2 /** External authentication via HTTPD for FusionForge
3 * Copyright 2011, Roland Mas
5 * This file is part of FusionForge. FusionForge is free software;
6 * you can redistribute it and/or modify it under the terms of the
7 * GNU General Public License as published by the Free Software
8 * Foundation; either version 2 of the Licence, or (at your option)
11 * FusionForge is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 require_once $gfcommon.'include/User.class.php';
22 require_once $gfcommon.'include/AuthPlugin.class.php';
25 * Authentication manager for FusionForge
28 class AuthHTTPDPlugin extends ForgeAuthPlugin {
29 function AuthHTTPDPlugin () {
31 $this->ForgeAuthPlugin() ;
32 $this->name = "authhttpd";
33 $this->text = _("HTTPD authentication");
35 _("This plugin contains an HTTPD authentication mechanism for
36 FusionForge. It allows Apache authentication to be reused for
37 FusionForge, for instance where Kerberos is used.");
38 $this->_addHook('display_auth_form');
39 $this->_addHook("check_auth_session");
40 $this->_addHook("fetch_authenticated_user");
41 $this->_addHook("close_auth_session");
43 $this->saved_login = '';
44 $this->saved_user = NULL;
46 $this->declareConfigVars();
49 private static $init = false;
52 * Display a form to input credentials
53 * @param unknown_type $params
56 function displayAuthForm(&$params) {
57 if (!$this->isRequired() && !$this->isSufficient()) {
60 $return_to = $params['return_to'];
65 $result .= _('Cookies must be enabled past this point.');
68 $result .= '<form action="' . util_make_url('/plugins/authhttpd/post-login.php') . '" method="get">
69 <input type="hidden" name="form_key" value="' . form_generate_key() . '"/>
70 <input type="hidden" name="return_to" value="' . htmlspecialchars(stripslashes($return_to)) . '" />
71 <p><input type="submit" name="login" value="' . _('Login via HTTP authentication') . '" />
75 $params['html_snippets'][$this->name] = $result;
77 $params['transparent_redirect_urls'][$this->name] = util_make_url('/plugins/authhttpd/post-login.php?return_to='.htmlspecialchars(stripslashes($return_to)));
81 * Is there a valid session?
82 * @param unknown_type $params
84 function checkAuthSession(&$params) {
85 $this->saved_user = NULL;
88 if (isset($GLOBALS['REMOTE_USER'])) {
89 $username = $GLOBALS['REMOTE_USER'];
95 $user = user_get_object_by_name($username);
98 // TODO : shouldn't this part be factorized as it seems quite common for many plugins ?
100 if ($this->isSufficient()) {
101 $this->saved_user = $user;
102 $params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_ACCEPT;
105 $params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
108 if ($this->isRequired()) {
109 $params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_REJECT;
111 $params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
117 * What GFUser is logged in?
118 * @param unknown_type $params
120 function fetchAuthUser(&$params) {
121 if ($this->saved_user && $this->isSufficient()) {
122 $params['results'] = $this->saved_user;
126 function closeAuthSession($params) {
127 // No way to close an HTTPD session from the server, unfortunately
134 // c-file-style: "bsd"