function fetchData($a_username, $password, $isChallengeResponse = false) { //var_dump(func_get_args()); //var_dump($_SERVER); global $lng; $settings = new ilSetting('apache_auth'); if (!$settings->get('apache_enable_auth')) { return false; } if (!$settings->get('apache_auth_indicator_name') || !$settings->get('apache_auth_indicator_value')) { return false; } if (!ilUtil::isLogin($a_username)) { return false; } if ($a_username == 'anonymous' && $password == 'anonymous') { global $ilDB; $query = 'SELECT * FROM usr_data WHERE login = %s'; $qres = $ilDB->queryF($query, array('text'), array($a_username)); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } //var_dump($userRow); $this->_auth_obj->setAuth($userRow['login']); return true; } return false; } if (!$_SESSION['login_invalid'] && $_SERVER[$settings->get('apache_auth_indicator_name')] == $settings->get('apache_auth_indicator_value')) { // we have a valid apache auth global $ilDB; if ($settings->get('apache_enable_local')) { $query = 'SELECT * FROM usr_data WHERE login = %s OR (auth_mode = %s AND ext_account = %s)'; $qres = $ilDB->queryF($query, array('text', 'text', 'text'), array($a_username, 'apache', $a_username)); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } //var_dump($userRow); $this->_auth_obj->setAuth($userRow['login']); return true; } } // if no local user has been found AND ldap lookup is enabled if ($settings->get('apache_enable_ldap')) { include_once 'Services/LDAP/classes/class.ilLDAPServer.php'; $this->server = new ilLDAPServer(ilLDAPServer::_getFirstActiveServer()); $this->server->doConnectionCheck(); $config = $this->server->toPearAuthArray(); $query = new ilLDAPQuery($this->server); $ldapUser = $query->fetchUser($a_username); if ($ldapUser && $ldapUser[$a_username] && $ldapUser[$a_username][$config['userattr']] == $a_username) { $ldapUser[$a_username]['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username); $user_data = $ldapUser[$a_username]; //array_change_key_case($a_auth->getAuthData(),CASE_LOWER); if ($this->server->enabledSyncOnLogin()) { if (!$user_data['ilInternalAccount'] && $this->server->isAccountMigrationEnabled() && !self::$force_creation) { $this->_auth_obj->logout(); $_SESSION['tmp_auth_mode'] = 'apache'; $_SESSION['tmp_external_account'] = $a_username; $_SESSION['tmp_pass'] = $_POST['password']; include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php'; $roles = ilLDAPRoleAssignmentRules::getAssignmentsForCreation($a_username, $user_data); $_SESSION['tmp_roles'] = array(); foreach ($roles as $info) { if ($info['action'] == ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN) { $_SESSION['tmp_roles'][] = $info['id']; } } ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); exit; } if ($this->updateRequired($a_username)) { $this->initLDAPAttributeToUser(); $this->ldap_attr_to_user->setUserData($ldapUser); $this->ldap_attr_to_user->refresh(); $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username); } else { // User exists and no update required $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username); } } if ($user_data['ilInternalAccount']) { $this->_auth_obj->setAuth($user_data['ilInternalAccount']); return true; } } } if ($settings->get('apache_enable_local') && $settings->get('apache_local_autocreate')) { // no local user, no ldap match or ldap not activated // if (!self::$force_creation) // { // $_SESSION['tmp_auth_mode'] = 'apache'; // $_SESSION['tmp_external_account'] = $a_username; // $_SESSION['tmp_pass'] = $_POST['password']; //ilUtil::redirect('https://lernwelt.janposselt.de/ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); // } // else // { global $ilIliasIniFile; if ($_GET['r']) { $_SESSION['profile_complete_redirect'] = $_GET['r']; } $user = new ilObjUser(); $user->setLogin($a_username); $user->setExternalAccount($a_username); $user->setProfileIncomplete(true); $user->create(); $user->setAuthMode('apache'); // set a timestamp for last_password_change // this ts is needed by ilSecuritySettings $user->setLastPasswordChangeTS(time()); $user->setTimeLimitUnlimited(1); $user->setActive(1); //insert user data in table user_data $user->saveAsNew(); $user->writePrefs(); global $rbacadmin; $rbacadmin->assignUser($settings->get('apache_default_role', 4), $user->getId(), true); return true; // } } } else { if (defined('IL_CERT_SSO') && IL_CERT_SSO) { define('APACHE_ERRORCODE', AUTH_APACHE_FAILED); } } return false; }
/** * handler for end of element when in verify mode. */ function verifyEndTag($a_xml_parser, $a_name) { global $lng, $ilAccess, $ilSetting, $ilObjDataCache; switch ($a_name) { case "Role": $this->roles[$this->current_role_id]["name"] = $this->cdata; $this->roles[$this->current_role_id]["type"] = $this->current_role_type; $this->roles[$this->current_role_id]["action"] = $this->current_role_action; break; case "User": $this->userObj->setFullname(); if ($this->user_id != -1 && $this->action == "Update") { $user_exists = !is_null(ilObjUser::_lookupLogin($this->user_id)); } else { $user_exists = ilObjUser::getUserIdByLogin($this->userObj->getLogin()) != 0; } if (is_null($this->userObj->getLogin())) { $this->logFailure("---", sprintf($lng->txt("usrimport_xml_element_for_action_required"), "Login", "Insert")); } switch ($this->action) { case "Insert": if ($user_exists and $this->conflict_rule == IL_FAIL_ON_CONFLICT) { $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_cant_insert")); } if (is_null($this->userObj->getGender()) && $this->isFieldRequired("gender")) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_for_action_required"), "Gender", "Insert")); } if (is_null($this->userObj->getFirstname())) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_for_action_required"), "Firstname", "Insert")); } if (is_null($this->userObj->getLastname())) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_for_action_required"), "Lastname", "Insert")); } if (count($this->roles) == 0) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_for_action_required"), "Role", "Insert")); } else { $has_global_role = false; foreach ($this->roles as $role) { if ($role['type'] == 'Global') { $has_global_role = true; break; } } if (!$has_global_role) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_global_role_for_action_required"), "Insert")); } } break; case "Update": if (!$user_exists) { $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_cant_update")); } elseif ($this->user_id != -1 && !is_null($this->userObj->getLogin())) { $someonesId = ilObjUser::_lookupId($this->userObj->getLogin()); if (is_numeric($someonesId) && $someonesId != $this->user_id) { $this->logFailure($this->userObj->getLogin(), $lng->txt("usrimport_login_is_not_unique")); } } break; case "Delete": if (!$user_exists) { $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_cant_delete")); } break; } // init role array for next user $this->roles = array(); break; case "Login": if (array_key_exists($this->cdata, $this->logins)) { $this->logWarning($this->cdata, $lng->txt("usrimport_login_is_not_unique")); } else { $this->logins[$this->cdata] = $this->cdata; } $this->userObj->setLogin($this->cdata); break; case "Password": switch ($this->currPasswordType) { case "ILIAS2": $this->userObj->setPasswd($this->cdata, IL_PASSWD_CRYPT); break; case "ILIAS3": $this->userObj->setPasswd($this->cdata, IL_PASSWD_MD5); break; case "PLAIN": $this->userObj->setPasswd($this->cdata, IL_PASSWD_PLAIN); $this->acc_mail->setUserPassword($this->currPassword); break; default: $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_attribute_value_illegal"), "Type", "Password", $this->currPasswordType)); break; } break; case "Firstname": $this->userObj->setFirstname($this->cdata); break; case "Lastname": $this->userObj->setLastname($this->cdata); break; case "Title": $this->userObj->setUTitle($this->cdata); break; case "Gender": if ($this->cdata != "m" && $this->cdata != "f") { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "Gender", $this->cdata)); } $this->userObj->setGender($this->cdata); break; case "Email": $this->userObj->setEmail($this->cdata); break; case "Institution": $this->userObj->setInstitution($this->cdata); break; case "Street": $this->userObj->setStreet($this->cdata); break; case "City": $this->userObj->setCity($this->cdata); break; case "PostalCode": $this->userObj->setZipCode($this->cdata); break; case "Country": $this->userObj->setCountry($this->cdata); break; case "PhoneOffice": $this->userObj->setPhoneOffice($this->cdata); break; case "PhoneHome": $this->userObj->setPhoneHome($this->cdata); break; case "PhoneMobile": $this->userObj->setPhoneMobile($this->cdata); break; case "Fax": $this->userObj->setFax($this->cdata); break; case "Hobby": $this->userObj->setHobby($this->cdata); break; case "Comment": $this->userObj->setComment($this->cdata); break; case "Department": $this->userObj->setDepartment($this->cdata); break; case "Matriculation": $this->userObj->setMatriculation($this->cdata); break; case "ExternalAccount": //echo "-".$this->userObj->getAuthMode()."-".$this->userObj->getLogin()."-"; $am = $this->userObj->getAuthMode() == "default" || $this->userObj->getAuthMode() == "" ? ilAuthUtils::_getAuthModeName($ilSetting->get('auth_mode')) : $this->userObj->getAuthMode(); $loginForExternalAccount = trim($this->cdata) == "" ? "" : ilObjUser::_checkExternalAuthAccount($am, trim($this->cdata)); switch ($this->action) { case "Insert": if ($loginForExternalAccount != "") { $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_no_insert_ext_account_exists") . " (" . $this->cdata . ")"); } break; case "Update": if ($loginForExternalAccount != "") { $externalAccountHasChanged = trim($this->cdata) != ilObjUser::_lookupExternalAccount($this->user_id); if ($externalAccountHasChanged && trim($loginForExternalAccount) != trim($this->userObj->getLogin())) { $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_no_update_ext_account_exists") . " (" . $this->cdata . " for " . $loginForExternalAccount . ")"); } } break; } if ($externalAccountHasChanged) { $this->userObj->setExternalAccount(trim($this->cdata)); } break; case "Active": if ($this->cdata != "true" && $this->cdata != "false") { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "Active", $this->cdata)); } $this->currActive = $this->cdata; break; case "TimeLimitOwner": if (!preg_match("/\\d+/", $this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitOwner", $this->cdata)); } elseif (!$ilAccess->checkAccess('cat_administrate_users', '', $this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitOwner", $this->cdata)); } elseif ($ilObjDataCache->lookupType($ilObjDataCache->lookupObjId($this->cdata)) != 'cat' && !(int) $this->cdata == USER_FOLDER_ID) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitOwner", $this->cdata)); } $this->userObj->setTimeLimitOwner($this->cdata); break; case "TimeLimitUnlimited": switch (strtolower($this->cdata)) { case "true": case "1": $this->userObj->setTimeLimitUnlimited(1); break; case "false": case "0": $this->userObj->setTimeLimitUnlimited(0); break; default: $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitUnlimited", $this->cdata)); break; } break; case "TimeLimitFrom": // Accept datetime or Unix timestamp if (strtotime($this->cdata) === false && !is_numeric($this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitFrom", $this->cdata)); } $this->userObj->setTimeLimitFrom($this->cdata); break; case "TimeLimitUntil": // Accept datetime or Unix timestamp if (strtotime($this->cdata) === false && !is_numeric($this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitUntil", $this->cdata)); } $this->userObj->setTimeLimitUntil($this->cdata); break; case "TimeLimitMessage": switch (strtolower($this->cdata)) { case "1": $this->userObj->setTimeLimitMessage(1); break; case "0": $this->userObj->setTimeLimitMessage(0); break; default: $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "TimeLimitMessage", $this->cdata)); break; } break; case "ApproveDate": // Accept datetime or Unix timestamp if (strtotime($this->cdata) === false && !is_numeric($this->cdata) && !$this->cdata == "0000-00-00 00:00:00") { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "ApproveDate", $this->cdata)); } break; case "AgreeDate": // Accept datetime or Unix timestamp if (strtotime($this->cdata) === false && !is_numeric($this->cdata) && !$this->cdata == "0000-00-00 00:00:00") { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "AgreeDate", $this->cdata)); } break; case "iLincID": if (!preg_match("/\\d+/", $this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "iLincID", $this->cdata)); } break; case "iLincUser": if (!preg_match("/\\w+/", $this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "iLincUser", $this->cdata)); } break; case "iLincPasswd": if (!preg_match("/\\w+/", $this->cdata)) { $this->logFailure($this->userObj->getLogin(), sprintf($lng->txt("usrimport_xml_element_content_illegal"), "iLincPasswd", $this->cdata)); } break; case "Pref": if ($this->currentPrefKey != null) { $this->verifyPref($this->currentPrefKey, $this->cdata); } $this->currentPrefKey == null; } }
/** * @param $a_username * @param $password * @param bool $isChallengeResponse * @return bool|void * @throws ilLDAPQueryException */ function fetchData($a_username, $password, $isChallengeResponse = false) { /** * @var $ilDB ilDB * @var $ilSetting ilSetting * @var $rbacadmin ilRbacAdmin */ global $ilDB, $ilSetting, $rbacadmin; $settings = new ilSetting('apache_auth'); if (!$settings->get('apache_enable_auth')) { return false; } if (!$settings->get('apache_auth_indicator_name') || !$settings->get('apache_auth_indicator_value')) { return false; } if (!ilUtil::isLogin($a_username)) { return false; } if ($a_username == 'anonymous' && $password == 'anonymous') { $query = 'SELECT * FROM usr_data WHERE login = %s'; $qres = $ilDB->queryF($query, array('text'), array($a_username)); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } $this->_auth_obj->setAuth($userRow['login']); return true; } return false; } if (!$_SESSION['login_invalid'] && in_array($_SERVER[$settings->get('apache_auth_indicator_name')], array_filter(array_map('trim', str_getcsv($settings->get('apache_auth_indicator_value')))))) { // we have a valid apache auth $list = array($ilSetting->get('auth_mode')); // Respect the auth method sequence include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php'; $det = ilAuthModeDetermination::_getInstance(); if (!$det->isManualSelection() && $det->getCountActiveAuthModes() > 1) { $list = array(); foreach (ilAuthModeDetermination::_getInstance()->getAuthModeSequence() as $auth_mode) { $list[] = $auth_mode; } } foreach ($list as $auth_mode) { if (AUTH_LDAP == $auth_mode) { // if no local user has been found AND ldap lookup is enabled if ($settings->get('apache_enable_ldap')) { include_once 'Services/LDAP/classes/class.ilLDAPServer.php'; $this->server = new ilLDAPServer(ilLDAPServer::_getFirstActiveServer()); $this->server->doConnectionCheck(); $config = $this->server->toPearAuthArray(); $query = new ilLDAPQuery($this->server); $query->bind(); $ldapUser = $query->fetchUser($a_username); if ($ldapUser && $ldapUser[$a_username] && $ldapUser[$a_username][$config['userattr']] == $a_username) { $ldapUser[$a_username]['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username); $user_data = $ldapUser[$a_username]; //array_change_key_case($a_auth->getAuthData(),CASE_LOWER); if ($this->server->enabledSyncOnLogin()) { if (!$user_data['ilInternalAccount'] && $this->server->isAccountMigrationEnabled() && !self::$force_creation) { $this->_auth_obj->logout(); $_SESSION['tmp_auth_mode'] = 'ldap'; $_SESSION['tmp_external_account'] = $a_username; $_SESSION['tmp_pass'] = $_POST['password']; include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php'; $roles = ilLDAPRoleAssignmentRules::getAssignmentsForCreation($a_username, $user_data); $_SESSION['tmp_roles'] = array(); foreach ($roles as $info) { if ($info['action'] == ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN) { $_SESSION['tmp_roles'][] = $info['id']; } } ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); } if ($this->updateRequired($a_username)) { $this->initLDAPAttributeToUser(); $this->ldap_attr_to_user->setUserData($ldapUser); $this->ldap_attr_to_user->refresh(); $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username); } else { // User exists and no update required $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username); } } if ($user_data['ilInternalAccount']) { $this->_auth_obj->setAuth($user_data['ilInternalAccount']); $this->_auth_obj->username = $user_data['ilInternalAccount']; return true; } } } } else { if (AUTH_APACHE != $auth_mode && $settings->get('apache_enable_local')) { $condition = ''; if ($ilSetting->get("auth_mode") && $ilSetting->get("auth_mode") == 'ldap') { $condition = " AND auth_mode != " . $ilDB->quote('default', 'text') . " "; } $query = "SELECT * FROM usr_data WHERE login = %s AND auth_mode != %s {$condition}"; $qres = $ilDB->queryF($query, array('text', 'text'), array($a_username, 'ldap')); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } $this->_auth_obj->setAuth($userRow['login']); return true; } } } } if ($settings->get('apache_enable_local') && $settings->get('apache_local_autocreate')) { if ($_GET['r']) { $_SESSION['profile_complete_redirect'] = $_GET['r']; } $user = new ilObjUser(); $user->setLogin($a_username); $user->setExternalAccount($a_username); $user->setProfileIncomplete(true); $user->create(); $user->setAuthMode('apache'); // set a timestamp for last_password_change // this ts is needed by ilSecuritySettings $user->setLastPasswordChangeTS(time()); $user->setTimeLimitUnlimited(1); $user->setActive(1); //insert user data in table user_data $user->saveAsNew(); $user->writePrefs(); $rbacadmin->assignUser($settings->get('apache_default_role', 4), $user->getId(), true); return true; } } else { if (defined('IL_CERT_SSO') && IL_CERT_SSO) { define('APACHE_ERRORCODE', AUTH_APACHE_FAILED); } } return false; }
/** * migrate account * * @access public * */ public function migrateAccount() { global $lng, $ilClientIniFile, $ilLog, $rbacadmin; $lng->loadLanguageModule('auth'); if (!isset($_POST['account_migration'])) { $this->showAccountMigration($lng->txt('err_choose_migration_type')); return false; } if ($_POST['account_migration'] == 1 and (!strlen($_POST['mig_username']) or !strlen($_POST['mig_password']))) { $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } if ($_POST['account_migration'] == 1) { if (!($user_id = ilObjUser::_lookupId(ilUtil::stripSlashes($_POST['mig_username'])))) { $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } $_POST['username'] = $_POST['mig_username']; $_POST['password'] = $_POST['mig_password']; include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/Database/classes/class.ilAuthContainerMDB2.php'; $ilAuth = ilAuthFactory::factory(new ilAuthContainerMDB2()); $ilAuth->start(); if (!$ilAuth->checkAuth()) { $ilAuth->logout(); $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } $user = new ilObjUser($user_id); $user->setAuthMode(ilSession::get('tmp_auth_mode')); $user->setExternalAccount(ilSession::get('tmp_external_account')); $user->setActive(true); $user->update(); // Assign to default role if (is_array(ilSession::get('tmp_roles'))) { foreach (ilSession::get('tmp_roles') as $role) { $rbacadmin->assignUser((int) $role, $user->getId()); } } // Log migration $ilLog->write(__METHOD__ . ': Migrated ' . ilSession::get('tmp_external_account') . ' to ILIAS account ' . $user->getLogin() . '.'); } elseif ($_POST['account_migration'] == 2) { switch (ilSession::get('tmp_auth_mode')) { case 'apache': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once 'Services/AuthApache/classes/class.ilAuthContainerApache.php'; $container = new ilAuthContainerApache(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'ldap': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once 'Services/LDAP/classes/class.ilAuthContainerLDAP.php'; $container = new ilAuthContainerLDAP(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'radius': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/Radius/classes/class.ilAuthContainerRadius.php'; $container = new ilAuthContainerRadius(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'openid': $_POST['username'] = ilSession::get('dummy'); $_POST['password'] = ilSession::get('dummy'); $_POST['oid_username'] = ilSession::get('tmp_oid_username'); $_POST['oid_provider'] = ilSession::get('tmp_oid_provider'); //ilSession::set('force_creation', true); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/OpenId/classes/class.ilAuthContainerOpenId.php'; $container = new ilAuthContainerOpenId(); $container->forceCreation(true); ilAuthFactory::setContext(ilAuthFactory::CONTEXT_OPENID); include_once './Services/OpenId/classes/class.ilAuthOpenId.php'; $ilAuth = ilAuthFactory::factory($container); // logout first to initiate a new login session $ilAuth->logout(); ilSession::_destroy(session_id()); ilSession::set('force_creation', true); $ilAuth->start(); } // Redirect to acceptance ilUtil::redirect("ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&target=" . $_GET["target"] . "&cmd=getAcceptance"); } // show personal desktop ilUtil::redirect('ilias.php?baseClass=ilPersonalDesktopGUI'); }