Example #1
0
  /**
   * Disconnect the user by destroying its session.
   */
  public function logout ($nobody = '')
  {
    global $obm, $sess;
    //
    // First of all, we have to check if headers are set.
    //
    $user   = $this->_engine->getUserLogin();
    $domain = $this->_engine->getUserDomain();
    //
    // If headers are not found, use normal logout process.
    // The method logout() corresponding to class defined by the constant
    // DEFAULT_LEMONLDAP_SECONDARY_AUTHCLASS will be automatically called.
    //
    if (strlen($user) == 0)
    {
      $this->_logger->debug('Proceed to non-SSO logout');
      $d_auth_class_name = DEFAULT_LEMONLDAP_SECONDARY_AUTHCLASS;
      $d_auth_object = new $d_auth_class_name ();
      if (method_exists($d_auth_object, 'logout'))
      {
	return $d_auth_object->logout();
      }
      return;
    }
    //
    // The logout process consist in disconnecting the user from OBM, and
    // then redirecting it to the Lemonldap logout URL.
    //
    $login = $_SESSION['obm']['uid'];
    $sess->delete();
    $_SESSION['obm'] = '';
    $_SESSION['auth'] = '';
    unset($this->auth['uname']);
    $this->unauth($nobody == '' ? $this->nobody : $nobody);
    $sess->delete();
    $this->_logger->info('disconnect ' . $user);
    header('location: ' . $this->_logout_url);
    exit();
  }
Example #2
0
 /**
  * Manage user informations synchronization.
  * This function will call syncUserAccount, syncUserGroups and
  * syncExternalData if necessary.
  * @param $user_id The user unique identifier.
  * @param $domain_id The domain identifier.
  * @param $username The user name (optional).
  * @param $domain The domain name (optional).
  * @param $groups Groups information (optional).
  * @return The user identifier or false.
  */
 public function syncUser ($user_id, $domain_id, $username = null, $domain = null, $groups = null)
 {
   if (!$this->isEnabled())
   {
     $this->_logger->debug("synchronization is disabled");
     return false;
   }
   if (is_null($username))
   {
     $username = $this->_engine->getUserLogin();
   }
   if (is_null($domain))
   {
     $domain = $this->_engine->getUserDomain();
   }
   if (is_null($groups) || $groups === false || !is_array($groups))
   {
     $groups = $this->_engine->parseGroupsHeader($this->groupsHeaderName);
     $groups = $groups !== false ? $groups : Array();
   }
   //
   // OBM do not considere automatic updates of users and groups.
   // A file is included once here to force the use of redefined
   // functions.
   //
   require_once dirname(__FILE__) . '/functions.inc';
   $this->_logger->info("proceed to synchronization for $username@$domain");
   //
   // Synchronize user information.
   //
   $user_id_sync = $this->syncUserAccount($user_id, $domain_id, $username);
   if ($user_id_sync !== false)
   {
     $this->_logger->info("synchronize user account: SUCCEED");
   }
   else
   {
     $this->_logger->error("synchronize user account: FAILED");
     return false;
   }
   //
   // Synchronize group information.
   //
   if ($this->syncUserGroups($user_id_sync, $domain_id, $groups) !== false)
   {
     $this->_logger->info("synchronize user groups: SUCCEED");
   }
   else
   {
     $this->_logger->error("synchronize user groups: FAILED");
   }
   //
   // Even if groups synchronization does not work, it could have
   // some synchronization to be done. To see if external synchronization
   // are correctly performed, see system log.
   //
   if ($this->_engine->isDataUpdated())
   {
     $this->_logger->info("proceed to external updates");
     $this->syncExternalData($user_id_sync, $domain_id, $username);
   }
   return $user_id_sync;
 }