summaryrefslogtreecommitdiffstats
path: root/usr/local/www/system_usermanager_settings.php
Commit message (Collapse)AuthorAgeFilesLines
* Rework most of the OpenVPN support. The interfaces have been updated toMatthew Grooms2008-08-261-3/+1
| | | | | | | | | | not use the pkg system and the configuration has been migrated to an openvpn prefix. The centralized user and certificate manager is now used to support the openvpn configurations. Most of the files removed in this commit were not being referenced. This commit also splits out the certificate management components into a new system menu item.
* Implement a certificate authority and certificate webui that can be usedMatthew Grooms2008-08-091-0/+2
| | | | | | | | | | | | | | | | | | | | | to centrally manage this data. There are no consumers at this time. This interface allow for the following ... Certificate Authority Manager: - List certificates authorities - Import existing certificate authority - Create internal certificate authority Certificate Manager: - List certificates - Import existing certificate - Create internal certificate using an internal CA - Generate certificate signing request for external CAs - Process certificate signing response from external CAs Certificate revocation is not currently implemented. The user system will also be extended to allow for user specific certificate management in a follow-up commit.
* Add an interface to manage external authentication servers. The two typesMatthew Grooms2008-08-051-0/+1
| | | | supported currently are LDAP and Radius.
* Cleanup authentication code. The basic auth method, the passwd, htpasswdMatthew Grooms2008-08-031-4/+0
| | | | | | | | | | | | | and pam backing functions have been removed. The basic auth method was legacy code and the backing functions were redundant with no added value that I could see. A simplified replacement backing function named local_backed has been added that authenticates to the local configuration info which should be identical to system pwdb credentials. Since the htpassword file is no longer required, sync_webgui_passwords and its wrapper function system_password_configure have been removed. The local account management functions were renamed for consistency. A few minor bugs related to setting local passwords have also been corrected.
* Rewrite the pfsense privilege system with the following goals in mind ...Matthew Grooms2008-08-011-1/+9
| | | | | | | | 1) Redefine page privileges to not use static urls 2) Accurate generation of privilege definitions from source 3) Merging the user and group privileges into a single set 4) Allow any privilege to be added to users or groups w/ inheritance 5) Cleaning up the related WebUI pages
* Remove the statement Only Supports one Container Currently!!!Scott Ullrich2008-02-201-1/+0
|
* Add Edir, etc to the LDAP other description.Scott Ullrich2008-02-191-1/+1
|
* Make select button really a button intead of HTML <a href>Scott Ullrich2008-02-191-1/+1
|
* Make form more user friendly:Scott Ullrich2008-02-191-22/+102
| | | | | | | | | | | | | | | | "Active Directory" hide: LDAP Filter (use default: (samaccountname=$username)) LDAP Naming Attribute (use default: samaccountname) Group Membership Attribute Name (use default: memberOf) "eDirectory" hide: LDAP Filter (use default: (cn=$username)) LDAP Naming Attribute (use default: CN) Group Membership Attribute Name (use default: groupMembership)
* Latest eDir / Active Directory tweaks from Mark Batchelor.Scott Ullrich2008-01-311-244/+277
| | | | Thanks again for him helping us with this project!
* Add back ldap auth caontainer picker.Scott Ullrich2008-01-181-4/+16
|
* * Hide password fieldScott Ullrich2008-01-131-10/+11
| | | | | * Remove session timeout graphic * Allow session timeout to remain blank
* Remove the need to define authetnication containers. Now a user can loginScott Ullrich2007-12-311-15/+0
| | | | | | | anywhere in the LDAP tree and will use the groups to deterimine the access privs. Work sponsored-by: Centipede Networks
* * Return OU=Users which is built-in to active directoryScott Ullrich2007-12-311-1/+1
| | | | | | * Specify that LDAP is Active Directory compatible Work sponsored-by: Centipede Networks
* Adding LDAP Authentication container picker.Scott Ullrich2007-12-311-1/+12
| | | | Work sponsored-by: Centipede Networks
* Add Users containers setting where a ; seperated list of LDAP containersScott Ullrich2007-12-311-0/+14
| | | | | | | | can be specified to authenticate against. Final item will be a graphical browser that can help the operator populate this box if they are feeling lazy or do not understand LDAP completely. Work sponsored-by: Centipede Networks <http://centipedenetworks.com/>
* Make the LDAP settings screen look better.Scott Ullrich2007-12-301-1/+1
| | | | Work sponsored-by: Centipede Networks
* Add LDAP test functions to verify that the LDAP settings are correct.Scott Ullrich2007-12-301-10/+17
| | | | Return the OU's and show to the user after test completion.
* Clarify the notes/examples for each of the ldap options. This should makeScott Ullrich2007-12-291-2/+4
| | | | | | | | | it pretty clear until I finish the fancy LDAP tree viewer control. I should also note that as of this commit the LDAP auth functions are now working beautifully against a Windows 2000 Server Active Directory! Work sponsored-by: Centipede Networks <www.centipedenetworks.com>
* * Allow LDAP users to login to pfSense.Scott Ullrich2007-12-291-11/+11
| | | | | | * Cross reference Active Directory user groups with pfSense groups, apply groups where names match * Clarify some of the settings items and give examples
* * Hide search baseScott Ullrich2007-12-281-4/+10
| | | | | | * Use correct variable name Work sponsored-by: Centipede Networks
* Adding LDAP options:Scott Ullrich2007-12-271-1/+51
| | | | | | | | | * Binding username * Binding password * Filter * Search base Work sponsored-by: Centipede Networks <http://centipedenetworks.com/>
* Adding LDAP settings:Scott Ullrich2007-12-271-10/+43
| | | | | | | * Authentication backend * LDAP Server:port Work sponsored-by: Centipede Networks
* Remove XXX, it is fixed.Scott Ullrich2007-12-021-2/+0
|
* Minor fixesScott Ullrich2007-12-021-0/+3
|
* Unset the session timeout if it is 0 or blank.Scott Ullrich2007-12-011-1/+5
|
* Add more input validation to settings screen. * Do not allow < 1 * Do not ↵Scott Ullrich2007-12-011-3/+10
| | | | allow > 999 * Turn longs into integers
* Switch over to array style page titles. Obtained-from: m0n0wallScott Ullrich2007-11-161-2/+1
|
* fix html alignment and pgtitleScott Dale2007-05-091-1/+2
|
* Backport usermanager code from HEAD so I can get it in the snaps andBill Marquette2007-04-131-0/+111
start testing it properly There's still some CSS/HTML fixes needed but the code seems to work
OpenPOWER on IntegriCloud