/**
* Disconnect the user by destroying its session.
*/
public function logout ($nobody = '')
{
global $obm, $sess;
//
// First of all, we have to check if headers are set.
//
$user = $this->_engine->getUserLogin();
$domain = $this->_engine->getUserDomain();
//
// If headers are not found, use normal logout process.
// The method logout() corresponding to class defined by the constant
// DEFAULT_LEMONLDAP_SECONDARY_AUTHCLASS will be automatically called.
//
if (strlen($user) == 0)
{
$this->_logger->debug('Proceed to non-SSO logout');
$d_auth_class_name = DEFAULT_LEMONLDAP_SECONDARY_AUTHCLASS;
$d_auth_object = new $d_auth_class_name ();
if (method_exists($d_auth_object, 'logout'))
{
return $d_auth_object->logout();
}
return;
}
//
// The logout process consist in disconnecting the user from OBM, and
// then redirecting it to the Lemonldap logout URL.
//
$login = $_SESSION['obm']['uid'];
$sess->delete();
$_SESSION['obm'] = '';
$_SESSION['auth'] = '';
unset($this->auth['uname']);
$this->unauth($nobody == '' ? $this->nobody : $nobody);
$sess->delete();
$this->_logger->info('disconnect ' . $user);
header('location: ' . $this->_logout_url);
exit();
}
/**
* Manage user informations synchronization.
* This function will call syncUserAccount, syncUserGroups and
* syncExternalData if necessary.
* @param $user_id The user unique identifier.
* @param $domain_id The domain identifier.
* @param $username The user name (optional).
* @param $domain The domain name (optional).
* @param $groups Groups information (optional).
* @return The user identifier or false.
*/
public function syncUser ($user_id, $domain_id, $username = null, $domain = null, $groups = null)
{
if (!$this->isEnabled())
{
$this->_logger->debug("synchronization is disabled");
return false;
}
if (is_null($username))
{
$username = $this->_engine->getUserLogin();
}
if (is_null($domain))
{
$domain = $this->_engine->getUserDomain();
}
if (is_null($groups) || $groups === false || !is_array($groups))
{
$groups = $this->_engine->parseGroupsHeader($this->groupsHeaderName);
$groups = $groups !== false ? $groups : Array();
}
//
// OBM do not considere automatic updates of users and groups.
// A file is included once here to force the use of redefined
// functions.
//
require_once dirname(__FILE__) . '/functions.inc';
$this->_logger->info("proceed to synchronization for $username@$domain");
//
// Synchronize user information.
//
$user_id_sync = $this->syncUserAccount($user_id, $domain_id, $username);
if ($user_id_sync !== false)
{
$this->_logger->info("synchronize user account: SUCCEED");
}
else
{
$this->_logger->error("synchronize user account: FAILED");
return false;
}
//
// Synchronize group information.
//
if ($this->syncUserGroups($user_id_sync, $domain_id, $groups) !== false)
{
$this->_logger->info("synchronize user groups: SUCCEED");
}
else
{
$this->_logger->error("synchronize user groups: FAILED");
}
//
// Even if groups synchronization does not work, it could have
// some synchronization to be done. To see if external synchronization
// are correctly performed, see system log.
//
if ($this->_engine->isDataUpdated())
{
$this->_logger->info("proceed to external updates");
$this->syncExternalData($user_id_sync, $domain_id, $username);
}
return $user_id_sync;
}