tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-11-01 03:44:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
icingaweb2/application/controllers/AuthenticationController.php
Johannes Meyer e21b4243ca Fix error message when no authentication method available 
The error handling for configuration files has slightly changed (non
existent files are treated as empty) so the authentication chain handling
needed to be adjusted as well.

fixes #6268
2014-07-09 12:53:25 +02:00

169 lines
6.4 KiB
PHP
Raw Blame History

<?php
// {{{ICINGA_LICENSE_HEADER}}}
/**
* This file is part of Icinga Web 2.
*
* Icinga Web 2 - Head for multiple monitoring backends.
* Copyright (C) 2013 Icinga Development Team
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @copyright 2013 Icinga Development Team <info@icinga.org>
* @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2
* @author Icinga Development Team <info@icinga.org>
*
*/
// {{{ICINGA_LICENSE_HEADER}}}
# namespace Icinga\Application\Controllers;
use Icinga\Authentication\Backend\AutoLoginBackend;
use Icinga\Web\Controller\ActionController;
use Icinga\Form\Authentication\LoginForm;
use Icinga\Authentication\AuthChain;
use Icinga\Application\Config;
use Icinga\Logger\Logger;
use Icinga\Exception\AuthenticationException;
use Icinga\Exception\NotReadableError;
use Icinga\Exception\ConfigurationError;
use Icinga\User;
use Icinga\Web\Url;
/**
* Application wide controller for authentication
*/
class AuthenticationController extends ActionController
{
/**
* This controller does not require authentication
*
* @var bool
*/
protected $requiresAuthentication = false;
/**
* Log into the application
*/
public function loginAction()
{
$auth = $this->Auth();
$this->view->form = new LoginForm();
$this->view->form->setRequest($this->_request);
$this->view->title = $this->translate('Icingaweb Login');
try {
$redirectUrl = Url::fromPath($this->params->get('redirect', 'dashboard'));
if ($auth->isAuthenticated()) {
$this->rerenderLayout()->redirectNow($redirectUrl);
}
try {
$config = Config::app('authentication');
} catch (NotReadableError $e) {
Logger::error(
new Exception('Cannot load authentication configuration. An exception was thrown:', 0, $e)
);
throw new ConfigurationError(
t(
'No authentication methods available. Authentication configuration could not be loaded.'
. ' Please check the system log or Icinga Web 2 log for more information'
)
);
}
$chain = new AuthChain($config);
if ($this->getRequest()->isGet()) {
$user = new User('');
foreach ($chain as $backend) {
if ($backend instanceof AutoLoginBackend) {
$authenticated = $backend->authenticate($user);
if ($authenticated === true) {
$auth->setAuthenticated($user);
$this->rerenderLayout()->redirectNow($redirectUrl);
}
}
}
} elseif ($this->view->form->isSubmittedAndValid()) {
$user = new User($this->view->form->getValue('username'));
$password = $this->view->form->getValue('password');
$backendsTried = 0;
$backendsWithError = 0;
foreach ($chain as $backend) {
if ($backend instanceof AutoLoginBackend) {
continue;
}
++$backendsTried;
try {
$authenticated = $backend->authenticate($user, $password);
} catch (AuthenticationException $e) {
Logger::error($e);
++$backendsWithError;
continue;
}
if ($authenticated === true) {
$auth->setAuthenticated($user);
$this->rerenderLayout()->redirectNow($redirectUrl);
}
}
if ($backendsTried === 0) {
throw new ConfigurationError(
t(
'No authentication methods available. It seems that no authentication method has been set'
. ' up. Please check the system log or Icinga Web 2 log for more information'
)
);
}
if ($backendsTried === $backendsWithError) {
throw new ConfigurationError(
$this->translate(
'No authentication methods available. It seems that all set up authentication methods have'
. ' errors. Please check the system log or Icinga Web 2 log for more information'
)
);
}
if ($backendsWithError) {
$this->view->form->addNote(
$this->translate(
'Note that not all authentication backends are available for authentication because they'
. ' have errors. Please check the system log or Icinga Web 2 log for more information'
)
);
}
$this->view->form->getElement('password')->addError($this->translate('Incorrect username or password'));
}
} catch (Exception $e) {
$this->view->errorInfo = $e->getMessage();
}
}
/**
* Log out the current user
*/
public function logoutAction()
{
$auth = $this->Auth();
$auth->removeAuthorization();
if ($auth->isAuthenticatedFromRemoteUser()) {
$this->_helper->layout->setLayout('login');
$this->_response->setHttpResponseCode(401);
} else {
$this->rerenderLayout()->redirectToLogin();
}
}
}
Reference in New Issue View Git Blame Copy Permalink