1: <?php
 2: /**
 3:  * The Horde_Core_Auth_Shibboleth class provides Horde-specific code that
 4:  * extends the base Shibboleth driver.
 5:  *
 6:  * Copyright 2010-2012 Horde LLC (http://www.horde.org/)
 7:  *
 8:  * See the enclosed file COPYING for license information (LGPL). If you did
 9:  * not receive this file, see http://opensource.org/licenses/lgpl-2.1.php
10:  *
11:  * @author   Michael Slusarz <slusarz@horde.org>
12:  * @category Horde
13:  * @license  http://opensource.org/licenses/lgpl-2.1.php LGPL
14:  * @package  Core
15:  */
16: class Horde_Core_Auth_Shibboleth extends Horde_Auth_Shibboleth
17: {
18:     /**
19:      * Checks for triggers that may invalidate the current auth.
20:      * These triggers are independent of the credentials.
21:      *
22:      * @return boolean  True if the results of authenticate() are still valid.
23:      */
24:     public function validateAuth()
25:     {
26:         if (!empty($_SERVER[$this->getParam('username_header')]) &&
27:             ($this->_removeScope($_SERVER[$this->getParam('username_header')]) == $GLOBALS['registry']->getAuth('original'))) {
28:             return true;
29:         }
30: 
31:         // Consider this a session expiration.
32:         $this->setError(Horde_Auth::REASON_SESSION);
33: 
34:         Horde::logMessage('Shibboleth authentication expired for user ' . $GLOBALS['registry']->getAuth(), 'INFO');
35: 
36:         return false;
37:     }
38: 
39: }
40: