diff options
| author | Ermal Luçi <eri@pfsense.org> | 2010-03-02 17:07:06 +0000 |
|---|---|---|
| committer | Ermal Luçi <eri@pfsense.org> | 2010-03-02 17:07:06 +0000 |
| commit | c61e4626269fb099f4b7e9c12ceaeffd163c968f (patch) | |
| tree | fe99cd1c66aa9e456bc9b16de0f462bfc982c249 /usr/local/www/system_authservers.php | |
| parent | a13ce628f8a2c1292bf222387ea59cd63e9b9234 (diff) | |
| download | pfsense-c61e4626269fb099f4b7e9c12ceaeffd163c968f.zip pfsense-c61e4626269fb099f4b7e9c12ceaeffd163c968f.tar.gz | |
Allow the GUI auth API to be used for doing authentication against authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
Diffstat (limited to 'usr/local/www/system_authservers.php')
| -rw-r--r-- | usr/local/www/system_authservers.php | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index edf2e0a..461328a 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -81,6 +81,7 @@ if ($act == "edit") { $pconfig['ldap_protver'] = $a_server[$id]['ldap_protver']; $pconfig['ldap_scope'] = $a_server[$id]['ldap_scope']; $pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn']; + $pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn']; $pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn']; $pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw']; $pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user']; @@ -135,11 +136,11 @@ if ($_POST) { if ($pconfig['type'] == "ldap") { $reqdfields = explode(" ", "name type ldap_host ldap_port ". "ldap_urltype ldap_protver ldap_scope ldap_basedn ". - "ldap_attr_user ldap_attr_group ldap_attr_member"); + "ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers"); $reqdfieldsn = explode(",", "Descriptive name,Type,Hostname or IP,". "Port value,Transport,Protocol version,Search level,". "Search Base DN,User naming Attribute,". - "Group naming Attribute,Group member attribute"); + "Group naming Attribute,Group member attribute,Authentication container"); if (!$pconfig['ldap_anon']) { $reqdfields[] = "ldap_binddn"; @@ -200,6 +201,7 @@ if ($_POST) { $server['ldap_protver'] = $pconfig['ldap_protver']; $server['ldap_scope'] = $pconfig['ldap_scope']; $server['ldap_basedn'] = $pconfig['ldap_basedn']; + $server['ldap_authcn'] = $pconfig['ldapauthcontainers']; $server['ldap_attr_user'] = $pconfig['ldap_attr_user']; $server['ldap_attr_group'] = $pconfig['ldap_attr_group']; $server['ldap_attr_member'] = $pconfig['ldap_attr_member']; @@ -469,6 +471,24 @@ function radius_srvcschange(){ </td> </tr> <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication containers");?></td> + <td width="78%" class="vtable"> + <table border="0" cellspacing="0" cellpadding="2"> + <tr> + <td>Containers: </td> + <td> + <input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/> + <input type="button" onClick="javascript:if(openwindow('system_usermanager_settings_ldapacpicker.php') == false) alert('Popup blocker detected. Action aborted.');" value="Select"> + <br />NOTE: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path. + <br />EXAMPLE: CN=Users;DC=example + <br />EXAMPLE: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com + </td> + </tr> + </table> + + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Bind credentials");?></td> <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> @@ -658,6 +678,13 @@ function radius_srvcschange(){ <?php include("fend.inc");?> <script type="text/javascript"> <!-- +function openwindow(url) { + var oWin = window.open(url,"pfSensePop","width=620,height=400,top=150,left=150"); + if (oWin==null || typeof(oWin)=="undefined") + return false; + else + return true; +} server_typechange('<?=$pconfig['type'];?>'); <?php if (!isset($id) || $pconfig['type'] == "ldap"): ?> ldap_bindchange(); |
