function login($login, $pass)
{
$result = local_login($login, $pass);
// Other logon modules
if ($result != "" && $conf_zamger) {
require_once "zamger/login.php";
return zamger_login($login, $pass);
}
}
function login($login, $pass)
{
global $conf_zamger, $conf_json_base_url, $conf_json_max_retries;
$result = local_login($login, $pass);
// Other logon modules
if ($result != "" && $conf_zamger) {
require_once "zamger/config.php";
require_once "zamger/login.php";
return zamger_login($login, $pass);
}
}
if (!$ad->bind($p->uname, $p->secret)) {
// create a syslog entry
syslog(LOG_NOTICE, sprintf("AD bind failed. user: %s remote_addr: %s method: %s token: %s", $p->uname, $w->remote_addr, $auth_method, $o->token));
// AD bind failis. Nüüd proovime lokaalse kasutajaga.
require INC_DIR . '/local.php';
if ($w->allow_local) {
if (!isset($d)) {
$d = new DATABASE();
// lokaalsed kasutajad paiknevad DB's. Siiani pole DB'd vaja läinud.
$d->debug = $w->debug;
if (!$d->connect(DB_HOST, DB_USER, DB_PASS, DATABASE)) {
$t->errors[ERROR][] = 'C001.1 ' . $l->txt_err_open_database;
}
}
// print_r($d);
if (local_login($d, $p->uname, $p->secret, $u)) {
$auth_method = 'local';
$authok = true;
} else {
// create a syslog entry
syslog(LOG_NOTICE, sprintf("User not found. user: %s remote_addr: %s method: %s token: %s", $p->uname, $w->remote_addr, $auth_method, $o->token));
$t->errors[ERROR][] = 'L003 ' . $l->txt_err_authentication;
}
} else {
$t->errors[ERROR][] = 'L003.9 ' . $l->txt_err_authentication;
}
} else {
// AD auth oli edukas
$auth_method = 'uni-id';
$authok = true;
$u = new stdClass();
there will be no point in trying to log in, as the cookie won't be
available to the target server (e.g. if users try to access a server
by its IP address instead of by its proper host name), thus
avoiding confusion. */
$urlp = parse_url($_GET['back']);
$reshost = $urlp['host'];
$server_allowed = preg_match("/{$domain}\$/", $reshost);
} else {
$server_allowed = true;
}
if ($_POST) {
$username = strtolower($_POST['username']);
/* always lower-case usernames for easier matching */
$password = $_POST['password'];
/* try to authenticate */
$res = local_login($username, $password);
if ($res['success']) {
log_login($_SERVER['REMOTE_ADDR'], $username, true);
$tkt_validuntil = time() + $res['timeout'];
/* generate the ticket now and set a domain cookie */
$tkt = pubtkt_generate($privkeyfile, $keytype, $username, $_SERVER['REMOTE_ADDR'], $tkt_validuntil, $res['graceperiod'], join(",", $res['tokens']), "");
setcookie("auth_pubtkt", $tkt, 0, "/", $domain, $secure_cookie);
setcookie("sso_lastuser", $username, time() + 30 * 24 * 60 * 60);
if ($_GET['back']) {
header("Location: " . $_GET['back']);
exit;
}
} else {
log_login($_SERVER['REMOTE_ADDR'], $username, false);
$loginerr = "Authentication failed. Please try again.";
}
