Example #1
0
 /**
  * Authenticate user
  *
  * @access private
  * @param  string  HTTP Authentication type (Basic, Digest, ...)
  * @param  string  Username
  * @param  string  Password
  * @return bool    true on successful authentication
  */
 function checkAuth($sType, $sUser, $sPass)
 {
     $this->ktwebdavLog('Entering checkAuth params are: ', 'info', true);
     $this->ktwebdavLog('sType: ' . $sType, 'info', true);
     $this->ktwebdavLog('sUser: '******'info', true);
     $this->ktwebdavLog('sPass: '******'info', true);
     // Authenticate user
     require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
     if (empty($sUser)) {
         $this->ktwebdavLog('sUser is empty, returning false.', 'info', true);
         return false;
     }
     if (empty($sPass)) {
         $this->ktwebdavLog('sPass is empty, returning false.', 'info', true);
         return false;
     }
     $sUser = iconv('ISO-8859-1', 'UTF-8', $sUser);
     $sPass = iconv('ISO-8859-1', 'UTF-8', $sPass);
     $oUser =& User::getByUsername($sUser);
     if (PEAR::isError($oUser) || $oUser === false) {
         $this->ktwebdavLog('User not found: ' . $sUser . '.', 'error');
         $this->lastMsg = 'User not found: ' . $sUser . '.';
         return false;
     }
     $authenticated = KTAuthenticationUtil::checkPassword($oUser, $sPass);
     if ($authenticated === false) {
         $this->ktwebdavLog('Password incorrect for ' . $sUser . '.', 'error');
         $this->lastMsg = 'Password incorrect for ' . $sUser . '.';
         return false;
     }
     if (PEAR::isError($authenticated)) {
         $this->ktwebdavLog('Password incorrect for ' . $sUser . '.', 'error');
         $this->lastMsg = 'Password incorrect for ' . $sUser . '.';
         return false;
     }
     $oUser->setLastLogin(date('Y-m-d H:i:s'));
     $oUser->update();
     $this->ktwebdavLog('Session ID is: ' . $sessionID, 'info', true);
     $this->ktwebdavLog('UserID is: ' . $oUser->getId(), 'info', true);
     $this->_setUserID($oUser->getId());
     $_SESSION['userID'] = $this->_getUserID();
     $this->ktwebdavLog('SESSION UserID is: ' . $_SESSION['userID'], 'info', true);
     $this->ktwebdavLog("Authentication Success.", 'info', true);
     return true;
 }
Example #2
0
 function do_synchroniseGroup()
 {
     $old_search = KTUtil::arrayGet($_REQUEST, 'old_search');
     require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
     $oGroup =& $this->oValidator->validateGroup($_REQUEST['group_id']);
     $res = KTAuthenticationUtil::synchroniseGroupToSource($oGroup);
     $this->successRedirectTo('manageusers', 'Group synchronised', sprintf('group_id=%d', $oGroup->getId()), sprintf("old_search=%s&do_search=1", $old_search));
     exit(0);
 }
Example #3
0
 function do_autoSignup()
 {
     $oSource =& $this->oValidator->validateAuthenticationSource($_REQUEST['source_id']);
     $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForSource($oSource);
     $oDispatcher = $oProvider->getSignupDispatcher($oSource);
     $oDispatcher->subDispatch($this);
     exit(0);
 }
Example #4
0
function validateUser($username, $password)
{
    //return DBAuthenticator::checkPassword($username, $password);
    $oUser =& User::getByUsername($username);
    if (PEAR::isError($oUser) || is_a($oUser, 'KTEntityNoObjects')) {
        return false;
    }
    return KTAuthenticationUtil::checkPassword($oUser, $password);
}
Example #5
0
    }
}
if (empty($oSource)) {
    printf("No authentication source named %s found\n", $sSourceName);
    exit(1);
}
$oFieldset =& KTFieldset::getByNamespace($sFieldsetNamespace);
if (PEAR::isError($oFieldset)) {
    printf("No fieldset named %s found\n", $sFieldsetNamespace);
    exit(1);
}
$oField = DocumentField::getByFieldsetAndName($oFieldset, $sFieldName);
if (PEAR::isError($oField)) {
    printf("No field named %s found in fieldset %s\n", $sFieldName, $sFieldsetNamespace);
    exit(1);
}
$oAuthenticator =& KTAuthenticationUtil::getAuthenticatorForSource($oSource);
$oLdap =& $oAuthenticator->oLdap;
$aParams = array('scope' => 'sub', 'attributes' => array($sAttribute));
$aResults = $oLdap->search($sRootDn, $sSearch, $aParams);
$aValues = array();
foreach ($aResults->entries() as $oEntry) {
    // print $oEntry->dn() . "\n";
    $sValue = $oEntry->get_value($sAttribute, 'single');
    // print $sValue . "\n";
    if (!empty($sValue)) {
        $aValues[] = $sValue;
    }
}
$aValues = array_unique($aValues);
KTMetadataUtil::synchroniseMetadata($oField, $aValues);
Example #6
0
 function dispatch()
 {
     if (empty($this->session)) {
         $this->session = new Session();
         $this->sessionStatus = $this->session->verify();
         if ($this->sessionStatus !== true) {
             $this->loginRequired();
         }
         //var_dump($this->sessionStatus);
         $this->oUser =& User::get($_SESSION['userID']);
         $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForUser($this->oUser);
         $oProvider->verify($this->oUser);
     }
     if ($this->bAdminRequired !== false) {
         if (!Permission::userIsSystemAdministrator($_SESSION['userID'])) {
             $this->permissionDenied();
             exit(0);
         }
     }
     if ($this->check() !== true) {
         $this->permissionDenied();
         exit(0);
     }
     return parent::dispatch();
 }
Example #7
0
 /**
  * This returns a session object based on authentication credentials.
  *
  * @author KnowledgeTree Team
  * @access public
  * @static
  * @param KTAPI $ktapi Instance of the KTAPI object
  * @param string $username The users username
  * @param string $password The users password
  * @param string $ip Optional. The users IP address - if null, the method will attempt to resolve it
  * @param string $app Optional. The originating application type - Default is ws => webservices | webapp => The web application
  * @return KTAPI_Session|PEAR_Error Returns the KATPI_UserSession | a PEAR_Error on failure
  */
 function &start_session(&$ktapi, $username, $password, $ip = null, $app = 'ws')
 {
     $this->active = false;
     if (empty($username)) {
         return new PEAR_Error(_kt('The username is empty.'));
     }
     $user =& User::getByUsername($username);
     if (PEAR::isError($user) || $user === false) {
         return new KTAPI_Error(_kt("The user '{$username}' cound not be found."), $user);
     }
     if (empty($password)) {
         return new PEAR_Error(_kt('The password is empty.'));
     }
     $authenticated = KTAuthenticationUtil::checkPassword($user, $password);
     if (PEAR::isError($authenticated) || $authenticated === false) {
         return new KTAPI_Error(_kt("The password is invalid."), $authenticated);
     }
     if (is_null($ip)) {
         //$ip = '127.0.0.1';
         $ip = KTAPI_UserSession::resolveIP();
     }
     $result = KTAPI_UserSession::_check_session($user, $ip, $app);
     if (PEAR::isError($result)) {
         return $result;
     }
     list($session, $sessionid) = $result;
     $session =& new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip);
     return $session;
 }
Example #8
0
<?php

require_once '../../../../config/dmsDefaults.php';
require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
require_once KT_LIB_DIR . '/authentication/authenticationsource.inc.php';
require_once 'Net/LDAP.php';
$oKTConfig =& KTConfig::getSingleton();
$oAuthenticator = KTAuthenticationUtil::getAuthenticatorForSource(2);
$config = array('dn' => $oAuthenticator->sSearchUser, 'password' => $oAuthenticator->sSearchPassword, 'host' => $oAuthenticator->sLdapServer, 'base' => $oAuthenticator->sBaseDN);
$oLdap =& Net_LDAP::connect($config);
if (PEAR::isError($oLdap)) {
    var_dump($oLdap);
    exit(0);
}
$aParams = array('scope' => 'sub', 'attributes' => array('cn', 'dn', 'displayClass'));
$rootDn = $oAuthenticator->sBaseDN;
if (is_array($rootDn)) {
    $rootDn = join(",", $rootDn);
}
$oResults = $oLdap->search($rootDn, '(objectClass=group)', $aParams);
foreach ($oResults->entries() as $oEntry) {
    var_dump($oEntry->dn());
}
Example #9
0
 function autoSignup($sUsername, $sPassword, $aExtra)
 {
     $aSources = KTAuthenticationSource::getSources();
     foreach ($aSources as $oSource) {
         $oProvider = KTAuthenticationUtil::getAuthenticationProviderForSource($oSource);
         $res = $oProvider->autoSignup($sUsername, $sPassword, $aExtra, $oSource);
         if ($res) {
             return $res;
         }
     }
     return false;
 }
Example #10
0
<?php

require_once "../../config/dmsDefaults.php";
require_once KT_LIB_DIR . '/groups/Group.inc';
require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
$oGroup = Group::get(5);
$foo = KTAuthenticationUtil::synchroniseGroupToSource($oGroup);
var_dump($foo);
Example #11
0
 function handleUserDoesNotExist($username, $password, $aExtra = null)
 {
     if (empty($aExtra)) {
         $aExtra = array();
     }
     // Check if the user has been deleted before allowing auto-signup
     $delUser = User::checkDeletedUser($username);
     if ($delUser) {
         return;
     }
     $oKTConfig = KTConfig::getSingleton();
     $allow = $oKTConfig->get('session/allowAutoSignup', true);
     if ($allow) {
         $res = KTAuthenticationUtil::autoSignup($username, $password, $aExtra);
         if (empty($res)) {
             return $res;
         }
         if (is_a($res, 'User')) {
             $this->performLogin($res);
         }
         if (is_a($res, 'KTAuthenticationSource')) {
             $_SESSION['autosignup'] = $aExtra;
             $this->redirectTo('autoSignup', array('source_id' => $res->getId(), 'username' => $username));
             exit(0);
         }
     }
 }
Example #12
0
<?php

require_once "../../config/dmsDefaults.php";
require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
$oUser =& User::getByUserName('nbm2');
if (0) {
    $foo = KTAuthenticationUtil::checkPassword($oUser, 'asdf');
    var_dump($foo);
} else {
    $foo = KTAuthenticationUtil::checkPassword($oUser, 'asdjasdjk');
    var_dump($foo);
}