OPNsense Forum
English Forums => Development and Code Review => Topic started by: domg on July 16, 2016, 02:03:01 pm
-
Hi,
I'd like to a add a new authentication mode (SSO Proxy AD) in Proxy if my plugin is enabled by default only 'Local database' is available. I only want to select this new mode to add the correct code in squid.conf with template.
How can I do this?
TIA
-
Hi,
I've made the following change to system_authservers.php, it adds a new type
--- /usr/local/www/system_authservers.php.orig 2016-06-28 02:34:37.049306000 +0200
+++ system_authservers.php 2016-06-28 02:35:55.390666000 +0200
@@ -35,7 +35,8 @@
'ldap' => gettext("LDAP"),
'radius' => gettext("Radius"),
'voucher' => gettext("Voucher"),
- 'totp' => gettext("Local + Timebased One Time Password")
+ 'totp' => gettext("Local + Timebased One Time Password"),
+ 'ssoproxyad' => gettext("SSO Proxy AD")
);
@@ -354,6 +355,7 @@
$(".auth_ldap").addClass('hidden');
$(".auth_voucher").addClass('hidden');
$(".auth_totp").addClass('hidden');
+ $(".auth_ssoproxyad").addClass('hidden');
if ($("#type").val() == 'ldap') {
$(".auth_ldap").removeClass('hidden');
} else if ($("#type").val() == 'radius') {
@@ -362,6 +364,8 @@
$(".auth_voucher").removeClass('hidden');
} else if ($("#type").val() == 'totp') {
$(".auth_totp").removeClass('hidden');
+ } else if ($("#type").val() == 'ssoproxyad') {
+ $(".auth_ssoproxyad").removeClass('hidden');
}
});
Now in squid.conf template I can retrieve the name with "OPNsense.proxy.forward.authentication.method" but what about its type ?
TIA
-
Hi,
I'm still trying to find a way to retrieve the type of authentification method, is this possible ?
-
UP
-
Hi domg,
I don't know what you mean about type? Isn't the name the type?
Is the SASL client for OpenLDAP still needed? I promised to get that into 16.7.x if there are no problems. :)
Cheers,
Franco
-
Hi franco,
OPNsense.proxy.forward.authentication.method retrieve the name of the authserver configured in system_authservers.php
buf for adding the correct configuration in squid.conf I need the type of the authserver "ssoproxyad"
SASL is still needed for msktutil.
Thanks
-
Can we take this to IRC? :)
I'll work on the SASL, ok.
-
Sure.