAction($this));
511 $form->setTitle("Test Request");
512 $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
513 $form->addItem($text_prop);
514 $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
515 $form->addItem($text_prop2);
516 $cb = new ilCheckboxInputGUI("new_user", "new_user");
517 $form->addItem($cb);
518
519 $form->addCommandButton(
520 "testSoapAuthConnection",
521 "Send"
522 );
523
524 if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
525 include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
526 $ret = "<br />" . ilSOAPAuth::testConnection(
527 ilUtil::stripSlashes($_POST["ext_uid"]),
528 ilUtil::stripSlashes($_POST["soap_pw"]),
529 (boolean) $_POST["new_user"]
530 );
531 }
532 $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
533 }
534
535 public function testSoapAuthConnectionObject()
536 {
537 $this->editSOAPObject();
538 }
539
545 public function saveSOAPObject()
546 {
547 global $DIC;
548
549 $ilUser = $DIC['ilUser'];
550 $ilSetting = $DIC['ilSetting'];
551 $rbacsystem = $DIC['rbacsystem'];
552
553 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
554 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
555 }
556
557 // validate required data
558 if (!$_POST["soap"]["server"]) {
559 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
560 }
561
562 // validate port
563 if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
564 $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
565 }
566
567 $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
568 $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
569 $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
570 $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
571 $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
572 $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
573 $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
574 $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
575 $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
576 $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
577 $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
578 ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
579
580 $this->ctrl->redirect($this, 'editSOAP');
581 }
582
588 public function editScriptObject()
589 {
590 global $DIC;
591
592 $rbacsystem = $DIC['rbacsystem'];
593
594 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
595 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
596 }
597
598 if ($_SESSION["error_post_vars"]) {
599 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
600 } else {
601 // set already saved data
602 $settings = $this->ilias->getAllSettings();
603
604 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
605 }
606
607 $this->tabs_gui->setTabActive('auth_script');
608
609 $this->tpl->addBlockFile(
610 "ADM_CONTENT",
611 "adm_content",
612 "tpl.auth_script.html",
613 "Services/Authentication"
614 );
615
616 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
617 $this->tpl->setVariable("COLSPAN", 3);
618 $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
619 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
620 $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
621
622 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
623 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
624 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
625 $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
626 }
627
633 public function saveScriptObject()
634 {
635 // validate required data
636 if (!$_POST["auth_script"]["name"]) {
637 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
638 }
639
640 // validate script url
641 /*
642 if (( TODO ,$_POST["ldap"]["server"])) == false)
643 {
644 $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
645 }*/
646
647 // TODO: check connection to server
648
649 // all ok. save settings and activate auth by external script
650 $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
651 $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
652
653 ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
654 $this->ctrl->redirect($this, 'editScript');
655 }
656
657
664 public function getAuthModeTitle()
665 {
666 switch ($this->ilias->getSetting("auth_mode")) {
667 case AUTH_LOCAL:
668 return $this->lng->txt("auth_local");
669 break;
670
671 case AUTH_LDAP:
672 return $this->lng->txt("auth_ldap");
673 break;
674
675 case AUTH_SHIBBOLETH:
676 return $this->lng->txt("auth_shib");
677 break;
678
679 case AUTH_SAML:
680 return $this->lng->txt("auth_saml");
681 break;
682
683 case AUTH_RADIUS:
684 return $this->lng->txt("auth_radius");
685 break;
686
687 case AUTH_SCRIPT:
688 return $this->lng->txt("auth_script");
689 break;
690
691 case AUTH_APACHE:
692 return $this->lng->txt("auth_apache");
693 break;
694
695 default:
696 return $this->lng->txt("unknown");
697 break;
698 }
699 }
700
701 public function updateAuthRolesObject()
702 {
703 global $DIC;
704
705 $rbacsystem = $DIC['rbacsystem'];
706
707 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
708 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
709 }
710
711 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
712 ilObjRole::_updateAuthMode($_POST['Fobject']);
713
714 ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
715 $this->ctrl->redirect($this, 'authSettings');
716 }
717
723 protected function initAuthModeDetermination()
724 {
725 if (is_object($this->form)) {
726 return true;
727 }
728
729 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
730 $this->form = new ilPropertyFormGUI();
731 $this->form->setFormAction($this->ctrl->getFormAction($this));
732 $this->form->setTableWidth('100%');
733 $this->form->setTitle($this->lng->txt('auth_auth_settings'));
734 $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
735
736 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
737 $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
738 $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
739 $cap->setValue(1);
740 if (!ilCaptchaUtil::checkFreetype()) {
741 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
742 }
743 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
744 $this->form->addItem($cap);
745
746 // Are there any authentication methods that support automatic determination ?
747 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
748 $det = ilAuthModeDetermination::_getInstance();
749 if ($det->getCountActiveAuthModes() <= 1) {
750 return true;
751 }
752
753 $header = new ilFormSectionHeaderGUI();
754 $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
755 $this->form->addItem($header);
756
757 $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
758 $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
759 $kind->setValue($det->getKind());
760 $kind->setRequired(true);
761
762 $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
763 $kind->addOption($option_user);
764
765 $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
766
767 include_once('Services/Authentication/classes/class.ilAuthUtils.php');
768
769 $auth_sequenced = $det->getAuthModeSequence();
770 $counter = 1;
771 foreach ($auth_sequenced as $auth_mode) {
772 switch ($auth_mode) {
773 // begin-patch ldap_multiple
774 case ilLDAPServer::isAuthModeLDAP($auth_mode):
775 $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
776 $server = ilLDAPServer::getInstanceByServerId($auth_id);
777 $text = $server->getName();
778 // end-patch ldap_multiple
779 break;
780 case AUTH_RADIUS:
781 $text = $this->lng->txt('auth_radius');
782 break;
783 case AUTH_LOCAL:
784 $text = $this->lng->txt('auth_local');
785 break;
786 case AUTH_SOAP:
787 $text = $this->lng->txt('auth_soap');
788 break;
789 case AUTH_APACHE:
790 $text = $this->lng->txt('auth_apache');
791 break;
792 // begin-patch auth_plugin
793 default:
794 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
795 $option = $pl->getMultipleAuthModeOptions($auth_mode);
796 $text = $option[$auth_mode]['txt'];
797 }
798 break;
799 // end-patch auth_plugin
800 }
801
802 $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
803 $pos->setValue($counter++);
804 $pos->setSize(1);
805 $pos->setMaxLength(1);
806 $option_determination->addSubItem($pos);
807 }
808 $kind->addOption($option_determination);
809 $this->form->addItem($kind);
810 return true;
811 }
812
819 public function updateAuthModeDeterminationObject()
820 {
821 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
822 $det = ilAuthModeDetermination::_getInstance();
823
824 $det->setKind((int) $_POST['kind']);
825
826 $pos = $_POST['position'] ? $_POST['position'] : array();
827 asort($pos, SORT_NUMERIC);
828
829 $counter = 0;
830 foreach ($pos as $auth_mode => $dummy) {
831 $position[$counter++] = $auth_mode;
832 }
833 $det->setAuthModeSequence($position ? $position : array());
834 $det->save();
835
836 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
837 ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
838
839 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
840 $this->authSettingsObject();
841 }
842
849 public function executeCommand()
850 {
851 global $DIC;
852
853 $ilAccess = $DIC['ilAccess'];
854 $ilErr = $DIC['ilErr'];
855
856
857 $next_class = $this->ctrl->getNextClass($this);
858 $cmd = $this->ctrl->getCmd();
859 $this->prepareOutput();
860
861 if (!$DIC->rbac()->system()->checkAccess("visible,read", $this->object->getRefId())) {
862 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
863 }
864
865 switch ($next_class) {
866 case 'ilopenidconnectsettingsgui':
867
868 $this->tabs_gui->activateTab('auth_oidconnect');
869
870 $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
871 $this->ctrl->forwardCommand($oid);
872 break;
873
874 case 'ilsamlsettingsgui':
875 $this->tabs_gui->setTabActive('auth_saml');
876
877 require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
878 $os = new ilSamlSettingsGUI($this->object->getRefId());
879 $this->ctrl->forwardCommand($os);
880 break;
881
882 case 'ilregistrationsettingsgui':
883
884 include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
885
886 // Enable tabs
887 $this->tabs_gui->setTabActive('registration_settings');
888 $registration_gui = new ilRegistrationSettingsGUI();
889 $this->ctrl->forwardCommand($registration_gui);
890 break;
891
892 case 'ilpermissiongui':
893
894 // Enable tabs
895 $this->tabs_gui->setTabActive('perm_settings');
896
897 include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
898 $perm_gui = new ilPermissionGUI($this);
899 $ret = &$this->ctrl->forwardCommand($perm_gui);
900 break;
901
902 case 'illdapsettingsgui':
903
904 // Enable Tabs
905 $this->tabs_gui->setTabActive('auth_ldap');
906
907 include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
908 $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
909 $this->ctrl->forwardCommand($ldap_settings_gui);
910 break;
911
912 case 'ilauthshibbolethsettingsgui':
913
914 $this->tabs_gui->setTabActive('auth_shib');
915 include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
916 $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
917 $this->ctrl->forwardCommand($shib_settings_gui);
918 break;
919
920 case 'ilcassettingsgui':
921
922 $this->tabs_gui->setTabActive('auth_cas');
923 include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
924 $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
925 $this->ctrl->forwardCommand($cas_settings);
926 break;
927
928 case 'ilradiussettingsgui':
929
930 $this->tabs_gui->setTabActive('auth_radius');
931 include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
932 $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
933 $this->ctrl->forwardCommand($radius_settings_gui);
934 break;
935
936
937 case 'ilauthloginpageeditorgui':
938
939 $this->setSubTabs("authSettings");
940 $this->tabs_gui->setTabActive('authentication_settings');
941 $this->tabs_gui->setSubTabActive("auth_login_editor");
942
943 include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
944 $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
945 $this->ctrl->forwardCommand($lpe);
946 break;
947
948 default:
949 if (!$cmd) {
950 $cmd = "authSettings";
951 }
952 $cmd .= "Object";
953 $this->$cmd();
954
955 break;
956 }
957 return true;
958 }
959
960 public function getAdminTabs()
961 {
962 $this->getTabs();
963 }
964
970 public function getTabs()
971 {
972 global $DIC;
973
974 $rbacsystem = $DIC['rbacsystem'];
975
976 $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
977
978 if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
979 $this->tabs_gui->addTarget(
980 "authentication_settings",
981 $this->ctrl->getLinkTarget($this, "authSettings"),
982 "",
983 "",
984 ""
985 );
986
987 $this->tabs_gui->addTarget(
988 'registration_settings',
989 $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
990 );
991
992 $this->tabs_gui->addTarget(
993 "auth_ldap",
994 $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
995 "",
996 "",
997 ""
998 );
999
1000
1001 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1002 # "", "", "");
1003
1004 $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
1005
1006 $this->tabs_gui->addTarget(
1007 'auth_cas',
1008 $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
1009 );
1010
1011 $this->tabs_gui->addTarget(
1012 "auth_radius",
1013 $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
1014 "",
1015 "",
1016 ""
1017 );
1018
1019 $this->tabs_gui->addTarget(
1020 "auth_soap",
1021 $this->ctrl->getLinkTarget($this, "editSOAP"),
1022 "",
1023 "",
1024 ""
1025 );
1026
1027 $this->tabs_gui->addTarget(
1028 "apache_auth_settings",
1029 $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1030 "",
1031 "",
1032 ""
1033 );
1034
1035 require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1036 $this->tabs_gui->addTarget(
1037 'auth_saml',
1038 $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1039 '',
1040 '',
1041 ''
1042 );
1043
1044 $this->tabs_gui->addTab(
1045 'auth_oidconnect',
1046 $this->lng->txt('auth_oidconnect'),
1047 $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1048 );
1049 }
1050
1051 if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1052 $this->tabs_gui->addTarget(
1053 "perm_settings",
1054 $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1055 array("perm","info","owner"),
1056 'ilpermissiongui'
1057 );
1058 }
1059 }
1060
1064 public function setSubTabs($a_tab)
1065 {
1066 global $DIC;
1067
1068 $rbacsystem = $DIC['rbacsystem'];
1069 $ilUser = $DIC['ilUser'];
1070 $ilAccess = $DIC['ilAccess'];
1071
1072 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1073
1074 switch ($a_tab) {
1075 case 'authSettings':
1076 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1077 $this->tabs_gui->addSubTabTarget(
1078 "auth_settings",
1079 $this->ctrl->getLinkTarget($this, 'authSettings'),
1080 ""
1081 );
1082 }
1083 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1084 $this->tabs_gui->addSubTabTarget(
1085 'auth_login_editor',
1086 $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1087 ''
1088 );
1089 }
1090 break;
1091 }
1092 }
1093
1094
1095 public function apacheAuthSettingsObject($form = false)
1096 {
1097 global $DIC;
1098
1099 $tpl = $DIC['tpl'];
1100
1101 $this->tabs_gui->setTabActive("apache_auth_settings");
1102
1103 if (!$form) {
1104 $form = $this->getApacheAuthSettingsForm();
1105
1106 $settings = new ilSetting('apache_auth');
1107 $settingsMap = $settings->getAll();
1108
1109 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1110 if (file_exists($path) && is_readable($path)) {
1111 $settingsMap['apache_auth_domains'] = file_get_contents($path);
1112 }
1113
1114 $form->setValuesByArray($settingsMap);
1115 }
1116 $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1117 }
1118
1119 public function saveApacheSettingsObject()
1120 {
1121 global $DIC;
1122
1123 $ilCtrl = $DIC['ilCtrl'];
1124 $form = $this->getApacheAuthSettingsForm();
1125 $form->setValuesByPost();
1126 /*$items = $form->getItems();
1127 foreach($items as $item)
1128 $item->validate();*/
1129 if ($form->checkInput()) {
1130 $settings = new ilSetting('apache_auth');
1131 $fields = array(
1132 'apache_auth_indicator_name', 'apache_auth_indicator_value',
1133 'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1134 'apache_enable_ldap', 'apache_auth_username_config_type',
1135 'apache_auth_username_direct_mapping_fieldname',
1136 'apache_default_role', 'apache_auth_target_override_login_page',
1137 'apache_auth_enable_override_login_page',
1138 'apache_auth_authenticate_on_login_page',
1139 'apache_ldap_sid'
1140// 'apache_auth_username_by_function_functionname',
1141 );
1142
1143 foreach ($fields as $field) {
1144 $settings->set($field, $form->getInput($field));
1145 }
1146
1147 if ($form->getInput('apache_enable_auth')) {
1148 $this->ilias->setSetting('apache_active', true);
1149 } else {
1150 $this->ilias->setSetting('apache_active', false);
1151 global $DIC;
1152
1153 $ilSetting = $DIC['ilSetting'];
1154 if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1155 $ilSetting->set("auth_mode", AUTH_LOCAL);
1156 }
1157 }
1158
1159 $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1160 file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1161
1162 ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1163 $this->ctrl->redirect($this, 'apacheAuthSettings');
1164 } else {
1165 $this->apacheAuthSettingsObject($form);
1166 }
1167 }
1168
1169 public function getApacheAuthSettingsForm()
1170 {
1171 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1172
1173 $form = new ilPropertyFormGUI();
1174 $form->setFormAction($this->ctrl->getFormAction($this));
1175 $form->setTitle($this->lng->txt('apache_settings'));
1176
1177 $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1178 $form->addItem($chb_enabled);
1179
1180 $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1181 $chb_enabled->addSubitem($chb_local_create_account);
1182
1183 global $DIC;
1184
1185 $rbacreview = $DIC['rbacreview'];
1186 $roles = $rbacreview->getGlobalRolesArray();
1187 $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1188 $roleOptions = array();
1189 foreach ($roles as $role) {
1190 $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1191 }
1192 $select->setOptions($roleOptions);
1193 $select->setValue(4);
1194
1195 $chb_local_create_account->addSubitem($select);
1196
1197 $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1198 $form->addItem($chb_local);
1199
1200 $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1201 $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1202
1203 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1204 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1205 $servers = ilLDAPServer::getServerIds();
1206 if (count($servers)) {
1207 $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1208 $options[0] = $this->lng->txt('select_one');
1209 foreach ($servers as $server_id) {
1210 $ldap_server = new ilLDAPServer($server_id);
1211 $options[$server_id] = $ldap_server->getName();
1212 }
1213 $ldap_server_select->setOptions($options);
1214 $ldap_server_select->setRequired(true);
1215
1216 $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1217 $ldap_server_select->setValue($ds);
1218
1219 $chb_ldap->addSubItem($ldap_server_select);
1220 }
1221 $form->addItem($chb_ldap);
1222
1223 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1224 $txt->setRequired(true);
1225 $form->addItem($txt);
1226
1227 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1228 $txt->setRequired(true);
1229 $form->addItem($txt);
1230
1231
1232 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1233 $form->addItem($chb);
1234
1235 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1236 $txt->setRequired(true);
1237 $chb->addSubItem($txt);
1238
1239 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1240 $form->addItem($chb);
1241
1242 $sec = new ilFormSectionHeaderGUI();
1243 $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1244 $form->addItem($sec);
1245
1246 $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1247 $form->addItem($rag);
1248
1249 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1250 $rag->addOption($rao);
1251
1252 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1253 //$txt->setRequired(true);
1254 $rao->addSubItem($txt);
1255
1256 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1257 $rao->setDisabled(true);
1258 $rag->addOption($rao);
1259
1260 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1261 $rag->addOption($rao);
1262
1263 /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1264 $rao->addSubItem($txt);*/
1265
1266 $sec = new ilFormSectionHeaderGUI();
1267 $sec->setTitle($this->lng->txt('apache_auth_security'));
1268 $form->addItem($sec);
1269
1270 $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1271 $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1272
1273 $form->addItem($txt);
1274
1275 if ($this->dic->rbac()->system()->checkAccess('visible, read', $this->ref_id)) {
1276 $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1277 }
1278 $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1279
1280 return $form;
1281 }
1282
1283 private function validateApacheAuthAllowedDomains($text)
1284 {
1285 return join("\n", preg_split("/[\r\n]+/", $text));
1286 }
1287
1288 public function registrationSettingsObject()
1289 {
1290 $registration_gui = new ilRegistrationSettingsGUI();
1291 $this->ctrl->redirect($registration_gui);
1292 }
1293
1298 public function addToExternalSettingsForm($a_form_id)
1299 {
1300 switch ($a_form_id) {
1301 case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1302 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1303 $fields_login = array(
1304 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1305 );
1306
1307 $fields_registration = array(
1308 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1309 );
1310
1311
1312 return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1313 }
1314 }
1315} // END class.ilObjAuthSettingsGUI
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:22
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:16
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:14
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:260
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:749
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:326
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:198
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:32
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:324
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:385
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:226
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:17
ilObjAuthSettingsGUI\getAdminTabs
getAdminTabs()
administration tabs show only permissions and trash folder
Definition: class.ilObjAuthSettingsGUI.php:960
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
Definition: class.ilObjAuthSettingsGUI.php:28
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
Definition: class.ilObjAuthSettingsGUI.php:633
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:819
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:229
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:664
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:348
ilObjAuthSettingsGUI\cancelObject
cancelObject()
cancel action and go back to previous page @access public
Definition: class.ilObjAuthSettingsGUI.php:262
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:56
ilObjAuthSettingsGUI\viewObject
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
Definition: class.ilObjAuthSettingsGUI.php:45
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:723
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
Definition: class.ilObjAuthSettingsGUI.php:545
ilObjAuthSettingsGUI\getTabs
getTabs()
get tabs @access public
Definition: class.ilObjAuthSettingsGUI.php:970
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:588
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:349
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:592
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3659
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:14
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:309
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1432
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilOpenIdConnectSettingsGUI
Class ilOpenIdConnectSettingsGUI.
Definition: class.ilOpenIdConnectSettingsGUI.php:12
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:20
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:34
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:32
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:37
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
Definition: class.ilSOAPAuth.php:45
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode(string $a_auth_mode)
Definition: class.ilSamlIdp.php:213
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml(string $a_auth_mode)
Definition: class.ilSamlIdp.php:194
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId(int $a_idp_id)
Definition: class.ilSamlIdp.php:66
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:9
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:18
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:33
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:14
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:35
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3306
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4519
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2408
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4503
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:80
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
$server
$server
Definition: dummy_client.php:12
$txt
$txt
Definition: error.php:13
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$name
if($format !==null) $name
Definition: metadata.php:230
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:30
ilias
redirection script todo: (a better solution should control the processing via a xml file)
$ret
$ret
Definition: parser.php:6
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$https
$https
Definition: imgupload.php:19
$ilUser
$ilUser
Definition: imgupload.php:18
$DIC
$DIC
Definition: xapitoken.php:46