function login($login, $pass) { $result = local_login($login, $pass); // Other logon modules if ($result != "" && $conf_zamger) { require_once "zamger/login.php"; return zamger_login($login, $pass); } }
function login($login, $pass) { global $conf_zamger, $conf_json_base_url, $conf_json_max_retries; $result = local_login($login, $pass); // Other logon modules if ($result != "" && $conf_zamger) { require_once "zamger/config.php"; require_once "zamger/login.php"; return zamger_login($login, $pass); } }
if (!$ad->bind($p->uname, $p->secret)) { // create a syslog entry syslog(LOG_NOTICE, sprintf("AD bind failed. user: %s remote_addr: %s method: %s token: %s", $p->uname, $w->remote_addr, $auth_method, $o->token)); // AD bind failis. Nüüd proovime lokaalse kasutajaga. require INC_DIR . '/local.php'; if ($w->allow_local) { if (!isset($d)) { $d = new DATABASE(); // lokaalsed kasutajad paiknevad DB's. Siiani pole DB'd vaja läinud. $d->debug = $w->debug; if (!$d->connect(DB_HOST, DB_USER, DB_PASS, DATABASE)) { $t->errors[ERROR][] = 'C001.1 ' . $l->txt_err_open_database; } } // print_r($d); if (local_login($d, $p->uname, $p->secret, $u)) { $auth_method = 'local'; $authok = true; } else { // create a syslog entry syslog(LOG_NOTICE, sprintf("User not found. user: %s remote_addr: %s method: %s token: %s", $p->uname, $w->remote_addr, $auth_method, $o->token)); $t->errors[ERROR][] = 'L003 ' . $l->txt_err_authentication; } } else { $t->errors[ERROR][] = 'L003.9 ' . $l->txt_err_authentication; } } else { // AD auth oli edukas $auth_method = 'uni-id'; $authok = true; $u = new stdClass();
there will be no point in trying to log in, as the cookie won't be available to the target server (e.g. if users try to access a server by its IP address instead of by its proper host name), thus avoiding confusion. */ $urlp = parse_url($_GET['back']); $reshost = $urlp['host']; $server_allowed = preg_match("/{$domain}\$/", $reshost); } else { $server_allowed = true; } if ($_POST) { $username = strtolower($_POST['username']); /* always lower-case usernames for easier matching */ $password = $_POST['password']; /* try to authenticate */ $res = local_login($username, $password); if ($res['success']) { log_login($_SERVER['REMOTE_ADDR'], $username, true); $tkt_validuntil = time() + $res['timeout']; /* generate the ticket now and set a domain cookie */ $tkt = pubtkt_generate($privkeyfile, $keytype, $username, $_SERVER['REMOTE_ADDR'], $tkt_validuntil, $res['graceperiod'], join(",", $res['tokens']), ""); setcookie("auth_pubtkt", $tkt, 0, "/", $domain, $secure_cookie); setcookie("sso_lastuser", $username, time() + 30 * 24 * 60 * 60); if ($_GET['back']) { header("Location: " . $_GET['back']); exit; } } else { log_login($_SERVER['REMOTE_ADDR'], $username, false); $loginerr = "Authentication failed. Please try again."; }