Kerberos in progress (#707)
This commit is contained in:
parent
5210a8edec
commit
537d41a29b
|
@ -16,6 +16,8 @@ our $VERSION = '2.0.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Portal::Auth::Base';
|
extends 'Lemonldap::NG::Portal::Auth::Base';
|
||||||
|
|
||||||
|
has keytab => ( is => 'rw' );
|
||||||
|
|
||||||
# INITIALIZATION
|
# INITIALIZATION
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
|
@ -36,7 +38,7 @@ sub extractFormInfo {
|
||||||
|
|
||||||
# Case 1: simple usage or first Kerberos Ajax request
|
# Case 1: simple usage or first Kerberos Ajax request
|
||||||
# => return 401 to initiate Kerberos
|
# => return 401 to initiate Kerberos
|
||||||
if ( !$self->{conf}->{krbByJs} or $req->param('krb') ) {
|
if ( !$self->{conf}->{krbByJs} or $req->param('kerberos') ) {
|
||||||
$self->logger->debug('Initialize Kerberos dialog');
|
$self->logger->debug('Initialize Kerberos dialog');
|
||||||
|
|
||||||
# Case 1.1: Ajax request
|
# Case 1.1: Ajax request
|
||||||
|
@ -75,19 +77,19 @@ sub extractFormInfo {
|
||||||
# page with "kerberos=0". Return an error to be able to switch to
|
# page with "kerberos=0". Return an error to be able to switch to
|
||||||
# another backend (Combination)
|
# another backend (Combination)
|
||||||
# switch to another backend
|
# switch to another backend
|
||||||
elsif ( defined $req->param('krb') ) {
|
elsif ( defined $req->param('kerberos') ) {
|
||||||
$self->userLogger->warn('Kerberos authentication has failed');
|
$self->userLogger->warn('Kerberos authentication has failed, back to portal');
|
||||||
return PE_BADCREDENTIALS;
|
return PE_BADCREDENTIALS;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Case 3: Display kerberos auth page (with javascript)
|
# Case 3: Display kerberos auth page (with javascript)
|
||||||
else {
|
else {
|
||||||
$self->logger->debug('Send Kerberos javascript');
|
$self->logger->debug('Send Kerberos javascript');
|
||||||
$self->p->setHiddenValue( $req, kerberos => 0, '', 0 );
|
$self->p->setHiddenFormValue( $req, kerberos => 0, '', 0 );
|
||||||
$req->datas->{customScript} .=
|
$req->datas->{customScript} .=
|
||||||
'<script type="text/javascript" src="'
|
'<script type="text/javascript" src="'
|
||||||
. $self->p->staticPrefix
|
. $self->p->staticPrefix
|
||||||
. 'common/js/kerberos.js"></script>';
|
. '/common/js/kerberos.js"></script>';
|
||||||
return PE_FIRSTACCESS;
|
return PE_FIRSTACCESS;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -571,7 +571,7 @@ sub setHiddenFormValue {
|
||||||
$base64 = 1 unless defined $base64;
|
$base64 = 1 unless defined $base64;
|
||||||
|
|
||||||
# Store value
|
# Store value
|
||||||
if ($val) {
|
if ( defined $val ) {
|
||||||
$key = $prefix . $key;
|
$key = $prefix . $key;
|
||||||
$val =~ s/\+/%2B/g;
|
$val =~ s/\+/%2B/g;
|
||||||
$req->{portalHiddenFormValues}->{$key} = $val;
|
$req->{portalHiddenFormValues}->{$key} = $val;
|
||||||
|
|
|
@ -1,18 +1,18 @@
|
||||||
# Launch Kerberos request
|
# Launch Kerberos request
|
||||||
|
|
||||||
$(document).ready ->
|
$(document).ready ->
|
||||||
$.ajax
|
$.ajax portal + '?kerberos=1',
|
||||||
dataType: 'json'
|
dataType: 'json'
|
||||||
# Called if browser can't find Kerberos ticket will display
|
# Called if browser can't find Kerberos ticket will display
|
||||||
# PE_BADCREDENTIALS
|
# PE_BADCREDENTIALS
|
||||||
statusCode:
|
statusCode:
|
||||||
401: () ->
|
401: () ->
|
||||||
$('#form').submit()
|
$('#lform').submit()
|
||||||
# If request succeed, cookie is set, posting form to get redirection
|
# If request succeed, cookie is set, posting form to get redirection
|
||||||
# or menu
|
# or menu
|
||||||
success: (data) ->
|
success: (data) ->
|
||||||
$('#form').submit()
|
$('#lform').submit()
|
||||||
# Case else, will display PE_BADCREDENTIALS or fallback to next auth
|
# Case else, will display PE_BADCREDENTIALS or fallback to next auth
|
||||||
# backend
|
# backend
|
||||||
error: () ->
|
error: () ->
|
||||||
$('#form').submit()
|
$('#lform').submit()
|
||||||
|
|
|
@ -1,18 +1,18 @@
|
||||||
// Generated by CoffeeScript 1.10.0
|
// Generated by CoffeeScript 1.10.0
|
||||||
(function() {
|
(function() {
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
return $.ajax({
|
return $.ajax(portal + '?kerberos=1', {
|
||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
statusCode: {
|
statusCode: {
|
||||||
401: function() {
|
401: function() {
|
||||||
return $('#form').submit();
|
return $('#lform').submit();
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
success: function(data) {
|
success: function(data) {
|
||||||
return $('#form').submit();
|
return $('#lform').submit();
|
||||||
},
|
},
|
||||||
error: function() {
|
error: function() {
|
||||||
return $('#form').submit();
|
return $('#lform').submit();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
(function(){$(document).ready(function(){return $.ajax({dataType:"json",statusCode:{401:function(){return $("#form").submit()}},success:function(a){return $("#form").submit()},error:function(){return $("#form").submit()}})})}).call(this);
|
(function(){$(document).ready(function(){return $.ajax(portal+"?kerberos=1",{dataType:"json",statusCode:{401:function(){return $("#lform").submit()}},success:function(a){return $("#lform").submit()},error:function(){return $("#lform").submit()}})})}).call(this);
|
|
@ -40,6 +40,7 @@
|
||||||
<link rel="openid2.provider" href="<TMPL_VAR NAME="PROVIDERURI">" />
|
<link rel="openid2.provider" href="<TMPL_VAR NAME="PROVIDERURI">" />
|
||||||
</TMPL_IF>
|
</TMPL_IF>
|
||||||
<TMPL_INCLUDE NAME="../common/script.tpl">
|
<TMPL_INCLUDE NAME="../common/script.tpl">
|
||||||
|
<TMPL_VAR NAME="CUSTOM_SCRIPT">
|
||||||
<!-- //if:usedebianlibs
|
<!-- //if:usedebianlibs
|
||||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX"><TMPL_VAR NAME="SKIN">/js/skin.min.js"></script>
|
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX"><TMPL_VAR NAME="SKIN">/js/skin.min.js"></script>
|
||||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">/common/js/portal.min.js"></script>
|
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">/common/js/portal.min.js"></script>
|
||||||
|
|
|
@ -46,7 +46,7 @@
|
||||||
|
|
||||||
<div id="<TMPL_VAR NAME="key">">
|
<div id="<TMPL_VAR NAME="key">">
|
||||||
|
|
||||||
<form action="<TMPL_VAR NAME="url">" method="post" class="login <TMPL_VAR NAME="module">">
|
<form id="form" action="<TMPL_VAR NAME="url">" method="post" class="login <TMPL_VAR NAME="module">">
|
||||||
|
|
||||||
<!-- Hidden fields -->
|
<!-- Hidden fields -->
|
||||||
<TMPL_VAR NAME="HIDDEN_INPUTS">
|
<TMPL_VAR NAME="HIDDEN_INPUTS">
|
||||||
|
@ -102,9 +102,9 @@
|
||||||
|
|
||||||
<div class="panel panel-default">
|
<div class="panel panel-default">
|
||||||
<TMPL_IF NAME="module">
|
<TMPL_IF NAME="module">
|
||||||
<form action="#" method="post" class="login <TMPL_VAR NAME="module">" role="form">
|
<form id="lform" action="#" method="post" class="login <TMPL_VAR NAME="module">" role="form">
|
||||||
<TMPL_ELSE>
|
<TMPL_ELSE>
|
||||||
<form action="#" method="post" class="login" role="form">
|
<form id="lform" action="#" method="post" class="login" role="form">
|
||||||
</TMPL_IF>
|
</TMPL_IF>
|
||||||
<!-- Hidden fields -->
|
<!-- Hidden fields -->
|
||||||
<TMPL_VAR NAME="HIDDEN_INPUTS">
|
<TMPL_VAR NAME="HIDDEN_INPUTS">
|
||||||
|
|
Loading…
Reference in New Issue
Block a user