From ddf3de6720aac5bcd1a3f19c70241b67775d0d98 Mon Sep 17 00:00:00 2001 From: martinlanghoff Date: Wed, 14 Nov 2007 22:09:45 +0000 Subject: [PATCH] MDL-9399 auth/ldap: ntlmsso_finish() now completes the user session setup MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit As Iñaki points out, ntlmsso_finish() needs to do all the setup that login/index.php would do for a user once auth succeeds. With this patch, the session setup is complete so the logon is usable. --- auth/ldap/auth.php | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index 2d4b8c8b84..147c864dab 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -1796,7 +1796,7 @@ class auth_plugin_ldap extends auth_plugin_base { * */ function ntlmsso_finish() { - global $CFG; + global $CFG, $USER; $key = $_SERVER['REMOTE_ADDR']; // add sesskey? if ($cookie = get_config('auth/ldap/ntlmsess', $key)) { @@ -1809,7 +1809,26 @@ class auth_plugin_ldap extends auth_plugin_base { && $sesskey === sesskey()) { // Here we want to trigger the whole authentication machinery // to make sure no step is bypassed... - authenticate_user_login($username, $sesskey); + $user = authenticate_user_login($username, $sesskey); + if ($user) { + add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, + $user->id, 0, $user->id); + $USER = complete_user_login($user); + + /// Redirection + if (user_not_fully_set_up($USER)) { + $urltogo = $CFG->wwwroot.'/user/edit.php'; + // We don't delete $SESSION->wantsurl yet, so we get there later + } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) { + $urltogo = $SESSION->wantsurl; /// Because it's an address in this site + unset($SESSION->wantsurl); + } else { + // no wantsurl stored or external - go to homepage + $urltogo = $CFG->wwwroot.'/'; + unset($SESSION->wantsurl); + } + redirect($urltogo); + } } } } -- 2.39.5