Š
authenticate.phpüCìdüO.°Ù¤
config.phpCìd6Bóm¤
plugin.phpHCìdHüi¸é¤
getId()) { if (!$user instanceof StaffSession) { // osTicket <= v1.9.7 or so $user = new StaffSession($user->getId()); } return $user; } // TODO: Consider client sessions } } } class UserHttpAuthentication extends UserAuthenticationBackend { static $name = "HTTP Authentication"; static $id = "passthru.client"; function supportsInteractiveAuthentication() { return false; } function signOn() { if (isset($_SERVER['REMOTE_USER']) && !empty($_SERVER['REMOTE_USER'])) // User was authenticated by the HTTP server $username = $_SERVER['REMOTE_USER']; elseif (isset($_SERVER['REDIRECT_REMOTE_USER']) && !empty($_SERVER['REDIRECT_REMOTE_USER'])) $username = $_SERVER['REDIRECT_REMOTE_USER']; if ($username) { // Support ActiveDirectory domain specification with either // "user@domain" or "domain\user" formats if (strpos($username, '@') !== false) list($username, $domain) = explode('@', $username, 2); elseif (strpos($username, '\\') !== false) list($domain, $username) = explode('\\', $username, 2); $username = trim(strtolower($username)); if ($acct = ClientAccount::lookupByUsername($username)) { if (($client = new ClientSession(new EndUser($acct->getUser()))) && $client->getId()) return $client; } else { // No such account. Attempt a lookup on the username $users = parent::searchUsers($username); if (!is_array($users)) return; foreach ($users as $u) { if (0 === strcasecmp($u['username'], $username) || 0 === strcasecmp($u['email'], $username)) // User information matches HTTP username return new ClientCreateRequest($this, $username, $u); } } } } } require_once(INCLUDE_DIR.'class.plugin.php'); require_once('config.php'); class PassthruAuthPlugin extends Plugin { var $config_class = 'PassthruAuthConfig'; function bootstrap() { $config = $this->getConfig(); if ($config->get('auth-staff')) StaffAuthenticationBackend::register('HttpAuthentication'); if ($config->get('auth-client')) UserAuthenticationBackend::register('UserHttpAuthentication'); } } new SectionBreakField(array( 'label' => $__('Authentication Modes'), 'hint' => $__('Authentication modes for clients and staff members can be enabled independently. Client discovery can be supported via a separate backend (such as LDAP)'), )), 'auth-staff' => new BooleanField(array( 'label' => $__('Staff Authentication'), 'default' => true, 'configuration' => array( 'desc' => $__('Enable authentication of staff members') ) )), 'auth-client' => new BooleanField(array( 'label' => $__('Client Authentication'), 'default' => false, 'configuration' => array( 'desc' => $__('Enable authentication and discovery of clients') ) )), ); } function pre_save(&$config, &$errors) { global $msg; list($__, $_N) = self::translate(); if (!$errors) $msg = $__('Configuration updated successfully'); return true; } } 'auth:passthru', # notrans 'version' => '0.2', 'name' => /* trans */ 'HTTP Passthru Authentication', 'author' => 'Jared Hancock', 'description' => /* trans */ 'Allows for the HTTP server (Apache or IIS) to perform the authentication of the user. osTicket will match the username from the server authentication to a username defined internally', 'url' => 'http://www.osticket.com/plugins/auth/passthru', 'plugin' => 'authenticate.php:PassthruAuthPlugin' ); ?> ݾv¤7üT¥åÄTÃb % $?Û{®Í̺ۘÉZ]GBMB