/** 
  * Called from fetchData after successful login.
  *
  * @param string username
  */
 public function loginObserver($a_username, $a_auth)
 {
     $usr_id = ilObjUser::_lookupId($a_username);
     $auth_mode = ilObjUser::_lookupAuthMode($usr_id);
     $auth_id = ilAuthUtils::_getAuthMode($auth_mode);
     $GLOBALS['ilLog']->write(__METHOD__ . ': auth id =  ' . $auth_id);
     switch ($auth_id) {
         case AUTH_APACHE:
         case AUTH_LOCAL:
             return true;
         default:
             if (ilAuthUtils::isPasswordModificationEnabled($auth_id)) {
                 return true;
             }
     }
     $a_auth->status = AUTH_WRONG_LOGIN;
     $a_auth->logout();
     return false;
 }
 /**
  * Check, whether password change is allowed for user
  */
 function allowPasswordChange()
 {
     global $ilUser, $ilSetting;
     return ilAuthUtils::isPasswordModificationEnabled($ilUser->getAuthMode(true));
     // Moved to ilAuthUtils
     // do nothing if auth mode is not local database
     if ($ilUser->getAuthMode(true) != AUTH_LOCAL && ($ilUser->getAuthMode(true) != AUTH_CAS || !$ilSetting->get("cas_allow_local")) && ($ilUser->getAuthMode(true) != AUTH_SHIBBOLETH || !$ilSetting->get("shib_auth_allow_local")) && ($ilUser->getAuthMode(true) != AUTH_SOAP || !$ilSetting->get("soap_auth_allow_local")) && $ilUser->getAuthMode(true) != AUTH_OPENID) {
         return false;
     }
     if (!$this->userSettingVisible('password') || $this->ilias->getSetting('usr_settings_disable_password')) {
         return false;
     }
     return true;
 }
 /**
  * Check if local password validation is supported
  * @param object $a_authmode
  * @return 
  */
 public static function supportsLocalPasswordValidation($a_authmode)
 {
     switch ($a_authmode) {
         case AUTH_LDAP:
         case AUTH_LOCAL:
         case AUTH_RADIUS:
             return ilAuthUtils::LOCAL_PWV_FULL;
         case AUTH_SHIBBOLETH:
         case AUTH_SOAP:
         case AUTH_CAS:
             if (!ilAuthUtils::isPasswordModificationEnabled($a_authmode)) {
                 return ilAuthUtils::LOCAL_PWV_NO;
             }
             return ilAuthUtils::LOCAL_PWV_USER;
         case AUTH_ECS:
         case AUTH_OPENID:
         case AUTH_SCRIPT:
         case AUTH_APACHE:
         default:
             return ilAuthUtils::LOCAL_PWV_USER;
     }
 }