authentication; } if (isset($options["userBackendClass"])) { $this->userBackend = $options["userBackendClass"]; } elseif ($config->users !== null) { $this->userBackend = $this->initBackend(self::BACKEND_TYPE_USER, $config->users); } if (isset($options["groupBackendClass"])) { $this->groupBackend = $options["groupBackendClass"]; } elseif ($config->groups != null) { $this->groupBackend = $this->initBackend(self::BACKEND_TYPE_GROUP, $config->groups); } if (!isset($options["sessionClass"])) { $this->session = new PhpSession($config->session); } else { $this->session = $options["sessionClass"]; } if (isset($options["writeSession"]) && $options["writeSession"] === true) { $this->session->read(true); } else { $this->session->read(); } } public static function getInstance($config = null, array $options = array()) { if (self::$instance === null) { self::$instance = new Manager($config, $options); } return self::$instance; } public static function clearInstance() { self::$instance = null; } private function initBackend($authenticationTarget, $authenticationSource) { $userBackend = ucwords(strtolower($authenticationSource->backend)); if (!$userBackend) { return null; } $class = '\\Icinga\\Authentication\\Backend\\' . $userBackend . $authenticationTarget. 'Backend'; return new $class($authenticationSource); } public function authenticate(Credentials $credentials, $persist = true) { if (!$this->userBackend) { Logger::error("No authentication backend provided, your users will never be able to login."); throw new ConfigError( "No authentication backend set - login will never succeed as icinga-web ". "doesn't know how to determine your user. \n". "To fix this error, setup your authentication.ini with a valid authentication backend." ); return false; } if (!$this->userBackend->hasUsername($credentials)) { Logger::info("Unknown user %s tried to log in", $credentials->getUsername()); return false; } $this->user = $this->userBackend->authenticate($credentials); if ($this->user == null) { Logger::info("Invalid credentials for user %s provided", $credentials->getUsername()); return false; } if ($persist == true) { $this->persistCurrentUser(); $this->session->write(); } return true; } public function persistCurrentUser() { $this->session->set("user", $this->user); } public function authenticateFromSession() { $this->user = $this->session->get("user", null); } public function isAuthenticated($ignoreSession = false) { if ($this->user === null && !$ignoreSession) { $this->authenticateFromSession(); } return is_object($this->user); } public function removeAuthorization() { $this->user = null; $this->session->purge(); } public function getUser() { return $this->user; } public function getGroups() { return $this->user->getGroups(); } }