* Version: 1.0 * last modified: 2009-06-18 15:54 * * Work based on the plaintext authentication backend: * @author Andreas Gohr * @author Chris Smith */ define('DOKU_AUTH', dirname(__FILE__)); require_once(DOKU_AUTH.'/plain.class.php'); define('AUTH_USERFILE',DOKU_CONF.'users.auth.php'); // we only accept page ids for auth_plain if(isset($_REQUEST['u'])) $_REQUEST['u'] = cleanID($_REQUEST['u']); if(isset($_REQUEST['acl_user'])) $_REQUEST['acl_user'] = cleanID($_REQUEST['acl_user']); // the same goes for password reset requests if(isset($_POST['login'])){ $_POST['login'] = cleanID($_POST['login']); } class auth_cosign extends auth_plain { /** * Constructor * * Carry out sanity checks to ensure the object is * able to operate. Set capabilities. * * @author Paul Rentschler */ function auth_cosign() { // call the parent constructor parent::auth_plain(); // indicate we should be trusting an external auth checker $this->cando['external'] = true; } /** * Trust External AuthN * * @author Paul Rentschler * @return bool */ function trustExternal($user,$pass,$sticky=false) { global $USERINFO; $result = false; if (!empty($user)) { // verify the user is logged in through WebAccess if (isset($_SERVER['REMOTE_USER']) && $_SERVER['REMOTE_USER'] <> '' && $_SERVER['REMOTE_USER'] == $user) { $userinfo = $this->getUserData($user); if ($userinfo !== false) { $result = true; } } } else { // regular session auth check if (isset($_SERVER['REMOTE_USER']) && $_SERVER['REMOTE_USER'] <> '') { $userinfo = $this->getUserData($_SERVER['REMOTE_USER']); if ($userinfo !== false) { $result = true; } } } // set the necessary global variables if ($result) { $USERINFO = $userinfo; // set session $_SESSION[DOKU_COOKIE]['auth']['user'] = $_SERVER['REMOTE_USER']; $_SESSION[DOKU_COOKIE]['auth']['pass'] = ''; $_SESSION[DOKU_COOKIE]['auth']['buid'] = auth_browseruid(); $_SESSION[DOKU_COOKIE]['auth']['info'] = $userinfo; $_SESSION[DOKU_COOKIE]['auth']['time'] = time(); } return $result; } } //Setup VIM: ex: et ts=2 enc=utf-8 :