ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
16class ilObjAuthSettingsGUI extends ilObjectGUI
17{
18
22 private $dic;
23
28 public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
29 {
30 global $DIC;
31
32 $this->dic = $DIC;
33 $this->type = "auth";
34 parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
35
36 $this->lng->loadLanguageModule('registration');
37 $this->lng->loadLanguageModule('auth');
38
39 define('LDAP_DEFAULT_PORT', 389);
40 define('RADIUS_DEFAULT_PORT', 1812);
41 }
42
43
44
45 public function viewObject()
46 {
47 return $this->authSettingsObject();
48 }
49
50
56 public function authSettingsObject()
57 {
58 global $DIC;
59
60 $rbacsystem = $DIC['rbacsystem'];
61 $ilSetting = $DIC['ilSetting'];
62
63 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
64 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
65 }
66
67 $this->tabs_gui->setTabActive('authentication_settings');
68 $this->setSubTabs('authSettings');
69 $this->tabs_gui->setSubTabActive("auth_settings");
70
71 $generalSettingsTpl = new ilTemplate('tpl.auth_general.html', true, true, 'Services/Authentication');
72
73 $generalSettingsTpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
74 $generalSettingsTpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
75
76 $generalSettingsTpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
77 $generalSettingsTpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
78 $generalSettingsTpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
79 $generalSettingsTpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
80
81 $generalSettingsTpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
82 $generalSettingsTpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
83 $generalSettingsTpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
84
85 $generalSettingsTpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
86
87 $generalSettingsTpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
88 $generalSettingsTpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
89
90 $generalSettingsTpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
91
92 $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
93 $auth_modes = ilAuthUtils::_getAllAuthModes();
94 $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE,AUTH_OPENID_CONNECT);
95 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
96 // icon handlers
97 $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
98 $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
99
100
101 foreach ($auth_modes as $mode => $mode_name) {
102 if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
103 continue;
104 }
105
106 $generalSettingsTpl->setCurrentBlock('auth_mode');
107
108 if (ilLDAPServer::isAuthModeLDAP($mode)) {
109 $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
110 $generalSettingsTpl->setVariable("AUTH_NAME", $server->getName());
111 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
112 } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
113 $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
114 $generalSettingsTpl->setVariable('AUTH_NAME', $idp->getEntityId());
115 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
116 } elseif ($mode === AUTH_OPENID_CONNECT) {
117 $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
118 $generalSettingsTpl->setVariable('AUTH_ACTIVE', ilOpenIdConnectSettings::getInstance()->getActive() ? $icon_ok : $icon_not_ok);
119 } else {
120 $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
121 $generalSettingsTpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
122 }
123
124 if ($ilSetting->get('auth_mode') == $mode) {
125 $generalSettingsTpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
126
127 $generalSettingsTpl->setVariable(
128 "AUTH_USER_NUM",
129 ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
130 ": " . $auth_cnt["default"] . ")"
131 );
132 } else {
133 $generalSettingsTpl->setVariable(
134 "AUTH_USER_NUM",
135 (int) $auth_cnt[$mode_name]
136 );
137 }
138 $generalSettingsTpl->setVariable("AUTH_ID", $mode_name);
139 $generalSettingsTpl->setVariable("AUTH_VAL", $mode);
140 $generalSettingsTpl->parseCurrentBlock();
141 }
142
143 $generalSettingsTpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
144
145 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
146 $generalSettingsTpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
147 $generalSettingsTpl->setCurrentBlock('auth_mode_submit');
148 $generalSettingsTpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
149 $generalSettingsTpl->setVariable("CMD_SUBMIT", "setAuthMode");
150 $generalSettingsTpl->parseCurrentBlock();
151 }
152
153 // auth mode determinitation
154 if ($this->initAuthModeDetermination()) {
155 $generalSettingsTpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
156 }
157
158 // roles table
159 $generalSettingsTpl->setVariable(
160 "FORMACTION_ROLES",
161 $this->ctrl->getFormAction($this)
162 );
163 $generalSettingsTpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
164 $generalSettingsTpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
165 $generalSettingsTpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
166 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
167 $generalSettingsTpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
168 $generalSettingsTpl->setVariable('BTN_SUBMIT_ROLES', $this->lng->txt('save'));
169 }
170
171 include_once("./Services/AccessControl/classes/class.ilObjRole.php");
172 $reg_roles = ilObjRole::_lookupRegisterAllowed();
173
174 // auth mode selection
175 include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
176 $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
177
178 foreach ($reg_roles as $role) {
179 foreach ($active_auth_modes as $auth_name => $auth_key) {
180 // do not list auth modes with external login screen
181 // even not default, because it can easily be set to
182 // a non-working auth mode
183 if ($auth_name == "default" || $auth_name == "cas"
184 || $auth_name == 'saml'
185 || $auth_name == "shibboleth" || $auth_name == 'ldap'
186 || $auth_name == 'apache' || $auth_name == "ecs"
187 || $auth_name == "openid") {
188 continue;
189 }
190
191 $generalSettingsTpl->setCurrentBlock("auth_mode_selection");
192
193 if ($auth_name == 'default') {
194 $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
195 } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
196 $server = ilLDAPServer::getInstanceByServerId($id);
197 $name = $server->getName();
198 } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
199 $idp = ilSamlIdp::getInstanceByIdpId($id);
200 $name = $idp->getEntityId();
201 } else {
202 $name = $this->lng->txt('auth_' . $auth_name);
203 }
204
205 $generalSettingsTpl->setVariable("AUTH_MODE_NAME", $name);
206
207 $generalSettingsTpl->setVariable("AUTH_MODE", $auth_name);
208
209 if ($role['auth_mode'] == $auth_name) {
210 $generalSettingsTpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
211 }
212
213 $generalSettingsTpl->parseCurrentBlock();
214 }
215
216 $generalSettingsTpl->setCurrentBlock("roles");
217 $generalSettingsTpl->setVariable("ROLE", $role['title']);
218 $generalSettingsTpl->setVariable("ROLE_ID", $role['id']);
219 $generalSettingsTpl->parseCurrentBlock();
220 }
221
222 $this->tpl->setContent($generalSettingsTpl->get());
223 }
224
225
232 public function loginInfoObject()
233 {
234 global $DIC;
235
236 $rbacsystem = $DIC['rbacsystem'];
237 $lng = $DIC['lng'];
238 $ilSetting = $DIC['ilSetting'];
239
240 if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
241 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
242 }
243
244 $this->tabs_gui->setTabActive("authentication_settings");
245 $this->setSubTabs("authSettings");
246 $this->tabs_gui->setSubTabActive("auth_login_editor");
247
248 $lng->loadLanguageModule("meta");
249
250 $this->tpl->addBlockFile(
251 "ADM_CONTENT",
252 "adm_content",
253 "tpl.auth_login_messages.html",
254 "Services/Authentication"
255 );
256 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
257 $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
258 $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
259 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
260 $this->initLoginForm();
261 $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
262 }
263
264
265 public function cancelObject()
266 {
267 $this->ctrl->redirect($this, "authSettings");
268 }
269
270 public function setAuthModeObject()
271 {
272 global $DIC;
273
274 $rbacsystem = $DIC['rbacsystem'];
275 $ilSetting = $DIC['ilSetting'];
276
277 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
278 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
279 }
280
281 if (empty($_POST["auth_mode"])) {
282 $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
283 }
284
285 $current_auth_mode = $ilSetting->get('auth_mode', '');
286 if ($_POST["auth_mode"] == $current_auth_mode) {
287 ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
288 $this->ctrl->redirect($this, 'authSettings');
289 }
290
291 switch ($_POST["auth_mode"]) {
292 case AUTH_SAML:
293 break;
294
295 case AUTH_LDAP:
296
297 /*
298 if ($this->object->checkAuthLDAP() !== true)
299 {
300 ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
301 ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
302 }
303 */
304 break;
305
306 // @fix changed from AUTH_SHIB > is not defined
307 case AUTH_SHIBBOLETH:
308 if ($this->object->checkAuthSHIB() !== true) {
309 ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
310 ilUtil::redirect(
311 $this->getReturnLocation(
312 'authSettings',
313 $this->ctrl->getLinkTargetByClass(
314 ilAuthShibbolethSettingsGUI::class,
315 'settings',
316 '',
317 false,
318 false
319 )
320 )
321 );
322 }
323 break;
324
325 case AUTH_RADIUS:
326 if ($this->object->checkAuthRADIUS() !== true) {
327 ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
328 $this->ctrl->redirect($this, 'editRADIUS');
329 }
330 break;
331
332 case AUTH_SCRIPT:
333 if ($this->object->checkAuthScript() !== true) {
334 ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
335 ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
336 }
337 break;
338 }
339
340 $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
341
342 ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
343 $this->ctrl->redirect($this, 'authSettings');
344 }
345
351 public function editSOAPObject()
352 {
353 global $DIC;
354
355 $rbacsystem = $DIC['rbacsystem'];
356 $rbacreview = $DIC['rbacreview'];
357 $ilSetting = $DIC['ilSetting'];
358 $ilCtrl = $DIC['ilCtrl'];
359 $lng = $DIC['lng'];
360
361 if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
362 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
363 }
364
365 $this->tabs_gui->setTabActive('auth_soap');
366
367 //set Template
368 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
369
370 // compose role list
371 $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
372 $roles = array();
373
374 foreach ($role_list as $role) {
375 $roles[$role['obj_id']] = $role['title'];
376 }
377
378 //set property form gui
379 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
380
381 $soap_config = new ilPropertyFormGUI();
382 $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
383 $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
384 $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
385 if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
386 $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
387 $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
388 }
389 //set activ
390 $active = new ilCheckboxInputGUI();
391 $active->setTitle($this->lng->txt("active"));
392 $active->setPostVar("soap[active]");
393
394 //set server
395 $server = new ilTextInputGUI();
396 $server->setTitle($this->lng->txt("server"));
397 $server->setInfo($this->lng->txt("auth_soap_server_desc"));
398 $server->setPostVar("soap[server]");
399 $server->setSize(50);
400 $server->setMaxLength(256);
401 $server->setRequired(true);
402
403 //set port
404 $port = new ilTextInputGUI();
405 $port->setTitle($this->lng->txt("port"));
406 $port->setInfo($this->lng->txt("auth_soap_port_desc"));
407 $port->setPostVar("soap[port]");
408 $port->setSize(7);
409 $port->setMaxLength(5);
410
411 //set https
412 $https = new ilCheckboxInputGUI();
413 $https->setTitle($this->lng->txt("auth_soap_use_https"));
414 $https->setPostVar("soap[use_https]");
415
416 //set uri
417 $uri = new ilTextInputGUI();
418 $uri->setTitle($this->lng->txt("uri"));
419 $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
420 $uri->setPostVar("soap[uri]");
421 $uri->setSize(50);
422 $uri->setMaxLength(256);
423
424 //set namespace
425 $namespace = new ilTextInputGUI();
426 $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
427 $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
428 $namespace->setPostVar("soap[namespace]");
429 $namespace->setSize(50);
430 $namespace->setMaxLength(256);
431
432 //set dotnet
433 $dotnet = new ilCheckboxInputGUI();
434 $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
435 $dotnet->setPostVar("soap[use_dotnet]");
436
437 //set create users
438 $createuser = new ilCheckboxInputGUI();
439 $createuser->setTitle($this->lng->txt("auth_create_users"));
440 $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
441 $createuser->setPostVar("soap[create_users]");
442
443 //set account mail
444 $sendmail = new ilCheckboxInputGUI();
445 $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
446 $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
447 $sendmail->setPostVar("soap[account_mail]");
448
449 //set user default role
450 $defaultrole = new ilSelectInputGUI();
451 $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
452 $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
453 $defaultrole->setPostVar("soap[user_default_role]");
454 $defaultrole->setOptions($roles);
455
456 //set allow local authentication
457 $allowlocal = new ilCheckboxInputGUI();
458 $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
459 $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
460 $allowlocal->setPostVar("soap[allow_local]");
461
462 // get all settings
463 $settings = $ilSetting->getAll();
464
465 // get values in error case
466 if ($_SESSION["error_post_vars"]) {
467 $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
468 $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
469 $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
470 $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
471 $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
472 $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
473 $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
474 $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
475 $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
476 $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
477 $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
478 } else {
479 $active ->setChecked($settings["soap_auth_active"]);
480 $server ->setValue($settings["soap_auth_server"]);
481 $port ->setValue($settings["soap_auth_port"]);
482 $https ->setChecked($settings["soap_auth_use_https"]);
483 $uri ->setValue($settings["soap_auth_uri"]);
484 $namespace ->setValue($settings["soap_auth_namespace"]);
485 $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
486 $createuser ->setChecked($settings["soap_auth_create_users"]);
487 $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
488 $defaultrole->setValue($settings["soap_auth_user_default_role"]);
489 $sendmail ->setChecked($settings["soap_auth_account_mail"]);
490 }
491
492 if (!$defaultrole->getValue()) {
493 $defaultrole->setValue(4);
494 }
495
496 //add Items to property gui
497 $soap_config->addItem($active);
498 $soap_config->addItem($server);
499 $soap_config->addItem($port);
500 $soap_config->addItem($https);
501 $soap_config->addItem($uri);
502 $soap_config->addItem($namespace);
503 $soap_config->addItem($dotnet);
504 $soap_config->addItem($createuser);
505 $soap_config->addItem($sendmail);
506 $soap_config->addItem($defaultrole);
507 $soap_config->addItem($allowlocal);
508
509 $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
510
511 // test form
512 $form = new ilPropertyFormGUI();
513 $form->setFormAction($ilCtrl->getFormAction($this));
514 $form->setTitle("Test Request");
515 $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
516 $form->addItem($text_prop);
517 $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
518 $form->addItem($text_prop2);
519 $cb = new ilCheckboxInputGUI("new_user", "new_user");
520 $form->addItem($cb);
521
522 $form->addCommandButton(
523 "testSoapAuthConnection",
524 "Send"
525 );
526
527 if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
528 include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
529 $ret = "<br />" . ilSOAPAuth::testConnection(
530 ilUtil::stripSlashes($_POST["ext_uid"]),
531 ilUtil::stripSlashes($_POST["soap_pw"]),
532 (boolean) $_POST["new_user"]
533 );
534 }
535 $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
536 }
537
538 public function testSoapAuthConnectionObject()
539 {
540 $this->editSOAPObject();
541 }
542
548 public function saveSOAPObject()
549 {
550 global $DIC;
551
552 $ilUser = $DIC['ilUser'];
553 $ilSetting = $DIC['ilSetting'];
554 $rbacsystem = $DIC['rbacsystem'];
555
556 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
557 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
558 }
559
560 // validate required data
561 if (!$_POST["soap"]["server"]) {
562 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
563 }
564
565 // validate port
566 if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
567 $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
568 }
569
570 $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
571 $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
572 $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
573 $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
574 $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
575 $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
576 $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
577 $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
578 $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
579 $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
580 $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
581 ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
582
583 $this->ctrl->redirect($this, 'editSOAP');
584 }
585
591 public function editScriptObject()
592 {
593 global $DIC;
594
595 $rbacsystem = $DIC['rbacsystem'];
596
597 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
598 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
599 }
600
601 if ($_SESSION["error_post_vars"]) {
602 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
603 } else {
604 // set already saved data
605 $settings = $this->ilias->getAllSettings();
606
607 $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
608 }
609
610 $this->tabs_gui->setTabActive('auth_script');
611
612 $this->tpl->addBlockFile(
613 "ADM_CONTENT",
614 "adm_content",
615 "tpl.auth_script.html",
616 "Services/Authentication"
617 );
618
619 $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
620 $this->tpl->setVariable("COLSPAN", 3);
621 $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
622 $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
623 $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
624
625 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
626 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
627 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
628 $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
629 }
630
636 public function saveScriptObject()
637 {
638 // validate required data
639 if (!$_POST["auth_script"]["name"]) {
640 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
641 }
642
643 // validate script url
644 /*
645 if (( TODO ,$_POST["ldap"]["server"])) == false)
646 {
647 $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
648 }*/
649
650 // TODO: check connection to server
651
652 // all ok. save settings and activate auth by external script
653 $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
654 $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
655
656 ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
657 $this->ctrl->redirect($this, 'editScript');
658 }
659
660
667 public function getAuthModeTitle()
668 {
669 switch ($this->ilias->getSetting("auth_mode")) {
670 case AUTH_LOCAL:
671 return $this->lng->txt("auth_local");
672 break;
673
674 case AUTH_LDAP:
675 return $this->lng->txt("auth_ldap");
676 break;
677
678 case AUTH_SHIBBOLETH:
679 return $this->lng->txt("auth_shib");
680 break;
681
682 case AUTH_SAML:
683 return $this->lng->txt("auth_saml");
684 break;
685
686 case AUTH_RADIUS:
687 return $this->lng->txt("auth_radius");
688 break;
689
690 case AUTH_SCRIPT:
691 return $this->lng->txt("auth_script");
692 break;
693
694 case AUTH_APACHE:
695 return $this->lng->txt("auth_apache");
696 break;
697
698 default:
699 return $this->lng->txt("unknown");
700 break;
701 }
702 }
703
704 public function updateAuthRolesObject()
705 {
706 global $DIC;
707
708 $rbacsystem = $DIC['rbacsystem'];
709
710 if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
711 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
712 }
713
714 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
715 ilObjRole::_updateAuthMode($_POST['Fobject']);
716
717 ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
718 $this->ctrl->redirect($this, 'authSettings');
719 }
720
726 protected function initAuthModeDetermination()
727 {
728 if (is_object($this->form)) {
729 return true;
730 }
731
732 include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
733 $this->form = new ilPropertyFormGUI();
734 $this->form->setFormAction($this->ctrl->getFormAction($this));
735 $this->form->setTableWidth('100%');
736 $this->form->setTitle($this->lng->txt('auth_auth_settings'));
737
738 if ($this->access->checkAccess('write', '', $this->object->getRefId())) {
739 $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
740 }
741
742 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
743 $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
744 $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
745 $cap->setValue(1);
746 if (!ilCaptchaUtil::checkFreetype()) {
747 $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
748 }
749 $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
750 $this->form->addItem($cap);
751
752 // Are there any authentication methods that support automatic determination ?
753 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
754 $det = ilAuthModeDetermination::_getInstance();
755 if ($det->getCountActiveAuthModes() <= 1) {
756 return true;
757 }
758
759 $header = new ilFormSectionHeaderGUI();
760 $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
761 $this->form->addItem($header);
762
763 $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
764 $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
765 $kind->setValue($det->getKind());
766 $kind->setRequired(true);
767
768 $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
769 $kind->addOption($option_user);
770
771 $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
772
773 include_once('Services/Authentication/classes/class.ilAuthUtils.php');
774
775 $auth_sequenced = $det->getAuthModeSequence();
776 $counter = 1;
777 foreach ($auth_sequenced as $auth_mode) {
778 switch ($auth_mode) {
779 // begin-patch ldap_multiple
780 case ilLDAPServer::isAuthModeLDAP($auth_mode):
781 $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
782 $server = ilLDAPServer::getInstanceByServerId($auth_id);
783 $text = $server->getName();
784 // end-patch ldap_multiple
785 break;
786 case AUTH_RADIUS:
787 $text = $this->lng->txt('auth_radius');
788 break;
789 case AUTH_LOCAL:
790 $text = $this->lng->txt('auth_local');
791 break;
792 case AUTH_SOAP:
793 $text = $this->lng->txt('auth_soap');
794 break;
795 case AUTH_APACHE:
796 $text = $this->lng->txt('auth_apache');
797 break;
798 // begin-patch auth_plugin
799 default:
800 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
801 $option = $pl->getMultipleAuthModeOptions($auth_mode);
802 $text = $option[$auth_mode]['txt'];
803 }
804 break;
805 // end-patch auth_plugin
806 }
807
808 $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
809 $pos->setValue($counter++);
810 $pos->setSize(1);
811 $pos->setMaxLength(1);
812 $option_determination->addSubItem($pos);
813 }
814 $kind->addOption($option_determination);
815 $this->form->addItem($kind);
816 return true;
817 }
818
825 public function updateAuthModeDeterminationObject()
826 {
827 include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
828 $det = ilAuthModeDetermination::_getInstance();
829
830 $det->setKind((int) $_POST['kind']);
831
832 $pos = $_POST['position'] ? $_POST['position'] : array();
833 asort($pos, SORT_NUMERIC);
834
835 $counter = 0;
836 foreach ($pos as $auth_mode => $dummy) {
837 $position[$counter++] = $auth_mode;
838 }
839 $det->setAuthModeSequence($position ? $position : array());
840 $det->save();
841
842 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
843 ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
844
845 ilUtil::sendSuccess($this->lng->txt('settings_saved'));
846 $this->authSettingsObject();
847 }
848
855 public function executeCommand()
856 {
857 global $DIC;
858
859 $ilAccess = $DIC['ilAccess'];
860 $ilErr = $DIC['ilErr'];
861
862
863 $next_class = $this->ctrl->getNextClass($this);
864 $cmd = $this->ctrl->getCmd();
865 $this->prepareOutput();
866
867 if (!$DIC->rbac()->system()->checkAccess("visible,read", $this->object->getRefId())) {
868 $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
869 }
870
871 switch ($next_class) {
872 case 'ilopenidconnectsettingsgui':
873
874 $this->tabs_gui->activateTab('auth_oidconnect');
875
876 $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
877 $this->ctrl->forwardCommand($oid);
878 break;
879
880 case 'ilsamlsettingsgui':
881 $this->tabs_gui->setTabActive('auth_saml');
882
883 require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
884 $os = new ilSamlSettingsGUI($this->object->getRefId());
885 $this->ctrl->forwardCommand($os);
886 break;
887
888 case 'ilregistrationsettingsgui':
889
890 include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
891
892 // Enable tabs
893 $this->tabs_gui->setTabActive('registration_settings');
894 $registration_gui = new ilRegistrationSettingsGUI();
895 $this->ctrl->forwardCommand($registration_gui);
896 break;
897
898 case 'ilpermissiongui':
899
900 // Enable tabs
901 $this->tabs_gui->setTabActive('perm_settings');
902
903 include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
904 $perm_gui = new ilPermissionGUI($this);
905 $ret = &$this->ctrl->forwardCommand($perm_gui);
906 break;
907
908 case 'illdapsettingsgui':
909
910 // Enable Tabs
911 $this->tabs_gui->setTabActive('auth_ldap');
912
913 include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
914 $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
915 $this->ctrl->forwardCommand($ldap_settings_gui);
916 break;
917
918 case 'ilauthshibbolethsettingsgui':
919
920 $this->tabs_gui->setTabActive('auth_shib');
921 include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
922 $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
923 $this->ctrl->forwardCommand($shib_settings_gui);
924 break;
925
926 case 'ilcassettingsgui':
927
928 $this->tabs_gui->setTabActive('auth_cas');
929 include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
930 $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
931 $this->ctrl->forwardCommand($cas_settings);
932 break;
933
934 case 'ilradiussettingsgui':
935
936 $this->tabs_gui->setTabActive('auth_radius');
937 include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
938 $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
939 $this->ctrl->forwardCommand($radius_settings_gui);
940 break;
941
942
943 case 'ilauthloginpageeditorgui':
944
945 $this->setSubTabs("authSettings");
946 $this->tabs_gui->setTabActive('authentication_settings');
947 $this->tabs_gui->setSubTabActive("auth_login_editor");
948
949 include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
950 $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
951 $this->ctrl->forwardCommand($lpe);
952 break;
953
954 default:
955 if (!$cmd) {
956 $cmd = "authSettings";
957 }
958 $cmd .= "Object";
959 $this->$cmd();
960
961 break;
962 }
963 return true;
964 }
965
966 public function getAdminTabs()
967 {
968 $this->getTabs();
969 }
970
976 public function getTabs()
977 {
978 global $DIC;
979
980 $rbacsystem = $DIC['rbacsystem'];
981
982 $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
983
984 if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
985 $this->tabs_gui->addTarget(
986 "authentication_settings",
987 $this->ctrl->getLinkTarget($this, "authSettings"),
988 "",
989 "",
990 ""
991 );
992
993 $this->tabs_gui->addTarget(
994 'registration_settings',
995 $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
996 );
997
998 $this->tabs_gui->addTarget(
999 "auth_ldap",
1000 $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
1001 "",
1002 "",
1003 ""
1004 );
1005
1006
1007 #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1008 # "", "", "");
1009
1010 $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
1011
1012 $this->tabs_gui->addTarget(
1013 'auth_cas',
1014 $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
1015 );
1016
1017 $this->tabs_gui->addTarget(
1018 "auth_radius",
1019 $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
1020 "",
1021 "",
1022 ""
1023 );
1024
1025 $this->tabs_gui->addTarget(
1026 "auth_soap",
1027 $this->ctrl->getLinkTarget($this, "editSOAP"),
1028 "",
1029 "",
1030 ""
1031 );
1032
1033 $this->tabs_gui->addTarget(
1034 "apache_auth_settings",
1035 $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1036 "",
1037 "",
1038 ""
1039 );
1040
1041 require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1042 $this->tabs_gui->addTarget(
1043 'auth_saml',
1044 $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1045 '',
1046 '',
1047 ''
1048 );
1049
1050 $this->tabs_gui->addTab(
1051 'auth_oidconnect',
1052 $this->lng->txt('auth_oidconnect'),
1053 $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1054 );
1055 }
1056
1057 if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1058 $this->tabs_gui->addTarget(
1059 "perm_settings",
1060 $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1061 array("perm","info","owner"),
1062 'ilpermissiongui'
1063 );
1064 }
1065 }
1066
1070 public function setSubTabs($a_tab)
1071 {
1072 global $DIC;
1073
1074 $rbacsystem = $DIC['rbacsystem'];
1075 $ilUser = $DIC['ilUser'];
1076 $ilAccess = $DIC['ilAccess'];
1077
1078 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1079
1080 switch ($a_tab) {
1081 case 'authSettings':
1082 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1083 $this->tabs_gui->addSubTabTarget(
1084 "auth_settings",
1085 $this->ctrl->getLinkTarget($this, 'authSettings'),
1086 ""
1087 );
1088 }
1089 if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1090 $this->tabs_gui->addSubTabTarget(
1091 'auth_login_editor',
1092 $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1093 ''
1094 );
1095 }
1096 break;
1097 }
1098 }
1099
1100
1101 public function apacheAuthSettingsObject($form = false)
1102 {
1103 global $DIC;
1104
1105 $tpl = $DIC['tpl'];
1106
1107 $this->tabs_gui->setTabActive("apache_auth_settings");
1108
1109 if (!$form) {
1110 $form = $this->getApacheAuthSettingsForm();
1111
1112 $settings = new ilSetting('apache_auth');
1113 $settingsMap = $settings->getAll();
1114
1115 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1116 if (file_exists($path) && is_readable($path)) {
1117 $settingsMap['apache_auth_domains'] = file_get_contents($path);
1118 }
1119
1120 $form->setValuesByArray($settingsMap);
1121 }
1122 $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1123 }
1124
1125 public function saveApacheSettingsObject()
1126 {
1127 global $DIC;
1128
1129 $ilCtrl = $DIC['ilCtrl'];
1130 $form = $this->getApacheAuthSettingsForm();
1131 $form->setValuesByPost();
1132 /*$items = $form->getItems();
1133 foreach($items as $item)
1134 $item->validate();*/
1135 if ($form->checkInput()) {
1136 $settings = new ilSetting('apache_auth');
1137 $fields = array(
1138 'apache_auth_indicator_name', 'apache_auth_indicator_value',
1139 'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1140 'apache_enable_ldap', 'apache_auth_username_config_type',
1141 'apache_auth_username_direct_mapping_fieldname',
1142 'apache_default_role', 'apache_auth_target_override_login_page',
1143 'apache_auth_enable_override_login_page',
1144 'apache_auth_authenticate_on_login_page',
1145 'apache_ldap_sid'
1146// 'apache_auth_username_by_function_functionname',
1147 );
1148
1149 foreach ($fields as $field) {
1150 $settings->set($field, $form->getInput($field));
1151 }
1152
1153 if ($form->getInput('apache_enable_auth')) {
1154 $this->ilias->setSetting('apache_active', true);
1155 } else {
1156 $this->ilias->setSetting('apache_active', false);
1157 global $DIC;
1158
1159 $ilSetting = $DIC['ilSetting'];
1160 if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1161 $ilSetting->set("auth_mode", AUTH_LOCAL);
1162 }
1163 }
1164
1165 $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1166 file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1167
1168 ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1169 $this->ctrl->redirect($this, 'apacheAuthSettings');
1170 } else {
1171 $this->apacheAuthSettingsObject($form);
1172 }
1173 }
1174
1175 public function getApacheAuthSettingsForm()
1176 {
1177 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1178
1179 $form = new ilPropertyFormGUI();
1180 $form->setFormAction($this->ctrl->getFormAction($this));
1181 $form->setTitle($this->lng->txt('apache_settings'));
1182
1183 $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1184 $form->addItem($chb_enabled);
1185
1186 $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1187 $chb_enabled->addSubitem($chb_local_create_account);
1188
1189 global $DIC;
1190
1191 $rbacreview = $DIC['rbacreview'];
1192 $roles = $rbacreview->getGlobalRolesArray();
1193 $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1194 $roleOptions = array();
1195 foreach ($roles as $role) {
1196 $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1197 }
1198 $select->setOptions($roleOptions);
1199 $select->setValue(4);
1200
1201 $chb_local_create_account->addSubitem($select);
1202
1203 $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1204 $form->addItem($chb_local);
1205
1206 $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1207 $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1208
1209 $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1210 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1211 $servers = ilLDAPServer::getServerIds();
1212 if (count($servers)) {
1213 $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1214 $options[0] = $this->lng->txt('select_one');
1215 foreach ($servers as $server_id) {
1216 $ldap_server = new ilLDAPServer($server_id);
1217 $options[$server_id] = $ldap_server->getName();
1218 }
1219 $ldap_server_select->setOptions($options);
1220 $ldap_server_select->setRequired(true);
1221
1222 $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1223 $ldap_server_select->setValue($ds);
1224
1225 $chb_ldap->addSubItem($ldap_server_select);
1226 }
1227 $form->addItem($chb_ldap);
1228
1229 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1230 $txt->setRequired(true);
1231 $form->addItem($txt);
1232
1233 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1234 $txt->setRequired(true);
1235 $form->addItem($txt);
1236
1237
1238 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1239 $form->addItem($chb);
1240
1241 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1242 $txt->setRequired(true);
1243 $chb->addSubItem($txt);
1244
1245 $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1246 $form->addItem($chb);
1247
1248 $sec = new ilFormSectionHeaderGUI();
1249 $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1250 $form->addItem($sec);
1251
1252 $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1253 $form->addItem($rag);
1254
1255 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1256 $rag->addOption($rao);
1257
1258 $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1259 //$txt->setRequired(true);
1260 $rao->addSubItem($txt);
1261
1262 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1263 $rao->setDisabled(true);
1264 $rag->addOption($rao);
1265
1266 $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1267 $rag->addOption($rao);
1268
1269 /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1270 $rao->addSubItem($txt);*/
1271
1272 $sec = new ilFormSectionHeaderGUI();
1273 $sec->setTitle($this->lng->txt('apache_auth_security'));
1274 $form->addItem($sec);
1275
1276 $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1277 $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1278
1279 $form->addItem($txt);
1280
1281 if ($this->access->checkAccess('write', '', $this->ref_id)) {
1282 $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1283 }
1284 $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1285
1286 return $form;
1287 }
1288
1289 private function validateApacheAuthAllowedDomains($text)
1290 {
1291 return join("\n", preg_split("/[\r\n]+/", $text));
1292 }
1293
1294 public function registrationSettingsObject()
1295 {
1296 $registration_gui = new ilRegistrationSettingsGUI();
1297 $this->ctrl->redirect($registration_gui);
1298 }
1299
1304 public function addToExternalSettingsForm($a_form_id)
1305 {
1306 switch ($a_form_id) {
1307 case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1308 require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1309 $fields_login = array(
1310 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1311 );
1312
1313 $fields_registration = array(
1314 'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1315 );
1316
1317
1318 return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1319 }
1320 }
1321} // END class.ilObjAuthSettingsGUI
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:17
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:20
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:18
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:16
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:14
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:258
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:747
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:324
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:196
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:32
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:324
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:385
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:226
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:17
ilObjAuthSettingsGUI\getAdminTabs
getAdminTabs()
administration tabs show only permissions and trash folder
Definition: class.ilObjAuthSettingsGUI.php:966
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor @access public.
Definition: class.ilObjAuthSettingsGUI.php:28
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode
Definition: class.ilObjAuthSettingsGUI.php:636
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:825
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:232
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:667
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:351
ilObjAuthSettingsGUI\cancelObject
cancelObject()
cancel action and go back to previous page @access public
Definition: class.ilObjAuthSettingsGUI.php:265
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:56
ilObjAuthSettingsGUI\viewObject
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
Definition: class.ilObjAuthSettingsGUI.php:45
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:726
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode
Definition: class.ilObjAuthSettingsGUI.php:548
ilObjAuthSettingsGUI\getTabs
getTabs()
get tabs @access public
Definition: class.ilObjAuthSettingsGUI.php:976
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:591
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:289
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:532
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3627
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:17
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:334
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1530
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
ilOpenIdConnectSettingsGUI
Class ilOpenIdConnectSettingsGUI.
Definition: class.ilOpenIdConnectSettingsGUI.php:12
ilOpenIdConnectSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdConnectSettings.php:163
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:20
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:34
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:32
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:37
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor @access public.
Definition: class.ilSOAPAuth.php:45
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode(string $a_auth_mode)
Definition: class.ilSamlIdp.php:213
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml(string $a_auth_mode)
Definition: class.ilSamlIdp.php:194
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId(int $a_idp_id)
Definition: class.ilSamlIdp.php:66
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:9
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:18
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:33
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:14
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:35
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3302
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4518
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:96
CLIENT_ID
const CLIENT_ID
Definition: constants.php:39
ILIAS_DATA_DIR
const ILIAS_DATA_DIR
Definition: constants.php:42
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
$server
$server
Definition: dummy_client.php:12
$txt
$txt
Definition: error.php:13
$DIC
global $DIC
Definition: goto.php:24
$https
$https
Definition: imgupload.php:19
$ilUser
$ilUser
Definition: imgupload.php:18
$name
if($format !==null) $name
Definition: metadata.php:230
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:40
ilias
redirection script todo: (a better solution should control the processing via a xml file)
$ret
$ret
Definition: parser.php:6
$ilSetting
global $ilSetting
Definition: privfeed.php:17