28 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output =
true)
36 $this->lng->loadLanguageModule(
'registration');
37 $this->lng->loadLanguageModule(
'auth');
39 define(
'LDAP_DEFAULT_PORT', 389);
40 define(
'RADIUS_DEFAULT_PORT', 1812);
63 if (!
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
64 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
67 $this->tabs_gui->setTabActive(
'authentication_settings');
69 $this->tabs_gui->setSubTabActive(
"auth_settings");
71 $generalSettingsTpl =
new ilTemplate(
'tpl.auth_general.html',
true,
true,
'Services/Authentication');
73 $generalSettingsTpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
74 $generalSettingsTpl->setVariable(
"TXT_AUTH_TITLE", $this->lng->txt(
"auth_select"));
76 $generalSettingsTpl->setVariable(
"TXT_AUTH_MODE", $this->lng->txt(
"auth_mode"));
77 $generalSettingsTpl->setVariable(
"TXT_AUTH_DEFAULT", $this->lng->txt(
"default"));
78 $generalSettingsTpl->setVariable(
"TXT_AUTH_ACTIVE", $this->lng->txt(
"active"));
79 $generalSettingsTpl->setVariable(
"TXT_AUTH_NUM_USERS", $this->lng->txt(
"num_users"));
81 $generalSettingsTpl->setVariable(
"TXT_LOCAL", $this->lng->txt(
"auth_local"));
82 $generalSettingsTpl->setVariable(
"TXT_LDAP", $this->lng->txt(
"auth_ldap"));
83 $generalSettingsTpl->setVariable(
"TXT_SHIB", $this->lng->txt(
"auth_shib"));
85 $generalSettingsTpl->setVariable(
"TXT_CAS", $this->lng->txt(
"auth_cas"));
87 $generalSettingsTpl->setVariable(
"TXT_RADIUS", $this->lng->txt(
"auth_radius"));
88 $generalSettingsTpl->setVariable(
"TXT_SCRIPT", $this->lng->txt(
"auth_script"));
90 $generalSettingsTpl->setVariable(
"TXT_APACHE", $this->lng->txt(
"auth_apache"));
95 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
97 $icon_ok =
"<img src=\"" .
ilUtil::getImagePath(
"icon_ok.svg") .
"\" alt=\"" . $this->lng->txt(
"enabled") .
"\" title=\"" . $this->lng->txt(
"enabled") .
"\" border=\"0\" vspace=\"0\"/>";
98 $icon_not_ok =
"<img src=\"" .
ilUtil::getImagePath(
"icon_not_ok.svg") .
"\" alt=\"" . $this->lng->txt(
"disabled") .
"\" title=\"" . $this->lng->txt(
"disabled") .
"\" border=\"0\" vspace=\"0\"/>";
101 foreach ($auth_modes as $mode => $mode_name) {
106 $generalSettingsTpl->setCurrentBlock(
'auth_mode');
110 $generalSettingsTpl->setVariable(
"AUTH_NAME",
$server->getName());
111 $generalSettingsTpl->setVariable(
'AUTH_ACTIVE',
$server->isActive() ? $icon_ok : $icon_not_ok);
114 $generalSettingsTpl->setVariable(
'AUTH_NAME', $idp->getEntityId());
115 $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
117 $generalSettingsTpl->setVariable(
"AUTH_NAME", $this->lng->txt(
"auth_" . $mode_name));
118 $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', $this->
ilias->getSetting($mode_name .
'_active') || $mode ==
AUTH_LOCAL ? $icon_ok : $icon_not_ok);
122 $generalSettingsTpl->setVariable(
"AUTH_CHECKED",
"checked=\"checked\"");
124 $generalSettingsTpl->setVariable(
126 ((
int) $auth_cnt[$mode_name] + $auth_cnt[
"default"]) .
" (" . $this->lng->txt(
"auth_per_default") .
127 ": " . $auth_cnt[
"default"] .
")"
130 $generalSettingsTpl->setVariable(
132 (
int) $auth_cnt[$mode_name]
135 $generalSettingsTpl->setVariable(
"AUTH_ID", $mode_name);
136 $generalSettingsTpl->setVariable(
"AUTH_VAL", $mode);
137 $generalSettingsTpl->parseCurrentBlock();
140 $generalSettingsTpl->setVariable(
"TXT_CONFIGURE", $this->lng->txt(
"auth_configure"));
142 if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
143 $generalSettingsTpl->setVariable(
"TXT_AUTH_REMARK", $this->lng->txt(
"auth_remark_non_local_auth"));
144 $generalSettingsTpl->setCurrentBlock(
'auth_mode_submit');
145 $generalSettingsTpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
146 $generalSettingsTpl->setVariable(
"CMD_SUBMIT",
"setAuthMode");
147 $generalSettingsTpl->parseCurrentBlock();
152 $generalSettingsTpl->setVariable(
'TABLE_AUTH_DETERMINATION', $this->form->getHTML());
156 $generalSettingsTpl->setVariable(
158 $this->ctrl->getFormAction($this)
160 $generalSettingsTpl->setVariable(
"TXT_AUTH_ROLES", $this->lng->txt(
"auth_active_roles"));
161 $generalSettingsTpl->setVariable(
"TXT_ROLE", $this->lng->txt(
"obj_role"));
162 $generalSettingsTpl->setVariable(
"TXT_ROLE_AUTH_MODE", $this->lng->txt(
"auth_role_auth_mode"));
163 if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
164 $generalSettingsTpl->setVariable(
"CMD_SUBMIT_ROLES",
"updateAuthRoles");
165 $generalSettingsTpl->setVariable(
'BTN_SUBMIT_ROLES', $this->lng->txt(
'save'));
168 include_once(
"./Services/AccessControl/classes/class.ilObjRole.php");
172 include_once(
'./Services/Authentication/classes/class.ilAuthUtils.php');
175 foreach ($reg_roles as $role) {
176 foreach ($active_auth_modes as $auth_name => $auth_key) {
180 if ($auth_name ==
"default" || $auth_name ==
"cas"
181 || $auth_name ==
'saml'
182 || $auth_name ==
"shibboleth" || $auth_name ==
'ldap'
183 || $auth_name ==
'apache' || $auth_name ==
"ecs"
184 || $auth_name ==
"openid") {
188 $generalSettingsTpl->setCurrentBlock(
"auth_mode_selection");
190 if ($auth_name ==
'default') {
197 $name = $idp->getEntityId();
199 $name = $this->lng->txt(
'auth_' . $auth_name);
202 $generalSettingsTpl->setVariable(
"AUTH_MODE_NAME",
$name);
204 $generalSettingsTpl->setVariable(
"AUTH_MODE", $auth_name);
206 if ($role[
'auth_mode'] == $auth_name) {
207 $generalSettingsTpl->setVariable(
"SELECTED_AUTH_MODE",
"selected=\"selected\"");
210 $generalSettingsTpl->parseCurrentBlock();
213 $generalSettingsTpl->setCurrentBlock(
"roles");
214 $generalSettingsTpl->setVariable(
"ROLE", $role[
'title']);
215 $generalSettingsTpl->setVariable(
"ROLE_ID", $role[
'id']);
216 $generalSettingsTpl->parseCurrentBlock();
219 $this->tpl->setContent($generalSettingsTpl->get());
237 if (!
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
238 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
241 $this->tabs_gui->setTabActive(
"authentication_settings");
243 $this->tabs_gui->setSubTabActive(
"auth_login_editor");
245 $lng->loadLanguageModule(
"meta");
247 $this->tpl->addBlockFile(
250 "tpl.auth_login_messages.html",
251 "Services/Authentication"
253 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
254 $this->tpl->setVariable(
"TXT_HEADLINE", $this->lng->txt(
"login_information"));
255 $this->tpl->setVariable(
"TXT_DESCRIPTION", $this->lng->txt(
"login_information_desc"));
256 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
257 $this->initLoginForm();
258 $this->tpl->setVariable(
'LOGIN_INFO', $this->form->getHTML());
264 $this->ctrl->redirect($this,
"authSettings");
274 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
275 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
278 if (empty(
$_POST[
"auth_mode"])) {
279 $this->
ilias->raiseError($this->lng->txt(
"auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
282 $current_auth_mode =
$ilSetting->get(
'auth_mode',
'');
283 if (
$_POST[
"auth_mode"] == $current_auth_mode) {
284 ilUtil::sendInfo($this->lng->txt(
"auth_mode") .
": " . $this->getAuthModeTitle() .
" " . $this->lng->txt(
"auth_mode_not_changed"),
true);
285 $this->ctrl->redirect($this,
'authSettings');
288 switch (
$_POST[
"auth_mode"]) {
305 if ($this->object->checkAuthSHIB() !==
true) {
310 $this->ctrl->getLinkTargetByClass(
311 ilAuthShibbolethSettingsGUI::class,
323 if ($this->object->checkAuthRADIUS() !==
true) {
325 $this->ctrl->redirect($this,
'editRADIUS');
330 if ($this->object->checkAuthScript() !==
true) {
337 $this->
ilias->setSetting(
"auth_mode",
$_POST[
"auth_mode"]);
339 ilUtil::sendSuccess($this->lng->txt(
"auth_default_mode_changed_to") .
" " . $this->getAuthModeTitle(),
true);
340 $this->ctrl->redirect($this,
'authSettings');
358 if (!
$rbacsystem->checkAccess(
"read", $this->object->getRefId())) {
359 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
362 $this->tabs_gui->setTabActive(
'auth_soap');
365 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.auth_soap.html',
'Services/Authentication');
368 $role_list =
$rbacreview->getRolesByFilter(2, $this->object->getId());
371 foreach ($role_list as $role) {
372 $roles[$role[
'obj_id']] = $role[
'title'];
376 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
379 $soap_config->setTitle($this->lng->txt(
"auth_soap_auth"));
380 $soap_config->setDescription($this->lng->txt(
"auth_soap_auth_desc"));
381 $soap_config->setFormAction($this->ctrl->getFormAction($this,
"editSOAP"));
382 if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
383 $soap_config->addCommandButton(
"saveSOAP", $this->lng->txt(
"save"));
384 $soap_config->addCommandButton(
"editSOAP", $this->lng->txt(
"cancel"));
388 $active->setTitle($this->lng->txt(
"active"));
389 $active->setPostVar(
"soap[active]");
393 $server->setTitle($this->lng->txt(
"server"));
394 $server->setInfo($this->lng->txt(
"auth_soap_server_desc"));
395 $server->setPostVar(
"soap[server]");
402 $port->setTitle($this->lng->txt(
"port"));
403 $port->setInfo($this->lng->txt(
"auth_soap_port_desc"));
404 $port->setPostVar(
"soap[port]");
406 $port->setMaxLength(5);
410 $https->setTitle($this->lng->txt(
"auth_soap_use_https"));
411 $https->setPostVar(
"soap[use_https]");
415 $uri->setTitle($this->lng->txt(
"uri"));
416 $uri->setInfo($this->lng->txt(
"auth_soap_uri_desc"));
417 $uri->setPostVar(
"soap[uri]");
419 $uri->setMaxLength(256);
423 $namespace->setTitle($this->lng->txt(
"auth_soap_namespace"));
424 $namespace->setInfo($this->lng->txt(
"auth_soap_namespace_desc"));
431 $dotnet->setTitle($this->lng->txt(
"auth_soap_use_dotnet"));
432 $dotnet->setPostVar(
"soap[use_dotnet]");
436 $createuser->setTitle($this->lng->txt(
"auth_create_users"));
437 $createuser->setInfo($this->lng->txt(
"auth_soap_create_users_desc"));
438 $createuser->setPostVar(
"soap[create_users]");
442 $sendmail->setTitle($this->lng->txt(
"user_send_new_account_mail"));
443 $sendmail->setInfo($this->lng->txt(
"auth_new_account_mail_desc"));
444 $sendmail->setPostVar(
"soap[account_mail]");
448 $defaultrole->setTitle($this->lng->txt(
"auth_user_default_role"));
449 $defaultrole->setInfo($this->lng->txt(
"auth_soap_user_default_role_desc"));
450 $defaultrole->setPostVar(
"soap[user_default_role]");
451 $defaultrole->setOptions($roles);
455 $allowlocal->setTitle($this->lng->txt(
"auth_allow_local"));
456 $allowlocal->setInfo($this->lng->txt(
"auth_soap_allow_local_desc"));
457 $allowlocal->setPostVar(
"soap[allow_local]");
464 $active ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"active"]);
466 $port ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"port"]);
467 $https ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_https"]);
468 $uri ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"uri"]);
470 $dotnet ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_dotnet"]);
471 $createuser ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"create_users"]);
472 $allowlocal ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"allow_local"]);
473 $defaultrole->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"user_default_role"]);
474 $sendmail ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"account_mail"]);
476 $active ->setChecked(
$settings[
"soap_auth_active"]);
478 $port ->setValue(
$settings[
"soap_auth_port"]);
480 $uri ->setValue(
$settings[
"soap_auth_uri"]);
482 $dotnet ->setChecked(
$settings[
"soap_auth_use_dotnet"]);
483 $createuser ->setChecked(
$settings[
"soap_auth_create_users"]);
484 $allowlocal ->setChecked(
$settings[
"soap_auth_allow_local"]);
485 $defaultrole->setValue(
$settings[
"soap_auth_user_default_role"]);
486 $sendmail ->setChecked(
$settings[
"soap_auth_account_mail"]);
489 if (!$defaultrole->getValue()) {
490 $defaultrole->setValue(4);
494 $soap_config->addItem($active);
495 $soap_config->addItem(
$server);
496 $soap_config->addItem($port);
497 $soap_config->addItem(
$https);
498 $soap_config->addItem($uri);
500 $soap_config->addItem($dotnet);
501 $soap_config->addItem($createuser);
502 $soap_config->addItem($sendmail);
503 $soap_config->addItem($defaultrole);
504 $soap_config->addItem($allowlocal);
506 $this->tpl->setVariable(
"CONFIG_FORM", $soap_config->getHTML());
510 $form->setFormAction(
$ilCtrl->getFormAction($this));
511 $form->setTitle(
"Test Request");
513 $form->addItem($text_prop);
515 $form->addItem($text_prop2);
519 $form->addCommandButton(
520 "testSoapAuthConnection",
524 if (
$ilCtrl->getCmd() ==
"testSoapAuthConnection") {
525 include_once(
"./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
529 (
boolean)
$_POST[
"new_user"]
532 $this->tpl->setVariable(
"TEST_FORM", $form->getHTML() .
$ret);
553 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
554 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
558 if (!
$_POST[
"soap"][
"server"]) {
559 $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
563 if (
$_POST[
"soap"][
"server"] !=
"" && (preg_match(
"/^[0-9]{0,5}$/",
$_POST[
"soap"][
"port"])) ==
false) {
564 $this->
ilias->raiseError($this->lng->txt(
"err_invalid_port"), $this->ilias->error_obj->MESSAGE);
577 $ilSetting->set(
"soap_auth_user_default_role",
$_POST[
"soap"][
"user_default_role"]);
578 ilUtil::sendSuccess($this->lng->txt(
"auth_soap_settings_saved"),
true);
580 $this->ctrl->redirect($this,
'editSOAP');
594 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
595 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
599 $this->tpl->setVariable(
"AUTH_SCRIPT_NAME",
$_SESSION[
"error_post_vars"][
"auth_script"][
"name"]);
604 $this->tpl->setVariable(
"AUTH_SCRIPT_NAME",
$settings[
"auth_script_name"]);
607 $this->tabs_gui->setTabActive(
'auth_script');
609 $this->tpl->addBlockFile(
612 "tpl.auth_script.html",
613 "Services/Authentication"
616 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
617 $this->tpl->setVariable(
"COLSPAN", 3);
618 $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_TITLE", $this->lng->txt(
"auth_script_configure"));
619 $this->tpl->setVariable(
"TXT_OPTIONS", $this->lng->txt(
"options"));
620 $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_NAME", $this->lng->txt(
"auth_script_name"));
622 $this->tpl->setVariable(
"TXT_REQUIRED_FLD", $this->lng->txt(
"required_field"));
623 $this->tpl->setVariable(
"TXT_CANCEL", $this->lng->txt(
"cancel"));
624 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
625 $this->tpl->setVariable(
"CMD_SUBMIT",
"saveScript");
636 if (!
$_POST[
"auth_script"][
"name"]) {
637 $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
650 $this->
ilias->setSetting(
"auth_script_name",
$_POST[
"auth_script"][
"name"]);
653 ilUtil::sendSuccess($this->lng->txt(
"auth_mode_changed_to") .
" " . $this->getAuthModeTitle(),
true);
654 $this->ctrl->redirect($this,
'editScript');
666 switch ($this->
ilias->getSetting(
"auth_mode")) {
668 return $this->lng->txt(
"auth_local");
672 return $this->lng->txt(
"auth_ldap");
676 return $this->lng->txt(
"auth_shib");
680 return $this->lng->txt(
"auth_saml");
684 return $this->lng->txt(
"auth_radius");
688 return $this->lng->txt(
"auth_script");
692 return $this->lng->txt(
"auth_apache");
696 return $this->lng->txt(
"unknown");
707 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
708 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
711 include_once(
'./Services/AccessControl/classes/class.ilObjRole.php');
714 ilUtil::sendSuccess($this->lng->txt(
"auth_mode_roles_changed"),
true);
715 $this->ctrl->redirect($this,
'authSettings');
725 if (is_object($this->form)) {
729 include_once(
'./Services/Form/classes/class.ilPropertyFormGUI.php');
731 $this->form->setFormAction($this->ctrl->getFormAction($this));
732 $this->form->setTableWidth(
'100%');
733 $this->form->setTitle($this->lng->txt(
'auth_auth_settings'));
734 $this->form->addCommandButton(
'updateAuthModeDetermination', $this->lng->txt(
'save'));
736 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
737 $cap =
new ilCheckboxInputGUI($this->lng->txt(
'adm_captcha_anonymous_short'),
'activate_captcha_anonym');
738 $cap->setInfo($this->lng->txt(
'adm_captcha_anonymous_auth'));
741 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
743 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
744 $this->form->addItem($cap);
747 include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
749 if ($det->getCountActiveAuthModes() <= 1) {
754 $header->setTitle($this->lng->txt(
'auth_auth_mode_determination'));
755 $this->form->addItem($header);
758 $kind->setInfo($this->lng->txt(
'auth_mode_determination_info'));
759 $kind->setValue($det->getKind());
760 $kind->setRequired(
true);
762 $option_user =
new ilRadioOption($this->lng->txt(
'auth_by_user'), 0);
763 $kind->addOption($option_user);
765 $option_determination =
new ilRadioOption($this->lng->txt(
'auth_automatic'), 1);
767 include_once(
'Services/Authentication/classes/class.ilAuthUtils.php');
769 $auth_sequenced = $det->getAuthModeSequence();
771 foreach ($auth_sequenced as $auth_mode) {
772 switch ($auth_mode) {
781 $text = $this->lng->txt(
'auth_radius');
784 $text = $this->lng->txt(
'auth_local');
787 $text = $this->lng->txt(
'auth_soap');
790 $text = $this->lng->txt(
'auth_apache');
795 $option = $pl->getMultipleAuthModeOptions($auth_mode);
796 $text = $option[$auth_mode][
'txt'];
803 $pos->setValue($counter++);
805 $pos->setMaxLength(1);
806 $option_determination->addSubItem($pos);
808 $kind->addOption($option_determination);
809 $this->form->addItem($kind);
821 include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
824 $det->setKind((
int)
$_POST[
'kind']);
826 $pos =
$_POST[
'position'] ?
$_POST[
'position'] : array();
827 asort($pos, SORT_NUMERIC);
830 foreach ($pos as $auth_mode => $dummy) {
831 $position[$counter++] = $auth_mode;
833 $det->setAuthModeSequence($position ? $position : array());
836 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
837 ilCaptchaUtil::setActiveForLogin((
bool)
$_POST[
'activate_captcha_anonym']);
839 ilUtil::sendSuccess($this->lng->txt(
'settings_saved'));
853 $ilAccess =
$DIC[
'ilAccess'];
857 $next_class = $this->ctrl->getNextClass($this);
858 $cmd = $this->ctrl->getCmd();
861 if (!$DIC->rbac()->system()->checkAccess(
"visible,read", $this->object->getRefId())) {
862 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_read'),
$ilErr->WARNING);
865 switch ($next_class) {
866 case 'ilopenidconnectsettingsgui':
868 $this->tabs_gui->activateTab(
'auth_oidconnect');
871 $this->ctrl->forwardCommand($oid);
874 case 'ilsamlsettingsgui':
875 $this->tabs_gui->setTabActive(
'auth_saml');
877 require_once
'./Services/Saml/classes/class.ilSamlSettingsGUI.php';
879 $this->ctrl->forwardCommand($os);
882 case 'ilregistrationsettingsgui':
884 include_once
'./Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
887 $this->tabs_gui->setTabActive(
'registration_settings');
889 $this->ctrl->forwardCommand($registration_gui);
892 case 'ilpermissiongui':
895 $this->tabs_gui->setTabActive(
'perm_settings');
897 include_once(
"Services/AccessControl/classes/class.ilPermissionGUI.php");
899 $ret = &$this->ctrl->forwardCommand($perm_gui);
902 case 'illdapsettingsgui':
905 $this->tabs_gui->setTabActive(
'auth_ldap');
907 include_once
'./Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
909 $this->ctrl->forwardCommand($ldap_settings_gui);
912 case 'ilauthshibbolethsettingsgui':
914 $this->tabs_gui->setTabActive(
'auth_shib');
915 include_once(
'./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
917 $this->ctrl->forwardCommand($shib_settings_gui);
920 case 'ilcassettingsgui':
922 $this->tabs_gui->setTabActive(
'auth_cas');
923 include_once
'./Services/CAS/classes/class.ilCASSettingsGUI.php';
925 $this->ctrl->forwardCommand($cas_settings);
928 case 'ilradiussettingsgui':
930 $this->tabs_gui->setTabActive(
'auth_radius');
931 include_once
'./Services/Radius/classes/class.ilRadiusSettingsGUI.php';
933 $this->ctrl->forwardCommand($radius_settings_gui);
937 case 'ilauthloginpageeditorgui':
940 $this->tabs_gui->setTabActive(
'authentication_settings');
941 $this->tabs_gui->setSubTabActive(
"auth_login_editor");
943 include_once
'./Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
945 $this->ctrl->forwardCommand($lpe);
950 $cmd =
"authSettings";
976 $this->ctrl->setParameter($this,
"ref_id", $this->object->getRefId());
978 if (
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
979 $this->tabs_gui->addTarget(
980 "authentication_settings",
981 $this->ctrl->getLinkTarget($this,
"authSettings"),
987 $this->tabs_gui->addTarget(
988 'registration_settings',
989 $this->ctrl->getLinkTargetByClass(
'ilregistrationsettingsgui',
'view')
992 $this->tabs_gui->addTarget(
994 $this->ctrl->getLinkTargetByClass(
'illdapsettingsgui',
'serverList'),
1001 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1004 $this->tabs_gui->addTarget(
'auth_shib', $this->ctrl->getLinkTargetByClass(
'ilauthshibbolethsettingsgui',
'settings'));
1006 $this->tabs_gui->addTarget(
1008 $this->ctrl->getLinkTargetByClass(
'ilcassettingsgui',
'settings')
1011 $this->tabs_gui->addTarget(
1013 $this->ctrl->getLinkTargetByClass(
'ilradiussettingsgui',
"settings"),
1019 $this->tabs_gui->addTarget(
1021 $this->ctrl->getLinkTarget($this,
"editSOAP"),
1027 $this->tabs_gui->addTarget(
1028 "apache_auth_settings",
1029 $this->ctrl->getLinkTarget($this,
'apacheAuthSettings'),
1035 require_once
'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1036 $this->tabs_gui->addTarget(
1044 $this->tabs_gui->addTab(
1046 $this->lng->txt(
'auth_oidconnect'),
1047 $this->ctrl->getLinkTargetByClass(
'ilopenidconnectsettingsgui')
1051 if (
$rbacsystem->checkAccess(
'edit_permission', $this->object->getRefId())) {
1052 $this->tabs_gui->addTarget(
1054 $this->ctrl->getLinkTargetByClass(array(get_class($this),
'ilpermissiongui'),
"perm"),
1055 array(
"perm",
"info",
"owner"),
1070 $ilAccess =
$DIC[
'ilAccess'];
1072 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
1075 case 'authSettings':
1076 if ($ilAccess->checkAccess(
'write',
'', $this->object->getRefId())) {
1077 $this->tabs_gui->addSubTabTarget(
1079 $this->ctrl->getLinkTarget($this,
'authSettings'),
1083 if ($ilAccess->checkAccess(
'write',
'', $this->object->getRefId())) {
1084 $this->tabs_gui->addSubTabTarget(
1085 'auth_login_editor',
1086 $this->ctrl->getLinkTargetByClass(
'ilauthloginpageeditorgui',
''),
1101 $this->tabs_gui->setTabActive(
"apache_auth_settings");
1109 $path = ILIAS_DATA_DIR .
'/' . CLIENT_ID .
'/apache_auth_allowed_domains.txt';
1110 if (file_exists($path) && is_readable($path)) {
1111 $settingsMap[
'apache_auth_domains'] = file_get_contents($path);
1114 $form->setValuesByArray($settingsMap);
1116 $tpl->setVariable(
'ADM_CONTENT', $form->getHtml());
1125 $form->setValuesByPost();
1129 if ($form->checkInput()) {
1132 'apache_auth_indicator_name',
'apache_auth_indicator_value',
1133 'apache_enable_auth',
'apache_enable_local',
'apache_local_autocreate',
1134 'apache_enable_ldap',
'apache_auth_username_config_type',
1135 'apache_auth_username_direct_mapping_fieldname',
1136 'apache_default_role',
'apache_auth_target_override_login_page',
1137 'apache_auth_enable_override_login_page',
1138 'apache_auth_authenticate_on_login_page',
1143 foreach ($fields as $field) {
1144 $settings->set($field, $form->getInput($field));
1147 if ($form->getInput(
'apache_enable_auth')) {
1148 $this->
ilias->setSetting(
'apache_active',
true);
1150 $this->
ilias->setSetting(
'apache_active',
false);
1160 file_put_contents(ILIAS_DATA_DIR .
'/' . CLIENT_ID .
'/apache_auth_allowed_domains.txt', $allowedDomains);
1162 ilUtil::sendSuccess($this->lng->txt(
'apache_settings_changed_success'),
true);
1163 $this->ctrl->redirect($this,
'apacheAuthSettings');
1171 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
1174 $form->setFormAction($this->ctrl->getFormAction($this));
1175 $form->setTitle($this->lng->txt(
'apache_settings'));
1177 $chb_enabled =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_auth'),
'apache_enable_auth');
1178 $form->addItem($chb_enabled);
1180 $chb_local_create_account =
new ilCheckboxInputGUI($this->lng->txt(
'apache_autocreate'),
'apache_local_autocreate');
1181 $chb_enabled->addSubitem($chb_local_create_account);
1187 $select =
new ilSelectInputGUI($this->lng->txt(
'apache_default_role'),
'apache_default_role');
1188 $roleOptions = array();
1189 foreach ($roles as $role) {
1192 $select->setOptions($roleOptions);
1193 $select->setValue(4);
1195 $chb_local_create_account->addSubitem($select);
1197 $chb_local =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_local'),
'apache_enable_local');
1198 $form->addItem($chb_local);
1200 $chb_ldap =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_ldap'),
'apache_enable_ldap');
1201 $chb_ldap->setInfo($this->lng->txt(
'apache_ldap_hint_ldap_must_be_configured'));
1203 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
1204 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
1206 if (count($servers)) {
1207 $ldap_server_select =
new ilSelectInputGUI($this->lng->txt(
'auth_ldap_server_ds'),
'apache_ldap_sid');
1208 $options[0] = $this->lng->txt(
'select_one');
1209 foreach ($servers as $server_id) {
1211 $options[$server_id] = $ldap_server->getName();
1213 $ldap_server_select->setOptions($options);
1214 $ldap_server_select->setRequired(
true);
1217 $ldap_server_select->setValue($ds);
1219 $chb_ldap->addSubItem($ldap_server_select);
1221 $form->addItem($chb_ldap);
1223 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_name'),
'apache_auth_indicator_name');
1224 $txt->setRequired(
true);
1225 $form->addItem(
$txt);
1227 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_value'),
'apache_auth_indicator_value');
1228 $txt->setRequired(
true);
1229 $form->addItem(
$txt);
1232 $chb =
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_enable_override_login'),
'apache_auth_enable_override_login_page');
1233 $form->addItem($chb);
1235 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_target_override_login'),
'apache_auth_target_override_login_page');
1236 $txt->setRequired(
true);
1237 $chb->addSubItem(
$txt);
1239 $chb =
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_authenticate_on_login_page'),
'apache_auth_authenticate_on_login_page');
1240 $form->addItem($chb);
1243 $sec->setTitle($this->lng->txt(
'apache_auth_username_config'));
1244 $form->addItem($sec);
1246 $rag =
new ilRadioGroupInputGUI($this->lng->txt(
'apache_auth_username_config_type'),
'apache_auth_username_config_type');
1247 $form->addItem($rag);
1249 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_direct_mapping'), 1);
1250 $rag->addOption($rao);
1252 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_username_direct_mapping_fieldname'),
'apache_auth_username_direct_mapping_fieldname');
1254 $rao->addSubItem(
$txt);
1256 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_extended_mapping'), 2);
1257 $rao->setDisabled(
true);
1258 $rag->addOption($rao);
1260 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_by_function'), 3);
1261 $rag->addOption($rao);
1267 $sec->setTitle($this->lng->txt(
'apache_auth_security'));
1268 $form->addItem($sec);
1271 $txt->setInfo($this->lng->txt(
'apache_auth_domains_description'));
1273 $form->addItem(
$txt);
1275 if ($this->dic->rbac()->system()->checkAccess(
'visible, read', $this->ref_id)) {
1276 $form->addCommandButton(
'saveApacheSettings', $this->lng->txt(
'save'));
1278 $form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
1285 return join(
"\n", preg_split(
"/[\r\n]+/", $text));
1291 $this->ctrl->redirect($registration_gui);
1300 switch ($a_form_id) {
1302 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
1303 $fields_login = array(
1307 $fields_registration = array(
1312 return array(
'adm_auth_login' => array(
'authSettings', $fields_login),
'adm_auth_reg' => array(
'registrationSettings', $fields_registration));
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
An exception for terminatinating execution or to throw for unit testing.
const AUTH_OPENID_CONNECT
Login page editor settings GUI ILIAS page editor or richtext editor.
static _getInstance()
Get instance.
Class ilAuthShibbolethSettingsGUI.
static _getActiveAuthModes()
static getAuthPlugins()
Get active enabled auth plugins.
static _getAllAuthModes()
static _getAuthModeName($a_auth_key)
static checkFreetype()
Check whether captcha support is active.
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getDataSource($a_auth_mode)
static getInstanceByServerId($a_server_id)
Get instance by server id.
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
static getServerIds()
Get all server ids @global ilDB $ilDB.
Class ilObjAuthSettingsGUI.
validateApacheAuthAllowedDomains($text)
getAdminTabs()
administration tabs show only permissions and trash folder
setSubTabs($a_tab)
set sub tabs
addToExternalSettingsForm($a_form_id)
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
getApacheAuthSettingsForm()
updateAuthModeDeterminationObject()
update auth mode determination
loginInfoObject()
displays login information of all installed languages
registrationSettingsObject()
executeCommand()
Execute command.
apacheAuthSettingsObject($form=false)
getAuthModeTitle()
get the title of auth mode
saveApacheSettingsObject()
editSOAPObject()
Configure soap settings.
cancelObject()
cancel action and go back to previous page @access public
authSettingsObject()
display settings menu
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
testSoapAuthConnectionObject()
initAuthModeDetermination()
init auth mode determinitation form
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
getTabs()
get tabs @access public
editScriptObject()
Configure Custom settings.
static _lookupRegisterAllowed()
get all roles that are activated in user registration
static _updateAuthMode($a_roles)
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Class ilObjectGUI Basic methods of all Output classes.
prepareOutput($a_show_subobjects=true)
prepare output
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
static _lookupTitle($a_id)
lookup object title
Class ilOpenIdConnectSettingsGUI.
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
This class represents an option in a radio group.
Class ilRegistrationSettingsGUI.
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
static getIdpIdByAuthMode(string $a_auth_mode)
static isAuthModeSaml(string $a_auth_mode)
static getInstanceByIdpId(int $a_idp_id)
special template class to simplify handling of ITX/PEAR
This class represents a text area property in a property form.
This class represents a text property in a property form.
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
if($err=$client->getError()) $namespace
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
redirection script todo: (a better solution should control the processing via a xml file)