Index: INSTALL =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/webserver_auth/INSTALL,v retrieving revision 1.2 diff -u -p -r1.2 INSTALL --- INSTALL 28 Oct 2003 17:18:00 -0000 1.2 +++ INSTALL 29 Apr 2008 23:50:47 -0000 @@ -1,3 +1,5 @@ +# $Id$ + Enable access control on your your drupal directory and subdirectories. For Windows, you must turn 'windows integrated authentication' for the drupal directory in IIS or use Apache ntlm module (untested) Index: README.txt =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/webserver_auth/README.txt,v retrieving revision 1.1 diff -u -p -r1.1 README.txt --- README.txt 13 Oct 2004 13:01:52 -0000 1.1 +++ README.txt 29 Apr 2008 23:50:29 -0000 @@ -1,3 +1,4 @@ +# $Id$ + Admins can now enable access control their the drupal directory via their webserver (e.g. http auth, NTLM, .htaccess) and with this module, Drupal honor's the web server's authentication. - \ No newline at end of file Index: webserver_auth.info =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/webserver_auth/webserver_auth.info,v retrieving revision 1.1 diff -u -p -r1.1 webserver_auth.info --- webserver_auth.info 10 Mar 2008 21:43:42 -0000 1.1 +++ webserver_auth.info 29 Apr 2008 23:41:40 -0000 @@ -1,3 +1,3 @@ ; $Id: webserver_auth.info,v 1.1 2008/03/10 21:43:42 weitzman Exp $ name = Webserver authentication -description = Rely on the web server authentication instead of Drupal. \ No newline at end of file +description = Rely on the web server authentication instead of Drupal. Index: webserver_auth.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/webserver_auth/webserver_auth.module,v retrieving revision 1.20 diff -u -p -r1.20 webserver_auth.module --- webserver_auth.module 21 Apr 2008 16:43:26 -0000 1.20 +++ webserver_auth.module 29 Apr 2008 23:50:18 -0000 @@ -1,71 +1,86 @@ t('Webserver authentication'), - 'path' => "admin/settings/webserver_auth", - 'callback' => "drupal_get_form", + 'path' => 'admin/settings/webserver_auth', + 'callback' => 'drupal_get_form', 'callback arguments' => array('webserver_auth_settings'), 'description' => t('Configure a domain for generating email addresses. Optional.'), ); } return $items; - } +/** + * Implementation of hook_init(). + */ function webserver_auth_init() { global $user, $account; - $remote_user = ""; + $remote_user = ''; - //lets make sure we get the remote user whichever way it is available - if (isset($_SERVER["REDIRECT_REMOTE_USER"])) { - $remote_user = $_SERVER["REDIRECT_REMOTE_USER"]; - } elseif (isset($_SERVER["REMOTE_USER"])) { - $remote_user = $_SERVER["REMOTE_USER"]; + // Let's make sure we get the remote user whichever way it is available. + if (isset($_SERVER['REDIRECT_REMOTE_USER'])) { + $remote_user = $_SERVER['REDIRECT_REMOTE_USER']; + } + elseif (isset($_SERVER['REMOTE_USER'])) { + $remote_user = $_SERVER['REMOTE_USER']; } - // two ways to get $name + // Two ways to get $name. if ($name != $remote_user) { - //this might be something to add as an admin panel function later - //$name = strtolower($remote_user); + // This might be something to add as an admin panel function later: + // $name = strtolower($remote_user); $name = $remote_user; } - + if (isset($user) && $user->id && $user->name === $name) { - //do nothing because user is already logged into Drupal, and hasn't presented different credentials vis web server + // Do nothing because user is already logged into Drupal, and hasn't + // presented different credentials via web server. + return; + } + if (!$name) { + // Do nothing; user isn't logged into web server. + return; + } + // User is logged into webserver. + $account->name = $name; + // Modules get to change the user bits before saving. Use a global $account + // to do so. Only loaded modules will see this hook. + module_invoke_all('webserver_auth'); + // If we are in bootstrap, load user.module ourselves. + if (!module_exists('user')) { + drupal_load('module', 'user'); + } + + // Try to log into Drupal. If unsuccessful, register the user. + $test_user = user_external_load($account->name); + if (!$test_user->uid) { + if (variable_get('user_register', 1) == 1) { + $user_default = array( + 'name' => $account->name, + 'pass' => 'cyan', + 'init' => db_escape_string($name), + 'authname_webserver_auth' => $account->name, + 'status' => 1, + 'roles' => array(DRUPAL_AUTHENTICATED_RID), + ); + // @todo hook_user('register') will fire but only for loaded modules. + // Could be a problem for sites using page cache and that hook+operation. + $user = user_save('', array_merge($user_default, (array)$account)); + watchdog('user', "new user: $user->name (webserver_auth)", l(t('edit'), "user/$user->uid/edit")); + } } else { - if ($name) { - // user is logged into webserver. - $account->name = $name; - //modules get to change the user bits before saving. use a global $account to do so. - // only loaded modules will see this hook - module_invoke_all("webserver_auth"); - // if we are in bootstrap, load user.module ourselves - if (!module_exists('user')) { - drupal_load('module', 'user'); - } - - // try to log into Drupal. if unsuccessful, register the user - $test_user = user_external_load($account->name); - if (!$test_user->uid) { - if (variable_get("user_register", 1) == 1) { - $user_default = array("name" => $account->name, "pass" => "cyan", "init" => db_escape_string($name), "authname_webserver_auth" => $account->name, "status" => 1, "roles" => array(DRUPAL_AUTHENTICATED_RID)); - // TODO - the hook_user('register') will fire but only for loaded modules. could be a problem for sites using page cache and that hook+operation - $user = user_save("", array_merge($user_default, (array)$account)); - watchdog("user", "new user: $user->name (webserver_auth)", l(t("edit user"), "admin/user/edit/$user->uid")); - } - } - else{ - $user = $test_user; - } - } - else { - // do nothing. user isn't logged into web server - } + $user = $test_user; } } @@ -77,42 +92,42 @@ function webserver_auth_webserver_auth() // pretties up the username for NTLM authentication (i.e. Windows) if ($_SERVER["AUTH_TYPE"] == "NTLM" || $_SERVER["AUTH_TYPE"] == 'Negotiate') { if (!(strpos($account->name, "\\") === false)) { - $account->name = substr($account->name, strrpos($account->name, "\\")+1); - } + $account->name = substr($account->name, strrpos($account->name, "\\") + 1); + } if (!(strpos($account->name, "@") === false)) { $account->name = substr($account->name, 0, strrpos($account->name, "@")); - } + } } if ($domain = variable_get("webserver_auth_domain", "")) { if ($account->name) { - $account->mail = $account->name. "@$domain"; + $account->mail = $account->name ."@$domain"; } } } function webserver_auth_settings() { - $form["webserver_auth_domain"] = array( + $form['webserver_auth_domain'] = array( '#type' => 'textfield', - '#title' => t("Email Domain"), - '#default_value' => variable_get("webserver_auth_domain", ""), + '#title' => t('Email Domain'), + '#default_value' => variable_get('webserver_auth_domain', ''), '#size' => 30, '#maxlength' => 55, - '#description' => t("Append this domain name to each new user in order generate his email address. Currently only used for NTLM authentication."), - ); - return system_settings_form($form); + '#description' => t('Append this domain name to each new user in order generate his email address. Currently only used for NTLM authentication.'), + ); + return system_settings_form($form); } +/** + * Implementation of hook_help(). + */ function webserver_auth_help($section) { - $output =""; - switch ($section) { case 'admin/help#webserver_auth': break; + case 'admin/modules#description': - $output .= t("Use web server authentication instead of Drupal"); - break; + return t('Use web server authentication instead of Drupal'); } - - return $output; } +