diff options
| author | Christophe Nowicki <cnowicki@easter-eggs.com> | 2004-09-20 16:01:08 +0000 |
|---|---|---|
| committer | Christophe Nowicki <cnowicki@easter-eggs.com> | 2004-09-20 16:01:08 +0000 |
| commit | 63eda2109992301e9e033f66c5d6f4912b1d56f5 (patch) | |
| tree | bbb39e8845160a1d3047af1ea058467def2dc4e7 /php | |
| parent | 4909ede99e0a938abdbb27305989f61938783c23 (diff) | |
| download | lasso-63eda2109992301e9e033f66c5d6f4912b1d56f5.tar.gz lasso-63eda2109992301e9e033f66c5d6f4912b1d56f5.tar.xz lasso-63eda2109992301e9e033f66c5d6f4912b1d56f5.zip | |
PHP session are now stored in the database
A now table was added 'sso_session' for storing information about the
PHP Session, it's possible to view logged user
Logout destroy the PHP session in the IdP
Bug : user can't sso twice ;(
Diffstat (limited to 'php')
| -rw-r--r-- | php/Attic/examples/sample-idp/admin_user.php | 27 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/index.php | 12 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/login.php | 15 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/logout.php | 8 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/setup.php | 23 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/singleSignOn.php | 210 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/soapEndpoint.php | 364 | ||||
| -rw-r--r-- | php/Attic/examples/sample-idp/user_add.php | 10 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/admin_user.php | 7 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/assertionConsumer.php | 13 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/index.php | 9 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/log_view.php | 4 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/login.php | 10 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/logout.php | 46 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/register.php | 20 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/session.php | 86 | ||||
| -rw-r--r-- | php/Attic/examples/sample-sp/setup.php | 22 |
17 files changed, 570 insertions, 316 deletions
diff --git a/php/Attic/examples/sample-idp/admin_user.php b/php/Attic/examples/sample-idp/admin_user.php index 0f0c31c3..172dabe9 100644 --- a/php/Attic/examples/sample-idp/admin_user.php +++ b/php/Attic/examples/sample-idp/admin_user.php @@ -24,13 +24,14 @@ require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); $number_of_users = 5; - - $db = &DB::connect($config['dsn']); + // connect to the data base + $db = &DB::connect($config['dsn']); if (DB::isError($db)) die("Could not connect to the database"); @@ -38,6 +39,10 @@ $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + // Show XML dump if (!empty($_GET['dump']) && !empty($_GET['type'])) { @@ -179,8 +184,14 @@ if ($count > $number_of_users) echo "| <a href=\"$PHP_SELF?show_all=1\">Show All</a>"; } + if ($count) + { + ?> + | <a href="javascript:void(0)" onClick="ToggleAll();">Toggle All</a> + <?php + } ?> - | <a href="javascript:void(0)" onClick="ToggleAll();">Toggle All</a></td> + </td> <td align='right'><a href="javascript:openpopup('user_add.php')">add user</a></td> </tr> <tr align="center"> @@ -241,9 +252,10 @@ <td colspan="<?php echo $num_col; ?>" align='center'> <?php // get all federations for this user - if (!empty($session_dump) && !empty($identity_dump)) + if (!empty($identity_dump)) { - $login->setSessionFromDump($session_dump); + if (!empty($session_dump)) + $login->setSessionFromDump($session_dump); $login->setIdentityFromDump($identity_dump); $identity = $login->identity; @@ -292,7 +304,6 @@ </body> </html> -<?php - lasso_shutdown(); - $db->disconnect(); +<?php + lasso_shutdown(); ?> diff --git a/php/Attic/examples/sample-idp/index.php b/php/Attic/examples/sample-idp/index.php index 2b14c010..79d6a318 100644 --- a/php/Attic/examples/sample-idp/index.php +++ b/php/Attic/examples/sample-idp/index.php @@ -23,6 +23,7 @@ */ require_once 'DB.php'; + require_once 'session.php'; if(!extension_loaded('lasso')) { $ret = @dl('lasso.' . PHP_SHLIB_SUFFIX); @@ -56,6 +57,10 @@ You can get more informations about <b>Lasso</b> at <br> $db = &DB::connect($config['dsn']); if (DB::isError($db)) die($db->getMessage()); + + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); session_start(); @@ -65,7 +70,7 @@ You can get more informations about <b>Lasso</b> at <br> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <head> -<title>Lasso Service Provider Example</title> +<title>Lasso Identity Provider Example</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> </head> @@ -74,7 +79,7 @@ You can get more informations about <b>Lasso</b> at <br> <b>Identity Provider Administration</b><br> <a href="setup.php">Setup</a><br> <a href="admin_user.php">Users Management</a><br> - <a href="view_sessions.php">View Online Users</a> + <a href="view_session.php">View Online Users</a> <?php if ($config['log_handler'] == 'sql') { ?> <br><a href="log_view.php">View log</a> <?php } ?> @@ -129,6 +134,5 @@ You can get more informations about <b>Lasso</b> at <br> </html> <?php - $db->disconnect(); lasso_shutdown(); - ?> +?> diff --git a/php/Attic/examples/sample-idp/login.php b/php/Attic/examples/sample-idp/login.php index db24681e..3014ac20 100644 --- a/php/Attic/examples/sample-idp/login.php +++ b/php/Attic/examples/sample-idp/login.php @@ -25,8 +25,9 @@ require_once 'HTML/QuickForm.php'; require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; - $config = unserialize(file_get_contents('config.inc')); + $config = unserialize(file_get_contents('config.inc')); // connect to the data base $db = &DB::connect($config['dsn']); @@ -37,6 +38,10 @@ $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); /* @@ -69,7 +74,7 @@ $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); die("Internal Server Error"); - } send by + } if ($res->numRows()) { @@ -84,7 +89,6 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) { sendHTTPBasicAuth(); - $db->disconnect(); exit; } else @@ -94,7 +98,6 @@ { $logger->log("Authentication failure with login '".$form->exportValue('username')." password '". $form->exportValue('password') ."' IP " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_WARNING); sendHTTPBasicAuth(); - $db->disconnect(); exit; } else @@ -122,8 +125,6 @@ $_SESSION['session_dump'] = $row[1]; } */ - $db->disconnect(); - $url = 'index.php'; header("Request-URI: $url"); header("Content-Location: $url"); @@ -159,12 +160,10 @@ header("Request-URI: $url"); header("Content-Location: $url"); header("Location: $url\r\n\r\n"); - $db->disconnect(); exit; } else $logger->log("Authentication failure with login '".$form->exportValue('username')." password '". $form->exportValue('password') ."' IP '" . $_SERVER['REMOTE_ADDR']."'", PEAR_LOG_WARNING); - $db->disconnect(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" diff --git a/php/Attic/examples/sample-idp/logout.php b/php/Attic/examples/sample-idp/logout.php index 8b5681b3..bc742e52 100644 --- a/php/Attic/examples/sample-idp/logout.php +++ b/php/Attic/examples/sample-idp/logout.php @@ -24,6 +24,7 @@ require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); @@ -36,11 +37,14 @@ $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); - # Destroy The PHP Session + // Destroy The PHP Session $_SESSION = array(); - session_destroy(); $url = "index.php"; diff --git a/php/Attic/examples/sample-idp/setup.php b/php/Attic/examples/sample-idp/setup.php index eaa9fa88..5284f886 100644 --- a/php/Attic/examples/sample-idp/setup.php +++ b/php/Attic/examples/sample-idp/setup.php @@ -287,8 +287,23 @@ $query = "CREATE TABLE sessions ( id varchar(32) primary key, - expiry integer, - data text + lastupdate timestamp, + data text)"; + + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + + print "OK"; + + print "<br>Create table 'sso_sessions' : "; + $query = "DROP TABLE sso_sessions CASCADE"; + $res =& $db->query($query); + + $query = "CREATE TABLE sso_sessions ( + name_identifier character varying(100), + session_id character varying(32), + ip integer )"; $res =& $db->query($query); @@ -300,7 +315,6 @@ $db->disconnect(); // Check if IdP files does exists - $keys = array_keys($config); $files = preg_grep("/idp/", $keys); @@ -551,7 +565,8 @@ <input type='submit' name='setup' value='setup'> </p> </form> -<br> +<p align='center'><a href='index.php'>Index</a> +</p> <p>Copyright © 2004 Entr'ouvert</p> </body> </html> diff --git a/php/Attic/examples/sample-idp/singleSignOn.php b/php/Attic/examples/sample-idp/singleSignOn.php index 96dc50b2..b73d5515 100644 --- a/php/Attic/examples/sample-idp/singleSignOn.php +++ b/php/Attic/examples/sample-idp/singleSignOn.php @@ -25,6 +25,7 @@ require_once 'HTML/QuickForm.php'; require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); @@ -37,6 +38,10 @@ $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); lasso_init(); @@ -51,7 +56,6 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) { sendHTTPBasicAuth(); - $db->disconnect(); exit; } else @@ -76,15 +80,16 @@ $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); if (empty($array)) { - $logger->log("User must no authenticate, but I don't find session and identity dump in the database", PEAR_LOG_CRIT); + $logger->log("User must no authenticate, but I don't find session and identity + dump in the database", PEAR_LOG_CRIT); die("Could not get Identity and Session Dump"); } $login->setIdentityFromDump($array['identity_dump']); - $login->setSessionFromDump($array['session_dump']); + if (!empty($array['session_dump'])) + $login->setSessionFromDump($array['session_dump']); doneSingleSignOn($db, $login, $user_id); - $db->disconnect(); exit; } @@ -92,22 +97,21 @@ if (!($user_id = authentificateUser($db, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) { sendHTTPBasicAuth(); - $db->disconnect(); exit; } else { $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); - $is_first_sso = (empty($array) ? TRUE : FALSE); + $is_first_sso = (isset($array['identity_dump']) ? FALSE : TRUE); + + /*if (!$is_first_sso) + $login->setIdentityFromDump($array['identity_dump']); */ + + if (!empty($array['session_dump'])) + $login->setSessionFromDump($array['session_dump']); - if (!$is_first_sso) - { - $login->setIdentityFromDump($array['identity_dump']); - $login->setSessionFromDump($array['session_dump']); - } doneSingleSignOn($db, $login, $user_id, $is_first_sso); } - $db->disconnect(); } exit; } @@ -147,15 +151,16 @@ global $logger; $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity_dump); - $query .= " WHERE user_id='$user_id'"; + $query .= " WHERE user_id='$user_id'"; - $res =& $db->query($query); - if (DB::isError($res)) + $res =& $db->query($query); + if (DB::isError($res)) { $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); die("Internal Server Error"); } + $logger->log("Update user '$user_id' identity dump", PEAR_LOG_DEBUG); } /* @@ -165,17 +170,17 @@ { global $logger; - $query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump); - $query .= " WHERE user_id='$user_id'"; + $query = "UPDATE users SET session_dump=".$db->quoteSmart($session_dump); + $query .= " WHERE user_id='$user_id'"; - $res =& $db->query($query); + $res =& $db->query($query); if (DB::isError($res)) { $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); die("Internal Server Error"); } - + $logger->log("Update user '$user_id' session dump", PEAR_LOG_DEBUG); } /* @@ -183,27 +188,27 @@ */ function saveAssertionArtifact($db, $artifact, $assertion) { - global $logger; + global $logger; - $assertion_dump = $assertion->dump(); + $assertion_dump = $assertion->dump(); - if (empty($assertion_dump)) - { - $logger->log("assertion dump is empty", PEAR_LOG_ALERT); + if (empty($assertion_dump)) + { + $logger->log("assertion dump is empty", PEAR_LOG_ALERT); die("assertion dump is empty"); - } + } - // Save assertion - $query = "INSERT INTO assertions (assertion, response_dump, created) VALUES "; - $query .= "('".$artifact."',".$db->quoteSmart($assertion_dump).", NOW())"; + // Save assertion + $query = "INSERT INTO assertions (assertion, response_dump, created) VALUES "; + $query .= "('".$artifact."',".$db->quoteSmart($assertion_dump).", NOW())"; - $res =& $db->query($query); - if (DB::isError($res)) - { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - die("Internal Server Error"); - } + $res =& $db->query($query); + if (DB::isError($res)) + { + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + die("Internal Server Error"); + } } /* @@ -216,14 +221,14 @@ // Get session and identity dump if there are available if (!empty($_SESSION['session_dump'])) { - $logger->log("Update user's session dump", PEAR_LOG_DEBUG); $login->setSessionFromDump($_SESSION['session_dump']); + $logger->log("Update user's session dump", PEAR_LOG_DEBUG); } if (!empty($_SESSION['identity_dump'])) { - $logger->log("Update user's identity dump", PEAR_LOG_DEBUG); $login->setIdentityFromDump($_SESSION['identity_dump']); + $logger->log("Update user's identity dump", PEAR_LOG_DEBUG); } } @@ -277,10 +282,9 @@ */ function getUserIDFromNameIdentifier($db, $nameidentifier) { - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameidentifier'"; - // echo $query; + $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameidentifier'"; - $res =& $db->query($query); + $res =& $db->query($query); if (DB::isError($res)) { $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); @@ -288,12 +292,12 @@ die($res->getMessage()); } - // UserID not found - if (!$res->numRows()) - return (0); + // UserID not found + if (!$res->numRows()) + return (0); - $row = $res->fetchRow(); - return ($row[0]); + $row = $res->fetchRow(); + return ($row[0]); } /* @@ -301,20 +305,18 @@ */ function getIdentityDumpAndSessionDumpFromUserID($db, $user_id) { - // User is authentificated - $query = "SELECT identity_dump,session_dump FROM users WHERE identity_dump"; - $query .= " IS NOT NULL AND session_dump IS NOT NULL AND user_id='$user_id'"; + $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; - $res =& $db->query($query); - if (DB::isError($res)) + $res =& $db->query($query); + if (DB::isError($res)) die($res->getMessage()); - if ($res->numRows()) - { + if ($res->numRows()) + { $row =& $res->fetchRow(); $ret = array("identity_dump" => $row[0], "session_dump" => $row[1]); return ($ret); - } + } } @@ -325,7 +327,7 @@ { global $logger; - $authenticationMethod = + $authenticationMethod = (($_SERVER["HTTPS"] == 'on') ? lassoSamlAuthenticationMethodSecureRemotePassword : lassoSamlAuthenticationMethodPassword); // reauth in session_cache_expire, default is 180 minutes @@ -373,12 +375,30 @@ die("assertion Artifact is empty"); } - saveAssertionArtifact($db, $login->assertionArtifact, $login->assertion); + saveAssertionArtifact($db, $login->assertionArtifact, $login->assertion); + + + // Save PHP Session ID in the sso_session table + $query = "INSERT INTO sso_sessions(name_identifier, session_id, ip)"; + $query .= " VALUES('" . $login->nameIdentifier . "','" . session_id() . "','"; + $query .= ip2long($_SERVER['REMOTE_ADDR']) . "')"; + + echo $query; + + $res =& $db->query($query); + if (DB::isError($res)) + { + $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); + die($res->getMessage()); + } unset($_SESSION['login_dump']); // delete login_dump - $_SESSION['identity_dump'] = $session->dump(); + $_SESSION['identity_dump'] = $identity->dump(); $_SESSION['session_dump'] = $session->dump(); + $logger->log("New Single Sign On Session started for user '$user_id'", PEAR_LOG_INFO); + switch($login->protocolProfile) { case lassoLoginProtocolProfileBrwsArt: @@ -392,8 +412,8 @@ case lassoLoginProtocolProfileBrwsPost: // TODO : lassoLoginProtocolProfileBrwsPost default: - $logger->log("Unknown Login Protocol Profile :" . $db->getMessage(), PEAR_LOG_CRIT); - die("Unknown Login Protocol Profile"); + $logger->log("Unknown Login Protocol Profile :" . $db->getMessage(), PEAR_LOG_CRIT); + die("Unknown Login Protocol Profile"); } } @@ -401,63 +421,63 @@ if ($form->validate()) { if (empty($_SESSION['login_dump'])) - { - $logger->log("Login dump is not registred in the session", PEAR_LOG_ERR); - die("Login dump is not registred"); - } + { + $logger->log("Login dump is not registred in the session", PEAR_LOG_ERR); + die("Login dump is not registred"); + } $login = LassoLogin::newFromDump($server, $_SESSION['login_dump']); if (($user_id = authentificateUser($db, $form->exportValue('username'), $form->exportValue('password')))) { - $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); - $is_first_sso = (empty($array) ? TRUE : FALSE); - - if (!$is_first_sso) - { - $login->setIdentityFromDump($array['identity_dump']); - $login->setSessionFromDump($array['session_dump']); - } - else - $logger->log("First SingleSignOn for user '$user_id'", PEAR_LOG_INFO); - - doneSingleSignOn($db, $login, $user_id, $is_first_sso); - $db->disconnect(); - exit; - } - else - $logger->log("Authentication failure with login '".$form->exportValue('username')." password '". $form->exportValue('password') ."' IP '" . $_SERVER['REMOTE_ADDR']."'", PEAR_LOG_WARNING); + $array = getIdentityDumpAndSessionDumpFromUserID($db, $user_id); + $is_first_sso = (isset($array['identity_dump']) ? FALSE : TRUE); + + if (!empty($array['identity_dump'])) + $login->setIdentityFromDump($array['identity_dump']); + + /* if (!$is_first_sso) + $login->setIdentityFromDump($array['identity_dump']); + else + $logger->log("First SingleSignOn for user '$user_id'", PEAR_LOG_INFO); */ + + if (!empty($array['session_dump'])) + $login->setSessionFromDump($array['session_dump']); + doneSingleSignOn($db, $login, $user_id, $is_first_sso); + exit; + } + else + $logger->log("Authentication failure with login '". $form->exportValue('username')." + password '". $form->exportValue('password') ."' IP '" . $_SERVER['REMOTE_ADDR']."'", PEAR_LOG_WARNING); } else { $login = new LassoLogin($server); - // init login - updateDumpsFromSession($login); - initFromAuthnRequest($login); + // init login + updateDumpsFromSession($login); + initFromAuthnRequest($login); // User must NOT Authenticate with the IdP if (!$login->mustAuthenticate()) { - $user_id = getUserIDFromNameIdentifier($db, $login->nameIdentifier); + $user_id = getUserIDFromNameIdentifier($db, $login->nameIdentifier); - if (!$user_id) - { - $logger->log("Could not get UserID from Name Identifier '" . $login->nameIdentifier . "'", PEAR_LOG_ERR); - die("Internal Server Error"); - } - - doneSingleSignOn($db, $login, $user_id); - $db->disconnect(); - exit; + if (!$user_id) + { + $logger->log("Could not get UserID from Name Identifier '" . $login->nameIdentifier . "'", PEAR_LOG_ERR); + die("Internal Server Error"); + } + doneSingleSignOn($db, $login, $user_id); + exit; } else { - // register login dump in this session, - // we can not transfert xml dump with hidden input - $_SESSION['login_dump'] = $login->dump(); + // register login dump in this session, + // we can not transfert xml dump with hidden input + $_SESSION['login_dump'] = $login->dump(); } } ?> diff --git a/php/Attic/examples/sample-idp/soapEndpoint.php b/php/Attic/examples/sample-idp/soapEndpoint.php index 9172e9fd..16812432 100644 --- a/php/Attic/examples/sample-idp/soapEndpoint.php +++ b/php/Attic/examples/sample-idp/soapEndpoint.php @@ -23,6 +23,7 @@ */ require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); @@ -42,6 +43,12 @@ $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + + session_start(); + if (empty($HTTP_RAW_POST_DATA)) { $logger->log("HTTP_RAW_POST_DATA is empty", PEAR_LOG_WARNING); @@ -57,7 +64,7 @@ { // Login case lassoRequestTypeLogin: - $logger->log("SOAP Login Request from " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO); + $logger->log("SOAP Login Request from " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO); $login = new LassoLogin($server); $login->processRequestMsg($HTTP_RAW_POST_DATA); @@ -69,10 +76,9 @@ if (DB::isError($res)) { header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; } // Good Artifact, send reponse_dump @@ -85,203 +91,243 @@ if (DB::isError($res)) { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - exit; + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; } - $logger->log("Delete assertion '$artifact'", PEAR_LOG_DEBUG); + $logger->log("Delete assertion '$artifact'", PEAR_LOG_DEBUG); $login->setAssertionFromDump($row[0]); $login->buildResponseMsg(); header("Content-Length: " . strlen($login->msgBody) . "\r\n"); echo $login->msgBody; - exit; + + exit; } else { // Wrong Artifact header("HTTP/1.0 403 Forbidden"); header("Content-Length: 0\r\n"); - $logger->log("Wrong artifact send by " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_WARNING); + $logger->log("Wrong artifact send by " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_WARNING); exit; } break; case lassoRequestTypeLogout: - $logger->log("SOAP Logout Request from " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO); + $logger->log("SOAP Logout Request from " . $_SERVER['REMOTE_ADDR'], PEAR_LOG_INFO); - // Logout - $logout = new LassoLogout($server, lassoProviderTypeIdp); - $logout->processRequestMsg($HTTP_RAW_POST_DATA, lassoHttpMethodSoap); - $nameIdentifier = $logout->nameIdentifier; + // Logout + $logout = new LassoLogout($server, lassoProviderTypeIdp); + $logout->processRequestMsg($HTTP_RAW_POST_DATA, lassoHttpMethodSoap); + $nameIdentifier = $logout->nameIdentifier; - // name identifier is empty, wrong request - if (empty($nameIdentifier)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("Name Identifier is empty", PEAR_LOG_ERR); - exit; - } + // name identifier is empty, wrong request + if (empty($nameIdentifier)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("Name Identifier is empty", PEAR_LOG_ERR); + exit; + } - $logger->log("Name Identifier '$nameIdentifier'", PEAR_LOG_DEBUG); + $logger->log("Name Identifier '$nameIdentifier'", PEAR_LOG_DEBUG); - $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameIdentifier'"; + $query = "SELECT user_id FROM nameidentifiers WHERE name_identifier='$nameIdentifier'"; - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } + $res =& $db->query($query); + if (DB::isError($res)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; + } - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("Could not find user_id matching nameidentifier '$nameIdentifier'", PEAR_LOG_ERR); - exit; - } + if (!$res->numRows()) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("Could not find user_id matching nameidentifier '$nameIdentifier'", PEAR_LOG_ERR); + exit; + } - $row = $res->fetchRow(); - $user_id = $row[0]; - - $logger->log("'$nameIdentifier' match UserID '$user_id'", PEAR_LOG_DEBUG); + $row = $res->fetchRow(); + $user_id = $row[0]; - $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; + $logger->log("Name Identifier '$nameIdentifier' match UserID '$user_id'", PEAR_LOG_DEBUG); - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } + $query = "SELECT identity_dump,session_dump FROM users WHERE user_id='$user_id'"; + + $res =& $db->query($query); + if (DB::isError($res)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; + } - if (!$res->numRows()) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("Could not fetch identity and session dump for user '$user_id'", PEAR_LOG_ERR); - exit; - } + if (!$res->numRows()) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("Could not fetch identity and session dump for user '$user_id'", PEAR_LOG_ERR); + exit; + } - $row = $res->fetchRow(); - $user_dump = $row[0]; - $session_dump = $row[1]; + $row = $res->fetchRow(); + $user_dump = $row[0]; + $session_dump = $row[1]; - $logout->setSessionFromDump($session_dump); - $logout->setIdentityFromDump($user_dump); + $logout->setSessionFromDump($session_dump); + $logout->setIdentityFromDump($user_dump); - // TODO : handle bad validate request - $logout->validateRequest(); + // TODO : handle bad validate request + $logout->validateRequest(); - if ($logout->isIdentityDirty) - { - $identity = $logout->identity; - $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity->dump()); - $query .= " WHERE user_id='$user_id'"; + if ($logout->isIdentityDirty) + { + $identity = $logout->identity; + $query = "UPDATE users SET identity_dump=".$db->quoteSmart($identity->dump()); + $query .= " WHERE user_id='$user_id'"; + $logger->log("ici3", PEAR_LOG_DEBUG); - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - $logger->log("Update identity dump for user '$user_id'", PEAR_LOG_DEBUG); - } - - if ($logout->isSessionDirty) - { - $identity = $logout->session; - $query = "UPDATE users SET session_dump=".$db->quoteSmart($session->dump()); - $query .= " WHERE user_id='$user_id'"; + $res =& $db->query($query); + if (DB::isError($res)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; + } + $logger->log("Update identity dump for user '$user_id'", PEAR_LOG_DEBUG); + } - $res =& $db->query($query); - if (DB::isError($res)) - { - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); - exit; - } - $logger->log("Update session dump for user '$user_id'", PEAR_LOG_DEBUG); - } + if ($logout->isSessionDirty) + { + $session = $logout->session; + $query = "UPDATE users SET session_dump=".$db->quoteSmart($session->dump()); + $query .= " WHERE user_id='$user_id'"; + + $res =& $db->query($query); + if (DB::isError($res)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; + } + $logger->log("Update session dump for user '$user_id'", PEAR_LOG_DEBUG); + } - // TODO : try multiple sp logout - while(($providerID = $logout->getNextProviderId())) - { - $logout->initRequest($providerID, lassoHttpMethodAny); // FIXME - $logout->buildRequestMsg(); - $url = parse_url($logout->msgUrl); + // TODO : try multiple sp logout + while(($providerID = $logout->getNextProviderId())) + { + $logout->initRequest($providerID, lassoHttpMethodAny); // FIXME + $logout->buildRequestMsg(); + $url = parse_url($logout->msgUrl); - $logger->log("Send SOAP Logout Request to '$providerID' for user '$user_id'", PEAR_LOG_INFO); + $logger->log("Send SOAP Logout Request to '$providerID' for user '$user_id'", PEAR_LOG_INFO); - $soap = sprintf("POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", - $url['path'], $url['host'], $url['port'], strlen($logout->msgBody), $logout->msgBody); - - $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30); - if (!$fp) - { - $logger->log("Could not send SOAP Logout Request to '$providerID' for user '$user_id' : $errstr ($errno)", PEAR_LOG_WARN); - continue; - } - fwrite($fp, $soap); - $ret = fgets($fp); + $soap = sprintf("POST %s HTTP/1.1\r\nHost: %s:%d\r\nContent-Length: %d\r\nContent-Type: text/xml\r\n\r\n%s\r\n", + $url['path'], $url['host'], $url['port'], strlen($logout->msgBody), $logout->msgBody); + $logger->log('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path'], PEAR_LOG_INFO); + $logger->log('SOAP Request : ' . $soap, PEAR_LOG_DEBUG); + + $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30); + if (!$fp) + { + $logger->log("Could not send SOAP Logout Request to '$providerID' + for user '$user_id' : $errstr ($errno)", PEAR_LOG_WARN); + continue; + } + fwrite($fp, $soap); - // header - do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header)); - - // chunked encoding - if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header)) - { - do { - $byte = ''; - $chunk_size = ''; - - do { - $chunk_size .= $byte; - $byte = fread($fp, 1); - } while ($byte != "\\r"); - - fread($fp, 1); - $chunk_size = hexdec($chunk_size); - $response .= fread($fp, $chunk_size); - fread($fp, 2); - } while ($chunk_size); - } - else - { - if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches)) - $response = fread($fp, $matches[1]); - else - while (!feof($fp)) $response .= fread($fp, 1024); - } - fclose($fp); - - if (!preg_match("/^HTTP\/1\\.. 200/i", $header)) - { - $logger->log("Logout faild for user '$user_id' on '$providerID'", PEAR_LOG_WARN); - continue; - } - $logout->processResponseMsg($response, lassoHttpMethodSoap); - } + // header + do $header .= fread($fp, 1); while (!preg_match('/\\r\\n\\r\\n$/',$header)); + + // chunked encoding + if (preg_match('/Transfer\\-Encoding:\\s+chunked\\r\\n/',$header)) + { + do { + $byte = ''; + $chunk_size = ''; + do { + $chunk_size .= $byte; + $byte = fread($fp, 1); + } while ($byte != "\\r"); + fread($fp, 1); + $chunk_size = hexdec($chunk_size); + $response .= fread($fp, $chunk_size); + fread($fp, 2); + } while ($chunk_size); + } + else + { + if (preg_match('/Content\\-Length:\\s+([0-9]+)\\r\\n/', $header, $matches)) + $response = fread($fp, $matches[1]); + else + while (!feof($fp)) $response .= fread($fp, 1024); + } + fclose($fp); + $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); + $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); + + if (!preg_match("/^HTTP\/1\\.. 200/i", $header)) + { + $logger->log("Logout faild for user '$user_id' on '$providerID'", PEAR_LOG_WARN); + continue; + } + $logout->processResponseMsg($response, lassoHttpMethodSoap); + } + - $logout->buildResponseMsg(); - header("Content-Length: " . strlen($logout->msgBody) . "\r\n"); - echo $logout->msgBody; - $logger->log("User '$user_id' logged out", PEAR_LOG_INFO); - break; + $logout->buildResponseMsg(); + header("Content-Length: " . strlen($logout->msgBody) . "\r\n"); + echo $logout->msgBody; + + + // Get PHP session ID + $query = "SELECT session_id FROM sso_sessions WHERE name_identifier='$nameIdentifier'"; + $res =& $db->query($query); + if (DB::isError($res)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; + } + $row = $res->fetchRow(); + $session_id = $row[0]; + + $logger->log("Name Identifier '$nameIdentifier' match PHP Session ID '$session_id'", PEAR_LOG_DEBUG); + + session_id($session_id); + + // Destroy The PHP Session + $_SESSION = array(); + session_destroy(); + + // Delete SSO Session from table 'sso_sessions' + $query = "DELETE FROM sso_sessions WHERE name_identifier='$nameIdentifier'"; + $res =& $db->query($query); + if (DB::isError($res)) + { + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + exit; + } + $logger->log("Destroy PHP Session '$session_id'", PEAR_LOG_DEBUG); + + $logger->log("User '$user_id' is logged out", PEAR_LOG_INFO); + break; case lassoRequestTypeDefederation: default: - header("HTTP/1.0 500 Internal Server Error"); - $logger->log("Unknown or unsupported SOAP request", PEAR_LOG_CRIT); + header("HTTP/1.0 500 Internal Server Error"); + $logger->log("Unknown or unsupported SOAP request", PEAR_LOG_CRIT); } lasso_shutdown(); diff --git a/php/Attic/examples/sample-idp/user_add.php b/php/Attic/examples/sample-idp/user_add.php index ce451431..a93fbf2b 100644 --- a/php/Attic/examples/sample-idp/user_add.php +++ b/php/Attic/examples/sample-idp/user_add.php @@ -25,6 +25,7 @@ require_once 'HTML/QuickForm.php'; require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); @@ -33,6 +34,10 @@ if (DB::isError($db)) die("Could not connect to the database"); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + // create logger $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); @@ -57,13 +62,12 @@ $res =& $db->query($query); if (DB::isError($res)) { - $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_ERR); - $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + $logger->log("DB Error :" . $res->getMessage(), PEAR_LOG_ERR); + $logger->log("DB Error :" . $res->getDebugInfo(), PEAR_LOG_DEBUG); die("username exist!"); } $logger->log("Create User '" . $form->exportValue('username') . "'", PEAR_LOG_NOTICE); - $db->disconnect(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> diff --git a/php/Attic/examples/sample-sp/admin_user.php b/php/Attic/examples/sample-sp/admin_user.php index 82d828bd..30efe3c6 100644 --- a/php/Attic/examples/sample-sp/admin_user.php +++ b/php/Attic/examples/sample-sp/admin_user.php @@ -153,6 +153,13 @@ </tfoot> </table> +<br> +<p align='center'><a href='index.php'>Index</a> +</p> + +<br> +<p>Copyright © 2004 Entr'ouvert</p> + </body> </html> diff --git a/php/Attic/examples/sample-sp/assertionConsumer.php b/php/Attic/examples/sample-sp/assertionConsumer.php index 85d67556..727c2c0f 100644 --- a/php/Attic/examples/sample-sp/assertionConsumer.php +++ b/php/Attic/examples/sample-sp/assertionConsumer.php @@ -24,16 +24,16 @@ require_once 'Log.php'; require_once 'DB.php'; - + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); if (!$_GET['SAMLart']) { exit(1); } - + + // connect to the data base $db = &DB::connect($config['dsn']); - if (DB::isError($db)) die($db->getMessage()); @@ -41,6 +41,10 @@ $conf['db'] = $db; $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); lasso_init(); @@ -158,7 +162,7 @@ } else { - // New User + // New User $login->acceptSso(); $identity = $login->identity; @@ -227,7 +231,6 @@ header("Request-URI: $url"); header("Content-Location: $url"); header("Location: $url\n\n"); - $db->disconnect(); lasso_shutdown(); exit(); ?> diff --git a/php/Attic/examples/sample-sp/index.php b/php/Attic/examples/sample-sp/index.php index 05d16e54..62c5faef 100644 --- a/php/Attic/examples/sample-sp/index.php +++ b/php/Attic/examples/sample-sp/index.php @@ -22,8 +22,8 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ - require_once 'HTTP/Session.php'; require_once 'DB.php'; + require_once 'session.php'; if(!extension_loaded('lasso')) { $ret = @dl('lasso.' . PHP_SHLIB_SUFFIX); @@ -57,7 +57,11 @@ You can get more informations about <b>Lasso</b> at <br> $db = &DB::connect($config['dsn']); if (DB::isError($db)) die($db->getMessage()); - + + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); lasso_init(); @@ -166,5 +170,4 @@ You can get more informations about <b>Lasso</b> at <br> </html> <?php lasso_shutdown(); - $db->disconnect(); ?> diff --git a/php/Attic/examples/sample-sp/log_view.php b/php/Attic/examples/sample-sp/log_view.php index 68acc458..43384da4 100644 --- a/php/Attic/examples/sample-sp/log_view.php +++ b/php/Attic/examples/sample-sp/log_view.php @@ -1,6 +1,6 @@ <?php /* - * Identity Provider Example -- View log + * Service Provider Example -- View log * * Copyright (C) 2004 Entr'ouvert * http://lasso.entrouvert.org @@ -65,7 +65,7 @@ <html> <head> <head> - <title>Lasso Identity Provider Example : View Logs</title> + <title>Lasso Service Provider Example : View Logs</title> </head> <body> <br> diff --git a/php/Attic/examples/sample-sp/login.php b/php/Attic/examples/sample-sp/login.php index c857e5cd..55e55d5e 100644 --- a/php/Attic/examples/sample-sp/login.php +++ b/php/Attic/examples/sample-sp/login.php @@ -24,9 +24,19 @@ require_once 'Log.php'; require_once 'DB.php'; + require_once 'session.php'; $config = unserialize(file_get_contents('config.inc')); + // connect to the data base + $db = &DB::connect($config['dsn']); + if (DB::isError($db)) + die($db->getMessage()); + + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); lasso_init(); diff --git a/php/Attic/examples/sample-sp/logout.php b/php/Attic/examples/sample-sp/logout.php index 68f15fea..64c1214b 100644 --- a/php/Attic/examples/sample-sp/logout.php +++ b/php/Attic/examples/sample-sp/logout.php @@ -22,27 +22,37 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + require_once 'Log.php'; + require_once 'DB.php'; + require_once 'session.php'; + $config = unserialize(file_get_contents('config.inc')); - require_once 'DB.php'; + // connect to the data base + $db = &DB::connect($config['dsn']); + if (DB::isError($db)) + die($db->getMessage()); + + // create logger + $conf['db'] = $db; + $logger = &Log::factory($config['log_handler'], 'log', $_SERVER['PHP_SELF'], $conf); + + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); session_start(); if (!isset($_SESSION["nameidentifier"])) { - print "User is not logged in"; + $logger->log("Not logged in user '" . $_SERVER['REMOTE_ADDR'] , "', try to register.", PEAR_LOG_WARN); exit(0); - } + } lasso_init(); - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) - die($db->getMessage()); - $server_dump = file_get_contents($config['server_dump_filename']); - $server = LassoServer::newfromdump($server_dump); + $server = LassoServer::newFromDump($server_dump); $logout = new LassoLogout($server, lassoProviderTypeSp); @@ -52,7 +62,11 @@ $res =& $db->query($query); if (DB::isError($res)) - print $res->getMessage(). "\n"; + { + $logger->log("DB Error :" . $db->getMessage(), PEAR_LOG_CRIT); + $logger->log("DB Error :" . $db->getDebugInfo(), PEAR_LOG_DEBUG); + die($db->getMessage()); + } $row = $res->fetchRow(); @@ -69,10 +83,11 @@ $url['path'], $url['host'], $url['port'], strlen($logout->msgBody), $logout->msgBody); + $logger->log('Send SOAP Request to '. $url['host'] . ":" .$url['port']. $url['path'], PEAR_LOG_INFO); + $logger->log('SOAP Request : ' . $soap, PEAR_LOG_DEBUG); # PHP 4.3.0 with OpenSSL support required $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno)); - socket_set_timeout($fp, 10); fwrite($fp, $soap); @@ -106,16 +121,19 @@ } fclose($fp); + $logger->log('SOAP Response Header : ' . $header, PEAR_LOG_DEBUG); + $logger->log('SOAP Response Body : ' . $response, PEAR_LOG_DEBUG); + if (!preg_match("/^HTTP\/1\\.. 200/i", $header)) { + $logger->log("User is already logged out" . $_SERVER['REMOTE_ADDR'], PEAR_LOG_WARN); die("User is already logged out"); } # Destroy The PHP Session $_SESSION = array(); - + $logger->log("Destroy session '".session_id()."' for user '".$_SESSION['username']."'", PEAR_LOG_INFO); session_destroy(); - - $db->disconnect(); + lasso_shutdown(); $url = "index.php"; diff --git a/php/Attic/examples/sample-sp/register.php b/php/Attic/examples/sample-sp/register.php index 6c1b0152..26c468f5 100644 --- a/php/Attic/examples/sample-sp/register.php +++ b/php/Attic/examples/sample-sp/register.php @@ -22,9 +22,20 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ - $config = unserialize(file_get_contents('config.inc')); - require_once 'DB.php'; + require_once 'session.php'; + + $config = unserialize(file_get_contents('config.inc')); + + // connect to the data base + $db = &DB::connect($config['dsn']); + if (DB::isError($db)) + die($db->getMessage()); + + // session handler + session_set_save_handler("open_session", "close_session", + "read_session", "write_session", "destroy_session", "gc_session"); + session_start(); if (!isset($_SESSION["nameidentifier"])) { @@ -34,11 +45,6 @@ switch($_POST['action']) { case "submit": - $db = &DB::connect($config['dsn']); - - if (DB::isError($db)) - die($db->getMessage()); - // Update User info $query = "UPDATE users SET first_name=" . $db->quoteSmart($_POST['first_name']); $query .= ",last_name=" . $db->quoteSmart($_POST['last_name']); diff --git a/php/Attic/examples/sample-sp/session.php b/php/Attic/examples/sample-sp/session.php new file mode 100644 index 00000000..45bf99c7 --- /dev/null +++ b/php/Attic/examples/sample-sp/session.php @@ -0,0 +1,86 @@ +<?php +/* + * Pear::DB session handler + * + * Copyright (C) 2004 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: Christophe Nowicki <cnowicki@easter-eggs.com> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +function open_session ($save_path, $session_name) { + return(true); +} + +function close_session() { + global $db; + $db->disconnect(); + return(true); +} + +function read_session ($id) { + global $db; + + $query = "SELECT * FROM sessions WHERE id='$id'"; + $res =& $db->query($query); + if (DB::isError($res)) + { + exit; + die($res->getMessage()); + } + + if ($res->numRows() == 1) + { + $row = $res->fetchRow(); + return ($row[2]); + } else { + return(""); + } +} + +function write_session ($id, $sess_data) { + global $db; + + $query = "DELETE FROM sessions WHERE id='$id'"; + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + + $query = "INSERT INTO sessions(id, lastupdate, data) VALUES('$id', NOW(),"; + $query .= $db->quoteSmart($sess_data).")"; + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); +} + +function destroy_session ($id) { + global $db; + + $query = "DELETE FROM sessions WHERE id='$id'"; + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + + return true; +} + +function gc_session ($maxlifetime) { + return true; +} + +?> diff --git a/php/Attic/examples/sample-sp/setup.php b/php/Attic/examples/sample-sp/setup.php index c6c44228..2886c88a 100644 --- a/php/Attic/examples/sample-sp/setup.php +++ b/php/Attic/examples/sample-sp/setup.php @@ -167,8 +167,22 @@ $query = "CREATE TABLE sessions ( id varchar(32) primary key, - expiry integer, - data text + lastupdate timestamp, + data text)"; + + $res =& $db->query($query); + if (DB::isError($res)) + die($res->getMessage()); + + print "OK"; + + print "<br>Create table 'sso_sessions' : "; + $query = "DROP TABLE sso_sessions CASCADE"; + $res =& $db->query($query); + + $query = "CREATE TABLE sso_sessions ( + name_identifier character varying(100), + session_id character varying(32) )"; $res =& $db->query($query); @@ -177,6 +191,7 @@ print "OK"; + $db->disconnect(); $keys = array_keys($config); @@ -375,6 +390,9 @@ </table> <input type='hidden' name='action' value='setup'> </form> +<p align='center'><a href='index.php'>Index</a> +</p> +<p>Copyright © 2004 Entr'ouvert</p> </body> </html> <?php |