author | Dan Fuhry <dan@enanocms.org> |
Mon, 13 Dec 2010 20:48:25 -0500 (2010-12-14) | |
changeset 3 | 99b46c7d3ee0 |
parent 1 | 8b637ff5e977 |
permissions | -rw-r--r-- |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
1 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
2 |
/**!info** |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
3 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
4 |
"Plugin Name" : "Kerberos authentication", |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
5 |
"Plugin URI" : "http://enanocms.org/plugin/kerbauth", |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
6 |
"Description" : "Allows authentication to Enano via Kerberos.", |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
7 |
"Author" : "Dan Fuhry", |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
8 |
"Version" : "1.0", |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
9 |
"Author URI" : "http://enanocms.org/", |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
10 |
"Auth plugin" : true |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
11 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
12 |
**!*/ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
13 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
14 |
/* |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
15 |
* Kerberos authentication plugin for Enano |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
16 |
* (C) 2010 Dan Fuhry |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
17 |
* |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
18 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
19 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
20 |
* |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
21 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
22 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
23 |
*/ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
24 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
25 |
if ( getConfig('kerb_enable', 0) == 1 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
26 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
27 |
$plugins->attachHook('login_process_userdata_json', 'return kerb_auth_hook($userinfo, $req["level"], @$req["remember"]);'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
28 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
29 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
30 |
function kerb_auth_hook($userinfo, $level, $remember) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
31 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
32 |
global $db, $session, $paths, $template, $plugins; // Common objects |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
33 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
34 |
// First try to just authenticate the user in Kerberos |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
35 |
require_once(ENANO_ROOT . '/plugins/kerbauth/libkrb5.php'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
36 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
37 |
if ( strstr($userinfo['username'], '/') ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
38 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
39 |
return array( |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
40 |
'mode' => 'error', |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
41 |
'error' => 'You cannot log in with Kerberos principals containing slashes. This is due to both security reasons and Enano technical limitations.' |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
42 |
); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
43 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
44 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
45 |
// We're ready to do a Kerberos auth attempt |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
46 |
try |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
47 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
48 |
$auth_result = krb5_verify_creds($userinfo['username'], $userinfo['password']); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
49 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
50 |
catch ( KerberosError $e ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
51 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
52 |
return array( |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
53 |
'mode' => 'error', |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
54 |
'error' => "The Kerberos interface returned a technical error." |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
55 |
); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
56 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
57 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
58 |
if ( $auth_result ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
59 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
60 |
// Kerberos authentication was successful. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
61 |
$username = $db->escape(strtolower($userinfo['username'])); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
62 |
$q = $db->sql_query("SELECT user_id, password FROM " . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username';"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
63 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
64 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
65 |
if ( $db->numrows() < 1 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
66 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
67 |
// This user doesn't exist. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
68 |
// Is creating it our job? |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
69 |
if ( getConfig('kerb_disable_local_auth', 0) == 1 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
70 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
71 |
// Yep, register him |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
72 |
$email = strtolower($userinfo['username']) . '@' . getConfig('kerb_email_domain', 'localhost'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
73 |
$random_pass = md5(microtime() . mt_rand()); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
74 |
// load the language |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
75 |
$session->register_guest_session(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
76 |
$reg_result = $session->create_user($userinfo['username'], $random_pass, $email); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
77 |
if ( $reg_result != 'success' ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
78 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
79 |
// o_O |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
80 |
// Registration failed. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
81 |
return array( |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
82 |
'mode' => 'error', |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
83 |
'error' => 'Your username and password were valid, but there was a problem instanciating your local user account.' |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
84 |
); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
85 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
86 |
// Get user ID |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
87 |
$q = $db->sql_query("SELECT user_id, password FROM " . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username';"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
88 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
89 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
90 |
if ( $db->numrows() < 1 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
91 |
return array( |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
92 |
'mode' => 'error', |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
93 |
'error' => 'Your username and password were valid, but there was a problem getting your user ID.' |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
94 |
); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
95 |
$row = $db->fetchrow(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
96 |
$db->free_result(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
97 |
// Quick - lock the account |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
98 |
$q = $db->sql_query('UPDATE ' . table_prefix . "users SET password = 'Locked by Kerberos plugin', password_salt = 'Locked by Kerberos plugin' WHERE user_id = {$row['user_id']};"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
99 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
100 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
101 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
102 |
$row['password'] = 'Locked by Kerberos plugin'; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
103 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
104 |
else |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
105 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
106 |
// Nope. Just let Enano fail it properly. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
107 |
return null; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
108 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
109 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
110 |
else |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
111 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
112 |
$row = $db->fetchrow(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
113 |
$db->free_result(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
114 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
115 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
116 |
$session->register_session(intval($row['user_id']), $userinfo['username'], $row['password'], intval($level), intval($remember)); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
117 |
return true; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
118 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
119 |
else |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
120 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
121 |
// Kerberos authentication failed. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
122 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
123 |
// Are local logons allowed? |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
124 |
if ( getConfig('kerb_disable_local_auth', 0) == 0 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
125 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
126 |
// Yes, allow auth to continue |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
127 |
return null; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
128 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
129 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
130 |
// Block the login attempt unless the username is a local admin. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
131 |
$username = $db->escape(strtolower($userinfo['username'])); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
132 |
$q = $db->sql_query("SELECT user_level FROM " . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username';"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
133 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
134 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
135 |
if ( $db->numrows() > 0 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
136 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
137 |
// Well, the user exists... |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
138 |
list($ul) = $db->fetchrow_num(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
139 |
$db->free_result(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
140 |
if ( $ul >= USER_LEVEL_ADMIN ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
141 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
142 |
// They're an admin, allow local logon |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
143 |
return null; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
144 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
145 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
146 |
$db->free_result(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
147 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
148 |
// User doesn't exist, or is not an admin, and users are not allowed to log on locally. Lock them out. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
149 |
$q = $db->sql_query('INSERT INTO ' . table_prefix . "lockout(ipaddr, timestamp, action, username)\n" |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
150 |
. " VALUES('" . $db->escape($_SERVER['REMOTE_ADDR']) . "', " . time() . ", 'credential', '" . $db->escape($userinfo['username']) . "');"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
151 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
152 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
153 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
154 |
return array( |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
155 |
'mode' => 'error', |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
156 |
'error' => 'Invalid Kerberos authentication credentials.' |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
157 |
); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
158 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
159 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
160 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
161 |
// Registration blocking hook |
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
162 |
if ( getConfig('kerb_disable_local_auth', 0) == 1 && getConfig('kerb_enable', 0) == 1 ) |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
163 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
164 |
$plugins->attachHook('ucp_register_validate', 'kerb_auth_reg_block($error);'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
165 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
166 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
167 |
function kerb_auth_reg_block(&$error) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
168 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
169 |
$error = 'Registration on this website is disabled because Kerberos authentication is configured. Please log in using a valid Kerberos principal (username) and password, and an account will be created for you automatically.'; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
170 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
171 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
172 |
// |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
173 |
// ADMIN |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
174 |
// |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
175 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
176 |
$plugins->attachHook('session_started', 'kerb_session_hook();'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
177 |
|
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
178 |
if ( getConfig('kerb_disable_local_auth', 0) == 1 && getConfig('kerb_enable', 0) == 1 ) |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
179 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
180 |
$plugins->attachHook('common_post', 'kerb_tou_hook();'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
181 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
182 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
183 |
function kerb_session_hook() |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
184 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
185 |
global $db, $session, $paths, $template, $plugins; // Common objects |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
186 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
187 |
// Register the admin page |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
188 |
$paths->addAdminNode('adm_cat_security', 'Kerberos Authentication', 'KerberosConfig'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
189 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
190 |
// Disable password change |
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
191 |
if ( getConfig('kerb_disable_local_auth', 0) == 1 && getConfig('kerb_enable', 0) == 1 && $session->user_level < USER_LEVEL_ADMIN ) |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
192 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
193 |
$link_text = getConfig('kerb_password_text', false); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
194 |
if ( empty($link_text) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
195 |
$link_text = false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
196 |
$link_url = str_replace('%u', $session->username, getConfig('kerb_password_url', '')); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
197 |
if ( empty($link_url) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
198 |
$link_url = false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
199 |
$session->disable_password_change($link_url, $link_text); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
200 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
201 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
202 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
203 |
function kerb_tou_hook() |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
204 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
205 |
global $db, $session, $paths, $template, $plugins; // Common objects |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
206 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
207 |
// Are we pending TOU acceptance? |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
208 |
if ( $session->user_logged_in && !$session->on_critical_page() && trim(getConfig('register_tou', '')) != '' ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
209 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
210 |
$q = $db->sql_query('SELECT account_active FROM ' . table_prefix . "users WHERE user_id = $session->user_id;"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
211 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
212 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
213 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
214 |
list($active) = $db->fetchrow_num(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
215 |
$db->free_result(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
216 |
if ( $active == 1 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
217 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
218 |
// Pending TOU accept |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
219 |
// Basically, what we do here is force the user to accept the TOU and record it by setting account_active to 2 instead of a 1 |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
220 |
// A bit of a hack, but hey, it works, at least in 1.1.8. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
221 |
// In 1.1.7, it just breaks your whole account, and $session->on_critical_page() is broken in 1.1.7 so you won't even be able |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
222 |
// to go the admin CP and re-activate yourself. Good times... erhm, sorry. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
223 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
224 |
if ( isset($_POST['tou_agreed']) && $_POST['tou_agreed'] === 'I accept the terms and conditions displayed on this site' ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
225 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
226 |
// Accepted |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
227 |
$q = $db->sql_query('UPDATE ' . table_prefix . "users SET account_active = 2 WHERE user_id = $session->user_id;"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
228 |
if ( !$q ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
229 |
$db->_die(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
230 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
231 |
return true; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
232 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
233 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
234 |
global $output, $lang; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
235 |
$output->set_title('Terms of Use'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
236 |
$output->header(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
237 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
238 |
?> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
239 |
<p>Please read and accept the following terms:</p> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
240 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
241 |
<div style="border: 1px solid #000000; height: 300px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
242 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
243 |
$terms = getConfig('register_tou', ''); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
244 |
echo RenderMan::render($terms); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
245 |
?> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
246 |
</div> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
247 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
248 |
<form method="post"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
249 |
<p style="text-align: center;"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
250 |
<label> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
251 |
<input tabindex="7" type="checkbox" name="tou_agreed" value="I accept the terms and conditions displayed on this site" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
252 |
<b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
253 |
</label> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
254 |
</p> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
255 |
<p style="text-align: center;"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
256 |
<input type="submit" value="Continue" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
257 |
</p> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
258 |
</form> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
259 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
260 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
261 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
262 |
$output->footer(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
263 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
264 |
$db->close(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
265 |
exit; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
266 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
267 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
268 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
269 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
270 |
function page_Admin_KerberosConfig() |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
271 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
272 |
// Security check |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
273 |
global $db, $session, $paths, $template, $plugins; // Common objects |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
274 |
if ( $session->auth_level < USER_LEVEL_ADMIN ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
275 |
return false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
276 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
277 |
require_once(ENANO_ROOT . '/plugins/kerbauth/libkrb5.php'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
278 |
|
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
279 |
$can_enable = function_exists('kadm5_init_with_password'); |
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
280 |
|
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
281 |
if ( isset($_POST['submit']) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
282 |
{ |
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
283 |
setConfig('kerb_enable', isset($_POST['kerb_enable']) && $can_enable ? '1' : '0'); |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
284 |
setConfig('kerb_realm', $_POST['kerb_realm']); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
285 |
setConfig('kerb_admin_server', $_POST['kerb_admin_server']); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
286 |
setConfig('kerb_disable_local_auth', isset($_POST['kerb_disable_local_auth']) ? '1' : '0'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
287 |
setConfig('kerb_password_text', $_POST['kerb_password_text']); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
288 |
setConfig('kerb_password_url', $_POST['kerb_password_url']); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
289 |
setConfig('kerb_email_domain', $_POST['kerb_email_domain']); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
290 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
291 |
echo '<div class="info-box">Your changes have been saved.</div>'; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
292 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
293 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
294 |
acp_start_form(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
295 |
?> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
296 |
<div class="tblholder"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
297 |
<table border="0" cellspacing="1" cellpadding="4"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
298 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
299 |
<th colspan="2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
300 |
Kerberos Authentication Configuration |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
301 |
</th> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
302 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
303 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
304 |
<!-- Kerberos enable --> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
305 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
306 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
307 |
<td class="row2" style="width: 50%;"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
308 |
Enable Kerberos authentication: |
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
309 |
<?php |
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
310 |
if ( !$can_enable ) |
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
311 |
echo '<br /><small>Please install the kadm5 PHP extension to enable Kerberos authentication.</small>'; |
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
312 |
?> |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
313 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
314 |
<td class="row1" style="width: 50%;"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
315 |
<label> |
1
8b637ff5e977
Added a safeguard against missing krb5 extension
Dan Fuhry <dan@enanocms.org>
parents:
0
diff
changeset
|
316 |
<input type="checkbox" name="kerb_enable" <?php if ( getConfig('kerb_enable', 0) && $can_enable ) echo 'checked="checked" '; if ( !$can_enable ) echo 'disabled="disabled" '; ?>/> |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
317 |
Enabled |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
318 |
</label> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
319 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
320 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
321 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
322 |
<!-- Realm --> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
323 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
324 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
325 |
<td class="row2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
326 |
Kerberos realm:<br /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
327 |
<small>Case sensitive. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
328 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
329 |
if ( $realm = krb5_get_realm() ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
330 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
331 |
echo "Leave blank to use auto-detected value: <b>$realm</b>"; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
332 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
333 |
?></small> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
334 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
335 |
<td class="row1"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
336 |
<input type="text" name="kerb_realm" value="<?php echo htmlspecialchars(getConfig('kerb_realm', '')); ?>" size="40" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
337 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
338 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
339 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
340 |
<!-- Server --> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
341 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
342 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
343 |
<td class="row2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
344 |
Kerberos admin server:<br /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
345 |
<small>This should be your admin server, not KDC. We're working on getting true KDC support enabled. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
346 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
347 |
if ( $server = krb5_detect_admin_server(getConfig('kerb_realm', $realm)) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
348 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
349 |
echo "Leave blank to use auto-detected value: <b>$server</b>"; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
350 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
351 |
?></small> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
352 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
353 |
<td class="row1"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
354 |
<input type="text" name="kerb_admin_server" value="<?php echo htmlspecialchars(getConfig('kerb_admin_server', '')); ?>" size="40" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
355 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
356 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
357 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
358 |
<!-- Block local auth --> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
359 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
360 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
361 |
<td class="row2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
362 |
Enforce Kerberos for single-sign-on:<br /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
363 |
<small>Use this option to force Kerberos passwords and accounts to be used, regardless of local account status, except for administrators.</small> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
364 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
365 |
<td class="row1"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
366 |
<label> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
367 |
<input type="checkbox" name="kerb_disable_local_auth" <?php if ( getConfig('kerb_disable_local_auth', 0) ) echo 'checked="checked" '; ?>/> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
368 |
Enabled |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
369 |
</label> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
370 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
371 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
372 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
373 |
<!-- E-mail domain --> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
374 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
375 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
376 |
<td class="row2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
377 |
E-mail address domain for autoregistered users:<br /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
378 |
<small>When a user is automatically registered, this domain will be used as the domain for their e-mail address. This way, activation e-mails will |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
379 |
(ideally) reach the user.</small> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
380 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
381 |
<td class="row1"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
382 |
<input type="text" name="kerb_email_domain" value="<?php echo htmlspecialchars(getConfig('kerb_email_domain', '')); ?>" size="30" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
383 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
384 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
385 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
386 |
<!-- Site password change link --> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
387 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
388 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
389 |
<td class="row2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
390 |
External password management link:<br /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
391 |
<small>Enter a URL here to link to from Enano's Change Password page. Leave blank to not display a link. The text "%u" will be replaced with the user's username.</small> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
392 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
393 |
<td class="row1"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
394 |
Link text: <input type="text" name="kerb_password_text" value="<?php echo htmlspecialchars(getConfig('kerb_password_text', '')); ?>" size="30" /><br /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
395 |
Link URL: <input type="text" name="kerb_password_url" value="<?php echo htmlspecialchars(getConfig('kerb_password_url', '')); ?>" size="30" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
396 |
</td> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
397 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
398 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
399 |
<tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
400 |
<th class="subhead" colspan="2"> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
401 |
<input type="submit" name="submit" value="Save changes" /> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
402 |
</th> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
403 |
</tr> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
404 |
</table> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
405 |
</div> |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
406 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
407 |
echo '</form>'; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
408 |
} |