/** * Handle ldap as data source * @param Auth $auth * @param string $ext_account */ protected function handleLDAPDataSource($a_auth, $ext_account) { include_once './Services/LDAP/classes/class.ilLDAPServer.php'; $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getDataSource(AUTH_RADIUS)); $GLOBALS['ilLog']->write(__METHOD__ . 'Using ldap data source'); include_once './Services/LDAP/classes/class.ilLDAPUserSynchronisation.php'; $sync = new ilLDAPUserSynchronisation('radius', $server->getServerId()); $sync->setExternalAccount($ext_account); $sync->setUserData(array()); $sync->forceCreation($this->force_creation); try { $internal_account = $sync->sync(); } catch (UnexpectedValueException $e) { $GLOBALS['ilLog']->write(__METHOD__ . ': Login failed with message: ' . $e->getMessage()); $a_auth->status = AUTH_WRONG_LOGIN; $a_auth->logout(); return false; } catch (ilLDAPSynchronisationForbiddenException $e) { // No syncronisation allowed => create Error $GLOBALS['ilLog']->write(__METHOD__ . ': Login failed with message: ' . $e->getMessage()); $a_auth->status = AUTH_RADIUS_NO_ILIAS_USER; $a_auth->logout(); return false; } catch (ilLDAPAccountMigrationRequiredException $e) { $GLOBALS['ilLog']->write(__METHOD__ . ': Starting account migration.'); $a_auth->logout(); ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); } $a_auth->setAuth($internal_account); return true; }
/** * Init LDAP server * @param int $a_server_id */ protected function initServer($a_auth_mode, $a_server_id) { $this->authmode = $a_auth_mode; $this->server = ilLDAPServer::getInstanceByServerId($a_server_id); }
/** * Create user account * @param type $a_person_id */ private function createMember($a_person_id) { try { include_once './Services/LDAP/classes/class.ilLDAPServer.php'; $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::_getFirstActiveServer()); $server->doConnectionCheck(); include_once './Services/LDAP/classes/class.ilLDAPQuery.php'; $query = new ilLDAPQuery($server); $query->bind(IL_LDAP_BIND_DEFAULT); $users = $query->fetchUser($a_person_id); if ($users) { include_once './Services/LDAP/classes/class.ilLDAPAttributeToUser.php'; $xml = new ilLDAPAttributeToUser($server); $xml->setNewUserAuthMode($server->getAuthenticationMappingKey()); $xml->setUserData($users); $xml->refresh(); } } catch (ilLDAPQueryException $exc) { $this->log->write($exc->getMessage()); } }
/** * Check if user is member of specific group * * @access private * @param array user data * @param array user_data * */ private function isGroupMember($a_user_data) { global $ilLog; if ($this->isMemberAttributeDN()) { $user_cmp = $a_user_data['dn']; } else { $user_cmp = $a_user_data['ilExternalAccount']; } include_once 'Services/LDAP/classes/class.ilLDAPQuery.php'; include_once 'Services/LDAP/classes/class.ilLDAPServer.php'; $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::_getFirstActiveServer()); try { $query = new ilLDAPQuery($server); $query->bind(); $res = $query->query($this->getDN(), sprintf('(%s=%s)', $this->getMemberAttribute(), $user_cmp), IL_LDAP_SCOPE_BASE, array('dn')); return $res->numRows() ? true : false; } catch (ilLDAPQueryException $e) { $ilLog->write(__METHOD__ . ': Caught Exception: ' . $e->getMessage()); return false; } }