mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00
Code Issues Projects Releases Wiki Activity
moodle/auth/ldap/ntlmsso_finish.php

38 lines
1.2 KiB
PHP
Raw Normal View History

MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
<?php
MDL-35628 performance: Remove dirname() where possible. dirname() is a slow function compared with __DIR__ and using '/../'. Moodle has a large number of legacy files that are included each time a page loads and is not able to use an autoloader as it is functional code. This allows those required includes to perform as best as possible in this situation.
2016-02-26 17:47:58 +11:00
require(__DIR__.'/../../config.php');
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
MDL-16723 automatic redirects to https when loginhttps enabled - this solves accidental usage of http version + it also solves recent navigation regressions + fixed regression from PAGE conversions + deprecated old httpsrequired() and $HTTPSPAGEREQUIRED
2010-10-10 15:04:19 +00:00
//HTTPS is required in this page when $CFG->loginhttps enabled
$PAGE->https_required();
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
MDL-21233 moodle_url improvemewnts, code simplification, more diagnostics; fixed several regressions
2010-01-16 15:39:56 +00:00
$PAGE->set_url('/auth/ldap/ntlmsso_finish.php');
MDL-34471 libraries: Replace all uses of get_context_instance() with respective context_XXXX::instance() method
2012-08-02 11:20:48 +08:00
$PAGE->set_context(context_system::instance());
auth MDL-19788 Added PAGE->set_url calls and removed $Id tags
2009-10-15 02:34:31 +00:00
auth/ldap cas/ldap MDL-23371 auth/ldap and auth/cas refactor They now share most of the code again, this time via subclassing, and they share some code with enrol/ldap. They have also gained some features and a few fixes.
2010-07-25 22:36:15 +00:00
// Define variables used in page
MDL-20697 removing duplicate error string, fixing get_site() which is now using exceptions
2009-11-01 09:10:09 +00:00
$site = get_site();
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
$authsequence = get_enabled_auth_plugins(true); // auths, in sequence
auth/ldap cas/ldap MDL-23371 auth/ldap and auth/cas refactor They now share most of the code again, this time via subclassing, and they share some code with enrol/ldap. They have also gained some features and a few fixes.
2010-07-25 22:36:15 +00:00
if (!in_array('ldap', $authsequence, true)) {
print_error('ldap_isdisabled', 'auth');
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
}
$authplugin = get_auth_plugin('ldap');
if (empty($authplugin->config->ntlmsso_enabled)) {
auth/ldap cas/ldap MDL-23371 auth/ldap and auth/cas refactor They now share most of the code again, this time via subclassing, and they share some code with enrol/ldap. They have also gained some features and a few fixes.
2010-07-25 22:36:15 +00:00
print_error('ntlmsso_isdisabled', 'auth_ldap');
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
}
// If ntlmsso_finish() succeeds, then the code never returns,
// so we only worry about failure.
if (!$authplugin->ntlmsso_finish()) {
// Redirect to login, saying "don't try again!"
NTLM SSO: MDL-14584 Fix for several outstanding NTLM SSO issues. These include: MDL-14078: redirect() doubles the specified timeout when we haven't printed the page header and uses javascript to execute the redirect. This is interacting badly with some versions of IE and FF (at least 3.0.x Windows version) that fireup javascript timers even if we already left the page where we set those up. Just print the page header (we are printing other content anyway) to make redirect respect our timeouts. MDL-14071: All the relevant details are in the description of the bug :) MDL-14297: This is probably the same as MDL-14078
2009-02-14 16:21:14 +00:00
// Display the page header. This makes redirect respect the timeout we specify
// here (and not add 3 more secs).
$loginsite = get_string("loginsite");
auth MDL-19788 Upgraded print_header and build_navigation calls to use PAGE and OUTPUT equivilants
2009-09-03 05:40:41 +00:00
$PAGE->navbar->add($loginsite);
$PAGE->set_title("$site->fullname: $loginsite");
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();
MDL-20700 coding style cleanup - cvs keywords removed, closign php tag removed, trailing whitespace cleanup
2009-11-01 11:55:14 +00:00
redirect($CFG->httpswwwroot . '/login/index.php?authldap_skipntlmsso=1',
authentication MDL-19182 split auth.php lang file into multiple files separate for each plugin
2009-06-11 03:34:46 +00:00
get_string('ntlmsso_failed','auth_ldap'), 3);
MDL-9399 auth/ldap: Add NTLM SSO pages These pages control the process of attempting an NTLM SSO login safely. This is very draft and needs real-world testing and polish. And string localisation too ;-) * If NTLM SSO is enabled, and the user's IP addr is in the right subnet, the loginpage_hook() of auth/ldap redirects to ntlmsso_attempt.php * ntlmsso_attempt.php will display a "redirect" msg with an img tag pointing to ntlmsso_magic.php, a 3s wait, and a redirect to ntlmsso_finish.php * ntlmsso_magic.php should be configured to have "Integrated Windows Authentication". If it does, it will serve a spacer gif and call ntlmsso_magic() * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO and handles failures.
2007-11-14 22:08:38 +00:00
}
Reference in New Issue Copy Permalink