Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print
Merge pull request #659 from mss/extended-query-example-work
Improve LDAP DN examples
Make the RADIUS settings respect the description of the timeout field. If the timeout value is left blank, use 5 seconds, don't print an error.
Remove call-time pass by reference for do_input_validation, helps ticket #2565
Add LDAP server options to control UTF8-encoding of parameters. Fixes #2227. While I'm here, add a checkbox to prevent the stripping of @ from the LDAP username if the user wants the full name transmitted.
Add a note about the LDAP hostname matching the server cert's CN.
Don't gettext() the example strings.
They must not be translated.
Improve Authentication Containers examples.
Fix LDAP Extended Query example.
The old one was not valid LDAP filter syntax.
Tidy up "system_authservers.php" XHTML
Add CDATA sections to SCRIPT tagsUpdate HTML boolean operatorsClose INPUT tagsMove TFOOT between THEAD and TBODY, this is a "quirk" of HTMLDeprecate the ampersand in ANCHOR tagsAdd missing closing HTML tag
Only apply this test for radius servers.
Add a knob in the GUI to set the RADIUS authentication timeout. Previous default was 3s, new is 5s. When using two-factor auth via external (e.g. phone), this needs to be set much higher, 60-120.
Correct Select button when no ca_ref is defined
Make tables sortable
More shortcuts
Resolves #2018. Add an id to the html object to make javascript work
Don't run ldap_urlchange on page load if there is a custom port, otherwise it appears to ignore a custom LDAP port even when it's correct in the config.
Added web interface capability to make the LDAP search more specific in order to filter for group membership for example.
Ticket #1052. Enforce certificates if they are present for authenticating to ldap. Allow to select a CA under ldap type authentication backend to be used for this.
More text consistency.
Fix XSS issues
Do not require LDAP search base DN. Requiring this can prevent some valid LDAP configurations from properly authenticating. (See GDD-550841).
Use
gettext fixes
Fix deletion of authentication servers. Fixes #600.
fix indent
Implement gettext()
Ticket #389. Correctly make the ldap object picker work and handle various errors.
Make this work as it is supposed.
Do not allow changing the name of the auth server. Resolves #399.
Overhaul the user login system to use the Servers tab as its base.
Fix quite a few problems down the way.
Do not allow same names on different auth servers. While here correct radius default ports.
Add copyrights of myself.
Allow the GUI auth API to be used for doing authentication against authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
Add support for authenticating users against server specified in the system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page.
Add pfSense_BUILDER_BINARIES: and pfSense_MODULE:. Adjust Copyright to include 2009 on files that I have asserted (C) on
Cleanup the tab format of the system user/group/server management pages.The edges were square instead of rounded like most pfSense pages. Alsomake sure tabs and cancel buttons are present in the add privilege andadd certificate pages.
Rework most of the OpenVPN support. The interfaces have been updated tonot use the pkg system and the configuration has been migrated to anopenvpn prefix. The centralized user and certificate manager is now usedto support the openvpn configurations. Most of the files removed in this...
Implement a certificate authority and certificate webui that can be usedto centrally manage this data. There are no consumers at this time. Thisinterface allow for the following ...
Certificate Authority Manager:- List certificates authorities- Import existing certificate authority...
Add an interface to manage external authentication servers. The two typessupported currently are LDAP and Radius.