ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
16 class ilObjAuthSettingsGUI extends ilObjectGUI
17 {
18 
22  private $dic;
23 
28  public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
29  {
30  global $DIC;
31 
32  $this->dic = $DIC;
33  $this->type = "auth";
34  parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
35 
36  $this->lng->loadLanguageModule('registration');
37  $this->lng->loadLanguageModule('auth');
38 
39  define('LDAP_DEFAULT_PORT', 389);
40  define('RADIUS_DEFAULT_PORT', 1812);
41  }
42 
43 
44 
45  public function viewObject()
46  {
47  return $this->authSettingsObject();
48  }
49 
50 
56  public function authSettingsObject()
57  {
58  global $DIC;
59 
60  $rbacsystem = $DIC['rbacsystem'];
61  $ilSetting = $DIC['ilSetting'];
62 
63  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
64  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
65  }
66 
67  $this->tabs_gui->setTabActive('authentication_settings');
68  $this->setSubTabs('authSettings');
69  $this->tabs_gui->setSubTabActive("auth_settings");
70 
71  $generalSettingsTpl = new ilTemplate('tpl.auth_general.html', true, true, 'Services/Authentication');
72 
73  $generalSettingsTpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
74  $generalSettingsTpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
75 
76  $generalSettingsTpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
77  $generalSettingsTpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
78  $generalSettingsTpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
79  $generalSettingsTpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
80 
81  $generalSettingsTpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
82  $generalSettingsTpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
83  $generalSettingsTpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
84 
85  $generalSettingsTpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
86 
87  $generalSettingsTpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
88  $generalSettingsTpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
89 
90  $generalSettingsTpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
91 
92  $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
93  $auth_modes = ilAuthUtils::_getAllAuthModes();
94  $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE,AUTH_OPENID_CONNECT);
95  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
96  // icon handlers
97  $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
98  $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
99 
100 
101  foreach ($auth_modes as $mode => $mode_name) {
102  if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
103  continue;
104  }
105 
106  $generalSettingsTpl->setCurrentBlock('auth_mode');
107 
108  if (ilLDAPServer::isAuthModeLDAP($mode)) {
109  $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
110  $generalSettingsTpl->setVariable("AUTH_NAME", $server->getName());
111  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
112  } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
113  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
114  $generalSettingsTpl->setVariable('AUTH_NAME', $idp->getEntityId());
115  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
116  } else {
117  $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
118  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
119  }
120 
121  if ($ilSetting->get('auth_mode') == $mode) {
122  $generalSettingsTpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
123 
124  $generalSettingsTpl->setVariable(
125  "AUTH_USER_NUM",
126  ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
127  ": " . $auth_cnt["default"] . ")"
128  );
129  } else {
130  $generalSettingsTpl->setVariable(
131  "AUTH_USER_NUM",
132  (int) $auth_cnt[$mode_name]
133  );
134  }
135  $generalSettingsTpl->setVariable("AUTH_ID", $mode_name);
136  $generalSettingsTpl->setVariable("AUTH_VAL", $mode);
137  $generalSettingsTpl->parseCurrentBlock();
138  }
139 
140  $generalSettingsTpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
141 
142  if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
143  $generalSettingsTpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
144  $generalSettingsTpl->setCurrentBlock('auth_mode_submit');
145  $generalSettingsTpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
146  $generalSettingsTpl->setVariable("CMD_SUBMIT", "setAuthMode");
147  $generalSettingsTpl->parseCurrentBlock();
148  }
149 
150  // auth mode determinitation
151  if ($this->initAuthModeDetermination()) {
152  $generalSettingsTpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
153  }
154 
155  // roles table
156  $generalSettingsTpl->setVariable(
157  "FORMACTION_ROLES",
158  $this->ctrl->getFormAction($this)
159  );
160  $generalSettingsTpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
161  $generalSettingsTpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
162  $generalSettingsTpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
163  if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
164  $generalSettingsTpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
165  $generalSettingsTpl->setVariable('BTN_SUBMIT_ROLES', $this->lng->txt('save'));
166  }
167 
168  include_once("./Services/AccessControl/classes/class.ilObjRole.php");
169  $reg_roles = ilObjRole::_lookupRegisterAllowed();
170 
171  // auth mode selection
172  include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
173  $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
174 
175  foreach ($reg_roles as $role) {
176  foreach ($active_auth_modes as $auth_name => $auth_key) {
177  // do not list auth modes with external login screen
178  // even not default, because it can easily be set to
179  // a non-working auth mode
180  if ($auth_name == "default" || $auth_name == "cas"
181  || $auth_name == 'saml'
182  || $auth_name == "shibboleth" || $auth_name == 'ldap'
183  || $auth_name == 'apache' || $auth_name == "ecs"
184  || $auth_name == "openid") {
185  continue;
186  }
187 
188  $generalSettingsTpl->setCurrentBlock("auth_mode_selection");
189 
190  if ($auth_name == 'default') {
191  $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
192  } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
193  $server = ilLDAPServer::getInstanceByServerId($id);
194  $name = $server->getName();
195  } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
196  $idp = ilSamlIdp::getInstanceByIdpId($id);
197  $name = $idp->getEntityId();
198  } else {
199  $name = $this->lng->txt('auth_' . $auth_name);
200  }
201 
202  $generalSettingsTpl->setVariable("AUTH_MODE_NAME", $name);
203 
204  $generalSettingsTpl->setVariable("AUTH_MODE", $auth_name);
205 
206  if ($role['auth_mode'] == $auth_name) {
207  $generalSettingsTpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
208  }
209 
210  $generalSettingsTpl->parseCurrentBlock();
211  }
212 
213  $generalSettingsTpl->setCurrentBlock("roles");
214  $generalSettingsTpl->setVariable("ROLE", $role['title']);
215  $generalSettingsTpl->setVariable("ROLE_ID", $role['id']);
216  $generalSettingsTpl->parseCurrentBlock();
217  }
218 
219  $this->tpl->setContent($generalSettingsTpl->get());
220  }
221 
222 
229  public function loginInfoObject()
230  {
231  global $DIC;
232 
233  $rbacsystem = $DIC['rbacsystem'];
234  $lng = $DIC['lng'];
235  $ilSetting = $DIC['ilSetting'];
236 
237  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
238  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
239  }
240 
241  $this->tabs_gui->setTabActive("authentication_settings");
242  $this->setSubTabs("authSettings");
243  $this->tabs_gui->setSubTabActive("auth_login_editor");
244 
245  $lng->loadLanguageModule("meta");
246 
247  $this->tpl->addBlockFile(
248  "ADM_CONTENT",
249  "adm_content",
250  "tpl.auth_login_messages.html",
251  "Services/Authentication"
252  );
253  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
254  $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
255  $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
256  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
257  $this->initLoginForm();
258  $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
259  }
260 
261 
262  public function cancelObject()
263  {
264  $this->ctrl->redirect($this, "authSettings");
265  }
266 
267  public function setAuthModeObject()
268  {
269  global $DIC;
270 
271  $rbacsystem = $DIC['rbacsystem'];
272  $ilSetting = $DIC['ilSetting'];
273 
274  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
275  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
276  }
277 
278  if (empty($_POST["auth_mode"])) {
279  $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
280  }
281 
282  $current_auth_mode = $ilSetting->get('auth_mode', '');
283  if ($_POST["auth_mode"] == $current_auth_mode) {
284  ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
285  $this->ctrl->redirect($this, 'authSettings');
286  }
287 
288  switch ($_POST["auth_mode"]) {
289  case AUTH_SAML:
290  break;
291 
292  case AUTH_LDAP:
293 
294  /*
295  if ($this->object->checkAuthLDAP() !== true)
296  {
297  ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
298  ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
299  }
300  */
301  break;
302 
303  // @fix changed from AUTH_SHIB > is not defined
304  case AUTH_SHIBBOLETH:
305  if ($this->object->checkAuthSHIB() !== true) {
306  ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
307  ilUtil::redirect(
308  $this->getReturnLocation(
309  'authSettings',
310  $this->ctrl->getLinkTargetByClass(
311  ilAuthShibbolethSettingsGUI::class,
312  'settings',
313  '',
314  false,
315  false
316  )
317  )
318  );
319  }
320  break;
321 
322  case AUTH_RADIUS:
323  if ($this->object->checkAuthRADIUS() !== true) {
324  ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
325  $this->ctrl->redirect($this, 'editRADIUS');
326  }
327  break;
328 
329  case AUTH_SCRIPT:
330  if ($this->object->checkAuthScript() !== true) {
331  ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
332  ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
333  }
334  break;
335  }
336 
337  $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
338 
339  ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
340  $this->ctrl->redirect($this, 'authSettings');
341  }
342 
348  public function editSOAPObject()
349  {
350  global $DIC;
351 
352  $rbacsystem = $DIC['rbacsystem'];
353  $rbacreview = $DIC['rbacreview'];
354  $ilSetting = $DIC['ilSetting'];
355  $ilCtrl = $DIC['ilCtrl'];
356  $lng = $DIC['lng'];
357 
358  if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
359  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
360  }
361 
362  $this->tabs_gui->setTabActive('auth_soap');
363 
364  //set Template
365  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
366 
367  // compose role list
368  $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
369  $roles = array();
370 
371  foreach ($role_list as $role) {
372  $roles[$role['obj_id']] = $role['title'];
373  }
374 
375  //set property form gui
376  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
377 
378  $soap_config = new ilPropertyFormGUI();
379  $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
380  $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
381  $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
382  if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
383  $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
384  $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
385  }
386  //set activ
387  $active = new ilCheckboxInputGUI();
388  $active->setTitle($this->lng->txt("active"));
389  $active->setPostVar("soap[active]");
390 
391  //set server
392  $server = new ilTextInputGUI();
393  $server->setTitle($this->lng->txt("server"));
394  $server->setInfo($this->lng->txt("auth_soap_server_desc"));
395  $server->setPostVar("soap[server]");
396  $server->setSize(50);
397  $server->setMaxLength(256);
398  $server->setRequired(true);
399 
400  //set port
401  $port = new ilTextInputGUI();
402  $port->setTitle($this->lng->txt("port"));
403  $port->setInfo($this->lng->txt("auth_soap_port_desc"));
404  $port->setPostVar("soap[port]");
405  $port->setSize(7);
406  $port->setMaxLength(5);
407 
408  //set https
409  $https = new ilCheckboxInputGUI();
410  $https->setTitle($this->lng->txt("auth_soap_use_https"));
411  $https->setPostVar("soap[use_https]");
412 
413  //set uri
414  $uri = new ilTextInputGUI();
415  $uri->setTitle($this->lng->txt("uri"));
416  $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
417  $uri->setPostVar("soap[uri]");
418  $uri->setSize(50);
419  $uri->setMaxLength(256);
420 
421  //set namespace
422  $namespace = new ilTextInputGUI();
423  $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
424  $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
425  $namespace->setPostVar("soap[namespace]");
426  $namespace->setSize(50);
427  $namespace->setMaxLength(256);
428 
429  //set dotnet
430  $dotnet = new ilCheckboxInputGUI();
431  $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
432  $dotnet->setPostVar("soap[use_dotnet]");
433 
434  //set create users
435  $createuser = new ilCheckboxInputGUI();
436  $createuser->setTitle($this->lng->txt("auth_create_users"));
437  $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
438  $createuser->setPostVar("soap[create_users]");
439 
440  //set account mail
441  $sendmail = new ilCheckboxInputGUI();
442  $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
443  $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
444  $sendmail->setPostVar("soap[account_mail]");
445 
446  //set user default role
447  $defaultrole = new ilSelectInputGUI();
448  $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
449  $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
450  $defaultrole->setPostVar("soap[user_default_role]");
451  $defaultrole->setOptions($roles);
452 
453  //set allow local authentication
454  $allowlocal = new ilCheckboxInputGUI();
455  $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
456  $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
457  $allowlocal->setPostVar("soap[allow_local]");
458 
459  // get all settings
460  $settings = $ilSetting->getAll();
461 
462  // get values in error case
463  if ($_SESSION["error_post_vars"]) {
464  $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
465  $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
466  $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
467  $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
468  $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
469  $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
470  $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
471  $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
472  $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
473  $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
474  $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
475  } else {
476  $active ->setChecked($settings["soap_auth_active"]);
477  $server ->setValue($settings["soap_auth_server"]);
478  $port ->setValue($settings["soap_auth_port"]);
479  $https ->setChecked($settings["soap_auth_use_https"]);
480  $uri ->setValue($settings["soap_auth_uri"]);
481  $namespace ->setValue($settings["soap_auth_namespace"]);
482  $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
483  $createuser ->setChecked($settings["soap_auth_create_users"]);
484  $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
485  $defaultrole->setValue($settings["soap_auth_user_default_role"]);
486  $sendmail ->setChecked($settings["soap_auth_account_mail"]);
487  }
488 
489  if (!$defaultrole->getValue()) {
490  $defaultrole->setValue(4);
491  }
492 
493  //add Items to property gui
494  $soap_config->addItem($active);
495  $soap_config->addItem($server);
496  $soap_config->addItem($port);
497  $soap_config->addItem($https);
498  $soap_config->addItem($uri);
499  $soap_config->addItem($namespace);
500  $soap_config->addItem($dotnet);
501  $soap_config->addItem($createuser);
502  $soap_config->addItem($sendmail);
503  $soap_config->addItem($defaultrole);
504  $soap_config->addItem($allowlocal);
505 
506  $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
507 
508  // test form
509  $form = new ilPropertyFormGUI();
510  $form->setFormAction($ilCtrl->getFormAction($this));
511  $form->setTitle("Test Request");
512  $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
513  $form->addItem($text_prop);
514  $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
515  $form->addItem($text_prop2);
516  $cb = new ilCheckboxInputGUI("new_user", "new_user");
517  $form->addItem($cb);
518 
519  $form->addCommandButton(
520  "testSoapAuthConnection",
521  "Send"
522  );
523 
524  if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
525  include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
526  $ret = "<br />" . ilSOAPAuth::testConnection(
527  ilUtil::stripSlashes($_POST["ext_uid"]),
528  ilUtil::stripSlashes($_POST["soap_pw"]),
529  (boolean) $_POST["new_user"]
530  );
531  }
532  $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
533  }
534 
535  public function testSoapAuthConnectionObject()
536  {
537  $this->editSOAPObject();
538  }
539 
545  public function saveSOAPObject()
546  {
547  global $DIC;
548 
549  $ilUser = $DIC['ilUser'];
550  $ilSetting = $DIC['ilSetting'];
551  $rbacsystem = $DIC['rbacsystem'];
552 
553  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
554  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
555  }
556 
557  // validate required data
558  if (!$_POST["soap"]["server"]) {
559  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
560  }
561 
562  // validate port
563  if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
564  $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
565  }
566 
567  $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
568  $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
569  $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
570  $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
571  $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
572  $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
573  $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
574  $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
575  $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
576  $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
577  $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
578  ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
579 
580  $this->ctrl->redirect($this, 'editSOAP');
581  }
582 
588  public function editScriptObject()
589  {
590  global $DIC;
591 
592  $rbacsystem = $DIC['rbacsystem'];
593 
594  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
595  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
596  }
597 
598  if ($_SESSION["error_post_vars"]) {
599  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
600  } else {
601  // set already saved data
602  $settings = $this->ilias->getAllSettings();
603 
604  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
605  }
606 
607  $this->tabs_gui->setTabActive('auth_script');
608 
609  $this->tpl->addBlockFile(
610  "ADM_CONTENT",
611  "adm_content",
612  "tpl.auth_script.html",
613  "Services/Authentication"
614  );
615 
616  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
617  $this->tpl->setVariable("COLSPAN", 3);
618  $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
619  $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
620  $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
621 
622  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
623  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
624  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
625  $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
626  }
627 
633  public function saveScriptObject()
634  {
635  // validate required data
636  if (!$_POST["auth_script"]["name"]) {
637  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
638  }
639 
640  // validate script url
641  /*
642  if (( TODO ,$_POST["ldap"]["server"])) == false)
643  {
644  $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
645  }*/
646 
647  // TODO: check connection to server
648 
649  // all ok. save settings and activate auth by external script
650  $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
651  $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
652 
653  ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
654  $this->ctrl->redirect($this, 'editScript');
655  }
656 
657 
664  public function getAuthModeTitle()
665  {
666  switch ($this->ilias->getSetting("auth_mode")) {
667  case AUTH_LOCAL:
668  return $this->lng->txt("auth_local");
669  break;
670 
671  case AUTH_LDAP:
672  return $this->lng->txt("auth_ldap");
673  break;
674 
675  case AUTH_SHIBBOLETH:
676  return $this->lng->txt("auth_shib");
677  break;
678 
679  case AUTH_SAML:
680  return $this->lng->txt("auth_saml");
681  break;
682 
683  case AUTH_RADIUS:
684  return $this->lng->txt("auth_radius");
685  break;
686 
687  case AUTH_SCRIPT:
688  return $this->lng->txt("auth_script");
689  break;
690 
691  case AUTH_APACHE:
692  return $this->lng->txt("auth_apache");
693  break;
694 
695  default:
696  return $this->lng->txt("unknown");
697  break;
698  }
699  }
700 
701  public function updateAuthRolesObject()
702  {
703  global $DIC;
704 
705  $rbacsystem = $DIC['rbacsystem'];
706 
707  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
708  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
709  }
710 
711  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
712  ilObjRole::_updateAuthMode($_POST['Fobject']);
713 
714  ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
715  $this->ctrl->redirect($this, 'authSettings');
716  }
717 
723  protected function initAuthModeDetermination()
724  {
725  if (is_object($this->form)) {
726  return true;
727  }
728 
729  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
730  $this->form = new ilPropertyFormGUI();
731  $this->form->setFormAction($this->ctrl->getFormAction($this));
732  $this->form->setTableWidth('100%');
733  $this->form->setTitle($this->lng->txt('auth_auth_settings'));
734  $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
735 
736  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
737  $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
738  $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
739  $cap->setValue(1);
740  if (!ilCaptchaUtil::checkFreetype()) {
741  $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
742  }
743  $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
744  $this->form->addItem($cap);
745 
746  // Are there any authentication methods that support automatic determination ?
747  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
748  $det = ilAuthModeDetermination::_getInstance();
749  if ($det->getCountActiveAuthModes() <= 1) {
750  return true;
751  }
752 
753  $header = new ilFormSectionHeaderGUI();
754  $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
755  $this->form->addItem($header);
756 
757  $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
758  $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
759  $kind->setValue($det->getKind());
760  $kind->setRequired(true);
761 
762  $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
763  $kind->addOption($option_user);
764 
765  $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
766 
767  include_once('Services/Authentication/classes/class.ilAuthUtils.php');
768 
769  $auth_sequenced = $det->getAuthModeSequence();
770  $counter = 1;
771  foreach ($auth_sequenced as $auth_mode) {
772  switch ($auth_mode) {
773  // begin-patch ldap_multiple
774  case ilLDAPServer::isAuthModeLDAP($auth_mode):
775  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
776  $server = ilLDAPServer::getInstanceByServerId($auth_id);
777  $text = $server->getName();
778  // end-patch ldap_multiple
779  break;
780  case AUTH_RADIUS:
781  $text = $this->lng->txt('auth_radius');
782  break;
783  case AUTH_LOCAL:
784  $text = $this->lng->txt('auth_local');
785  break;
786  case AUTH_SOAP:
787  $text = $this->lng->txt('auth_soap');
788  break;
789  case AUTH_APACHE:
790  $text = $this->lng->txt('auth_apache');
791  break;
792  // begin-patch auth_plugin
793  default:
794  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
795  $option = $pl->getMultipleAuthModeOptions($auth_mode);
796  $text = $option[$auth_mode]['txt'];
797  }
798  break;
799  // end-patch auth_plugin
800  }
801 
802  $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
803  $pos->setValue($counter++);
804  $pos->setSize(1);
805  $pos->setMaxLength(1);
806  $option_determination->addSubItem($pos);
807  }
808  $kind->addOption($option_determination);
809  $this->form->addItem($kind);
810  return true;
811  }
812 
819  public function updateAuthModeDeterminationObject()
820  {
821  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
822  $det = ilAuthModeDetermination::_getInstance();
823 
824  $det->setKind((int) $_POST['kind']);
825 
826  $pos = $_POST['position'] ? $_POST['position'] : array();
827  asort($pos, SORT_NUMERIC);
828 
829  $counter = 0;
830  foreach ($pos as $auth_mode => $dummy) {
831  $position[$counter++] = $auth_mode;
832  }
833  $det->setAuthModeSequence($position ? $position : array());
834  $det->save();
835 
836  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
837  ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
838 
839  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
840  $this->authSettingsObject();
841  }
842 
849  public function executeCommand()
850  {
851  global $DIC;
852 
853  $ilAccess = $DIC['ilAccess'];
854  $ilErr = $DIC['ilErr'];
855 
856 
857  $next_class = $this->ctrl->getNextClass($this);
858  $cmd = $this->ctrl->getCmd();
859  $this->prepareOutput();
860 
861  if (!$DIC->rbac()->system()->checkAccess("visible,read", $this->object->getRefId())) {
862  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
863  }
864 
865  switch ($next_class) {
866  case 'ilopenidconnectsettingsgui':
867 
868  $this->tabs_gui->activateTab('auth_oidconnect');
869 
870  $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
871  $this->ctrl->forwardCommand($oid);
872  break;
873 
874  case 'ilsamlsettingsgui':
875  $this->tabs_gui->setTabActive('auth_saml');
876 
877  require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
878  $os = new ilSamlSettingsGUI($this->object->getRefId());
879  $this->ctrl->forwardCommand($os);
880  break;
881 
882  case 'ilregistrationsettingsgui':
883 
884  include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
885 
886  // Enable tabs
887  $this->tabs_gui->setTabActive('registration_settings');
888  $registration_gui = new ilRegistrationSettingsGUI();
889  $this->ctrl->forwardCommand($registration_gui);
890  break;
891 
892  case 'ilpermissiongui':
893 
894  // Enable tabs
895  $this->tabs_gui->setTabActive('perm_settings');
896 
897  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
898  $perm_gui = new ilPermissionGUI($this);
899  $ret = &$this->ctrl->forwardCommand($perm_gui);
900  break;
901 
902  case 'illdapsettingsgui':
903 
904  // Enable Tabs
905  $this->tabs_gui->setTabActive('auth_ldap');
906 
907  include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
908  $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
909  $this->ctrl->forwardCommand($ldap_settings_gui);
910  break;
911 
912  case 'ilauthshibbolethsettingsgui':
913 
914  $this->tabs_gui->setTabActive('auth_shib');
915  include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
916  $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
917  $this->ctrl->forwardCommand($shib_settings_gui);
918  break;
919 
920  case 'ilcassettingsgui':
921 
922  $this->tabs_gui->setTabActive('auth_cas');
923  include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
924  $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
925  $this->ctrl->forwardCommand($cas_settings);
926  break;
927 
928  case 'ilradiussettingsgui':
929 
930  $this->tabs_gui->setTabActive('auth_radius');
931  include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
932  $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
933  $this->ctrl->forwardCommand($radius_settings_gui);
934  break;
935 
936 
937  case 'ilauthloginpageeditorgui':
938 
939  $this->setSubTabs("authSettings");
940  $this->tabs_gui->setTabActive('authentication_settings');
941  $this->tabs_gui->setSubTabActive("auth_login_editor");
942 
943  include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
944  $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
945  $this->ctrl->forwardCommand($lpe);
946  break;
947 
948  default:
949  if (!$cmd) {
950  $cmd = "authSettings";
951  }
952  $cmd .= "Object";
953  $this->$cmd();
954 
955  break;
956  }
957  return true;
958  }
959 
960  public function getAdminTabs()
961  {
962  $this->getTabs();
963  }
964 
970  public function getTabs()
971  {
972  global $DIC;
973 
974  $rbacsystem = $DIC['rbacsystem'];
975 
976  $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
977 
978  if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
979  $this->tabs_gui->addTarget(
980  "authentication_settings",
981  $this->ctrl->getLinkTarget($this, "authSettings"),
982  "",
983  "",
984  ""
985  );
986 
987  $this->tabs_gui->addTarget(
988  'registration_settings',
989  $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
990  );
991 
992  $this->tabs_gui->addTarget(
993  "auth_ldap",
994  $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
995  "",
996  "",
997  ""
998  );
999 
1000 
1001  #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1002  # "", "", "");
1003 
1004  $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
1005 
1006  $this->tabs_gui->addTarget(
1007  'auth_cas',
1008  $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
1009  );
1010 
1011  $this->tabs_gui->addTarget(
1012  "auth_radius",
1013  $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
1014  "",
1015  "",
1016  ""
1017  );
1018 
1019  $this->tabs_gui->addTarget(
1020  "auth_soap",
1021  $this->ctrl->getLinkTarget($this, "editSOAP"),
1022  "",
1023  "",
1024  ""
1025  );
1026 
1027  $this->tabs_gui->addTarget(
1028  "apache_auth_settings",
1029  $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1030  "",
1031  "",
1032  ""
1033  );
1034 
1035  require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1036  $this->tabs_gui->addTarget(
1037  'auth_saml',
1038  $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1039  '',
1040  '',
1041  ''
1042  );
1043 
1044  $this->tabs_gui->addTab(
1045  'auth_oidconnect',
1046  $this->lng->txt('auth_oidconnect'),
1047  $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1048  );
1049  }
1050 
1051  if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1052  $this->tabs_gui->addTarget(
1053  "perm_settings",
1054  $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1055  array("perm","info","owner"),
1056  'ilpermissiongui'
1057  );
1058  }
1059  }
1060 
1064  public function setSubTabs($a_tab)
1065  {
1066  global $DIC;
1067 
1068  $rbacsystem = $DIC['rbacsystem'];
1069  $ilUser = $DIC['ilUser'];
1070  $ilAccess = $DIC['ilAccess'];
1071 
1072  $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1073 
1074  switch ($a_tab) {
1075  case 'authSettings':
1076  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1077  $this->tabs_gui->addSubTabTarget(
1078  "auth_settings",
1079  $this->ctrl->getLinkTarget($this, 'authSettings'),
1080  ""
1081  );
1082  }
1083  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1084  $this->tabs_gui->addSubTabTarget(
1085  'auth_login_editor',
1086  $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1087  ''
1088  );
1089  }
1090  break;
1091  }
1092  }
1093 
1094 
1095  public function apacheAuthSettingsObject($form = false)
1096  {
1097  global $DIC;
1098 
1099  $tpl = $DIC['tpl'];
1100 
1101  $this->tabs_gui->setTabActive("apache_auth_settings");
1102 
1103  if (!$form) {
1104  $form = $this->getApacheAuthSettingsForm();
1105 
1106  $settings = new ilSetting('apache_auth');
1107  $settingsMap = $settings->getAll();
1108 
1109  $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1110  if (file_exists($path) && is_readable($path)) {
1111  $settingsMap['apache_auth_domains'] = file_get_contents($path);
1112  }
1113 
1114  $form->setValuesByArray($settingsMap);
1115  }
1116  $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1117  }
1118 
1119  public function saveApacheSettingsObject()
1120  {
1121  global $DIC;
1122 
1123  $ilCtrl = $DIC['ilCtrl'];
1124  $form = $this->getApacheAuthSettingsForm();
1125  $form->setValuesByPost();
1126  /*$items = $form->getItems();
1127  foreach($items as $item)
1128  $item->validate();*/
1129  if ($form->checkInput()) {
1130  $settings = new ilSetting('apache_auth');
1131  $fields = array(
1132  'apache_auth_indicator_name', 'apache_auth_indicator_value',
1133  'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1134  'apache_enable_ldap', 'apache_auth_username_config_type',
1135  'apache_auth_username_direct_mapping_fieldname',
1136  'apache_default_role', 'apache_auth_target_override_login_page',
1137  'apache_auth_enable_override_login_page',
1138  'apache_auth_authenticate_on_login_page',
1139  'apache_ldap_sid'
1140 // 'apache_auth_username_by_function_functionname',
1141  );
1142 
1143  foreach ($fields as $field) {
1144  $settings->set($field, $form->getInput($field));
1145  }
1146 
1147  if ($form->getInput('apache_enable_auth')) {
1148  $this->ilias->setSetting('apache_active', true);
1149  } else {
1150  $this->ilias->setSetting('apache_active', false);
1151  global $DIC;
1152 
1153  $ilSetting = $DIC['ilSetting'];
1154  if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1155  $ilSetting->set("auth_mode", AUTH_LOCAL);
1156  }
1157  }
1158 
1159  $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1160  file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1161 
1162  ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1163  $this->ctrl->redirect($this, 'apacheAuthSettings');
1164  } else {
1165  $this->apacheAuthSettingsObject($form);
1166  }
1167  }
1168 
1169  public function getApacheAuthSettingsForm()
1170  {
1171  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1172 
1173  $form = new ilPropertyFormGUI();
1174  $form->setFormAction($this->ctrl->getFormAction($this));
1175  $form->setTitle($this->lng->txt('apache_settings'));
1176 
1177  $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1178  $form->addItem($chb_enabled);
1179 
1180  $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1181  $chb_enabled->addSubitem($chb_local_create_account);
1182 
1183  global $DIC;
1184 
1185  $rbacreview = $DIC['rbacreview'];
1186  $roles = $rbacreview->getGlobalRolesArray();
1187  $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1188  $roleOptions = array();
1189  foreach ($roles as $role) {
1190  $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1191  }
1192  $select->setOptions($roleOptions);
1193  $select->setValue(4);
1194 
1195  $chb_local_create_account->addSubitem($select);
1196 
1197  $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1198  $form->addItem($chb_local);
1199 
1200  $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1201  $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1202 
1203  $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1204  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1205  $servers = ilLDAPServer::getServerIds();
1206  if (count($servers)) {
1207  $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1208  $options[0] = $this->lng->txt('select_one');
1209  foreach ($servers as $server_id) {
1210  $ldap_server = new ilLDAPServer($server_id);
1211  $options[$server_id] = $ldap_server->getName();
1212  }
1213  $ldap_server_select->setOptions($options);
1214  $ldap_server_select->setRequired(true);
1215 
1216  $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1217  $ldap_server_select->setValue($ds);
1218 
1219  $chb_ldap->addSubItem($ldap_server_select);
1220  }
1221  $form->addItem($chb_ldap);
1222 
1223  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1224  $txt->setRequired(true);
1225  $form->addItem($txt);
1226 
1227  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1228  $txt->setRequired(true);
1229  $form->addItem($txt);
1230 
1231 
1232  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1233  $form->addItem($chb);
1234 
1235  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1236  $txt->setRequired(true);
1237  $chb->addSubItem($txt);
1238 
1239  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1240  $form->addItem($chb);
1241 
1242  $sec = new ilFormSectionHeaderGUI();
1243  $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1244  $form->addItem($sec);
1245 
1246  $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1247  $form->addItem($rag);
1248 
1249  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1250  $rag->addOption($rao);
1251 
1252  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1253  //$txt->setRequired(true);
1254  $rao->addSubItem($txt);
1255 
1256  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1257  $rao->setDisabled(true);
1258  $rag->addOption($rao);
1259 
1260  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1261  $rag->addOption($rao);
1262 
1263  /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1264  $rao->addSubItem($txt);*/
1265 
1266  $sec = new ilFormSectionHeaderGUI();
1267  $sec->setTitle($this->lng->txt('apache_auth_security'));
1268  $form->addItem($sec);
1269 
1270  $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1271  $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1272 
1273  $form->addItem($txt);
1274 
1275  if ($this->dic->rbac()->system()->checkAccess('visible, read', $this->ref_id)) {
1276  $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1277  }
1278  $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1279 
1280  return $form;
1281  }
1282 
1283  private function validateApacheAuthAllowedDomains($text)
1284  {
1285  return join("\n", preg_split("/[\r\n]+/", $text));
1286  }
1287 
1288  public function registrationSettingsObject()
1289  {
1290  $registration_gui = new ilRegistrationSettingsGUI();
1291  $this->ctrl->redirect($registration_gui);
1292  }
1293 
1298  public function addToExternalSettingsForm($a_form_id)
1299  {
1300  switch ($a_form_id) {
1301  case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1302  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1303  $fields_login = array(
1304  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1305  );
1306 
1307  $fields_registration = array(
1308  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1309  );
1310 
1311 
1312  return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1313  }
1314  }
1315 } // END class.ilObjAuthSettingsGUI
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:15
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:588
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml(string $a_auth_mode)
Definition: class.ilSamlIdp.php:194
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:385
ilOpenIdConnectSettingsGUI
Class ilOpenIdConnectSettingsGUI.
Definition: class.ilOpenIdConnectSettingsGUI.php:11
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:664
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:349
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:31
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:22
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:229
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:592
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:260
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId(int $a_idp_id)
Definition: class.ilSamlIdp.php:66
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode(string $a_auth_mode)
Definition: class.ilSamlIdp.php:213
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:198
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4503
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:749
$name
if($format !==null) $name
Definition: metadata.php:230
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:723
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:348
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:309
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:633
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids ilDB $ilDB.
Definition: class.ilLDAPServer.php:226
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:80
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3659
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor public.
Definition: class.ilSOAPAuth.php:45
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:13
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:36
$ilUser
$ilUser
Definition: imgupload.php:18
$https
$https
Definition: imgupload.php:19
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:324
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2408
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilSelectInputGUI\setOptions
setOptions($a_options)
Set Options.
Definition: class.ilSelectInputGUI.php:43
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
$txt
$txt
Definition: error.php:13
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:56
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4519
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
$server
$server
Definition: dummy_client.php:12
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:326
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:8
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:819
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:16
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:30
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
$ret
$ret
Definition: parser.php:6
$DIC
$DIC
Definition: xapitoken.php:46
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor public.
Definition: class.ilObjAuthSettingsGUI.php:28
ilRadioOption\setDisabled
setDisabled($a_disabled)
Definition: class.ilRadioOption.php:106
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:545
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:19
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3306
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1432
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9