/usr/local/www/system_authservers.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_authservers.php @ cd132e86

1	fbf672cb	Matthew Grooms	<?php
2			/*
3			system_authservers.php
4
5	c7073ebf	namezero111111	Copyright (C) 2010 Ermal Lu�i
6	fbf672cb	Matthew Grooms	Copyright (C) 2008 Shrew Soft Inc.
7			All rights reserved.
8
9			Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11
12			1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14
15			2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18
19			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30	1d333258	Scott Ullrich	/*
31			pfSense_MODULE: auth
32			*/
33	fbf672cb	Matthew Grooms
34			##\|+PRIV
35			##\|*IDENT=page-system-authservers
36			##\|*NAME=System: Authentication Servers
37			##\|*DESCR=Allow access to the 'System: Authentication Servers' page.
38			##\|MATCH=system_authservers.php
39			##\|-PRIV
40
41			require("guiconfig.inc");
42	acee624f	Ermal Lu?i	require_once("auth.inc");
43	fbf672cb	Matthew Grooms
44	257705ca	Renato Botelho	$pgtitle = array(gettext("System"), gettext("Authentication Servers"));
45	fbf672cb	Matthew Grooms
46			$id = $_GET['id'];
47			if (isset($_POST['id']))
48			$id = $_POST['id'];
49
50			if (!is_array($config['system']['authserver']))
51			$config['system']['authserver'] = array();
52
53	6306b5dd	Ermal Lu?i	$a_servers = auth_get_authserver_list();
54			foreach ($a_servers as $servers)
55			$a_server[] = $servers;
56	fbf672cb	Matthew Grooms
57	fe2031ab	Ermal	if (!is_array($config['ca']))
58			$config['ca'] = array();
59			$a_ca =& $config['ca'];
60
61	fbf672cb	Matthew Grooms	$act = $_GET['act'];
62			if ($_POST['act'])
63			$act = $_POST['act'];
64
65			if ($act == "del") {
66
67			if (!$a_server[$_GET['id']]) {
68			pfSenseHeader("system_authservers.php");
69			exit;
70			}
71
72	9db6993f	jim-p	/* Remove server from main list. */
73	fbf672cb	Matthew Grooms	$serverdeleted = $a_server[$_GET['id']]['name'];
74	9db6993f	jim-p	foreach ($config['system']['authserver'] as $k => $as) {
75			if ($config['system']['authserver'][$k]['name'] == $serverdeleted)
76			unset($config['system']['authserver'][$k]);
77			}
78
79			/* Remove server from temp list used later on this page. */
80	fbf672cb	Matthew Grooms	unset($a_server[$_GET['id']]);
81	9db6993f	jim-p
82	fbf672cb	Matthew Grooms	$savemsg = gettext("Authentication Server")." {$serverdeleted} ".
83	9db6993f	jim-p	gettext("deleted")."<br/>";
84			write_config($savemsg);
85	fbf672cb	Matthew Grooms	}
86
87			if ($act == "edit") {
88			if (isset($id) && $a_server[$id]) {
89
90			$pconfig['type'] = $a_server[$id]['type'];
91			$pconfig['name'] = $a_server[$id]['name'];
92
93			if ($pconfig['type'] == "ldap") {
94	fe2031ab	Ermal	$pconfig['ldap_caref'] = $a_server[$id]['ldap_caref'];
95	fbf672cb	Matthew Grooms	$pconfig['ldap_host'] = $a_server[$id]['host'];
96			$pconfig['ldap_port'] = $a_server[$id]['ldap_port'];
97			$pconfig['ldap_urltype'] = $a_server[$id]['ldap_urltype'];
98			$pconfig['ldap_protver'] = $a_server[$id]['ldap_protver'];
99			$pconfig['ldap_scope'] = $a_server[$id]['ldap_scope'];
100			$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
101	c61e4626	Ermal Lu?i	$pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn'];
102	c7073ebf	namezero111111	$pconfig['ldap_extended_enabled'] = $a_server[$id]['ldap_extended_enabled'];
103			$pconfig['ldap_extended_query'] = $a_server[$id]['ldap_extended_query'];
104	fbf672cb	Matthew Grooms	$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
105			$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
106			$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
107			$pconfig['ldap_attr_group'] = $a_server[$id]['ldap_attr_group'];
108			$pconfig['ldap_attr_member'] = $a_server[$id]['ldap_attr_member'];
109
110			if (!$pconfig['ldap_binddn'] \|\| !$pconfig['ldap_bindpw'])
111			$pconfig['ldap_anon'] = true;
112			}
113
114			if ($pconfig['type'] == "radius") {
115			$pconfig['radius_host'] = $a_server[$id]['host'];
116			$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
117			$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
118	e8a58de4	Ermal Lu?i	$pconfig['radius_secret'] = $a_server[$id]['radius_secret'];
119	fbf672cb	Matthew Grooms
120			if ($pconfig['radius_auth_port'] &&
121			$pconfig['radius_acct_port'] ) {
122			$pconfig['radius_srvcs'] = "both";
123			}
124
125			if ( $pconfig['radius_auth_port'] &&
126			!$pconfig['radius_acct_port'] ) {
127			$pconfig['radius_srvcs'] = "auth";
128	acee624f	Ermal Lu?i	$pconfig['radius_acct_port'] = 1813;
129	fbf672cb	Matthew Grooms	}
130
131			if (!$pconfig['radius_auth_port'] &&
132			$pconfig['radius_acct_port'] ) {
133			$pconfig['radius_srvcs'] = "acct";
134	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = 1812;
135	fbf672cb	Matthew Grooms	}
136
137			}
138			}
139			}
140
141			if ($act == "new") {
142			$pconfig['ldap_protver'] = 3;
143			$pconfig['ldap_anon'] = true;
144			$pconfig['radius_srvcs'] = "both";
145	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = "1812";
146			$pconfig['radius_acct_port'] = "1813";
147	fbf672cb	Matthew Grooms	}
148
149			if ($_POST) {
150			unset($input_errors);
151			$pconfig = $_POST;
152
153			/* input validation */
154
155			if ($pconfig['type'] == "ldap") {
156			$reqdfields = explode(" ", "name type ldap_host ldap_port ".
157	64ce9d72	jim-p	"ldap_urltype ldap_protver ldap_scope ".
158	c61e4626	Ermal Lu?i	"ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers");
159	257705ca	Renato Botelho	$reqdfieldsn = array(
160			gettext("Descriptive name"),
161			gettext("Type"),
162			gettext("Hostname or IP"),
163			gettext("Port value"),
164			gettext("Transport"),
165			gettext("Protocol version"),
166			gettext("Search level"),
167			gettext("User naming Attribute"),
168			gettext("Group naming Attribute"),
169			gettext("Group member attribute"),
170			gettext("Authentication container"));
171	fbf672cb	Matthew Grooms
172			if (!$pconfig['ldap_anon']) {
173			$reqdfields[] = "ldap_binddn";
174			$reqdfields[] = "ldap_bindpw";
175	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Bind user DN");
176			$reqdfieldsn[] = gettext("Bind Password");
177	fbf672cb	Matthew Grooms	}
178			}
179
180			if ($pconfig['type'] == "radius") {
181			$reqdfields = explode(" ", "name type radius_host radius_srvcs");
182	257705ca	Renato Botelho	$reqdfieldsn = array(
183			gettext("Descriptive name"),
184			gettext("Type"),
185			gettext("Hostname or IP"),
186			gettext("Services"));
187	fbf672cb	Matthew Grooms
188			if ($pconfig['radisu_srvcs'] == "both" \|\|
189			$pconfig['radisu_srvcs'] == "auth") {
190			$reqdfields[] = "radius_auth_port";
191	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Authentication port value");
192	fbf672cb	Matthew Grooms	}
193
194			if ($pconfig['radisu_srvcs'] == "both" \|\|
195			$pconfig['radisu_srvcs'] == "acct") {
196			$reqdfields[] = "radius_acct_port";
197	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Accounting port value");
198	fbf672cb	Matthew Grooms	}
199
200			if (!isset($id)) {
201			$reqdfields[] = "radius_secret";
202	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Shared Secret");
203	fbf672cb	Matthew Grooms	}
204			}
205
206			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
207
208			if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host']))
209			$input_errors[] = gettext("The host name contains invalid characters.");
210
211	6306b5dd	Ermal Lu?i	if (auth_get_authserver($pconfig['name']) && !isset($id))
212	257705ca	Renato Botelho	$input_errors[] = gettext("An authentication server with the same name already exists.");
213	acee624f	Ermal Lu?i
214	fbf672cb	Matthew Grooms	/* if this is an AJAX caller then handle via JSON */
215			if (isAjax() && is_array($input_errors)) {
216			input_errors2Ajax($input_errors);
217			exit;
218			}
219
220			if (!$input_errors) {
221			$server = array();
222			$server['refid'] = uniqid();
223			if (isset($id) && $a_server[$id])
224			$server = $a_server[$id];
225
226			$server['type'] = $pconfig['type'];
227			$server['name'] = $pconfig['name'];
228
229			if ($server['type'] == "ldap") {
230
231	fe2031ab	Ermal	if (!empty($pconfig['ldap_caref']))
232			$server['ldap_caref'] = $pconfig['ldap_caref'];
233	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['ldap_host'];
234			$server['ldap_port'] = $pconfig['ldap_port'];
235			$server['ldap_urltype'] = $pconfig['ldap_urltype'];
236			$server['ldap_protver'] = $pconfig['ldap_protver'];
237			$server['ldap_scope'] = $pconfig['ldap_scope'];
238			$server['ldap_basedn'] = $pconfig['ldap_basedn'];
239	c61e4626	Ermal Lu?i	$server['ldap_authcn'] = $pconfig['ldapauthcontainers'];
240	c7073ebf	namezero111111	$server['ldap_extended_enabled'] = $pconfig['ldap_extended_enabled'];
241			$server['ldap_extended_query'] = $pconfig['ldap_extended_query'];
242	fbf672cb	Matthew Grooms	$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
243			$server['ldap_attr_group'] = $pconfig['ldap_attr_group'];
244			$server['ldap_attr_member'] = $pconfig['ldap_attr_member'];
245
246			if (!$pconfig['ldap_anon']) {
247			$server['ldap_binddn'] = $pconfig['ldap_binddn'];
248			$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
249			} else {
250			unset($server['ldap_binddn']);
251			unset($server['ldap_bindpw']);
252			}
253			}
254
255			if ($server['type'] == "radius") {
256
257			$server['host'] = $pconfig['radius_host'];
258
259			if ($pconfig['radius_secret'])
260			$server['radius_secret'] = $pconfig['radius_secret'];
261
262			if ($pconfig['radius_srvcs'] == "both") {
263			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
264			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
265			}
266
267			if ($pconfig['radius_srvcs'] == "auth") {
268			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
269			unset($server['radius_acct_port']);
270			}
271
272			if ($pconfig['radius_srvcs'] == "acct") {
273			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
274			unset($server['radius_auth_port']);
275			}
276			}
277
278	6306b5dd	Ermal Lu?i	if (isset($id) && $config['system']['authserver'][$id])
279			$config['system']['authserver'][$id] = $server;
280	fbf672cb	Matthew Grooms	else
281	6306b5dd	Ermal Lu?i	$config['system']['authserver'][] = $server;
282	fbf672cb	Matthew Grooms
283			write_config();
284
285			pfSenseHeader("system_authservers.php");
286			}
287			}
288
289			include("head.inc");
290			?>
291
292			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
293			<?php include("fbegin.inc"); ?>
294			<script type="text/javascript">
295			<!--
296
297	6306b5dd	Ermal Lu?i	function server_typechange(typ) {
298	fbf672cb	Matthew Grooms
299	6306b5dd	Ermal Lu?i	var idx = 0;
300			if (!typ) {
301			idx = document.getElementById("type").selectedIndex;
302			typ = document.getElementById("type").options[idx].value;
303	fbf672cb	Matthew Grooms	}
304
305	6306b5dd	Ermal Lu?i	switch (typ) {
306	fbf672cb	Matthew Grooms	case "ldap":
307			document.getElementById("ldap").style.display="";
308			document.getElementById("radius").style.display="none";
309			break;
310			case "radius":
311			document.getElementById("ldap").style.display="none";
312			document.getElementById("radius").style.display="";
313			break;
314			}
315			}
316
317			function ldap_urlchange() {
318	6306b5dd	Ermal Lu?i	switch (document.getElementById("ldap_urltype").selectedIndex) {
319	fbf672cb	Matthew Grooms	<?php
320			$index = 0;
321			foreach ($ldap_urltypes as $urltype => $urlport):
322			?>
323			case <?=$index;?>:
324	6306b5dd	Ermal Lu?i	document.getElementById("ldap_port").value = "<?=$urlport;?>";
325	fbf672cb	Matthew Grooms	break;
326			<?php
327			$index++;
328			endforeach;
329			?>
330			}
331			}
332
333			function ldap_bindchange() {
334
335	6306b5dd	Ermal Lu?i	if (document.getElementById("ldap_anon").checked)
336	fbf672cb	Matthew Grooms	document.getElementById("ldap_bind").style.display="none";
337			else
338			document.getElementById("ldap_bind").style.display="";
339			}
340
341			function ldap_tmplchange(){
342	6306b5dd	Ermal Lu?i	switch (document.getElementById("ldap_tmpltype").selectedIndex) {
343	fbf672cb	Matthew Grooms	<?php
344			$index = 0;
345			foreach ($ldap_templates as $tmpldata):
346			?>
347			case <?=$index;?>:
348	6306b5dd	Ermal Lu?i	document.getElementById("ldap_attr_user").value = "<?=$tmpldata['attr_user'];?>";
349			document.getElementById("ldap_attr_group").value = "<?=$tmpldata['attr_group'];?>";
350			document.getElementById("ldap_attr_member").value = "<?=$tmpldata['attr_member'];?>";
351	fbf672cb	Matthew Grooms	break;
352			<?php
353			$index++;
354			endforeach;
355			?>
356			}
357			}
358
359			function radius_srvcschange(){
360	6306b5dd	Ermal Lu?i	switch (document.getElementById("radius_srvcs").selectedIndex) {
361	fbf672cb	Matthew Grooms	case 0: // both
362			document.getElementById("radius_auth").style.display="";
363			document.getElementById("radius_acct").style.display="";
364			break;
365			case 1: // authentication
366			document.getElementById("radius_auth").style.display="";
367			document.getElementById("radius_acct").style.display="none";
368			break;
369			case 2: // accounting
370			document.getElementById("radius_auth").style.display="none";
371			document.getElementById("radius_acct").style.display="";
372			break;
373			}
374			}
375
376	6306b5dd	Ermal Lu?i	function select_clicked() {
377	7a938f1b	Ermal	if (document.getElementById("ldap_port").value == '' \|\|
378			document.getElementById("ldap_host").value == '' \|\|
379			document.getElementById("ldap_scope").value == '' \|\|
380			document.getElementById("ldap_basedn").value == '' \|\|
381			document.getElementById("ldapauthcontainers").value == '') {
382	257705ca	Renato Botelho	alert("<?=gettext("Please fill the required values.");?>");
383	7a938f1b	Ermal	return;
384			}
385			if (!document.getElementById("ldap_anon").checked) {
386			if (document.getElementById("ldap_binddn").value == '' \|\|
387			document.getElementById("ldap_bindpw").value == '') {
388	257705ca	Renato Botelho	alert("<?=gettext("Please fill the bind username/password.");?>");
389	7a938f1b	Ermal	return;
390			}
391			}
392	6306b5dd	Ermal Lu?i	var url = 'system_usermanager_settings_ldapacpicker.php?';
393			url += 'port=' + document.getElementById("ldap_port").value;
394			url += '&host=' + document.getElementById("ldap_host").value;
395			url += '&scope=' + document.getElementById("ldap_scope").value;
396			url += '&basedn=' + document.getElementById("ldap_basedn").value;
397			url += '&binddn=' + document.getElementById("ldap_binddn").value;
398			url += '&bindpw=' + document.getElementById("ldap_bindpw").value;
399			url += '&urltype=' + document.getElementById("ldap_urltype").value;
400			url += '&proto=' + document.getElementById("ldap_protver").value;
401			url += '&authcn=' + document.getElementById("ldapauthcontainers").value;
402	fe2031ab	Ermal	url += '&cert=' + document.getElementById("ldap_caref").value;
403	6306b5dd	Ermal Lu?i
404			var oWin = window.open(url,"pfSensePop","width=620,height=400,top=150,left=150");
405			if (oWin==null \|\| typeof(oWin)=="undefined")
406	257705ca	Renato Botelho	alert("<?=gettext('Popup blocker detected. Action aborted.');?>");
407	6306b5dd	Ermal Lu?i	}
408	fbf672cb	Matthew Grooms	//-->
409			</script>
410			<?php
411			if ($input_errors)
412			print_input_errors($input_errors);
413			if ($savemsg)
414			print_info_box($savemsg);
415			?>
416			<table width="100%" border="0" cellpadding="0" cellspacing="0">
417			<tr>
418	e30001cf	Matthew Grooms	<td>
419	fbf672cb	Matthew Grooms	<?php
420			$tab_array = array();
421			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
422			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
423			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
424	d799787e	Matthew Grooms	$tab_array[] = array(gettext("Servers"), true, "system_authservers.php");
425	fbf672cb	Matthew Grooms	display_top_tabs($tab_array);
426			?>
427			</td>
428			</tr>
429			<tr>
430	e30001cf	Matthew Grooms	<td id="mainarea">
431			<div class="tabcont">
432
433			<?php if ($act == "new" \|\| $act == "edit" \|\| $input_errors): ?>
434
435			<form action="system_authservers.php" method="post" name="iform" id="iform">
436			<table width="100%" border="0" cellpadding="6" cellspacing="0">
437			<tr>
438			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
439			<td width="78%" class="vtable">
440	3de94477	Ermal Lu?i	<?php if (!isset($id)): ?>
441	e30001cf	Matthew Grooms	<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
442	3de94477	Ermal Lu?i	<?php else: ?>
443	dd5bf424	Scott Ullrich	<strong><?=htmlspecialchars($pconfig['name']);?></strong>
444	3de94477	Ermal Lu?i	<input name='name' type='hidden' id='name' value="<?=htmlspecialchars($pconfig['name']);?>"/>
445			<?php endif; ?>
446	e30001cf	Matthew Grooms	</td>
447			</tr>
448			<tr>
449			<td width="22%" valign="top" class="vncellreq"><?=gettext("Type");?></td>
450			<td width="78%" class="vtable">
451			<?php if (!isset($id)): ?>
452			<select name='type' id='type' class="formselect" onchange='server_typechange()'>
453			<?php
454			foreach ($auth_server_types as $typename => $typedesc ):
455			$selected = "";
456			if ($pconfig['type'] == $typename)
457			$selected = "selected";
458			?>
459			<option value="<?=$typename;?>" <?=$selected;?>><?=$typedesc;?></option>
460			<?php endforeach; ?>
461			</select>
462			<?php else: ?>
463			<strong><?=$auth_server_types[$pconfig['type']];?></strong>
464			<input name='type' type='hidden' id='type' value="<?=htmlspecialchars($pconfig['type']);?>"/>
465			<?php endif; ?>
466			</td>
467			</tr>
468			</table>
469
470	be934aad	Ermal Lu?i	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="ldap" style="display:none">
471	e30001cf	Matthew Grooms	<tr>
472			<td colspan="2" class="list" height="12"></td>
473			</tr>
474			<tr>
475	257705ca	Renato Botelho	<td colspan="2" valign="top" class="listtopic"><?=gettext("LDAP Server Settings");?></td>
476	e30001cf	Matthew Grooms	</tr>
477			<tr>
478			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td>
479			<td width="78%" class="vtable">
480			<input name="ldap_host" type="text" class="formfld unknown" id="ldap_host" size="20" value="<?=htmlspecialchars($pconfig['ldap_host']);?>"/>
481			</td>
482			</tr>
483			<tr>
484			<td width="22%" valign="top" class="vncellreq"><?=gettext("Port value");?></td>
485			<td width="78%" class="vtable">
486			<input name="ldap_port" type="text" class="formfld unknown" id="ldap_port" size="5" value="<?=htmlspecialchars($pconfig['ldap_port']);?>"/>
487			</td>
488			</tr>
489			<tr>
490			<td width="22%" valign="top" class="vncellreq"><?=gettext("Transport");?></td>
491			<td width="78%" class="vtable">
492			<select name='ldap_urltype' id='ldap_urltype' class="formselect" onchange='ldap_urlchange()'>
493			<?php
494			foreach ($ldap_urltypes as $urltype => $urlport):
495			$selected = "";
496			if ($pconfig['ldap_urltype'] == $urltype)
497			$selected = "selected";
498			?>
499			<option value="<?=$urltype;?>" <?=$selected;?>><?=$urltype;?></option>
500			<?php endforeach; ?>
501			</select>
502			</td>
503			</tr>
504	fe2031ab	Ermal	<tr id="tls_ca">
505			<td width="22%" valign="top" class="vncell"><?=gettext("Peer Certificate Authority"); ?></td>
506			<td width="78%" class="vtable">
507			<?php if (count($a_ca)): ?>
508	a8db7391	Ermal	<select id='ldap_caref' name='ldap_caref' class="formselect">
509	fe2031ab	Ermal	<?php
510			foreach ($a_ca as $ca):
511			$selected = "";
512			if ($pconfig['ldap_caref'] == $ca['refid'])
513			$selected = "selected";
514			?>
515			<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
516			<?php endforeach; ?>
517			</select>
518			<br/><span><?=gettext("This option is used if 'SSL Encrypted' option is choosen.");?> <br/>
519			<?=gettext("It must match with the CA in the AD otherwise problems will arise.");?></span>
520			<?php else: ?>
521			<b>No Certificate Authorities defined.</b> <br/>Create one under <a href="system_camanager.php">System > Cert Manager</a>.
522			<?php endif; ?>
523			</td>
524			</tr>
525	e30001cf	Matthew Grooms	<tr>
526			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol version");?></td>
527			<td width="78%" class="vtable">
528			<select name='ldap_protver' id='ldap_protver' class="formselect">
529			<?php
530			foreach ($ldap_protvers as $version):
531			$selected = "";
532			if ($pconfig['ldap_protver'] == $version)
533			$selected = "selected";
534			?>
535			<option value="<?=$version;?>" <?=$selected;?>><?=$version;?></option>
536			<?php endforeach; ?>
537			</select>
538			</td>
539			</tr>
540			<tr>
541	64ce9d72	jim-p	<td width="22%" valign="top" class="vncell"><?=gettext("Search scope");?></td>
542	e30001cf	Matthew Grooms	<td width="78%" class="vtable">
543			<table border="0" cellspacing="0" cellpadding="2">
544			<tr>
545	ea53e38f	Renato Botelho	<td><?=gettext("Level:");?>  </td>
546	e30001cf	Matthew Grooms	<td>
547			<select name='ldap_scope' id='ldap_scope' class="formselect">
548			<?php
549			foreach ($ldap_scopes as $scopename => $scopedesc):
550			$selected = "";
551			if ($pconfig['ldap_scope'] == $scopename)
552			$selected = "selected";
553			?>
554			<option value="<?=$scopename;?>" <?=$selected;?>><?=$scopedesc;?></option>
555			<?php endforeach; ?>
556			</select>
557			</td>
558			</tr>
559			<tr>
560	ea53e38f	Renato Botelho	<td><?=gettext("Base DN:");?>  </td>
561	e30001cf	Matthew Grooms	<td>
562			<input name="ldap_basedn" type="text" class="formfld unknown" id="ldap_basedn" size="40" value="<?=htmlspecialchars($pconfig['ldap_basedn']);?>"/>
563			</td>
564			</tr>
565			</table>
566
567			</td>
568			</tr>
569	c61e4626	Ermal Lu?i	<tr>
570	6d78607d	Renato Botelho	<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication containers");?></td>
571			<td width="78%" class="vtable">
572			<table border="0" cellspacing="0" cellpadding="2">
573			<tr>
574	ea53e38f	Renato Botelho	<td><?=gettext("Containers:");?>  </td>
575	6d78607d	Renato Botelho	<td>
576			<input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/>
577	257705ca	Renato Botelho	<input type="button" onClick="select_clicked();" value="<?=gettext("Select");?>">
578	beaab622	Warren Baker	<br /><?=gettext("Note: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path.");?>
579			<br /><?=gettext("Example: CN=Users;DC=example");?>
580			<br /><?=gettext("Example: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com ");?>
581	6d78607d	Renato Botelho	</td>
582			</tr>
583			</table>
584			</td>
585			</tr>
586	c7073ebf	namezero111111	<tr>
587			<td width="22%" valign="top" class="vncell"><?=gettext("Extended Query");?></td>
588			<td width="78%" class="vtable">
589			<table border="0" cellspacing="0" cellpadding="2">
590			<tr>
591			<td>
592			<input name="ldap_extended_enabled" type="checkbox" id="ldap_extended_enabled" value="no" <?php if ($pconfig['ldap_extended_enabled']) echo "checked"; ?> >
593			</td>
594			<td>
595
596			<input name="ldap_extended_query" type="text" class="formfld unknown" id="ldap_extended_query" size="40" value="<?=htmlspecialchars($pconfig['ldap_extended_query']);?>"/>
597			<br /><?=gettext("Example: CN=Groupname,OU=MyGroups,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com ");?>
598			</td>
599			</tr>
600			</table>
601			</td>
602			</tr>
603	e30001cf	Matthew Grooms	<tr>
604			<td width="22%" valign="top" class="vncell"><?=gettext("Bind credentials");?></td>
605			<td width="78%" class="vtable">
606			<table border="0" cellspacing="0" cellpadding="2">
607			<tr>
608			<td>
609			<input name="ldap_anon" type="checkbox" id="ldap_anon" value="yes" <?php if ($pconfig['ldap_anon']) echo "checked"; ?> onClick="ldap_bindchange()">
610			</td>
611			<td>
612	257705ca	Renato Botelho	<?=gettext("Use anonymous binds to resolve distinguished names");?>
613	e30001cf	Matthew Grooms	</td>
614			</tr>
615			</table>
616			<table border="0" cellspacing="0" cellpadding="2" id="ldap_bind">
617			<tr>
618			<td colspan="2"></td>
619			</tr>
620			<tr>
621	ea53e38f	Renato Botelho	<td><?=gettext("User DN:");?>  </td>
622	e30001cf	Matthew Grooms	<td>
623			<input name="ldap_binddn" type="text" class="formfld unknown" id="ldap_binddn" size="40" value="<?=htmlspecialchars($pconfig['ldap_binddn']);?>"/><br/>
624			</td>
625			</tr>
626			<tr>
627	ea53e38f	Renato Botelho	<td><?=gettext("Password:");?>  </td>
628	e30001cf	Matthew Grooms	<td>
629			<input name="ldap_bindpw" type="password" class="formfld pwd" id="ldap_bindpw" size="20" value="<?=htmlspecialchars($pconfig['ldap_bindpw']);?>"/><br/>
630			</td>
631			</tr>
632			</table>
633			</td>
634			</tr>
635			<?php if (!isset($id)): ?>
636			<tr>
637			<td width="22%" valign="top" class="vncell"><?=gettext("Initial Template");?></td>
638			<td width="78%" class="vtable">
639			<select name='ldap_tmpltype' id='ldap_tmpltype' class="formselect" onchange='ldap_tmplchange()'>
640			<?php
641			foreach ($ldap_templates as $tmplname => $tmpldata):
642			$selected = "";
643			if ($pconfig['ldap_template'] == $tmplname)
644			$selected = "selected";
645			?>
646			<option value="<?=$tmplname;?>" <?=$selected;?>><?=$tmpldata['desc'];?></option>
647			<?php endforeach; ?>
648			</select>
649			</td>
650			</tr>
651			<?php endif; ?>
652			<tr>
653			<td width="22%" valign="top" class="vncell"><?=gettext("User naming attribute");?></td>
654			<td width="78%" class="vtable">
655			<input name="ldap_attr_user" type="text" class="formfld unknown" id="ldap_attr_user" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_user']);?>"/>
656			</td>
657			</tr>
658			<tr>
659			<td width="22%" valign="top" class="vncell"><?=gettext("Group naming attribute");?></td>
660			<td width="78%" class="vtable">
661			<input name="ldap_attr_group" type="text" class="formfld unknown" id="ldap_attr_group" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_group']);?>"/>
662			</td>
663			</tr>
664			<tr>
665			<td width="22%" valign="top" class="vncell"><?=gettext("Group member attribute");?></td>
666			<td width="78%" class="vtable">
667			<input name="ldap_attr_member" type="text" class="formfld unknown" id="ldap_attr_member" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_member']);?>"/>
668			</td>
669			</tr>
670			</table>
671
672	be934aad	Ermal Lu?i	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="radius" style="display:none">
673	e30001cf	Matthew Grooms	<tr>
674			<td colspan="2" class="list" height="12"></td>
675			</tr>
676			<tr>
677	257705ca	Renato Botelho	<td colspan="2" valign="top" class="listtopic"><?=gettext("Radius Server Settings");?></td>
678	e30001cf	Matthew Grooms	</tr>
679			<tr>
680			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td>
681			<td width="78%" class="vtable">
682			<input name="radius_host" type="text" class="formfld unknown" id="radius_host" size="20" value="<?=htmlspecialchars($pconfig['radius_host']);?>"/>
683			</td>
684			</tr>
685			<tr>
686			<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Secret");?></td>
687			<td width="78%" class="vtable">
688			<input name="radius_secret" type="password" class="formfld pwd" id="radius_secret" size="20" value="<?=htmlspecialchars($pconfig['radius_secret']);?>"/>
689			</td>
690			</tr>
691			<tr>
692			<td width="22%" valign="top" class="vncellreq"><?=gettext("Services offered");?></td>
693			<td width="78%" class="vtable">
694			<select name='radius_srvcs' id='radius_srvcs' class="formselect" onchange='radius_srvcschange()'>
695			<?php
696			foreach ($radius_srvcs as $srvcname => $srvcdesc):
697			$selected = "";
698			if ($pconfig['radius_srvcs'] == $srvcname)
699			$selected = "selected";
700			?>
701			<option value="<?=$srvcname;?>" <?=$selected;?>><?=$srvcdesc;?></option>
702			<?php endforeach; ?>
703			</select>
704			</td>
705			</tr>
706			<tr id="radius_auth">
707			<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication port value");?></td>
708			<td width="78%" class="vtable">
709			<input name="radius_auth_port" type="text" class="formfld unknown" id="radius_auth_port" size="5" value="<?=htmlspecialchars($pconfig['radius_auth_port']);?>"/>
710			</td>
711			</tr>
712			<tr id="radius_acct">
713			<td width="22%" valign="top" class="vncellreq"><?=gettext("Accounting port value");?></td>
714			<td width="78%" class="vtable">
715			<input name="radius_acct_port" type="text" class="formfld unknown" id="radius_acct_port" size="5" value="<?=htmlspecialchars($pconfig['radius_acct_port']);?>"/>
716			</td>
717			</tr>
718			</table>
719
720			<table width="100%" border="0" cellpadding="6" cellspacing="0">
721			<tr>
722			<td width="22%" valign="top"> </td>
723			<td width="78%">
724	257705ca	Renato Botelho	<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
725	e30001cf	Matthew Grooms	<?php if (isset($id) && $a_server[$id]): ?>
726			<input name="id" type="hidden" value="<?=$id;?>" />
727			<?php endif;?>
728			</td>
729			</tr>
730			</table>
731			</form>
732
733			<?php else: ?>
734
735			<table width="100%" border="0" cellpadding="0" cellspacing="0">
736	fbf672cb	Matthew Grooms	<tr>
737	257705ca	Renato Botelho	<td width="25%" class="listhdrr"><?=gettext("Server Name");?></td>
738			<td width="25%" class="listhdrr"><?=gettext("Type");?></td>
739			<td width="35%" class="listhdrr"><?=gettext("Host Name");?></td>
740	e30001cf	Matthew Grooms	<td width="10%" class="list"></td>
741	fbf672cb	Matthew Grooms	</tr>
742	e30001cf	Matthew Grooms	<?php
743			$i = 0;
744			foreach($a_server as $server):
745			$name = htmlspecialchars($server['name']);
746			$type = htmlspecialchars($auth_server_types[$server['type']]);
747			$host = htmlspecialchars($server['host']);
748			?>
749	6306b5dd	Ermal Lu?i	<tr <?php if ($i < (count($a_server) - 1)): ?> ondblclick="document.location='system_authservers.php?act=edit&id=<?=$i;?>'" <?php endif; ?>>
750	e30001cf	Matthew Grooms	<td class="listlr"><?=$name?> </td>
751			<td class="listr"><?=$type;?> </td>
752			<td class="listr"><?=$host;?> </td>
753			<td valign="middle" nowrap class="list">
754	6306b5dd	Ermal Lu?i	<?php if ($i < (count($a_server) - 1)): ?>
755	e30001cf	Matthew Grooms	<a href="system_authservers.php?act=edit&id=<?=$i;?>">
756	257705ca	Renato Botelho	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server");?>" alt="<?=gettext("edit server");?>" width="17" height="17" border="0" />
757	e30001cf	Matthew Grooms	</a>
758
759			<a href="system_authservers.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Server?");?>')">
760	257705ca	Renato Botelho	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server");?>" alt="<?=gettext("delete server");?>" width="17" height="17" border="0" />
761	e30001cf	Matthew Grooms	</a>
762	6306b5dd	Ermal Lu?i	<?php endif; ?>
763	fbf672cb	Matthew Grooms	</td>
764			</tr>
765	e30001cf	Matthew Grooms	<?php
766	6306b5dd	Ermal Lu?i	$i++; endforeach;
767	e30001cf	Matthew Grooms	?>
768	fbf672cb	Matthew Grooms	<tr>
769	e30001cf	Matthew Grooms	<td class="list" colspan="3"></td>
770			<td class="list">
771			<a href="system_authservers.php?act=new">
772	257705ca	Renato Botelho	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server");?>" alt="<?=gettext("add server");?>" width="17" height="17" border="0" />
773	e30001cf	Matthew Grooms	</a>
774	fbf672cb	Matthew Grooms	</td>
775			</tr>
776			<tr>
777	e30001cf	Matthew Grooms	<td colspan="3">
778			<p>
779			<?=gettext("Additional authentication servers can be added here.");?>
780			</p>
781	fbf672cb	Matthew Grooms	</td>
782			</tr>
783			</table>
784
785	e30001cf	Matthew Grooms	<?php endif; ?>
786	fbf672cb	Matthew Grooms
787	e30001cf	Matthew Grooms	</div>
788	fbf672cb	Matthew Grooms	</td>
789			</tr>
790			</table>
791	be934aad	Ermal Lu?i	<?php include("fend.inc"); ?>
792	fbf672cb	Matthew Grooms	<script type="text/javascript">
793			<!--
794	dd5bf424	Scott Ullrich	server_typechange('<?=htmlspecialchars($pconfig['type']);?>');
795	fbf672cb	Matthew Grooms	<?php if (!isset($id) \|\| $pconfig['type'] == "ldap"): ?>
796			ldap_bindchange();
797	8f096822	jim-p	if (document.getElementById("ldap_port").value == "")
798			ldap_urlchange();
799	6306b5dd	Ermal Lu?i	<?php if (!isset($id)): ?>
800	fbf672cb	Matthew Grooms	ldap_tmplchange();
801	ee9933b6	Renato Botelho	<?php endif; ?>
802			<?php endif; ?>
803	fbf672cb	Matthew Grooms	<?php if (!isset($id) \|\| $pconfig['type'] == "radius"): ?>
804			radius_srvcschange();
805	ee9933b6	Renato Botelho	<?php endif; ?>
806	fbf672cb	Matthew Grooms	//-->
807			</script>
808			</body>

Project

General

Profile

pfSense