New login method (saml). Ticket#3393
Conflicts: pandora_console/include/auth/mysql.php
This commit is contained in:
Arturo Gonzalez
parent
4786db20e8
commit
08569e64e3
|
|
@ -124,6 +124,9 @@ echo '<div id="login_in">';
|
|||
'', 'class="login login_password" placeholder="'.__('Password').'"', false, true);
|
||||
echo '</div>';
|
||||
echo '<div class="login_button">';
|
||||
if ($config['auth'] == 'saml') {
|
||||
html_print_submit_button(__("Login with SAML"), "login_button_saml", false, 'class="sub login_boton"');
|
||||
}
|
||||
html_print_submit_button(__("Login"), "login_button", false, 'class="sub next_login"');
|
||||
echo '</div>';
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -253,7 +253,7 @@ echo '</form>';
|
|||
function show_selected_rows (event) {
|
||||
var auth_method = $(this).val();
|
||||
|
||||
if (auth_method !== 'mysql') {
|
||||
if ((auth_method !== 'mysql') && (auth_method !== 'saml')) {
|
||||
$('tr.remote').show();
|
||||
show_autocreate_options(null);
|
||||
}
|
||||
|
|
@ -266,8 +266,10 @@ echo '</form>';
|
|||
if (value !== 'mysql')
|
||||
$('tr.' + value).hide();
|
||||
});
|
||||
|
||||
// Show the selected auth method
|
||||
$('tr.' + auth_method).show();
|
||||
|
||||
}
|
||||
|
||||
// Event callback for the autocreate remote users radio buttons
|
||||
|
|
|
|||
|
|
@ -248,7 +248,8 @@ function process_user_login_remote ($login, $pass, $api = false) {
|
|||
}
|
||||
else {
|
||||
if ($return === "permissions_changed") {
|
||||
$config["auth_error"] = __("Your permmission have been change. Please, login again");
|
||||
$config["auth_error"] =
|
||||
__("Your permissions have changed. Please, login again.");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -460,4 +460,12 @@ define("OPTION_TREE_GROUP_SELECT", 6);
|
|||
define("OPTION_SINGLE_SELECT_TIME", 7);
|
||||
define("OPTION_CUSTOM_INPUT", 8);
|
||||
define("OPTION_AGENT_AUTOCOMPLETE", 9);
|
||||
|
||||
/* SAML attributes constants */
|
||||
define("ROLES_AND_TAGS", "urn:mace:rediris.es:entitlement:monitoring:");
|
||||
define("USER_DESC", "commonName");
|
||||
define("ID_USER_IN_PANDORA", "eduPersonTargetedId");
|
||||
define("GROUP_IN_PANDORA", "schacHomeOrganization");
|
||||
define("MAIL_IN_PANDORA", "mail");
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -282,12 +282,17 @@ if (! isset ($config['id_user'])) {
|
|||
exit ("</html>");
|
||||
}
|
||||
}
|
||||
|
||||
$login_button_saml = get_parameter("login_button_saml", false);
|
||||
if (isset ($double_auth_success) && $double_auth_success) {
|
||||
// This values are true cause there are checked before complete the 2nd auth step
|
||||
$nick_in_db = $_SESSION["prepared_login_da"]['id_user'];
|
||||
$expired_pass = false;
|
||||
}
|
||||
else if (($config['auth'] == 'saml') && $login_button_saml) {
|
||||
include_once(ENTERPRISE_DIR . "/include/auth/saml.php");
|
||||
$saml_user_id = saml_process_user_login();
|
||||
$nick_in_db = $saml_user_id;
|
||||
}
|
||||
else {
|
||||
// process_user_login is a virtual function which should be defined in each auth file.
|
||||
// It accepts username and password. The rest should be internal to the auth file.
|
||||
|
|
@ -496,6 +501,11 @@ if (isset ($_GET["bye"])) {
|
|||
// Unregister Session (compatible with 5.2 and 6.x, old code was deprecated
|
||||
unset($_SESSION['id_usuario']);
|
||||
unset($iduser);
|
||||
if ($config['auth'] == 'saml') {
|
||||
require_once('/opt/simplesamlphp/lib/_autoload.php');
|
||||
$as = new SimpleSAML_Auth_Simple('example-userpass');
|
||||
$as->logout();
|
||||
}
|
||||
while (@ob_end_flush ());
|
||||
exit ("</html>");
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue