function shib_auth_init in Shibboleth Authentication 5.3
Same name and namespace in other branches
- 5.2 shib_auth.module \shib_auth_init()
- 6.4 shib_auth.module \shib_auth_init()
- 6 shib_auth.module \shib_auth_init()
- 6.2 shib_auth.module \shib_auth_init()
- 6.3 shib_auth.module \shib_auth_init()
- 7.4 shib_auth.module \shib_auth_init()
Create a new user based on informations from the Shibboleth handler if it's necessary or log in.
File
- ./
shib_auth.module, line 28 - Provides user authentication with Shibboleth (both v1.3 and v2.0) as well as some authorisation features (automatic role assignment base on Shibboleth attributes).
Code
function shib_auth_init() {
global $user;
if (variable_get('shib_auth_debug_state', FALSE)) {
$debug_message = print_r($_SERVER, TRUE);
drupal_set_message('<pre>' . $debug_message . '</pre>');
}
$uname = $_SERVER[variable_get('shib_auth_username_variable', 'REMOTE_USER')];
$umail = $_SERVER[variable_get('shib_auth_username_email', 'HTTP_SHIB_MAIL')];
$umail_single = preg_replace('/;.*/', '', $umail);
// Ensure that the user is the same as the one who has initiated the session
if (isset($_SESSION['uname'])) {
if ($_SESSION['uname'] != $uname) {
unset($_SESSION['authentication']);
unset($_SESSION['uname']);
session_destroy();
$user = drupal_anonymous_user();
}
}
else {
$_SESSION['uname'] = $uname;
}
// If
// - The user isn't logged in
// - There is Shibboleth authentication in the background
// - The settings are fine and there has been a valid username setted up
// - The settings are fine and there has been a valid user email address setted up
if (!$user->uid && ($_SERVER['HTTP_SHIB_IDENTITY_PROVIDER'] || $_SERVER['Shib-Identity-Provider'])) {
if ($uname && $umail_single) {
user_external_login_register($uname, "shib_auth");
$account = user_save($user, array(
'mail' => $umail_single,
));
// Terminate if an error occured during user_save().
if (!$account) {
drupal_set_message(t("Error saving user account."), 'error');
return;
}
$user = $account;
}
else {
$message = 'Username or e-mail address is missing. Maybe the Shibboleth configuration is not perfect.';
drupal_set_message(t($message), 'error');
watchdog('shib_auth', $message, WATCHDOG_CRITICAL);
}
}
}