Project

General

Profile

« Previous | Next » 

Revision fbf672cb

Added by Matthew Grooms almost 17 years ago

Add an interface to manage external authentication servers. The two types
supported currently are LDAP and Radius.

View differences:

etc/inc/xmlparse.inc
36 36
		"earlyshellcmd encryption-algorithm-option field fieldname hash-algorithm-option " .
37 37
		"hosts group member interface_array item key lbpool menu mobilekey mount onetoone option ppp package passthrumac phase1 phase2 priv proxyarpnet " .
38 38
		"queue pages pipe route row rule schedule service servernat servers serversdisabled earlyshellcmd shellcmd staticmap subqueue " .
39
		"timerange tunnel user vip virtual_server vlan winsserver ntpserver wolentry widget depends_on_package gateway_item gateway_group dyndns dnsupdate gre gif bridge lagg");
39
		"timerange tunnel user authserver vip virtual_server vlan winsserver ntpserver wolentry widget depends_on_package gateway_item gateway_group dyndns dnsupdate gre gif bridge lagg");
40 40
	return $ret;
41 41
}
42 42

  
usr/local/www/guiconfig.inc
100 100
	}
101 101
}
102 102

  
103
$auth_server_types = array(
104
	'ldap' => "LDAP",
105
	'radius' => "Radius");
106

  
107
$ldap_urltypes = array(
108
	'TCP - Standard' => 389,
109
	'SSL - Encrypted' => 636);
110

  
111
$ldap_scopes = array(
112
	'one' => "One Level",
113
	'subtree' => "Entire Subtree");
114

  
115
$ldap_protvers = array(
116
	2,
117
	3);
118

  
119
$ldap_templates = array(
120

  
121
	'open' => array(
122
				'desc' => "OpenLDAP",
123
				'attr_user' => "cn",
124
				'attr_group' => "cn",
125
				'attr_member' => "member"),
126

  
127
	'msad' => array(
128
				'desc' => "Microsoft AD",
129
				'attr_user' => "samAccountNAme",
130
				'attr_group' => "cn",
131
				'attr_member' => "member"),
132

  
133
	'edir' => array(
134
				'desc' => "Novell eDirectory",
135
				'attr_user' => "cn",
136
				'attr_group' => "cn",
137
				'attr_member' => "uniqueMember"));
138

  
139
$radius_srvcs = array(
140
	'both' => "Authentication and Accounting",
141
	'auth' => "Authentication",
142
	'acct' => "Accounting");
143

  
103 144
/* some well knows ports */
104
$wkports = array(3389 => "MS RDP",
145
$wkports = array(
146
	3389 => "MS RDP",
105 147
	21 => "FTP",
106 148
	22 => "SSH",
107 149
	23 => "Telnet",
usr/local/www/system_authservers.php
1
<?php
2
/*
3
    system_authservers.php
4

  
5
    Copyright (C) 2008 Shrew Soft Inc.
6
    All rights reserved.
7

  
8
    Redistribution and use in source and binary forms, with or without
9
    modification, are permitted provided that the following conditions are met:
10

  
11
    1. Redistributions of source code must retain the above copyright notice,
12
       this list of conditions and the following disclaimer.
13

  
14
    2. Redistributions in binary form must reproduce the above copyright
15
       notice, this list of conditions and the following disclaimer in the
16
       documentation and/or other materials provided with the distribution.
17

  
18
    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
    POSSIBILITY OF SUCH DAMAGE.
28
*/
29

  
30
##|+PRIV
31
##|*IDENT=page-system-authservers
32
##|*NAME=System: Authentication Servers
33
##|*DESCR=Allow access to the 'System: Authentication Servers' page.
34
##|*MATCH=system_authservers.php*
35
##|-PRIV
36

  
37
require("guiconfig.inc");
38

  
39
$pgtitle = array("System", "Authentication Servers");
40

  
41
$id = $_GET['id'];
42
if (isset($_POST['id']))
43
	$id = $_POST['id'];
44

  
45
if (!is_array($config['system']['authserver']))
46
	$config['system']['authserver'] = array();
47

  
48
$a_server =& $config['system']['authserver'];
49

  
50
$act = $_GET['act'];
51
if ($_POST['act'])
52
	$act = $_POST['act'];
53

  
54
if ($act == "del") {
55

  
56
	if (!$a_server[$_GET['id']]) {
57
		pfSenseHeader("system_authservers.php");
58
		exit;
59
	}
60

  
61
	$serverdeleted = $a_server[$_GET['id']]['name'];
62
	unset($a_server[$_GET['id']]);
63
	write_config();
64
	$savemsg = gettext("Authentication Server")." {$serverdeleted} ".
65
				gettext("successfully deleted")."<br/>";
66
}
67

  
68
if ($act == "edit") {
69
	if (isset($id) && $a_server[$id]) {
70

  
71
		$pconfig['type'] = $a_server[$id]['type'];
72
		$pconfig['name'] = $a_server[$id]['name'];
73

  
74
		if ($pconfig['type'] == "ldap") {
75
			$pconfig['ldap_host'] = $a_server[$id]['host'];
76
			$pconfig['ldap_port'] = $a_server[$id]['ldap_port'];
77
			$pconfig['ldap_urltype'] = $a_server[$id]['ldap_urltype'];
78
			$pconfig['ldap_protver'] = $a_server[$id]['ldap_protver'];
79
			$pconfig['ldap_scope'] = $a_server[$id]['ldap_scope'];
80
			$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
81
			$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
82
			$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
83
			$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
84
			$pconfig['ldap_attr_group'] = $a_server[$id]['ldap_attr_group'];
85
			$pconfig['ldap_attr_member'] = $a_server[$id]['ldap_attr_member'];
86

  
87
			if (!$pconfig['ldap_binddn'] || !$pconfig['ldap_bindpw'])
88
				$pconfig['ldap_anon'] = true;
89
		}
90

  
91
		if ($pconfig['type'] == "radius") {
92
			$pconfig['radius_host'] = $a_server[$id]['host'];
93
			$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
94
			$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
95

  
96
			if ($pconfig['radius_auth_port'] &&
97
				$pconfig['radius_acct_port'] ) {
98
				$pconfig['radius_srvcs'] = "both";
99
			}
100

  
101
			if ( $pconfig['radius_auth_port'] &&
102
				!$pconfig['radius_acct_port'] ) {
103
				$pconfig['radius_srvcs'] = "auth";
104
				$pconfig['radius_acct_port'] = 813;
105
			}
106

  
107
			if (!$pconfig['radius_auth_port'] &&
108
				 $pconfig['radius_acct_port'] ) {
109
				$pconfig['radius_srvcs'] = "acct";
110
				$pconfig['radius_auth_port'] = 812;
111
			}
112

  
113
		}
114
	}
115
}
116

  
117
if ($act == "new") {
118
	$pconfig['ldap_protver'] = 3;
119
	$pconfig['ldap_anon'] = true;
120
	$pconfig['radius_srvcs'] = "both";
121
	$pconfig['radius_auth_port'] = "812";
122
	$pconfig['radius_acct_port'] = "813";
123
}
124

  
125
if ($_POST) {
126
	unset($input_errors);
127
	$pconfig = $_POST;
128

  
129
	/* input validation */
130

  
131
	if ($pconfig['type'] == "ldap") {
132
		$reqdfields = explode(" ", "name type ldap_host ldap_port ".
133
						"ldap_urltype ldap_protver ldap_scope ldap_basedn ".
134
						"ldap_attr_user ldap_attr_group ldap_attr_member");
135
		$reqdfieldsn = explode(",", "Descriptive name,Type,Hostname or IP,".
136
						"Port value,Transport,Protocol version,Search level,".
137
						"Search Base DN,User naming Attribute,".
138
						"Group naming Attribute,Group member attribute");
139

  
140
		if (!$pconfig['ldap_anon']) {
141
			$reqdfields[] = "ldap_binddn";
142
			$reqdfields[] = "ldap_bindpw";
143
			$reqdfieldsn[] = "Bind user DN";
144
			$reqdfieldsn[] = "Bind Password";
145
		}
146
	}
147

  
148
	if ($pconfig['type'] == "radius") {
149
		$reqdfields = explode(" ", "name type radius_host radius_srvcs");
150
		$reqdfieldsn = explode(",", "Descriptive name,Type,Hostname or IP,".
151
						"Services");
152

  
153
		if ($pconfig['radisu_srvcs'] == "both" ||
154
			$pconfig['radisu_srvcs'] == "auth") {
155
			$reqdfields[] = "radius_auth_port";
156
			$reqdfieldsn[] = "Authentication port value";
157
		}
158

  
159
		if ($pconfig['radisu_srvcs'] == "both" ||
160
			$pconfig['radisu_srvcs'] == "acct") {
161
			$reqdfields[] = "radius_acct_port";
162
			$reqdfieldsn[] = "Accounting port value";
163
		}
164

  
165
		if (!isset($id)) {
166
			$reqdfields[] = "radius_secret";
167
			$reqdfieldsn[] = "Shared Secret";
168
		}
169
	}
170

  
171
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
172

  
173
	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host']))
174
		$input_errors[] = gettext("The host name contains invalid characters.");
175

  
176
	/* if this is an AJAX caller then handle via JSON */
177
	if (isAjax() && is_array($input_errors)) {
178
		input_errors2Ajax($input_errors);
179
		exit;
180
	}
181

  
182
	if (!$input_errors) {
183
		$server = array();
184
		$server['refid'] = uniqid();
185
		if (isset($id) && $a_server[$id])
186
			$server = $a_server[$id];
187

  
188
		$server['type'] = $pconfig['type'];
189
		$server['name'] = $pconfig['name'];
190

  
191
		if ($server['type'] == "ldap") {
192

  
193
			$server['host'] = $pconfig['ldap_host'];
194
			$server['ldap_port'] = $pconfig['ldap_port'];
195
			$server['ldap_urltype'] = $pconfig['ldap_urltype'];
196
			$server['ldap_protver'] = $pconfig['ldap_protver'];
197
			$server['ldap_scope'] = $pconfig['ldap_scope'];
198
			$server['ldap_basedn'] = $pconfig['ldap_basedn'];
199
			$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
200
			$server['ldap_attr_group'] = $pconfig['ldap_attr_group'];
201
			$server['ldap_attr_member'] = $pconfig['ldap_attr_member'];
202

  
203
			if (!$pconfig['ldap_anon']) {
204
				$server['ldap_binddn'] = $pconfig['ldap_binddn'];
205
				$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
206
			} else {
207
				unset($server['ldap_binddn']);
208
				unset($server['ldap_bindpw']);
209
			}
210
		}
211

  
212
		if ($server['type'] == "radius") {
213

  
214
			$server['host'] = $pconfig['radius_host'];
215

  
216
			if ($pconfig['radius_secret'])
217
				$server['radius_secret'] = $pconfig['radius_secret'];
218

  
219
			if ($pconfig['radius_srvcs'] == "both") {
220
				$server['radius_auth_port'] = $pconfig['radius_auth_port'];
221
				$server['radius_acct_port'] = $pconfig['radius_acct_port'];
222
			}
223

  
224
			if ($pconfig['radius_srvcs'] == "auth") {
225
				$server['radius_auth_port'] = $pconfig['radius_auth_port'];
226
				unset($server['radius_acct_port']);
227
			}
228

  
229
			if ($pconfig['radius_srvcs'] == "acct") {
230
				$server['radius_acct_port'] = $pconfig['radius_acct_port'];
231
				unset($server['radius_auth_port']);
232
			}
233
		}
234

  
235
		if (isset($id) && $a_server[$id])
236
			$a_server[$id] = $server;
237
		else
238
			$a_server[] = $server;
239

  
240
		write_config();
241

  
242
		pfSenseHeader("system_authservers.php");
243
	}
244
}
245

  
246
include("head.inc");
247
?>
248

  
249
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
250
<?php include("fbegin.inc"); ?>
251
<script type="text/javascript">
252
<!--
253

  
254
function server_typechange(type) {
255

  
256
	if (!type) {
257
		index = document.iform.type.selectedIndex;
258
		type = document.iform.type.options[index].value;
259
	}
260

  
261
    switch (type) {
262
		case "ldap":
263
			document.getElementById("ldap").style.display="";
264
			document.getElementById("radius").style.display="none";
265
			break;
266
		case "radius":
267
			document.getElementById("ldap").style.display="none";
268
			document.getElementById("radius").style.display="";
269
			break;
270
	}
271
}
272

  
273
function ldap_urlchange() {
274
    switch (document.iform.ldap_urltype.selectedIndex) {
275
<?php
276
	$index = 0;
277
	foreach ($ldap_urltypes as $urltype => $urlport):
278
?>
279
		case <?=$index;?>:
280
			document.iform.ldap_port.value = "<?=$urlport;?>";
281
			break;
282
<?php
283
		$index++;
284
	endforeach;
285
?>
286
	}
287
}
288

  
289
function ldap_bindchange() {
290

  
291
	if (document.iform.ldap_anon.checked)
292
		document.getElementById("ldap_bind").style.display="none";
293
    else
294
		document.getElementById("ldap_bind").style.display="";
295
}
296

  
297
function ldap_tmplchange(){
298
    switch (document.iform.ldap_tmpltype.selectedIndex) {
299
<?php
300
	$index = 0;
301
	foreach ($ldap_templates as $tmpldata):
302
?>
303
		case <?=$index;?>:
304
			document.iform.ldap_attr_user.value = "<?=$tmpldata['attr_user'];?>";
305
			document.iform.ldap_attr_group.value = "<?=$tmpldata['attr_group'];?>";
306
			document.iform.ldap_attr_member.value = "<?=$tmpldata['attr_member'];?>";
307
			break;
308
<?php
309
		$index++;
310
	endforeach;
311
?>
312
	}
313
}
314

  
315
function radius_srvcschange(){
316
    switch (document.iform.radius_srvcs.selectedIndex) {
317
		case 0: // both
318
			document.getElementById("radius_auth").style.display="";
319
			document.getElementById("radius_acct").style.display="";
320
			break;
321
		case 1: // authentication
322
			document.getElementById("radius_auth").style.display="";
323
			document.getElementById("radius_acct").style.display="none";
324
			break;
325
		case 2: // accounting
326
			document.getElementById("radius_auth").style.display="none";
327
			document.getElementById("radius_acct").style.display="";
328
			break;
329
	}
330
}
331

  
332
//-->
333
</script>
334
<?php
335
	if ($input_errors)
336
		print_input_errors($input_errors);
337
	if ($savemsg)
338
		print_info_box($savemsg);
339
?>
340
<table width="100%" border="0" cellpadding="0" cellspacing="0">
341
	<tr>
342
		<td class="tabnavtbl">
343
		<?php
344
			$tab_array = array();
345
			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
346
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
347
			$tab_array[] = array(gettext("Servers"), true, "system_authservers.php");
348
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
349
			display_top_tabs($tab_array);
350
		?>
351
		</td>
352
	</tr>
353
	<tr>
354
		<td class="tabcont">
355

  
356
			<?php if ($act == "new" || $act == "edit" || $input_errors): ?>
357

  
358
			<form action="system_authservers.php" method="post" name="iform" id="iform">
359
				<table width="100%" border="0" cellpadding="6" cellspacing="0">
360
					<tr>
361
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
362
						<td width="78%" class="vtable">
363
							<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
364
						</td>
365
					</tr>
366
					<tr>
367
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Type");?></td>
368
						<td width="78%" class="vtable">
369
							<?php if (!isset($id)): ?>
370
							<select name='type' id='type' class="formselect" onchange='server_typechange()'>
371
							<?php
372
								foreach ($auth_server_types as $typename => $typedesc ):
373
									$selected = "";
374
									if ($pconfig['type'] == $typename)
375
										$selected = "selected";
376
							?>
377
								<option value="<?=$typename;?>" <?=$selected;?>><?=$typedesc;?></option>
378
							<?php endforeach; ?>
379
							</select>
380
							<?php else: ?>
381
							<strong><?=$auth_server_types[$pconfig['type']];?></strong>
382
							<input name='type' type='hidden' id='type' value="<?=htmlspecialchars($pconfig['type']);?>"/>
383
							<?php endif; ?>
384
						</td>
385
					</tr>
386
				</table>
387

  
388
				<table width="100%" border="0" cellpadding="6" cellspacing="0" id="ldap">
389
					<tr>
390
						<td colspan="2" class="list" height="12"></td>
391
					</tr>
392
					<tr>
393
						<td colspan="2" valign="top" class="listtopic">LDAP Server Settings</td>
394
					</tr>
395
					<tr>
396
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td>
397
						<td width="78%" class="vtable">
398
							<input name="ldap_host" type="text" class="formfld unknown" id="ldap_host" size="20" value="<?=htmlspecialchars($pconfig['ldap_host']);?>"/>
399
						</td>
400
					</tr>
401
					<tr>
402
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Port value");?></td>
403
						<td width="78%" class="vtable">
404
							<input name="ldap_port" type="text" class="formfld unknown" id="ldap_port" size="5" value="<?=htmlspecialchars($pconfig['ldap_port']);?>"/>
405
						</td>
406
					</tr>
407
					<tr>
408
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Transport");?></td>
409
						<td width="78%" class="vtable">
410
							<select name='ldap_urltype' id='ldap_urltype' class="formselect" onchange='ldap_urlchange()'>
411
							<?php
412
								foreach ($ldap_urltypes as $urltype => $urlport):
413
									$selected = "";
414
									if ($pconfig['ldap_urltype'] == $urltype)
415
										$selected = "selected";
416
							?>
417
								<option value="<?=$urltype;?>" <?=$selected;?>><?=$urltype;?></option>
418
							<?php endforeach; ?>
419
							</select>
420
						</td>
421
					</tr>
422
					<tr>
423
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol version");?></td>
424
						<td width="78%" class="vtable">
425
							<select name='ldap_protver' id='ldap_protver' class="formselect">
426
							<?php
427
								foreach ($ldap_protvers as $version):
428
									$selected = "";
429
									if ($pconfig['ldap_protver'] == $version)
430
										$selected = "selected";
431
							?>
432
								<option value="<?=$version;?>" <?=$selected;?>><?=$version;?></option>
433
							<?php endforeach; ?>
434
							</select>
435
						</td>
436
					</tr>
437
					<tr>
438
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Search scope");?></td>
439
						<td width="78%" class="vtable">
440
							<table border="0" cellspacing="0" cellpadding="2">
441
								<tr>
442
									<td>Level: &nbsp;</td>
443
									<td>
444
										<select name='ldap_scope' id='ldap_scope' class="formselect">
445
										<?php
446
											foreach ($ldap_scopes as $scopename => $scopedesc):
447
												$selected = "";
448
												if ($pconfig['ldap_scope'] == $scopename)
449
													$selected = "selected";
450
										?>
451
											<option value="<?=$scopename;?>" <?=$selected;?>><?=$scopedesc;?></option>
452
										<?php endforeach; ?>
453
										</select>
454
									</td>
455
								</tr>
456
								<tr>
457
									<td>Base DN: &nbsp;</td>
458
									<td>
459
										<input name="ldap_basedn" type="text" class="formfld unknown" id="ldap_basedn" size="40" value="<?=htmlspecialchars($pconfig['ldap_basedn']);?>"/>
460
									</td>
461
								</tr>
462
							</table>
463

  
464
						</td>
465
					</tr>
466
					<tr>
467
						<td width="22%" valign="top" class="vncell"><?=gettext("Bind credentials");?></td>
468
						<td width="78%" class="vtable">
469
							<table border="0" cellspacing="0" cellpadding="2">
470
								<tr>
471
									<td>
472
										<input name="ldap_anon" type="checkbox" id="ldap_anon" value="yes" <?php if ($pconfig['ldap_anon']) echo "checked"; ?> onClick="ldap_bindchange()">
473
									</td>
474
									<td>
475
										Use anonymous binds to resolve distinguished names
476
									</td>
477
								</tr>
478
							</table>
479
							<table border="0" cellspacing="0" cellpadding="2" id="ldap_bind">
480
								<tr>
481
									<td colspan="2"></td>
482
								</tr>
483
								<tr>
484
									<td>User DN: &nbsp;</td>
485
									<td>
486
										<input name="ldap_binddn" type="text" class="formfld unknown" id="ldap_binddn" size="40" value="<?=htmlspecialchars($pconfig['ldap_binddn']);?>"/><br/>
487
									</td>
488
								</tr>
489
								<tr>
490
									<td>Password: &nbsp;</td>
491
									<td>
492
										<input name="ldap_bindpw" type="password" class="formfld pwd" id="ldap_bindpw" size="20" value="<?=htmlspecialchars($pconfig['ldap_bindpw']);?>"/><br/>
493
									</td>
494
								</tr>
495
							</table>
496
						</td>
497
					</tr>
498
					<?php if (!isset($id)): ?>
499
					<tr>
500
						<td width="22%" valign="top" class="vncell"><?=gettext("Initial Template");?></td>
501
						<td width="78%" class="vtable">
502
							<select name='ldap_tmpltype' id='ldap_tmpltype' class="formselect" onchange='ldap_tmplchange()'>
503
							<?php
504
								foreach ($ldap_templates as $tmplname => $tmpldata):
505
									$selected = "";
506
									if ($pconfig['ldap_template'] == $tmplname)
507
										$selected = "selected";
508
							?>
509
								<option value="<?=$tmplname;?>" <?=$selected;?>><?=$tmpldata['desc'];?></option>
510
							<?php endforeach; ?>
511
							</select>
512
						</td>
513
					</tr>
514
					<?php endif; ?>
515
					<tr>
516
						<td width="22%" valign="top" class="vncell"><?=gettext("User naming attribute");?></td>
517
						<td width="78%" class="vtable">
518
							<input name="ldap_attr_user" type="text" class="formfld unknown" id="ldap_attr_user" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_user']);?>"/>
519
						</td>
520
					</tr>
521
					<tr>
522
						<td width="22%" valign="top" class="vncell"><?=gettext("Group naming attribute");?></td>
523
						<td width="78%" class="vtable">
524
							<input name="ldap_attr_group" type="text" class="formfld unknown" id="ldap_attr_group" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_group']);?>"/>
525
						</td>
526
					</tr>
527
					<tr>
528
						<td width="22%" valign="top" class="vncell"><?=gettext("Group member attribute");?></td>
529
						<td width="78%" class="vtable">
530
							<input name="ldap_attr_member" type="text" class="formfld unknown" id="ldap_attr_member" size="20" value="<?=htmlspecialchars($pconfig['ldap_attr_member']);?>"/>
531
						</td>
532
					</tr>
533
				</table>
534

  
535
				<table width="100%" border="0" cellpadding="6" cellspacing="0" id="radius">
536
					<tr>
537
						<td colspan="2" class="list" height="12"></td>
538
					</tr>
539
					<tr>
540
						<td colspan="2" valign="top" class="listtopic">Radius Server Settings</td>
541
					</tr>
542
					<tr>
543
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td>
544
						<td width="78%" class="vtable">
545
							<input name="radius_host" type="text" class="formfld unknown" id="radius_host" size="20" value="<?=htmlspecialchars($pconfig['radius_host']);?>"/>
546
						</td>
547
					</tr>
548
					<tr>
549
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Secret");?></td>
550
						<td width="78%" class="vtable">
551
							<input name="radius_secret" type="password" class="formfld pwd" id="radius_secret" size="20" value="<?=htmlspecialchars($pconfig['radius_secret']);?>"/>
552
						</td>
553
					</tr>
554
					<tr>
555
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Services offered");?></td>
556
						<td width="78%" class="vtable">
557
							<select name='radius_srvcs' id='radius_srvcs' class="formselect" onchange='radius_srvcschange()'>
558
							<?php
559
								foreach ($radius_srvcs as $srvcname => $srvcdesc):
560
									$selected = "";
561
									if ($pconfig['radius_srvcs'] == $srvcname)
562
										$selected = "selected";
563
							?>
564
								<option value="<?=$srvcname;?>" <?=$selected;?>><?=$srvcdesc;?></option>
565
							<?php endforeach; ?>
566
							</select>
567
						</td>
568
					</tr>
569
					<tr id="radius_auth">
570
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication port value");?></td>
571
						<td width="78%" class="vtable">
572
							<input name="radius_auth_port" type="text" class="formfld unknown" id="radius_auth_port" size="5" value="<?=htmlspecialchars($pconfig['radius_auth_port']);?>"/>
573
						</td>
574
					</tr>
575
					<tr id="radius_acct">
576
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Accounting port value");?></td>
577
						<td width="78%" class="vtable">
578
							<input name="radius_acct_port" type="text" class="formfld unknown" id="radius_acct_port" size="5" value="<?=htmlspecialchars($pconfig['radius_acct_port']);?>"/>
579
						</td>
580
					</tr>
581
				</table>
582

  
583
				<table width="100%" border="0" cellpadding="6" cellspacing="0">
584
					<tr>
585
						<td width="22%" valign="top">&nbsp;</td>
586
						<td width="78%">
587
							<input id="submit" name="save" type="submit" class="formbtn" value="Save" />
588
							<?php if (isset($id) && $a_server[$id]): ?>
589
							<input name="id" type="hidden" value="<?=$id;?>" />
590
							<?php endif;?>
591
						</td>
592
					</tr>
593
				</table>
594
			</form>
595

  
596
			<?php else: ?>
597

  
598
			<table width="100%" border="0" cellpadding="0" cellspacing="0">
599
				<tr>
600
					<td width="25%" class="listhdrr">Server Name</td>
601
					<td width="25%" class="listhdrr">Type</td>
602
					<td width="35%" class="listhdrr">Host Name</td>
603
					<td width="10%" class="list"></td>
604
				</tr>
605
				<?php
606
					$i = 0;
607
					foreach($a_server as $server):
608
						$name = htmlspecialchars($server['name']);
609
						$type = htmlspecialchars($auth_server_types[$server['type']]);
610
						$host = htmlspecialchars($server['host']);
611
				?>
612
				<tr ondblclick="document.location='system_authservers.php?act=edit&id=<?=$i;?>'">
613
					<td class="listlr"><?=$name?>&nbsp;</td>
614
					<td class="listr"><?=$type;?>&nbsp;</td>
615
					<td class="listr"><?=$host;?>&nbsp;</td>
616
					<td valign="middle" nowrap class="list">
617
						<a href="system_authservers.php?act=edit&id=<?=$i;?>">
618
							<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit server" alt="edit server" width="17" height="17" border="0" />
619
						</a>
620
						&nbsp;
621
						<a href="system_authservers.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Server?");?>')">
622
							<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete server" alt="delete server" width="17" height="17" border="0" />
623
						</a>
624
					</td>
625
				</tr>
626
				<?php
627
						$i++;
628
					endforeach;
629
				?>
630
				<tr>
631
					<td class="list" colspan="3"></td>
632
					<td class="list">
633
						<a href="system_authservers.php?act=new">
634
							<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add server" alt="add server" width="17" height="17" border="0" />
635
						</a>
636
					</td>
637
				</tr>
638
				<tr>
639
					<td colspan="3">
640
						<p>
641
							<?=gettext("Additional authentication servers can be added here.");?>
642
						</p>
643
					</td>
644
				</tr>
645
			</table>
646

  
647
			<?php endif; ?>
648

  
649
		</td>
650
	</tr>
651
</table>
652
<?php include("fend.inc");?>
653
<script type="text/javascript">
654
<!--
655
server_typechange('<?=$pconfig['type'];?>');
656
<?php if (!isset($id) || $pconfig['type'] == "ldap"): ?>
657
ldap_bindchange();
658
ldap_urlchange();
659
ldap_tmplchange();
660
<? endif; ?>
661
<?php if (!isset($id) || $pconfig['type'] == "radius"): ?>
662
radius_srvcschange();
663
<? endif; ?>
664
//-->
665
</script>
666

  
667
</body>
usr/local/www/system_groupmanager.php
225 225
				$tab_array = array();
226 226
				$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
227 227
				$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
228
				$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
228 229
				$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
229 230
				display_top_tabs($tab_array);
230 231
			?>
......
457 458
					</td>
458 459
				</tr>
459 460
				<tr>
460
					<td colspan="4">
461
						Additional webGui admin groups can be added here.
462
						Each group can be restricted to specific portions of the webGUI.
463
						Individually select the desired web pages each group may access.
464
						For example, a troubleshooting group could be created which has
465
						access only to selected Status and Diagnostics pages.
461
					<td colspan="3">
462
						<p>
463
							<?=gettext("Additional webConfigurator groups can be added here.");?>
464
							<?=gettext("Group permissions can be assinged which will be inherited by users.");?>
465
							<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
466
							<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
467
						</p>
466 468
					</td>
467 469
				</tr>
468 470
			</table>
usr/local/www/system_usermanager.php
262 262
			$tab_array = array();
263 263
			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
264 264
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
265
			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
265 266
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
266 267
			display_top_tabs($tab_array);
267 268
		?>
......
521 522
				<tr>
522 523
					<td colspan="3">
523 524
						<p>
524
							<?=gettext("Additional webConfigurator users can be added here.  User permissions are determined by the admin group they are a member of.");?>
525
						</p>
526
						<p>
527
							<?=gettext("An user icon that appears grey indicates that it is a system user and thus it's only possible to modified a subset of the regular user data. Additionally such an user can't be deleted.");?>
525
							<?=gettext("Additional webConfigurator users can be added here.");?>
526
							<?=gettext("User permissions can be assinged diretly or inherited from group memberships.");?>
527
							<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
528
							<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
528 529
						</p>
529 530
					</td>
530 531
				</tr>
usr/local/www/system_usermanager_settings.php
220 220
    $tab_array = array();
221 221
    $tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
222 222
    $tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
223
	$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
223 224
    $tab_array[] = array(gettext("Settings"), true, "system_usermanager_settings.php");
224 225
    display_top_tabs($tab_array);
225 226

  

Also available in: Unified diff