\SSPSecurity
Replaces the default SilverStripe {@link Security} class for dealing with SimpleSAMLphp authentication
- Author: Anton Smith <anton.smith@op.ac.nz>
Synopsis
class SSPSecurity
extends Controller
{
- // members
- private static $authenticators;
- private static $default_authenticator;
- private static $default_logged_in_url;
- private static $default_logged_out_url;
- private static boolean $enable_ssp_auth = true;
- private static boolean $force_ssl = true;
- private static array $allowed_actions = ;
- // methods
- public void init()
- public void index()
- public void ping()
- public void login()
- public void logout()
- public void loggedout()
- public static void passive_login()
- public void LoginForm()
- private static void force_ssl()
Hierarchy
Extends
- Controller
Members
private
- $allowed_actions
- $authenticators
—
array
A list of all the authenticators - $default_authenticator
—
mixed
Use this authenticator as the default when an authentication source isn't specified. - $default_logged_in_url
—
string
Redirect the user to the URL after login is complete. If the session contains a BackURL this is used instead - $default_logged_out_url
—
string
Redirect the user to the URL after logout is complete. If the session contains a BackURL this is used instead - $enable_ssp_auth
—
boolean
Replace the default SilverStripe Security class - $force_ssl
—
boolean
Force HTTPS mode when executing authentication functions
Methods
private
- force_ssl() — Forces HTTPS mode if set in the configuration
public
- LoginForm() — Redirects the user to the identity provider portal for login
- index()
- init()
- loggedout() — Log the currently logged in user out of the local SilverStripe website.
- login() — Log the current user into the identity provider, and then SilverStripe
- logout() — Log the currently logged in user out of the identity provider
- passive_login() — Attempt to passively authenticate the user with the identity provider, then SilverStripe.
- ping() — This action is available as a keep alive, so user sessions don't timeout. A common use is in the admin.