diff --git a/src/include/config.sample.php b/src/include/config.sample.php index 2b1a37c..e1dd78a 100644 --- a/src/include/config.sample.php +++ b/src/include/config.sample.php @@ -54,9 +54,10 @@ $CFG['UserDBPref'] = ""; $CFG['UserDBUser'] = ""; $CFG['UserDBPass'] = ""; $CFG['UserDBLoginRequired'] = false; +$CFG['UserDBAuthMode'] = USERDB_AUTH_INTERNAL; // USERDB_AUTH_INTERNAL means LogAnalyzer Internal Auth + // USERDB_AUTH_LDAP means Auth via LDAP Server -// LDAP auth options -$CFG['LDAPUserLoginRequired'] = false; // Activate LDAP auth +// LDAP Auth options $CFG['LDAPServer'] = "127.0.0.1"; // LDAP server hostname or IP $CFG['LDAPPort'] = 389; // LDAP port, 389 or 636 for SSL $CFG['LDAPBaseDN'] = 'CN=Users,DC=domain,DC=local'; // Base DN for LDAP Search, this is a typical ActiveDirectory sample diff --git a/src/include/constants_general.php b/src/include/constants_general.php index 4b69cda..055ada0 100644 --- a/src/include/constants_general.php +++ b/src/include/constants_general.php @@ -103,6 +103,11 @@ define('DB_INFORMIX', 7); define('DB_SQLITE', 8); // --- +// --- Define supported AUTH Methods +define('USERDB_AUTH_INTERNAL', 0); +define('USERDB_AUTH_LDAP', 1); +// --- + // --- Syslog specific defines! define('SYSLOG_KERN', 0); define('SYSLOG_USER', 1); diff --git a/src/include/functions_common.php b/src/include/functions_common.php index 6e07d9a..febe400 100644 --- a/src/include/functions_common.php +++ b/src/include/functions_common.php @@ -253,6 +253,21 @@ function CreateSourceTypesList( $selectedSource ) if ( $selectedSource == $content['SOURCETYPES'][SOURCE_PDO]['type'] ) { $content['SOURCETYPES'][SOURCE_PDO]['selected'] = "selected"; } else { $content['SOURCETYPES'][SOURCE_PDO]['selected'] = ""; } } +function CreateAuthTypesList( $selectedAuth ) +{ + global $content; + + // SOURCE_DISK + $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['type'] = USERDB_AUTH_INTERNAL; + $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['DisplayName'] = $content['LN_GEN_AUTH_INTERNAL']; + if ( $selectedAuth == $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['type'] ) { $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['selected'] = "selected"; } else { $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['selected'] = ""; } + + // SOURCE_DB ( MYSQL NATIVE ) + $content['AUTHTYPES'][USERDB_AUTH_LDAP]['type'] = USERDB_AUTH_LDAP; + $content['AUTHTYPES'][USERDB_AUTH_LDAP]['DisplayName'] = $content['LN_GEN_AUTH_LDAP']; + if ( $selectedAuth == $content['AUTHTYPES'][USERDB_AUTH_LDAP]['type'] ) { $content['AUTHTYPES'][USERDB_AUTH_LDAP]['selected'] = "selected"; } else { $content['AUTHTYPES'][USERDB_AUTH_LDAP]['selected'] = ""; } +} + function CreateFieldAlignmentList( $selectedAlignment ) { global $content; diff --git a/src/include/functions_users.php b/src/include/functions_users.php index d707ede..a4e0301 100644 --- a/src/include/functions_users.php +++ b/src/include/functions_users.php @@ -164,7 +164,7 @@ function CheckUserLogin( $username, $password ) global $content; // Check if LDAP Auth has to be used! - if ( GetConfigSetting("LDAPUserLoginRequired", "") == "true") + if ( GetConfigSetting("UserDBAuthMode", USERDB_AUTH_INTERNAL) == USERDB_AUTH_LDAP) { // perform user auth using LDAP, will add user record to loganalyzer DB if necessary $myrow = CheckLDAPUserLogin( $username, $password ); diff --git a/src/install.php b/src/install.php index 109c90e..bf0aa21 100644 --- a/src/install.php +++ b/src/install.php @@ -59,6 +59,7 @@ define('MAX_STEPS', 8); $content['web_theme'] = "default"; $content['user_theme'] = "default"; $configsamplefile = $content['BASEPATH'] . "include/config.sample.php"; +$content['HeaderDefaultEncoding'] = ENC_ISO_8859_1; // Set Default encoding! //ini_set('error_reporting', E_ALL); // DEBUG ENABLE // *** *** // @@ -206,7 +207,22 @@ else if ( $content['INSTALL_STEP'] == 3 ) if ( isset($_SESSION['UserDBUser']) ) { $content['UserDBUser'] = $_SESSION['UserDBUser']; } else { $content['UserDBUser'] = "user"; } if ( isset($_SESSION['UserDBPass']) ) { $content['UserDBPass'] = $_SESSION['UserDBPass']; } else { $content['UserDBPass'] = ""; } if ( isset($_SESSION['UserDBLoginRequired']) ) { $content['UserDBLoginRequired'] = $_SESSION['UserDBLoginRequired']; } else { $content['UserDBLoginRequired'] = false; } + + // Init Auth Options + if ( isset($_SESSION['UserDBAuthMode']) ) { $content['UserDBAuthMode'] = $_SESSION['UserDBAuthMode']; } else { $content['UserDBAuthMode'] = USERDB_AUTH_INTERNAL; } + CreateAuthTypesList($content['UserDBAuthMode']); + + // LDAP related properties + if ( isset($_SESSION['LDAPServer']) ) { $content['LDAPServer'] = $_SESSION['LDAPServer']; } else { $content['LDAPServer'] = "localhost"; } + if ( isset($_SESSION['LDAPPort']) ) { $content['LDAPPort'] = $_SESSION['LDAPPort']; } else { $content['LDAPPort'] = "389"; } + if ( isset($_SESSION['LDAPBaseDN']) ) { $content['LDAPBaseDN'] = $_SESSION['LDAPBaseDN']; } else { $content['LDAPBaseDN'] = "CN=Users,DC=domain,DC=local"; } + if ( isset($_SESSION['LDAPSearchFilter']) ) { $content['LDAPSearchFilter'] = $_SESSION['LDAPSearchFilter']; } else { $content['LDAPSearchFilter'] = "(objectClass=user)"; } + if ( isset($_SESSION['LDAPUidAttribute']) ) { $content['LDAPUidAttribute'] = $_SESSION['LDAPUidAttribute']; } else { $content['LDAPUidAttribute'] = "sAMAccountName"; } + if ( isset($_SESSION['LDAPBindDN']) ) { $content['LDAPBindDN'] = $_SESSION['LDAPBindDN']; } else { $content['LDAPBindDN'] = "CN=Searchuser,CN=Users,DC=domain,DC=local"; } + if ( isset($_SESSION['LDAPBindPassword']) ) { $content['LDAPBindPassword'] = $_SESSION['LDAPBindPassword']; } else { $content['LDAPBindPassword'] = "Password"; } + if ( isset($_SESSION['LDAPDefaultAdminUser']) ) { $content['LDAPDefaultAdminUser'] = $_SESSION['LDAPDefaultAdminUser']; } else { $content['LDAPDefaultAdminUser'] = "Administrator"; } + // Set template variables if ( $content['UserDBEnabled'] == 1 ) { $content['UserDBEnabled_true'] = "checked"; @@ -299,7 +315,7 @@ else if ( $content['INSTALL_STEP'] == 4 ) if ( isset($_POST['UserDBUser']) ) $_SESSION['UserDBUser'] = DB_RemoveBadChars($_POST['UserDBUser']); else - RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING']. $content['LN_CFG_DBUSER'] ); + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_DBUSER'] ); if ( isset($_POST['UserDBPass']) ) $_SESSION['UserDBPass'] = DB_RemoveBadChars($_POST['UserDBPass']); @@ -310,8 +326,50 @@ else if ( $content['INSTALL_STEP'] == 4 ) $_SESSION['UserDBLoginRequired'] = intval(DB_RemoveBadChars($_POST['UserDBLoginRequired'])); else $_SESSION['UserDBLoginRequired'] = false; + + if ( isset($_POST['UserDBAuthMode']) ) + $_SESSION['UserDBAuthMode'] = intval(DB_RemoveBadChars($_POST['UserDBAuthMode'])); + else + $_SESSION['UserDBAuthMode'] = USERDB_AUTH_INTERNAL; + // LDAP Properties + if ( $_SESSION['UserDBAuthMode'] == USERDB_AUTH_LDAP ) + { + if ( isset($_POST['LDAPServer']) ) + $_SESSION['LDAPServer'] = DB_RemoveBadChars($_POST['LDAPServer']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPServer'] ); + if ( isset($_POST['LDAPPort']) ) + $_SESSION['LDAPPort'] = intval(DB_RemoveBadChars($_POST['LDAPPort'])); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPPort'] ); + if ( isset($_POST['LDAPBaseDN']) ) + $_SESSION['LDAPBaseDN'] = DB_RemoveBadChars($_POST['LDAPBaseDN']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPBaseDN'] ); + if ( isset($_POST['LDAPSearchFilter']) ) + $_SESSION['LDAPSearchFilter'] = DB_RemoveBadChars($_POST['LDAPSearchFilter']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPSearchFilter'] ); + if ( isset($_POST['LDAPUidAttribute']) ) + $_SESSION['LDAPUidAttribute'] = DB_RemoveBadChars($_POST['LDAPUidAttribute']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPUidAttribute'] ); + if ( isset($_POST['LDAPBindDN']) ) + $_SESSION['LDAPBindDN'] = DB_RemoveBadChars($_POST['LDAPBindDN']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPBindDN'] ); + if ( isset($_POST['LDAPBindPassword']) ) + $_SESSION['LDAPBindPassword'] = DB_RemoveBadChars($_POST['LDAPBindPassword']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPBindPassword'] ); + if ( isset($_POST['LDAPDefaultAdminUser']) ) + $_SESSION['LDAPDefaultAdminUser'] = DB_RemoveBadChars($_POST['LDAPDefaultAdminUser']); + else + RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPDefaultAdminUser'] ); + } + // Now Check database connect $link_id = mysql_connect( $_SESSION['UserDBServer'], $_SESSION['UserDBUser'], $_SESSION['UserDBPass']); if (!$link_id) diff --git a/src/lang/en/main.php b/src/lang/en/main.php index 1828dee..5887b1e 100644 --- a/src/lang/en/main.php +++ b/src/lang/en/main.php @@ -80,34 +80,35 @@ $content['LN_ERROR_DB_INVALIDDBMAPPING'] = "Invalid datafield mappings"; $content['LN_ERROR_DB_INVALIDDBDRIVER'] = "Invalid database driver selected"; $content['LN_ERROR_DB_TABLENOTFOUND'] = "Could not find the configured table, maybe misspelled or the tablenames are case sensitive"; $content['LN_ERROR_DB_DBFIELDNOTFOUND'] = "Database Field mapping for at least one field could not be found."; - - $content['LN_GEN_SELECTEXPORT'] = "> Select Exportformat <"; - $content['LN_GEN_EXPORT_CVS'] = "CVS (Comma separated)"; - $content['LN_GEN_EXPORT_XML'] = "XML"; - $content['LN_GEN_EXPORT_PDF'] = "PDF"; - $content['LN_GEN_ERROR_EXPORING'] = "Error exporting data"; - $content['LN_GEN_ERROR_INVALIDEXPORTTYPE'] = "Invalid Export format selected, or other parameters were wrong."; - $content['LN_GEN_ERROR_SOURCENOTFOUND'] = "The Source with ID '%1' could not be found."; - $content['LN_GEN_MOREINFORMATION'] = "More Information"; - $content['LN_FOOTER_PAGERENDERED'] = "Page rendered in"; - $content['LN_FOOTER_DBQUERIES'] = "DB queries"; - $content['LN_FOOTER_GZIPENABLED'] = "GZIP enabled"; - $content['LN_FOOTER_SCRIPTTIMEOUT'] = "Script Timeout"; - $content['LN_FOOTER_SECONDS'] = "seconds"; - $content['LN_WARNING_LOGSTREAMTITLE'] = "Logstream Warning"; - $content['LN_WARNING_LOGSTREAMDISK_TIMEOUT'] = "While reading the logstream, the php script timeout forced me to abort at this point.

If you want to avoid this, please increase the LogAnalyzer script timeout in your config.php. If the user system is installed, you can do that in Admin center."; - $content['LN_ERROR_FILE_NOMORETIME'] = "No more time for processing left"; - $content['LN_WARNING_DBUPGRADE'] = "Database Upgrade required"; - $content['LN_WARNING_DBUPGRADE_TEXT'] = "The current installed database version is '%1'.
An update to version '%2' is available."; - $content['LN_ERROR_REDIRECTABORTED'] = 'Automatic redirect to the page was aborted, as an internal error occured. Please see the error details above and contact our support forums if you need assistance.'; - $content['LN_DEBUGLEVEL'] = "Debug Level"; - $content['LN_DEBUGMESSAGE'] = "Debug Message"; - $content['LN_GEN_REPORT_OUTPUT_HTML'] = "HTML Format"; - $content['LN_GEN_REPORT_OUTPUT_PDF'] = "PDF Format"; - $content['LN_GEN_REPORT_TARGET_STDOUT'] = "Direct Output"; - $content['LN_GEN_REPORT_TARGET_FILE'] = "Save into File"; - $content['LN_GEN_REPORT_TARGET_EMAIL'] = "Send as Email"; +$content['LN_GEN_SELECTEXPORT'] = "> Select Exportformat <"; +$content['LN_GEN_EXPORT_CVS'] = "CVS (Comma separated)"; +$content['LN_GEN_EXPORT_XML'] = "XML"; +$content['LN_GEN_EXPORT_PDF'] = "PDF"; +$content['LN_GEN_ERROR_EXPORING'] = "Error exporting data"; +$content['LN_GEN_ERROR_INVALIDEXPORTTYPE'] = "Invalid Export format selected, or other parameters were wrong."; +$content['LN_GEN_ERROR_SOURCENOTFOUND'] = "The Source with ID '%1' could not be found."; +$content['LN_GEN_MOREINFORMATION'] = "More Information"; +$content['LN_FOOTER_PAGERENDERED'] = "Page rendered in"; +$content['LN_FOOTER_DBQUERIES'] = "DB queries"; +$content['LN_FOOTER_GZIPENABLED'] = "GZIP enabled"; +$content['LN_FOOTER_SCRIPTTIMEOUT'] = "Script Timeout"; +$content['LN_FOOTER_SECONDS'] = "seconds"; +$content['LN_WARNING_LOGSTREAMTITLE'] = "Logstream Warning"; +$content['LN_WARNING_LOGSTREAMDISK_TIMEOUT'] = "While reading the logstream, the php script timeout forced me to abort at this point.

If you want to avoid this, please increase the LogAnalyzer script timeout in your config.php. If the user system is installed, you can do that in Admin center."; +$content['LN_ERROR_FILE_NOMORETIME'] = "No more time for processing left"; +$content['LN_WARNING_DBUPGRADE'] = "Database Upgrade required"; +$content['LN_WARNING_DBUPGRADE_TEXT'] = "The current installed database version is '%1'.
An update to version '%2' is available."; +$content['LN_ERROR_REDIRECTABORTED'] = 'Automatic redirect to the page was aborted, as an internal error occured. Please see the error details above and contact our support forums if you need assistance.'; +$content['LN_DEBUGLEVEL'] = "Debug Level"; +$content['LN_DEBUGMESSAGE'] = "Debug Message"; +$content['LN_GEN_REPORT_OUTPUT_HTML'] = "HTML Format"; +$content['LN_GEN_REPORT_OUTPUT_PDF'] = "PDF Format"; +$content['LN_GEN_REPORT_TARGET_STDOUT'] = "Direct Output"; +$content['LN_GEN_REPORT_TARGET_FILE'] = "Save into File"; +$content['LN_GEN_REPORT_TARGET_EMAIL'] = "Send as Email"; $content['LN_GEN_UNKNOWN'] = "Unknown"; +$content['LN_GEN_AUTH_INTERNAL'] = "Internal authentication"; +$content['LN_GEN_AUTH_LDAP'] = "LDAP Authentication"; // Topmenu Entries $content['LN_MENU_SEARCH'] = "Search"; @@ -212,6 +213,16 @@ $content['LN_CFG_MSGPARSERS'] = "Message Parsers (comma seperated)"; $content['LN_CFG_NORMALIZEMSG'] = "Normalize Message within Parsers"; $content['LN_CFG_SKIPUNPARSEABLE'] = "Skip unparseable messages (Only works if msgparsers are configured!)"; $content['LN_CFG_DBRECORDSPERQUERY'] = "Recordcount for database queries"; +$content['LN_CFG_LDAPServer'] = "LDAP Server Hostname/IP"; +$content['LN_CFG_LDAPPort'] = "LDAP Port, default 389 (636 for SSL)"; +$content['LN_CFG_LDAPBaseDN'] = "Base DN for LDAP Search"; +$content['LN_CFG_LDAPSearchFilter'] = "Basic Search filter"; +$content['LN_CFG_LDAPUidAttribute'] = "LDAP Username attribute"; +$content['LN_CFG_LDAPBindDN'] = "Privilegied user used to LDAP queries"; +$content['LN_CFG_LDAPBindPassword'] = "Password of the privilegied user"; +$content['LN_CFG_LDAPDefaultAdminUser'] = "Default administrative LDAP Username"; +$content['LN_CFG_AUTHTYPE'] = "Authentication method"; +$content['LN_GEN_AUTH_LDAP_OPTIONS'] = "LDAP Authentication Options"; // Details page $content['LN_DETAILS_FORSYSLOGMSG'] = "Details for the syslog messages with id"; diff --git a/src/templates/install.html b/src/templates/install.html index 6fe05e4..0d7d025 100644 --- a/src/templates/install.html +++ b/src/templates/install.html @@ -35,6 +35,24 @@ showvisibility("HiddenDBTYpesOptions"); } } + + /* + * Helper function to show and hide areas of the filterview + */ + function toggleAuthTypeVisibility(FormFieldName) + { + var myfield = document.getElementById(FormFieldName); + if (myfield.value == 0) + { + showvisibility("HiddenInternalAuthOptions"); + hidevisibility("HiddenLdapAuthOptions"); + } + else if (myfield.value == 1) + { + hidevisibility("HiddenInternalAuthOptions"); + showvisibility("HiddenLdapAuthOptions"); + } + } @@ -204,6 +222,55 @@ No + + + + +
{LN_CFG_AUTHTYPE} + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
{LN_GEN_AUTH_LDAP_OPTIONS}
{LN_CFG_LDAPServer}
{LN_CFG_LDAPPort}
{LN_CFG_LDAPBaseDN}
{LN_CFG_LDAPSearchFilter}
{LN_CFG_LDAPUidAttribute}
{LN_CFG_LDAPBindDN}
{LN_CFG_LDAPBindPassword}
{LN_CFG_LDAPDefaultAdminUser}
@@ -221,6 +288,9 @@ hidevisibility('HiddenUserDBOptions'); + + // Manually perform initial Javascript Calls + toggleAuthTypeVisibility('UserDBAuthMode');