/** * set session cookie params for path, domain, etc. */ protected static function setCookieParams() { global $ilSetting; include_once 'Services/Authentication/classes/class.ilAuthFactory.php'; if (ilAuthFactory::getContext() == ilAuthFactory::CONTEXT_HTTP) { $cookie_path = '/'; } elseif ($GLOBALS['COOKIE_PATH']) { // use a predefined cookie path from WebAccessChecker $cookie_path = $GLOBALS['COOKIE_PATH']; } else { $cookie_path = dirname($_SERVER['PHP_SELF']); } /* if ilias is called directly within the docroot $cookie_path is set to '/' expecting on servers running under windows.. here it is set to '\'. in both cases a further '/' won't be appended due to the following regex */ $cookie_path .= !preg_match("/[\\/|\\\\]\$/", $cookie_path) ? "/" : ""; if ($cookie_path == "\\") { $cookie_path = '/'; } include_once './Services/Http/classes/class.ilHTTPS.php'; $cookie_secure = !$ilSetting->get('https', 0) && ilHTTPS::getInstance()->isDetected(); define('IL_COOKIE_EXPIRE', 0); define('IL_COOKIE_PATH', $cookie_path); define('IL_COOKIE_DOMAIN', ''); define('IL_COOKIE_SECURE', $cookie_secure); // Default Value // session_set_cookie_params() supports 5th parameter // only for php version 5.2.0 and above if (version_compare(PHP_VERSION, '5.2.0', '>=')) { // PHP version >= 5.2.0 define('IL_COOKIE_HTTPONLY', true); // Default Value session_set_cookie_params(IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, IL_COOKIE_SECURE, IL_COOKIE_HTTPONLY); } else { // PHP version < 5.2.0 session_set_cookie_params(IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, IL_COOKIE_SECURE); } }
<?php chdir('..'); define('IL_CERT_SSO', true); define('IL_COOKIE_PATH', $_REQUEST['cookie_path']); if ($_REQUEST['ilias_path']) { define('ILIAS_HTTP_PATH', $_REQUEST['ilias_path']); } include_once './Services/Authentication/classes/class.ilAuthUtils.php'; $_POST['auth_mode'] = AUTH_APACHE; ilAuthFactory::setContext(ilAuthFactory::CONTEXT_APACHE); require_once "include/inc.header.php"; $redirect = $_GET['r']; $validDomains = array(); $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt'; if (file_exists($path) && is_readable($path)) { foreach (file($path) as $line) { if (trim($line)) { $validDomains[] = trim($line); } } } $P = parse_url($redirect); $redirectDomain = $P["host"]; $validRedirect = false; foreach ($validDomains as $validDomain) { if ($redirectDomain === $validDomain) { $validRedirect = true; break; } if (strlen($redirectDomain) > strlen($validDomain) + 1) {
<?php chdir(dirname(__FILE__)); chdir('..'); include_once "Services/Context/classes/class.ilContext.php"; ilContext::init(ilContext::CONTEXT_CRON); include_once 'Services/Authentication/classes/class.ilAuthFactory.php'; ilAuthFactory::setContext(ilAuthFactory::CONTEXT_CRON); $_COOKIE["ilClientId"] = $_SERVER['argv'][3]; $_POST['username'] = $_SERVER['argv'][1]; $_POST['password'] = $_SERVER['argv'][2]; if ($_SERVER['argc'] < 4) { die("Usage: cron.php username password client\n"); } include_once './include/inc.header.php'; // Start checks here include_once './cron/classes/class.ilCronCheck.php'; $cron_check = new ilCronCheck(); $cron_check->start();
/** * migrate account * * @access public * */ public function migrateAccount() { global $lng, $ilClientIniFile, $ilLog, $rbacadmin; $lng->loadLanguageModule('auth'); if (!isset($_POST['account_migration'])) { $this->showAccountMigration($lng->txt('err_choose_migration_type')); return false; } if ($_POST['account_migration'] == 1 and (!strlen($_POST['mig_username']) or !strlen($_POST['mig_password']))) { $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } if ($_POST['account_migration'] == 1) { if (!($user_id = ilObjUser::_lookupId(ilUtil::stripSlashes($_POST['mig_username'])))) { $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } $_POST['username'] = $_POST['mig_username']; $_POST['password'] = $_POST['mig_password']; include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/Database/classes/class.ilAuthContainerMDB2.php'; $ilAuth = ilAuthFactory::factory(new ilAuthContainerMDB2()); $ilAuth->start(); if (!$ilAuth->checkAuth()) { $ilAuth->logout(); $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } $user = new ilObjUser($user_id); $user->setAuthMode(ilSession::get('tmp_auth_mode')); $user->setExternalAccount(ilSession::get('tmp_external_account')); $user->setActive(true); $user->update(); // Assign to default role if (is_array(ilSession::get('tmp_roles'))) { foreach (ilSession::get('tmp_roles') as $role) { $rbacadmin->assignUser((int) $role, $user->getId()); } } // Log migration $ilLog->write(__METHOD__ . ': Migrated ' . ilSession::get('tmp_external_account') . ' to ILIAS account ' . $user->getLogin() . '.'); } elseif ($_POST['account_migration'] == 2) { switch (ilSession::get('tmp_auth_mode')) { case 'apache': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once 'Services/AuthApache/classes/class.ilAuthContainerApache.php'; $container = new ilAuthContainerApache(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'ldap': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once 'Services/LDAP/classes/class.ilAuthContainerLDAP.php'; $container = new ilAuthContainerLDAP(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'radius': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/Radius/classes/class.ilAuthContainerRadius.php'; $container = new ilAuthContainerRadius(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'openid': $_POST['username'] = ilSession::get('dummy'); $_POST['password'] = ilSession::get('dummy'); $_POST['oid_username'] = ilSession::get('tmp_oid_username'); $_POST['oid_provider'] = ilSession::get('tmp_oid_provider'); //ilSession::set('force_creation', true); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/OpenId/classes/class.ilAuthContainerOpenId.php'; $container = new ilAuthContainerOpenId(); $container->forceCreation(true); ilAuthFactory::setContext(ilAuthFactory::CONTEXT_OPENID); include_once './Services/OpenId/classes/class.ilAuthOpenId.php'; $ilAuth = ilAuthFactory::factory($container); // logout first to initiate a new login session $ilAuth->logout(); ilSession::_destroy(session_id()); ilSession::set('force_creation', true); $ilAuth->start(); } // Redirect to acceptance ilUtil::redirect("ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&target=" . $_GET["target"] . "&cmd=getAcceptance"); } // show personal desktop ilUtil::redirect('ilias.php?baseClass=ilPersonalDesktopGUI'); }
/** * set context * @param int $a_context * @return */ public static function setContext($a_context) { self::$context = $a_context; }
/** * shortcut for print_r * * @author Björn Heyser <*****@*****.**> * @access public * @param mixed any number of parameters * @param string name of variable (optional) */ function pr($var, $name = '') { if ($name != '') { $name .= ' = '; } $print = $name . print_r($var, true); if (ilAuthFactory::getContext() == ilAuthFactory::CONTEXT_CRON) { $hr = "\n---------------------------------------------------------------\n"; echo $hr . $print . $hr; } else { echo '<pre>' . $print . '</pre>'; } // BH: php 5.3 seems to not flushing the output consequently so following redirects are still performed // and the output of vd() would be lost in nirvana if we not flush the output manualy flush(); ob_flush(); }
/** * Called after successful login * @return * @param array $a_username * @param object $a_auth */ protected function loginObserver($a_username, $a_auth) { global $ilLog, $ilAppEventHandler, $ilSetting; if ($this->getContainer()->loginObserver($a_username, $a_auth)) { // validate user include_once "Services/User/classes/class.ilObjUser.php"; $user_id = ilObjUser::_loginExists($a_auth->getUsername()); if ($user_id != ANONYMOUS_USER_ID) { $user = new ilObjUser($user_id); // check if profile is complete include_once "Services/User/classes/class.ilUserProfile.php"; if (ilUserProfile::isProfileIncomplete($user) and ilAuthFactory::getContext() != ilAuthFactory::CONTEXT_ECS) { $user->setProfileIncomplete(true); $user->update(); } // --- extended user validation // // we only have a single status, so abort after each one // order from highest priority to lowest // active? if (!$user->getActive()) { $this->status = AUTH_USER_INACTIVE; $a_auth->logout(); return; } // time limit if (!$user->checkTimeLimit()) { $this->status = AUTH_USER_TIME_LIMIT_EXCEEDED; // #16327 $this->exceeded_user_name = $this->getUserName(); $a_auth->logout(); return; } // check client ip $clientip = $user->getClientIP(); if (trim($clientip) != "") { $clientip = preg_replace("/[^0-9.?*,:]+/", "", $clientip); $clientip = str_replace(".", "\\.", $clientip); $clientip = str_replace(array("?", "*", ","), array("[0-9]", "[0-9]*", "|"), $clientip); if (!preg_match("/^" . $clientip . "\$/", $_SERVER["REMOTE_ADDR"])) { $this->status = AUTH_USER_WRONG_IP; $a_auth->logout(); return; } } // simultaneous login if ($ilSetting->get('ps_prevent_simultaneous_logins') && ilObjUser::hasActiveSession($user_id)) { $this->status = AUTH_USER_SIMULTANEOUS_LOGIN; $a_auth->logout(); return; } include_once 'Services/Tracking/classes/class.ilOnlineTracking.php'; ilOnlineTracking::addUser($user_id); include_once 'Modules/Forum/classes/class.ilObjForum.php'; ilObjForum::_updateOldAccess($user_id); require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php'; $security_settings = ilSecuritySettings::_getInstance(); // determine first login of user for setting an indicator // which still is available in PersonalDesktop, Repository, ... // (last login date is set to current date in next step) if ($security_settings->isPasswordChangeOnFirstLoginEnabled() && $user->getLastLogin() == null) { $user->resetLastPasswordChange(); } $user->refreshLogin(); // reset counter for failed logins ilObjUser::_resetLoginAttempts($user_id); } // --- anonymous/registered user $ilLog->write(__METHOD__ . ': logged in as ' . $a_auth->getUsername() . ', remote:' . $_SERVER['REMOTE_ADDR'] . ':' . $_SERVER['REMOTE_PORT'] . ', server:' . $_SERVER['SERVER_ADDR'] . ':' . $_SERVER['SERVER_PORT']); ilSessionControl::handleLoginEvent($a_auth->getUsername(), $a_auth); $ilAppEventHandler->raise('Services/Authentication', 'afterLogin', array('username' => $a_auth->getUsername())); } }
protected function initIlias() { include_once "Services/Context/classes/class.ilContext.php"; ilContext::init(ilContext::CONTEXT_ICAL); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; ilAuthFactory::setContext(ilAuthFactory::CONTEXT_CALENDAR_TOKEN); $_POST['username'] = '******'; $_POST['password'] = '******'; require_once "Services/Init/classes/class.ilInitialisation.php"; ilInitialisation::initILIAS(); $GLOBALS['lng']->loadLanguageModule('dateplaner'); }
function __initAuthenticationObject($a_auth_mode = AUTH_LOCAL) { include_once './Services/Authentication/classes/class.ilAuthFactory.php'; ilAuthFactory::setContext(ilAuthFactory::CONTEXT_SOAP); }
function _getAuthModeOfUser($a_username, $a_password, $a_db_handler = '') { global $ilDB; if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) { ilAuthFactory::setContext(ilAuthFactory::CONTEXT_ECS); return AUTH_ECS; } if (isset($_POST['auth_mode'])) { return (int) $_POST['auth_mode']; } if (isset($_POST['oid_username']) or $_GET['oid_check_status']) { $GLOBALS['ilLog']->write(__METHOD__ . ' set context to open id'); ilAuthFactory::setContext(ilAuthFactory::CONTEXT_OPENID); return AUTH_OPENID; } include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php'; $det = ilAuthModeDetermination::_getInstance(); if (!$det->isManualSelection() and $det->getCountActiveAuthModes() > 1) { return AUTH_MULTIPLE; } $db =& $ilDB; if ($a_db_handler != '') { $db =& $a_db_handler; } // Is it really necessary to check the auth mode with password ? // Changed: smeyer $q = "SELECT auth_mode FROM usr_data WHERE " . "login = "******"passwd = ".$ilDB->quote(md5($a_password)).""; $r = $db->query($q); $row = $r->fetchRow(DB_FETCHMODE_OBJECT); //echo "+".$row->auth_mode."+"; $auth_mode = self::_getAuthMode($row->auth_mode, $db); return in_array($auth_mode, self::_getActiveAuthModes()) ? $auth_mode : AUTH_INACTIVE; }
<?php /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */ chdir('../../..'); include_once 'Services/Authentication/classes/class.ilAuthFactory.php'; ilAuthFactory::setContext(ilAuthFactory::CONTEXT_SOAP); include_once 'Services/Init/classes/class.ilInitialisation.php'; $ilInit = new ilInitialisation(); $GLOBALS['ilInit'] = $ilInit; $ilInit->initILIAS('webdav'); include_once './Services/WebServices/Rest/classes/class.ilRestServer.php'; $server = new ilRestServer(); $server->config('debug', true); $server->init(); $server->run();
*/ // Initialize // ----------------------------------------------------- // Retrieve the client id from PATH_INFO // Component 1 contains the ILIAS client_id. $path_info_components = explode('/', $_SERVER['PATH_INFO']); $client_id = $path_info_components[1]; // For all requests, except for GET-Requests for files, we enforce HTTP // authentication for the WebDAV protocol. #if ($_SERVER['REQUEST_METHOD'] != 'GET' || # count($path_info_components) < 3 || # substr($path_info_components[2],0,5) != 'file_') { # define ('WebDAV_Authentication', 'HTTP'); #} define('WebDAV_Authentication', 'HTTP'); // Set context for authentication include_once 'Services/Authentication/classes/class.ilAuthFactory.php'; ilAuthFactory::setContext(ilAuthFactory::CONTEXT_HTTP); // Launch ILIAS using the client id we have determined // ----------------------------------------------------- $_COOKIE["ilClientId"] = $client_id; include_once "Services/Context/classes/class.ilContext.php"; ilContext::init(ilContext::CONTEXT_WEBDAV); require_once "Services/Init/classes/class.ilInitialisation.php"; ilInitialisation::initILIAS(); // Launch the WebDAV Server // ----------------------------------------------------- include_once "Services/WebDAV/classes/class.ilDAVServer.php"; $server = new ilDAVServer(); $server->ServeRequest(); // END WebDAV