packages/ssoinabox-webui/root/usr/local/share/weblogin/ssoinabox/templates/confirm.tmpl
author Dan Fuhry <dan@fuhry.us>
Fri, 11 Jan 2013 05:41:41 -0500
changeset 4 2212b2ded8bf
parent 0 3906ca745819
permissions -rw-r--r--
Added OpenSSH public key support in LDAP

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <http-equiv="pragma" content="no-cache">
    <title>WebAuth Confirm</title>
  </head>

  [% IF notdefined %]
<!--
This is the template for the WebAuth confirm page.  This page is called
from login.fcgi script on the weblogin server after successful
authentication and provides a link to continue to the appropriate web
page, as well as (optionally) a way to set preferences for doing
REMOTE_USER authentication.  Variables used:

username               : the authenticated identity of the user
return_url             : the WebAuth-protected page now authenticated for
pretty_return_url      : same, but cleaned up for use as link text
login_cancel           : a cancel URL was specified
cancel_url             : the specified cancel URL
show_remuser           : show REMOTE_USER login preferences
remuser                : set if REMOTE_USER is desired
warn_expire            : show warning for upcoming password expiration
expire_date            : the date and time of password expiration
expire_time_left       : the amount of time left until password expiration
pwchange_url           : URL for the password change form
-->
  [% END %]

  <body>
    <h1 align="center">WebAuth Confirm</h1>
    <div class="loginbox" align="center">
      <table border="1" width="70%">
        [% IF warn_expire %]
          <tr>
            <td colspan="2">
              <div class="errortext">
                Warning: Your password will expire in
                [% expire_time_left %], on
                [% expire_date %].  Please change your password
                before this happens.
                <form action="[% pwchange_url FILTER html %]"
                      method="post" target="_blank"
                      enctype="application/x-www-form-urlencoded">
                  <input type="hidden" name="rm" value="pwchange">
                  <input type="hidden" name="skip_username"
                         value="[% skip_username FILTER html %]">
                  <input type="hidden" name="username"
                         value="[% username FILTER html %]">
                  <input type="hidden" name="CPT"
                         value="[% CPT FILTER html %]">
                  <input type="submit" name="Submit"
                         value="Change Password">
                </form>
              </div>
            </td>
          </tr>
        [% END %]
        [% IF history %]
          <tr>
            <td colspan="2">
              <div class="errortext">
                <p><strong>Warning: There were potentially suspicious logins
                  from your account.  Here is a list of the last several
                  logins you have made to WebAuth-protected
                  resources.</strong></p>
                <ul>
                  [% FOREACH login IN history %]
                    [% IF login.hostname %]
                      <li>[% login.hostname %] ([% login.ip %])
                    [% ELSE %]
                      <li>[% login.ip %]
                    [% END %]
                  [% END %]
                </ul>
              </div>
            </td>
          </tr>
        [% END %]
        <tr>
          <td><img alt="Confirm" src="/images/confirm.png"
                   width="160" height="160"/></td>
          <td>
            <div class="logintext">
              <p>You are logged into WebAuth as user
              <strong>[% username FILTER html %]</strong></p>
              <p>Click this link to continue to the website you
              requested:</p>
              <p><a href="[% return_url FILTER html %]">
                 [% pretty_return_url FILTER html %]</a></p>
              [% IF token_rights %]
                <p>If you continue to this website, you will grant it
                permission to obtain the following credentials on your
                behalf:</p>
                <blockquote><p>[% FOREACH right IN token_rights %]
                  [% right.type %] [% right.name %]<br/>
                  <!-- [% right.principal %] -->
                  <!-- [% right.instance %] -->
                  <!-- [% right.realm %] -->
                [% END %]</p></blockquote>
              [% END %]
              <p><strong>Protect your assets:</strong><br/>
                 Quit your web browser when you are finished (see below
                 for more details)</p>
              [% IF login_cancel %]
                <p><a href="[% cancel_url %]">Cancel</a>
                   logging on to this service</p>
              [% END %]
            </div>
          </td>
        </tr>
      </table>
    </div>

    [% IF show_remuser %]
      <div class="remuserbox" align="center">
        <form action="[% script_name FILTER html %]" method="post"
              enctype="application/x-www-form-urlencoded">
          <input type="hidden" name="rm" value="edit_remoteuser">
          <input type="hidden" name="return_url"
                 value="[% return_url FILTER html %]">
          <input type="hidden" name="username"
                 value="[% username FILTER html %]">
          [% IF login_cancel %]
            <input type="hidden" name="cancel_url"
                   value="[% cancel_url FILTER html %]">
          [% END %]
          <table border="1" width="70%">
            <tr>
              <td>
                [% IF remuser %]
                  <input type="checkbox" name="remuser" checked>
                [% ELSE %]
                  <input type="checkbox" name="remuser">
                [% END %]
              </td>
              <td>
                <input type="submit" name="Submit" value="Change Setting">
              </td>
              <td>
                Check this box to always attempt to use your computer
                login information in the future.
              </td>
            </tr>
          </table>
        </form>
      </div>
    [% END %]

    <div class="trailer">
      <h2>Important Security Information</h2>

      <p>WebAuth provides a general web login service for many different
      websites.  Websites that use this WebAuth server that would ask you
      to login will not do so now that you have logged into WebAuth.</p>

      <p><strong>Quit the web browser you are using when you are finished
      with this browser session.</strong></p>

      <p>If you do not, anyone subsequently using your computer will be
      able to use the browser program to go to those websites, and the
      websites will treat that person as you, giving that person access to
      your protected web assets. You are responsible for preventing that
      from happening with this web session, and the best way to do it is
      to quit the browser program when you are finished with it, or lock
      your computer if you need to leave your computer but aren't through
      with the browser.</p>
    </div>
  </body>
</html>