diff options
Diffstat (limited to 'engine/lib/pam.php')
-rw-r--r-- | engine/lib/pam.php | 48 |
1 files changed, 26 insertions, 22 deletions
diff --git a/engine/lib/pam.php b/engine/lib/pam.php index e0bb0cf21..21cfdbbb9 100644 --- a/engine/lib/pam.php +++ b/engine/lib/pam.php @@ -2,20 +2,20 @@ /** * Elgg Simple PAM library * Contains functions for managing authentication. - * This is not a full implementation of PAM. It supports a single facility + * This is not a full implementation of PAM. It supports a single facility * (authentication) and allows multiple policies (user authentication is the - * default). There are two control flags possible for each module: sufficient - * or required. The entire chain for a policy is processed (or until a - * required module fails). A module fails by returning false or throwing an - * exception. The order that modules are processed is determined by the order - * they are registered. For an example of a PAM, see pam_auth_userpass() in + * default). There are two control flags possible for each module: sufficient + * or required. The entire chain for a policy is processed (or until a + * required module fails). A module fails by returning false or throwing an + * exception. The order that modules are processed is determined by the order + * they are registered. For an example of a PAM, see pam_auth_userpass() in * sessions.php. - * + * * For more information on PAMs see: * http://www.freebsd.org/doc/en/articles/pam/index.html * - * @package Elgg - * @subpackage Core + * @package Elgg.Core + * @subpackage Authentication.PAM */ $_PAM_HANDLERS = array(); @@ -24,10 +24,11 @@ $_PAM_HANDLERS_MSG = array(); /** * Register a PAM handler. * - * @param string $handler The handler function in the format - * pam_handler($credentials = NULL); + * @param string $handler The handler function in the format + * pam_handler($credentials = NULL); * @param string $importance The importance - "sufficient" (default) or "required" - * @param string $policy - the policy type, default is "user" + * @param string $policy The policy type, default is "user" + * * @return boolean */ function register_pam_handler($handler, $importance = "sufficient", $policy = "user") { @@ -37,7 +38,7 @@ function register_pam_handler($handler, $importance = "sufficient", $policy = "u if (!isset($_PAM_HANDLERS[$policy])) { $_PAM_HANDLERS[$policy] = array(); } - + if (is_callable($handler)) { $_PAM_HANDLERS[$policy][$handler] = new stdClass; @@ -54,7 +55,9 @@ function register_pam_handler($handler, $importance = "sufficient", $policy = "u * Unregisters a PAM handler. * * @param string $handler The PAM handler function name - * @param string $policy - the policy type, default is "user" + * @param string $policy The policy type, default is "user" + * + * @return void * @since 1.7.0 */ function unregister_pam_handler($handler, $policy = "user") { @@ -65,26 +68,27 @@ function unregister_pam_handler($handler, $policy = "user") { /** * Attempt to authenticate. - * This function will process all registered PAM handlers or stop when the first - * handler fails. A handler fails by either returning false or throwing an + * This function will process all registered PAM handlers or stop when the first + * handler fails. A handler fails by either returning false or throwing an * exception. The advantage of throwing an exception is that it returns a message - * through the global $_PAM_HANDLERS_MSG which can be used in communication with + * through the global $_PAM_HANDLERS_MSG which can be used in communication with * a user. The order that handlers are processed is determined by the order that * they were registered. * - * If $credentials are provided the PAM handler should authenticate using the - * provided credentials, if not then credentials should be prompted for or + * If $credentials are provided the PAM handler should authenticate using the + * provided credentials, if not then credentials should be prompted for or * otherwise retrieved (eg from the HTTP header or $_SESSION). * - * @param mixed $credentials Mixed PAM handler specific credentials (e.g. username, password) - * @param string $policy - the policy type, default is "user" + * @param mixed $credentials Mixed PAM handler specific credentials (e.g. username, password) + * @param string $policy The policy type, default is "user" + * * @return bool true if authenticated, false if not. */ function pam_authenticate($credentials = NULL, $policy = "user") { global $_PAM_HANDLERS, $_PAM_HANDLERS_MSG; $_PAM_HANDLERS_MSG = array(); - + $authenticated = false; foreach ($_PAM_HANDLERS[$policy] as $k => $v) { |