Authentification par jeton
This commit is contained in:
parent
e77fa51fba
commit
7cd552118b
|
@ -3,11 +3,16 @@
|
|||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
foreach my $event (qw/bootstrap-console-save webapps-update ipasserelle-update/){
|
||||
templates2events("/etc/phpMyAdmin/config.inc.php", $event);
|
||||
event_link("ipasserelle-pma-init-domain", "$event", "25");
|
||||
}
|
||||
foreach my $event (qw/bootstrap-console-save webapps-update/){
|
||||
templates2events("/etc/phpMyAdmin/config.inc.php", $event);
|
||||
templates2events("/etc/phpMyAdmin/sso.inc.php", $event);
|
||||
}
|
||||
|
||||
# PHP header and footer
|
||||
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/template-begin");
|
||||
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/template-end");
|
||||
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/template-begin");
|
||||
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/template-end");
|
||||
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
root
|
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
|
||||
use esmith::util;
|
||||
|
||||
my $admin = $DB->get('admin') || return;
|
||||
my $pw = $admin->prop('SqlPassword');
|
||||
|
||||
unless ($pw){
|
||||
$admin->set_prop('SqlPassword', esmith::util::LdapPassword());
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
UID="root"
|
||||
GID="www"
|
||||
PERMS=0640
|
|
@ -19,6 +19,30 @@ $OUT .=<<"END";
|
|||
php_admin_value openbase_dir /usr/share/phpMyAdmin:/etc/phpMyAdmin:/var/lib/phpMyAdmin
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/phpMyAdmin/setup/>
|
||||
Order Deny,Allow
|
||||
Deny from All
|
||||
Allow from None
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/phpMyAdmin/libraries/>
|
||||
Order Deny,Allow
|
||||
Deny from All
|
||||
Allow from None
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/phpMyAdmin/setup/lib/>
|
||||
Order Deny,Allow
|
||||
Deny from All
|
||||
Allow from None
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/phpMyAdmin/setup/frames/>
|
||||
Order Deny,Allow
|
||||
Deny from All
|
||||
Allow from None
|
||||
</Directory>
|
||||
|
||||
END
|
||||
}
|
||||
else {
|
||||
|
|
|
@ -19,9 +19,9 @@ $cfg['Servers'][$i]['port'] = '';
|
|||
$cfg['Servers'][$i]['socket'] = '/var/lib/mysql/mysql.sock';
|
||||
$cfg['Servers'][$i]['connect_type'] = 'socket';
|
||||
$cfg['Servers'][$i]['extension'] = 'mysqli';
|
||||
$cfg['Servers'][$i]['auth_type'] = 'config';
|
||||
$cfg['Servers'][$i]['user'] = 'root';
|
||||
$cfg['Servers'][$i]['password'] = '{$pw}';
|
||||
$cfg['Servers'][$i]['auth_type'] = 'signon';
|
||||
$cfg['Servers'][$i]['SignonSession'] = 'SignonSession';
|
||||
$cfg['Servers'][$i]['SignonURL'] = '/sso.php';
|
||||
|
||||
/* End of servers configuration */
|
||||
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
{
|
||||
|
||||
use Digest::SHA1 qw(sha1_hex);
|
||||
use esmith::AccountsDB;
|
||||
my $a = esmith::AccountsDB->open_ro or die "Couldn't open AccountsDB\n";
|
||||
|
||||
$OUT .= "// login and password for MySQL access\n";
|
||||
|
||||
foreach my $u ($a->users,$a->get('admin')){
|
||||
my $user = $u->key;
|
||||
my $login = $u->prop('SqlLogin') || '';
|
||||
my $pass = $u->prop('SqlPassword') || '';
|
||||
next unless (($login ne '') && ($pass ne ''));
|
||||
$OUT .= "// Credentials for $user\n";
|
||||
$OUT .= '$login["'.$user.'"] = "'.$login."\";\n";
|
||||
$OUT .= '$password["'.$user.'"] = "'.$pass."\";\n";
|
||||
}
|
||||
|
||||
}
|
|
@ -9,7 +9,6 @@ $conf->{'locationRules'}->{"sql.$domain"} = {
|
|||
'default' => '$groups =~ /\\badmins\\b/',
|
||||
} unless ($conf->{'locationRules'}->{"sql.$domain"});
|
||||
|
||||
|
||||
$conf->{'applicationList'}->{'030admin'}->{'phpmyadmin'} = {
|
||||
'options' => {
|
||||
'logo' => 'database.png',
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
|
||||
require('/etc/phpMyAdmin/sso.inc.php');
|
||||
|
||||
if(isset($_SERVER['REMOTE_USER']) && isset($login[$_SERVER['REMOTE_USER']]) && isset($password[$_SERVER['REMOTE_USER']])) {
|
||||
session_set_cookie_params(0, '/', '', 0);
|
||||
session_name('SignonSession');
|
||||
session_start();
|
||||
$_SESSION['PMA_single_signon_user'] = $login[$_SERVER['REMOTE_USER']];
|
||||
$_SESSION['PMA_single_signon_password'] = $password[$_SERVER['REMOTE_USER']];
|
||||
session_write_close();
|
||||
header('Location: /index.php?server=1');
|
||||
}
|
||||
else {
|
||||
// This location is forbiden
|
||||
// So it will just display the access denied
|
||||
// msg from LemonLDAP
|
||||
header('Location: /libraries');
|
||||
}
|
||||
|
||||
?>
|
||||
|
Loading…
Reference in New Issue