Kerberos in progress (#707)
This commit is contained in:
Xavier Guimard
parent
5210a8edec
commit
537d41a29b
|
|
@ -16,6 +16,8 @@ our $VERSION = '2.0.0';
|
|||
|
||||
extends 'Lemonldap::NG::Portal::Auth::Base';
|
||||
|
||||
has keytab => ( is => 'rw' );
|
||||
|
||||
# INITIALIZATION
|
||||
|
||||
sub init {
|
||||
|
|
@ -36,7 +38,7 @@ sub extractFormInfo {
|
|||
|
||||
# Case 1: simple usage or first Kerberos Ajax request
|
||||
# => return 401 to initiate Kerberos
|
||||
if ( !$self->{conf}->{krbByJs} or $req->param('krb') ) {
|
||||
if ( !$self->{conf}->{krbByJs} or $req->param('kerberos') ) {
|
||||
$self->logger->debug('Initialize Kerberos dialog');
|
||||
|
||||
# Case 1.1: Ajax request
|
||||
|
|
@ -75,19 +77,19 @@ sub extractFormInfo {
|
|||
# page with "kerberos=0". Return an error to be able to switch to
|
||||
# another backend (Combination)
|
||||
# switch to another backend
|
||||
elsif ( defined $req->param('krb') ) {
|
||||
$self->userLogger->warn('Kerberos authentication has failed');
|
||||
elsif ( defined $req->param('kerberos') ) {
|
||||
$self->userLogger->warn('Kerberos authentication has failed, back to portal');
|
||||
return PE_BADCREDENTIALS;
|
||||
}
|
||||
|
||||
# Case 3: Display kerberos auth page (with javascript)
|
||||
else {
|
||||
$self->logger->debug('Send Kerberos javascript');
|
||||
$self->p->setHiddenValue( $req, kerberos => 0, '', 0 );
|
||||
$self->p->setHiddenFormValue( $req, kerberos => 0, '', 0 );
|
||||
$req->datas->{customScript} .=
|
||||
'<script type="text/javascript" src="'
|
||||
. $self->p->staticPrefix
|
||||
. 'common/js/kerberos.js"></script>';
|
||||
. '/common/js/kerberos.js"></script>';
|
||||
return PE_FIRSTACCESS;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -571,7 +571,7 @@ sub setHiddenFormValue {
|
|||
$base64 = 1 unless defined $base64;
|
||||
|
||||
# Store value
|
||||
if ($val) {
|
||||
if ( defined $val ) {
|
||||
$key = $prefix . $key;
|
||||
$val =~ s/\+/%2B/g;
|
||||
$req->{portalHiddenFormValues}->{$key} = $val;
|
||||
|
|
|
|||
|
|
@ -1,18 +1,18 @@
|
|||
# Launch Kerberos request
|
||||
|
||||
$(document).ready ->
|
||||
$.ajax
|
||||
$.ajax portal + '?kerberos=1',
|
||||
dataType: 'json'
|
||||
# Called if browser can't find Kerberos ticket will display
|
||||
# PE_BADCREDENTIALS
|
||||
statusCode:
|
||||
401: () ->
|
||||
$('#form').submit()
|
||||
$('#lform').submit()
|
||||
# If request succeed, cookie is set, posting form to get redirection
|
||||
# or menu
|
||||
success: (data) ->
|
||||
$('#form').submit()
|
||||
$('#lform').submit()
|
||||
# Case else, will display PE_BADCREDENTIALS or fallback to next auth
|
||||
# backend
|
||||
error: () ->
|
||||
$('#form').submit()
|
||||
$('#lform').submit()
|
||||
|
|
|
|||
|
|
@ -1,18 +1,18 @@
|
|||
// Generated by CoffeeScript 1.10.0
|
||||
(function() {
|
||||
$(document).ready(function() {
|
||||
return $.ajax({
|
||||
return $.ajax(portal + '?kerberos=1', {
|
||||
dataType: 'json',
|
||||
statusCode: {
|
||||
401: function() {
|
||||
return $('#form').submit();
|
||||
return $('#lform').submit();
|
||||
}
|
||||
},
|
||||
success: function(data) {
|
||||
return $('#form').submit();
|
||||
return $('#lform').submit();
|
||||
},
|
||||
error: function() {
|
||||
return $('#form').submit();
|
||||
return $('#lform').submit();
|
||||
}
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
(function(){$(document).ready(function(){return $.ajax({dataType:"json",statusCode:{401:function(){return $("#form").submit()}},success:function(a){return $("#form").submit()},error:function(){return $("#form").submit()}})})}).call(this);
|
||||
(function(){$(document).ready(function(){return $.ajax(portal+"?kerberos=1",{dataType:"json",statusCode:{401:function(){return $("#lform").submit()}},success:function(a){return $("#lform").submit()},error:function(){return $("#lform").submit()}})})}).call(this);
|
||||
|
|
@ -40,6 +40,7 @@
|
|||
<link rel="openid2.provider" href="<TMPL_VAR NAME="PROVIDERURI">" />
|
||||
</TMPL_IF>
|
||||
<TMPL_INCLUDE NAME="../common/script.tpl">
|
||||
<TMPL_VAR NAME="CUSTOM_SCRIPT">
|
||||
<!-- //if:usedebianlibs
|
||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX"><TMPL_VAR NAME="SKIN">/js/skin.min.js"></script>
|
||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">/common/js/portal.min.js"></script>
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@
|
|||
|
||||
<div id="<TMPL_VAR NAME="key">">
|
||||
|
||||
<form action="<TMPL_VAR NAME="url">" method="post" class="login <TMPL_VAR NAME="module">">
|
||||
<form id="form" action="<TMPL_VAR NAME="url">" method="post" class="login <TMPL_VAR NAME="module">">
|
||||
|
||||
<!-- Hidden fields -->
|
||||
<TMPL_VAR NAME="HIDDEN_INPUTS">
|
||||
|
|
@ -102,9 +102,9 @@
|
|||
|
||||
<div class="panel panel-default">
|
||||
<TMPL_IF NAME="module">
|
||||
<form action="#" method="post" class="login <TMPL_VAR NAME="module">" role="form">
|
||||
<form id="lform" action="#" method="post" class="login <TMPL_VAR NAME="module">" role="form">
|
||||
<TMPL_ELSE>
|
||||
<form action="#" method="post" class="login" role="form">
|
||||
<form id="lform" action="#" method="post" class="login" role="form">
|
||||
</TMPL_IF>
|
||||
<!-- Hidden fields -->
|
||||
<TMPL_VAR NAME="HIDDEN_INPUTS">
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user