auth_plugin_cas Class Reference

CAS authentication plugin. More...

Inheritance diagram for auth_plugin_cas:

Public Member Functions
	__construct ()
	Constructor.
	auth_plugin_cas ()
	Old syntax of class constructor.
	auth_plugin_ldap ()
	Old syntax of class constructor.
	can_be_manually_set ()
	Returns true if plugin can be manually set.
	can_change_password ()
	Returns true if this authentication plugin can change the user's password.
	can_confirm ()
	Returns true if plugin allows confirming of new users.
	can_edit_profile ()
	Returns true if this authentication plugin can edit the users' profile.
	can_reset_password ()
	Returns true if plugin allows resetting of password from moodle.
	can_signup ()
	Returns true if plugin allows signup and user creation.
	change_password_url ()
	Returns the URL for changing the user's pw, or empty if the default can be used.
	config_form ($config, $err, $user_fields)
	Prints a form for configuring this authentication plugin.
	connectCAS ()
	Connect to the CAS (clientcas connection or proxycas connection)
	edit_profile_url ()
	Returns the URL for editing the users' profile, or empty if the default URL can be used.
	get_custom_user_profile_fields ()
	Return custom user profile fields.
	get_description ()
	Get the auth description (from core or own auth lang files)
	get_extrauserinfo ()
	Returns extra user information.
	get_password_change_info (stdClass $user)
	Returns information on how the specified user can change their password.
	get_title ()
	Return the properly translated human-friendly title of this auth plugin.
	get_userinfo ($username)
	Reads user information from LDAP and returns it as array()
	get_userinfo_asobj ($username)
	Reads user information from ldap and returns it in an object.
	get_userlist ()
	Returns all usernames from LDAP.
	ignore_timeout_hook ($user, $sid, $timecreated, $timemodified)
	Hook called before timing out of database session.
	init_plugin ($authtype)
	Init plugin config from database settings depending on the plugin auth type.
	is_captcha_enabled ()
	Returns whether or not the captcha element is enabled.
	is_configured ()
	Returns false if this plugin is enabled but not configured.
	is_internal ()
	Returns true if this authentication plugin is 'internal'.
	is_synchronised_with_external ()
	Indicates if moodle should automatically update internal user records with data from external sources using the information from get_userinfo() method.
	iscreator ($username)
	Returns true if user should be coursecreator.
	ldap_attributes ()
	Returns user attribute mappings between moodle and LDAP.
	ldap_bulk_insert ($username)
	Bulk insert in SQL's temp table.
	ldap_close ($force=false)
	Disconnects from a LDAP server.
	ldap_connect ()
	Connect to the LDAP server, using the plugin configured settings.
	ldap_expirationtime2unix ($time, $ldapconnection, $user_dn)
	Take expirationtime and return it as unix timestamp in seconds.
	ldap_find_userdn ($ldapconnection, $extusername)
	Search specified contexts for username and return the user dn like: cn=username,ou=suborg,o=org.
	ldap_get_ad_pwdexpire ($pwdlastset, $ldapconn, $user_dn)
	Get password expiration time for a given user from Active Directory.
	ldap_get_userlist ($filter=' *')
	Returns all usernames from LDAP.
	ldap_unix2expirationtime ($time)
	Takes unix timestamp and returns it formated for storing in LDAP.
	loginpage_hook ()
	Authentication choice (CAS or other) Redirection to the CAS form or to login/index.php for other authentication.
	loginpage_idp_list ($wantsurl)
	Return a list of identity providers to display on the login page.
	logoutpage_hook ()
	Hook for logout page.
	ntlmsso_finish ()
	Find the session set by ntlmsso_magic(), validate it and call authenticate_user_login() to authenticate the user through the auth machinery.
	ntlmsso_magic ($sesskey)
	To be called from a page running under NTLM's "Integrated Windows Authentication".
	password_expire ($username)
	Return number of days to user password expires.
	postlogout_hook ($user)
	Post logout hook.
	pre_loginpage_hook ()
	Hook for overriding behaviour before going to the login page.
	pre_user_login_hook (&$user)
	Pre user_login hook.
object	prelogout_hook ()
	Pre logout hook.
	prevent_local_passwords ()
	Indicates if password hashes should be stored in local moodle database.
	process_config ($config)
	Processes and stores configuration data for this authentication plugin.
	set_extrauserinfo (array $values)
	Set extra user information.
	signup_form ()
	Return a form to capture user details for account creation.
	sync_roles ($user)
	Sync roles for this user.
	sync_users ($do_updates=true)
	Syncronizes users from LDAP server to moodle user table.
	test_settings ()
	Test if settings are correct, print info to output.
	user_activate ($username)
	Activates (enables) user in external LDAP so user can login.
	user_authenticated_hook (&$user, $username, $password)
	Post authentication hook.
	user_confirm ($username, $confirmsecret)
	Confirm the new user as registered.
	user_create ($userobject, $plainpass)
	Creates a new user on LDAP.
	user_delete ($olduser)
	User delete requested - internal user record is mared as deleted already, username not present anymore.
	user_exists ($username)
	Checks if user exists on LDAP.
	user_login ($username, $password)
	Authenticates user against CAS Returns true if the username and password work and false if they are wrong or don't exist.
	user_signup ($user, $notify=true)
	Sign up a new user ready for confirmation.
	user_update ($olduser, $newuser)
	Called when the user record is updated.
	user_update_password ($user, $newpassword)
	Changes userpassword in LDAP.
	validate_form ($form, &$err)
	A chance to validate form data, and last chance to do stuff before it is inserted in config_plugin.

Static Public Member Functions
static	get_identity_providers ($authsequence)
	Return the list of enabled identity providers.
static	prepare_identity_providers_for_output ($identityproviders, renderer_base $output)
	Prepare a list of identity providers for output.

Public Attributes
string	$authtype
	Authentication plugin type - the same as db field.
object	$config
	The configuration details for the plugin.
string	$pluginconfig
array	$userfields = core_user::AUTHSYNCFIELDS

Protected Member Functions
	get_ntlm_remote_user ($remoteuser)
	When using NTLM SSO, the format of the remote username we get in $_SERVER['REMOTE_USER'] may vary, depending on where from and how the web server gets the data.
	get_profile_keys ($fetchall=false)
	Get the list of profile fields.
	is_user_suspended ($user)
	Check if a user is suspended.
	ldap_ad_pwdexpired_from_diagmsg ($diagmsg)
	Check if the diagnostic message for the LDAP login error tells us that the login is denied because the user password has expired or the password needs to be changed on first login (using interactive SMB/Windows logins, not LDAP logins).
	update_user_record ($username, $updatekeys=false, $triggerevent=false, $suspenduser=false)
	Update a local user record from an external source.

Protected Attributes
string	$errorlogtag = ''
	The tag we want to prepend to any error log messages.
array	$extrauserinfo = []
	Stores extra information available to the logged in event.
LDAP Connection	$ldapconnection
	LDAP connection.
int	$ldapconns = 0
string	$roleauth

Detailed Description

CAS authentication plugin.

Constructor & Destructor Documentation

__construct()

auth_plugin_cas::__construct

(

)

Constructor.

Reimplemented from auth_plugin_ldap.

Member Function Documentation

auth_plugin_cas()

auth_plugin_cas::auth_plugin_cas

(

)

Old syntax of class constructor.

Deprecated in PHP7.

Deprecated

since Moodle 3.1

auth_plugin_ldap()

auth_plugin_ldap::auth_plugin_ldap ( )

inherited

Old syntax of class constructor.

Deprecated in PHP7.

Deprecated

since Moodle 3.1

can_be_manually_set()

auth_plugin_ldap::can_be_manually_set ( )

inherited

Returns true if plugin can be manually set.

Return values

bool

Reimplemented from auth_plugin_base.

can_change_password()

auth_plugin_cas::can_change_password

(

)

Returns true if this authentication plugin can change the user's password.

Return values

bool

Reimplemented from auth_plugin_ldap.

can_confirm()

auth_plugin_ldap::can_confirm ( )

inherited

Returns true if plugin allows confirming of new users.

Return values

bool

Reimplemented from auth_plugin_base.

can_edit_profile()

auth_plugin_base::can_edit_profile ( )

inherited

Returns true if this authentication plugin can edit the users' profile.

Return values

bool

can_reset_password()

auth_plugin_ldap::can_reset_password ( )

inherited

Returns true if plugin allows resetting of password from moodle.

Return values

bool

Reimplemented from auth_plugin_base.

can_signup()

auth_plugin_ldap::can_signup ( )

inherited

Returns true if plugin allows signup and user creation.

Return values

bool

Reimplemented from auth_plugin_base.

change_password_url()

auth_plugin_cas::change_password_url

(

)

Returns the URL for changing the user's pw, or empty if the default can be used.

Return values

moodle_url

Reimplemented from auth_plugin_ldap.

config_form()

auth_plugin_base::config_form ( $config, $err, $user_fields )

inherited

Prints a form for configuring this authentication plugin.

This function is called from admin/auth.php, and outputs a full page with a form for configuring this plugin.

Parameters

object	$config
object	$err
array	$user_fields

Deprecated

since Moodle 3.3

edit_profile_url()

auth_plugin_base::edit_profile_url ( )

inherited

Returns the URL for editing the users' profile, or empty if the default URL can be used.

This method is used if can_edit_profile() returns true. This method is called only when user is logged in, it may use global $USER.

Return values

moodle_url

url of the profile page or null if standard used

get_custom_user_profile_fields()

auth_plugin_base::get_custom_user_profile_fields ( )

inherited

Return custom user profile fields.

Return values

array

list of custom fields.

get_description()

auth_plugin_base::get_description ( )

inherited

Get the auth description (from core or own auth lang files)

Return values

string

The description

get_extrauserinfo()

auth_plugin_base::get_extrauserinfo ( )

inherited

Returns extra user information.

Return values

array

An array of keys and values

get_identity_providers()

static auth_plugin_base::get_identity_providers ( $authsequence )

staticinherited

Return the list of enabled identity providers.

Each identity provider data contains the keys url, name and iconurl (or icon). See the documentation of auth_plugin_base::loginpage_idp_list() for detailed description of the returned structure.

Parameters

array

$authsequence

site's auth sequence (list of auth plugins ordered)

Return values

array

List of arrays describing the identity providers

get_ntlm_remote_user()

auth_plugin_ldap::get_ntlm_remote_user ( $remoteuser )

protectedinherited

When using NTLM SSO, the format of the remote username we get in $_SERVER['REMOTE_USER'] may vary, depending on where from and how the web server gets the data.

So we let the admin configure the format using two place holders (domain% and username%). This function tries to extract the username (stripping the domain part and any separators if they are present) from the value present in $_SERVER['REMOTE_USER'], using the configured format.

Parameters

string

$remoteuser

The value from $_SERVER['REMOTE_USER'] (converted to UTF-8)

Return values

string

The remote username (without domain part or separators). Empty string if we can't extract the username.

get_password_change_info()

auth_plugin_base::get_password_change_info ( stdClass $user )

inherited

Returns information on how the specified user can change their password.

Parameters

stdClass

$user

A user object

Return values

string[]

An array of strings with keys subject and message

Reimplemented in auth_oauth2\auth, and auth_plugin_nologin.

get_profile_keys()

auth_plugin_ldap::get_profile_keys ( $fetchall = false )

protectedinherited

Get the list of profile fields.

Parameters

bool

$fetchall

Fetch all, not just those for update.

Return values

array

get_title()

auth_plugin_base::get_title ( )

inherited

Return the properly translated human-friendly title of this auth plugin.

Todo

Document this function

get_userinfo()

auth_plugin_cas::get_userinfo

(

$username

)

Reads user information from LDAP and returns it as array()

If no LDAP servers are configured, user information has to be provided via other methods (CSV file, manually, etc.). Return an empty array so existing user info is not lost. Otherwise, calls parent class method to get user info.

Parameters

string

$username

username

Return values

mixed

array with no magic quotes or false on error

Reimplemented from auth_plugin_ldap.

get_userinfo_asobj()

auth_plugin_ldap::get_userinfo_asobj ( $username )

inherited

Reads user information from ldap and returns it in an object.

Parameters

string

$username

username (with system magic quotes)

Return values

mixed

object or false on error

get_userlist()

auth_plugin_ldap::get_userlist ( )

inherited

Returns all usernames from LDAP.

get_userlist returns all usernames from LDAP

Return values

array

ignore_timeout_hook()

auth_plugin_base::ignore_timeout_hook ( $user, $sid, $timecreated, $timemodified )

inherited

Hook called before timing out of database session.

This is useful for SSO and MNET.

Parameters

object	$user
string	$sid	session id
int	$timecreated	start of session
int	$timemodified	user last seen

Return values

bool	true means do not timeout session yet

is_captcha_enabled()

auth_plugin_base::is_captcha_enabled ( )

inherited

Returns whether or not the captcha element is enabled.

@abstract Implement in child classes

Return values

bool

Reimplemented in auth_plugin_email.

is_configured()

auth_plugin_base::is_configured ( )

inherited

Returns false if this plugin is enabled but not configured.

Return values

bool

Reimplemented in auth_plugin_db.

is_internal()

auth_plugin_cas::is_internal

(

)

Returns true if this authentication plugin is 'internal'.

Return values

bool

Reimplemented from auth_plugin_ldap.

is_synchronised_with_external()

auth_plugin_base::is_synchronised_with_external ( )

inherited

Indicates if moodle should automatically update internal user records with data from external sources using the information from get_userinfo() method.

Return values

bool	true means automatically copy data from ext to user table

Reimplemented in auth_oauth2\auth, and auth_plugin_db.

is_user_suspended()

auth_plugin_ldap::is_user_suspended ( $user )

protectedinherited

Check if a user is suspended.

This function is intended to be used after calling get_userinfo_asobj. This is needed because LDAP doesn't have a notion of disabled users, however things like MS Active Directory support it and expose information through a field.

Parameters

object

$user

the user object returned by get_userinfo_asobj

Return values

boolean

iscreator()

auth_plugin_cas::iscreator

(

$username

)

Returns true if user should be coursecreator.

Parameters

mixed

$username

username (without system magic quotes)

Return values

boolean

result

Reimplemented from auth_plugin_ldap.

ldap_ad_pwdexpired_from_diagmsg()

auth_plugin_ldap::ldap_ad_pwdexpired_from_diagmsg ( $diagmsg )

protectedinherited

Check if the diagnostic message for the LDAP login error tells us that the login is denied because the user password has expired or the password needs to be changed on first login (using interactive SMB/Windows logins, not LDAP logins).

Parameters

string

the diagnostic message for the LDAP login error

Return values

bool	true if the password has expired or the password must be changed on first login

ldap_attributes()

auth_plugin_ldap::ldap_attributes ( )

inherited

Returns user attribute mappings between moodle and LDAP.

Return values

array

ldap_close()

auth_plugin_ldap::ldap_close ( $force = false )

inherited

Disconnects from a LDAP server.

Parameters

force

boolean Forces closing the real connection to the LDAP server, ignoring any cached connections. This is needed when we've used paged results and want to use normal results again.

ldap_connect()

auth_plugin_ldap::ldap_connect ( )

inherited

Connect to the LDAP server, using the plugin configured settings.

It's actually a wrapper around ldap_connect_moodle()

Return values

resource

A valid LDAP connection (or dies if it can't connect)

ldap_expirationtime2unix()

auth_plugin_ldap::ldap_expirationtime2unix ( $time, $ldapconnection, $user_dn )

inherited

Take expirationtime and return it as unix timestamp in seconds.

Takes expiration timestamp as read from LDAP and returns it as unix timestamp in seconds Depends on $this->config->user_type variable

Parameters

	mixed	time Time stamp read from LDAP as it is.
string	$ldapconnection	Only needed for Active Directory.
string	$user_dn	User distinguished name for the user we are checking password expiration (only needed for Active Directory).

Return values

timestamp

ldap_find_userdn()

auth_plugin_ldap::ldap_find_userdn ( $ldapconnection, $extusername )

inherited

Search specified contexts for username and return the user dn like: cn=username,ou=suborg,o=org.

It's actually a wrapper around ldap_find_userdn().

Parameters

resource	$ldapconnection	a valid LDAP connection
string	$extusername	the username to search (in external LDAP encoding, no db slashes)

Return values

mixed

the user dn (external LDAP encoding) or false

ldap_get_ad_pwdexpire()

auth_plugin_ldap::ldap_get_ad_pwdexpire ( $pwdlastset, $ldapconn, $user_dn )

inherited

Get password expiration time for a given user from Active Directory.

Parameters

string	$pwdlastset	The time last time we changed the password.
resource	$lcapconn	The open LDAP connection.
string	$user_dn	The distinguished name of the user we are checking.

Return values

string\$unixtime

ldap_get_userlist()

auth_plugin_ldap::ldap_get_userlist ( $filter = '*' )

inherited

Returns all usernames from LDAP.

Parameters

$filter

An LDAP search filter to select desired users

Return values

array

of LDAP user names converted to UTF-8

ldap_unix2expirationtime()

auth_plugin_ldap::ldap_unix2expirationtime ( $time )

inherited

Takes unix timestamp and returns it formated for storing in LDAP.

Parameters

integer

unix time stamp

loginpage_hook()

auth_plugin_cas::loginpage_hook

(

)

Authentication choice (CAS or other) Redirection to the CAS form or to login/index.php for other authentication.

Reimplemented from auth_plugin_ldap.

loginpage_idp_list()

auth_plugin_cas::loginpage_idp_list

(

$wantsurl

)

Return a list of identity providers to display on the login page.

Parameters

string | moodle_url

$wantsurl

The requested URL.

Return values

array

List of arrays with keys url, iconurl and name.

Reimplemented from auth_plugin_base.

logoutpage_hook()

auth_plugin_cas::logoutpage_hook

(

)

Hook for logout page.

Reimplemented from auth_plugin_base.

ntlmsso_finish()

auth_plugin_ldap::ntlmsso_finish ( )

inherited

Find the session set by ntlmsso_magic(), validate it and call authenticate_user_login() to authenticate the user through the auth machinery.

It is complemented by a similar check in user_login().

If it succeeds, it never returns.

ntlmsso_magic()

auth_plugin_ldap::ntlmsso_magic ( $sesskey )

inherited

To be called from a page running under NTLM's "Integrated Windows Authentication".

If successful, it will set a special "cookie" (not an HTTP cookie!) in cache_flags under the $this->pluginconfig/ntlmsess "plugin" and return true. The "cookie" will be picked up by ntlmsso_finish() to complete the process.

On failure it will return false for the caller to display an appropriate error message (probably saying that Integrated Windows Auth isn't enabled!)

NOTE that this code will execute under the OS user credentials, so we MUST avoid dealing with files – such as session files. (The caller should define('NO_MOODLE_COOKIES', true) before including config.php)

password_expire()

auth_plugin_ldap::password_expire ( $username )

inherited

Return number of days to user password expires.

If userpassword does not expire it should return 0. If password is already expired it should return negative value.

Parameters

mixed

$username

username

Return values

integer

Reimplemented from auth_plugin_base.

postlogout_hook()

auth_plugin_cas::postlogout_hook

(

$user

)

Post logout hook.

Note: this method replace the prelogout_hook method to avoid redirect to CAS logout before the event userlogout being triggered.

Parameters

stdClass

$user

clone of USER object object before the user session was terminated

Reimplemented from auth_plugin_base.

pre_loginpage_hook()

auth_plugin_base::pre_loginpage_hook ( )

inherited

Hook for overriding behaviour before going to the login page.

This method is called from require_login from potentially any page for all enabled auth plugins and gives each plugin a chance to redirect directly to an external login page, or to instantly login a user where possible.

If an auth plugin implements this hook, it must not rely on ONLY this hook in order to work, as there are many ways a user can browse directly to the standard login page. As a general rule in this case you should also implement the loginpage_hook as well.

pre_user_login_hook()

auth_plugin_base::pre_user_login_hook ( & $user )

inherited

Pre user_login hook.

This method is called from authenticate_user_login() right after the user object is generated. This gives the auth plugins an option to make adjustments before the verification process starts.

Parameters

object

$user

user object, later used for $USER

prelogout_hook()

object auth_plugin_base::prelogout_hook ( )

inherited

Pre logout hook.

This method is called from require_logout() for all enabled auth plugins,

Reimplemented in auth_plugin_mnet.

prepare_identity_providers_for_output()

static auth_plugin_base::prepare_identity_providers_for_output ( $identityproviders, renderer_base $output )

staticinherited

Prepare a list of identity providers for output.

Parameters

array	$identityproviders	as returned by self::get_identity_providers()
renderer_base	$output

Return values

array

the identity providers ready for output

prevent_local_passwords()

auth_plugin_cas::prevent_local_passwords

(

)

Indicates if password hashes should be stored in local moodle database.

Return values

bool	true means flag 'not_cached' stored instead of password hash

Reimplemented from auth_plugin_ldap.

process_config()

auth_plugin_base::process_config ( $config )

inherited

Processes and stores configuration data for this authentication plugin.

Parameters

object

object with submitted configuration settings (without system magic quotes)

Deprecated

since Moodle 3.3

set_extrauserinfo()

auth_plugin_base::set_extrauserinfo ( array $values )

inherited

Set extra user information.

Parameters

array

$values

Any Key value pair.

Return values

void

signup_form()

auth_plugin_base::signup_form ( )

inherited

Return a form to capture user details for account creation.

This is used in /login/signup.php.

Return values

moodle_form

A form which edits a record from the user table.

sync_roles()

auth_plugin_ldap::sync_roles ( $user )

inherited

Sync roles for this user.

Parameters

object

$user

The user to sync (without system magic quotes).

Reimplemented from auth_plugin_base.

sync_users()

auth_plugin_cas::sync_users

(

$do_updates = true

)

Syncronizes users from LDAP server to moodle user table.

If no LDAP servers are configured, simply return. Otherwise, call parent class method to do the work.

Parameters

bool

$do_updates

will do pull in data updates from LDAP if relevant

Return values

nothing

Reimplemented from auth_plugin_ldap.

update_user_record()

auth_plugin_base::update_user_record ( $username, $updatekeys = false, $triggerevent = false, $suspenduser = false )

protectedinherited

Update a local user record from an external source.

This is a lighter version of the one in moodlelib – won't do expensive ops such as enrolment.

Parameters

string	$username	username
array	$updatekeys	fields to update, false updates all fields.
bool	$triggerevent	set false if user_updated event should not be triggered. This will not affect user_password_updated event triggering.
bool	$suspenduser	Should the user be suspended?

Return values

stdClass|bool

updated user record or false if there is no new info to update.

user_activate()

auth_plugin_ldap::user_activate ( $username )

inherited

Activates (enables) user in external LDAP so user can login.

Parameters

mixed

$username

Return values

boolean

result

user_authenticated_hook()

auth_plugin_base::user_authenticated_hook ( & $user, $username, $password )

inherited

Post authentication hook.

This method is called from authenticate_user_login() for all enabled auth plugins.

Parameters

object	$user	user object, later used for $USER
string	$username	(with system magic quotes)
string	$password	plain text password (with system magic quotes)

user_confirm()

auth_plugin_ldap::user_confirm ( $username, $confirmsecret )

inherited

Confirm the new user as registered.

Parameters

string	$username
string	$confirmsecret

Reimplemented from auth_plugin_base.

user_create()

auth_plugin_ldap::user_create ( $userobject, $plainpass )

inherited

Creates a new user on LDAP.

By using information in userobject Use user_exists to prevent duplicate usernames

Parameters

mixed	$userobject	Moodle userobject
mixed	$plainpass	Plaintext password

user_delete()

auth_plugin_base::user_delete ( $olduser )

inherited

User delete requested - internal user record is mared as deleted already, username not present anymore.

Do any action in external database.

Parameters

object

$user

Userobject before delete (without system magic quotes)

Return values

void

user_exists()

auth_plugin_ldap::user_exists ( $username )

inherited

Checks if user exists on LDAP.

Parameters

string

$username

Reimplemented from auth_plugin_base.

user_login()

auth_plugin_cas::user_login	(		$username,
			$password )

Authenticates user against CAS Returns true if the username and password work and false if they are wrong or don't exist.

Parameters

string	$username	The username (with system magic quotes)
string	$password	The password (with system magic quotes)

Return values

bool	Authentication success or failure.

Reimplemented from auth_plugin_ldap.

user_signup()

auth_plugin_ldap::user_signup ( $user, $notify = true )

inherited

Sign up a new user ready for confirmation.

Password is passed in plaintext.

Parameters

object	$user	new user object
boolean	$notify	print notice with link and terminate

Return values

boolean

success

Reimplemented from auth_plugin_base.

user_update()

auth_plugin_ldap::user_update ( $olduser, $newuser )

inherited

Called when the user record is updated.

Modifies user in external LDAP server. It takes olduser (before changes) and newuser (after changes) compares information and saves modified information to external LDAP server.

Parameters

mixed	$olduser	Userobject before modifications (without system magic quotes)
mixed	$newuser	Userobject new modified userobject (without system magic quotes)

Return values

boolean

result

Reimplemented from auth_plugin_base.

user_update_password()

auth_plugin_ldap::user_update_password ( $user, $newpassword )

inherited

Changes userpassword in LDAP.

Called when the user password is updated. It assumes it is called by an admin or that you've otherwise checked the user's credentials

Parameters

object	$user	User table object
string	$newpassword	Plaintext password (not crypted/md5'ed)

Return values

boolean

result

Reimplemented from auth_plugin_base.

validate_form()

auth_plugin_base::validate_form ( $form, & $err )

inherited

A chance to validate form data, and last chance to do stuff before it is inserted in config_plugin.

Parameters

	object	object with submitted configuration settings (without system magic quotes)
array	$err	array of error messages

Deprecated

since Moodle 3.3

---

The documentation for this class was generated from the following file:

• auth/cas/auth.php