diff options
author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-07-23 16:27:48 +0000 |
---|---|---|
committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-07-23 16:27:48 +0000 |
commit | 23f908c3e95b121f83f8c14450a9d06c4c8d41ad (patch) | |
tree | d4de55be3ce8ab34560205556d5c4320c64bb0b3 /engine | |
parent | 1589b1e0fc06979063d3a07bf34eca5c0ea22492 (diff) | |
download | elgg-23f908c3e95b121f83f8c14450a9d06c4c8d41ad.tar.gz elgg-23f908c3e95b121f83f8c14450a9d06c4c8d41ad.tar.bz2 |
PAM now supports 'required' and 'sufficient'
git-svn-id: https://code.elgg.org/elgg/trunk@1504 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/pam.php | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/engine/lib/pam.php b/engine/lib/pam.php index 6bbfce79d..1faa0014e 100644 --- a/engine/lib/pam.php +++ b/engine/lib/pam.php @@ -21,14 +21,19 @@ * * @param string $handler The handler function in the format * pam_handler($credentials = NULL); + * @param string $importance The importance - "sufficient" or "required" */ - function register_pam_handler($handler) + function register_pam_handler($handler, $importance = "sufficient") { global $_PAM_HANDLERS; if (is_callable($handler)) { - $_PAM_HANDLERS[$handler] = $handler; + $_PAM_HANDLERS[$handler] = new stdClass; + + $_PAM_HANDLERS[$handler]->handler = $handler; + $_PAM_HANDLERS[$handler]->importance = strtolower($importance); + return true; } @@ -49,27 +54,38 @@ { global $_PAM_HANDLERS, $_PAM_HANDLERS_MSG; + $authenticated = false; + foreach ($_PAM_HANDLERS as $k => $v) { + $handler = $v->handler; + $importance = $v->importance; + try { // Execute the handler - if ($v($credentials)) + if ($handler($credentials)) { // Explicitly returned true $_PAM_HANDLERS_MSG[$k] = "Authenticated!"; - return true; + $authenticated = true; } else + { $_PAM_HANDLERS_MSG[$k] = "Not Authenticated."; + + // If this is required then abort. + if ($importance == 'required') + return false; + } } catch (Exception $e) { $_PAM_HANDLERS_MSG[$k] = "$e"; } } - - return false; + + return $authenticated; } ?>
\ No newline at end of file |