Author Topic: Add a new authentication in plugin available in Proxy (Read 7486 times)

domg · « **on:** July 16, 2016, 02:03:01 pm »

Hi,

I'd like to a add a new authentication mode (SSO Proxy AD) in Proxy if my plugin is enabled by default only 'Local database' is available. I only want to select this new mode to add the correct code in squid.conf with template.

How can I do this?
TIA

domg · « **Reply #1 on:** July 22, 2016, 10:50:52 pm »

Hi,

I've made the following change to system_authservers.php, it adds a new type

Code: [Select]

--- /usr/local/www/system_authservers.php.orig  2016-06-28 02:34:37.049306000 +0200
+++ system_authservers.php      2016-06-28 02:35:55.390666000 +0200
@@ -35,7 +35,8 @@
     'ldap' => gettext("LDAP"),
     'radius' => gettext("Radius"),
     'voucher' => gettext("Voucher"),
-    'totp' => gettext("Local + Timebased One Time Password")
+    'totp' => gettext("Local + Timebased One Time Password"),
+    'ssoproxyad' => gettext("SSO Proxy AD")
 );
 
 
@@ -354,6 +355,7 @@
         $(".auth_ldap").addClass('hidden');
         $(".auth_voucher").addClass('hidden');
         $(".auth_totp").addClass('hidden');
+        $(".auth_ssoproxyad").addClass('hidden');
         if ($("#type").val() == 'ldap') {
             $(".auth_ldap").removeClass('hidden');
         } else if ($("#type").val() == 'radius') {
@@ -362,6 +364,8 @@
           $(".auth_voucher").removeClass('hidden');
       } else if ($("#type").val() == 'totp') {
           $(".auth_totp").removeClass('hidden');
+      } else if ($("#type").val() == 'ssoproxyad') {
+          $(".auth_ssoproxyad").removeClass('hidden');
         }
     });

Now in squid.conf template I can retrieve the name with "OPNsense.proxy.forward.authentication.method" but what about its type ?

TIA

domg · « **Reply #2 on:** July 27, 2016, 12:20:58 am »

Hi,

I'm still trying to find a way to retrieve the type of authentification method, is this possible ?

sagem2004 · « **Reply #3 on:** July 29, 2016, 08:23:21 am »

franco · « **Reply #4 on:** July 29, 2016, 08:38:15 am »

Hi domg,

I don't know what you mean about type? Isn't the name the type?

Is the SASL client for OpenLDAP still needed? I promised to get that into 16.7.x if there are no problems.

Cheers,
Franco

domg · « **Reply #5 on:** July 29, 2016, 08:51:29 am »

Hi franco,

OPNsense.proxy.forward.authentication.method retrieve the name of the authserver configured in system_authservers.php
buf for adding the correct configuration in squid.conf I need the type of the authserver "ssoproxyad"

SASL is still needed for msktutil.

Thanks

franco · « **Reply #6 on:** July 29, 2016, 09:14:06 am »

Can we take this to IRC?

I'll work on the SASL, ok.

domg · « **Reply #7 on:** July 29, 2016, 11:56:20 am »

Sure.

Author Topic: Add a new authentication in plugin available in Proxy (Read 7486 times)

domg

Add a new authentication in plugin available in Proxy

domg

Re: Add a new authentication in plugin available in Proxy

domg

Re: Add a new authentication in plugin available in Proxy

sagem2004

Re: Add a new authentication in plugin available in Proxy

franco

Re: Add a new authentication in plugin available in Proxy

domg

Re: Add a new authentication in plugin available in Proxy

franco

Re: Add a new authentication in plugin available in Proxy

domg

Re: Add a new authentication in plugin available in Proxy