7 files changed, 0 insertions, 829 deletions
diff --git a/www/auth/login-admin.php b/www/auth/login-admin.php
deleted file mode 100644
index 5a53b83..0000000
--- a/www/auth/login-admin.php
+++ /dev/null
@@ -1,93 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login-admin.php is deprecated and will be removed in future versions.');
-
-SimpleSAML_Logger::info('AUTH -admin: Accessing auth endpoint login-admin');
-
-$error = null;
-$attributes = array();
-$username = null;
-
-/* Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-$relaystate = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['RelayState']);
-
-$correctpassword = $config->getString('auth.adminpassword', '123');
-
-if (empty($correctpassword) or $correctpassword === '123') {
-	throw new SimpleSAML_Error_Error('NOTSET');
-}
-
-
-if (isset($_POST['password'])) {
-
-	/* Validate and sanitize form data. */
-
-	if (SimpleSAML_Utils_Crypto::pwValid($correctpassword, $_POST['password'])) {
-		$username = 'admin';
-		$password = $_POST['password'];
-	
-	
-		$attributes = array('user' => array('admin'));
-	
-		$session->doLogin('login-admin');
-		$session->setAttributes($attributes);
-
-		$session->setNameID(array(
-			'value' => SimpleSAML_Utilities::generateID(),
-			'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
-		
-		SimpleSAML_Logger::info('AUTH - admin: '. $username . ' successfully authenticated');
-
-		/**
-		 * Create a statistics log entry for every successfull login attempt.
-		 * Also log a specific attribute as set in the config: statistics.authlogattr
-		 */
-		$authlogattr = $config->getValue('statistics.authlogattr', null);
-		if ($authlogattr && array_key_exists($authlogattr, $attributes)) 
-			SimpleSAML_Logger::stats('AUTH-login-admin OK ' . $attributes[$authlogattr][0]);
-		else 
-			SimpleSAML_Logger::stats('AUTH-login-admin OK');
-		
-		SimpleSAML_Utilities::redirectTrustedURL($relaystate);
-		exit(0);
-	} else {
-		SimpleSAML_Logger::stats('AUTH-login-admin Failed');
-		$error = 'error_wrongpassword';
-		SimpleSAML_Logger::info($error);
-	}
-	
-}
-
-
-$t = new SimpleSAML_XHTML_Template($config, 'login.php', 'login');
-
-$t->data['header'] = 'simpleSAMLphp: Enter username and password';	
-$t->data['relaystate'] = $relaystate;
-$t->data['admin'] = TRUE;
-$t->data['autofocus'] = 'password';
-$t->data['error'] = $error;
-if (isset($error)) {
-	$t->data['username'] = $username;
-}
-
-$t->show();
diff --git a/www/auth/login-cas-ldap.php b/www/auth/login-cas-ldap.php
deleted file mode 100644
index b4043b2..0000000
--- a/www/auth/login-cas-ldap.php
+++ /dev/null
@@ -1,140 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-/**
- * This file is part of SimpleSAMLphp. See the file COPYING in the
- * root of the distribution for licence information.
- *
- * This file implements authentication of users using CAS.
- *
- * @author Mads Freek, RUC. 
- * @package simpleSAMLphp
- */
- 
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login-cas-ldap.php is deprecated and will be removed in future versions.');
-
-try {
-	$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-	// TODO: Make this authentication module independent from SAML 2.0
-	$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
-	
-	$ldapconfigfile = $config->getBaseDir() . 'config/cas-ldap.php';
-	require_once($ldapconfigfile);
-	
-	if (!array_key_exists($idpentityid, $casldapconfig)) {
-		throw new Exception('No CAS authentication configuration for this SAML 2.0 entity ID [' . $idpentityid . ']');
-	}
-
-	$casconfig = $casldapconfig[$idpentityid]['cas'];
-	$ldapconfig = $casldapconfig[$idpentityid]['ldap'];
-} catch (Exception $exception) {
-	throw new SimpleSAML_Error_Error('METADATA', $exception);
-}
-
-/*
- * Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-function casValidate($cas) {
-
-	$service = SimpleSAML_Utilities::selfURL();
-	$service = preg_replace("/(\?|&)?ticket=.*/", "", $service); # always tagged on by cas
-	
-	/**
-	 * Got response from CAS server.
-	 */
-	if (isset($_GET['ticket'])) {
-	
-		$ticket = urlencode($_GET['ticket']);
-	
-		#ini_set('default_socket_timeout', 15);
-
-		if (isset($cas['validate'])) { # cas v1 yes|no\r<username> style
-			$paramPrefix = strpos($cas['validate'], '?') ? '&' : '?';
-			$result = SimpleSAML_Utilities::fetch($cas['validate'] . $paramPrefix . 'ticket=' . $ticket . '&service=' . urlencode($service) );
-			$res = preg_split("/\r?\n/",$result);
-			
-			if (strcmp($res[0], "yes") == 0) {
-				return array($res[1], array());
-			} else {
-				throw new Exception("Failed to validate CAS service ticket: $ticket");
-			}
-		} elseif (isset($cas['serviceValidate'])) { # cas v2 xml style
-			$paramPrefix = strpos($cas['serviceValidate'], '?') ? '&' : '?';
-
-			$result = SimpleSAML_Utilities::fetch($cas['serviceValidate'] . $paramPrefix . 'ticket=' . $ticket . '&service=' . urlencode($service) );
-
-			$dom = DOMDocument::loadXML($result);
-			$xPath = new DOMXpath($dom);
-			$xPath->registerNamespace("cas", 'http://www.yale.edu/tp/cas');
-			$success = $xPath->query("/cas:serviceResponse/cas:authenticationSuccess/cas:user");
-			if ($success->length == 0) {
-				$failure = $xPath->evaluate("/cas:serviceResponse/cas:authenticationFailure");
-				throw new Exception("Error when validating CAS service ticket: " . $failure->item(0)->textContent);
-			} else {
-				
-				$attributes = array();
-				if ($casattributes = $cas['attributes']) { # some has attributes in the xml - attributes is a list of XPath expressions to get them
-					foreach ($casattributes as $name => $query) {
-						$attrs = $xPath->query($query);
-						foreach ($attrs as $attrvalue) $attributes[$name][] = $attrvalue->textContent;
-					}
-				}
-				$casusername = $success->item(0)->textContent;
-				
-				return array($casusername, $attributes);
-			}
-		} else {
-			throw new Exception("validate or serviceValidate not specified");
-		}
-	
-	/**
-	 * First request, will redirect the user to the CAS server for authentication.
-	 */
-	} else {
-		SimpleSAML_Logger::info("AUTH - cas-ldap: redirecting to {$cas['login']}");
-		SimpleSAML_Utilities::redirectTrustedURL($cas['login'], array(
-			'service' => $service
-		));		
-	}
-}
-
-try {
-	list($username, $casattributes) = casValidate($casconfig);
-	
-	SimpleSAML_Logger::info('AUTH - cas-ldap: '. $username . ' authenticated by ' . $casconfig['validate']);
-
-	$ldapattributes = array();
-	if ($ldapconfig['servers']) {
-		$ldap = new SimpleSAML_Auth_LDAP($ldapconfig['servers'], $ldapconfig['enable_tls']);
-		$ldapattributes = $ldap->validate($ldapconfig, $username);
-	}
-	$attributes = array_merge_recursive($casattributes, $ldapattributes);
-	$session->doLogin('login-cas-ldap');
-	$session->setAttributes($attributes);
-	
-	$session->setNameID(array(
-			'value' => SimpleSAML_Utilities::generateID(),
-			'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
-
-	SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['RelayState']);
-
-} catch(Exception $exception) {
-	throw new SimpleSAML_Error_Error('CASERROR', $exception);
-}
diff --git a/www/auth/login-ldapmulti.php b/www/auth/login-ldapmulti.php
deleted file mode 100644
index 9364aef..0000000
--- a/www/auth/login-ldapmulti.php
+++ /dev/null
@@ -1,104 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login-ldapmulti.php is deprecated and will be removed in future versions.');
-
-$ldapconfigfile = $config->getBaseDir() . 'config/ldapmulti.php';
-require_once($ldapconfigfile);
-
-SimpleSAML_Logger::info('AUTH - ldap-multi: Accessing auth endpoint login-ldapmulti');
-
-$error = null;
-$attributes = array();
-
-/* Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-$relaystate = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['RelayState']);
-
-if (isset($_POST['username'])) {
-
-	try {
-	
-		$ldapconfig = $ldapmulti[$_POST['org']];
-
-		if ($ldapconfig['search.enable'] === TRUE) {
-			if(!$ldap->bind($ldapconfig['search.username'], $ldapconfig['search.password'])) {
-				throw new Exception('Error authenticating using search username & password.');
-			}
-			$dn = $ldap->searchfordn($ldapconfig['search.base'], $ldapconfig['search.attributes'], $_POST['username']);
-		} else {
-			$dn = str_replace('%username%', $_POST['username'], $ldapconfig['dnpattern'] );
-		}
-		
-		$pwd = $_POST['password'];
-	
-		$ldap = new SimpleSAML_Auth_LDAP($ldapconfig['hostname'], $ldapconfig['enable_tls']);
-		
-		if (($pwd == "") or (!$ldap->bind($dn, $pwd))) {
-			SimpleSAML_Logger::info('AUTH - ldap-multi: '. $_POST['username'] . ' failed to authenticate. DN=' . $dn);
-			throw new Exception('Wrong username or password');
-		}
-						
-		$attributes = $ldap->getAttributes($dn, $ldapconfig['attributes']);
-						
-		SimpleSAML_Logger::info('AUTH - ldap-multi: '. $_POST['username'] . ' successfully authenticated');
-
-		$session->doLogin('login-ldapmulti');
-		$session->setAttributes($attributes);
-				
-		$session->setNameID(array(
-			'value' => SimpleSAML_Utilities::generateID(),
-			'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
-				
-		/**
-		 * Create a statistics log entry for every successfull login attempt.
-		 * Also log a specific attribute as set in the config: statistics.authlogattr
-		 */
-		$authlogattr = $config->getValue('statistics.authlogattr', null);
-		if ($authlogattr && array_key_exists($authlogattr, $attributes)) {
-			SimpleSAML_Logger::stats('AUTH-login-ldapmulti OK ' . $attributes[$authlogattr][0]);
-		} else {
-			SimpleSAML_Logger::stats('AUTH-login-ldapmulti OK');
-		}
-
-		SimpleSAML_Utilities::redirectTrustedURL($relaystate);
-
-	} catch (Exception $e) {
-		$error = $e->getMessage();
-	}	
-}
-
-
-$t = new SimpleSAML_XHTML_Template($config, 'login-ldapmulti.php', 'login');
-
-$t->data['header'] = 'simpleSAMLphp: Enter username and password';	
-$t->data['relaystate'] = $relaystate;
-$t->data['ldapconfig'] = $ldapmulti;
-$t->data['org'] = $_REQUEST['org'];
-$t->data['error'] = $error;
-if (isset($error)) {
-	$t->data['username'] = $_POST['username'];
-}
-
-$t->show();
-
-
-?>
diff --git a/www/auth/login-radius.php b/www/auth/login-radius.php
deleted file mode 100644
index cec122a..0000000
--- a/www/auth/login-radius.php
+++ /dev/null
@@ -1,153 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login-radius.php is deprecated and will be removed in future versions.');
-
-SimpleSAML_Logger::info('AUTH - radius: Accessing auth endpoint login');
-
-$error = null;
-$attributes = array();
-
-/* Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-$relaystate = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['RelayState']);
-
-if (isset($_POST['username'])) {
-
-
-	try {
-	
-		$radius = radius_auth_open();
-		// ( resource $radius_handle, string $hostname, int $port, string $secret, int $timeout, int $max_tries )
-		if (! radius_add_server($radius, $config->getValue('auth.radius.hostname'), $config->getValue('auth.radius.port'), 
-				$config->getValue('auth.radius.secret'), 5, 3)) {
-				
-			SimpleSAML_Logger::critical('AUTH - radius: Problem occurred when connecting to Radius server: '.radius_strerror($radius));
-			throw new Exception('Problem occurred when connecting to Radius server: ' . radius_strerror($radius));
-		}
-	
-		if (! radius_create_request($radius,RADIUS_ACCESS_REQUEST)) {
-			SimpleSAML_Logger::critical('AUTH - radius: Problem occurred when creating the Radius request: '.radius_strerror($radius));
-			throw new Exception('Problem occurred when creating the Radius request: ' . radius_strerror($radius));
-		}
-	
-		radius_put_attr($radius,RADIUS_USER_NAME,$_POST['username']);
-		radius_put_attr($radius,RADIUS_USER_PASSWORD, $_POST['password']);
-	
-		switch (radius_send_request($radius))
-		{
-			case RADIUS_ACCESS_ACCEPT:
-				
-				// GOOD Login :)
-				
-				$attributes = array( $config->getValue('auth.radius.URNForUsername') => array($_POST['username']));
-				
-				// get AAI attribute sets. Contributed by Stefan Winter, (c) RESTENA
-				while ($resa = radius_get_attr($radius)) {
-					
-					if (! is_array($resa)) {
-						printf ("Error getting attribute: %s\n",  radius_strerror($res));
-						exit;
-					}
-					
-					if ($resa['attr'] == RADIUS_VENDOR_SPECIFIC) {
-						$resv = radius_get_vendor_attr($resa['data']);
-						if (is_array($resv)) {
-							$vendor = $resv['vendor'];
-							$attrv = $resv['attr'];
-							$datav = $resv['data'];
-							
-							/**
-							 * Uncomment this to debug vendor attributes.
-							 */
-							// printf("Got Vendor Attr:%d %d Bytes %s<br/>", $attrv, strlen($datav), bin2hex($datav));
-							
-							if ($vendor == $config->getValue('auth.radius.vendor') && $attrv == $config->getValue('auth.radius.vendor-attr')) {
-
-								$attrib_name  = strtok ($datav,'=');
-								$attrib_value = strtok ('=');
-
-								// if the attribute name is already in result set, add another value
-								if (array_key_exists($attrib_name, $attributes)) {
-									$attributes[$attrib_name][] = $attrib_value;
-								} else {
-									$attributes[$attrib_name] = array($attrib_value);
-								}
-							}
-						}
-					}
-				}
-				// end of contribution
-
-				//$attributes = array('urn:mace:eduroam.no:username' => array($_POST['username']));
-				
-				SimpleSAML_Logger::info('AUTH - radius: '. $_POST['username'] . ' successfully authenticated');
-				
-				$session->doLogin('login-radius');
-				
-				$session->setAttributes($attributes);
-				$session->setNameID(array(
-					'value' => SimpleSAML_Utilities::generateID(),
-					'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
-
-				/**
-				 * Create a statistics log entry for every successfull login attempt.
-				 * Also log a specific attribute as set in the config: statistics.authlogattr
-				 */
-				$authlogattr = $config->getValue('statistics.authlogattr', null);
-				if ($authlogattr && array_key_exists($authlogattr, $attributes)) {
-					SimpleSAML_Logger::stats('AUTH-login-radius OK ' . $attributes[$authlogattr][0]);
-				} else {
-					SimpleSAML_Logger::stats('AUTH-login-radius OK');
-				}
-
-				SimpleSAML_Utilities::redirectTrustedURL($relaystate);
-	
-			case RADIUS_ACCESS_REJECT:
-			
-				SimpleSAML_Logger::info('AUTH - radius: '. $_POST['username'] . ' failed to authenticate');
-				throw new Exception('Radius authentication error: Bad credentials ');
-				break;
-			case RADIUS_ACCESS_CHALLENGE:
-				SimpleSAML_Logger::critical('AUTH - radius: Challenge requested: ' . radius_strerror($radius));
-				throw new Exception('Radius authentication error: Challenge requested');
-				break;
-			default:
-				SimpleSAML_Logger::critical('AUTH  -radius: General radius error: ' . radius_strerror($radius));
-				throw new Exception('Error during radius authentication: ' . radius_strerror($radius));
-		}
-
-	} catch (Exception $e) {
-		$error = $e->getMessage();
-	}
-}
-
-
-$t = new SimpleSAML_XHTML_Template($config, 'login.php', 'login');
-
-$t->data['header'] = 'simpleSAMLphp: Enter username and password';	
-$t->data['relaystate'] = $relaystate;
-$t->data['error'] = $error;
-if (isset($error)) {
-	$t->data['username'] = $_POST['username'];
-}
-
-$t->show();
diff --git a/www/auth/login-tlsclient.php b/www/auth/login-tlsclient.php
deleted file mode 100644
index 414f4d5..0000000
--- a/www/auth/login-tlsclient.php
+++ /dev/null
@@ -1,88 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login-tlsclient.php is deprecated and will be removed in future versions.');
-
-SimpleSAML_Logger::info('AUTH  - ldap: Accessing auth endpoint login');
-
-$ldapconfig = SimpleSAML_Configuration::getConfig('ldap.php');
-
-
-$error = null;
-$attributes = array();
-$username = null;
-
-/* Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-try {
-
-	$attributes = array();
-	$userid = null;
-
-	if (!array_key_exists('SSL_CLIENT_VERIFY', $_SERVER))
-		throw new Exception('Apache header variable SSL_CLIENT_VERIFY was not available. Recheck your apache configuration.');
-	
-	if (strcmp($_SERVER['SSL_CLIENT_VERIFY'], "SUCCESS") != 0) {
-		throw new SimpleSAML_Error_Error('NOTVALIDCERT', $e);
-	}
-	
-	$userid = $_SERVER['SSL_CLIENT_S_DN'];
-	
-	$attributes['CertificateDN']   = array($userid);
-	$attributes['CertificateDNCN'] = array($_SERVER['SSL_CLIENT_S_DN_CN']);
-	
-	$session->doLogin('tlsclient');
-	$session->setAttributes($attributes);
-	
-	#echo '<pre>';
-	#print_r($_SERVER);
-	#echo '</pre>'; exit;
-
-	SimpleSAML_Logger::info('AUTH - tlsclient: '. $userid . ' successfully authenticated');
-	
-	
-	$session->setNameID(array(
-		'value' => SimpleSAML_Utilities::generateID(),
-		'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient')
-	);
-		
-	/**
-	 * Create a statistics log entry for every successfull login attempt.
-	 * Also log a specific attribute as set in the config: statistics.authlogattr
-	 */
-	$authlogattr = $config->getValue('statistics.authlogattr', null);
-	if ($authlogattr && array_key_exists($authlogattr, $attributes)) {
-		SimpleSAML_Logger::stats('AUTH-tlsclient OK ' . $attributes[$authlogattr][0]);
-	} else {
-		SimpleSAML_Logger::stats('AUTH-tlsclient OK');
-	}
-
-	SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['RelayState']);
-	
-	
-} catch (Exception $e) {
-	throw new SimpleSAML_Error_Error('CONFIG', $e);
-
-}
-
-
-
-?>
-\ No newline at end of file
diff --git a/www/auth/login-wayf-ldap.php b/www/auth/login-wayf-ldap.php
deleted file mode 100644
index 7875d37..0000000
--- a/www/auth/login-wayf-ldap.php
+++ /dev/null
@@ -1,89 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-/**
- * This file is part of SimpleSAMLphp. See the file COPYING in the
- * root of the distribution for licence information.
- *
- * This file implements authentication of users using CAS.
- *
- * @author Mads Freek, RUC. 
- * @package simpleSAMLphp
- */
- 
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login-wayf-ldap.php is deprecated and will be removed in future versions.');
-
-try {
-	$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-	// TODO: Make this authentication module independent from SAML 2.0
-	$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
-	
-	$ldapconfigfile = $config->getBaseDir() . 'config/cas-ldap.php';
-	require_once($ldapconfigfile);
-	
-	if (!array_key_exists($idpentityid, $casldapconfig)) {
-		throw new Exception('No LDAP authentication configuration for this SAML 2.0 entity ID [' . $idpentityid . ']');
-	}
-
-	$ldapconfig = $casldapconfig[$idpentityid]['ldap'];
-	
-} catch (Exception $exception) {
-	throw new SimpleSAML_Error_Error('METADATA', $exception);
-}
-
-/*
- * Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-$relaystate = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['RelayState']);
-
-if ($username = $_POST['username']) {
-	try {
-		$ldap = new SimpleSAML_Auth_LDAP($ldapconfig['servers'], $ldapconfig['enable_tls']);
-			 
-		$attributes = $ldap->validate($ldapconfig, $username, $_POST['password']);
-		
-		if ($attributes === FALSE) {
-			$error = "LDAP_INVALID_CREDENTIALS";
-		} else {
-			$session->doLogin('login-wayf-ldap');
-			$session->setAttributes($attributes);
-			
-			$session->setNameID(array(
-					'value' => SimpleSAML_Utilities::generateID(),
-					'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
-			SimpleSAML_Utilities::redirectTrustedURL($relaystate);
-		}
-	} catch(Exception $e) {
-			throw new SimpleSAML_Error_Error('LDAPERROR', $e);
-	}
-}
-
-$t = new SimpleSAML_XHTML_Template($config, $ldapconfig['template']);
-
-$t->data['header'] = 'simpleSAMLphp: Enter username and password';	
-$t->data['relaystate'] = htmlspecialchars($relaystate);
-$t->data['error'] = $error;
-if (isset($error)) {
-	$t->data['username'] = htmlspecialchars($username);
-}
-
-$t->show();
-
-?>
-\ No newline at end of file
diff --git a/www/auth/login.php b/www/auth/login.php
deleted file mode 100644
index d0b0fdd..0000000
--- a/www/auth/login.php
+++ /dev/null
@@ -1,162 +0,0 @@
-<?php
-
-/**
- * WARNING:
- *
- * THIS FILE IS DEPRECATED AND WILL BE REMOVED IN FUTURE VERSIONS
- *
- * @deprecated
- */
-
-require_once('../_include.php');
-
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getSessionFromRequest();
-
-SimpleSAML_Logger::warning('The file auth/login.php is deprecated and will be removed in future versions.');
-
-SimpleSAML_Logger::info('AUTH  - ldap: Accessing auth endpoint login');
-
-$ldapconfig = SimpleSAML_Configuration::getConfig('ldap.php');
-
-
-$error = null;
-$attributes = array();
-$username = null;
-
-
-/* Load the RelayState argument. The RelayState argument contains the address
- * we should redirect the user to after a successful authentication.
- */
-if (!array_key_exists('RelayState', $_REQUEST)) {
-	throw new SimpleSAML_Error_Error('NORELAYSTATE');
-}
-
-$relaystate = $_REQUEST['RelayState'];
-
-
-if (isset($_POST['username'])) {
-
-
-	try {
-	
-		/* Validate and sanitize form data. */
-	
-		/* First, make sure that the password field is included. */
-		if (!array_key_exists('password', $_POST)) {
-			$error = 'error_nopassword'; 
-			continue;
-		}
-	
-		$username = $_POST['username'];
-		$password = $_POST['password'];
-	
-		/* Escape any characters with a special meaning in LDAP. The following
-		 * characters have a special meaning (according to RFC 2253):
-		 * ',', '+', '"', '\', '<', '>', ';', '*'
-		 * These characters are escaped by prefixing them with '\'.
-		 */
-		$ldapusername = addcslashes($username, ',+"\\<>;*');
-	
-	
-		/*
-		 * Connecting to LDAP.
-		 */
-		$ldap = new SimpleSAML_Auth_LDAP($ldapconfig->getValue('auth.ldap.hostname'),
-                                         $ldapconfig->getValue('auth.ldap.enable_tls'));
-
-		if($ldapconfig->getValue('auth.ldap.search.enable', FALSE)) {
-			/* We are configured to search for the users dn. */
-
-			$searchUsername = $ldapconfig->getValue('auth.ldap.search.username', NULL);
-
-			if($searchUsername !== NULL) {
-				/* Log in with username & password for searching. */
-
-				$searchPassword = $ldapconfig->getValue('auth.ldap.search.password', NULL);
-				if($searchPassword === NULL) {
-					throw new Exception('"auth.ldap.search.username" is configured, but not' .
-						' "auth.ldap.search.password".');
-				}
-
-				if(!$ldap->bind($searchUsername, $searchPassword)) {
-					throw new Exception('Error authenticating using search username & password.');
-				}
-			}
-
-			$searchBase = $ldapconfig->getValue('auth.ldap.search.base', NULL);
-			$searchAttributes = $ldapconfig->getValue('auth.ldap.search.attributes', NULL);
-			if($searchBase === NULL || $searchAttributes === NULL) {
-				throw new Exception('"auth.ldap.search.base" and "auth.ldap.search.attributes"' .
-					' must be configured before LDAP search can be enabled.');
-			}
-
-			/* Search for the dn. */
-			$dn = $ldap->searchfordn($searchBase, $searchAttributes, $username);
-		} else {
-			/* We aren't configured to search for the dn. Insert the LDAP username into the pattern
-			 * configured in the 'auth.ldap.dnpattern' option.
-			 */
-			$dn = str_replace('%username%', $ldapusername, $ldapconfig->getValue('auth.ldap.dnpattern'));
-		}
-		
-		/*
-		 * Do LDAP bind using DN.
-		 */
-		if (($password == "") or (!$ldap->bind($dn, $password))) {
-			SimpleSAML_Logger::info('AUTH - ldap: '. $username . ' failed to authenticate. DN=' . $dn);
-			throw new Exception('error_wrongpassword');
-		}
-
-		/*
-		 * Retrieve attributes from LDAP
-		 */
-		$attributes = $ldap->getAttributes($dn, $ldapconfig->getValue('auth.ldap.attributes', null));
-
-		SimpleSAML_Logger::info('AUTH - ldap: '. $ldapusername . ' successfully authenticated');
-		
-		$session->doLogin('login');
-		$session->setAttributes($attributes);
-		
-		$session->setNameID(array(
-			'value' => SimpleSAML_Utilities::generateID(),
-			'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
-			
-		/**
-		 * Create a statistics log entry for every successfull login attempt.
-		 * Also log a specific attribute as set in the config: statistics.authlogattr
-		 */
-		$authlogattr = $config->getValue('statistics.authlogattr', null);
-		if ($authlogattr && array_key_exists($authlogattr, $attributes)) 
-			SimpleSAML_Logger::stats('AUTH-login OK ' . $attributes[$authlogattr][0]);
-		else 
-			SimpleSAML_Logger::stats('AUTH-login OK');
-			
-
-		$returnto = $_REQUEST['RelayState'];
-		SimpleSAML_Utilities::redirectUntrustedURL($returnto);	
-		
-		
-	} catch (Exception $e) {
-		SimpleSAML_Logger::error('AUTH - ldap: User: '.(isset($requestedUser) ? $requestedUser : 'na'). ':'. $e->getMessage());
-		SimpleSAML_Logger::stats('AUTH-login Failed');
-		$error = $e->getMessage();
-	}
-	
-}
-
-
-$t = new SimpleSAML_XHTML_Template($config, 'login.php', 'login');
-
-$t->data['header'] = 'simpleSAMLphp: Enter username and password';
-$t->data['relaystate'] = $relaystate;
-$t->data['error'] = $error;
-if (isset($error)) {
-	$t->data['username'] = $username;
-}
-
-$t->show();
-
-
-?>