Skip to content

O
OpnSense
Commit b3bc3a1e authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) cleanup system_authservers.php

parent cd5396cd
Show whitespace changes
Inline Side-by-side
Showing with 574 additions and 785 deletions
src/www/system_authservers.php
View file @ b3bc3a1e
......@@ -27,102 +27,48 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
require_once("guiconfig.inc");
require_once("auth.inc");
$ldap_urltypes = array(
'TCP - Standard' => 389,
'SSL - Encrypted' => 636
);
$auth_server_types = array(
'ldap' => "LDAP",
'radius' => "Radius"
);
$ldap_scopes = array(
'one' => "One Level",
'subtree' => "Entire Subtree"
);
$ldap_protvers = array(2, 3);
$ldap_templates = array(
'open' => array(
'desc' => "OpenLDAP",
'attr_user' => "cn"
),
'msad' => array(
'desc' => "Microsoft AD",
'attr_user' => "samAccountName"
),
'edir' => array(
'desc' => "Novell eDirectory",
'attr_user' => "cn"
)
);
$radius_srvcs = array(
'both' => "Authentication and Accounting",
'auth' => "Authentication",
'acct' => "Accounting"
);
$pgtitle = array(gettext('System'), gettext('Users'), gettext('Servers'));
$shortcut_section = "authentication";
if (isset($_GET['id']) && is_numericint($_GET['id'])) {
$id = $_GET['id'];
}
if (isset($_GET['act'])) {
$act = $_GET['act'];
} else {
$act = null;
}
if (!isset($config['system']['authserver'])) {
$config['system']['authserver'] = array();
}
if (empty($config['ca']) || !is_array($config['ca'])) {
$config['ca'] = array();
}
$a_servers = auth_get_authserver_list();
$a_server = array();
foreach ($a_servers as $servers) {
$a_server[] = $servers;
}
if (!is_array($config['ca'])) {
$config['ca'] = array();
}
$a_ca =& $config['ca'];
if ($act == "del") {
if (!$a_server[$_GET['id']]) {
redirectHeader("system_authservers.php");
exit;
}
/* Remove server from main list. */
$serverdeleted = $a_server[$_GET['id']]['name'];
foreach ($config['system']['authserver'] as $k => $as) {
if ($config['system']['authserver'][$k]['name'] == $serverdeleted) {
unset($config['system']['authserver'][$k]);
$act = null;
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// input record id, if valid
if (isset($_GET['id']) && isset($a_server[$_GET['id']])) {
$id = $_GET['id'];
$configId = $id;
}
if (isset($_GET['act'])) {
$act = $_GET['act'];
}
/* Remove server from temp list used later on this page. */
unset($a_server[$_GET['id']]);
$savemsg = gettext("Authentication Server")." {$serverdeleted} ".
gettext("deleted")."<br />";
write_config($savemsg);
}
if ($act == "edit") {
if (isset($id) && $a_server[$id]) {
$pconfig = array();
if ($act == "new") {
$pconfig['ldap_protver'] = 3;
$pconfig['radius_srvcs'] = "both";
$pconfig['radius_auth_port'] = "1812";
$pconfig['radius_acct_port'] = "1813";
$pconfig['type'] = 'ldap';
} elseif ($act == "edit" && isset($id)) {
$pconfig['type'] = $a_server[$id]['type'];
$pconfig['name'] = $a_server[$id]['name'];
......@@ -136,61 +82,44 @@ if ($act == "edit") {
$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
$pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn'];
$pconfig['ldap_extended_query'] = $a_server[$id]['ldap_extended_query'];
$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
if (empty($pconfig['ldap_binddn']) || empty($pconfig['ldap_bindpw'])) {
$pconfig['ldap_anon'] = true;
if (!empty($a_server[$id]['ldap_binddn'])) {
$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
}
if (!empty($a_server[$id]['ldap_bindpw'])) {
$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
}
if ($pconfig['type'] == "radius") {
} elseif ($pconfig['type'] == "radius") {
$pconfig['radius_host'] = $a_server[$id]['host'];
$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
$pconfig['radius_secret'] = $a_server[$id]['radius_secret'];
$pconfig['radius_timeout'] = $a_server[$id]['radius_timeout'];
if ($pconfig['radius_auth_port'] &&
$pconfig['radius_acct_port'] ) {
if (!empty($pconfig['radius_auth_port']) &&
!empty($pconfig['radius_acct_port'])) {
$pconfig['radius_srvcs'] = "both";
}
if ($pconfig['radius_auth_port'] &&
!$pconfig['radius_acct_port'] ) {
} else {
$pconfig['radius_srvcs'] = "auth";
$pconfig['radius_acct_port'] = 1813;
}
if (!$pconfig['radius_auth_port'] &&
$pconfig['radius_acct_port'] ) {
$pconfig['radius_srvcs'] = "acct";
if (empty($pconfig['radius_auth_port'])) {
$pconfig['radius_auth_port'] = 1812;
}
}
}
}
if ($act == "new") {
$pconfig['ldap_protver'] = 3;
$pconfig['ldap_anon'] = true;
$pconfig['radius_srvcs'] = "both";
$pconfig['radius_auth_port'] = "1812";
$pconfig['radius_acct_port'] = "1813";
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = array();
$pconfig = $_POST;
if (isset($_POST['id']) && is_numericint($_POST['id'])) {
if (isset($_POST['id']) && isset($a_server[$_POST['id']])) {
$id = $_POST['id'];
} else {
$id = null;
}
if (isset($_POST['act'])) {
$act = $_POST['act'];
}
if (isset($pconfig['save'])) {
/* input validation */
if ($pconfig['type'] == "ldap") {
$reqdfields = explode(" ", "name type ldap_host ldap_port ".
"ldap_urltype ldap_protver ldap_scope ".
......@@ -206,7 +135,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
gettext("User naming Attribute"),
gettext("Authentication container"));
if (!$pconfig['ldap_anon']) {
if (!empty($pconfig['ldap_binddn']) && !empty($pconfig['ldap_bindpw'])) {
$reqdfields[] = "ldap_binddn";
$reqdfields[] = "ldap_bindpw";
$reqdfieldsn[] = gettext("Bind user DN");
......@@ -228,12 +157,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$reqdfieldsn[] = gettext("Authentication port value");
}
if ($pconfig['radisu_srvcs'] == "both" ||
$pconfig['radisu_srvcs'] == "acct") {
$reqdfields[] = "radius_acct_port";
$reqdfieldsn[] = gettext("Accounting port value");
}
if ($id == null) {
$reqdfields[] = "radius_secret";
$reqdfieldsn[] = gettext("Shared Secret");
......@@ -242,22 +165,24 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host'])) {
if (!empty($_POST['ldap_host']) && preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['ldap_host'])) {
$input_errors[] = gettext("The host name contains invalid characters.");
}
if (!empty($_POST['radius_host']) && preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['radius_host'])) {
$input_errors[] = gettext("The host name contains invalid characters.");
}
if (auth_get_authserver($pconfig['name']) && $id == null) {
if (auth_get_authserver($pconfig['name']) && !isset($id)) {
$input_errors[] = gettext("An authentication server with the same name already exists.");
}
if (($pconfig['type'] == "radius") && isset($_POST['radius_timeout']) && !empty($_POST['radius_timeout']) && (!is_numeric($_POST['radius_timeout']) || (is_numeric($_POST['radius_timeout']) && ($_POST['radius_timeout'] <= 0)))) {
$input_errors[] = gettext("RADIUS Timeout value must be numeric and positive.");
}
if (count($input_errors) == 0) {
$server = array();
$server['refid'] = uniqid();
if ($id != null && isset($a_server[$id])) {
if (isset($id)) {
$server = $a_server[$id];
}
......@@ -277,21 +202,25 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$server['ldap_authcn'] = $pconfig['ldapauthcontainers'];
$server['ldap_extended_query'] = $pconfig['ldap_extended_query'];
$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
if (!$pconfig['ldap_anon']) {
if (!empty($pconfig['ldap_binddn']) && !empty($pconfig['ldap_bindpw']) ){
$server['ldap_binddn'] = $pconfig['ldap_binddn'];
$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
} else {
if (isset($server['ldap_binddn'])) {
unset($server['ldap_binddn']);
}
if (isset($server['ldap_bindpw'])) {
unset($server['ldap_bindpw']);
}
}
} elseif ($server['type'] == "radius") {
$server['host'] = $pconfig['radius_host'];
if ($pconfig['radius_secret']) {
if (!empty($pconfig['radius_secret'])) {
$server['radius_secret'] = $pconfig['radius_secret'];
}
if ($pconfig['radius_timeout']) {
if (!empty($pconfig['radius_timeout'])) {
$server['radius_timeout'] = $pconfig['radius_timeout'];
} else {
$server['radius_timeout'] = 5;
......@@ -306,26 +235,51 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$server['radius_auth_port'] = $pconfig['radius_auth_port'];
unset($server['radius_acct_port']);
}
if ($pconfig['radius_srvcs'] == "acct") {
$server['radius_acct_port'] = $pconfig['radius_acct_port'];
unset($server['radius_auth_port']);
}
}
if ($id != null && isset($config['system']['authserver'][$id])) {
if (isset($id) && isset($config['system']['authserver'][$id])) {
$config['system']['authserver'][$id] = $server;
} else {
$config['system']['authserver'][] = $server;
}
write_config();
redirectHeader("system_authservers.php");
} else {
$act = "edit";
}
} elseif (isset($pconfig['act']) && $pconfig['act'] == 'del' && isset($id)) {
/* Remove server from main list. */
$serverdeleted = $a_server[$id]['name'];
foreach ($config['system']['authserver'] as $k => $as) {
if ($config['system']['authserver'][$k]['name'] == $serverdeleted) {
unset($config['system']['authserver'][$k]);
}
}
$savemsg = gettext("Authentication Server")." {$serverdeleted} ".
gettext("deleted")."<br />";
write_config($savemsg);
redirectHeader("system_authservers.php");
}
}
$pgtitle = array(gettext('System'), gettext('Users'), gettext('Servers'));
$shortcut_section = "authentication";
// list of all possible fields for auth item (used for form init)
$all_authfields = array('type','name','ldap_caref','ldap_host','ldap_port','ldap_urltype','ldap_protver','ldap_scope',
'ldap_basedn','ldap_authcn','ldap_extended_query','ldap_binddn','ldap_bindpw','ldap_attr_user','radius_host',
'radius_auth_port','radius_acct_port','radius_secret','radius_timeout','radius_srvcs'
);
foreach ($all_authfields as $fieldname) {
if (!isset($pconfig[$fieldname])) {
$pconfig[$fieldname] = null;
}
}
legacy_html_escape_form_data($pconfig);
legacy_html_escape_form_data($a_server);
include("head.inc");
......@@ -340,86 +294,6 @@ $main_buttons = array(
<script type="text/javascript">
//<![CDATA[
function server_typechange(typ) {
var idx = 0;
if (!typ) {
idx = document.getElementById("type").selectedIndex;
typ = document.getElementById("type").options[idx].value;
}
switch (typ) {
case "ldap":
document.getElementById("ldap").style.display="";
document.getElementById("radius").style.display="none";
break;
case "radius":
document.getElementById("ldap").style.display="none";
document.getElementById("radius").style.display="";
break;
}
}
function ldap_urlchange() {
switch (document.getElementById("ldap_urltype").selectedIndex) {
<?php
$index = 0;
foreach ($ldap_urltypes as $urltype => $urlport) :
?>
case <?=$index;?>:
document.getElementById("ldap_port").value = "<?=$urlport;?>";
break;
<?php
$index++;
endforeach;
?>
}
}
function ldap_bindchange() {
if (document.getElementById("ldap_anon").checked)
document.getElementById("ldap_bind").style.display="none";
else
document.getElementById("ldap_bind").style.display="";
}
function ldap_tmplchange(){
switch (document.getElementById("ldap_tmpltype").selectedIndex) {
<?php
$index = 0;
foreach ($ldap_templates as $tmpldata) :
?>
case <?=$index;?>:
document.getElementById("ldap_attr_user").value = "<?=$tmpldata['attr_user'];?>";
document.getElementById("ldap_attr_group").value = "<?=$tmpldata['attr_group'];?>";
document.getElementById("ldap_attr_member").value = "<?=$tmpldata['attr_member'];?>";
break;
<?php
$index++;
endforeach;
?>
}
}
function radius_srvcschange(){
switch (document.getElementById("radius_srvcs").selectedIndex) {
case 0: // both
document.getElementById("radius_auth").style.display="";
document.getElementById("radius_acct").style.display="";
break;
case 1: // authentication
document.getElementById("radius_auth").style.display="";
document.getElementById("radius_acct").style.display="none";
break;
case 2: // accounting
document.getElementById("radius_auth").style.display="none";
document.getElementById("radius_acct").style.display="";
break;
}
}
function select_clicked() {
if (document.getElementById("ldap_port").value == '' ||
document.getElementById("ldap_host").value == '' ||
......@@ -428,13 +302,6 @@ function select_clicked() {
alert("<?=gettext("Please fill the required values.");?>");
return;
}
if (!document.getElementById("ldap_anon").checked) {
if (document.getElementById("ldap_binddn").value == '' ||
document.getElementById("ldap_bindpw").value == '') {
alert("<?=gettext("Please fill the bind username/password.");?>");
return;
}
}
var url = 'system_usermanager_settings_ldapacpicker.php?';
url += 'port=' + document.getElementById("ldap_port").value;
url += '&host=' + document.getElementById("ldap_host").value;
......@@ -445,409 +312,360 @@ function select_clicked() {
url += '&urltype=' + document.getElementById("ldap_urltype").value;
url += '&proto=' + document.getElementById("ldap_protver").value;
url += '&authcn=' + document.getElementById("ldapauthcontainers").value;
<?php if (count($a_ca) > 0) :
<?php if (count($config['ca']) > 0) :
?>
url += '&cert=' + document.getElementById("ldap_caref").value;
<?php
else :
?>
else :?>
url += '&cert=';
<?php
endif; ?>
var oWin = window.open(url,"OPNsense","width=620,height=400,top=150,left=150");
if (oWin==null || typeof(oWin)=="undefined")
alert("<?=gettext('Popup blocker detected. Action aborted.');?>");
}
$( document ).ready(function() {
$("#type").change(function(){
if ($("#type").val() == 'ldap') {
$(".auth_ldap").removeClass('hidden');
$(".auth_radius").addClass('hidden');
} else if ($("#type").val() == 'radius') {
$(".auth_ldap").addClass('hidden');
$(".auth_radius").removeClass('hidden');
}
});
$("#ldap_urltype").change(function(){
$("#ldap_port").val($(this).find(':selected').data('port'));
});
$("#ldap_tmpltype").change(function(){
switch ($("#ldap_tmpltype").val()) {
case 'open':
case 'edir':
$("#ldap_attr_user").val('cn');
break;
case 'msad':
$("#ldap_attr_user").val('samAccountName');
break;
}
});
$("#radius_srvcs").change(function(){
switch ($("#radius_srvcs").val()) {
case 'both': // both
$("#radius_auth").removeClass('hidden');
$("#radius_acct").removeClass('hidden');
break;
default: // authentication
$("#radius_auth").removeClass('hidden');
$("#radius_acct").addClass('hidden');
break;
}
});
$(".act_delete").click(function(){
var id = $(this).attr("id").split('_').pop(-1);
// delete single
BootstrapDialog.show({
type:BootstrapDialog.TYPE_INFO,
title: "<?= gettext("Server");?>",
message: "<?=gettext("Do you really want to delete this Server?");?>",
buttons: [{
label: "<?= gettext("No");?>",
action: function(dialogRef) {
dialogRef.close();
}}, {
label: "<?= gettext("Yes");?>",
action: function(dialogRef) {
$("#overview_id").val(id);
$("#overview_act").val("del");
$("#iform_overview").submit()
}
}]
});
});
// init
$("#type").change();
$("#radius_srvcs").change();
if ($("#ldap_port").val() == "") {
$("#ldap_urltype").change();
}
if ($("#ldap_attr_user").val() == "") {
$("#ldap_tmpltype").change();
}
});
//]]>
</script>
<?php include("fbegin.inc");?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php
<?php
if (isset($input_errors) && count($input_errors) > 0) {
print_input_errors($input_errors);
}
if (isset($savemsg)) {
print_info_box($savemsg);
}
?>
?>
<section class="col-xs-12">
<div class="tab-content content-box col-xs-12 table-responsive">
<?php if ($act == "new" || $act == "edit") :
?>
<form id="iform" name="iform" action="system_authservers.php" method="post">
<table class="table table-striped table-sort">
<table class="table table-striped">
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
<td width="78%" class="vtable">
<?php if (!isset($id)) :
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Descriptive name"); ?></td>
<td>
<?php if (!isset($id)) :
?>
<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
<?php
else :
<input name="name" type="text" size="20" value="<?=$pconfig['name'];?>"/>
<?php else :
?>
<strong><?=htmlspecialchars($pconfig['name']);?></strong>
<input name='name' type='hidden' id='name' value="<?=htmlspecialchars($pconfig['name']);?>"/>
<?php
<strong><?=$pconfig['name'];?></strong>
<?php
endif; ?>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Type");?></td>
<td width="78%" class="vtable">
<?php if (!isset($id)) :
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Type"); ?></td>
<td>
<?php if (!isset($id)) :
?>
<select name='type' id='type' class="formselect selectpicker" data-style="btn-default" onchange='server_typechange()'>
<?php
<select name='type' id='type' class="formselect selectpicker" data-style="btn-default">
<?php
foreach ($auth_server_types as $typename => $typedesc) :
$selected = "";
if ($pconfig['type'] == $typename) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$typename;
?>" <?=$selected;
?>><?=$typedesc;?></option>
<?php
?>
<option value="<?=$typename;?>"><?=$typedesc;?></option>
<?php
endforeach; ?>
</select>
<?php
<?php
else :
?>
<strong><?=$auth_server_types[$pconfig['type']];?></strong>
<input name='type' type='hidden' id='type' value="<?=htmlspecialchars($pconfig['type']);?>"/>
<?php
<input name='type' type='hidden' id='type' value="<?=$pconfig['type'];?>"/>
<?php
endif; ?>
</td>
</tr>
</table>
<table class="table table-striped table-sort" id="ldap" style="display:none" summary="">
<thead>
<tr>
<th colspan="2" class="listtopic"><?=gettext("LDAP Server Settings");?></th>
</tr>
</thead>
<tbody>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td>
<td width="78%" class="vtable">
<input name="ldap_host" type="text" class="formfld unknown" id="ldap_host" size="20" value="<?=htmlspecialchars($pconfig['ldap_host']);?>"/>
<br /><?= gettext("NOTE: When using SSL, this hostname MUST match the Common Name (CN) of the LDAP server's SSL Certificate."); ?>
<!-- LDAP -->
<tr class="auth_ldap hidden">
<td><a id="help_for_ldap_host" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Hostname or IP address");?></td>
<td>
<input name="ldap_host" type="text" id="ldap_host" size="20" value="<?=$pconfig['ldap_host'];?>"/>
<div class="hidden" for="help_for_ldap_host">
<?= gettext("NOTE: When using SSL, this hostname MUST match the Common Name (CN) of the LDAP server's SSL Certificate."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Port value");?></td>
<td width="78%" class="vtable">
<input name="ldap_port" type="text" class="formfld unknown" id="ldap_port" size="5" value="<?=htmlspecialchars($pconfig['ldap_port']);?>"/>
<tr class="auth_ldap hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Port value");?></td>
<td>
<input name="ldap_port" type="text" id="ldap_port" size="5" value="<?=$pconfig['ldap_port'];?>"/>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Transport");?></td>
<td width="78%" class="vtable">
<select name='ldap_urltype' id='ldap_urltype' class="formselect selectpicker" data-style="btn-default" onchange='ldap_urlchange()'>
<?php
foreach ($ldap_urltypes as $urltype => $urlport) :
$selected = "";
if ($pconfig['ldap_urltype'] == $urltype) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$urltype;
?>" <?=$selected;
?>><?=$urltype;?></option>
<?php
endforeach; ?>
<tr class="auth_ldap hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Transport");?></td>
<td>
<select name='ldap_urltype' id='ldap_urltype' class="formselect selectpicker" data-style="btn-default">
<option value="TCP - Standard" data-port="389" <?=$pconfig['ldap_urltype'] == "TCP - Standard" ? "selected=\"selected\"" : "";?>>
<?=gettext("TCP - Standard");?>
</option>
<option value="SSL - Encrypted" data-port="636" <?=$pconfig['ldap_urltype'] == "SSL - Encrypted" ? "selected=\"selected\"" : "";?>>
<?=gettext("SSL - Encrypted");?>
</option>
</select>
</td>
</tr>
<tr id="tls_ca">
<td width="22%" valign="top" class="vncell"><?=gettext("Peer Certificate Authority"); ?></td>
<td width="78%" class="vtable">
<?php if (count($a_ca)) :
?>
<tr class="auth_ldap hidden">
<td><a id="help_for_ldap_caref" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Peer Certificate Authority"); ?></td>
<td>
<?php
if (count($config['ca'])) :?>
<select id='ldap_caref' name='ldap_caref' class="formselect selectpicker" data-style="btn-default">
<?php
foreach ($a_ca as $ca) :
$selected = "";
if ($pconfig['ldap_caref'] == $ca['refid']) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$ca['refid'];
?>" <?=$selected;
?>><?=$ca['descr'];?></option>
<?php
<?php
foreach ($config['ca'] as $ca) :
?>
<option value="<?=$ca['refid'];?>" <?=$pconfig['ldap_caref'] == $ca['refid'] ? "selected=\"selected\"" : "";?>><?=$ca['descr'];?></option>
<?php
endforeach; ?>
</select>
<br /><span><?=gettext("This option is used if 'SSL Encrypted' option is choosen.");?> <br />
<div class="hidden" for="help_for_ldap_caref">
<span><?=gettext("This option is used if 'SSL Encrypted' option is choosen.");?> <br />
<?=gettext("It must match with the CA in the AD otherwise problems will arise.");?></span>
<?php
else :
?>
<b>No Certificate Authorities defined.</b> <br />Create one under <a href="system_camanager.php">System: Certificates</a>.
<?php
endif; ?>
</div>
<?php
else :?>
<b><?=gettext('No Certificate Authorities defined.');?></b> <br /><?=gettext('Create one under');?> <a href="system_camanager.php"><?=gettext('System: Certificates');?></a>.
<?php
endif; ?>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol version");?></td>
<td width="78%" class="vtable">
<tr class="auth_ldap hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Protocol version");?></td>
<td>
<select name='ldap_protver' id='ldap_protver' class="formselect selectpicker" data-style="btn-default">
<?php
foreach ($ldap_protvers as $version) :
$selected = "";
if ($pconfig['ldap_protver'] == $version) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$version;
?>" <?=$selected;
?>><?=$version;?></option>
<?php
endforeach; ?>
<option value="2" <?=$pconfig['ldap_protver'] == 2 ? "selected=\"selected\"" : "";?>>2</option>
<option value="3" <?=$pconfig['ldap_protver'] == 3 ? "selected=\"selected\"" : "";?>>3</option>
</select>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Bind credentials");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="bind credentials">
<tr>
<td>
<input name="ldap_anon" type="checkbox" id="ldap_anon" value="yes" <?php if ($pconfig['ldap_anon']) {
echo "checked=\"checked\"";
} ?> onclick="ldap_bindchange()" />
</td>
<td>
<?=gettext("Use anonymous binds to resolve distinguished names");?>
</td>
</tr>
</table>
<table border="0" cellspacing="0" cellpadding="2" id="ldap_bind" summary="bind">
<tr>
<td colspan="2"></td>
</tr>
<tr>
<td><?=gettext("User DN:");?> &nbsp;</td>
<tr class="auth_ldap hidden">
<td><a id="help_for_ldap_binddn" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Bind credentials");?></td>
<td>
<input name="ldap_binddn" type="text" class="formfld unknown" id="ldap_binddn" size="40" value="<?=htmlspecialchars($pconfig['ldap_binddn']);?>"/><br />
</td>
</tr>
<tr>
<td><?=gettext("Password:");?> &nbsp;</td>
<td>
<input name="ldap_bindpw" type="password" class="formfld pwd" id="ldap_bindpw" size="20" value="<?=htmlspecialchars($pconfig['ldap_bindpw']);?>"/><br />
</td>
</tr>
</table>
<?=gettext("User DN:");?><br/>
<input name="ldap_binddn" type="text" id="ldap_binddn" size="40" value="<?=$pconfig['ldap_binddn'];?>"/>
<?=gettext("Password:");?><br/>
<input name="ldap_bindpw" type="password" class="formfld pwd" id="ldap_bindpw" size="20" value="<?=$pconfig['ldap_bindpw'];?>"/><br />
<div class="hidden" for="help_for_ldap_binddn">
<?=gettext("Leave empty to use anonymous binds to resolve distinguished names");?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Search scope");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="search scope">
<tr>
<td><?=gettext("Level:");?></td>
<tr class="auth_ldap hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Search scope");?></td>
<td>
<div>
<?=gettext("Level:");?><br/>
<select name='ldap_scope' id='ldap_scope' class="formselect selectpicker" data-style="btn-default">
<?php
foreach ($ldap_scopes as $scopename => $scopedesc) :
$selected = "";
if ($pconfig['ldap_scope'] == $scopename) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$scopename;
?>" <?=$selected;
?>><?=$scopedesc;?></option>
<?php
endforeach; ?>
<option value="one" <?=$pconfig['ldap_scope'] == 'one' ? "selected=\"selected\"" : "";?>>
<?=gettext('One Level');?>
</option>
<option value="subtree" <?=$pconfig['ldap_scope'] == 'one' ? "selected=\"selected\"" : "";?>>
<?=gettext('Entire Subtree');?>
</option>
</select>
</div>
<div>
<?=gettext("Base DN:");?><br/>
<input name="ldap_basedn" type="text" id="ldap_basedn" size="40" value="<?=$pconfig['ldap_basedn'];?>"/>
</div>
</td>
</tr>
<tr>
<td><?=gettext("Base DN:");?></td>
<td>
<input name="ldap_basedn" type="text" class="formfld unknown" id="ldap_basedn" size="40" value="<?=htmlspecialchars($pconfig['ldap_basedn']);?>"/>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication containers");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="auth containers">
<tr>
<td valign="top"><?=gettext("Containers:");?> &nbsp;</td>
<tr class="auth_ldap hidden">
<td><a id="help_for_ldapauthcontainers" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Authentication containers");?></td>
<td>
<ul class="list-inline">
<li><input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/></li>
<li><input name="ldapauthcontainers" type="text" id="ldapauthcontainers" size="40" value="<?=$pconfig['ldap_authcn'];?>"/></li>
<li><input type="button" onclick="select_clicked();" class="btn btn-default" value="<?=gettext("Select");?>" /></li>
</ul>
</td>
</tr>
<tr>
<td colspan="2">
<br /><?=gettext("Note: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path containing a dc= component.");?>
<br/>
<div class="hidden" for="help_for_ldapauthcontainers">
<br/><?=gettext("Note: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path containing a dc= component.");?>
<br /><?=gettext("Example:");?> CN=Users;DC=example,DC=com
<br /><?=gettext("Example:");?> OU=Staff;OU=Freelancers
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Extended Query");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="query">
<tr>
<tr class="auth_ldap hidden">
<td><a id="help_for_ldap_extended_query" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Extended Query");?></td>
<td>
<input name="ldap_extended_query" type="text" class="formfld unknown" id="ldap_extended_query" size="40" value="<?=htmlspecialchars($pconfig['ldap_extended_query']);?>"/>
<br /><?=gettext("Example:");?> &amp;(objectClass=inetOrgPerson)(mail=*@example.com)
</td>
</tr>
</table>
<input name="ldap_extended_query" type="text" id="ldap_extended_query" size="40" value="<?=$pconfig['ldap_extended_query'];?>"/>
<div class="hidden" for="help_for_ldap_extended_query">
<?=gettext("Example:");?> &amp;(objectClass=inetOrgPerson)(mail=*@example.com)
</div>
</td>
</tr>
<?php if (!isset($id)) :
<?php if (!isset($id)) :
?>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Initial Template");?></td>
<td width="78%" class="vtable">
<select name='ldap_tmpltype' id='ldap_tmpltype' class="formselect selectpicker" data-style="btn-default" onchange='ldap_tmplchange()'>
<?php
foreach ($ldap_templates as $tmplname => $tmpldata) :
$selected = "";
if ($pconfig['ldap_template'] == $tmplname) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$tmplname;
?>" <?=$selected;
?>><?=$tmpldata['desc'];?></option>
<?php
endforeach; ?>
<tr class="auth_ldap hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Initial Template");?></td>
<td>
<select name='ldap_tmpltype' id='ldap_tmpltype' class="formselect selectpicker" data-style="btn-default">
<option value="open"><?=gettext('OpenLDAP');?></option>
<option value="msad"><?=gettext('Microsoft AD');?></option>
<option value="edir"><?=gettext('Novell eDirectory');?></option>
</select>
</td>
</tr>
<?php
<?php
endif; ?>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("User naming attribute");?></td>
<td width="78%" class="vtable">
<input name="ldap_attr_user" type="text" class="formfld unknown" id="ldap_attr_user" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_user']);?>"/>
<tr class="auth_ldap hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("User naming attribute");?></td>
<td>
<input name="ldap_attr_user" type="text" id="ldap_attr_user" size="20" value="<?=$pconfig['ldap_attr_user'];?>"/>
</td>
</tr>
</table>
<table class="table table-striped table-sort" id="radius" style="display:none" summary="">
<tr>
<td colspan="2" class="list" height="12"></td>
</tr>
<tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("Radius Server Settings");?></td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td>
<td width="78%" class="vtable">
<input name="radius_host" type="text" class="formfld unknown" id="radius_host" size="20" value="<?=htmlspecialchars($pconfig['radius_host']);?>"/>
<!-- RADIUS -->
<tr class="auth_radius hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Hostname or IP address");?></td>
<td>
<input name="radius_host" type="text" id="radius_host" size="20" value="<?=$pconfig['radius_host'];?>"/>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Secret");?></td>
<td width="78%" class="vtable">
<input name="radius_secret" type="password" class="formfld pwd" id="radius_secret" size="20" value="<?=htmlspecialchars($pconfig['radius_secret']);?>"/>
<tr class="auth_radius hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Shared Secret");?></td>
<td>
<input name="radius_secret" type="password" class="formfld pwd" id="radius_secret" size="20" value="<?=$pconfig['radius_secret'];?>"/>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Services offered");?></td>
<td width="78%" class="vtable">
<select name='radius_srvcs' id='radius_srvcs' class="formselect selectpicker" data-style="btn-default" onchange='radius_srvcschange()'>
<?php
foreach ($radius_srvcs as $srvcname => $srvcdesc) :
$selected = "";
if ($pconfig['radius_srvcs'] == $srvcname) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$srvcname;
?>" <?=$selected;
?>><?=$srvcdesc;?></option>
<?php
endforeach; ?>
<tr class="auth_radius hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Services offered");?></td>
<td>
<select name='radius_srvcs' id='radius_srvcs' class="formselect selectpicker" data-style="btn-default">
<option value="both" <?=$pconfig['radius_srvcs'] == 'both' ? "selected=\"selected\"" :"";?>>
<?=gettext('Authentication and Accounting');?>
</option>
<option value="auth" <?=$pconfig['radius_srvcs'] == 'auth' ? "selected=\"selected\"" :"";?>>
<?=gettext('Authentication');?>
</option>
</select>
</td>
</tr>
<tr id="radius_auth">
<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication port value");?></td>
<td width="78%" class="vtable">
<input name="radius_auth_port" type="text" class="formfld unknown" id="radius_auth_port" size="5" value="<?=htmlspecialchars($pconfig['radius_auth_port']);?>"/>
<tr id="radius_auth" class="auth_radius hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Authentication port value");?></td>
<td>
<input name="radius_auth_port" type="text" id="radius_auth_port" size="5" value="<?=$pconfig['radius_auth_port'];?>"/>
</td>
</tr>
<tr id="radius_acct">
<td width="22%" valign="top" class="vncellreq"><?=gettext("Accounting port value");?></td>
<td width="78%" class="vtable">
<input name="radius_acct_port" type="text" class="formfld unknown" id="radius_acct_port" size="5" value="<?=htmlspecialchars($pconfig['radius_acct_port']);?>"/>
<tr id="radius_acct" class="auth_radius hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Accounting port value");?></td>
<td>
<input name="radius_acct_port" type="text" id="radius_acct_port" size="5" value="<?=$pconfig['radius_acct_port'];?>"/>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication Timeout");?></td>
<td width="78%" class="vtable">
<input name="radius_timeout" type="text" class="formfld unknown" id="radius_timeout" size="20" value="<?=htmlspecialchars($pconfig['radius_timeout']);?>"/>
<tr class="auth_radius hidden">
<td><a id="help_for_radius_timeout" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Authentication Timeout");?></td>
<td>
<input name="radius_timeout" type="text" id="radius_timeout" size="20" value="<?=$pconfig['radius_timeout'];?>"/>
<div class="hidden" for="help_for_radius_timeout">
<br /><?= gettext("This value controls how long, in seconds, that the RADIUS server may take to respond to an authentication request.") ?>
<br /><?= gettext("If left blank, the default value is 5 seconds.") ?>
<br /><br /><?= gettext("NOTE: If you are using an interactive two-factor authentication system, increase this timeout to account for how long it will take the user to receive and enter a token.") ?>
</div>
</td>
</tr>
</table>
<table class="table table-striped table-sort">
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="78%">
<td>&nbsp;</td>
<td>
<input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
<?php if (isset($id) && $a_server[$id]) :
<?php if (isset($id)) :
?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
<?php
<?php
endif;?>
</td>
</tr>
</table>
</form>
<?php
<?php
else :
?>
<form id="iform_overview" method="post">
<input type="hidden" id="overview_id" name="id">
<input type="hidden" id="overview_act" name="act">
<table class="table table-striped table-sort">
<thead>
<tr>
<th width="25%" class="listhdrr"><?=gettext("Server Name");?></th>
<th width="25%" class="listhdrr"><?=gettext("Type");?></th>
<th width="35%" class="listhdrr"><?=gettext("Host Name");?></th>
<th><?=gettext("Server Name");?></th>
<th width="25%"><?=gettext("Type");?></th>
<th width="35%"><?=gettext("Host Name");?></th>
<th width="10%" class="list"></th>
</tr>
</thead>
<tfoot>
<tr>
<td colspan="4">
<p>
......@@ -857,68 +675,39 @@ else :
</tr>
</tfoot>
<tbody>
<?php
$i = 0;
<?php
$i = 0;
foreach ($a_server as $server) :
$name = htmlspecialchars($server['name']);
$type = htmlspecialchars($auth_server_types[$server['type']]);
$host = htmlspecialchars($server['host']);
?>
<tr <?php if ($i < (count($a_server) - 1)) :
?> ondblclick="document.location='system_authservers.php?act=edit&amp;id=<?=$i;?>'" <?php
endif; ?>>
<td class="listlr"><?=$name?>&nbsp;</td>
<td class="listr"><?=$type;?>&nbsp;</td>
<td class="listr"><?=$host;?>&nbsp;</td>
<td valign="middle" class="list nowrap">
?>
<tr>
<td><?=$server['name']?></td>
<td><?=!empty($auth_server_types[$server['type']]) ? $auth_server_types[$server['type']] : "";;?></td>
<td><?=$server['host'];?></td>
<td>
<?php if ($i < (count($a_server) - 1)) :
?>
<a href="system_authservers.php?act=edit&amp;id=<?=$i;?>" class="btn btn-default btn-xs">
<span class="glyphicon glyphicon-pencil"></span>
</a>
&nbsp;
<a href="system_authservers.php?act=del&amp;id=<?=$i;
?>" onclick="return confirm('<?=gettext("Do you really want to delete this Server?");?>')" class="btn btn-default btn-xs">
<a id="del_<?=$i;?>" title="<?=gettext("delete this server"); ?>" data-toggle="tooltip" class="act_delete btn btn-default btn-xs">
<span class="glyphicon glyphicon-remove"></span>
</a>
<?php
endif; ?>
</td>
<?php
endif; ?>
</tr>
<?php
<?php
$i++;
endforeach;
?>
endforeach;?>
</tbody>
</table>
<?php
</form>
<?php
endif; ?>
</div>
</section>
</div>
</div>
</section>
<script type="text/javascript">
//<![CDATA[
$( document ).ready(function() {
server_typechange('<?=htmlspecialchars($pconfig['type']);?>');
if (document.getElementById("ldap_port").value == "") ldap_urlchange();
<?php
if ($pconfig['type'] == "ldap") {
echo " ldap_bindchange();\n";
echo " if (document.getElementById(\"ldap_port\").value == \"\") ldap_urlchange();\n";
if (!isset($id)) {
echo " ldap_tmplchange();\n";
}
} else {
echo " radius_srvcschange();\n";
}
?>
});
//]]>
</script>
</section>
<?php include("foot.inc");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023