websms/freeipa
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Debian patch 4.0.5-6~numeezy

Browse Source
This commit is contained in:
Alexandre Ellert
2016-02-17 15:07:45 +01:00
committed by Mario Fetka
parent c44de33144
commit 10dfc9587b
1203 changed files with 53869 additions and 241462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
install/html/Makefile.in
View File

@@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15 from Makefile.am.
# Makefile.in generated by automake 1.14.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# Copyright (C) 1994-2013 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,17 +15,7 @@
@SET_MAKE@
VPATH = @srcdir@
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -87,12 +77,12 @@ NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
subdir = html
DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/../version.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -146,7 +136,6 @@ am__uninstall_files_from_dir = { \
am__installdirs = "$(DESTDIR)$(appdir)"
DATA = $(app_DATA)
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -266,6 +255,7 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign html/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --foreign html/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -459,8 +449,6 @@ uninstall-am: uninstall-appDATA
pdf-am ps ps-am tags-am uninstall uninstall-am \
uninstall-appDATA
.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.

25
install/html/browserconfig.html
View File

@@ -69,7 +69,7 @@
<p>
</div>
<div id="step2" style="display:none" class="step">
<div id="step2" class="step">
<h2>Step 2</h2>
<div id="ext-installed">
<p>
@@ -85,7 +85,7 @@
</div>
</div>
<div id="step3" style="display:none" class="step">
<div id="step3" class="step">
<h2>Step 3</h2>
<p><a href="#configure-browser" id="configure-link" class="btn btn-default">Configure browser</a></p>
<p id="config-success" style="display:none">Browser successfully configured</p>
@@ -94,27 +94,8 @@
<p id="config-error" style="display:none">Configuration was not successful, unknown error uccured.</p>
</div>
<div id="step2b" class="step">
<h2>Step 2</h2>
<ol>
<li>
In the address bar of Firefox, type <code>about:config</code> to display the list of current configuration options.
</li>
<li>
In the Filter field, type <code>negotiate</code> to restrict the list of options.
</li>
<li>
Double-click the <code>network.negotiate-auth.trusted-uris</code> entry to display the Enter string value dialog box.
</li>
<li>
Enter the name of the domain against which you want to authenticate, for example, <code class="example-domain">.example.com.</code>
</li>
</ol>
</div>
<div id="step4" class="step">
<h2 id="step4header" style="display:none">Step 4</h2>
<h2 id="step3bheader">Step 3</h2>
<h2>Step 4</h2>
<p><a href="../ui/index.html" id="return-link" class="btn btn-default">Return to Web UI</a></p>
</div>
</div>

24
install/html/ffconfig_page.js
View File

@@ -87,7 +87,7 @@
if (!browser.mozilla) {
$('#wrongbrowser').show();
set_enabled(['#step2b'], false);
set_enabled(['#step1', '#step2', '#step3'], false);
} else {
// Disable for all version of FF older than 15. Theoretically
// the extension is compatible with version 3.6, 10 and later
@@ -95,26 +95,8 @@
// resource from chrome.manifest
if (compare_version(browser.version, '15') === -1) {
$('#step2a').show();
$('#step2').show();
$('#step3').show();
$('#step4header').show();
$('#step3bheader').hide();
set_enabled(['#step2', '#step3', '#step2b'], false);
} else if (compare_version(browser.version, '40') === -1) {
// FF is > 15 < 40
// show krb extension method
$('#step2').show();
$('#step3').show();
$('#step4header').show();
$('#step3bheader').hide();
$('#step2b').hide();
}
// else
// Firefox since version 40 has new extension signing policy
// this policy prevents to use self-signed FF extension and
// thus a manual config is needed - which is the default (step2b)
// else if (compare_version(version, '15') === -1) {
set_enabled(['#step2', '#step3'], false);
}// else if (compare_version(version, '15') === -1) {
// $('#step2a').show();
// $('#older-compatible').show();
// $('#older-required').hide();

125
install/html/ssbrowser.html
View File

@@ -10,6 +10,18 @@
$(document).ready(function() {
var domain = '.' + (IPA_DOMAIN || 'example.com');
$('.example-domain').text(domain);
var browser = IPA.browser_config.get_browser();
if (browser.mozilla) {
var ff_config = $("#configurefirefox");
var obj = $('<object/>', {
type: 'text/html',
'class': 'browser-config'
});
obj.prop('data', 'jar:/ipa/errors/configure.jar!/preferences.html');
obj.appendTo(ff_config);
ff_config.show();
}
});
}
@@ -42,86 +54,7 @@
<div class="col-sm-12">
<div class="ssbrowser">
<h1>Browser Kerberos Setup</h1>
<h2>Firefox</h2>
<p>
You can configure Firefox to use Kerberos for Single Sign-on. The following instructions will guide you in configuring your web browser to send your Kerberos credentials to the appropriate Key Distribution Center which enables Single Sign-on.
</p>
<ol>
<li>
Import <a href="ca.crt">CA certificate</a>. Make sure you checked all three checkboxes.
</li>
<li>
In the address bar of Firefox, type <code>about:config</code> to display the list of current configuration options.
</li>
<li>
In the Filter field, type <code>negotiate</code> to restrict the list of options.
</li>
<li>
Double-click the <code>network.negotiate-auth.trusted-uris</code> entry to display the Enter string value dialog box.
</li>
<li>
Enter the name of the domain against which you want to authenticate, for example, <code class="example-domain">.example.com.</code>
</li>
<li><strong> You are all set. </strong></li>
</ol>
<h2>Chrome</h2>
<p>
You can configure Chrome to use Kerberos for Single Sign-on. The following instructions will guide you in configuring your web browser to send your Kerberos credentials to the appropriate Key Distribution Center which enables Single Sign-on.
</p>
<h3>Import CA Certificate</h3>
<ol>
<li>
Download the <a href="ca.crt">CA certificate</a>. Alternatively, if the host is also an IdM client, you can find the certificate in /etc/ipa/ca.crt.
</li>
<li>
Click the menu button with the <em>Customize and control Google Chrome</em> tooltip, which is by default in the top right-hand corner of Chrome, and click <em>Settings</em>.
</li>
<li>
Click <em>Show advanced settings</em> to display more options, and then click the <em>Manage certificates</em> button located under the HTTPS/SSL heading.
</li>
<li>
In the <em>Authorities</em> tab, click the <em>Import</em> button at the bottom.
</li>
<li>Select the CA certificate file that you downloaded in the first step.</li>
</ol>
<h3>
Enable SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) to Use Kerberos Authentication
in Chrome
</h3>
<ol>
<li>
Make sure you have the necessary directory created by running:
<div><code>
[root@client]# mkdir -p /etc/opt/chrome/policies/managed/
</code></div>
</li>
<li>
Create a new <code>/etc/opt/chrome/policies/managed/mydomain.json</code> file with write privileges limited to the system administrator or root, and include the following line:
<div><code>
{ "AuthServerWhitelist": "*<span class="example-domain">.example.com.</span>" }
</code></div>
<div>
You can do this by running:
</div>
<div><code>
[root@server]# echo '{ "AuthServerWhitelist": "*<span class="example-domain">.example.com.</span>" }' > /etc/opt/chrome/policies/managed/mydomain.json
</code></div>
</li>
</ol>
<ol>
<p>
<strong>Note:</strong> If using Chromium, use <code>/etc/chromium/policies/managed/</code> instead of <code>/etc/opt/chrome/policies/managed/</code> for the two SPNEGO Chrome configuration steps above.
</p>
</ol>
<h2>Internet Explorer</h2>
<h2><img alt="Internet Explorer" src="../ui/images/ie-icon.png">Internet Explorer Configuration</h2>
<p>
Once you are able to log into the workstation with your kerberos key you are now able to use that ticket in Internet Explorer.
</p>
@@ -152,6 +85,38 @@
</ol>
</div>
<h2><img alt="Firefox" src="../ui/images/firefox-icon.png">Firefox Configuration</h2>
<p>
You can configure Firefox to use Kerberos for Single Sign-on. The following instructions will guide you in configuring your web browser to send your Kerberos credentials to the appropriate Key Distribution Center which enables Single Sign-on.
</p>
<ol>
<li>
In the address bar of Firefox, type <code>about:config</code> to display the list of current configuration options.
</li>
<li>
In the Filter field, type <code>negotiate</code> to restrict the list of options.
</li>
<li>
Double-click the <code>network.negotiate-auth.trusted-uris</code> entry to display the Enter string value dialog box.
</li>
<li>
Enter the name of the domain against which you want to authenticate, for example, <code class="example-domain">.example.com.</code>
</li>
<li><strong> You are all set. </strong></li>
</ol>
<h3>Automatic Configuration of older versions</h3>
<p>You can configure older versions of Firefox (up to version 14) using signed code. Use <a href="browserconfig.html">Firefox configuration page</a> for newer versions.</p>
<ol>
<li>Import <a href="ca.crt">CA certificate</a>. Make sure you checked all three checkboxes.</li>
<li>
Click on "Configure Browser" button below.
<div id="configurefirefox" style="display:none"></div>
</li>
</ol>
</div>
</div>
</div>