ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
17{
18
22 private $dic;
23
28 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
29 {
30 global $DIC;
31
32 $this->dic = $DIC;
33 $this->type = "auth";
34 parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
35
36 $this->lng->loadLanguageModule('registration');
37 $this->lng->loadLanguageModule('auth');
38
39 define('LDAP_DEFAULT_PORT', 389);
40 define('RADIUS_DEFAULT_PORT', 1812);
41 }
42
43
44
45 public function viewObject()
46 {
47 return $this->authSettingsObject();
48 }
49
50
56 public function authSettingsObject()
57 {
58 global $DIC;
59
60 $rbacsystem = $DIC['rbacsystem'];
61 $ilSetting = $DIC['ilSetting'];
62
63 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
64 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
65 }
66
67 $this->tabs_gui->setTabActive('authentication_settings');
68 $this->setSubTabs('authSettings');
69 $this->tabs_gui->setSubTabActive("auth_settings");
70
71 $generalSettingsTpl = new ilTemplate('tpl.auth_general.html', true, true, 'Services/Authentication');
72
73 $generalSettingsTpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
74 $generalSettingsTpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
75
76 $generalSettingsTpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
77 $generalSettingsTpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
78 $generalSettingsTpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
79 $generalSettingsTpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
80
81 $generalSettingsTpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
82 $generalSettingsTpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
83 $generalSettingsTpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
84
85 $generalSettingsTpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
86
87 $generalSettingsTpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
88 $generalSettingsTpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
89
90 $generalSettingsTpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
91
93 $auth_modes = ilAuthUtils::_getAllAuthModes();
95 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
96 // icon handlers
97 $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
98 $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
99
100
101 foreach ($auth_modes as $mode => $mode_name) {
102 if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
103 continue;
104 }
105
106 $generalSettingsTpl->setCurrentBlock('auth_mode');
107
108 if (ilLDAPServer::isAuthModeLDAP($mode)) {
110 $generalSettingsTpl->setVariable("AUTH_NAME", $server->getName());
111 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
112 } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
114 $generalSettingsTpl->setVariable('AUTH_NAME', $idp->getEntityId());
115 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
116 } elseif ($mode === AUTH_OPENID_CONNECT) {
117 $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
118 $generalSettingsTpl->setVariable('AUTH_ACTIVE', ilOpenIdConnectSettings::getInstance()->getActive() ? $icon_ok : $icon_not_ok);
119 } else {
120 $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
121 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
122 }
123
124 if ($ilSetting->get('auth_mode') == $mode) {
125 $generalSettingsTpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
126
127 $generalSettingsTpl->setVariable(
128 "AUTH_USER_NUM",
129 ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
130 ": " . $auth_cnt["default"] . ")"
131 );
132 } else {
133 $generalSettingsTpl->setVariable(
134 "AUTH_USER_NUM",
135 (int) $auth_cnt[$mode_name]
136 );
137 }
138 $generalSettingsTpl->setVariable("AUTH_ID", $mode_name);
139 $generalSettingsTpl->setVariable("AUTH_VAL", $mode);
140 $generalSettingsTpl->parseCurrentBlock();
141 }
142
143 $generalSettingsTpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
144
145 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
146 $generalSettingsTpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
147 $generalSettingsTpl->setCurrentBlock('auth_mode_submit');
148 $generalSettingsTpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
149 $generalSettingsTpl->setVariable("CMD_SUBMIT", "setAuthMode");
150 $generalSettingsTpl->parseCurrentBlock();
151 }
152
153 // auth mode determinitation
154 if ($this->initAuthModeDetermination()) {
155 $generalSettingsTpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
156 }
157
158 // roles table
159 $generalSettingsTpl->setVariable(
160 "FORMACTION_ROLES",
161 $this->ctrl->getFormAction($this)
162 );
163 $generalSettingsTpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
164 $generalSettingsTpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
165 $generalSettingsTpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
166 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
167 $generalSettingsTpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
168 $generalSettingsTpl->setVariable('BTN_SUBMIT_ROLES', $this->lng->txt('save'));
169 }
170
171 include_once("./Services/AccessControl/classes/class.ilObjRole.php");
173
174 // auth mode selection
175 include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
176 $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
177
178 foreach ($reg_roles as $role) {
179 foreach ($active_auth_modes as $auth_name => $auth_key) {
180 // do not list auth modes with external login screen
181 // even not default, because it can easily be set to
182 // a non-working auth mode
183 if ($auth_name == "default" || $auth_name == "cas"
184 || $auth_name == 'saml'
185 || $auth_name == "shibboleth" || $auth_name == 'ldap'
186 || $auth_name == 'apache' || $auth_name == "ecs"
187 || $auth_name == "openid") {
188 continue;
189 }
190
191 $generalSettingsTpl->setCurrentBlock("auth_mode_selection");
192
193 if ($auth_name == 'default') {
194 $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
195 } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
197 $name = $server->getName();
198 } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
200 $name = $idp->getEntityId();
201 } else {
202 $name = $this->lng->txt('auth_' . $auth_name);
203 }
204
205 $generalSettingsTpl->setVariable("AUTH_MODE_NAME", $name);
206
207 $generalSettingsTpl->setVariable("AUTH_MODE", $auth_name);
208
209 if ($role['auth_mode'] == $auth_name) {
210 $generalSettingsTpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
211 }
212
213 $generalSettingsTpl->parseCurrentBlock();
214 }
215
216 $generalSettingsTpl->setCurrentBlock("roles");
217 $generalSettingsTpl->setVariable("ROLE", $role['title']);
218 $generalSettingsTpl->setVariable("ROLE_ID", $role['id']);
219 $generalSettingsTpl->parseCurrentBlock();
220 }
221
222 $this->tpl->setContent($generalSettingsTpl->get());
223 }
224
225
232 public function loginInfoObject()
233 {
234 global $DIC;
235
236 $rbacsystem = $DIC['rbacsystem'];
237 $lng = $DIC['lng'];
238 $ilSetting = $DIC['ilSetting'];
239
240 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
241 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
242 }
243
244 $this->tabs_gui->setTabActive("authentication_settings");
245 $this->setSubTabs("authSettings");
246 $this->tabs_gui->setSubTabActive("auth_login_editor");
247
248 $lng->loadLanguageModule("meta");
249
250 $this->tpl->addBlockFile(
251 "ADM_CONTENT",
252 "adm_content",
253 "tpl.auth_login_messages.html",
254 "Services/Authentication"
255 );
256 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
257 $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
258 $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
259 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
260 $this->initLoginForm();
261 $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
262 }
263
264
265 public function cancelObject()
266 {
267 $this->ctrl->redirect($this, "authSettings");
268 }
269
270 public function setAuthModeObject()
271 {
272 global $DIC;
273
274 $rbacsystem = $DIC['rbacsystem'];
275 $ilSetting = $DIC['ilSetting'];
276
277 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
278 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
279 }
280
281 if (empty($_POST["auth_mode"])) {
282 $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
283 }
284
285 $current_auth_mode = $ilSetting->get('auth_mode', '');
286 if ($_POST["auth_mode"] == $current_auth_mode) {
287 ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
288 $this->ctrl->redirect($this, 'authSettings');
289 }
290
291 switch ($_POST["auth_mode"]) {
292 case AUTH_SAML:
293 break;
294
295 case AUTH_LDAP:
296
297 /*
298 if ($this->object->checkAuthLDAP() !== true)
299 {
300 ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
301 ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
302 }
303 */
304 break;
305
306 // @fix changed from AUTH_SHIB > is not defined
307 case AUTH_SHIBBOLETH:
308 if ($this->object->checkAuthSHIB() !== true) {
309 ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
311 $this->getReturnLocation(
312 'authSettings',
313 $this->ctrl->getLinkTargetByClass(
314 ilAuthShibbolethSettingsGUI::class,
315 'settings',
316 '',
317 false,
318 false
319 )
320 )
321 );
322 }
323 break;
324
325 case AUTH_RADIUS:
326 if ($this->object->checkAuthRADIUS() !== true) {
327 ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
328 $this->ctrl->redirect($this, 'editRADIUS');
329 }
330 break;
331
332 case AUTH_SCRIPT:
333 if ($this->object->checkAuthScript() !== true) {
334 ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
335 ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
336 }
337 break;
338 }
339
340 $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
341
342 ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
343 $this->ctrl->redirect($this, 'authSettings');
344 }
345
351 public function editSOAPObject()
352 {
353 global $DIC;
354
355 $rbacsystem = $DIC['rbacsystem'];
356 $rbacreview = $DIC['rbacreview'];
357 $ilSetting = $DIC['ilSetting'];
358 $ilCtrl = $DIC['ilCtrl'];
359 $lng = $DIC['lng'];
360
361 if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
362 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
363 }
364
365 $this->tabs_gui->setTabActive('auth_soap');
366
367 //set Template
368 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
369
370 // compose role list
371 $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
372 $roles = array();
373
374 foreach ($role_list as $role) {
375 $roles[$role['obj_id']] = $role['title'];
376 }
377
378 //set property form gui
379 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
380
381 $soap_config = new ilPropertyFormGUI();
382 $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
383 $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
384 $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
385 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
386 $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
387 $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
388 }
389 //set activ
390 $active = new ilCheckboxInputGUI();
391 $active->setTitle($this->lng->txt("active"));
392 $active->setPostVar("soap[active]");
393
394 //set server
395 $server = new ilTextInputGUI();
396 $server->setTitle($this->lng->txt("server"));
397 $server->setInfo($this->lng->txt("auth_soap_server_desc"));
398 $server->setPostVar("soap[server]");
399 $server->setSize(50);
400 $server->setMaxLength(256);
401 $server->setRequired(true);
402
403 //set port
404 $port = new ilTextInputGUI();
405 $port->setTitle($this->lng->txt("port"));
406 $port->setInfo($this->lng->txt("auth_soap_port_desc"));
407 $port->setPostVar("soap[port]");
408 $port->setSize(7);
409 $port->setMaxLength(5);
410
411 //set https
413 $https->setTitle($this->lng->txt("auth_soap_use_https"));
414 $https->setPostVar("soap[use_https]");
415
416 //set uri
417 $uri = new ilTextInputGUI();
418 $uri->setTitle($this->lng->txt("uri"));
419 $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
420 $uri->setPostVar("soap[uri]");
421 $uri->setSize(50);
422 $uri->setMaxLength(256);
423
424 //set namespace
426 $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
427 $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
428 $namespace->setPostVar("soap[namespace]");
429 $namespace->setSize(50);
430 $namespace->setMaxLength(256);
431
432 //set dotnet
433 $dotnet = new ilCheckboxInputGUI();
434 $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
435 $dotnet->setPostVar("soap[use_dotnet]");
436
437 //set create users
438 $createuser = new ilCheckboxInputGUI();
439 $createuser->setTitle($this->lng->txt("auth_create_users"));
440 $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
441 $createuser->setPostVar("soap[create_users]");
442
443 //set account mail
444 $sendmail = new ilCheckboxInputGUI();
445 $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
446 $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
447 $sendmail->setPostVar("soap[account_mail]");
448
449 //set user default role
450 $defaultrole = new ilSelectInputGUI();
451 $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
452 $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
453 $defaultrole->setPostVar("soap[user_default_role]");
454 $defaultrole->setOptions($roles);
455
456 //set allow local authentication
457 $allowlocal = new ilCheckboxInputGUI();
458 $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
459 $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
460 $allowlocal->setPostVar("soap[allow_local]");
461
462 // get all settings
463 $settings = $ilSetting->getAll();
464
465 // get values in error case
466 if ($_SESSION["error_post_vars"]) {
467 $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
468 $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
469 $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
470 $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
471 $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
472 $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
473 $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
474 $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
475 $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
476 $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
477 $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
478 } else {
479 $active ->setChecked($settings["soap_auth_active"]);
480 $server ->setValue($settings["soap_auth_server"]);
481 $port ->setValue($settings["soap_auth_port"]);
482 $https ->setChecked($settings["soap_auth_use_https"]);
483 $uri ->setValue($settings["soap_auth_uri"]);
484 $namespace ->setValue($settings["soap_auth_namespace"]);
485 $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
486 $createuser ->setChecked($settings["soap_auth_create_users"]);
487 $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
488 $defaultrole->setValue($settings["soap_auth_user_default_role"]);
489 $sendmail ->setChecked($settings["soap_auth_account_mail"]);
490 }
491
492 if (!$defaultrole->getValue()) {
493 $defaultrole->setValue(4);
494 }
495
496 //add Items to property gui
497 $soap_config->addItem($active);
498 $soap_config->addItem($server);
499 $soap_config->addItem($port);
500 $soap_config->addItem($https);
501 $soap_config->addItem($uri);
502 $soap_config->addItem($namespace);
503 $soap_config->addItem($dotnet);
504 $soap_config->addItem($createuser);
505 $soap_config->addItem($sendmail);
506 $soap_config->addItem($defaultrole);
507 $soap_config->addItem($allowlocal);
508
509 $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
510
511 // test form
512 $form = new ilPropertyFormGUI();
513 $form->setFormAction($ilCtrl->getFormAction($this));
514 $form->setTitle("Test Request");
515 $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
516 $form->addItem($text_prop);
517 $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
518 $form->addItem($text_prop2);
519 $cb = new ilCheckboxInputGUI("new_user", "new_user");
520 $form->addItem($cb);
521
522 $form->addCommandButton(
523 "testSoapAuthConnection",
524 "Send"
525 );
526
527 if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
528 include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
529 $ret = "<br />" . ilSOAPAuth::testConnection(
530 ilUtil::stripSlashes($_POST["ext_uid"]),
531 ilUtil::stripSlashes($_POST["soap_pw"]),
532 (boolean) $_POST["new_user"]
533 );
534 }
535 $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
536 }
537
539 {
540 $this->editSOAPObject();
541 }
542
548 public function saveSOAPObject()
549 {
550 global $DIC;
551
552 $ilUser = $DIC['ilUser'];
553 $ilSetting = $DIC['ilSetting'];
554 $rbacsystem = $DIC['rbacsystem'];
555
556 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
557 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
558 }
559
560 // validate required data
561 if (!$_POST["soap"]["server"]) {
562 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
563 }
564
565 // validate port
566 if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
567 $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
568 }
569
570 $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
571 $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
572 $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
573 $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
574 $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
575 $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
576 $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
577 $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
578 $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
579 $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
580 $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
581 ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
582
583 $this->ctrl->redirect($this, 'editSOAP');
584 }
585
591 public function editScriptObject()
592 {
593 global $DIC;
594
595 $rbacsystem = $DIC['rbacsystem'];
596
597 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
598 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
599 }
600
601 if ($_SESSION["error_post_vars"]) {
602 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
603 } else {
604 // set already saved data
605 $settings = $this->ilias->getAllSettings();
606
607 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
608 }
609
610 $this->tabs_gui->setTabActive('auth_script');
611
612 $this->tpl->addBlockFile(
613 "ADM_CONTENT",
614 "adm_content",
615 "tpl.auth_script.html",
616 "Services/Authentication"
617 );
618
619 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
620 $this->tpl->setVariable("COLSPAN", 3);
621 $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
622 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
623 $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
624
625 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
626 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
627 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
628 $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
629 }
630
636 public function saveScriptObject()
637 {
638 // validate required data
639 if (!$_POST["auth_script"]["name"]) {
640 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
641 }
642
643 // validate script url
644 /*
645 if (( TODO ,$_POST["ldap"]["server"])) == false)
646 {
647 $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
648 }*/
649
650 // TODO: check connection to server
651
652 // all ok. save settings and activate auth by external script
653 $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
654 $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
655
656 ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
657 $this->ctrl->redirect($this, 'editScript');
658 }
659
660
667 public function getAuthModeTitle()
668 {
669 switch ($this->ilias->getSetting("auth_mode")) {
670 case AUTH_LOCAL:
671 return $this->lng->txt("auth_local");
672 break;
673
674 case AUTH_LDAP:
675 return $this->lng->txt("auth_ldap");
676 break;
677
678 case AUTH_SHIBBOLETH:
679 return $this->lng->txt("auth_shib");
680 break;
681
682 case AUTH_SAML:
683 return $this->lng->txt("auth_saml");
684 break;
685
686 case AUTH_RADIUS:
687 return $this->lng->txt("auth_radius");
688 break;
689
690 case AUTH_SCRIPT:
691 return $this->lng->txt("auth_script");
692 break;
693
694 case AUTH_APACHE:
695 return $this->lng->txt("auth_apache");
696 break;
697
698 default:
699 return $this->lng->txt("unknown");
700 break;
701 }
702 }
703
704 public function updateAuthRolesObject()
705 {
706 global $DIC;
707
708 $rbacsystem = $DIC['rbacsystem'];
709
710 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
711 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
712 }
713
714 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
716
717 ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
718 $this->ctrl->redirect($this, 'authSettings');
719 }
720
726 protected function initAuthModeDetermination()
727 {
728 if (is_object($this->form)) {
729 return true;
730 }
731
732 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
733 $this->form = new ilPropertyFormGUI();
734 $this->form->setFormAction($this->ctrl->getFormAction($this));
735 $this->form->setTableWidth('100%');
736 $this->form->setTitle($this->lng->txt('auth_auth_settings'));
737
738 if ($this->access->checkAccess('write', '', $this->object->getRefId())) {
739 $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
740 }
741
742 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
743 $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
744 $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
745 $cap->setValue(1);
747 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
748 }
749 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
750 $this->form->addItem($cap);
751
752 // Are there any authentication methods that support automatic determination ?
753 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
755 if ($det->getCountActiveAuthModes() <= 1) {
756 return true;
757 }
758
759 $header = new ilFormSectionHeaderGUI();
760 $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
761 $this->form->addItem($header);
762
763 $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
764 $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
765 $kind->setValue($det->getKind());
766 $kind->setRequired(true);
767
768 $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
769 $kind->addOption($option_user);
770
771 $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
772
773 include_once('Services/Authentication/classes/class.ilAuthUtils.php');
774
775 $auth_sequenced = $det->getAuthModeSequence();
776 $counter = 1;
777 foreach ($auth_sequenced as $auth_mode) {
778 switch ($auth_mode) {
779 // begin-patch ldap_multiple
780 case ilLDAPServer::isAuthModeLDAP($auth_mode):
781 $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
783 $text = $server->getName();
784 // end-patch ldap_multiple
785 break;
786 case AUTH_RADIUS:
787 $text = $this->lng->txt('auth_radius');
788 break;
789 case AUTH_LOCAL:
790 $text = $this->lng->txt('auth_local');
791 break;
792 case AUTH_SOAP:
793 $text = $this->lng->txt('auth_soap');
794 break;
795 case AUTH_APACHE:
796 $text = $this->lng->txt('auth_apache');
797 break;
798 // begin-patch auth_plugin
799 default:
800 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
801 $option = $pl->getMultipleAuthModeOptions($auth_mode);
802 $text = $option[$auth_mode]['txt'];
803 }
804 break;
805 // end-patch auth_plugin
806 }
807
808 $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
809 $pos->setValue($counter++);
810 $pos->setSize(1);
811 $pos->setMaxLength(1);
812 $option_determination->addSubItem($pos);
813 }
814 $kind->addOption($option_determination);
815 $this->form->addItem($kind);
816 return true;
817 }
818
826 {
827 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
829
830 $det->setKind((int) $_POST['kind']);
831
832 $pos = $_POST['position'] ? $_POST['position'] : array();
833 asort($pos, SORT_NUMERIC);
834
835 $counter = 0;
836 foreach ($pos as $auth_mode => $dummy) {
837 $position[$counter++] = $auth_mode;
838 }
839 $det->setAuthModeSequence($position ? $position : array());
840 $det->save();
841
842 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
843 ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
844
845 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
846 $this->authSettingsObject();
847 }
848
855 public function executeCommand()
856 {
857 global $DIC;
858
859 $ilAccess = $DIC['ilAccess'];
860 $ilErr = $DIC['ilErr'];
861
862
863 $next_class = $this->ctrl->getNextClass($this);
864 $cmd = $this->ctrl->getCmd();
865 $this->prepareOutput();
866
867 if (!$DIC->rbac()->system()->checkAccess("visible,read", $this->object->getRefId())) {
868 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
869 }
870
871 switch ($next_class) {
872 case 'ilopenidconnectsettingsgui':
873
874 $this->tabs_gui->activateTab('auth_oidconnect');
875
876 $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
877 $this->ctrl->forwardCommand($oid);
878 break;
879
880 case 'ilsamlsettingsgui':
881 $this->tabs_gui->setTabActive('auth_saml');
882
883 require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
884 $os = new ilSamlSettingsGUI($this->object->getRefId());
885 $this->ctrl->forwardCommand($os);
886 break;
887
888 case 'ilregistrationsettingsgui':
889
890 include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
891
892 // Enable tabs
893 $this->tabs_gui->setTabActive('registration_settings');
894 $registration_gui = new ilRegistrationSettingsGUI();
895 $this->ctrl->forwardCommand($registration_gui);
896 break;
897
898 case 'ilpermissiongui':
899
900 // Enable tabs
901 $this->tabs_gui->setTabActive('perm_settings');
902
903 include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
904 $perm_gui = new ilPermissionGUI($this);
905 $ret = &$this->ctrl->forwardCommand($perm_gui);
906 break;
907
908 case 'illdapsettingsgui':
909
910 // Enable Tabs
911 $this->tabs_gui->setTabActive('auth_ldap');
912
913 include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
914 $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
915 $this->ctrl->forwardCommand($ldap_settings_gui);
916 break;
917
918 case 'ilauthshibbolethsettingsgui':
919
920 $this->tabs_gui->setTabActive('auth_shib');
921 include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
922 $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
923 $this->ctrl->forwardCommand($shib_settings_gui);
924 break;
925
926 case 'ilcassettingsgui':
927
928 $this->tabs_gui->setTabActive('auth_cas');
929 include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
930 $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
931 $this->ctrl->forwardCommand($cas_settings);
932 break;
933
934 case 'ilradiussettingsgui':
935
936 $this->tabs_gui->setTabActive('auth_radius');
937 include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
938 $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
939 $this->ctrl->forwardCommand($radius_settings_gui);
940 break;
941
942
943 case 'ilauthloginpageeditorgui':
944
945 $this->setSubTabs("authSettings");
946 $this->tabs_gui->setTabActive('authentication_settings');
947 $this->tabs_gui->setSubTabActive("auth_login_editor");
948
949 include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
950 $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
951 $this->ctrl->forwardCommand($lpe);
952 break;
953
954 default:
955 if (!$cmd) {
956 $cmd = "authSettings";
957 }
958 $cmd .= "Object";
959 $this->$cmd();
960
961 break;
962 }
963 return true;
964 }
965
966 public function getAdminTabs()
967 {
968 $this->getTabs();
969 }
970
976 public function getTabs()
977 {
978 global $DIC;
979
980 $rbacsystem = $DIC['rbacsystem'];
981
982 $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
983
984 if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
985 $this->tabs_gui->addTarget(
986 "authentication_settings",
987 $this->ctrl->getLinkTarget($this, "authSettings"),
988 "",
989 "",
990 ""
991 );
992
993 $this->tabs_gui->addTarget(
994 'registration_settings',
995 $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
996 );
997
998 $this->tabs_gui->addTarget(
999 "auth_ldap",
1000 $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
1001 "",
1002 "",
1003 ""
1004 );
1005
1006
1007 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1008 # "", "", "");
1009
1010 $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
1011
1012 $this->tabs_gui->addTarget(
1013 'auth_cas',
1014 $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
1015 );
1016
1017 $this->tabs_gui->addTarget(
1018 "auth_radius",
1019 $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
1020 "",
1021 "",
1022 ""
1023 );
1024
1025 $this->tabs_gui->addTarget(
1026 "auth_soap",
1027 $this->ctrl->getLinkTarget($this, "editSOAP"),
1028 "",
1029 "",
1030 ""
1031 );
1032
1033 $this->tabs_gui->addTarget(
1034 "apache_auth_settings",
1035 $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1036 "",
1037 "",
1038 ""
1039 );
1040
1041 require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1042 $this->tabs_gui->addTarget(
1043 'auth_saml',
1044 $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1045 '',
1046 '',
1047 ''
1048 );
1049
1050 $this->tabs_gui->addTab(
1051 'auth_oidconnect',
1052 $this->lng->txt('auth_oidconnect'),
1053 $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1054 );
1055 }
1056
1057 if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1058 $this->tabs_gui->addTarget(
1059 "perm_settings",
1060 $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1061 array("perm","info","owner"),
1062 'ilpermissiongui'
1063 );
1064 }
1065 }
1066
1070 public function setSubTabs($a_tab)
1071 {
1072 global $DIC;
1073
1074 $rbacsystem = $DIC['rbacsystem'];
1075 $ilUser = $DIC['ilUser'];
1076 $ilAccess = $DIC['ilAccess'];
1077
1078 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1079
1080 switch ($a_tab) {
1081 case 'authSettings':
1082 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1083 $this->tabs_gui->addSubTabTarget(
1084 "auth_settings",
1085 $this->ctrl->getLinkTarget($this, 'authSettings'),
1086 ""
1087 );
1088 }
1089 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1090 $this->tabs_gui->addSubTabTarget(
1091 'auth_login_editor',
1092 $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1093 ''
1094 );
1095 }
1096 break;
1097 }
1098 }
1099
1100
1101 public function apacheAuthSettingsObject($form = false)
1102 {
1103 global $DIC;
1104
1105 $tpl = $DIC['tpl'];
1106
1107 $this->tabs_gui->setTabActive("apache_auth_settings");
1108
1109 if (!$form) {
1110 $form = $this->getApacheAuthSettingsForm();
1111
1112 $settings = new ilSetting('apache_auth');
1113 $settingsMap = $settings->getAll();
1114
1115 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1116 if (file_exists($path) && is_readable($path)) {
1117 $settingsMap['apache_auth_domains'] = file_get_contents($path);
1118 }
1119
1120 $form->setValuesByArray($settingsMap);
1121 }
1122 $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1123 }
1124
1126 {
1127 global $DIC;
1128
1129 $ilCtrl = $DIC['ilCtrl'];
1130 $form = $this->getApacheAuthSettingsForm();
1131 $form->setValuesByPost();
1132 /*$items = $form->getItems();
1133 foreach($items as $item)
1134 $item->validate();*/
1135 if ($form->checkInput()) {
1136 $settings = new ilSetting('apache_auth');
1137 $fields = array(
1138 'apache_auth_indicator_name', 'apache_auth_indicator_value',
1139 'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1140 'apache_enable_ldap', 'apache_auth_username_config_type',
1141 'apache_auth_username_direct_mapping_fieldname',
1142 'apache_default_role', 'apache_auth_target_override_login_page',
1143 'apache_auth_enable_override_login_page',
1144 'apache_auth_authenticate_on_login_page',
1145 'apache_ldap_sid'
1146// 'apache_auth_username_by_function_functionname',
1147 );
1148
1149 foreach ($fields as $field) {
1150 $settings->set($field, $form->getInput($field));
1151 }
1152
1153 if ($form->getInput('apache_enable_auth')) {
1154 $this->ilias->setSetting('apache_active', true);
1155 } else {
1156 $this->ilias->setSetting('apache_active', false);
1157 global $DIC;
1158
1159 $ilSetting = $DIC['ilSetting'];
1160 if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1161 $ilSetting->set("auth_mode", AUTH_LOCAL);
1162 }
1163 }
1164
1165 $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1166 file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1167
1168 ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1169 $this->ctrl->redirect($this, 'apacheAuthSettings');
1170 } else {
1171 $this->apacheAuthSettingsObject($form);
1172 }
1173 }
1174
1176 {
1177 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1178
1179 $form = new ilPropertyFormGUI();
1180 $form->setFormAction($this->ctrl->getFormAction($this));
1181 $form->setTitle($this->lng->txt('apache_settings'));
1182
1183 $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1184 $form->addItem($chb_enabled);
1185
1186 $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1187 $chb_enabled->addSubitem($chb_local_create_account);
1188
1189 global $DIC;
1190
1191 $rbacreview = $DIC['rbacreview'];
1192 $roles = $rbacreview->getGlobalRolesArray();
1193 $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1194 $roleOptions = array();
1195 foreach ($roles as $role) {
1196 $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1197 }
1198 $select->setOptions($roleOptions);
1199 $select->setValue(4);
1200
1201 $chb_local_create_account->addSubitem($select);
1202
1203 $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1204 $form->addItem($chb_local);
1205
1206 $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1207 $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1208
1209 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1210 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1211 $servers = ilLDAPServer::getServerIds();
1212 if (count($servers)) {
1213 $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1214 $options[0] = $this->lng->txt('select_one');
1215 foreach ($servers as $server_id) {
1216 $ldap_server = new ilLDAPServer($server_id);
1217 $options[$server_id] = $ldap_server->getName();
1218 }
1219 $ldap_server_select->setOptions($options);
1220 $ldap_server_select->setRequired(true);
1221
1223 $ldap_server_select->setValue($ds);
1224
1225 $chb_ldap->addSubItem($ldap_server_select);
1226 }
1227 $form->addItem($chb_ldap);
1228
1229 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1230 $txt->setRequired(true);
1231 $form->addItem($txt);
1232
1233 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1234 $txt->setRequired(true);
1235 $form->addItem($txt);
1236
1237
1238 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1239 $form->addItem($chb);
1240
1241 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1242 $txt->setRequired(true);
1243 $chb->addSubItem($txt);
1244
1245 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1246 $form->addItem($chb);
1247
1248 $sec = new ilFormSectionHeaderGUI();
1249 $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1250 $form->addItem($sec);
1251
1252 $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1253 $form->addItem($rag);
1254
1255 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1256 $rag->addOption($rao);
1257
1258 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1259 //$txt->setRequired(true);
1260 $rao->addSubItem($txt);
1261
1262 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1263 $rao->setDisabled(true);
1264 $rag->addOption($rao);
1265
1266 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1267 $rag->addOption($rao);
1268
1269 /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1270 $rao->addSubItem($txt);*/
1271
1272 $sec = new ilFormSectionHeaderGUI();
1273 $sec->setTitle($this->lng->txt('apache_auth_security'));
1274 $form->addItem($sec);
1275
1276 $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1277 $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1278
1279 $form->addItem($txt);
1280
1281 if ($this->access->checkAccess('write', '', $this->ref_id)) {
1282 $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1283 }
1284 $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1285
1286 return $form;
1287 }
1288
1289 private function validateApacheAuthAllowedDomains($text)
1290 {
1291 return join("\n", preg_split("/[\r\n]+/", $text));
1292 }
1293
1295 {
1296 $registration_gui = new ilRegistrationSettingsGUI();
1297 $this->ctrl->redirect($registration_gui);
1298 }
1299
1304 public function addToExternalSettingsForm($a_form_id)
1305 {
1306 switch ($a_form_id) {
1308 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1309 $fields_login = array(
1310 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1311 );
1312
1313 $fields_registration = array(
1314 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1315 );
1316
1317
1318 return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1319 }
1320 }
1321} // END class.ilObjAuthSettingsGUI
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
$_POST["username"]
$_SESSION["AccountId"]
An exception for terminatinating execution or to throw for unit testing.
const AUTH_SHIBBOLETH
const AUTH_APACHE
const AUTH_OPENID_CONNECT
const AUTH_SAML
const AUTH_LDAP
const AUTH_LOCAL
const AUTH_SCRIPT
const AUTH_RADIUS
const AUTH_CAS
const AUTH_SOAP
Login page editor settings GUI ILIAS page editor or richtext editor.
Class ilAuthShibbolethSettingsGUI.
static _getActiveAuthModes()
static getAuthPlugins()
Get active enabled auth plugins.
static _getAllAuthModes()
static _getAuthModeName($a_auth_key)
static checkFreetype()
Check whether captcha support is active.
This class represents a checkbox property in a property form.
This class represents a section header in a property form.
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getDataSource($a_auth_mode)
static getInstanceByServerId($a_server_id)
Get instance by server id.
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
static getServerIds()
Get all server ids @global ilDB $ilDB.
Class ilObjAuthSettingsGUI.
getAdminTabs()
administration tabs show only permissions and trash folder
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
updateAuthModeDeterminationObject()
update auth mode determination
loginInfoObject()
displays login information of all installed languages
getAuthModeTitle()
get the title of auth mode
editSOAPObject()
Configure soap settings.
cancelObject()
cancel action and go back to previous page @access public
authSettingsObject()
display settings menu
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
initAuthModeDetermination()
init auth mode determinitation form
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
getTabs()
get tabs @access public
editScriptObject()
Configure Custom settings.
static _lookupRegisterAllowed()
get all roles that are activated in user registration
static _updateAuthMode($a_roles)
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Class ilObjectGUI Basic methods of all Output classes.
prepareOutput($a_show_subobjects=true)
prepare output
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
static _lookupTitle($a_id)
lookup object title
Class ilOpenIdConnectSettingsGUI.
static getInstance()
Get singleton instance.
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
This class represents a property form user interface.
This class represents a property in a property form.
This class represents an option in a radio group.
Class ilRegistrationSettingsGUI.
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
static getIdpIdByAuthMode(string $a_auth_mode)
static isAuthModeSaml(string $a_auth_mode)
static getInstanceByIdpId(int $a_idp_id)
Class ilSamlSettingsGUI.
This class represents a selection list property in a property form.
ILIAS Setting Class.
special template class to simplify handling of ITX/PEAR
This class represents a text area property in a property form.
This class represents a text property in a property form.
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
const CLIENT_ID
Definition: constants.php:39
const ILIAS_DATA_DIR
Definition: constants.php:42
if($err=$client->getError()) $namespace
$server
$txt
Definition: error.php:13
global $DIC
Definition: goto.php:24
$https
Definition: imgupload.php:19
$ilUser
Definition: imgupload.php:18
if($format !==null) $name
Definition: metadata.php:230
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
redirection script todo: (a better solution should control the processing via a xml file)
$ret
Definition: parser.php:6
global $ilSetting
Definition: privfeed.php:17