/src/usr/local/www/system_authservers.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_authservers.php @ 4a762cf0

1	fbf672cb	Matthew Grooms	<?php
2			/*
3	c5d81585	Renato Botelho	* system_authservers.php
4	ac9d8bed	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	4a762cf0	Steve Beaver	* Copyright (c) 2004-2019 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc
8			* All rights reserved.
9	ac9d8bed	Stephen Beaver	*
10	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
11			* you may not use this file except in compliance with the License.
12			* You may obtain a copy of the License at
13	ac9d8bed	Stephen Beaver	*
14	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
15	ac9d8bed	Stephen Beaver	*
16	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
17			* distributed under the License is distributed on an "AS IS" BASIS,
18			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19			* See the License for the specific language governing permissions and
20			* limitations under the License.
21	ac9d8bed	Stephen Beaver	*/
22	fbf672cb	Matthew Grooms
23			##\|+PRIV
24			##\|*IDENT=page-system-authservers
25			##\|*NAME=System: Authentication Servers
26			##\|*DESCR=Allow access to the 'System: Authentication Servers' page.
27	57188e47	Phil Davis	##\|*WARN=standard-warning-root
28	fbf672cb	Matthew Grooms	##\|MATCH=system_authservers.php
29			##\|-PRIV
30
31	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
32	acee624f	Ermal Lu?i	require_once("auth.inc");
33	b4097bca	doktornotor	require_once("pfsense-utils.inc");
34	fbf672cb	Matthew Grooms
35	098604d3	Stephen Beaver	// Have we been called to populate the "Select a container" modal?
36			if ($_REQUEST['ajax']) {
37
38			$ous = array();
39			$authcfg = array();
40
41			$authcfg['ldap_port'] = $_REQUEST['port'];
42			$authcfg['ldap_basedn'] = $_REQUEST['basedn'];
43			$authcfg['host'] = $_REQUEST['host'];
44			$authcfg['ldap_scope'] = $_REQUEST['scope'];
45			$authcfg['ldap_binddn'] = $_REQUEST['binddn'];
46			$authcfg['ldap_bindpw'] = $_REQUEST['bindpw'];
47			$authcfg['ldap_urltype'] = $_REQUEST['urltype'];
48			$authcfg['ldap_protver'] = $_REQUEST['proto'];
49			$authcfg['ldap_authcn'] = explode(";", $_REQUEST['authcn']);
50			$authcfg['ldap_caref'] = $_REQUEST['cert'];
51
52			$ous = ldap_get_user_ous(true, $authcfg);
53
54			if (empty($ous)) {
55	89140b63	NOYB	print('<span class="text-danger">Could not connect to the LDAP server. Please check the LDAP configuration.</span>');
56	098604d3	Stephen Beaver	} else {
57	697b1e07	Stephen Beaver	$modal = new Modal("Select LDAP containers for authentication", "containers", true);
58	098604d3	Stephen Beaver	$group = new Form_MultiCheckboxGroup('Containers');
59
60			if (is_array($ous)) {
61			$idx = 0;
62
63			foreach ($ous as $ou) {
64			$group->add(new Form_MultiCheckbox(
65			'ou' . $idx,
66			'',
67			$ou,
68			in_array($ou, $authcfg['ldap_authcn']),
69			$ou
70			));
71
72			$idx++;
73			}
74			}
75
76	697b1e07	Stephen Beaver	$modal->add($group);
77	098604d3	Stephen Beaver
78			// Create a "Save button"
79	697b1e07	Stephen Beaver
80			$btnsv = new Form_Button(
81	098604d3	Stephen Beaver	'svcontbtn',
82			'Save',
83			null,
84			'fa-save'
85			);
86
87	697b1e07	Stephen Beaver	$btnsv->removeClass("btn-default)")->addClass("btn-primary");
88	098604d3	Stephen Beaver
89	697b1e07	Stephen Beaver	$modal->addInput(new Form_StaticText(
90	098604d3	Stephen Beaver	'',
91	697b1e07	Stephen Beaver	$btnsv
92	098604d3	Stephen Beaver	));
93
94	697b1e07	Stephen Beaver	print($modal);
95	098604d3	Stephen Beaver	}
96
97			exit;
98			}
99
100	4611e283	Steve Beaver	$id = $_REQUEST['id'];
101	fbf672cb	Matthew Grooms
102	2ee8dea1	Phil Davis	if (!is_array($config['system']['authserver'])) {
103	fbf672cb	Matthew Grooms	$config['system']['authserver'] = array();
104	2ee8dea1	Phil Davis	}
105	fbf672cb	Matthew Grooms
106	4e4cac0d	jim-p	$a_server = array_values(auth_get_authserver_list());
107	59d06739	Steve Beaver
108	ea0dd417	jim-p	init_config_arr(array('ca'));
109			$a_ca = &$config['ca'];
110	fe2031ab	Ermal
111	4611e283	Steve Beaver	$act = $_REQUEST['act'];
112	fbf672cb	Matthew Grooms
113	4611e283	Steve Beaver	if ($_POST['act'] == "del") {
114	fbf672cb	Matthew Grooms
115	59d06739	Steve Beaver	if (!$a_server[$_POST['id']]) {
116	fbf672cb	Matthew Grooms	pfSenseHeader("system_authservers.php");
117			exit;
118			}
119
120	9db6993f	jim-p	/* Remove server from main list. */
121	59d06739	Steve Beaver	$serverdeleted = $a_server[$_POST['id']]['name'];
122	9db6993f	jim-p	foreach ($config['system']['authserver'] as $k => $as) {
123	2ee8dea1	Phil Davis	if ($config['system']['authserver'][$k]['name'] == $serverdeleted) {
124	9db6993f	jim-p	unset($config['system']['authserver'][$k]);
125	2ee8dea1	Phil Davis	}
126	9db6993f	jim-p	}
127
128			/* Remove server from temp list used later on this page. */
129	59d06739	Steve Beaver	unset($a_server[$_POST['id']]);
130	4e4cac0d	jim-p	$a_server = array_values($a_server);
131	9db6993f	jim-p
132	8545adde	k-paulius	$savemsg = sprintf(gettext("Authentication Server %s deleted."), htmlspecialchars($serverdeleted));
133	9db6993f	jim-p	write_config($savemsg);
134	fbf672cb	Matthew Grooms	}
135
136			if ($act == "edit") {
137			if (isset($id) && $a_server[$id]) {
138
139			$pconfig['type'] = $a_server[$id]['type'];
140			$pconfig['name'] = $a_server[$id]['name'];
141
142			if ($pconfig['type'] == "ldap") {
143	fe2031ab	Ermal	$pconfig['ldap_caref'] = $a_server[$id]['ldap_caref'];
144	fbf672cb	Matthew Grooms	$pconfig['ldap_host'] = $a_server[$id]['host'];
145			$pconfig['ldap_port'] = $a_server[$id]['ldap_port'];
146	d6b4dfe3	jim-p	$pconfig['ldap_timeout'] = $a_server[$id]['ldap_timeout'];
147	fbf672cb	Matthew Grooms	$pconfig['ldap_urltype'] = $a_server[$id]['ldap_urltype'];
148			$pconfig['ldap_protver'] = $a_server[$id]['ldap_protver'];
149			$pconfig['ldap_scope'] = $a_server[$id]['ldap_scope'];
150			$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
151	c61e4626	Ermal Lu?i	$pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn'];
152	c7073ebf	namezero111111	$pconfig['ldap_extended_enabled'] = $a_server[$id]['ldap_extended_enabled'];
153			$pconfig['ldap_extended_query'] = $a_server[$id]['ldap_extended_query'];
154	fbf672cb	Matthew Grooms	$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
155			$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
156			$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
157			$pconfig['ldap_attr_group'] = $a_server[$id]['ldap_attr_group'];
158			$pconfig['ldap_attr_member'] = $a_server[$id]['ldap_attr_member'];
159	149efbea	jim-p	$pconfig['ldap_attr_groupobj'] = $a_server[$id]['ldap_attr_groupobj'];
160	a5cd1c5a	jim-p	$pconfig['ldap_utf8'] = isset($a_server[$id]['ldap_utf8']);
161			$pconfig['ldap_nostrip_at'] = isset($a_server[$id]['ldap_nostrip_at']);
162	149efbea	jim-p	$pconfig['ldap_rfc2307'] = isset($a_server[$id]['ldap_rfc2307']);
163	fbf672cb	Matthew Grooms
164	2ee8dea1	Phil Davis	if (!$pconfig['ldap_binddn'] \|\| !$pconfig['ldap_bindpw']) {
165	fbf672cb	Matthew Grooms	$pconfig['ldap_anon'] = true;
166	2ee8dea1	Phil Davis	}
167	fbf672cb	Matthew Grooms	}
168
169			if ($pconfig['type'] == "radius") {
170	9da4a575	Renato Botelho	$pconfig['radius_protocol'] = $a_server[$id]['radius_protocol'];
171	fbf672cb	Matthew Grooms	$pconfig['radius_host'] = $a_server[$id]['host'];
172	f15fdef3	Augustin FL	$pconfig['radius_nasip_attribute'] = $a_server[$id]['radius_nasip_attribute'];
173	fbf672cb	Matthew Grooms	$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
174			$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
175	e8a58de4	Ermal Lu?i	$pconfig['radius_secret'] = $a_server[$id]['radius_secret'];
176	bddd2be8	jim-p	$pconfig['radius_timeout'] = $a_server[$id]['radius_timeout'];
177	fbf672cb	Matthew Grooms
178			if ($pconfig['radius_auth_port'] &&
179	ac9d8bed	Stephen Beaver	$pconfig['radius_acct_port']) {
180	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "both";
181			}
182
183	2ee8dea1	Phil Davis	if ($pconfig['radius_auth_port'] &&
184	ac9d8bed	Stephen Beaver	!$pconfig['radius_acct_port']) {
185	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "auth";
186	acee624f	Ermal Lu?i	$pconfig['radius_acct_port'] = 1813;
187	fbf672cb	Matthew Grooms	}
188
189			if (!$pconfig['radius_auth_port'] &&
190	ac9d8bed	Stephen Beaver	$pconfig['radius_acct_port']) {
191	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "acct";
192	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = 1812;
193	fbf672cb	Matthew Grooms	}
194
195			}
196			}
197			}
198
199			if ($act == "new") {
200			$pconfig['ldap_protver'] = 3;
201			$pconfig['ldap_anon'] = true;
202	9da4a575	Renato Botelho	$pconfig['radius_protocol'] = "MSCHAPv2";
203	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "both";
204	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = "1812";
205			$pconfig['radius_acct_port'] = "1813";
206	fbf672cb	Matthew Grooms	}
207
208	59d06739	Steve Beaver	if ($_POST['save']) {
209	fbf672cb	Matthew Grooms	unset($input_errors);
210			$pconfig = $_POST;
211
212			/* input validation */
213
214			if ($pconfig['type'] == "ldap") {
215	2ee8dea1	Phil Davis	$reqdfields = explode(" ",
216			"name type ldap_host ldap_port " .
217			"ldap_urltype ldap_protver ldap_scope " .
218			"ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers");
219	7b4b0ad3	Stephen Beaver
220	257705ca	Renato Botelho	$reqdfieldsn = array(
221			gettext("Descriptive name"),
222			gettext("Type"),
223			gettext("Hostname or IP"),
224			gettext("Port value"),
225			gettext("Transport"),
226			gettext("Protocol version"),
227			gettext("Search level"),
228			gettext("User naming Attribute"),
229			gettext("Group naming Attribute"),
230			gettext("Group member attribute"),
231			gettext("Authentication container"));
232	fbf672cb	Matthew Grooms
233			if (!$pconfig['ldap_anon']) {
234			$reqdfields[] = "ldap_binddn";
235			$reqdfields[] = "ldap_bindpw";
236	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Bind user DN");
237			$reqdfieldsn[] = gettext("Bind Password");
238	fbf672cb	Matthew Grooms	}
239			}
240
241			if ($pconfig['type'] == "radius") {
242	9da4a575	Renato Botelho	$reqdfields = explode(" ", "name type radius_protocol radius_host radius_srvcs");
243	257705ca	Renato Botelho	$reqdfieldsn = array(
244			gettext("Descriptive name"),
245			gettext("Type"),
246	9da4a575	Renato Botelho	gettext("Radius Protocol"),
247	257705ca	Renato Botelho	gettext("Hostname or IP"),
248			gettext("Services"));
249	fbf672cb	Matthew Grooms
250	0a6ab475	hamnur	if ($pconfig['radius_srvcs'] == "both" \|\|
251			$pconfig['radius_srvcs'] == "auth") {
252	fbf672cb	Matthew Grooms	$reqdfields[] = "radius_auth_port";
253	81ec3187	Chris Buechler	$reqdfieldsn[] = gettext("Authentication port");
254	fbf672cb	Matthew Grooms	}
255
256	0a6ab475	hamnur	if ($pconfig['radius_srvcs'] == "both" \|\|
257			$pconfig['radius_srvcs'] == "acct") {
258	fbf672cb	Matthew Grooms	$reqdfields[] = "radius_acct_port";
259	81ec3187	Chris Buechler	$reqdfieldsn[] = gettext("Accounting port");
260	fbf672cb	Matthew Grooms	}
261
262			if (!isset($id)) {
263			$reqdfields[] = "radius_secret";
264	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Shared Secret");
265	fbf672cb	Matthew Grooms	}
266			}
267
268	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
269	fbf672cb	Matthew Grooms
270	2ee8dea1	Phil Davis	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host'])) {
271	fbf672cb	Matthew Grooms	$input_errors[] = gettext("The host name contains invalid characters.");
272	2ee8dea1	Phil Davis	}
273	fbf672cb	Matthew Grooms
274	2ee8dea1	Phil Davis	if (auth_get_authserver($pconfig['name']) && !isset($id)) {
275	257705ca	Renato Botelho	$input_errors[] = gettext("An authentication server with the same name already exists.");
276	2ee8dea1	Phil Davis	}
277	acee624f	Ermal Lu?i
278	d6b4dfe3	jim-p	if (($pconfig['type'] == "ldap") \|\| ($pconfig['type'] == "radius")) {
279			$to_field = "{$pconfig['type']}_timeout";
280			if (isset($_POST[$to_field]) && !empty($_POST[$to_field]) && (!is_numeric($_POST[$to_field]) \|\| (is_numeric($_POST[$to_field]) && ($_POST[$to_field] <= 0)))) {
281			$input_errors[] = sprintf(gettext("%s Timeout value must be numeric and positive."), strtoupper($pconfig['type']));
282			}
283	2ee8dea1	Phil Davis	}
284	bddd2be8	jim-p
285	c4a6015b	doktornotor	// https://redmine.pfsense.org/issues/4154
286	a6b610cb	doktornotor	if ($pconfig['type'] == "radius") {
287	c4a6015b	doktornotor	if (is_ipaddrv6($_POST['radius_host'])) {
288			$input_errors[] = gettext("IPv6 does not work for RADIUS authentication, see Bug #4154.");
289			}
290			}
291
292	fbf672cb	Matthew Grooms	if (!$input_errors) {
293			$server = array();
294			$server['refid'] = uniqid();
295	2ee8dea1	Phil Davis	if (isset($id) && $a_server[$id]) {
296	fbf672cb	Matthew Grooms	$server = $a_server[$id];
297	2ee8dea1	Phil Davis	}
298	fbf672cb	Matthew Grooms
299			$server['type'] = $pconfig['type'];
300			$server['name'] = $pconfig['name'];
301
302			if ($server['type'] == "ldap") {
303
304	2ee8dea1	Phil Davis	if (!empty($pconfig['ldap_caref'])) {
305	fe2031ab	Ermal	$server['ldap_caref'] = $pconfig['ldap_caref'];
306	2ee8dea1	Phil Davis	}
307	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['ldap_host'];
308			$server['ldap_port'] = $pconfig['ldap_port'];
309			$server['ldap_urltype'] = $pconfig['ldap_urltype'];
310			$server['ldap_protver'] = $pconfig['ldap_protver'];
311			$server['ldap_scope'] = $pconfig['ldap_scope'];
312			$server['ldap_basedn'] = $pconfig['ldap_basedn'];
313	c61e4626	Ermal Lu?i	$server['ldap_authcn'] = $pconfig['ldapauthcontainers'];
314	c7073ebf	namezero111111	$server['ldap_extended_enabled'] = $pconfig['ldap_extended_enabled'];
315			$server['ldap_extended_query'] = $pconfig['ldap_extended_query'];
316	fbf672cb	Matthew Grooms	$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
317			$server['ldap_attr_group'] = $pconfig['ldap_attr_group'];
318			$server['ldap_attr_member'] = $pconfig['ldap_attr_member'];
319	149efbea	jim-p
320			$server['ldap_attr_groupobj'] = empty($pconfig['ldap_attr_groupobj']) ? "posixGroup" : $pconfig['ldap_attr_groupobj'];
321
322	2ee8dea1	Phil Davis	if ($pconfig['ldap_utf8'] == "yes") {
323	a5cd1c5a	jim-p	$server['ldap_utf8'] = true;
324	2ee8dea1	Phil Davis	} else {
325	a5cd1c5a	jim-p	unset($server['ldap_utf8']);
326	2ee8dea1	Phil Davis	}
327			if ($pconfig['ldap_nostrip_at'] == "yes") {
328	a5cd1c5a	jim-p	$server['ldap_nostrip_at'] = true;
329	2ee8dea1	Phil Davis	} else {
330	a5cd1c5a	jim-p	unset($server['ldap_nostrip_at']);
331	2ee8dea1	Phil Davis	}
332	149efbea	jim-p	if ($pconfig['ldap_rfc2307'] == "yes") {
333			$server['ldap_rfc2307'] = true;
334			} else {
335			unset($server['ldap_rfc2307']);
336			}
337	a5cd1c5a	jim-p
338	fbf672cb	Matthew Grooms
339			if (!$pconfig['ldap_anon']) {
340			$server['ldap_binddn'] = $pconfig['ldap_binddn'];
341			$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
342			} else {
343			unset($server['ldap_binddn']);
344			unset($server['ldap_bindpw']);
345			}
346	d6b4dfe3	jim-p
347			if ($pconfig['ldap_timeout']) {
348			$server['ldap_timeout'] = $pconfig['ldap_timeout'];
349			} else {
350			$server['ldap_timeout'] = 25;
351			}
352	fbf672cb	Matthew Grooms	}
353
354			if ($server['type'] == "radius") {
355
356	9da4a575	Renato Botelho	$server['radius_protocol'] = $pconfig['radius_protocol'];
357	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['radius_host'];
358	f15fdef3	Augustin FL	$server['radius_nasip_attribute'] = $pconfig['radius_nasip_attribute'];
359	fbf672cb	Matthew Grooms
360	2ee8dea1	Phil Davis	if ($pconfig['radius_secret']) {
361	fbf672cb	Matthew Grooms	$server['radius_secret'] = $pconfig['radius_secret'];
362	2ee8dea1	Phil Davis	}
363	fbf672cb	Matthew Grooms
364	2ee8dea1	Phil Davis	if ($pconfig['radius_timeout']) {
365	bddd2be8	jim-p	$server['radius_timeout'] = $pconfig['radius_timeout'];
366	2ee8dea1	Phil Davis	} else {
367	afdf29d3	jim-p	$server['radius_timeout'] = 5;
368	2ee8dea1	Phil Davis	}
369	bddd2be8	jim-p
370	fbf672cb	Matthew Grooms	if ($pconfig['radius_srvcs'] == "both") {
371			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
372			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
373			}
374
375			if ($pconfig['radius_srvcs'] == "auth") {
376			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
377			unset($server['radius_acct_port']);
378			}
379
380			if ($pconfig['radius_srvcs'] == "acct") {
381			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
382			unset($server['radius_auth_port']);
383			}
384			}
385
386	2ee8dea1	Phil Davis	if (isset($id) && $config['system']['authserver'][$id]) {
387	6306b5dd	Ermal Lu?i	$config['system']['authserver'][$id] = $server;
388	2ee8dea1	Phil Davis	} else {
389	6306b5dd	Ermal Lu?i	$config['system']['authserver'][] = $server;
390	2ee8dea1	Phil Davis	}
391	fbf672cb	Matthew Grooms
392			write_config();
393
394			pfSenseHeader("system_authservers.php");
395			}
396			}
397
398	f15fdef3	Augustin FL	function build_radiusnas_list() {
399			global $config;
400			$list = array();
401
402			$iflist = get_configured_interface_with_descr();
403			foreach ($iflist as $ifdesc => $ifdescr) {
404			$ipaddr = get_interface_ip($ifdesc);
405			if (is_ipaddr($ipaddr)) {
406			$list[$ifdesc] = $ifdescr . ' - ' . $ipaddr;
407			}
408			}
409
410			if (is_array($config['virtualip']['vip'])) {
411			foreach ($config['virtualip']['vip'] as $sn) {
412			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
413			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
414			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
415			$len = $end - $start;
416
417			for ($i = 0; $i <= $len; $i++) {
418			$snip = long2ip32($start+$i);
419			$list[$snip] = $sn['descr'] . ' - ' . $snip;
420			}
421			} else {
422			$list[$sn['subnet']] = $sn['descr'] . ' - ' . $sn['subnet'];
423			}
424			}
425			}
426
427			return($list);
428			}
429
430	1d3259b5	Stephen Beaver	// On error, restore the form contents so the user doesn't have to re-enter too much
431	9d3e8723	Phil Davis	if ($_POST && $input_errors) {
432	504bd882	Stephen Beaver	$pconfig = $_POST;
433			$pconfig['ldap_authcn'] = $_POST['ldapauthcontainers'];
434	b1f0f7e1	Stephen Beaver	$pconfig['ldap_template'] = $_POST['ldap_tmpltype'];
435	504bd882	Stephen Beaver	}
436
437	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Authentication Servers"));
438	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_authservers.php");
439	8f1ab2a4	k-paulius
440			if ($act == "new" \|\| $act == "edit" \|\| $input_errors) {
441			$pgtitle[] = gettext('Edit');
442	edcd7535	Phil Davis	$pglinks[] = "@self";
443	8f1ab2a4	k-paulius	}
444			$shortcut_section = "authentication";
445	fbf672cb	Matthew Grooms	include("head.inc");
446
447	762faef5	Phil Davis	if ($input_errors) {
448	a0165602	Sjon Hortensius	print_input_errors($input_errors);
449	762faef5	Phil Davis	}
450	7b4b0ad3	Stephen Beaver
451	762faef5	Phil Davis	if ($savemsg) {
452	ea342b0f	Stephen Beaver	print_info_box($savemsg, 'success');
453	762faef5	Phil Davis	}
454	a0165602	Sjon Hortensius
455			$tab_array = array();
456			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
457			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
458			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
459	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), true, "system_authservers.php");
460	a0165602	Sjon Hortensius	display_top_tabs($tab_array);
461
462	762faef5	Phil Davis	if (!($act == "new" \|\| $act == "edit" \|\| $input_errors)) {
463	060ed238	Stephen Beaver	?>
464			<div class="panel panel-default">
465	70dc5cd6	Phil Davis	<div class="panel-heading"><h2 class="panel-title"><?=gettext('Authentication Servers')?></h2></div>
466	060ed238	Stephen Beaver	<div class="panel-body">
467			<div class="table-responsive">
468	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
469	060ed238	Stephen Beaver	<thead>
470			<tr>
471			<th><?=gettext("Server Name")?></th>
472			<th><?=gettext("Type")?></th>
473			<th><?=gettext("Host Name")?></th>
474			<th><?=gettext("Actions")?></th>
475			</tr>
476			</thead>
477			<tbody>
478	9d3e8723	Phil Davis	<?php foreach ($a_server as $i => $server): ?>
479	060ed238	Stephen Beaver	<tr>
480			<td><?=htmlspecialchars($server['name'])?></td>
481			<td><?=htmlspecialchars($auth_server_types[$server['type']])?></td>
482			<td><?=htmlspecialchars($server['host'])?></td>
483			<td>
484			<?php if ($i < (count($a_server) - 1)): ?>
485	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit server"); ?>" href="system_authservers.php?act=edit&id=<?=$i?>"></a>
486	59d06739	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete server")?>" href="system_authservers.php?act=del&id=<?=$i?>" usepost></a>
487	060ed238	Stephen Beaver	<?php endif?>
488			</td>
489			</tr>
490			<?php endforeach; ?>
491			</tbody>
492			</table>
493			</div>
494	94404d94	Sander van Leeuwen	</div>
495	060ed238	Stephen Beaver	</div>
496
497			<nav class="action-buttons">
498	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
499	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
500			<?=gettext("Add")?>
501			</a>
502			</nav>
503	fbf672cb	Matthew Grooms	<?php
504	a0165602	Sjon Hortensius	include("foot.inc");
505			exit;
506	fbf672cb	Matthew Grooms	}
507
508	a0165602	Sjon Hortensius	$form = new Form;
509			$form->setAction('system_authservers.php?act=edit');
510	ea342b0f	Stephen Beaver
511	a0165602	Sjon Hortensius	$form->addGlobal(new Form_Input(
512			'userid',
513			null,
514			'hidden',
515			$id
516			));
517
518	5f88f964	k-paulius	$section = new Form_Section('Server Settings');
519	a0165602	Sjon Hortensius
520			$section->addInput($input = new Form_Input(
521			'name',
522	153c3aa6	Phil Davis	'*Descriptive name',
523	a0165602	Sjon Hortensius	'text',
524			$pconfig['name']
525			));
526
527			$section->addInput($input = new Form_Select(
528			'type',
529	153c3aa6	Phil Davis	'*Type',
530	a0165602	Sjon Hortensius	$pconfig['type'],
531			$auth_server_types
532	44d906ca	Sjon Hortensius	))->toggles();
533	a0165602	Sjon Hortensius
534			$form->add($section);
535	6157f724	Stephen Beaver
536			// ==== LDAP settings =========================================================
537	a0165602	Sjon Hortensius	$section = new Form_Section('LDAP Server Settings');
538	44d906ca	Sjon Hortensius	$section->addClass('toggle-ldap collapse');
539	a0165602	Sjon Hortensius
540			if (!isset($pconfig['type']) \|\| $pconfig['type'] == 'ldap')
541			$section->addClass('in');
542
543			$section->addInput(new Form_Input(
544			'ldap_host',
545	153c3aa6	Phil Davis	'*Hostname or IP address',
546	a0165602	Sjon Hortensius	'text',
547			$pconfig['ldap_host']
548	d672403c	derelict-pf	))->setHelp('NOTE: When using SSL or STARTTLS, this hostname MUST match the Common Name '.
549	5585e65d	Chris Buechler	'(CN) of the LDAP server\'s SSL Certificate.');
550	a0165602	Sjon Hortensius
551			$section->addInput(new Form_Input(
552			'ldap_port',
553	153c3aa6	Phil Davis	'*Port value',
554	a0165602	Sjon Hortensius	'number',
555			$pconfig['ldap_port']
556			));
557
558			$section->addInput(new Form_Select(
559			'ldap_urltype',
560	153c3aa6	Phil Davis	'*Transport',
561	a0165602	Sjon Hortensius	$pconfig['ldap_urltype'],
562			array_combine(array_keys($ldap_urltypes), array_keys($ldap_urltypes))
563			));
564
565			if (empty($a_ca))
566			{
567			$section->addInput(new Form_StaticText(
568			'Peer Certificate Authority',
569	d4a744b2	k-paulius	'No Certificate Authorities defined.<br/>Create one under <a href="system_camanager.php">System > Cert. Manager</a>.'
570	a0165602	Sjon Hortensius	));
571	fbf672cb	Matthew Grooms	}
572	a0165602	Sjon Hortensius	else
573			{
574	87c67243	jim-p	$ldapCaRef = array( 'global' => 'Global Root CA List' );
575	a0165602	Sjon Hortensius	foreach ($a_ca as $ca)
576			$ldapCaRef[ $ca['refid'] ] = $ca['descr'];
577
578			$section->addInput(new Form_Select(
579			'ldap_caref',
580			'Peer Certificate Authority',
581			$pconfig['ldap_caref'],
582			$ldapCaRef
583	d672403c	derelict-pf	))->setHelp('This option is used if \'SSL Encrypted\' '.
584			'or \'TCP - STARTTLS\' options are chosen. '.
585	a0165602	Sjon Hortensius	'It must match with the CA in the AD otherwise problems will arise.');
586	fbf672cb	Matthew Grooms	}
587
588	a0165602	Sjon Hortensius	$section->addInput(new Form_Select(
589			'ldap_protver',
590	153c3aa6	Phil Davis	'*Protocol version',
591	a0165602	Sjon Hortensius	$pconfig['ldap_protver'],
592			array_combine($ldap_protvers, $ldap_protvers)
593			));
594
595	d6b4dfe3	jim-p	$section->addInput(new Form_Input(
596			'ldap_timeout',
597			'Server Timeout',
598			'number',
599			$pconfig['ldap_timeout'],
600			['placeholder' => 25]
601			))->setHelp('Timeout for LDAP operations (seconds)');
602
603	905f6119	Stephen Beaver	$group = new Form_Group('Search scope');
604
605	c84db5bb	Stephen Beaver	$SSF = new Form_Select(
606	a0165602	Sjon Hortensius	'ldap_scope',
607	153c3aa6	Phil Davis	'*Level',
608	a0165602	Sjon Hortensius	$pconfig['ldap_scope'],
609			$ldap_scopes
610	c84db5bb	Stephen Beaver	);
611	df8fca9d	Stephen Beaver
612	c84db5bb	Stephen Beaver	$SSB = new Form_Input(
613	a0165602	Sjon Hortensius	'ldap_basedn',
614			'Base DN',
615			'text',
616			$pconfig['ldap_basedn']
617	c84db5bb	Stephen Beaver	);
618	905f6119	Stephen Beaver
619	c84db5bb	Stephen Beaver
620			$section->addInput(new Form_StaticText(
621			'Search scope',
622			'Level ' . $SSF . '<br />' . 'Base DN' . $SSB
623			));
624	a0165602	Sjon Hortensius
625	5520839e	Phil Davis	$group = new Form_Group('*Authentication containers');
626	a0165602	Sjon Hortensius	$group->add(new Form_Input(
627			'ldapauthcontainers',
628	5520839e	Phil Davis	'Containers',
629	a0165602	Sjon Hortensius	'text',
630			$pconfig['ldap_authcn']
631			))->setHelp('Note: Semi-Colon separated. This will be prepended to the search '.
632	89140b63	NOYB	'base dn above or the full container path can be specified containing a dc= '.
633	781d9ce4	Phil Davis	'component.%1$sExample: CN=Users;DC=example,DC=com or OU=Staff;OU=Freelancers', '<br/>');
634	504bd882	Stephen Beaver
635	a0165602	Sjon Hortensius	$group->add(new Form_Button(
636			'Select',
637	faab522f	Renato Botelho	'Select a container',
638	2e7fa7ca	jim-p	null,
639			'fa-search'
640	347c0214	Phil Davis	))->setAttribute('type','button')->addClass('btn-info');
641	501efbd2	Stephen Beaver
642	a0165602	Sjon Hortensius	$section->add($group);
643
644	2e101d89	Sander van Leeuwen	$section->addInput(new Form_Checkbox(
645	a0165602	Sjon Hortensius	'ldap_extended_enabled',
646	2e101d89	Sander van Leeuwen	'Extended query',
647			'Enable extended query',
648	a0165602	Sjon Hortensius	$pconfig['ldap_extended_enabled']
649	e39a41e9	Stephen Beaver	));
650	a0165602	Sjon Hortensius
651	2e101d89	Sander van Leeuwen	$group = new Form_Group('Query');
652	e39a41e9	Stephen Beaver	$group->addClass('extended');
653
654	a0165602	Sjon Hortensius	$group->add(new Form_Input(
655			'ldap_extended_query',
656	2e101d89	Sander van Leeuwen	'Query',
657	a0165602	Sjon Hortensius	'text',
658			$pconfig['ldap_extended_query']
659	603be247	AdamD	))->setHelp('Example: memberOf=CN=Groupname,OU=MyGroups,DC=example,DC=com');
660	2e101d89	Sander van Leeuwen
661	a0165602	Sjon Hortensius	$section->add($group);
662
663			$section->addInput(new Form_Checkbox(
664			'ldap_anon',
665			'Bind anonymous',
666			'Use anonymous binds to resolve distinguished names',
667			$pconfig['ldap_anon']
668	b0909f2e	Stephen Beaver	));
669	a0165602	Sjon Hortensius
670	153c3aa6	Phil Davis	$group = new Form_Group('*Bind credentials');
671	b0909f2e	Stephen Beaver	$group->addClass('ldapanon');
672
673	a0165602	Sjon Hortensius	$group->add(new Form_Input(
674			'ldap_binddn',
675			'User DN:',
676			'text',
677			$pconfig['ldap_binddn']
678			));
679	b0909f2e	Stephen Beaver
680	a0165602	Sjon Hortensius	$group->add(new Form_Input(
681			'ldap_bindpw',
682			'Password',
683	1c1f08f9	Stephen Beaver	'password',
684	a0165602	Sjon Hortensius	$pconfig['ldap_bindpw']
685			));
686			$section->add($group);
687
688	ac9d8bed	Stephen Beaver	if (!isset($id)) {
689			$template_list = array();
690
691	9d3e8723	Phil Davis	foreach ($ldap_templates as $option => $template) {
692	ac9d8bed	Stephen Beaver	$template_list[$option] = $template['desc'];
693			}
694	a0165602	Sjon Hortensius
695			$section->addInput(new Form_Select(
696			'ldap_tmpltype',
697			'Initial Template',
698			$pconfig['ldap_template'],
699	ac9d8bed	Stephen Beaver	$template_list
700	a0165602	Sjon Hortensius	));
701	fbf672cb	Matthew Grooms	}
702
703	a0165602	Sjon Hortensius	$section->addInput(new Form_Input(
704			'ldap_attr_user',
705	153c3aa6	Phil Davis	'*User naming attribute',
706	a0165602	Sjon Hortensius	'text',
707			$pconfig['ldap_attr_user']
708			));
709
710			$section->addInput(new Form_Input(
711			'ldap_attr_group',
712	153c3aa6	Phil Davis	'*Group naming attribute',
713	a0165602	Sjon Hortensius	'text',
714			$pconfig['ldap_attr_group']
715			));
716
717			$section->addInput(new Form_Input(
718			'ldap_attr_member',
719	153c3aa6	Phil Davis	'*Group member attribute',
720	a0165602	Sjon Hortensius	'text',
721			$pconfig['ldap_attr_member']
722			));
723
724	149efbea	jim-p	$section->addInput(new Form_Checkbox(
725			'ldap_rfc2307',
726			'RFC 2307 Groups',
727			'LDAP Server uses RFC 2307 style group membership',
728			$pconfig['ldap_rfc2307']
729			))->setHelp('RFC 2307 style group membership has members listed on the group '.
730			'object rather than using groups listed on user object. Leave unchecked '.
731			'for Active Directory style group membership (RFC 2307bis).');
732
733			$section->addInput(new Form_Input(
734			'ldap_attr_groupobj',
735			'Group Object Class',
736			'text',
737			$pconfig['ldap_attr_groupobj'],
738			['placeholder' => 'posixGroup']
739			))->setHelp('Object class used for groups in RFC2307 mode. '.
740			'Typically "posixGroup" or "group".');
741
742	a0165602	Sjon Hortensius	$section->addInput(new Form_Checkbox(
743			'ldap_utf8',
744			'UTF8 Encode',
745			'UTF8 encode LDAP parameters before sending them to the server.',
746			$pconfig['ldap_utf8']
747			))->setHelp('Required to support international characters, but may not be '.
748			'supported by every LDAP server.');
749
750			$section->addInput(new Form_Checkbox(
751			'ldap_nostrip_at',
752			'Username Alterations',
753			'Do not strip away parts of the username after the @ symbol',
754			$pconfig['ldap_nostrip_at']
755			))->setHelp('e.g. user@host becomes user when unchecked.');
756
757			$form->add($section);
758	6157f724	Stephen Beaver
759			// ==== RADIUS section ========================================================
760	7aaf60a8	k-paulius	$section = new Form_Section('RADIUS Server Settings');
761	44d906ca	Sjon Hortensius	$section->addClass('toggle-radius collapse');
762	a0165602	Sjon Hortensius
763	9da4a575	Renato Botelho	$section->addInput(new Form_Select(
764			'radius_protocol',
765	153c3aa6	Phil Davis	'*Protocol',
766	9da4a575	Renato Botelho	$pconfig['radius_protocol'],
767			$radius_protocol
768			));
769
770	a0165602	Sjon Hortensius	$section->addInput(new Form_Input(
771			'radius_host',
772	153c3aa6	Phil Davis	'*Hostname or IP address',
773	a0165602	Sjon Hortensius	'text',
774			$pconfig['radius_host']
775			));
776
777			$section->addInput(new Form_Input(
778			'radius_secret',
779	153c3aa6	Phil Davis	'*Shared Secret',
780	406a904b	jim-p	'password',
781	a0165602	Sjon Hortensius	$pconfig['radius_secret']
782			));
783
784			$section->addInput(new Form_Select(
785			'radius_srvcs',
786	153c3aa6	Phil Davis	'*Services offered',
787	a0165602	Sjon Hortensius	$pconfig['radius_srvcs'],
788			$radius_srvcs
789			));
790
791			$section->addInput(new Form_Input(
792			'radius_auth_port',
793	81ec3187	Chris Buechler	'Authentication port',
794	a0165602	Sjon Hortensius	'number',
795	df5d8616	Stephen Beaver	$pconfig['radius_auth_port']
796	a0165602	Sjon Hortensius	));
797
798			$section->addInput(new Form_Input(
799			'radius_acct_port',
800	df5d8616	Stephen Beaver	'Accounting port',
801	a0165602	Sjon Hortensius	'number',
802			$pconfig['radius_acct_port']
803			));
804
805			$section->addInput(new Form_Input(
806			'radius_timeout',
807			'Authentication Timeout',
808			'number',
809			$pconfig['radius_timeout']
810			))->setHelp('This value controls how long, in seconds, that the RADIUS '.
811			'server may take to respond to an authentication request. If left blank, the '.
812	89140b63	NOYB	'default value is 5 seconds. NOTE: If using an interactive two-factor '.
813	a0165602	Sjon Hortensius	'authentication system, increase this timeout to account for how long it will '.
814			'take the user to receive and enter a token.');
815
816	f15fdef3	Augustin FL	$section->addInput(new Form_Select(
817			'radius_nasip_attribute',
818			'RADIUS NAS IP Attribute',
819			$pconfig['radius_nasip_attribute'],
820			build_radiusnas_list()
821			))->setHelp('Enter the IP to use for the "NAS-IP-Address" attribute during RADIUS Acccess-Requests.<br />'.
822			'Please note that this choice won\'t change the interface used for contacting the RADIUS server.');
823
824	a0165602	Sjon Hortensius	if (isset($id) && $a_server[$id])
825			{
826			$section->addInput(new Form_Input(
827			'id',
828			null,
829			'hidden',
830			$id
831			));
832	6306b5dd	Ermal Lu?i	}
833	a0165602	Sjon Hortensius
834			$form->add($section);
835	098604d3	Stephen Beaver
836			// Create a largely empty modal to show the available containers. We will populate it via AJAX later
837			$modal = new Modal("LDAP containers", "containers", true);
838
839			$form->add($modal);
840
841	a0165602	Sjon Hortensius	print $form;
842	ac9d8bed	Stephen Beaver	?>
843	8fd9052f	Colin Fleming	<script type="text/javascript">
844	ac9d8bed	Stephen Beaver	//<![CDATA[
845	098604d3	Stephen Beaver	events.push(function() {
846
847			// Create an AJAX request (to this page) to get the container list and controls
848	501efbd2	Stephen Beaver	function select_clicked() {
849			if (document.getElementById("ldap_port").value == '' \|\|
850	7b4b0ad3	Stephen Beaver	document.getElementById("ldap_host").value == '' \|\|
851			document.getElementById("ldap_scope").value == '' \|\|
852			document.getElementById("ldap_basedn").value == '' \|\|
853			document.getElementById("ldapauthcontainers").value == '') {
854	501efbd2	Stephen Beaver	alert("<?=gettext("Please fill the required values.");?>");
855			return;
856			}
857	7b4b0ad3	Stephen Beaver
858	501efbd2	Stephen Beaver	if (!document.getElementById("ldap_anon").checked) {
859			if (document.getElementById("ldap_binddn").value == '' \|\|
860	7b4b0ad3	Stephen Beaver	document.getElementById("ldap_bindpw").value == '') {
861	501efbd2	Stephen Beaver	alert("<?=gettext("Please fill the bind username/password.");?>");
862			return;
863			}
864			}
865	098604d3	Stephen Beaver
866			var ajaxRequest;
867			var authserver = $('#authmode').val();
868			var cert;
869
870			<?php if (count($a_ca) > 0): ?>
871			cert = $('#ldap_caref').val();
872			<?php else: ?>
873			cert = '';
874			<?php endif; ?>
875	697b1e07	Stephen Beaver	/*
876	098604d3	Stephen Beaver	$('#containers').modal('show');
877	79df3d68	Stephen Beaver	$('#serverlist').parent('div').prev('label').remove();
878			$('#serverlist').parent('div').removeClass("col-sm-10");
879			$('#serverlist').parent('div').addClass("col-sm-12");
880	697b1e07	Stephen Beaver	*/
881	098604d3	Stephen Beaver	ajaxRequest = $.ajax(
882			{
883			url: "/system_authservers.php",
884			type: "post",
885			data: {
886			ajax: "ajax",
887			port: $('#ldap_port').val(),
888			host: $('#ldap_host').val(),
889			scope: $('#ldap_scope').val(),
890			basedn: $('#ldap_basedn').val(),
891			binddn: $('#ldap_binddn').val(),
892			bindpw: $('#ldap_bindpw').val(),
893			urltype:$('#ldap_urltype').val(),
894			proto: $('#ldap_protver').val(),
895			authcn: $('#ldapauthcontainers').val(),
896			cert: cert
897			}
898			}
899			);
900
901			// Deal with the results of the above ajax call
902			ajaxRequest.done(function (response, textStatus, jqXHR) {
903	697b1e07	Stephen Beaver	$('#containers').replaceWith(response);
904
905			$('#containers').modal('show');
906	098604d3	Stephen Beaver
907			// The button handler needs to be here because until the modal has been populated
908			// the controls we need to attach handlers to do not exist
909			$('#svcontbtn').prop("type", "button");
910			$('#svcontbtn').removeAttr("href");
911
912			$('#svcontbtn').click(function () {
913			var ous = $('[id^=ou]').length;
914			var i;
915
916			$('#ldapauthcontainers').val("");
917
918			for (i = 0; i < ous; i++) {
919			if ($('#ou' + i).prop("checked")) {
920			if ($('#ldapauthcontainers').val() != "") {
921			$('#ldapauthcontainers').val($('#ldapauthcontainers').val() +";");
922			}
923
924			$('#ldapauthcontainers').val($('#ldapauthcontainers').val() + $('#ou' + i).val());
925			}
926			}
927
928			$('#containers').modal('hide');
929			});
930			});
931
932	501efbd2	Stephen Beaver	}
933	7b4b0ad3	Stephen Beaver
934	f3a43095	Stephen Beaver	function set_ldap_port() {
935	d672403c	derelict-pf	if ($('#ldap_urltype').find(":selected").index() == 2)
936	7b4b0ad3	Stephen Beaver	$('#ldap_port').val('636');
937	d672403c	derelict-pf	else
938			$('#ldap_port').val('389');
939	7b4b0ad3	Stephen Beaver	}
940
941	153c3aa6	Phil Davis	function set_required_port_fields() {
942			if (document.getElementById("radius_srvcs").value == 'auth') {
943			setRequired('radius_auth_port', true);
944			setRequired('radius_acct_port', false);
945			} else if (document.getElementById("radius_srvcs").value == 'acct') {
946			setRequired('radius_auth_port', false);
947			setRequired('radius_acct_port', true);
948			} else { // both
949			setRequired('radius_auth_port', true);
950			setRequired('radius_acct_port', true);
951			}
952			}
953
954	7b4b0ad3	Stephen Beaver	// Hides all elements of the specified class. This will usually be a section
955			function hideClass(s_class, hide) {
956	9d3e8723	Phil Davis	if (hide)
957	7b4b0ad3	Stephen Beaver	$('.' + s_class).hide();
958			else
959			$('.' + s_class).show();
960	f3a43095	Stephen Beaver	}
961	7b4b0ad3	Stephen Beaver
962	ac9d8bed	Stephen Beaver	function ldap_tmplchange() {
963			switch ($('#ldap_tmpltype').find(":selected").index()) {
964			<?php
965			$index = 0;
966			foreach ($ldap_templates as $tmpldata):
967			?>
968			case <?=$index;?>:
969			$('#ldap_attr_user').val("<?=$tmpldata['attr_user'];?>");
970			$('#ldap_attr_group').val("<?=$tmpldata['attr_group'];?>");
971			$('#ldap_attr_member').val("<?=$tmpldata['attr_member'];?>");
972			break;
973			<?php
974			$index++;
975			endforeach;
976			?>
977			}
978			}
979	a0165602	Sjon Hortensius
980	eef93144	Jared Dillard	// ---------- On initial page load ------------------------------------------------------------
981	782922c2	Stephen Beaver
982	c4302457	Stephen Beaver	<?php if ($act != 'edit') : ?>
983	ac9d8bed	Stephen Beaver	ldap_tmplchange();
984	c4302457	Stephen Beaver	<?php endif; ?>
985
986	b0909f2e	Stephen Beaver	hideClass('ldapanon', $('#ldap_anon').prop('checked'));
987	e39a41e9	Stephen Beaver	hideClass('extended', !$('#ldap_extended_enabled').prop('checked'));
988	153c3aa6	Phil Davis	set_required_port_fields();
989	7b4b0ad3	Stephen Beaver
990	9d3e8723	Phil Davis	if ($('#ldap_port').val() == "")
991	f3a43095	Stephen Beaver	set_ldap_port();
992	ac9d8bed	Stephen Beaver
993	ea342b0f	Stephen Beaver	<?php
994	9d3e8723	Phil Davis	if ($act == 'edit') {
995	ea342b0f	Stephen Beaver	?>
996	6157f724	Stephen Beaver	$('#type option:not(:selected)').each(function(){
997	7b4b0ad3	Stephen Beaver	$(this).attr('disabled', 'disabled');
998	6157f724	Stephen Beaver	});
999	7b4b0ad3	Stephen Beaver
1000	2138c41b	Stephen Beaver	<?php
1001	9d3e8723	Phil Davis	if (!$input_errors) {
1002	7b4b0ad3	Stephen Beaver	?>
1003	6157f724	Stephen Beaver	$('#name').prop("readonly", true);
1004	ea342b0f	Stephen Beaver	<?php
1005	2138c41b	Stephen Beaver	}
1006	ea342b0f	Stephen Beaver	}
1007			?>
1008	eef93144	Jared Dillard	// ---------- Click checkbox handlers ---------------------------------------------------------
1009	782922c2	Stephen Beaver
1010	ac9d8bed	Stephen Beaver	$('#ldap_tmpltype').on('change', function() {
1011			ldap_tmplchange();
1012			});
1013	b0909f2e	Stephen Beaver
1014	7b4b0ad3	Stephen Beaver	$('#ldap_anon').click(function () {
1015			hideClass('ldapanon', this.checked);
1016			});
1017
1018	f3a43095	Stephen Beaver	$('#ldap_urltype').on('change', function() {
1019			set_ldap_port();
1020	7b4b0ad3	Stephen Beaver	});
1021
1022			$('#Select').click(function () {
1023			select_clicked();
1024			});
1025	504bd882	Stephen Beaver
1026	e39a41e9	Stephen Beaver	$('#ldap_extended_enabled').click(function () {
1027			hideClass('extended', !this.checked);
1028			});
1029	504bd882	Stephen Beaver
1030	153c3aa6	Phil Davis	$('#radius_srvcs').on('change', function() {
1031			set_required_port_fields();
1032			});
1033
1034	ac9d8bed	Stephen Beaver	});
1035			//]]>
1036			</script>
1037			<?php
1038	81ec3187	Chris Buechler	include("foot.inc");

Project

General

Profile

pfSense