mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00
Code Issues Projects Releases Wiki Activity
moodle/auth/ldap/ntlmsso_finish.php

37 lines
1.2 KiB
PHP
Raw Normal View History

MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
<?php
MDL-9399 auth/ldap: NTLM SSO - Resolve Moodle cookies issue, tighten config.php require()s Use $nomoodlecookie global to avoid session troubles. Also * Ensure we load the appropriate config.php, even if we are executing under a strange environment (ie: with a user's credentials!) * Test we have a spacer gif to open before we open it
2007-11-14 22:08:55 +00:00
require_once(dirname(dirname(dirname(__FILE__)))."/config.php");
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
//HTTPS is potentially required in this page
httpsrequired();
MDL-21233 moodle_url improvemewnts, code simplification, more diagnostics; fixed several regressions
2010-01-16 15:39:56 +00:00
$PAGE->set_url('/auth/ldap/ntlmsso_finish.php');
auth MDL-19788 Added PAGE->set_url calls and removed $Id tags
2009-10-15 02:34:31 +00:00
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
/// Define variables used in page
MDL-20697 removing duplicate error string, fixing get_site() which is now using exceptions
2009-11-01 09:10:09 +00:00
$site = get_site();
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
$authsequence = get_enabled_auth_plugins(true); // auths, in sequence
if (!in_array('ldap',$authsequence,true)) {
print_error('ldap_isdisabled','auth');
}
$authplugin = get_auth_plugin('ldap');
if (empty($authplugin->config->ntlmsso_enabled)) {
authentication MDL-19182 split auth.php lang file into multiple files separate for each plugin
2009-06-11 03:34:46 +00:00
print_error('ntlmsso_isdisabled','auth_ldap');
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
}
// If ntlmsso_finish() succeeds, then the code never returns,
// so we only worry about failure.
if (!$authplugin->ntlmsso_finish()) {
// Redirect to login, saying "don't try again!"
NTLM SSO: MDL-14584 Fix for several outstanding NTLM SSO issues. These include: MDL-14078: redirect() doubles the specified timeout when we haven't printed the page header and uses javascript to execute the redirect. This is interacting badly with some versions of IE and FF (at least 3.0.x Windows version) that fireup javascript timers even if we already left the page where we set those up. Just print the page header (we are printing other content anyway) to make redirect respect our timeouts. MDL-14071: All the relevant details are in the description of the bug :) MDL-14297: This is probably the same as MDL-14078
2009-02-14 16:21:14 +00:00
// Display the page header. This makes redirect respect the timeout we specify
// here (and not add 3 more secs).
$loginsite = get_string("loginsite");
auth MDL-19788 Upgraded print_header and build_navigation calls to use PAGE and OUTPUT equivilants
2009-09-03 05:40:41 +00:00
$PAGE->navbar->add($loginsite);
$PAGE->set_title("$site->fullname: $loginsite");
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();
MDL-20700 coding style cleanup - cvs keywords removed, closign php tag removed, trailing whitespace cleanup
2009-11-01 11:55:14 +00:00
redirect($CFG->httpswwwroot . '/login/index.php?authldap_skipntlmsso=1',
authentication MDL-19182 split auth.php lang file into multiple files separate for each plugin
2009-06-11 03:34:46 +00:00
get_string('ntlmsso_failed','auth_ldap'), 3);
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
}
Reference in New Issue Copy Permalink