ILIAS  release_7 Revision v7.30-3-g800a261c036
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
16 class ilObjAuthSettingsGUI extends ilObjectGUI
17 {
18 
22  private $dic;
23 
28  public function __construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output = true)
29  {
30  global $DIC;
31 
32  $this->dic = $DIC;
33  $this->type = "auth";
34  parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
35 
36  $this->lng->loadLanguageModule('registration');
37  $this->lng->loadLanguageModule('auth');
38 
39  define('LDAP_DEFAULT_PORT', 389);
40  define('RADIUS_DEFAULT_PORT', 1812);
41  }
42 
43 
44 
45  public function viewObject()
46  {
47  return $this->authSettingsObject();
48  }
49 
50 
56  public function authSettingsObject()
57  {
58  global $DIC;
59 
60  $rbacsystem = $DIC['rbacsystem'];
61  $ilSetting = $DIC['ilSetting'];
62 
63  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
64  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
65  }
66 
67  $this->tabs_gui->setTabActive('authentication_settings');
68  $this->setSubTabs('authSettings');
69  $this->tabs_gui->setSubTabActive("auth_settings");
70 
71  $generalSettingsTpl = new ilTemplate('tpl.auth_general.html', true, true, 'Services/Authentication');
72 
73  $generalSettingsTpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
74  $generalSettingsTpl->setVariable("TXT_AUTH_TITLE", $this->lng->txt("auth_select"));
75 
76  $generalSettingsTpl->setVariable("TXT_AUTH_MODE", $this->lng->txt("auth_mode"));
77  $generalSettingsTpl->setVariable("TXT_AUTH_DEFAULT", $this->lng->txt("default"));
78  $generalSettingsTpl->setVariable("TXT_AUTH_ACTIVE", $this->lng->txt("active"));
79  $generalSettingsTpl->setVariable("TXT_AUTH_NUM_USERS", $this->lng->txt("num_users"));
80 
81  $generalSettingsTpl->setVariable("TXT_LOCAL", $this->lng->txt("auth_local"));
82  $generalSettingsTpl->setVariable("TXT_LDAP", $this->lng->txt("auth_ldap"));
83  $generalSettingsTpl->setVariable("TXT_SHIB", $this->lng->txt("auth_shib"));
84 
85  $generalSettingsTpl->setVariable("TXT_CAS", $this->lng->txt("auth_cas"));
86 
87  $generalSettingsTpl->setVariable("TXT_RADIUS", $this->lng->txt("auth_radius"));
88  $generalSettingsTpl->setVariable("TXT_SCRIPT", $this->lng->txt("auth_script"));
89 
90  $generalSettingsTpl->setVariable("TXT_APACHE", $this->lng->txt("auth_apache"));
91 
92  $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
93  $auth_modes = ilAuthUtils::_getAllAuthModes();
94  $valid_modes = array(AUTH_LOCAL,AUTH_LDAP,AUTH_SHIBBOLETH,AUTH_SAML,AUTH_CAS,AUTH_RADIUS,AUTH_APACHE,AUTH_OPENID_CONNECT);
95  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
96  // icon handlers
97  $icon_ok = "<img src=\"" . ilUtil::getImagePath("icon_ok.svg") . "\" alt=\"" . $this->lng->txt("enabled") . "\" title=\"" . $this->lng->txt("enabled") . "\" border=\"0\" vspace=\"0\"/>";
98  $icon_not_ok = "<img src=\"" . ilUtil::getImagePath("icon_not_ok.svg") . "\" alt=\"" . $this->lng->txt("disabled") . "\" title=\"" . $this->lng->txt("disabled") . "\" border=\"0\" vspace=\"0\"/>";
99 
100 
101  foreach ($auth_modes as $mode => $mode_name) {
102  if (!in_array($mode, $valid_modes) && !ilLDAPServer::isAuthModeLDAP($mode) && !ilSamlIdp::isAuthModeSaml($mode)) {
103  continue;
104  }
105 
106  $generalSettingsTpl->setCurrentBlock('auth_mode');
107 
108  if (ilLDAPServer::isAuthModeLDAP($mode)) {
109  $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
110  $generalSettingsTpl->setVariable("AUTH_NAME", $server->getName());
111  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
112  } elseif (ilSamlIdp::isAuthModeSaml($mode)) {
113  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
114  $generalSettingsTpl->setVariable('AUTH_NAME', $idp->getEntityId());
115  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
116  } elseif ($mode === AUTH_OPENID_CONNECT) {
117  $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
118  $generalSettingsTpl->setVariable('AUTH_ACTIVE', ilOpenIdConnectSettings::getInstance()->getActive() ? $icon_ok : $icon_not_ok);
119  } else {
120  $generalSettingsTpl->setVariable("AUTH_NAME", $this->lng->txt("auth_" . $mode_name));
121  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $this->ilias->getSetting($mode_name . '_active') || $mode == AUTH_LOCAL ? $icon_ok : $icon_not_ok);
122  }
123 
124  if ($ilSetting->get('auth_mode') == $mode) {
125  $generalSettingsTpl->setVariable("AUTH_CHECKED", "checked=\"checked\"");
126 
127  $generalSettingsTpl->setVariable(
128  "AUTH_USER_NUM",
129  ((int) $auth_cnt[$mode_name] + $auth_cnt["default"]) . " (" . $this->lng->txt("auth_per_default") .
130  ": " . $auth_cnt["default"] . ")"
131  );
132  } else {
133  $generalSettingsTpl->setVariable(
134  "AUTH_USER_NUM",
135  (int) $auth_cnt[$mode_name]
136  );
137  }
138  $generalSettingsTpl->setVariable("AUTH_ID", $mode_name);
139  $generalSettingsTpl->setVariable("AUTH_VAL", $mode);
140  $generalSettingsTpl->parseCurrentBlock();
141  }
142 
143  $generalSettingsTpl->setVariable("TXT_CONFIGURE", $this->lng->txt("auth_configure"));
144 
145  if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
146  $generalSettingsTpl->setVariable("TXT_AUTH_REMARK", $this->lng->txt("auth_remark_non_local_auth"));
147  $generalSettingsTpl->setCurrentBlock('auth_mode_submit');
148  $generalSettingsTpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
149  $generalSettingsTpl->setVariable("CMD_SUBMIT", "setAuthMode");
150  $generalSettingsTpl->parseCurrentBlock();
151  }
152 
153  // auth mode determinitation
154  if ($this->initAuthModeDetermination()) {
155  $generalSettingsTpl->setVariable('TABLE_AUTH_DETERMINATION', $this->form->getHTML());
156  }
157 
158  // roles table
159  $generalSettingsTpl->setVariable(
160  "FORMACTION_ROLES",
161  $this->ctrl->getFormAction($this)
162  );
163  $generalSettingsTpl->setVariable("TXT_AUTH_ROLES", $this->lng->txt("auth_active_roles"));
164  $generalSettingsTpl->setVariable("TXT_ROLE", $this->lng->txt("obj_role"));
165  $generalSettingsTpl->setVariable("TXT_ROLE_AUTH_MODE", $this->lng->txt("auth_role_auth_mode"));
166  if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
167  $generalSettingsTpl->setVariable("CMD_SUBMIT_ROLES", "updateAuthRoles");
168  $generalSettingsTpl->setVariable('BTN_SUBMIT_ROLES', $this->lng->txt('save'));
169  }
170 
171  include_once("./Services/AccessControl/classes/class.ilObjRole.php");
172  $reg_roles = ilObjRole::_lookupRegisterAllowed();
173 
174  // auth mode selection
175  include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
176  $active_auth_modes = ilAuthUtils::_getActiveAuthModes();
177 
178  foreach ($reg_roles as $role) {
179  foreach ($active_auth_modes as $auth_name => $auth_key) {
180  // do not list auth modes with external login screen
181  // even not default, because it can easily be set to
182  // a non-working auth mode
183  if ($auth_name == "default" || $auth_name == "cas"
184  || $auth_name == 'saml'
185  || $auth_name == "shibboleth" || $auth_name == 'ldap'
186  || $auth_name == 'apache' || $auth_name == "ecs"
187  || $auth_name == "openid") {
188  continue;
189  }
190 
191  $generalSettingsTpl->setCurrentBlock("auth_mode_selection");
192 
193  if ($auth_name == 'default') {
194  $name = $this->lng->txt('auth_' . $auth_name) . " (" . $this->lng->txt('auth_' . ilAuthUtils::_getAuthModeName($auth_key)) . ")";
195  } elseif ($id = ilLDAPServer::getServerIdByAuthMode($auth_key)) {
196  $server = ilLDAPServer::getInstanceByServerId($id);
197  $name = $server->getName();
198  } elseif ($id = ilSamlIdp::getIdpIdByAuthMode($auth_key)) {
199  $idp = ilSamlIdp::getInstanceByIdpId($id);
200  $name = $idp->getEntityId();
201  } else {
202  $name = $this->lng->txt('auth_' . $auth_name);
203  }
204 
205  $generalSettingsTpl->setVariable("AUTH_MODE_NAME", $name);
206 
207  $generalSettingsTpl->setVariable("AUTH_MODE", $auth_name);
208 
209  if ($role['auth_mode'] == $auth_name) {
210  $generalSettingsTpl->setVariable("SELECTED_AUTH_MODE", "selected=\"selected\"");
211  }
212 
213  $generalSettingsTpl->parseCurrentBlock();
214  }
215 
216  $generalSettingsTpl->setCurrentBlock("roles");
217  $generalSettingsTpl->setVariable("ROLE", $role['title']);
218  $generalSettingsTpl->setVariable("ROLE_ID", $role['id']);
219  $generalSettingsTpl->parseCurrentBlock();
220  }
221 
222  $this->tpl->setContent($generalSettingsTpl->get());
223  }
224 
225 
232  public function loginInfoObject()
233  {
234  global $DIC;
235 
236  $rbacsystem = $DIC['rbacsystem'];
237  $lng = $DIC['lng'];
238  $ilSetting = $DIC['ilSetting'];
239 
240  if (!$rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
241  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
242  }
243 
244  $this->tabs_gui->setTabActive("authentication_settings");
245  $this->setSubTabs("authSettings");
246  $this->tabs_gui->setSubTabActive("auth_login_editor");
247 
248  $lng->loadLanguageModule("meta");
249 
250  $this->tpl->addBlockFile(
251  "ADM_CONTENT",
252  "adm_content",
253  "tpl.auth_login_messages.html",
254  "Services/Authentication"
255  );
256  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
257  $this->tpl->setVariable("TXT_HEADLINE", $this->lng->txt("login_information"));
258  $this->tpl->setVariable("TXT_DESCRIPTION", $this->lng->txt("login_information_desc"));
259  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
260  $this->initLoginForm();
261  $this->tpl->setVariable('LOGIN_INFO', $this->form->getHTML());
262  }
263 
264 
265  public function cancelObject()
266  {
267  $this->ctrl->redirect($this, "authSettings");
268  }
269 
270  public function setAuthModeObject()
271  {
272  global $DIC;
273 
274  $rbacsystem = $DIC['rbacsystem'];
275  $ilSetting = $DIC['ilSetting'];
276 
277  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
278  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
279  }
280 
281  if (empty($_POST["auth_mode"])) {
282  $this->ilias->raiseError($this->lng->txt("auth_err_no_mode_selected"), $this->ilias->error_obj->MESSAGE);
283  }
284 
285  $current_auth_mode = $ilSetting->get('auth_mode', '');
286  if ($_POST["auth_mode"] == $current_auth_mode) {
287  ilUtil::sendInfo($this->lng->txt("auth_mode") . ": " . $this->getAuthModeTitle() . " " . $this->lng->txt("auth_mode_not_changed"), true);
288  $this->ctrl->redirect($this, 'authSettings');
289  }
290 
291  switch ($_POST["auth_mode"]) {
292  case AUTH_SAML:
293  break;
294 
295  case AUTH_LDAP:
296 
297  /*
298  if ($this->object->checkAuthLDAP() !== true)
299  {
300  ilUtil::sendInfo($this->lng->txt("auth_ldap_not_configured"),true);
301  ilUtil::redirect($this->getReturnLocation("authSettings",$this->ctrl->getLinkTarget($this,"editLDAP", "", false, false)));
302  }
303  */
304  break;
305 
306  // @fix changed from AUTH_SHIB > is not defined
307  case AUTH_SHIBBOLETH:
308  if ($this->object->checkAuthSHIB() !== true) {
309  ilUtil::sendFailure($this->lng->txt("auth_shib_not_configured"), true);
310  ilUtil::redirect(
311  $this->getReturnLocation(
312  'authSettings',
313  $this->ctrl->getLinkTargetByClass(
314  ilAuthShibbolethSettingsGUI::class,
315  'settings',
316  '',
317  false,
318  false
319  )
320  )
321  );
322  }
323  break;
324 
325  case AUTH_RADIUS:
326  if ($this->object->checkAuthRADIUS() !== true) {
327  ilUtil::sendFailure($this->lng->txt("auth_radius_not_configured"), true);
328  $this->ctrl->redirect($this, 'editRADIUS');
329  }
330  break;
331 
332  case AUTH_SCRIPT:
333  if ($this->object->checkAuthScript() !== true) {
334  ilUtil::sendFailure($this->lng->txt("auth_script_not_configured"), true);
335  ilUtil::redirect($this->getReturnLocation("authSettings", $this->ctrl->getLinkTarget($this, "editScript", "", false, false)));
336  }
337  break;
338  }
339 
340  $this->ilias->setSetting("auth_mode", $_POST["auth_mode"]);
341 
342  ilUtil::sendSuccess($this->lng->txt("auth_default_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
343  $this->ctrl->redirect($this, 'authSettings');
344  }
345 
351  public function editSOAPObject()
352  {
353  global $DIC;
354 
355  $rbacsystem = $DIC['rbacsystem'];
356  $rbacreview = $DIC['rbacreview'];
357  $ilSetting = $DIC['ilSetting'];
358  $ilCtrl = $DIC['ilCtrl'];
359  $lng = $DIC['lng'];
360 
361  if (!$rbacsystem->checkAccess("read", $this->object->getRefId())) {
362  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
363  }
364 
365  $this->tabs_gui->setTabActive('auth_soap');
366 
367  //set Template
368  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.auth_soap.html', 'Services/Authentication');
369 
370  // compose role list
371  $role_list = $rbacreview->getRolesByFilter(2, $this->object->getId());
372  $roles = array();
373 
374  foreach ($role_list as $role) {
375  $roles[$role['obj_id']] = $role['title'];
376  }
377 
378  //set property form gui
379  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
380 
381  $soap_config = new ilPropertyFormGUI();
382  $soap_config->setTitle($this->lng->txt("auth_soap_auth"));
383  $soap_config->setDescription($this->lng->txt("auth_soap_auth_desc"));
384  $soap_config->setFormAction($this->ctrl->getFormAction($this, "editSOAP"));
385  if ($rbacsystem->checkAccess("write", $this->object->getRefId())) {
386  $soap_config->addCommandButton("saveSOAP", $this->lng->txt("save"));
387  $soap_config->addCommandButton("editSOAP", $this->lng->txt("cancel"));
388  }
389  //set activ
390  $active = new ilCheckboxInputGUI();
391  $active->setTitle($this->lng->txt("active"));
392  $active->setPostVar("soap[active]");
393 
394  //set server
395  $server = new ilTextInputGUI();
396  $server->setTitle($this->lng->txt("server"));
397  $server->setInfo($this->lng->txt("auth_soap_server_desc"));
398  $server->setPostVar("soap[server]");
399  $server->setSize(50);
400  $server->setMaxLength(256);
401  $server->setRequired(true);
402 
403  //set port
404  $port = new ilTextInputGUI();
405  $port->setTitle($this->lng->txt("port"));
406  $port->setInfo($this->lng->txt("auth_soap_port_desc"));
407  $port->setPostVar("soap[port]");
408  $port->setSize(7);
409  $port->setMaxLength(5);
410 
411  //set https
412  $https = new ilCheckboxInputGUI();
413  $https->setTitle($this->lng->txt("auth_soap_use_https"));
414  $https->setPostVar("soap[use_https]");
415 
416  //set uri
417  $uri = new ilTextInputGUI();
418  $uri->setTitle($this->lng->txt("uri"));
419  $uri->setInfo($this->lng->txt("auth_soap_uri_desc"));
420  $uri->setPostVar("soap[uri]");
421  $uri->setSize(50);
422  $uri->setMaxLength(256);
423 
424  //set namespace
425  $namespace = new ilTextInputGUI();
426  $namespace->setTitle($this->lng->txt("auth_soap_namespace"));
427  $namespace->setInfo($this->lng->txt("auth_soap_namespace_desc"));
428  $namespace->setPostVar("soap[namespace]");
429  $namespace->setSize(50);
430  $namespace->setMaxLength(256);
431 
432  //set dotnet
433  $dotnet = new ilCheckboxInputGUI();
434  $dotnet->setTitle($this->lng->txt("auth_soap_use_dotnet"));
435  $dotnet->setPostVar("soap[use_dotnet]");
436 
437  //set create users
438  $createuser = new ilCheckboxInputGUI();
439  $createuser->setTitle($this->lng->txt("auth_create_users"));
440  $createuser->setInfo($this->lng->txt("auth_soap_create_users_desc"));
441  $createuser->setPostVar("soap[create_users]");
442 
443  //set account mail
444  $sendmail = new ilCheckboxInputGUI();
445  $sendmail->setTitle($this->lng->txt("user_send_new_account_mail"));
446  $sendmail->setInfo($this->lng->txt("auth_new_account_mail_desc"));
447  $sendmail->setPostVar("soap[account_mail]");
448 
449  //set user default role
450  $defaultrole = new ilSelectInputGUI();
451  $defaultrole->setTitle($this->lng->txt("auth_user_default_role"));
452  $defaultrole->setInfo($this->lng->txt("auth_soap_user_default_role_desc"));
453  $defaultrole->setPostVar("soap[user_default_role]");
454  $defaultrole->setOptions($roles);
455 
456  //set allow local authentication
457  $allowlocal = new ilCheckboxInputGUI();
458  $allowlocal->setTitle($this->lng->txt("auth_allow_local"));
459  $allowlocal->setInfo($this->lng->txt("auth_soap_allow_local_desc"));
460  $allowlocal->setPostVar("soap[allow_local]");
461 
462  // get all settings
463  $settings = $ilSetting->getAll();
464 
465  // get values in error case
466  if ($_SESSION["error_post_vars"]) {
467  $active ->setChecked($_SESSION["error_post_vars"]["soap"]["active"]);
468  $server ->setValue($_SESSION["error_post_vars"]["soap"]["server"]);
469  $port ->setValue($_SESSION["error_post_vars"]["soap"]["port"]);
470  $https ->setChecked($_SESSION["error_post_vars"]["soap"]["use_https"]);
471  $uri ->setValue($_SESSION["error_post_vars"]["soap"]["uri"]);
472  $namespace ->setValue($_SESSION["error_post_vars"]["soap"]["namespace"]);
473  $dotnet ->setChecked($_SESSION["error_post_vars"]["soap"]["use_dotnet"]);
474  $createuser ->setChecked($_SESSION["error_post_vars"]["soap"]["create_users"]);
475  $allowlocal ->setChecked($_SESSION["error_post_vars"]["soap"]["allow_local"]);
476  $defaultrole->setValue($_SESSION["error_post_vars"]["soap"]["user_default_role"]);
477  $sendmail ->setChecked($_SESSION["error_post_vars"]["soap"]["account_mail"]);
478  } else {
479  $active ->setChecked($settings["soap_auth_active"]);
480  $server ->setValue($settings["soap_auth_server"]);
481  $port ->setValue($settings["soap_auth_port"]);
482  $https ->setChecked($settings["soap_auth_use_https"]);
483  $uri ->setValue($settings["soap_auth_uri"]);
484  $namespace ->setValue($settings["soap_auth_namespace"]);
485  $dotnet ->setChecked($settings["soap_auth_use_dotnet"]);
486  $createuser ->setChecked($settings["soap_auth_create_users"]);
487  $allowlocal ->setChecked($settings["soap_auth_allow_local"]);
488  $defaultrole->setValue($settings["soap_auth_user_default_role"]);
489  $sendmail ->setChecked($settings["soap_auth_account_mail"]);
490  }
491 
492  if (!$defaultrole->getValue()) {
493  $defaultrole->setValue(4);
494  }
495 
496  //add Items to property gui
497  $soap_config->addItem($active);
498  $soap_config->addItem($server);
499  $soap_config->addItem($port);
500  $soap_config->addItem($https);
501  $soap_config->addItem($uri);
502  $soap_config->addItem($namespace);
503  $soap_config->addItem($dotnet);
504  $soap_config->addItem($createuser);
505  $soap_config->addItem($sendmail);
506  $soap_config->addItem($defaultrole);
507  $soap_config->addItem($allowlocal);
508 
509  $this->tpl->setVariable("CONFIG_FORM", $soap_config->getHTML());
510 
511  // test form
512  $form = new ilPropertyFormGUI();
513  $form->setFormAction($ilCtrl->getFormAction($this));
514  $form->setTitle("Test Request");
515  $text_prop = new ilTextInputGUI("ext_uid", "ext_uid");
516  $form->addItem($text_prop);
517  $text_prop2 = new ilTextInputGUI("soap_pw", "soap_pw");
518  $form->addItem($text_prop2);
519  $cb = new ilCheckboxInputGUI("new_user", "new_user");
520  $form->addItem($cb);
521 
522  $form->addCommandButton(
523  "testSoapAuthConnection",
524  "Send"
525  );
526 
527  if ($ilCtrl->getCmd() == "testSoapAuthConnection") {
528  include_once("./Services/SOAPAuth/classes/class.ilSOAPAuth.php");
529  $ret = "<br />" . ilSOAPAuth::testConnection(
530  ilUtil::stripSlashes($_POST["ext_uid"]),
531  ilUtil::stripSlashes($_POST["soap_pw"]),
532  (boolean) $_POST["new_user"]
533  );
534  }
535  $this->tpl->setVariable("TEST_FORM", $form->getHTML() . $ret);
536  }
537 
538  public function testSoapAuthConnectionObject()
539  {
540  $this->editSOAPObject();
541  }
542 
548  public function saveSOAPObject()
549  {
550  global $DIC;
551 
552  $ilUser = $DIC['ilUser'];
553  $ilSetting = $DIC['ilSetting'];
554  $rbacsystem = $DIC['rbacsystem'];
555 
556  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
557  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
558  }
559 
560  // validate required data
561  if (!$_POST["soap"]["server"]) {
562  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
563  }
564 
565  // validate port
566  if ($_POST["soap"]["server"] != "" && (preg_match("/^[0-9]{0,5}$/", $_POST["soap"]["port"])) == false) {
567  $this->ilias->raiseError($this->lng->txt("err_invalid_port"), $this->ilias->error_obj->MESSAGE);
568  }
569 
570  $ilSetting->set("soap_auth_server", $_POST["soap"]["server"]);
571  $ilSetting->set("soap_auth_port", $_POST["soap"]["port"]);
572  $ilSetting->set("soap_auth_active", $_POST["soap"]["active"]);
573  $ilSetting->set("soap_auth_uri", $_POST["soap"]["uri"]);
574  $ilSetting->set("soap_auth_namespace", $_POST["soap"]["namespace"]);
575  $ilSetting->set("soap_auth_create_users", $_POST["soap"]["create_users"]);
576  $ilSetting->set("soap_auth_allow_local", $_POST["soap"]["allow_local"]);
577  $ilSetting->set("soap_auth_account_mail", $_POST["soap"]["account_mail"]);
578  $ilSetting->set("soap_auth_use_https", $_POST["soap"]["use_https"]);
579  $ilSetting->set("soap_auth_use_dotnet", $_POST["soap"]["use_dotnet"]);
580  $ilSetting->set("soap_auth_user_default_role", $_POST["soap"]["user_default_role"]);
581  ilUtil::sendSuccess($this->lng->txt("auth_soap_settings_saved"), true);
582 
583  $this->ctrl->redirect($this, 'editSOAP');
584  }
585 
591  public function editScriptObject()
592  {
593  global $DIC;
594 
595  $rbacsystem = $DIC['rbacsystem'];
596 
597  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
598  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
599  }
600 
601  if ($_SESSION["error_post_vars"]) {
602  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $_SESSION["error_post_vars"]["auth_script"]["name"]);
603  } else {
604  // set already saved data
605  $settings = $this->ilias->getAllSettings();
606 
607  $this->tpl->setVariable("AUTH_SCRIPT_NAME", $settings["auth_script_name"]);
608  }
609 
610  $this->tabs_gui->setTabActive('auth_script');
611 
612  $this->tpl->addBlockFile(
613  "ADM_CONTENT",
614  "adm_content",
615  "tpl.auth_script.html",
616  "Services/Authentication"
617  );
618 
619  $this->tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
620  $this->tpl->setVariable("COLSPAN", 3);
621  $this->tpl->setVariable("TXT_AUTH_SCRIPT_TITLE", $this->lng->txt("auth_script_configure"));
622  $this->tpl->setVariable("TXT_OPTIONS", $this->lng->txt("options"));
623  $this->tpl->setVariable("TXT_AUTH_SCRIPT_NAME", $this->lng->txt("auth_script_name"));
624 
625  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
626  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
627  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
628  $this->tpl->setVariable("CMD_SUBMIT", "saveScript");
629  }
630 
636  public function saveScriptObject()
637  {
638  // validate required data
639  if (!$_POST["auth_script"]["name"]) {
640  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
641  }
642 
643  // validate script url
644  /*
645  if (( TODO ,$_POST["ldap"]["server"])) == false)
646  {
647  $this->ilias->raiseError($this->lng->txt("err_invalid_server"),$this->ilias->error_obj->MESSAGE);
648  }*/
649 
650  // TODO: check connection to server
651 
652  // all ok. save settings and activate auth by external script
653  $this->ilias->setSetting("auth_script_name", $_POST["auth_script"]["name"]);
654  $this->ilias->setSetting("auth_mode", AUTH_SCRIPT);
655 
656  ilUtil::sendSuccess($this->lng->txt("auth_mode_changed_to") . " " . $this->getAuthModeTitle(), true);
657  $this->ctrl->redirect($this, 'editScript');
658  }
659 
660 
667  public function getAuthModeTitle()
668  {
669  switch ($this->ilias->getSetting("auth_mode")) {
670  case AUTH_LOCAL:
671  return $this->lng->txt("auth_local");
672  break;
673 
674  case AUTH_LDAP:
675  return $this->lng->txt("auth_ldap");
676  break;
677 
678  case AUTH_SHIBBOLETH:
679  return $this->lng->txt("auth_shib");
680  break;
681 
682  case AUTH_SAML:
683  return $this->lng->txt("auth_saml");
684  break;
685 
686  case AUTH_RADIUS:
687  return $this->lng->txt("auth_radius");
688  break;
689 
690  case AUTH_SCRIPT:
691  return $this->lng->txt("auth_script");
692  break;
693 
694  case AUTH_APACHE:
695  return $this->lng->txt("auth_apache");
696  break;
697 
698  default:
699  return $this->lng->txt("unknown");
700  break;
701  }
702  }
703 
704  public function updateAuthRolesObject()
705  {
706  global $DIC;
707 
708  $rbacsystem = $DIC['rbacsystem'];
709 
710  if (!$rbacsystem->checkAccess("write", $this->object->getRefId())) {
711  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
712  }
713 
714  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
715  ilObjRole::_updateAuthMode($_POST['Fobject']);
716 
717  ilUtil::sendSuccess($this->lng->txt("auth_mode_roles_changed"), true);
718  $this->ctrl->redirect($this, 'authSettings');
719  }
720 
726  protected function initAuthModeDetermination()
727  {
728  if (is_object($this->form)) {
729  return true;
730  }
731 
732  include_once('./Services/Form/classes/class.ilPropertyFormGUI.php');
733  $this->form = new ilPropertyFormGUI();
734  $this->form->setFormAction($this->ctrl->getFormAction($this));
735  $this->form->setTableWidth('100%');
736  $this->form->setTitle($this->lng->txt('auth_auth_settings'));
737 
738  if ($this->access->checkAccess('write', '', $this->object->getRefId())) {
739  $this->form->addCommandButton('updateAuthModeDetermination', $this->lng->txt('save'));
740  }
741 
742  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
743  $cap = new ilCheckboxInputGUI($this->lng->txt('adm_captcha_anonymous_short'), 'activate_captcha_anonym');
744  $cap->setInfo($this->lng->txt('adm_captcha_anonymous_auth'));
745  $cap->setValue(1);
746  if (!ilCaptchaUtil::checkFreetype()) {
747  $cap->setAlert(ilCaptchaUtil::getPreconditionsMessage());
748  }
749  $cap->setChecked(ilCaptchaUtil::isActiveForLogin());
750  $this->form->addItem($cap);
751 
752  // Are there any authentication methods that support automatic determination ?
753  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
754  $det = ilAuthModeDetermination::_getInstance();
755  if ($det->getCountActiveAuthModes() <= 1) {
756  return true;
757  }
758 
759  $header = new ilFormSectionHeaderGUI();
760  $header->setTitle($this->lng->txt('auth_auth_mode_determination'));
761  $this->form->addItem($header);
762 
763  $kind = new ilRadioGroupInputGUI($this->lng->txt('auth_kind_determination'), 'kind');
764  $kind->setInfo($this->lng->txt('auth_mode_determination_info'));
765  $kind->setValue($det->getKind());
766  $kind->setRequired(true);
767 
768  $option_user = new ilRadioOption($this->lng->txt('auth_by_user'), 0);
769  $kind->addOption($option_user);
770 
771  $option_determination = new ilRadioOption($this->lng->txt('auth_automatic'), 1);
772 
773  include_once('Services/Authentication/classes/class.ilAuthUtils.php');
774 
775  $auth_sequenced = $det->getAuthModeSequence();
776  $counter = 1;
777  foreach ($auth_sequenced as $auth_mode) {
778  switch ($auth_mode) {
779  // begin-patch ldap_multiple
780  case ilLDAPServer::isAuthModeLDAP($auth_mode):
781  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
782  $server = ilLDAPServer::getInstanceByServerId($auth_id);
783  $text = $server->getName();
784  // end-patch ldap_multiple
785  break;
786  case AUTH_RADIUS:
787  $text = $this->lng->txt('auth_radius');
788  break;
789  case AUTH_LOCAL:
790  $text = $this->lng->txt('auth_local');
791  break;
792  case AUTH_SOAP:
793  $text = $this->lng->txt('auth_soap');
794  break;
795  case AUTH_APACHE:
796  $text = $this->lng->txt('auth_apache');
797  break;
798  // begin-patch auth_plugin
799  default:
800  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
801  $option = $pl->getMultipleAuthModeOptions($auth_mode);
802  $text = $option[$auth_mode]['txt'];
803  }
804  break;
805  // end-patch auth_plugin
806  }
807 
808  $pos = new ilTextInputGUI($text, 'position[' . $auth_mode . ']');
809  $pos->setValue($counter++);
810  $pos->setSize(1);
811  $pos->setMaxLength(1);
812  $option_determination->addSubItem($pos);
813  }
814  $kind->addOption($option_determination);
815  $this->form->addItem($kind);
816  return true;
817  }
818 
825  public function updateAuthModeDeterminationObject()
826  {
827  include_once('Services/Authentication/classes/class.ilAuthModeDetermination.php');
828  $det = ilAuthModeDetermination::_getInstance();
829 
830  $det->setKind((int) $_POST['kind']);
831 
832  $pos = $_POST['position'] ? $_POST['position'] : array();
833  asort($pos, SORT_NUMERIC);
834 
835  $counter = 0;
836  foreach ($pos as $auth_mode => $dummy) {
837  $position[$counter++] = $auth_mode;
838  }
839  $det->setAuthModeSequence($position ? $position : array());
840  $det->save();
841 
842  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
843  ilCaptchaUtil::setActiveForLogin((bool) $_POST['activate_captcha_anonym']);
844 
845  ilUtil::sendSuccess($this->lng->txt('settings_saved'));
846  $this->authSettingsObject();
847  }
848 
855  public function executeCommand()
856  {
857  global $DIC;
858 
859  $ilAccess = $DIC['ilAccess'];
860  $ilErr = $DIC['ilErr'];
861 
862 
863  $next_class = $this->ctrl->getNextClass($this);
864  $cmd = $this->ctrl->getCmd();
865  $this->prepareOutput();
866 
867  if (!$DIC->rbac()->system()->checkAccess("visible,read", $this->object->getRefId())) {
868  $ilErr->raiseError($this->lng->txt('msg_no_perm_read'), $ilErr->WARNING);
869  }
870 
871  switch ($next_class) {
872  case 'ilopenidconnectsettingsgui':
873 
874  $this->tabs_gui->activateTab('auth_oidconnect');
875 
876  $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
877  $this->ctrl->forwardCommand($oid);
878  break;
879 
880  case 'ilsamlsettingsgui':
881  $this->tabs_gui->setTabActive('auth_saml');
882 
883  require_once './Services/Saml/classes/class.ilSamlSettingsGUI.php';
884  $os = new ilSamlSettingsGUI($this->object->getRefId());
885  $this->ctrl->forwardCommand($os);
886  break;
887 
888  case 'ilregistrationsettingsgui':
889 
890  include_once './Services/Registration/classes/class.ilRegistrationSettingsGUI.php';
891 
892  // Enable tabs
893  $this->tabs_gui->setTabActive('registration_settings');
894  $registration_gui = new ilRegistrationSettingsGUI();
895  $this->ctrl->forwardCommand($registration_gui);
896  break;
897 
898  case 'ilpermissiongui':
899 
900  // Enable tabs
901  $this->tabs_gui->setTabActive('perm_settings');
902 
903  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
904  $perm_gui = new ilPermissionGUI($this);
905  $ret = &$this->ctrl->forwardCommand($perm_gui);
906  break;
907 
908  case 'illdapsettingsgui':
909 
910  // Enable Tabs
911  $this->tabs_gui->setTabActive('auth_ldap');
912 
913  include_once './Services/LDAP/classes/class.ilLDAPSettingsGUI.php';
914  $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
915  $this->ctrl->forwardCommand($ldap_settings_gui);
916  break;
917 
918  case 'ilauthshibbolethsettingsgui':
919 
920  $this->tabs_gui->setTabActive('auth_shib');
921  include_once('./Services/AuthShibboleth/classes/class.ilAuthShibbolethSettingsGUI.php');
922  $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
923  $this->ctrl->forwardCommand($shib_settings_gui);
924  break;
925 
926  case 'ilcassettingsgui':
927 
928  $this->tabs_gui->setTabActive('auth_cas');
929  include_once './Services/CAS/classes/class.ilCASSettingsGUI.php';
930  $cas_settings = new ilCASSettingsGUI($this->object->getRefId());
931  $this->ctrl->forwardCommand($cas_settings);
932  break;
933 
934  case 'ilradiussettingsgui':
935 
936  $this->tabs_gui->setTabActive('auth_radius');
937  include_once './Services/Radius/classes/class.ilRadiusSettingsGUI.php';
938  $radius_settings_gui = new ilRadiusSettingsGUI($this->object->getRefId());
939  $this->ctrl->forwardCommand($radius_settings_gui);
940  break;
941 
942 
943  case 'ilauthloginpageeditorgui':
944 
945  $this->setSubTabs("authSettings");
946  $this->tabs_gui->setTabActive('authentication_settings');
947  $this->tabs_gui->setSubTabActive("auth_login_editor");
948 
949  include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorGUI.php';
950  $lpe = new ilAuthLoginPageEditorGUI($this->object->getRefId());
951  $this->ctrl->forwardCommand($lpe);
952  break;
953 
954  default:
955  if (!$cmd) {
956  $cmd = "authSettings";
957  }
958  $cmd .= "Object";
959  $this->$cmd();
960 
961  break;
962  }
963  return true;
964  }
965 
966  public function getAdminTabs()
967  {
968  $this->getTabs();
969  }
970 
976  public function getTabs()
977  {
978  global $DIC;
979 
980  $rbacsystem = $DIC['rbacsystem'];
981 
982  $this->ctrl->setParameter($this, "ref_id", $this->object->getRefId());
983 
984  if ($rbacsystem->checkAccess("visible,read", $this->object->getRefId())) {
985  $this->tabs_gui->addTarget(
986  "authentication_settings",
987  $this->ctrl->getLinkTarget($this, "authSettings"),
988  "",
989  "",
990  ""
991  );
992 
993  $this->tabs_gui->addTarget(
994  'registration_settings',
995  $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
996  );
997 
998  $this->tabs_gui->addTarget(
999  "auth_ldap",
1000  $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
1001  "",
1002  "",
1003  ""
1004  );
1005 
1006 
1007  #$this->tabs_gui->addTarget("auth_ldap", $this->ctrl->getLinkTarget($this, "editLDAP"),
1008  # "", "", "");
1009 
1010  $this->tabs_gui->addTarget('auth_shib', $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings'));
1011 
1012  $this->tabs_gui->addTarget(
1013  'auth_cas',
1014  $this->ctrl->getLinkTargetByClass('ilcassettingsgui', 'settings')
1015  );
1016 
1017  $this->tabs_gui->addTarget(
1018  "auth_radius",
1019  $this->ctrl->getLinkTargetByClass('ilradiussettingsgui', "settings"),
1020  "",
1021  "",
1022  ""
1023  );
1024 
1025  $this->tabs_gui->addTarget(
1026  "auth_soap",
1027  $this->ctrl->getLinkTarget($this, "editSOAP"),
1028  "",
1029  "",
1030  ""
1031  );
1032 
1033  $this->tabs_gui->addTarget(
1034  "apache_auth_settings",
1035  $this->ctrl->getLinkTarget($this, 'apacheAuthSettings'),
1036  "",
1037  "",
1038  ""
1039  );
1040 
1041  require_once 'Services/Saml/classes/class.ilSamlSettingsGUI.php';
1042  $this->tabs_gui->addTarget(
1043  'auth_saml',
1044  $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
1045  '',
1046  '',
1047  ''
1048  );
1049 
1050  $this->tabs_gui->addTab(
1051  'auth_oidconnect',
1052  $this->lng->txt('auth_oidconnect'),
1053  $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1054  );
1055  }
1056 
1057  if ($rbacsystem->checkAccess('edit_permission', $this->object->getRefId())) {
1058  $this->tabs_gui->addTarget(
1059  "perm_settings",
1060  $this->ctrl->getLinkTargetByClass(array(get_class($this),'ilpermissiongui'), "perm"),
1061  array("perm","info","owner"),
1062  'ilpermissiongui'
1063  );
1064  }
1065  }
1066 
1070  public function setSubTabs($a_tab)
1071  {
1072  global $DIC;
1073 
1074  $rbacsystem = $DIC['rbacsystem'];
1075  $ilUser = $DIC['ilUser'];
1076  $ilAccess = $DIC['ilAccess'];
1077 
1078  $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1079 
1080  switch ($a_tab) {
1081  case 'authSettings':
1082  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1083  $this->tabs_gui->addSubTabTarget(
1084  "auth_settings",
1085  $this->ctrl->getLinkTarget($this, 'authSettings'),
1086  ""
1087  );
1088  }
1089  if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
1090  $this->tabs_gui->addSubTabTarget(
1091  'auth_login_editor',
1092  $this->ctrl->getLinkTargetByClass('ilauthloginpageeditorgui', ''),
1093  ''
1094  );
1095  }
1096  break;
1097  }
1098  }
1099 
1100 
1101  public function apacheAuthSettingsObject($form = false)
1102  {
1103  global $DIC;
1104 
1105  $tpl = $DIC['tpl'];
1106 
1107  $this->tabs_gui->setTabActive("apache_auth_settings");
1108 
1109  if (!$form) {
1110  $form = $this->getApacheAuthSettingsForm();
1111 
1112  $settings = new ilSetting('apache_auth');
1113  $settingsMap = $settings->getAll();
1114 
1115  $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1116  if (file_exists($path) && is_readable($path)) {
1117  $settingsMap['apache_auth_domains'] = file_get_contents($path);
1118  }
1119 
1120  $form->setValuesByArray($settingsMap);
1121  }
1122  $tpl->setVariable('ADM_CONTENT', $form->getHtml());
1123  }
1124 
1125  public function saveApacheSettingsObject()
1126  {
1127  global $DIC;
1128 
1129  $ilCtrl = $DIC['ilCtrl'];
1130  $form = $this->getApacheAuthSettingsForm();
1131  $form->setValuesByPost();
1132  /*$items = $form->getItems();
1133  foreach($items as $item)
1134  $item->validate();*/
1135  if ($form->checkInput()) {
1136  $settings = new ilSetting('apache_auth');
1137  $fields = array(
1138  'apache_auth_indicator_name', 'apache_auth_indicator_value',
1139  'apache_enable_auth', 'apache_enable_local', 'apache_local_autocreate',
1140  'apache_enable_ldap', 'apache_auth_username_config_type',
1141  'apache_auth_username_direct_mapping_fieldname',
1142  'apache_default_role', 'apache_auth_target_override_login_page',
1143  'apache_auth_enable_override_login_page',
1144  'apache_auth_authenticate_on_login_page',
1145  'apache_ldap_sid'
1146 // 'apache_auth_username_by_function_functionname',
1147  );
1148 
1149  foreach ($fields as $field) {
1150  $settings->set($field, $form->getInput($field));
1151  }
1152 
1153  if ($form->getInput('apache_enable_auth')) {
1154  $this->ilias->setSetting('apache_active', true);
1155  } else {
1156  $this->ilias->setSetting('apache_active', false);
1157  global $DIC;
1158 
1159  $ilSetting = $DIC['ilSetting'];
1160  if ($ilSetting->get("auth_mode") == AUTH_APACHE) {
1161  $ilSetting->set("auth_mode", AUTH_LOCAL);
1162  }
1163  }
1164 
1165  $allowedDomains = $this->validateApacheAuthAllowedDomains($form->getInput('apache_auth_domains'));
1166  file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowedDomains);
1167 
1168  ilUtil::sendSuccess($this->lng->txt('apache_settings_changed_success'), true);
1169  $this->ctrl->redirect($this, 'apacheAuthSettings');
1170  } else {
1171  $this->apacheAuthSettingsObject($form);
1172  }
1173  }
1174 
1175  public function getApacheAuthSettingsForm()
1176  {
1177  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
1178 
1179  $form = new ilPropertyFormGUI();
1180  $form->setFormAction($this->ctrl->getFormAction($this));
1181  $form->setTitle($this->lng->txt('apache_settings'));
1182 
1183  $chb_enabled = new ilCheckboxInputGUI($this->lng->txt('apache_enable_auth'), 'apache_enable_auth');
1184  $form->addItem($chb_enabled);
1185 
1186  $chb_local_create_account = new ilCheckboxInputGUI($this->lng->txt('apache_autocreate'), 'apache_local_autocreate');
1187  $chb_enabled->addSubitem($chb_local_create_account);
1188 
1189  global $DIC;
1190 
1191  $rbacreview = $DIC['rbacreview'];
1192  $roles = $rbacreview->getGlobalRolesArray();
1193  $select = new ilSelectInputGUI($this->lng->txt('apache_default_role'), 'apache_default_role');
1194  $roleOptions = array();
1195  foreach ($roles as $role) {
1196  $roleOptions[$role['obj_id']] = ilObject::_lookupTitle($role['obj_id']);
1197  }
1198  $select->setOptions($roleOptions);
1199  $select->setValue(4);
1200 
1201  $chb_local_create_account->addSubitem($select);
1202 
1203  $chb_local = new ilCheckboxInputGUI($this->lng->txt('apache_enable_local'), 'apache_enable_local');
1204  $form->addItem($chb_local);
1205 
1206  $chb_ldap = new ilCheckboxInputGUI($this->lng->txt('apache_enable_ldap'), 'apache_enable_ldap');
1207  $chb_ldap->setInfo($this->lng->txt('apache_ldap_hint_ldap_must_be_configured'));
1208 
1209  $GLOBALS['DIC']['lng']->loadLanguageModule('auth');
1210  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
1211  $servers = ilLDAPServer::getServerIds();
1212  if (count($servers)) {
1213  $ldap_server_select = new ilSelectInputGUI($this->lng->txt('auth_ldap_server_ds'), 'apache_ldap_sid');
1214  $options[0] = $this->lng->txt('select_one');
1215  foreach ($servers as $server_id) {
1216  $ldap_server = new ilLDAPServer($server_id);
1217  $options[$server_id] = $ldap_server->getName();
1218  }
1219  $ldap_server_select->setOptions($options);
1220  $ldap_server_select->setRequired(true);
1221 
1222  $ds = ilLDAPServer::getDataSource(AUTH_APACHE);
1223  $ldap_server_select->setValue($ds);
1224 
1225  $chb_ldap->addSubItem($ldap_server_select);
1226  }
1227  $form->addItem($chb_ldap);
1228 
1229  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_name'), 'apache_auth_indicator_name');
1230  $txt->setRequired(true);
1231  $form->addItem($txt);
1232 
1233  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_indicator_value'), 'apache_auth_indicator_value');
1234  $txt->setRequired(true);
1235  $form->addItem($txt);
1236 
1237 
1238  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_enable_override_login'), 'apache_auth_enable_override_login_page');
1239  $form->addItem($chb);
1240 
1241  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_target_override_login'), 'apache_auth_target_override_login_page');
1242  $txt->setRequired(true);
1243  $chb->addSubItem($txt);
1244 
1245  $chb = new ilCheckboxInputGUI($this->lng->txt('apache_auth_authenticate_on_login_page'), 'apache_auth_authenticate_on_login_page');
1246  $form->addItem($chb);
1247 
1248  $sec = new ilFormSectionHeaderGUI();
1249  $sec->setTitle($this->lng->txt('apache_auth_username_config'));
1250  $form->addItem($sec);
1251 
1252  $rag = new ilRadioGroupInputGUI($this->lng->txt('apache_auth_username_config_type'), 'apache_auth_username_config_type');
1253  $form->addItem($rag);
1254 
1255  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_direct_mapping'), 1);
1256  $rag->addOption($rao);
1257 
1258  $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_direct_mapping_fieldname'), 'apache_auth_username_direct_mapping_fieldname');
1259  //$txt->setRequired(true);
1260  $rao->addSubItem($txt);
1261 
1262  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_extended_mapping'), 2);
1263  $rao->setDisabled(true);
1264  $rag->addOption($rao);
1265 
1266  $rao = new ilRadioOption($this->lng->txt('apache_auth_username_by_function'), 3);
1267  $rag->addOption($rao);
1268 
1269  /* $txt = new ilTextInputGUI($this->lng->txt('apache_auth_username_by_function_functionname'), 'apache_auth_username_by_function_functionname');
1270  $rao->addSubItem($txt);*/
1271 
1272  $sec = new ilFormSectionHeaderGUI();
1273  $sec->setTitle($this->lng->txt('apache_auth_security'));
1274  $form->addItem($sec);
1275 
1276  $txt = new ilTextAreaInputGUI($this->lng->txt('apache_auth_domains'), 'apache_auth_domains');
1277  $txt->setInfo($this->lng->txt('apache_auth_domains_description'));
1278 
1279  $form->addItem($txt);
1280 
1281  if ($this->access->checkAccess('write', '', $this->ref_id)) {
1282  $form->addCommandButton('saveApacheSettings', $this->lng->txt('save'));
1283  }
1284  $form->addCommandButton('cancel', $this->lng->txt('cancel'));
1285 
1286  return $form;
1287  }
1288 
1289  private function validateApacheAuthAllowedDomains($text)
1290  {
1291  return join("\n", preg_split("/[\r\n]+/", $text));
1292  }
1293 
1294  public function registrationSettingsObject()
1295  {
1296  $registration_gui = new ilRegistrationSettingsGUI();
1297  $this->ctrl->redirect($registration_gui);
1298  }
1299 
1304  public function addToExternalSettingsForm($a_form_id)
1305  {
1306  switch ($a_form_id) {
1307  case ilAdministrationSettingsFormHandler::FORM_ACCESSIBILITY:
1308  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
1309  $fields_login = array(
1310  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForLogin(), ilAdministrationSettingsFormHandler::VALUE_BOOL),
1311  );
1312 
1313  $fields_registration = array(
1314  'adm_captcha_anonymous_short' => array(ilCaptchaUtil::isActiveForRegistration(), ilAdministrationSettingsFormHandler::VALUE_BOOL)
1315  );
1316 
1317 
1318  return array('adm_auth_login' => array('authSettings', $fields_login), 'adm_auth_reg' => array('registrationSettings', $fields_registration));
1319  }
1320  }
1321 } // END class.ilObjAuthSettingsGUI
ilAuthLoginPageEditorGUI
Login page editor settings GUI ILIAS page editor or richtext editor.
Definition: class.ilAuthLoginPageEditorGUI.php:15
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:50
ilObjAuthSettingsGUI\editScriptObject
editScriptObject()
Configure Custom settings.
Definition: class.ilObjAuthSettingsGUI.php:591
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
$https
$https
Definition: imgupload.php:19
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml(string $a_auth_mode)
Definition: class.ilSamlIdp.php:194
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:385
ilOpenIdConnectSettingsGUI
Class ilOpenIdConnectSettingsGUI.
Definition: class.ilOpenIdConnectSettingsGUI.php:11
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:13
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjAuthSettingsGUI\getAuthModeTitle
getAuthModeTitle()
get the title of auth mode
Definition: class.ilObjAuthSettingsGUI.php:667
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:289
ilFormSectionHeaderGUI
This class represents a section header in a property form.
Definition: class.ilFormSectionHeaderGUI.php:31
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:20
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilObjAuthSettingsGUI\loginInfoObject
loginInfoObject()
displays login information of all installed languages
Definition: class.ilObjAuthSettingsGUI.php:232
ilObjRole\_updateAuthMode
static _updateAuthMode($a_roles)
Definition: class.ilObjRole.php:532
ilCaptchaUtil\checkFreetype
static checkFreetype()
Check whether captcha support is active.
Definition: class.ilCaptchaUtil.php:27
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:258
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:17
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId(int $a_idp_id)
Definition: class.ilSamlIdp.php:66
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:18
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode(string $a_auth_mode)
Definition: class.ilSamlIdp.php:213
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:196
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
ilOpenIdConnectSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdConnectSettings.php:163
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4518
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:747
$name
if($format !==null) $name
Definition: metadata.php:230
ilObjAuthSettingsGUI\initAuthModeDetermination
initAuthModeDetermination()
init auth mode determinitation form
Definition: class.ilObjAuthSettingsGUI.php:726
ilObjAuthSettingsGUI\editSOAPObject
editSOAPObject()
Configure soap settings.
Definition: class.ilObjAuthSettingsGUI.php:351
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:334
ilObjAuthSettingsGUI\saveScriptObject
saveScriptObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:636
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids ilDB $ilDB.
Definition: class.ilLDAPServer.php:226
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:96
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:3627
ilSOAPAuth\testConnection
static testConnection($a_ext_uid, $a_soap_pw, $a_new_user)
Constructor public.
Definition: class.ilSOAPAuth.php:45
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:16
CLIENT_ID
const CLIENT_ID
Definition: constants.php:39
$DIC
global $DIC
Definition: goto.php:24
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:36
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:324
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilSelectInputGUI\setOptions
setOptions($a_options)
Set Options.
Definition: class.ilSelectInputGUI.php:43
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
$txt
$txt
Definition: error.php:13
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject()
display settings menu
Definition: class.ilObjAuthSettingsGUI.php:56
ILIAS_DATA_DIR
const ILIAS_DATA_DIR
Definition: constants.php:42
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
$server
$server
Definition: dummy_client.php:12
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:324
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:8
ilObjAuthSettingsGUI\updateAuthModeDeterminationObject
updateAuthModeDeterminationObject()
update auth mode determination
Definition: class.ilObjAuthSettingsGUI.php:825
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilObjAuthSettingsGUI
Class ilObjAuthSettingsGUI.
Definition: class.ilObjAuthSettingsGUI.php:16
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:40
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
$ret
$ret
Definition: parser.php:6
ilObjAuthSettingsGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output=true)
Constructor public.
Definition: class.ilObjAuthSettingsGUI.php:28
ilRadioOption\setDisabled
setDisabled($a_disabled)
Definition: class.ilRadioOption.php:106
ilObjAuthSettingsGUI\saveSOAPObject
saveSOAPObject()
validates all input data, save them to database if correct and active chosen auth mode ...
Definition: class.ilObjAuthSettingsGUI.php:548
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:19
$ilUser
$ilUser
Definition: imgupload.php:18
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3302
ilObjectGUI\getReturnLocation
getReturnLocation($a_cmd, $a_location="")
get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1530
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9