/**
* Retieves user credentials from the current request and tries to
* authenticate the user with Erfurt.
*
* @param Zend_Controller_Request_Abstract $request The current request object
*/
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
if ($credentials = $this->_getAuthHeaderCredentials($request)) {
switch ($credentials['type']) {
case 'basic':
$erfurt = OntoWiki::getInstance()->erfurt;
$logger = OntoWiki::getInstance()->logger;
// authenticate
$authResult = $erfurt->authenticate($credentials['username'], $credentials['password']);
if ($authResult->isValid()) {
$logger = OntoWiki::getInstance()->logger;
$logger->info("User '{$credentials['username']}' authenticated via HTTP.");
} else {
// if authentication attempt fails, send appropriate headers
$front = Zend_Controller_Front::getInstance();
$response = $front->getResponse();
$response->setRawHeader('HTTP/1.1 401 Unauthorized');
echo 'HTTP/1.1 401 Unauthorized';
return;
}
break;
case 'foaf+ssl':
$adapter = new Erfurt_Auth_Adapter_FoafSsl();
$authResult = $adapter->authenticateWithCredentials($credentials['creds']);
Erfurt_App::getInstance()->getAuth()->setIdentity($authResult);
if ($authResult->isValid()) {
$logger = OntoWiki::getInstance()->logger;
$logger->info('User authenticated with FOAF+SSL via HTTPS.');
}
break;
}
}
}
