mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00
Code Issues Projects Releases Wiki Activity
29,100 Commits 36 Branches 519 Tags
Commit Graph

141 Commits

Author SHA1 Message Date
martinlanghoff
3357a506bd MDL-9399 auth/ldap: NTLM SSO - Resolve Moodle cookies issue, tighten config.php require()s 
Use $nomoodlecookie global to avoid session troubles. Also

 * Ensure we load the appropriate config.php, even if we are executing
   under a strange environment (ie: with a user's credentials!)

 * Test we have a spacer gif to open before we open it
 2007-11-14 22:08:55 +00:00
martinlanghoff
977f5b56e1 MDL-9399 auth/ldap: Add NTLM SSO pages 
These pages control the process of attempting an NTLM SSO login
safely. This is very draft and needs real-world testing and polish.

And string localisation too ;-)

  * If NTLM SSO is enabled, and the user's IP addr is in the right
    subnet, the loginpage_hook() of auth/ldap redirects to
    ntlmsso_attempt.php

  * ntlmsso_attempt.php will display a "redirect" msg with an img tag
    pointing to ntlmsso_magic.php, a 3s wait, and a redirect to
    ntlmsso_finish.php

  * ntlmsso_magic.php should be configured to have "Integrated
    Windows Authentication". If it does, it will serve a spacer gif
    and call ntlmsso_magic()

  * ntlmsso_finish.php calls ntlmsso_finish() to complete the SSO
    and handles failures.
 2007-11-14 22:08:38 +00:00
martinlanghoff
decd80163d MDL-9399 auth/ldap: flesh out ntlmsso_* functions 
Flesh out the functions that get the job done. These will be triggered
by PHP files sitting under auth/ldap/ ...

ntlmsso_magic() - here is where the magic happens. Call it serving
something harmless, like a space GIF, from a URL that is blessed with
Integrated Windows Authentication. If the IWA is successful, it will
set a special session cookie in config_plugins table.

It won't complete the job because when we are under IWA magic we
cannot change (even read!) the session data, as the execution happens
under the OS privileges of the actual user acct being logged in (!!!)

ntlmsso_finish() - if it finds the session set by ntlmsso_magic() and
it hasn't expired, it will finish the job of logging in the user, by
calling authenticate_user_login() and exercising the whole auth
machinery.

user_login() - when called by authenticate_user_login() it will check
to see if there's a session setup by ntlmsso_magic() and OK the login
without really asking the AD backend to proof a password we don't have
anyway.
 2007-11-14 22:08:11 +00:00
martinlanghoff
1e8713ea64 MDL-9399 auth/ldap: Introducing loginpage_hook(), ntlmsso_attempt(), ntlmsso_finish() 
A work in progress -- initial loginpage_hook() and headers for the
remaining functions. One thing to consider here is that this won't
work if there's a proxy in the middle.

Does NTLM auth thingy support proxies?
 2007-11-14 22:07:53 +00:00
martinlanghoff
b95b46a897 MDL-9399 auth/ldap: Manage 2 new config settings for NTLM SSO 
Changes in the forms and forms handling to set and edit NTLM SSO
related config options.
 2007-11-14 22:07:16 +00:00
toyomoyo
3ddcc29e62 MDL-10509, LDAP username to be always in lowercase 2007-11-06 01:01:09 +00:00
iarenaza
bb4e530b93 MDL-11299 - Make objectClass string comparison case insensitive. 
LDAP serves accept attribute names in a case insensitive way, so don't
force the users to use any particular spelling.
 2007-09-17 21:30:20 +00:00
skodak
f6c80923bf MDL-10921 LDAP Auth to Active Directory requires LDAP_OPT_REFERRALS option set 2007-08-29 20:42:41 +00:00
skodak
90afcf3280 MDL-10260 added new user_delete() hook into auth plugins; refactored user delete code = new function delete_user() in moodlelib.php + improved cleanup in core tables when deleting user 2007-08-21 20:52:36 +00:00
ikawhero
831d450e3f Adding custom profile fields to the signup page. 
The only two authentication plugins this affects are email and ldap.
 2007-08-20 08:30:34 +00:00
nicolasconnault
e295df447f MDL-10870 All files updated to new build_navigation() method. 2007-08-17 11:18:58 +00:00
poltawski
63b1cf1fe2 MDL-10343 - abort early when can't create temporary tables when syning users 
from LDAP
 2007-07-22 21:33:31 +00:00
skodak
9347082d10 MDL-10309 Broken password expiration support for LDAP user types rfc2307 and rfc2307bis, patch by Iñaki Arenaza; merged from MOODLE_18_STABLE 2007-07-01 15:42:36 +00:00
skodak
4225d4ba3a MDL-10068 "Lost Password" button does not work for ldap auth 2007-06-10 19:26:12 +00:00
skodak
7a4025d0b6 MDL-10061 LDAP user creation broken for Novell eDirectory since 1.8; patch by Iñaki Arenaza 2007-06-09 15:33:22 +00:00
skodak
bffe39c6d5 MDL-4687 Password expiration support for AD (with patch) - patch by Iñaki Arenaza, thanks! 2007-05-30 08:54:52 +00:00
skodak
66fc70dd2e MDL-9954 LDAP auth settings form problem with 'Member Attribute' and 'Member Attribute uses dn'; patch by Iñaki Arenaza - thanks! 2007-05-30 08:49:19 +00:00
skodak
81fb221d31 MDL-9626 Enable user signup with Active Directory (via LDAP); patch by Iñaki Arenaza - thanks! 2007-05-30 08:47:00 +00:00
skodak
4db13f9465 MDL-9880 Remove user_activate() method from public API because it was used only from user_confirm() in LDAP, other plugins use only user_confirm() 
MDL-9575 fix email signup in ldap auth mod
 2007-05-21 20:33:42 +00:00
skodak
2cef74f91f MDL-9861 Password expiration value is calculated wrong when ldap_expirationtime2unix() returns 0 - patch by Iñaki Arenaza; merged from MOODLE_18_STABLE 2007-05-21 20:08:45 +00:00
moodler
d0e84e1be0 Added Iñaki's patch from MDL-7233 for 1.9 - thanks! 2007-05-21 05:23:00 +00:00
nicolasconnault
77a297d274 Fixed many xhtml errors 2007-04-20 07:54:42 +00:00
skodak
344514fca5 MDL-3339 support md5 and sha1 in ldap when adding or changing passwords; merged from MOODLE_18_STABLE 2007-03-29 19:50:53 +00:00
skodak
cd874e2133 MDL-8590 fixed ldap creators, added new option to specify dn in member attribute; merged from MOODLE_18_STABLE 2007-03-29 15:53:09 +00:00
skodak
a8d58c58e7 MDL-9099 LDAP auth does not allow dn in idnumber field (or other user attributes); patch by Jeff Graham; merged from MOODLE_18_STABLE 2007-03-29 08:42:07 +00:00
skodak
6bc1e5d577 (MDL-8973) Fix OOP model of new multi auth plugins + some other auth related fixes, fixed change_password, ldap updates, etc.; TODO: fix docs 2007-03-22 12:27:52 +00:00
skodak
430759a5fe MDL-8590 auth cleanup - part 6 2007-02-21 21:42:10 +00:00
skodak
139ebfdb3b MDL-8590 auth cleanup - part 1 2007-02-20 17:03:36 +00:00
stronk7
fa96bfaa11 sync_users() now working both under MSSQL and Oracle. Big credits to 
Jay Lee for his cool patch about MDL-7525 MDL-8023 MDL-8153

Merged from MOODLE_18_STABLE
 2007-02-17 01:26:43 +00:00
thepurpleblob
0b906e7847 MDL-8443 
Fixed Typo.
 2007-02-14 15:31:07 +00:00
toyomoyo
43c6650b35 fixing a typo 2007-02-09 00:34:49 +00:00
donal72
fb5c773965 Auth: Documentation update to reflect changes in signature of user_update_password method 2007-01-28 22:08:59 +00:00
stronk7
60b562c49e Adding some $CFG->dbfamily-s here and there. MDL-7061 2007-01-12 00:06:08 +00:00
donal72
e8b9d76a3f Auth: Replace hardcoded strings: MDL-8069 2007-01-11 00:05:47 +00:00
donal72
a9ad3633c7 Auth: Replace hardcoded strings: MDL-8069 2007-01-10 23:17:51 +00:00
donal72
b7b50143f3 Auth: Bugfix: MDL-8131 2007-01-10 00:50:59 +00:00
martinlanghoff
b9ddb2d5ea multiauth: migrated all files to the new OO API, written new API documentation 
Author: Martin Langhoff <martin@catalyst.net.nz>
 2007-01-04 04:52:42 +00:00
skodak
cf6bf1ab5f MDL-7837 auth_ldap_bulk_insert() fails when user data contains single quotes - patch by Iñaki Arenaza 2006-12-29 21:17:43 +00:00
skodak
810944af7f we are going 100% unicode now - removed use of $CFG->unicodedb and current_charset(); MDL-7439 - part 2, only hotpot and wiki left 2006-11-11 17:23:20 +00:00
moodler
f274fe073c Merged AS keyword fixes from stable MDL-7207 2006-10-25 09:04:25 +00:00
moodler
3ede4ecbcb Fixes to remove access to user_coursecreators and use roles instead MDL-6800 2006-10-04 05:36:17 +00:00
mjollnir_
7d49253f40 Here's a little patch for auth/ldap/lib.php... just stops some 
errors from popping up.
Credit: Alastair Pharo <alastair@catalyst.net.nz>
 2006-09-26 01:26:27 +00:00
toyomoyo
d76a5a7fed replacing references to user_* tables 2006-09-19 01:44:33 +00:00
skodak
4630e4e483 Bug #5953 - problem in /auth/ldap/lib.php; merged from MOODLE_16_STABLE 2006-06-29 07:05:00 +00:00
martinlanghoff
9aad454299 auth/ldap: better handling of empty values from ldap 2006-05-30 00:44:21 +00:00
skodak
f2b5a58a0f Bug #5604 - LDAP error notice when users update profile; merged from MOODEL_16_STABLE 2006-05-24 21:12:46 +00:00
stronk7
5c30945a81 Only decode from utf8 if we aren't running under utf8. 
(anyway we need a setting to decide the original encoding
and to be perfect)
 2006-03-28 19:14:23 +00:00
stronk7
5db97a46a5 We don't need to convert to Unicode if Moodle is running under Unicode. 
(anyway, we need a new field inside each authentication system to be
able to define the external encoding!)
 2006-03-28 17:13:09 +00:00
moodler
0b5f5c0de0 Some old fix, that wasn't checked in 2006-01-05 06:30:12 +00:00
martinlanghoff
ff2cbb73a9 Merged from MOODLE_15_STABLE - auth/ldap: Fix support for AD -- thanks to Inaki, in more than one sense ;-) 2005-12-12 04:58:11 +00:00