diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-03-22 16:29:49 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-03-22 16:29:49 +0000 |
commit | e9b9d0ceda7db8fd793b5e397b4bbfc1c5cf0405 (patch) | |
tree | fb83dcb1be0c5b5b0073f6e1f4d547929396139b /packages | |
parent | 448ba22cf54be545c501604e5bb7a50e5a717637 (diff) | |
download | pfsense-packages-e9b9d0ceda7db8fd793b5e397b4bbfc1c5cf0405.tar.gz pfsense-packages-e9b9d0ceda7db8fd793b5e397b4bbfc1c5cf0405.tar.bz2 pfsense-packages-e9b9d0ceda7db8fd793b5e397b4bbfc1c5cf0405.zip |
Fix squid ldap auth
Submitted-by: TDI via Forum
Diffstat (limited to 'packages')
-rw-r--r-- | packages/squid/squid.inc | 14 | ||||
-rw-r--r-- | packages/squid/squid_auth.xml | 21 |
2 files changed, 33 insertions, 2 deletions
diff --git a/packages/squid/squid.inc b/packages/squid/squid.inc index 5dc644eb..a5b7a8cc 100644 --- a/packages/squid/squid.inc +++ b/packages/squid/squid.inc @@ -781,7 +781,7 @@ function squid_resync_auth() { case 'ldap': $port = (isset($settings['auth_port']) ? ":{$settings['auth_port']}" : ''); $password = (isset($settings['ldap_pass']) ? "-w {$settings['ldap_pass']}" : ''); - $conf .= "auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -b {$settings['ldap_basedomain']} -D {$settings['ldap_user']} $password -f \"(&(objectClass=person)(cn=%s))\" -u cn -P {$settings['auth_server']}$port\n"; + $conf .= "auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -v {$settings['ldap_version']} -b {$settings['ldap_basedomain']} -D {$settings['ldap_user']} $password -f \"{$settings['ldap_filter']}\" -u uid -P {$settings['auth_server']}$port\n"; break; case 'radius': $port = (isset($settings['auth_port']) ? "-p {$settings['auth_server_port']}" : ''); @@ -891,6 +891,8 @@ function on_auth_method_changed() { document.iform.auth_server.disabled = 1; document.iform.auth_server_port.disabled = 1; document.iform.ldap_user.disabled = 1; + document.iform.ldap_version.disabled = 1; + document.iform.ldap_filter.disabled = 1; document.iform.ldap_password.disabled = 1; document.iform.ldap_basedomain.disabled = 1; document.iform.radius_secret.disabled = 1; @@ -918,6 +920,8 @@ function on_auth_method_changed() { document.iform.auth_server.disabled = 1; document.iform.auth_server_port.disabled = 1; document.iform.ldap_user.disabled = 1; + document.iform.ldap_version.disabled = 1; + document.iform.ldap_filter.disabled = 1; document.iform.ldap_password.disabled = 1; document.iform.ldap_basedomain.disabled = 1; document.iform.radius_secret.disabled = 1; @@ -942,6 +946,8 @@ function on_auth_method_changed() { document.iform.auth_server_port.disabled = 1; document.iform.ldap_user.disabled = 1; document.iform.ldap_password.disabled = 1; + document.iform.ldap_version.disabled = 1; + document.iform.ldap_filter.disabled = 1; document.iform.ldap_basedomain.disabled = 1; document.iform.radius_secret.disabled = 1; document.iform.msnt_secondary.disabled = 1; @@ -951,6 +957,8 @@ function on_auth_method_changed() { document.iform.auth_server_port.disabled = 0; document.iform.ldap_user.disabled = 0; document.iform.ldap_password.disabled = 0; + document.iform.ldap_version.disabled = 0; + document.iform.ldap_filter.disabled = 0; document.iform.ldap_basedomain.disabled = 0; document.iform.radius_secret.disabled = 1; document.iform.msnt_secondary.disabled = 1; @@ -960,6 +968,8 @@ function on_auth_method_changed() { document.iform.auth_server_port.disabled = 0; document.iform.ldap_user.disabled = 1; document.iform.ldap_password.disabled = 1; + document.iform.ldap_version.disabled = 1; + document.iform.ldap_filter.disabled = 1; document.iform.ldap_basedomain.disabled = 1; document.iform.radius_secret.disabled = 0; document.iform.msnt_secondary.disabled = 1; @@ -969,6 +979,8 @@ function on_auth_method_changed() { document.iform.auth_server_port.disabled = 1; document.iform.ldap_user.disabled = 1; document.iform.ldap_password.disabled = 1; + document.iform.ldap_version.disabled = 1; + document.iform.ldap_filter.disabled = 1; document.iform.ldap_basedomain.disabled = 1; document.iform.radius_secret.disabled = 1; document.iform.msnt_secondary.disabled = 0; diff --git a/packages/squid/squid_auth.xml b/packages/squid/squid_auth.xml index 2f20d755..50d29343 100644 --- a/packages/squid/squid_auth.xml +++ b/packages/squid/squid_auth.xml @@ -52,6 +52,17 @@ <onchange>on_auth_method_changed()</onchange> </field> <field> + <fieldname>ldap_version</fieldname> + <fielddescr>LDAP version</fielddescr> + <description>Enter LDAP protocol version (2 or 3).</description> + <default_value>2</default_value> + <type>select</type> + <options> + <option><name>2</name><value>2</value></option> + <option><name>3</name><value>3</value></option> + </options> + </field> + <field> <fieldname>auth_server</fieldname> <fielddescr>Authentication server</fielddescr> <description>Enter here the IP or hostname of the server that will perform the authentication.</description> @@ -73,7 +84,7 @@ <size>60</size> </field> <field> - <fieldname>ldap_password</fieldname> + <fieldname>ldap_pass</fieldname> <fielddescr>LDAP password</fielddescr> <description>Enter here the password to use to connect to the LDAP server.</description> <type>password</type> @@ -87,6 +98,14 @@ <size>60</size> </field> <field> + <fieldname>ldap_filter</fieldname> + <fielddescr>LDAP search filter</fielddescr> + <default_value>(&(objectClass=person)(uid=%s))</default_value> + <description>Enter LDAP search filter.</description> + <type>input</type> + <size>60</size> + </field> + <field> <fieldname>radius_secret</fieldname> <fielddescr>RADIUS secret</fielddescr> <description>The RADIUS secret for RADIUS authentication.</description> |