28 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output =
true)
36 $this->lng->loadLanguageModule(
'registration');
37 $this->lng->loadLanguageModule(
'auth');
39 define(
'LDAP_DEFAULT_PORT', 389);
40 define(
'RADIUS_DEFAULT_PORT', 1812);
63 if (!
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
64 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
67 $this->tabs_gui->setTabActive(
'authentication_settings');
69 $this->tabs_gui->setSubTabActive(
"auth_settings");
71 $generalSettingsTpl =
new ilTemplate(
'tpl.auth_general.html',
true,
true,
'Services/Authentication');
73 $generalSettingsTpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
74 $generalSettingsTpl->setVariable(
"TXT_AUTH_TITLE", $this->lng->txt(
"auth_select"));
76 $generalSettingsTpl->setVariable(
"TXT_AUTH_MODE", $this->lng->txt(
"auth_mode"));
77 $generalSettingsTpl->setVariable(
"TXT_AUTH_DEFAULT", $this->lng->txt(
"default"));
78 $generalSettingsTpl->setVariable(
"TXT_AUTH_ACTIVE", $this->lng->txt(
"active"));
79 $generalSettingsTpl->setVariable(
"TXT_AUTH_NUM_USERS", $this->lng->txt(
"num_users"));
81 $generalSettingsTpl->setVariable(
"TXT_LOCAL", $this->lng->txt(
"auth_local"));
82 $generalSettingsTpl->setVariable(
"TXT_LDAP", $this->lng->txt(
"auth_ldap"));
83 $generalSettingsTpl->setVariable(
"TXT_SHIB", $this->lng->txt(
"auth_shib"));
85 $generalSettingsTpl->setVariable(
"TXT_CAS", $this->lng->txt(
"auth_cas"));
87 $generalSettingsTpl->setVariable(
"TXT_RADIUS", $this->lng->txt(
"auth_radius"));
88 $generalSettingsTpl->setVariable(
"TXT_SCRIPT", $this->lng->txt(
"auth_script"));
90 $generalSettingsTpl->setVariable(
"TXT_APACHE", $this->lng->txt(
"auth_apache"));
95 include_once(
'Services/LDAP/classes/class.ilLDAPServer.php');
97 $icon_ok =
"<img src=\"" .
ilUtil::getImagePath(
"icon_ok.svg") .
"\" alt=\"" . $this->lng->txt(
"enabled") .
"\" title=\"" . $this->lng->txt(
"enabled") .
"\" border=\"0\" vspace=\"0\"/>";
98 $icon_not_ok =
"<img src=\"" .
ilUtil::getImagePath(
"icon_not_ok.svg") .
"\" alt=\"" . $this->lng->txt(
"disabled") .
"\" title=\"" . $this->lng->txt(
"disabled") .
"\" border=\"0\" vspace=\"0\"/>";
101 foreach ($auth_modes as $mode => $mode_name) {
106 $generalSettingsTpl->setCurrentBlock(
'auth_mode');
110 $generalSettingsTpl->setVariable(
"AUTH_NAME",
$server->getName());
111 $generalSettingsTpl->setVariable(
'AUTH_ACTIVE',
$server->isActive() ? $icon_ok : $icon_not_ok);
114 $generalSettingsTpl->setVariable(
'AUTH_NAME', $idp->getEntityId());
115 $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
117 $generalSettingsTpl->setVariable(
"AUTH_NAME", $this->lng->txt(
"auth_" . $mode_name));
120 $generalSettingsTpl->setVariable(
"AUTH_NAME", $this->lng->txt(
"auth_" . $mode_name));
121 $generalSettingsTpl->setVariable(
'AUTH_ACTIVE', $this->
ilias->getSetting($mode_name .
'_active') || $mode ==
AUTH_LOCAL ? $icon_ok : $icon_not_ok);
125 $generalSettingsTpl->setVariable(
"AUTH_CHECKED",
"checked=\"checked\"");
127 $generalSettingsTpl->setVariable(
129 ((
int) $auth_cnt[$mode_name] + $auth_cnt[
"default"]) .
" (" . $this->lng->txt(
"auth_per_default") .
130 ": " . $auth_cnt[
"default"] .
")"
133 $generalSettingsTpl->setVariable(
135 (
int) $auth_cnt[$mode_name]
138 $generalSettingsTpl->setVariable(
"AUTH_ID", $mode_name);
139 $generalSettingsTpl->setVariable(
"AUTH_VAL", $mode);
140 $generalSettingsTpl->parseCurrentBlock();
143 $generalSettingsTpl->setVariable(
"TXT_CONFIGURE", $this->lng->txt(
"auth_configure"));
145 if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
146 $generalSettingsTpl->setVariable(
"TXT_AUTH_REMARK", $this->lng->txt(
"auth_remark_non_local_auth"));
147 $generalSettingsTpl->setCurrentBlock(
'auth_mode_submit');
148 $generalSettingsTpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
149 $generalSettingsTpl->setVariable(
"CMD_SUBMIT",
"setAuthMode");
150 $generalSettingsTpl->parseCurrentBlock();
155 $generalSettingsTpl->setVariable(
'TABLE_AUTH_DETERMINATION', $this->form->getHTML());
159 $generalSettingsTpl->setVariable(
161 $this->ctrl->getFormAction($this)
163 $generalSettingsTpl->setVariable(
"TXT_AUTH_ROLES", $this->lng->txt(
"auth_active_roles"));
164 $generalSettingsTpl->setVariable(
"TXT_ROLE", $this->lng->txt(
"obj_role"));
165 $generalSettingsTpl->setVariable(
"TXT_ROLE_AUTH_MODE", $this->lng->txt(
"auth_role_auth_mode"));
166 if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
167 $generalSettingsTpl->setVariable(
"CMD_SUBMIT_ROLES",
"updateAuthRoles");
168 $generalSettingsTpl->setVariable(
'BTN_SUBMIT_ROLES', $this->lng->txt(
'save'));
171 include_once(
"./Services/AccessControl/classes/class.ilObjRole.php");
175 include_once(
'./Services/Authentication/classes/class.ilAuthUtils.php');
178 foreach ($reg_roles as $role) {
179 foreach ($active_auth_modes as $auth_name => $auth_key) {
183 if ($auth_name ==
"default" || $auth_name ==
"cas"
184 || $auth_name ==
'saml'
185 || $auth_name ==
"shibboleth" || $auth_name ==
'ldap'
186 || $auth_name ==
'apache' || $auth_name ==
"ecs"
187 || $auth_name ==
"openid") {
191 $generalSettingsTpl->setCurrentBlock(
"auth_mode_selection");
193 if ($auth_name ==
'default') {
200 $name = $idp->getEntityId();
202 $name = $this->lng->txt(
'auth_' . $auth_name);
205 $generalSettingsTpl->setVariable(
"AUTH_MODE_NAME",
$name);
207 $generalSettingsTpl->setVariable(
"AUTH_MODE", $auth_name);
209 if ($role[
'auth_mode'] == $auth_name) {
210 $generalSettingsTpl->setVariable(
"SELECTED_AUTH_MODE",
"selected=\"selected\"");
213 $generalSettingsTpl->parseCurrentBlock();
216 $generalSettingsTpl->setCurrentBlock(
"roles");
217 $generalSettingsTpl->setVariable(
"ROLE", $role[
'title']);
218 $generalSettingsTpl->setVariable(
"ROLE_ID", $role[
'id']);
219 $generalSettingsTpl->parseCurrentBlock();
222 $this->tpl->setContent($generalSettingsTpl->get());
240 if (!
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
241 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
244 $this->tabs_gui->setTabActive(
"authentication_settings");
246 $this->tabs_gui->setSubTabActive(
"auth_login_editor");
248 $lng->loadLanguageModule(
"meta");
250 $this->tpl->addBlockFile(
253 "tpl.auth_login_messages.html",
254 "Services/Authentication"
256 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
257 $this->tpl->setVariable(
"TXT_HEADLINE", $this->lng->txt(
"login_information"));
258 $this->tpl->setVariable(
"TXT_DESCRIPTION", $this->lng->txt(
"login_information_desc"));
259 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
260 $this->initLoginForm();
261 $this->tpl->setVariable(
'LOGIN_INFO', $this->form->getHTML());
267 $this->ctrl->redirect($this,
"authSettings");
277 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
278 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
281 if (empty(
$_POST[
"auth_mode"])) {
282 $this->
ilias->raiseError($this->lng->txt(
"auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
285 $current_auth_mode =
$ilSetting->get(
'auth_mode',
'');
286 if (
$_POST[
"auth_mode"] == $current_auth_mode) {
287 ilUtil::sendInfo($this->lng->txt(
"auth_mode") .
": " . $this->getAuthModeTitle() .
" " . $this->lng->txt(
"auth_mode_not_changed"),
true);
288 $this->ctrl->redirect($this,
'authSettings');
291 switch (
$_POST[
"auth_mode"]) {
308 if ($this->object->checkAuthSHIB() !==
true) {
313 $this->ctrl->getLinkTargetByClass(
314 ilAuthShibbolethSettingsGUI::class,
326 if ($this->object->checkAuthRADIUS() !==
true) {
328 $this->ctrl->redirect($this,
'editRADIUS');
333 if ($this->object->checkAuthScript() !==
true) {
340 $this->
ilias->setSetting(
"auth_mode",
$_POST[
"auth_mode"]);
342 ilUtil::sendSuccess($this->lng->txt(
"auth_default_mode_changed_to") .
" " . $this->getAuthModeTitle(),
true);
343 $this->ctrl->redirect($this,
'authSettings');
358 $ilCtrl =
$DIC[
'ilCtrl'];
361 if (!
$rbacsystem->checkAccess(
"read", $this->object->getRefId())) {
362 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
365 $this->tabs_gui->setTabActive(
'auth_soap');
368 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.auth_soap.html',
'Services/Authentication');
371 $role_list =
$rbacreview->getRolesByFilter(2, $this->object->getId());
374 foreach ($role_list as $role) {
375 $roles[$role[
'obj_id']] = $role[
'title'];
379 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
382 $soap_config->setTitle($this->lng->txt(
"auth_soap_auth"));
383 $soap_config->setDescription($this->lng->txt(
"auth_soap_auth_desc"));
384 $soap_config->setFormAction($this->ctrl->getFormAction($this,
"editSOAP"));
385 if (
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
386 $soap_config->addCommandButton(
"saveSOAP", $this->lng->txt(
"save"));
387 $soap_config->addCommandButton(
"editSOAP", $this->lng->txt(
"cancel"));
391 $active->setTitle($this->lng->txt(
"active"));
392 $active->setPostVar(
"soap[active]");
396 $server->setTitle($this->lng->txt(
"server"));
397 $server->setInfo($this->lng->txt(
"auth_soap_server_desc"));
398 $server->setPostVar(
"soap[server]");
405 $port->setTitle($this->lng->txt(
"port"));
406 $port->setInfo($this->lng->txt(
"auth_soap_port_desc"));
407 $port->setPostVar(
"soap[port]");
409 $port->setMaxLength(5);
413 $https->setTitle($this->lng->txt(
"auth_soap_use_https"));
414 $https->setPostVar(
"soap[use_https]");
418 $uri->setTitle($this->lng->txt(
"uri"));
419 $uri->setInfo($this->lng->txt(
"auth_soap_uri_desc"));
420 $uri->setPostVar(
"soap[uri]");
422 $uri->setMaxLength(256);
426 $namespace->setTitle($this->lng->txt(
"auth_soap_namespace"));
427 $namespace->setInfo($this->lng->txt(
"auth_soap_namespace_desc"));
434 $dotnet->setTitle($this->lng->txt(
"auth_soap_use_dotnet"));
435 $dotnet->setPostVar(
"soap[use_dotnet]");
439 $createuser->setTitle($this->lng->txt(
"auth_create_users"));
440 $createuser->setInfo($this->lng->txt(
"auth_soap_create_users_desc"));
441 $createuser->setPostVar(
"soap[create_users]");
445 $sendmail->setTitle($this->lng->txt(
"user_send_new_account_mail"));
446 $sendmail->setInfo($this->lng->txt(
"auth_new_account_mail_desc"));
447 $sendmail->setPostVar(
"soap[account_mail]");
451 $defaultrole->setTitle($this->lng->txt(
"auth_user_default_role"));
452 $defaultrole->setInfo($this->lng->txt(
"auth_soap_user_default_role_desc"));
453 $defaultrole->setPostVar(
"soap[user_default_role]");
454 $defaultrole->setOptions($roles);
458 $allowlocal->setTitle($this->lng->txt(
"auth_allow_local"));
459 $allowlocal->setInfo($this->lng->txt(
"auth_soap_allow_local_desc"));
460 $allowlocal->setPostVar(
"soap[allow_local]");
467 $active ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"active"]);
469 $port ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"port"]);
470 $https ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_https"]);
471 $uri ->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"uri"]);
473 $dotnet ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"use_dotnet"]);
474 $createuser ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"create_users"]);
475 $allowlocal ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"allow_local"]);
476 $defaultrole->setValue(
$_SESSION[
"error_post_vars"][
"soap"][
"user_default_role"]);
477 $sendmail ->setChecked(
$_SESSION[
"error_post_vars"][
"soap"][
"account_mail"]);
479 $active ->setChecked(
$settings[
"soap_auth_active"]);
481 $port ->setValue(
$settings[
"soap_auth_port"]);
483 $uri ->setValue(
$settings[
"soap_auth_uri"]);
485 $dotnet ->setChecked(
$settings[
"soap_auth_use_dotnet"]);
486 $createuser ->setChecked(
$settings[
"soap_auth_create_users"]);
487 $allowlocal ->setChecked(
$settings[
"soap_auth_allow_local"]);
488 $defaultrole->setValue(
$settings[
"soap_auth_user_default_role"]);
489 $sendmail ->setChecked(
$settings[
"soap_auth_account_mail"]);
492 if (!$defaultrole->getValue()) {
493 $defaultrole->setValue(4);
497 $soap_config->addItem($active);
498 $soap_config->addItem(
$server);
499 $soap_config->addItem($port);
500 $soap_config->addItem(
$https);
501 $soap_config->addItem($uri);
503 $soap_config->addItem($dotnet);
504 $soap_config->addItem($createuser);
505 $soap_config->addItem($sendmail);
506 $soap_config->addItem($defaultrole);
507 $soap_config->addItem($allowlocal);
509 $this->tpl->setVariable(
"CONFIG_FORM", $soap_config->getHTML());
513 $form->setFormAction($ilCtrl->getFormAction($this));
514 $form->setTitle(
"Test Request");
516 $form->addItem($text_prop);
518 $form->addItem($text_prop2);
522 $form->addCommandButton(
523 "testSoapAuthConnection",
527 if ($ilCtrl->getCmd() ==
"testSoapAuthConnection") {
528 include_once(
"./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
532 (
boolean)
$_POST[
"new_user"]
535 $this->tpl->setVariable(
"TEST_FORM", $form->getHTML() .
$ret);
556 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
557 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
561 if (!
$_POST[
"soap"][
"server"]) {
562 $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
566 if (
$_POST[
"soap"][
"server"] !=
"" && (preg_match(
"/^[0-9]{0,5}$/",
$_POST[
"soap"][
"port"])) ==
false) {
567 $this->
ilias->raiseError($this->lng->txt(
"err_invalid_port"), $this->ilias->error_obj->MESSAGE);
580 $ilSetting->set(
"soap_auth_user_default_role",
$_POST[
"soap"][
"user_default_role"]);
581 ilUtil::sendSuccess($this->lng->txt(
"auth_soap_settings_saved"),
true);
583 $this->ctrl->redirect($this,
'editSOAP');
597 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
598 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
602 $this->tpl->setVariable(
"AUTH_SCRIPT_NAME",
$_SESSION[
"error_post_vars"][
"auth_script"][
"name"]);
607 $this->tpl->setVariable(
"AUTH_SCRIPT_NAME",
$settings[
"auth_script_name"]);
610 $this->tabs_gui->setTabActive(
'auth_script');
612 $this->tpl->addBlockFile(
615 "tpl.auth_script.html",
616 "Services/Authentication"
619 $this->tpl->setVariable(
"FORMACTION", $this->ctrl->getFormAction($this));
620 $this->tpl->setVariable(
"COLSPAN", 3);
621 $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_TITLE", $this->lng->txt(
"auth_script_configure"));
622 $this->tpl->setVariable(
"TXT_OPTIONS", $this->lng->txt(
"options"));
623 $this->tpl->setVariable(
"TXT_AUTH_SCRIPT_NAME", $this->lng->txt(
"auth_script_name"));
625 $this->tpl->setVariable(
"TXT_REQUIRED_FLD", $this->lng->txt(
"required_field"));
626 $this->tpl->setVariable(
"TXT_CANCEL", $this->lng->txt(
"cancel"));
627 $this->tpl->setVariable(
"TXT_SUBMIT", $this->lng->txt(
"save"));
628 $this->tpl->setVariable(
"CMD_SUBMIT",
"saveScript");
639 if (!
$_POST[
"auth_script"][
"name"]) {
640 $this->
ilias->raiseError($this->lng->txt(
"fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
653 $this->
ilias->setSetting(
"auth_script_name",
$_POST[
"auth_script"][
"name"]);
656 ilUtil::sendSuccess($this->lng->txt(
"auth_mode_changed_to") .
" " . $this->getAuthModeTitle(),
true);
657 $this->ctrl->redirect($this,
'editScript');
669 switch ($this->
ilias->getSetting(
"auth_mode")) {
671 return $this->lng->txt(
"auth_local");
675 return $this->lng->txt(
"auth_ldap");
679 return $this->lng->txt(
"auth_shib");
683 return $this->lng->txt(
"auth_saml");
687 return $this->lng->txt(
"auth_radius");
691 return $this->lng->txt(
"auth_script");
695 return $this->lng->txt(
"auth_apache");
699 return $this->lng->txt(
"unknown");
710 if (!
$rbacsystem->checkAccess(
"write", $this->object->getRefId())) {
711 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
714 include_once(
'./Services/AccessControl/classes/class.ilObjRole.php');
717 ilUtil::sendSuccess($this->lng->txt(
"auth_mode_roles_changed"),
true);
718 $this->ctrl->redirect($this,
'authSettings');
728 if (is_object($this->form)) {
732 include_once(
'./Services/Form/classes/class.ilPropertyFormGUI.php');
734 $this->form->setFormAction($this->ctrl->getFormAction($this));
735 $this->form->setTableWidth(
'100%');
736 $this->form->setTitle($this->lng->txt(
'auth_auth_settings'));
738 if ($this->access->checkAccess(
'write',
'', $this->object->getRefId())) {
739 $this->form->addCommandButton(
'updateAuthModeDetermination', $this->lng->txt(
'save'));
742 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
743 $cap =
new ilCheckboxInputGUI($this->lng->txt(
'adm_captcha_anonymous_short'),
'activate_captcha_anonym');
744 $cap->setInfo($this->lng->txt(
'adm_captcha_anonymous_auth'));
747 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
749 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
750 $this->form->addItem($cap);
753 include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
755 if ($det->getCountActiveAuthModes() <= 1) {
760 $header->setTitle($this->lng->txt(
'auth_auth_mode_determination'));
761 $this->form->addItem($header);
764 $kind->setInfo($this->lng->txt(
'auth_mode_determination_info'));
765 $kind->setValue($det->getKind());
766 $kind->setRequired(
true);
768 $option_user =
new ilRadioOption($this->lng->txt(
'auth_by_user'), 0);
769 $kind->addOption($option_user);
771 $option_determination =
new ilRadioOption($this->lng->txt(
'auth_automatic'), 1);
773 include_once(
'Services/Authentication/classes/class.ilAuthUtils.php');
775 $auth_sequenced = $det->getAuthModeSequence();
777 foreach ($auth_sequenced as $auth_mode) {
778 switch ($auth_mode) {
787 $text = $this->lng->txt(
'auth_radius');
790 $text = $this->lng->txt(
'auth_local');
793 $text = $this->lng->txt(
'auth_soap');
796 $text = $this->lng->txt(
'auth_apache');
801 $option = $pl->getMultipleAuthModeOptions($auth_mode);
802 $text = $option[$auth_mode][
'txt'];
809 $pos->setValue($counter++);
811 $pos->setMaxLength(1);
812 $option_determination->addSubItem($pos);
814 $kind->addOption($option_determination);
815 $this->form->addItem($kind);
827 include_once(
'Services/Authentication/classes/class.ilAuthModeDetermination.php');
830 $det->setKind((
int)
$_POST[
'kind']);
832 $pos =
$_POST[
'position'] ?
$_POST[
'position'] : array();
833 asort($pos, SORT_NUMERIC);
836 foreach ($pos as $auth_mode => $dummy) {
837 $position[$counter++] = $auth_mode;
839 $det->setAuthModeSequence($position ? $position : array());
842 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
843 ilCaptchaUtil::setActiveForLogin((
bool)
$_POST[
'activate_captcha_anonym']);
845 ilUtil::sendSuccess($this->lng->txt(
'settings_saved'));
859 $ilAccess =
$DIC[
'ilAccess'];
863 $next_class = $this->ctrl->getNextClass($this);
864 $cmd = $this->ctrl->getCmd();
867 if (!$DIC->rbac()->system()->checkAccess(
"visible,read", $this->object->getRefId())) {
868 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_read'),
$ilErr->WARNING);
871 switch ($next_class) {
872 case 'ilopenidconnectsettingsgui':
874 $this->tabs_gui->activateTab(
'auth_oidconnect');
877 $this->ctrl->forwardCommand($oid);
880 case 'ilsamlsettingsgui':
881 $this->tabs_gui->setTabActive(
'auth_saml');
883 require_once
'./Services/Saml/classes/class.ilSamlSettingsGUI.php';
885 $this->ctrl->forwardCommand($os);
888 case 'ilregistrationsettingsgui':
890 include_once
'./Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
893 $this->tabs_gui->setTabActive(
'registration_settings');
895 $this->ctrl->forwardCommand($registration_gui);
898 case 'ilpermissiongui':
901 $this->tabs_gui->setTabActive(
'perm_settings');
903 include_once(
"Services/AccessControl/classes/class.ilPermissionGUI.php");
905 $ret = &$this->ctrl->forwardCommand($perm_gui);
908 case 'illdapsettingsgui':
911 $this->tabs_gui->setTabActive(
'auth_ldap');
913 include_once
'./Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
915 $this->ctrl->forwardCommand($ldap_settings_gui);
918 case 'ilauthshibbolethsettingsgui':
920 $this->tabs_gui->setTabActive(
'auth_shib');
921 include_once(
'./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
923 $this->ctrl->forwardCommand($shib_settings_gui);
926 case 'ilcassettingsgui':
928 $this->tabs_gui->setTabActive(
'auth_cas');
929 include_once
'./Services/CAS/classes/class.ilCASSettingsGUI.php';
931 $this->ctrl->forwardCommand($cas_settings);
934 case 'ilradiussettingsgui':
936 $this->tabs_gui->setTabActive(
'auth_radius');
937 include_once
'./Services/Radius/classes/class.ilRadiusSettingsGUI.php';
939 $this->ctrl->forwardCommand($radius_settings_gui);
943 case 'ilauthloginpageeditorgui':
946 $this->tabs_gui->setTabActive(
'authentication_settings');
947 $this->tabs_gui->setSubTabActive(
"auth_login_editor");
949 include_once
'./Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
951 $this->ctrl->forwardCommand($lpe);
956 $cmd =
"authSettings";
982 $this->ctrl->setParameter($this,
"ref_id", $this->object->getRefId());
984 if (
$rbacsystem->checkAccess(
"visible,read", $this->object->getRefId())) {
985 $this->tabs_gui->addTarget(
986 "authentication_settings",
987 $this->ctrl->getLinkTarget($this,
"authSettings"),
993 $this->tabs_gui->addTarget(
994 'registration_settings',
995 $this->ctrl->getLinkTargetByClass(
'ilregistrationsettingsgui',
'view')
998 $this->tabs_gui->addTarget(
1000 $this->ctrl->getLinkTargetByClass(
'illdapsettingsgui',
'serverList'),
1007 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1010 $this->tabs_gui->addTarget(
'auth_shib', $this->ctrl->getLinkTargetByClass(
'ilauthshibbolethsettingsgui',
'settings'));
1012 $this->tabs_gui->addTarget(
1014 $this->ctrl->getLinkTargetByClass(
'ilcassettingsgui',
'settings')
1017 $this->tabs_gui->addTarget(
1019 $this->ctrl->getLinkTargetByClass(
'ilradiussettingsgui',
"settings"),
1025 $this->tabs_gui->addTarget(
1027 $this->ctrl->getLinkTarget($this,
"editSOAP"),
1033 $this->tabs_gui->addTarget(
1034 "apache_auth_settings",
1035 $this->ctrl->getLinkTarget($this,
'apacheAuthSettings'),
1041 require_once
'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1042 $this->tabs_gui->addTarget(
1050 $this->tabs_gui->addTab(
1052 $this->lng->txt(
'auth_oidconnect'),
1053 $this->ctrl->getLinkTargetByClass(
'ilopenidconnectsettingsgui')
1057 if (
$rbacsystem->checkAccess(
'edit_permission', $this->object->getRefId())) {
1058 $this->tabs_gui->addTarget(
1060 $this->ctrl->getLinkTargetByClass(array(get_class($this),
'ilpermissiongui'),
"perm"),
1061 array(
"perm",
"info",
"owner"),
1076 $ilAccess =
$DIC[
'ilAccess'];
1078 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
1081 case 'authSettings':
1082 if ($ilAccess->checkAccess(
'write',
'', $this->object->getRefId())) {
1083 $this->tabs_gui->addSubTabTarget(
1085 $this->ctrl->getLinkTarget($this,
'authSettings'),
1089 if ($ilAccess->checkAccess(
'write',
'', $this->object->getRefId())) {
1090 $this->tabs_gui->addSubTabTarget(
1091 'auth_login_editor',
1092 $this->ctrl->getLinkTargetByClass(
'ilauthloginpageeditorgui',
''),
1107 $this->tabs_gui->setTabActive(
"apache_auth_settings");
1116 if (file_exists($path) && is_readable($path)) {
1117 $settingsMap[
'apache_auth_domains'] = file_get_contents($path);
1120 $form->setValuesByArray($settingsMap);
1122 $tpl->setVariable(
'ADM_CONTENT', $form->getHtml());
1129 $ilCtrl =
$DIC[
'ilCtrl'];
1131 $form->setValuesByPost();
1135 if ($form->checkInput()) {
1138 'apache_auth_indicator_name',
'apache_auth_indicator_value',
1139 'apache_enable_auth',
'apache_enable_local',
'apache_local_autocreate',
1140 'apache_enable_ldap',
'apache_auth_username_config_type',
1141 'apache_auth_username_direct_mapping_fieldname',
1142 'apache_default_role',
'apache_auth_target_override_login_page',
1143 'apache_auth_enable_override_login_page',
1144 'apache_auth_authenticate_on_login_page',
1149 foreach ($fields as $field) {
1150 $settings->set($field, $form->getInput($field));
1153 if ($form->getInput(
'apache_enable_auth')) {
1154 $this->
ilias->setSetting(
'apache_active',
true);
1156 $this->
ilias->setSetting(
'apache_active',
false);
1168 ilUtil::sendSuccess($this->lng->txt(
'apache_settings_changed_success'),
true);
1169 $this->ctrl->redirect($this,
'apacheAuthSettings');
1177 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
1180 $form->setFormAction($this->ctrl->getFormAction($this));
1181 $form->setTitle($this->lng->txt(
'apache_settings'));
1183 $chb_enabled =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_auth'),
'apache_enable_auth');
1184 $form->addItem($chb_enabled);
1186 $chb_local_create_account =
new ilCheckboxInputGUI($this->lng->txt(
'apache_autocreate'),
'apache_local_autocreate');
1187 $chb_enabled->addSubitem($chb_local_create_account);
1193 $select =
new ilSelectInputGUI($this->lng->txt(
'apache_default_role'),
'apache_default_role');
1194 $roleOptions = array();
1195 foreach ($roles as $role) {
1198 $select->setOptions($roleOptions);
1199 $select->setValue(4);
1201 $chb_local_create_account->addSubitem($select);
1203 $chb_local =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_local'),
'apache_enable_local');
1204 $form->addItem($chb_local);
1206 $chb_ldap =
new ilCheckboxInputGUI($this->lng->txt(
'apache_enable_ldap'),
'apache_enable_ldap');
1207 $chb_ldap->setInfo($this->lng->txt(
'apache_ldap_hint_ldap_must_be_configured'));
1209 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'auth');
1210 include_once
'./Services/LDAP/classes/class.ilLDAPServer.php';
1212 if (count($servers)) {
1213 $ldap_server_select =
new ilSelectInputGUI($this->lng->txt(
'auth_ldap_server_ds'),
'apache_ldap_sid');
1214 $options[0] = $this->lng->txt(
'select_one');
1215 foreach ($servers as $server_id) {
1217 $options[$server_id] = $ldap_server->getName();
1219 $ldap_server_select->setOptions($options);
1220 $ldap_server_select->setRequired(
true);
1223 $ldap_server_select->setValue($ds);
1225 $chb_ldap->addSubItem($ldap_server_select);
1227 $form->addItem($chb_ldap);
1229 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_name'),
'apache_auth_indicator_name');
1230 $txt->setRequired(
true);
1231 $form->addItem(
$txt);
1233 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_indicator_value'),
'apache_auth_indicator_value');
1234 $txt->setRequired(
true);
1235 $form->addItem(
$txt);
1238 $chb =
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_enable_override_login'),
'apache_auth_enable_override_login_page');
1239 $form->addItem($chb);
1241 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_target_override_login'),
'apache_auth_target_override_login_page');
1242 $txt->setRequired(
true);
1243 $chb->addSubItem(
$txt);
1245 $chb =
new ilCheckboxInputGUI($this->lng->txt(
'apache_auth_authenticate_on_login_page'),
'apache_auth_authenticate_on_login_page');
1246 $form->addItem($chb);
1249 $sec->setTitle($this->lng->txt(
'apache_auth_username_config'));
1250 $form->addItem($sec);
1252 $rag =
new ilRadioGroupInputGUI($this->lng->txt(
'apache_auth_username_config_type'),
'apache_auth_username_config_type');
1253 $form->addItem($rag);
1255 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_direct_mapping'), 1);
1256 $rag->addOption($rao);
1258 $txt =
new ilTextInputGUI($this->lng->txt(
'apache_auth_username_direct_mapping_fieldname'),
'apache_auth_username_direct_mapping_fieldname');
1260 $rao->addSubItem(
$txt);
1262 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_extended_mapping'), 2);
1263 $rao->setDisabled(
true);
1264 $rag->addOption($rao);
1266 $rao =
new ilRadioOption($this->lng->txt(
'apache_auth_username_by_function'), 3);
1267 $rag->addOption($rao);
1273 $sec->setTitle($this->lng->txt(
'apache_auth_security'));
1274 $form->addItem($sec);
1277 $txt->setInfo($this->lng->txt(
'apache_auth_domains_description'));
1279 $form->addItem(
$txt);
1281 if ($this->access->checkAccess(
'write',
'', $this->ref_id)) {
1282 $form->addCommandButton(
'saveApacheSettings', $this->lng->txt(
'save'));
1284 $form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
1291 return join(
"\n", preg_split(
"/[\r\n]+/", $text));
1297 $this->ctrl->redirect($registration_gui);
1306 switch ($a_form_id) {
1308 require_once
'Services/Captcha/classes/class.ilCaptchaUtil.php';
1309 $fields_login = array(
1313 $fields_registration = array(
1318 return array(
'adm_auth_login' => array(
'authSettings', $fields_login),
'adm_auth_reg' => array(
'registrationSettings', $fields_registration));
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
An exception for terminatinating execution or to throw for unit testing.
const AUTH_OPENID_CONNECT
Login page editor settings GUI ILIAS page editor or richtext editor.
static _getInstance()
Get instance.
Class ilAuthShibbolethSettingsGUI.
static _getActiveAuthModes()
static getAuthPlugins()
Get active enabled auth plugins.
static _getAllAuthModes()
static _getAuthModeName($a_auth_key)
static checkFreetype()
Check whether captcha support is active.
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getDataSource($a_auth_mode)
static getInstanceByServerId($a_server_id)
Get instance by server id.
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
static getServerIds()
Get all server ids @global ilDB $ilDB.
Class ilObjAuthSettingsGUI.
validateApacheAuthAllowedDomains($text)
getAdminTabs()
administration tabs show only permissions and trash folder
setSubTabs($a_tab)
set sub tabs
addToExternalSettingsForm($a_form_id)
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
getApacheAuthSettingsForm()
updateAuthModeDeterminationObject()
update auth mode determination
loginInfoObject()
displays login information of all installed languages
registrationSettingsObject()
executeCommand()
Execute command.
apacheAuthSettingsObject($form=false)
getAuthModeTitle()
get the title of auth mode
saveApacheSettingsObject()
editSOAPObject()
Configure soap settings.
cancelObject()
cancel action and go back to previous page @access public
authSettingsObject()
display settings menu
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
testSoapAuthConnectionObject()
initAuthModeDetermination()
init auth mode determinitation form
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
getTabs()
get tabs @access public
editScriptObject()
Configure Custom settings.
static _lookupRegisterAllowed()
get all roles that are activated in user registration
static _updateAuthMode($a_roles)
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Class ilObjectGUI Basic methods of all Output classes.
prepareOutput($a_show_subobjects=true)
prepare output
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
static _lookupTitle($a_id)
lookup object title
Class ilOpenIdConnectSettingsGUI.
static getInstance()
Get singleton instance.
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
This class represents an option in a radio group.
Class ilRegistrationSettingsGUI.
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
static getIdpIdByAuthMode(string $a_auth_mode)
static isAuthModeSaml(string $a_auth_mode)
static getInstanceByIdpId(int $a_idp_id)
special template class to simplify handling of ITX/PEAR
This class represents a text area property in a property form.
This class represents a text property in a property form.
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
if($err=$client->getError()) $namespace
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
redirection script todo: (a better solution should control the processing via a xml file)