28    public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = 
true)
 
   36        $this->lng->loadLanguageModule(
'registration');
 
   37        $this->lng->loadLanguageModule(
'auth');
 
   39        define(
'LDAP_DEFAULT_PORT', 389);
 
   40        define(
'RADIUS_DEFAULT_PORT', 1812);
 
   63        if (!
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
 
   64            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
   67        $this->tabs_gui->setTabActive(
'authentication_settings');
 
   69        $this->tabs_gui->setSubTabActive(
"auth_settings");
 
   71        $generalSettingsTpl = 
new ilTemplate(
'tpl.auth_general.html', 
true, 
true, 
'Services/Authentication');
 
   73        $generalSettingsTpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
 
   74        $generalSettingsTpl->setVariable(
"TXT_AUTH_TITLE", $this->lng->txt(
"auth_select"));
 
   76        $generalSettingsTpl->setVariable(
"TXT_AUTH_MODE", $this->lng->txt(
"auth_mode"));
 
   77        $generalSettingsTpl->setVariable(
"TXT_AUTH_DEFAULT", $this->lng->txt(
"default"));
 
   78        $generalSettingsTpl->setVariable(
"TXT_AUTH_ACTIVE", $this->lng->txt(
"active"));
 
   79        $generalSettingsTpl->setVariable(
"TXT_AUTH_NUM_USERS", $this->lng->txt(
"num_users"));
 
   81        $generalSettingsTpl->setVariable(
"TXT_LOCAL", $this->lng->txt(
"auth_local"));
 
   82        $generalSettingsTpl->setVariable(
"TXT_LDAP", $this->lng->txt(
"auth_ldap"));
 
   83        $generalSettingsTpl->setVariable(
"TXT_SHIB", $this->lng->txt(
"auth_shib"));
 
   85        $generalSettingsTpl->setVariable(
"TXT_CAS", $this->lng->txt(
"auth_cas"));
 
   87        $generalSettingsTpl->setVariable(
"TXT_RADIUS", $this->lng->txt(
"auth_radius"));
 
   88        $generalSettingsTpl->setVariable(
"TXT_SCRIPT", $this->lng->txt(
"auth_script"));
 
   90        $generalSettingsTpl->setVariable(
"TXT_APACHE", $this->lng->txt(
"auth_apache"));
 
   95        include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
 
   97        $icon_ok = 
"<img src=\"" . 
ilUtil::getImagePath(
"icon_ok.svg") . 
"\" alt=\"" . $this->lng->txt(
"enabled") . 
"\" title=\"" . $this->lng->txt(
"enabled") . 
"\" border=\"0\" vspace=\"0\"/>";
 
   98        $icon_not_ok = 
"<img src=\"" . 
ilUtil::getImagePath(
"icon_not_ok.svg") . 
"\" alt=\"" . $this->lng->txt(
"disabled") . 
"\" title=\"" . $this->lng->txt(
"disabled") . 
"\" border=\"0\" vspace=\"0\"/>";
 
  101        foreach ($auth_modes as $mode => $mode_name) {
 
  106            $generalSettingsTpl->setCurrentBlock(
'auth_mode');
 
  110                $generalSettingsTpl->setVariable(
"AUTH_NAME", 
$server->getName());
 
  111                $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', 
$server->isActive() ? $icon_ok : $icon_not_ok);
 
  114                $generalSettingsTpl->setVariable(
'AUTH_NAME', $idp->getEntityId());
 
  115                $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
 
  117                $generalSettingsTpl->setVariable(
"AUTH_NAME", $this->lng->txt(
"auth_" . $mode_name));
 
  120                $generalSettingsTpl->setVariable(
"AUTH_NAME", $this->lng->txt(
"auth_" . $mode_name));
 
  121                $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', $this->
ilias->getSetting($mode_name . 
'_active') || $mode == 
AUTH_LOCAL ? $icon_ok : $icon_not_ok);
 
  125                $generalSettingsTpl->setVariable(
"AUTH_CHECKED", 
"checked=\"checked\"");
 
  127                $generalSettingsTpl->setVariable(
 
  129                    ((
int) $auth_cnt[$mode_name] + $auth_cnt[
"default"]) . 
" (" . $this->lng->txt(
"auth_per_default") .
 
  130                                        ": " . $auth_cnt[
"default"] . 
")" 
  133                $generalSettingsTpl->setVariable(
 
  135                    (
int) $auth_cnt[$mode_name]
 
  138            $generalSettingsTpl->setVariable(
"AUTH_ID", $mode_name);
 
  139            $generalSettingsTpl->setVariable(
"AUTH_VAL", $mode);
 
  140            $generalSettingsTpl->parseCurrentBlock();
 
  143        $generalSettingsTpl->setVariable(
"TXT_CONFIGURE", $this->lng->txt(
"auth_configure"));
 
  145        if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  146            $generalSettingsTpl->setVariable(
"TXT_AUTH_REMARK", $this->lng->txt(
"auth_remark_non_local_auth"));
 
  147            $generalSettingsTpl->setCurrentBlock(
'auth_mode_submit');
 
  148            $generalSettingsTpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
 
  149            $generalSettingsTpl->setVariable(
"CMD_SUBMIT", 
"setAuthMode");
 
  150            $generalSettingsTpl->parseCurrentBlock();
 
  155            $generalSettingsTpl->setVariable(
'TABLE_AUTH_DETERMINATION', $this->form->getHTML());
 
  159        $generalSettingsTpl->setVariable(
 
  161            $this->ctrl->getFormAction($this)
 
  163        $generalSettingsTpl->setVariable(
"TXT_AUTH_ROLES", $this->lng->txt(
"auth_active_roles"));
 
  164        $generalSettingsTpl->setVariable(
"TXT_ROLE", $this->lng->txt(
"obj_role"));
 
  165        $generalSettingsTpl->setVariable(
"TXT_ROLE_AUTH_MODE", $this->lng->txt(
"auth_role_auth_mode"));
 
  166        if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  167            $generalSettingsTpl->setVariable(
"CMD_SUBMIT_ROLES", 
"updateAuthRoles");
 
  168            $generalSettingsTpl->setVariable(
'BTN_SUBMIT_ROLES', $this->lng->txt(
'save'));
 
  171        include_once(
"./Services/AccessControl/classes/class.ilObjRole.php");
 
  175        include_once(
'./Services/Authentication/classes/class.ilAuthUtils.php');
 
  178        foreach ($reg_roles as $role) {
 
  179            foreach ($active_auth_modes as $auth_name => $auth_key) {
 
  183                if ($auth_name == 
"default" || $auth_name == 
"cas" 
  184                    || $auth_name == 
'saml' 
  185                    || $auth_name == 
"shibboleth" || $auth_name == 
'ldap' 
  186                    || $auth_name == 
'apache' || $auth_name == 
"ecs" 
  187                    || $auth_name == 
"openid") {
 
  191                $generalSettingsTpl->setCurrentBlock(
"auth_mode_selection");
 
  193                if ($auth_name == 
'default') {
 
  200                    $name = $idp->getEntityId();
 
  202                    $name = $this->lng->txt(
'auth_' . $auth_name);
 
  205                $generalSettingsTpl->setVariable(
"AUTH_MODE_NAME", 
$name);
 
  207                $generalSettingsTpl->setVariable(
"AUTH_MODE", $auth_name);
 
  209                if ($role[
'auth_mode'] == $auth_name) {
 
  210                    $generalSettingsTpl->setVariable(
"SELECTED_AUTH_MODE", 
"selected=\"selected\"");
 
  213                $generalSettingsTpl->parseCurrentBlock();
 
  216            $generalSettingsTpl->setCurrentBlock(
"roles");
 
  217            $generalSettingsTpl->setVariable(
"ROLE", $role[
'title']);
 
  218            $generalSettingsTpl->setVariable(
"ROLE_ID", $role[
'id']);
 
  219            $generalSettingsTpl->parseCurrentBlock();
 
  222        $this->tpl->setContent($generalSettingsTpl->get());
 
  240        if (!
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
 
  241            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  244        $this->tabs_gui->setTabActive(
"authentication_settings");
 
  246        $this->tabs_gui->setSubTabActive(
"auth_login_editor");
 
  248        $lng->loadLanguageModule(
"meta");
 
  250        $this->tpl->addBlockFile(
 
  253            "tpl.auth_login_messages.html",
 
  254            "Services/Authentication" 
  256        $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
 
  257        $this->tpl->setVariable(
"TXT_HEADLINE", $this->lng->txt(
"login_information"));
 
  258        $this->tpl->setVariable(
"TXT_DESCRIPTION", $this->lng->txt(
"login_information_desc"));
 
  259        $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
 
  260        $this->initLoginForm();
 
  261        $this->tpl->setVariable(
'LOGIN_INFO', $this->form->getHTML());
 
  267        $this->ctrl->redirect($this, 
"authSettings");
 
  277        if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  278            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  281        if (empty(
$_POST[
"auth_mode"])) {
 
  282            $this->
ilias->raiseError($this->lng->txt(
"auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
 
  285        $current_auth_mode = 
$ilSetting->get(
'auth_mode', 
'');
 
  286        if (
$_POST[
"auth_mode"] == $current_auth_mode) {
 
  287            ilUtil::sendInfo($this->lng->txt(
"auth_mode") . 
": " . $this->getAuthModeTitle() . 
" " . $this->lng->txt(
"auth_mode_not_changed"), 
true);
 
  288            $this->ctrl->redirect($this, 
'authSettings');
 
  291        switch (
$_POST[
"auth_mode"]) {
 
  308                if ($this->object->checkAuthSHIB() !== 
true) {
 
  313                            $this->ctrl->getLinkTargetByClass(
 
  314                                ilAuthShibbolethSettingsGUI::class,
 
  326                if ($this->object->checkAuthRADIUS() !== 
true) {
 
  328                    $this->ctrl->redirect($this, 
'editRADIUS');
 
  333                if ($this->object->checkAuthScript() !== 
true) {
 
  340        $this->
ilias->setSetting(
"auth_mode", 
$_POST[
"auth_mode"]);
 
  342        ilUtil::sendSuccess($this->lng->txt(
"auth_default_mode_changed_to") . 
" " . $this->getAuthModeTitle(), 
true);
 
  343        $this->ctrl->redirect($this, 
'authSettings');
 
  358        $ilCtrl = 
$DIC[
'ilCtrl'];
 
  361        if (!
$rbacsystem->checkAccess(
"read", $this->object->getRefId())) {
 
  362            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  365        $this->tabs_gui->setTabActive(
'auth_soap');
 
  368        $this->tpl->addBlockFile(
'ADM_CONTENT', 
'adm_content', 
'tpl.auth_soap.html', 
'Services/Authentication');
 
  371        $role_list = 
$rbacreview->getRolesByFilter(2, $this->object->getId());
 
  374        foreach ($role_list as $role) {
 
  375            $roles[$role[
'obj_id']] = $role[
'title'];
 
  379        include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
 
  382        $soap_config->setTitle($this->lng->txt(
"auth_soap_auth"));
 
  383        $soap_config->setDescription($this->lng->txt(
"auth_soap_auth_desc"));
 
  384        $soap_config->setFormAction($this->ctrl->getFormAction($this, 
"editSOAP"));
 
  385        if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  386            $soap_config->addCommandButton(
"saveSOAP", $this->lng->txt(
"save"));
 
  387            $soap_config->addCommandButton(
"editSOAP", $this->lng->txt(
"cancel"));
 
  391        $active->setTitle($this->lng->txt(
"active"));
 
  392        $active->setPostVar(
"soap[active]");
 
  396        $server->setTitle($this->lng->txt(
"server"));
 
  397        $server->setInfo($this->lng->txt(
"auth_soap_server_desc"));
 
  398        $server->setPostVar(
"soap[server]");
 
  405        $port->setTitle($this->lng->txt(
"port"));
 
  406        $port->setInfo($this->lng->txt(
"auth_soap_port_desc"));
 
  407        $port->setPostVar(
"soap[port]");
 
  409        $port->setMaxLength(5);
 
  413        $https->setTitle($this->lng->txt(
"auth_soap_use_https"));
 
  414        $https->setPostVar(
"soap[use_https]");
 
  418        $uri->setTitle($this->lng->txt(
"uri"));
 
  419        $uri->setInfo($this->lng->txt(
"auth_soap_uri_desc"));
 
  420        $uri->setPostVar(
"soap[uri]");
 
  422        $uri->setMaxLength(256);
 
  426        $namespace->setTitle($this->lng->txt(
"auth_soap_namespace"));
 
  427        $namespace->setInfo($this->lng->txt(
"auth_soap_namespace_desc"));
 
  434        $dotnet->setTitle($this->lng->txt(
"auth_soap_use_dotnet"));
 
  435        $dotnet->setPostVar(
"soap[use_dotnet]");
 
  439        $createuser->setTitle($this->lng->txt(
"auth_create_users"));
 
  440        $createuser->setInfo($this->lng->txt(
"auth_soap_create_users_desc"));
 
  441        $createuser->setPostVar(
"soap[create_users]");
 
  445        $sendmail->setTitle($this->lng->txt(
"user_send_new_account_mail"));
 
  446        $sendmail->setInfo($this->lng->txt(
"auth_new_account_mail_desc"));
 
  447        $sendmail->setPostVar(
"soap[account_mail]");
 
  451        $defaultrole->setTitle($this->lng->txt(
"auth_user_default_role"));
 
  452        $defaultrole->setInfo($this->lng->txt(
"auth_soap_user_default_role_desc"));
 
  453        $defaultrole->setPostVar(
"soap[user_default_role]");
 
  454        $defaultrole->setOptions($roles);
 
  458        $allowlocal->setTitle($this->lng->txt(
"auth_allow_local"));
 
  459        $allowlocal->setInfo($this->lng->txt(
"auth_soap_allow_local_desc"));
 
  460        $allowlocal->setPostVar(
"soap[allow_local]");
 
  467            $active             ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"active"]);
 
  469            $port               ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"port"]);
 
  470            $https              ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_https"]);
 
  471            $uri                ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"uri"]);
 
  473            $dotnet             ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_dotnet"]);
 
  474            $createuser ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"create_users"]);
 
  475            $allowlocal ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"allow_local"]);
 
  476            $defaultrole->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"user_default_role"]);
 
  477            $sendmail   ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"account_mail"]);
 
  479            $active             ->setChecked(
$settings[
"soap_auth_active"]);
 
  481            $port               ->setValue(
$settings[
"soap_auth_port"]);
 
  483            $uri                ->setValue(
$settings[
"soap_auth_uri"]);
 
  485            $dotnet             ->setChecked(
$settings[
"soap_auth_use_dotnet"]);
 
  486            $createuser ->setChecked(
$settings[
"soap_auth_create_users"]);
 
  487            $allowlocal ->setChecked(
$settings[
"soap_auth_allow_local"]);
 
  488            $defaultrole->setValue(
$settings[
"soap_auth_user_default_role"]);
 
  489            $sendmail   ->setChecked(
$settings[
"soap_auth_account_mail"]);
 
  492        if (!$defaultrole->getValue()) {
 
  493            $defaultrole->setValue(4);
 
  497        $soap_config->addItem($active);
 
  498        $soap_config->addItem(
$server);
 
  499        $soap_config->addItem($port);
 
  500        $soap_config->addItem(
$https);
 
  501        $soap_config->addItem($uri);
 
  503        $soap_config->addItem($dotnet);
 
  504        $soap_config->addItem($createuser);
 
  505        $soap_config->addItem($sendmail);
 
  506        $soap_config->addItem($defaultrole);
 
  507        $soap_config->addItem($allowlocal);
 
  509        $this->tpl->setVariable(
"CONFIG_FORM", $soap_config->getHTML());
 
  513        $form->setFormAction($ilCtrl->getFormAction($this));
 
  514        $form->setTitle(
"Test Request");
 
  516        $form->addItem($text_prop);
 
  518        $form->addItem($text_prop2);
 
  522        $form->addCommandButton(
 
  523            "testSoapAuthConnection",
 
  527        if ($ilCtrl->getCmd() == 
"testSoapAuthConnection") {
 
  528            include_once(
"./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
 
  532                (
boolean) 
$_POST[
"new_user"]
 
  535        $this->tpl->setVariable(
"TEST_FORM", $form->getHTML() . 
$ret);
 
  556        if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  557            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  561        if (!
$_POST[
"soap"][
"server"]) {
 
  562            $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
 
  566        if (
$_POST[
"soap"][
"server"] != 
"" && (preg_match(
"/^[0-9]{0,5}$/", 
$_POST[
"soap"][
"port"])) == 
false) {
 
  567            $this->
ilias->raiseError($this->lng->txt(
"err_invalid_port"), $this->ilias->error_obj->MESSAGE);
 
  580        $ilSetting->set(
"soap_auth_user_default_role", 
$_POST[
"soap"][
"user_default_role"]);
 
  581        ilUtil::sendSuccess($this->lng->txt(
"auth_soap_settings_saved"), 
true);
 
  583        $this->ctrl->redirect($this, 
'editSOAP');
 
  597        if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  598            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  602            $this->tpl->setVariable(
"AUTH_SCRIPT_NAME", 
$_SESSION[
"error_post_vars"][
"auth_script"][
"name"]);
 
  607            $this->tpl->setVariable(
"AUTH_SCRIPT_NAME", 
$settings[
"auth_script_name"]);
 
  610        $this->tabs_gui->setTabActive(
'auth_script');
 
  612        $this->tpl->addBlockFile(
 
  615            "tpl.auth_script.html",
 
  616            "Services/Authentication" 
  619        $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
 
  620        $this->tpl->setVariable(
"COLSPAN", 3);
 
  621        $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_TITLE", $this->lng->txt(
"auth_script_configure"));
 
  622        $this->tpl->setVariable(
"TXT_OPTIONS", $this->lng->txt(
"options"));
 
  623        $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_NAME", $this->lng->txt(
"auth_script_name"));
 
  625        $this->tpl->setVariable(
"TXT_REQUIRED_FLD", $this->lng->txt(
"required_field"));
 
  626        $this->tpl->setVariable(
"TXT_CANCEL", $this->lng->txt(
"cancel"));
 
  627        $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
 
  628        $this->tpl->setVariable(
"CMD_SUBMIT", 
"saveScript");
 
  639        if (!
$_POST[
"auth_script"][
"name"]) {
 
  640            $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
 
  653        $this->
ilias->setSetting(
"auth_script_name", 
$_POST[
"auth_script"][
"name"]);
 
  656        ilUtil::sendSuccess($this->lng->txt(
"auth_mode_changed_to") . 
" " . $this->getAuthModeTitle(), 
true);
 
  657        $this->ctrl->redirect($this, 
'editScript');
 
  669        switch ($this->
ilias->getSetting(
"auth_mode")) {
 
  671                return $this->lng->txt(
"auth_local");
 
  675                return $this->lng->txt(
"auth_ldap");
 
  679                return $this->lng->txt(
"auth_shib");
 
  683                return $this->lng->txt(
"auth_saml");
 
  687                return $this->lng->txt(
"auth_radius");
 
  691                return $this->lng->txt(
"auth_script");
 
  695                return $this->lng->txt(
"auth_apache");
 
  699                return $this->lng->txt(
"unknown");
 
  710        if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
 
  711            $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  714        include_once(
'./Services/AccessControl/classes/class.ilObjRole.php');
 
  717        ilUtil::sendSuccess($this->lng->txt(
"auth_mode_roles_changed"), 
true);
 
  718        $this->ctrl->redirect($this, 
'authSettings');
 
  728        if (is_object($this->form)) {
 
  732        include_once(
'./Services/Form/classes/class.ilPropertyFormGUI.php');
 
  734        $this->form->setFormAction($this->ctrl->getFormAction($this));
 
  735        $this->form->setTableWidth(
'100%');
 
  736        $this->form->setTitle($this->lng->txt(
'auth_auth_settings'));
 
  738        if ($this->access->checkAccess(
'write', 
'', $this->object->getRefId())) {
 
  739            $this->form->addCommandButton(
'updateAuthModeDetermination', $this->lng->txt(
'save'));
 
  742        require_once 
'Services/Captcha/classes/class.ilCaptchaUtil.php';
 
  743        $cap = 
new ilCheckboxInputGUI($this->lng->txt(
'adm_captcha_anonymous_short'), 
'activate_captcha_anonym');
 
  744        $cap->setInfo($this->lng->txt(
'adm_captcha_anonymous_auth'));
 
  747            $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
 
  749        $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
 
  750        $this->form->addItem($cap);
 
  753        include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
 
  755        if ($det->getCountActiveAuthModes() <= 1) {
 
  760        $header->setTitle($this->lng->txt(
'auth_auth_mode_determination'));
 
  761        $this->form->addItem($header);
 
  764        $kind->setInfo($this->lng->txt(
'auth_mode_determination_info'));
 
  765        $kind->setValue($det->getKind());
 
  766        $kind->setRequired(
true);
 
  768        $option_user = 
new ilRadioOption($this->lng->txt(
'auth_by_user'), 0);
 
  769        $kind->addOption($option_user);
 
  771        $option_determination = 
new ilRadioOption($this->lng->txt(
'auth_automatic'), 1);
 
  773        include_once(
'Services/Authentication/classes/class.ilAuthUtils.php');
 
  775        $auth_sequenced = $det->getAuthModeSequence();
 
  777        foreach ($auth_sequenced as $auth_mode) {
 
  778            switch ($auth_mode) {
 
  787                    $text = $this->lng->txt(
'auth_radius');
 
  790                    $text = $this->lng->txt(
'auth_local');
 
  793                    $text = $this->lng->txt(
'auth_soap');
 
  796                    $text = $this->lng->txt(
'auth_apache');
 
  801                        $option = $pl->getMultipleAuthModeOptions($auth_mode);
 
  802                        $text = $option[$auth_mode][
'txt'];
 
  809            $pos->setValue($counter++);
 
  811            $pos->setMaxLength(1);
 
  812            $option_determination->addSubItem($pos);
 
  814        $kind->addOption($option_determination);
 
  815        $this->form->addItem($kind);
 
  827        include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
 
  830        $det->setKind((
int) 
$_POST[
'kind']);
 
  832        $pos = 
$_POST[
'position'] ? 
$_POST[
'position'] : array();
 
  833        asort($pos, SORT_NUMERIC);
 
  836        foreach ($pos as $auth_mode => $dummy) {
 
  837            $position[$counter++] = $auth_mode;
 
  839        $det->setAuthModeSequence($position ? $position : array());
 
  842        require_once 
'Services/Captcha/classes/class.ilCaptchaUtil.php';
 
  843        ilCaptchaUtil::setActiveForLogin((
bool) 
$_POST[
'activate_captcha_anonym']);
 
  845        ilUtil::sendSuccess($this->lng->txt(
'settings_saved'));
 
  859        $ilAccess = 
$DIC[
'ilAccess'];
 
  863        $next_class = $this->ctrl->getNextClass($this);
 
  864        $cmd = $this->ctrl->getCmd();
 
  867        if (!$DIC->rbac()->system()->checkAccess(
"visible,read", $this->object->getRefId())) {
 
  868            $ilErr->raiseError($this->lng->txt(
'msg_no_perm_read'), 
$ilErr->WARNING);
 
  871        switch ($next_class) {
 
  872            case 'ilopenidconnectsettingsgui':
 
  874                $this->tabs_gui->activateTab(
'auth_oidconnect');
 
  877                $this->ctrl->forwardCommand($oid);
 
  880            case 'ilsamlsettingsgui':
 
  881                $this->tabs_gui->setTabActive(
'auth_saml');
 
  883                require_once 
'./Services/Saml/classes/class.ilSamlSettingsGUI.php';
 
  885                $this->ctrl->forwardCommand($os);
 
  888            case 'ilregistrationsettingsgui':
 
  890                include_once 
'./Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
 
  893                $this->tabs_gui->setTabActive(
'registration_settings');
 
  895                $this->ctrl->forwardCommand($registration_gui);
 
  898            case 'ilpermissiongui':
 
  901                $this->tabs_gui->setTabActive(
'perm_settings');
 
  903                include_once(
"Services/AccessControl/classes/class.ilPermissionGUI.php");
 
  905                $ret = &$this->ctrl->forwardCommand($perm_gui);
 
  908            case 'illdapsettingsgui':
 
  911                $this->tabs_gui->setTabActive(
'auth_ldap');
 
  913                include_once 
'./Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
 
  915                $this->ctrl->forwardCommand($ldap_settings_gui);
 
  918            case 'ilauthshibbolethsettingsgui':
 
  920                $this->tabs_gui->setTabActive(
'auth_shib');
 
  921                include_once(
'./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
 
  923                $this->ctrl->forwardCommand($shib_settings_gui);
 
  926            case 'ilcassettingsgui':
 
  928                $this->tabs_gui->setTabActive(
'auth_cas');
 
  929                include_once 
'./Services/CAS/classes/class.ilCASSettingsGUI.php';
 
  931                $this->ctrl->forwardCommand($cas_settings);
 
  934            case 'ilradiussettingsgui':
 
  936                $this->tabs_gui->setTabActive(
'auth_radius');
 
  937                include_once 
'./Services/Radius/classes/class.ilRadiusSettingsGUI.php';
 
  939                $this->ctrl->forwardCommand($radius_settings_gui);
 
  943            case 'ilauthloginpageeditorgui':
 
  946                $this->tabs_gui->setTabActive(
'authentication_settings');
 
  947                $this->tabs_gui->setSubTabActive(
"auth_login_editor");
 
  949                include_once 
'./Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
 
  951                $this->ctrl->forwardCommand($lpe);
 
  956                    $cmd = 
"authSettings";
 
  982        $this->ctrl->setParameter($this, 
"ref_id", $this->object->getRefId());
 
  984        if (
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
 
  985            $this->tabs_gui->addTarget(
 
  986                "authentication_settings",
 
  987                $this->ctrl->getLinkTarget($this, 
"authSettings"),
 
  993            $this->tabs_gui->addTarget(
 
  994                'registration_settings',
 
  995                $this->ctrl->getLinkTargetByClass(
'ilregistrationsettingsgui', 
'view')
 
  998            $this->tabs_gui->addTarget(
 
 1000                $this->ctrl->getLinkTargetByClass(
'illdapsettingsgui', 
'serverList'),
 
 1007            #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
 
 1010            $this->tabs_gui->addTarget(
'auth_shib', $this->ctrl->getLinkTargetByClass(
'ilauthshibbolethsettingsgui', 
'settings'));
 
 1012            $this->tabs_gui->addTarget(
 
 1014                $this->ctrl->getLinkTargetByClass(
'ilcassettingsgui', 
'settings')
 
 1017            $this->tabs_gui->addTarget(
 
 1019                $this->ctrl->getLinkTargetByClass(
'ilradiussettingsgui', 
"settings"),
 
 1025            $this->tabs_gui->addTarget(
 
 1027                $this->ctrl->getLinkTarget($this, 
"editSOAP"),
 
 1033            $this->tabs_gui->addTarget(
 
 1034                "apache_auth_settings",
 
 1035                $this->ctrl->getLinkTarget($this, 
'apacheAuthSettings'),
 
 1041            require_once 
'Services/Saml/classes/class.ilSamlSettingsGUI.php';
 
 1042            $this->tabs_gui->addTarget(
 
 1050            $this->tabs_gui->addTab(
 
 1052                $this->lng->txt(
'auth_oidconnect'),
 
 1053                $this->ctrl->getLinkTargetByClass(
'ilopenidconnectsettingsgui')
 
 1057        if (
$rbacsystem->checkAccess(
'edit_permission', $this->object->getRefId())) {
 
 1058            $this->tabs_gui->addTarget(
 
 1060                $this->ctrl->getLinkTargetByClass(array(get_class($this),
'ilpermissiongui'), 
"perm"),
 
 1061                array(
"perm",
"info",
"owner"),
 
 1076        $ilAccess = 
$DIC[
'ilAccess'];
 
 1078        $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
 
 1081            case 'authSettings':
 
 1082                if ($ilAccess->checkAccess(
'write', 
'', $this->object->getRefId())) {
 
 1083                    $this->tabs_gui->addSubTabTarget(
 
 1085                        $this->ctrl->getLinkTarget($this, 
'authSettings'),
 
 1089                if ($ilAccess->checkAccess(
'write', 
'', $this->object->getRefId())) {
 
 1090                    $this->tabs_gui->addSubTabTarget(
 
 1091                        'auth_login_editor',
 
 1092                        $this->ctrl->getLinkTargetByClass(
'ilauthloginpageeditorgui', 
''),
 
 1107        $this->tabs_gui->setTabActive(
"apache_auth_settings");
 
 1116            if (file_exists($path) && is_readable($path)) {
 
 1117                $settingsMap[
'apache_auth_domains'] = file_get_contents($path);
 
 1120            $form->setValuesByArray($settingsMap);
 
 1122        $tpl->setVariable(
'ADM_CONTENT', $form->getHtml());
 
 1129        $ilCtrl = 
$DIC[
'ilCtrl'];
 
 1131        $form->setValuesByPost();
 
 1135        if ($form->checkInput()) {
 
 1138                'apache_auth_indicator_name', 
'apache_auth_indicator_value',
 
 1139                'apache_enable_auth', 
'apache_enable_local', 
'apache_local_autocreate',
 
 1140                'apache_enable_ldap', 
'apache_auth_username_config_type',
 
 1141                'apache_auth_username_direct_mapping_fieldname',
 
 1142                'apache_default_role', 
'apache_auth_target_override_login_page',
 
 1143                'apache_auth_enable_override_login_page',
 
 1144                'apache_auth_authenticate_on_login_page',
 
 1149            foreach ($fields as $field) {
 
 1150                $settings->set($field, $form->getInput($field));
 
 1153            if ($form->getInput(
'apache_enable_auth')) {
 
 1154                $this->
ilias->setSetting(
'apache_active', 
true);
 
 1156                $this->
ilias->setSetting(
'apache_active', 
false);
 
 1168            ilUtil::sendSuccess($this->lng->txt(
'apache_settings_changed_success'), 
true);
 
 1169            $this->ctrl->redirect($this, 
'apacheAuthSettings');
 
 1177        include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
 
 1180        $form->setFormAction($this->ctrl->getFormAction($this));
 
 1181        $form->setTitle($this->lng->txt(
'apache_settings'));
 
 1183        $chb_enabled = 
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_auth'), 
'apache_enable_auth');
 
 1184        $form->addItem($chb_enabled);
 
 1186        $chb_local_create_account = 
new ilCheckboxInputGUI($this->lng->txt(
'apache_autocreate'), 
'apache_local_autocreate');
 
 1187        $chb_enabled->addSubitem($chb_local_create_account);
 
 1193        $select = 
new ilSelectInputGUI($this->lng->txt(
'apache_default_role'), 
'apache_default_role');
 
 1194        $roleOptions = array();
 
 1195        foreach ($roles as $role) {
 
 1198        $select->setOptions($roleOptions);
 
 1199        $select->setValue(4);
 
 1201        $chb_local_create_account->addSubitem($select);
 
 1203        $chb_local = 
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_local'), 
'apache_enable_local');
 
 1204        $form->addItem($chb_local);
 
 1206        $chb_ldap = 
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_ldap'), 
'apache_enable_ldap');
 
 1207        $chb_ldap->setInfo($this->lng->txt(
'apache_ldap_hint_ldap_must_be_configured'));
 
 1209        $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
 
 1210        include_once 
'./Services/LDAP/classes/class.ilLDAPServer.php';
 
 1212        if (count($servers)) {
 
 1213            $ldap_server_select = 
new ilSelectInputGUI($this->lng->txt(
'auth_ldap_server_ds'), 
'apache_ldap_sid');
 
 1214            $options[0] = $this->lng->txt(
'select_one');
 
 1215            foreach ($servers as $server_id) {
 
 1217                $options[$server_id] = $ldap_server->getName();
 
 1219            $ldap_server_select->setOptions($options);
 
 1220            $ldap_server_select->setRequired(
true);
 
 1223            $ldap_server_select->setValue($ds);
 
 1225            $chb_ldap->addSubItem($ldap_server_select);
 
 1227        $form->addItem($chb_ldap);
 
 1229        $txt = 
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_name'), 
'apache_auth_indicator_name');
 
 1230        $txt->setRequired(
true);
 
 1231        $form->addItem(
$txt);
 
 1233        $txt = 
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_value'), 
'apache_auth_indicator_value');
 
 1234        $txt->setRequired(
true);
 
 1235        $form->addItem(
$txt);
 
 1238        $chb = 
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_enable_override_login'), 
'apache_auth_enable_override_login_page');
 
 1239        $form->addItem($chb);
 
 1241        $txt = 
new ilTextInputGUI($this->lng->txt(
'apache_auth_target_override_login'), 
'apache_auth_target_override_login_page');
 
 1242        $txt->setRequired(
true);
 
 1243        $chb->addSubItem(
$txt);
 
 1245        $chb = 
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_authenticate_on_login_page'), 
'apache_auth_authenticate_on_login_page');
 
 1246        $form->addItem($chb);
 
 1249        $sec->setTitle($this->lng->txt(
'apache_auth_username_config'));
 
 1250        $form->addItem($sec);
 
 1252        $rag = 
new ilRadioGroupInputGUI($this->lng->txt(
'apache_auth_username_config_type'), 
'apache_auth_username_config_type');
 
 1253        $form->addItem($rag);
 
 1255        $rao = 
new ilRadioOption($this->lng->txt(
'apache_auth_username_direct_mapping'), 1);
 
 1256        $rag->addOption($rao);
 
 1258        $txt = 
new ilTextInputGUI($this->lng->txt(
'apache_auth_username_direct_mapping_fieldname'), 
'apache_auth_username_direct_mapping_fieldname');
 
 1260        $rao->addSubItem(
$txt);
 
 1262        $rao = 
new ilRadioOption($this->lng->txt(
'apache_auth_username_extended_mapping'), 2);
 
 1263        $rao->setDisabled(
true);
 
 1264        $rag->addOption($rao);
 
 1266        $rao = 
new ilRadioOption($this->lng->txt(
'apache_auth_username_by_function'), 3);
 
 1267        $rag->addOption($rao);
 
 1273        $sec->setTitle($this->lng->txt(
'apache_auth_security'));
 
 1274        $form->addItem($sec);
 
 1277        $txt->setInfo($this->lng->txt(
'apache_auth_domains_description'));
 
 1279        $form->addItem(
$txt);
 
 1281        if ($this->access->checkAccess(
'write', 
'', $this->ref_id)) {
 
 1282            $form->addCommandButton(
'saveApacheSettings', $this->lng->txt(
'save'));
 
 1284        $form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
 
 1291        return join(
"\n", preg_split(
"/[\r\n]+/", $text));
 
 1297        $this->ctrl->redirect($registration_gui);
 
 1306        switch ($a_form_id) {
 
 1308                require_once 
'Services/Captcha/classes/class.ilCaptchaUtil.php';
 
 1309                $fields_login = array(
 
 1313                $fields_registration = array(
 
 1318                return array(
'adm_auth_login' => array(
'authSettings', $fields_login), 
'adm_auth_reg' => array(
'registrationSettings', $fields_registration));
 
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
An exception for terminatinating execution or to throw for unit testing.
const AUTH_OPENID_CONNECT
Login page editor settings GUI ILIAS page editor or richtext editor.
static _getInstance()
Get instance.
Class ilAuthShibbolethSettingsGUI.
static _getActiveAuthModes()
static getAuthPlugins()
Get active enabled auth plugins.
static _getAllAuthModes()
static _getAuthModeName($a_auth_key)
static checkFreetype()
Check whether captcha support is active.
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getDataSource($a_auth_mode)
static getInstanceByServerId($a_server_id)
Get instance by server id.
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
static getServerIds()
Get all server ids @global ilDB $ilDB.
Class ilObjAuthSettingsGUI.
validateApacheAuthAllowedDomains($text)
getAdminTabs()
administration tabs show only permissions and trash folder
setSubTabs($a_tab)
set sub tabs
addToExternalSettingsForm($a_form_id)
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
getApacheAuthSettingsForm()
updateAuthModeDeterminationObject()
update auth mode determination
loginInfoObject()
displays login information of all installed languages
registrationSettingsObject()
executeCommand()
Execute command.
apacheAuthSettingsObject($form=false)
getAuthModeTitle()
get the title of auth mode
saveApacheSettingsObject()
editSOAPObject()
Configure soap settings.
cancelObject()
cancel action and go back to previous page @access public
authSettingsObject()
display settings menu
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
testSoapAuthConnectionObject()
initAuthModeDetermination()
init auth mode determinitation form
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
getTabs()
get tabs @access public
editScriptObject()
Configure Custom settings.
static _lookupRegisterAllowed()
get all roles that are activated in user registration
static _updateAuthMode($a_roles)
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Class ilObjectGUI Basic methods of all Output classes.
prepareOutput($a_show_subobjects=true)
prepare output
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
static _lookupTitle($a_id)
lookup object title
Class ilOpenIdConnectSettingsGUI.
static getInstance()
Get singleton instance.
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
This class represents an option in a radio group.
Class ilRegistrationSettingsGUI.
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
static getIdpIdByAuthMode(string $a_auth_mode)
static isAuthModeSaml(string $a_auth_mode)
static getInstanceByIdpId(int $a_idp_id)
special template class to simplify handling of ITX/PEAR
This class represents a text area property in a property form.
This class represents a text property in a property form.
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
if($err=$client->getError()) $namespace
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
redirection script todo: (a better solution should control the processing via a xml file)