MDL-29093 - Authentication for authentication only, not for user crea…

…tion There are cases when a moodle installation needs to only deal user authentication and not user creation (this is especially interesting when using external authentication sources such as LDAP, CAS, etc.) Add an option to prevent automatic user creation if the administrator does't want users to be automatically created. Signed-off-by: Iñaki Arenaza <iarenaza@mondragon.edu>
moodle · Sep 13, 2011 · 2023ca1 · 2023ca1
1 parent 6f1156a
commit 2023ca1
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 2 deletions.
diff --git a/admin/settings/plugins.php b/admin/settings/plugins.php
@@ -74,6 +74,7 @@
     $temp->add(new admin_setting_manageauths());
     $temp->add(new admin_setting_heading('manageauthscommonheading', get_string('commonsettings', 'admin'), ''));
     $temp->add(new admin_setting_special_registerauth());
+    $temp->add(new admin_setting_configcheckbox('authonly', get_string('authonly', 'admin'), get_string('authonly_help', 'admin'), 0));
     $temp->add(new admin_setting_configcheckbox('loginpageautofocus', get_string('loginpageautofocus', 'admin'), get_string('loginpageautofocus_help', 'admin'), 0));
     $temp->add(new admin_setting_configselect('guestloginbutton', get_string('guestloginbutton', 'auth'),
                                               get_string('showguestlogin', 'auth'), '1', array('0'=>get_string('hide'), '1'=>get_string('show'))));

diff --git a/lang/en/admin.php b/lang/en/admin.php
@@ -57,6 +57,8 @@
 $string['appearance'] = 'Appearance';
 $string['aspellpath'] = 'Path to aspell';
 $string['authentication'] = 'Authentication';
+$string['authonly'] = 'Authentication for authentication only';
+$string['authonly_help'] = 'Enabling this option makes authentication plugins only authenticate already existing users. No new users will be created as part of the login process, even if entered username and password are valid. This also means you need to create new users using other mechanisms (manual creation, user uploading, LDAP sync, etc.)';
 $string['authsettings'] = 'Manage authentication';
 $string['autolang'] = 'Language autodetect';
 $string['autologinguests'] = 'Auto-login guests';

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
@@ -3583,8 +3583,12 @@ function authenticate_user_login($username, $password) {
                 $user = update_user_record($username);
             }
         } else {
-            // if user not found, create him
-            $user = create_user_record($username, $password, $auth);
+            // if user not found and user creation is not disabled, create it
+            if (empty($CFG->authonly)) {
+                $user = create_user_record($username, $password, $auth);
+            } else {
+                continue;
+            }
         }
 
         $authplugin->sync_roles($user);