Authentification par jeton
This commit is contained in:
parent
e77fa51fba
commit
7cd552118b
|
@ -3,11 +3,16 @@
|
||||||
use esmith::Build::CreateLinks qw(:all);
|
use esmith::Build::CreateLinks qw(:all);
|
||||||
|
|
||||||
foreach my $event (qw/bootstrap-console-save webapps-update ipasserelle-update/){
|
foreach my $event (qw/bootstrap-console-save webapps-update ipasserelle-update/){
|
||||||
templates2events("/etc/phpMyAdmin/config.inc.php", $event);
|
|
||||||
event_link("ipasserelle-pma-init-domain", "$event", "25");
|
event_link("ipasserelle-pma-init-domain", "$event", "25");
|
||||||
}
|
}
|
||||||
|
foreach my $event (qw/bootstrap-console-save webapps-update/){
|
||||||
|
templates2events("/etc/phpMyAdmin/config.inc.php", $event);
|
||||||
|
templates2events("/etc/phpMyAdmin/sso.inc.php", $event);
|
||||||
|
}
|
||||||
|
|
||||||
# PHP header and footer
|
# PHP header and footer
|
||||||
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/template-begin");
|
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/template-begin");
|
||||||
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/template-end");
|
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/template-end");
|
||||||
|
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/template-begin");
|
||||||
|
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/template-end");
|
||||||
|
|
||||||
|
|
1
root/etc/e-smith/db/accounts/defaults/admin/SqlLogin
Normal file
1
root/etc/e-smith/db/accounts/defaults/admin/SqlLogin
Normal file
|
@ -0,0 +1 @@
|
||||||
|
root
|
12
root/etc/e-smith/db/accounts/migrate/98AdminSqlPass
Normal file
12
root/etc/e-smith/db/accounts/migrate/98AdminSqlPass
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{
|
||||||
|
|
||||||
|
use esmith::util;
|
||||||
|
|
||||||
|
my $admin = $DB->get('admin') || return;
|
||||||
|
my $pw = $admin->prop('SqlPassword');
|
||||||
|
|
||||||
|
unless ($pw){
|
||||||
|
$admin->set_prop('SqlPassword', esmith::util::LdapPassword());
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
UID="root"
|
||||||
|
GID="www"
|
||||||
|
PERMS=0640
|
|
@ -19,6 +19,30 @@ $OUT .=<<"END";
|
||||||
php_admin_value openbase_dir /usr/share/phpMyAdmin:/etc/phpMyAdmin:/var/lib/phpMyAdmin
|
php_admin_value openbase_dir /usr/share/phpMyAdmin:/etc/phpMyAdmin:/var/lib/phpMyAdmin
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
|
<Directory /usr/share/phpMyAdmin/setup/>
|
||||||
|
Order Deny,Allow
|
||||||
|
Deny from All
|
||||||
|
Allow from None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory /usr/share/phpMyAdmin/libraries/>
|
||||||
|
Order Deny,Allow
|
||||||
|
Deny from All
|
||||||
|
Allow from None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory /usr/share/phpMyAdmin/setup/lib/>
|
||||||
|
Order Deny,Allow
|
||||||
|
Deny from All
|
||||||
|
Allow from None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory /usr/share/phpMyAdmin/setup/frames/>
|
||||||
|
Order Deny,Allow
|
||||||
|
Deny from All
|
||||||
|
Allow from None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
END
|
END
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
|
@ -19,9 +19,9 @@ $cfg['Servers'][$i]['port'] = '';
|
||||||
$cfg['Servers'][$i]['socket'] = '/var/lib/mysql/mysql.sock';
|
$cfg['Servers'][$i]['socket'] = '/var/lib/mysql/mysql.sock';
|
||||||
$cfg['Servers'][$i]['connect_type'] = 'socket';
|
$cfg['Servers'][$i]['connect_type'] = 'socket';
|
||||||
$cfg['Servers'][$i]['extension'] = 'mysqli';
|
$cfg['Servers'][$i]['extension'] = 'mysqli';
|
||||||
$cfg['Servers'][$i]['auth_type'] = 'config';
|
$cfg['Servers'][$i]['auth_type'] = 'signon';
|
||||||
$cfg['Servers'][$i]['user'] = 'root';
|
$cfg['Servers'][$i]['SignonSession'] = 'SignonSession';
|
||||||
$cfg['Servers'][$i]['password'] = '{$pw}';
|
$cfg['Servers'][$i]['SignonURL'] = '/sso.php';
|
||||||
|
|
||||||
/* End of servers configuration */
|
/* End of servers configuration */
|
||||||
|
|
||||||
|
|
19
root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/10All
Normal file
19
root/etc/e-smith/templates/etc/phpMyAdmin/sso.inc.php/10All
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{
|
||||||
|
|
||||||
|
use Digest::SHA1 qw(sha1_hex);
|
||||||
|
use esmith::AccountsDB;
|
||||||
|
my $a = esmith::AccountsDB->open_ro or die "Couldn't open AccountsDB\n";
|
||||||
|
|
||||||
|
$OUT .= "// login and password for MySQL access\n";
|
||||||
|
|
||||||
|
foreach my $u ($a->users,$a->get('admin')){
|
||||||
|
my $user = $u->key;
|
||||||
|
my $login = $u->prop('SqlLogin') || '';
|
||||||
|
my $pass = $u->prop('SqlPassword') || '';
|
||||||
|
next unless (($login ne '') && ($pass ne ''));
|
||||||
|
$OUT .= "// Credentials for $user\n";
|
||||||
|
$OUT .= '$login["'.$user.'"] = "'.$login."\";\n";
|
||||||
|
$OUT .= '$password["'.$user.'"] = "'.$pass."\";\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -9,7 +9,6 @@ $conf->{'locationRules'}->{"sql.$domain"} = {
|
||||||
'default' => '$groups =~ /\\badmins\\b/',
|
'default' => '$groups =~ /\\badmins\\b/',
|
||||||
} unless ($conf->{'locationRules'}->{"sql.$domain"});
|
} unless ($conf->{'locationRules'}->{"sql.$domain"});
|
||||||
|
|
||||||
|
|
||||||
$conf->{'applicationList'}->{'030admin'}->{'phpmyadmin'} = {
|
$conf->{'applicationList'}->{'030admin'}->{'phpmyadmin'} = {
|
||||||
'options' => {
|
'options' => {
|
||||||
'logo' => 'database.png',
|
'logo' => 'database.png',
|
||||||
|
|
22
root/usr/share/phpMyAdmin/sso.php
Normal file
22
root/usr/share/phpMyAdmin/sso.php
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
require('/etc/phpMyAdmin/sso.inc.php');
|
||||||
|
|
||||||
|
if(isset($_SERVER['REMOTE_USER']) && isset($login[$_SERVER['REMOTE_USER']]) && isset($password[$_SERVER['REMOTE_USER']])) {
|
||||||
|
session_set_cookie_params(0, '/', '', 0);
|
||||||
|
session_name('SignonSession');
|
||||||
|
session_start();
|
||||||
|
$_SESSION['PMA_single_signon_user'] = $login[$_SERVER['REMOTE_USER']];
|
||||||
|
$_SESSION['PMA_single_signon_password'] = $password[$_SERVER['REMOTE_USER']];
|
||||||
|
session_write_close();
|
||||||
|
header('Location: /index.php?server=1');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// This location is forbiden
|
||||||
|
// So it will just display the access denied
|
||||||
|
// msg from LemonLDAP
|
||||||
|
header('Location: /libraries');
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user