GUI nearly complete, still need to add backend bonding commands

pull/1/head
Timothy Pearson 13 years ago
parent 9dfe673336
commit dbaffcee86

@ -4,7 +4,7 @@ METASOURCES = AUTO
# Install this plugin in the KDE modules directory
kde_module_LTLIBRARIES = kcm_ldap.la
kcm_ldap_la_SOURCES = ldap.cpp ldapconfigbase.ui realmpropertiesdialog.cpp bondintropage.cpp bondintropagedlg.ui bondrealmpage.cpp bondrealmpagedlg.ui bondfinishpage.cpp bondfinishpagedlg.ui bondwizard.cpp
kcm_ldap_la_SOURCES = ldap.cpp ldapconfigbase.ui realmpropertiesdialog.cpp bondintropage.cpp bondintropagedlg.ui bondrealmpage.cpp bondrealmpagedlg.ui bondfinishpage.cpp bondfinishpagedlg.ui bondwizard.cpp ldappasswddlg.cpp
kcm_ldap_la_LIBADD = -lkio $(LIB_TDEUI)
kcm_ldap_la_LDFLAGS = -avoid-version -module -no-undefined \
$(all_libraries)

@ -4,14 +4,6 @@
<property name="name">
<cstring>BondFinishPageDlg</cstring>
</property>
<property name="geometry">
<rect>
<x>0</x>
<y>0</y>
<width>678</width>
<height>452</height>
</rect>
</property>
<grid>
<property name="name">
<cstring>unnamed</cstring>
@ -47,7 +39,62 @@
<number>0</number>
</property>
</widget>
<spacer row="2" column="1">
<widget class="TQLabel" row="0" column="1" colspan="2">
<property name="name">
<cstring>yad_string</cstring>
</property>
<property name="text">
<string>&lt;h3&gt;You're almost done!&lt;/h3&gt;</string>
</property>
</widget>
<widget class="TQLabel" row="1" column="1" colspan="2">
<property name="name">
<cstring>passprompt</cstring>
</property>
<property name="text">
<string>Please provide LDAP realm administrator credentials below to complete the bonding process</string>
</property>
</widget>
<widget class="TQLabel" row="2" column="1">
<property name="name">
<cstring>unnamed</cstring>
</property>
<property name="text">
<string>Username</string>
</property>
</widget>
<widget class="KLineEdit" row="2" column="2">
<property name="name">
<cstring>ldapAdminUsername</cstring>
</property>
</widget>
<widget class="TQLabel" row="3" column="1">
<property name="name">
<cstring>unnamed</cstring>
</property>
<property name="text">
<string>Password</string>
</property>
</widget>
<widget class="KPasswordEdit" row="3" column="2">
<property name="name">
<cstring>ldapAdminPassword</cstring>
</property>
</widget>
<widget class="TQLabel" row="4" column="1">
<property name="name">
<cstring>unnamed</cstring>
</property>
<property name="text">
<string>LDAP Realm</string>
</property>
</widget>
<widget class="KLineEdit" row="4" column="2">
<property name="name">
<cstring>ldapAdminRealm</cstring>
</property>
</widget>
<spacer row="5" column="1">
<property name="name">
<cstring>Spacer6</cstring>
</property>

@ -31,6 +31,7 @@
#include <dcopclient.h>
#include <kprocess.h>
#include <klineedit.h>
#include <ktextedit.h>
#include <kwizard.h>
#include <kdialogbase.h>
@ -44,6 +45,8 @@ BondRealmPage::BondRealmPage(TQWidget *parent, const char *name ) : BondRealmPag
connect(txtKDC, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries()));
connect(txtAdminServer, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries()));
connect(txtRealmName, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(realmNameChanged()));
m_parentWizard = dynamic_cast<KWizard*>(parent);
m_parentDialog = dynamic_cast<KDialogBase*>(parent);
}
@ -71,4 +74,16 @@ void BondRealmPage::validateEntries() {
}
}
void BondRealmPage::realmNameChanged() {
TQString realmName = txtRealmName->text();
txtRealmName->setText(realmName.upper());
TQString defaultDomainAliases;
defaultDomainAliases = realmName.lower();
defaultDomainAliases += "\n";
defaultDomainAliases += ".";
defaultDomainAliases += realmName.lower();
txtDomains->setText(defaultDomainAliases);
}
#include "bondrealmpage.moc"

@ -43,6 +43,9 @@ public:
public slots:
void validateEntries();
private slots:
void realmNameChanged();
private:
KWizard* m_parentWizard;
KDialogBase* m_parentDialog;

@ -42,6 +42,7 @@
#include <knuminput.h>
#include <klineedit.h>
#include <ktextedit.h>
#include <kpassdlg.h>
#include <stdlib.h>
@ -77,6 +78,9 @@ BondWizard::BondWizard(LDAPRealmConfigList *realmlist, LDAPConfig *ldapconfig, T
realmpage->txtUIDOffset->setValue(5000);
realmpage->txtGIDOffset->setValue(5000);
// Other setup
finishpage->ldapAdminRealm->setEnabled(false);
setFinishEnabled(TQWizard::page(2), true);
setPosition();
@ -112,6 +116,8 @@ void BondWizard::next() {
if (!m_realmList->contains(realm.name)) {
m_realmList->insert(realm.name, realm);
m_ldapConfig->save();
finishpage->ldapAdminRealm->setText(realm.name);
m_finalRealm = realm;
TQWizard::next();
}
else {
@ -119,6 +125,7 @@ void BondWizard::next() {
}
}
if (currentPage()==finishpage) {
backButton()->setEnabled(false);
finishButton()->setFocus();
}
}
@ -141,7 +148,13 @@ bool BondWizard::askClose(){
text = i18n("<p>Are you sure you want to quit the LDAP Bonding Wizard?</p>"
"<p>If yes, click <b>Quit</b> and all changes will be lost."
"<br>If not, click <b>Cancel</b> to return and finish your setup.</p>");
} else {
}
else if (currentPage()==finishpage) {
text = i18n("<p>Are you sure you want to quit the LDAP Bonding Wizard?</p>"
"<p>If yes, click <b>Quit</b> and the new realm will remain deactivated pending bonding."
"<br>If not, click <b>Cancel</b> to return and finish your setup.</p>");
}
else {
text = i18n("<p>Are you sure you want to quit the LDAP Bonding Wizard?</p>"
"<p>If not, click <b>Cancel</b> to return and finish bonding.</p>");
}
@ -174,7 +187,14 @@ void BondWizard::closeEvent(TQCloseEvent* e){
/** maybe call a dialog that the wizard has finished. */
void BondWizard::accept(){
done(0);
// Try to bond
if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text()) == 0) {
done(0);
}
else {
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>RAJA ERRORSTR</qt>"), i18n("Unable to Bond to Realm"));
// RAJA FIXME
}
}
/** calls all save functions after resetting all features/ OS/ theme selections to Trinity default */

@ -73,6 +73,7 @@ private:
bool realm_dirty;
LDAPRealmConfigList* m_realmList;
LDAPConfig* m_ldapConfig;
LDAPRealmConfig m_finalRealm;
protected: // Protected methods
// the close button on the titlebar sets e->accept() which we don't want.

@ -34,14 +34,20 @@
#include <kio/job.h>
#include <tqdir.h>
#include <tqheader.h>
#include <knuminput.h>
#include <kpassdlg.h>
#include <klineedit.h>
#include <kmessagebox.h>
#include "ldap.h"
#include "bondwizard.h"
#include "ldappasswddlg.h"
#include "realmpropertiesdialog.h"
// FIXME
// Connect this to CMake/Automake
#define KDE_CONFDIR "/etc/trinity"
#define KRB5_FILE "/etc/krb5.conf"
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
@ -72,12 +78,16 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&)
setUseRootOnlyMsg(true);
connect(base->systemEnableSupport, TQT_SIGNAL(clicked()), this, TQT_SLOT(changed()));
connect(base->defaultRealm, TQT_SIGNAL(activated(int)), this, TQT_SLOT(changed()));
connect(base->ticketLifetime, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(changed()));
connect(base->systemEnableSupport, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts()));
connect(base->ldapRealmList, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(processLockouts()));
connect(base->btnBondRealm, TQT_SIGNAL(clicked()), TQT_SLOT(bondToNewRealm()));
connect(base->btnRemoveRealm, TQT_SIGNAL(clicked()), TQT_SLOT(removeRealm()));
connect(base->btnRealmProperties, TQT_SIGNAL(clicked()), TQT_SLOT(realmProperties()));
connect(base->btnBondRealm, TQT_SIGNAL(clicked()), this, TQT_SLOT(bondToNewRealm()));
connect(base->btnReBondRealm, TQT_SIGNAL(clicked()), this, TQT_SLOT(reBondToRealm()));
connect(base->btnRemoveRealm, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeRealm()));
connect(base->btnDeactivateRealm, TQT_SIGNAL(clicked()), this, TQT_SLOT(deactivateRealm()));
connect(base->btnRealmProperties, TQT_SIGNAL(clicked()), this, TQT_SLOT(realmProperties()));
load();
@ -94,7 +104,6 @@ LDAPConfig::~LDAPConfig() {
void LDAPConfig::load() {
kgs = new KGlobalSettings();
KStandardDirs *ksd = new KStandardDirs();
load(false);
}
@ -106,6 +115,8 @@ void LDAPConfig::load(bool useDefaults )
systemconfig->setGroup(NULL);
base->systemEnableSupport->setChecked(systemconfig->readBoolEntry("EnableLDAP", false));
m_defaultRealm = systemconfig->readEntry("DefaultRealm", TQString::null);
m_ticketLifetime = systemconfig->readNumEntry("TicketLifetime", 86400);
// Load realms
m_realms.clear();
@ -137,6 +148,7 @@ void LDAPConfig::load(bool useDefaults )
}
}
base->ticketLifetime->setValue(m_ticketLifetime);
updateRealmList();
processLockouts();
@ -146,11 +158,22 @@ void LDAPConfig::load(bool useDefaults )
void LDAPConfig::updateRealmList() {
base->ldapRealmList->clear();
base->defaultRealm->clear();
LDAPRealmConfigList::Iterator it;
for (it = m_realms.begin(); it != m_realms.end(); ++it) {
LDAPRealmConfig realmcfg = it.data();
(void)new TQListViewItem(base->ldapRealmList, ((realmcfg.bonded)?i18n("Bonded"):i18n("Deactivated")), realmcfg.name);
base->defaultRealm->insertItem(realmcfg.name);
}
if (m_defaultRealm != "") {
for (int i=0; i<base->defaultRealm->count(); i++) {
if (base->defaultRealm->text(i) == m_defaultRealm) {
base->defaultRealm->setCurrentItem(i);
break;
}
}
}
processLockouts();
}
void LDAPConfig::defaults() {
@ -161,6 +184,15 @@ void LDAPConfig::save() {
// Write system configuration
systemconfig->setGroup(NULL);
systemconfig->writeEntry("EnableLDAP", base->systemEnableSupport->isChecked());
m_defaultRealm = base->defaultRealm->currentText();
m_ticketLifetime = base->ticketLifetime->value();
if (m_defaultRealm != "") {
systemconfig->writeEntry("DefaultRealm", m_defaultRealm);
}
else {
systemconfig->deleteEntry("DefaultRealm");
}
systemconfig->writeEntry("TicketLifetime", m_ticketLifetime);
LDAPRealmConfigList::Iterator it;
for (it = m_realms.begin(); it != m_realms.end(); ++it) {
@ -198,8 +230,8 @@ void LDAPConfig::save() {
systemconfig->sync();
// RAJA FIXME
// Write the appropriate /etc/krb5.conf file here!
// Write the Kerberos5 configuration file
writeKrb5ConfFile();
load();
}
@ -247,6 +279,32 @@ void LDAPConfig::bondToNewRealm() {
load();
}
void LDAPConfig::reBondToRealm() {
TQListViewItem *selrealm = base->ldapRealmList->selectedItem();
if (selrealm) {
TQString realmName = selrealm->text(1);
LDAPRealmConfig realmcfg = m_realms[realmName];
if (realmcfg.bonded == false) {
// Password prompt...
TQString errorString;
LDAPPasswordDialog passdlg(this);
if (passdlg.exec() == TQDialog::Accepted) {
if (bondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) {
// Success!
realmcfg.bonded = true;
m_realms.remove(realmName);
m_realms.insert(realmName, realmcfg);
save();
}
else {
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>%1</qt>").arg(errorString), i18n("Unable to Bond to Realm"));
}
}
}
}
updateRealmList();
}
void LDAPConfig::removeRealm() {
TQListViewItem *selrealm = base->ldapRealmList->selectedItem();
if (selrealm) {
@ -256,6 +314,43 @@ void LDAPConfig::removeRealm() {
}
}
void LDAPConfig::deactivateRealm() {
TQListViewItem *selrealm = base->ldapRealmList->selectedItem();
if (selrealm) {
TQString realmName = selrealm->text(1);
LDAPRealmConfig realmcfg = m_realms[realmName];
if (realmcfg.bonded == true) {
// Password prompt...
TQString errorString;
LDAPPasswordDialog passdlg(this);
passdlg.m_base->passprompt->setText(i18n("Please provide LDAP realm administrator credentials below to complete the unbonding process"));
if (passdlg.exec() == TQDialog::Accepted) {
if (unbondRealm(m_realms[realmName], passdlg.m_base->ldapAdminUsername->text(), passdlg.m_base->ldapAdminPassword->password(), passdlg.m_base->ldapAdminRealm->text(), &errorString) == 0) {
// Success!
realmcfg.bonded = false;
m_realms.remove(realmName);
m_realms.insert(realmName, realmcfg);
save();
}
else {
KMessageBox::error(this, i18n("<qt><b>Unable to unbond from realm!</b><p>%1</qt>").arg(errorString), i18n("Unable to Unbond from Realm"));
}
}
}
}
updateRealmList();
}
int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
// RAJA FIXME
return 1; // Failure
}
int LDAPConfig::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
// RAJA FIXME
return 1; // Failure
}
void LDAPConfig::realmProperties() {
TQListViewItem *selrealm = base->ldapRealmList->selectedItem();
if (selrealm) {
@ -267,6 +362,58 @@ void LDAPConfig::realmProperties() {
}
}
void LDAPConfig::writeKrb5ConfFile() {
TQFile file(KRB5_FILE);
if (file.open(IO_WriteOnly)) {
TQTextStream stream( &file );
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
// Defaults
// FIXME
// These should be configurable!
stream << "[libdefaults]\n";
stream << " ticket_lifetime = " << m_ticketLifetime << "\n";
if (m_defaultRealm != "") {
stream << " default_realm = " << m_defaultRealm << "\n";
}
stream << " default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5\n";
stream << " default_etypes_des = des3-hmac-sha1 des-cbc-crc des-cbc-md5\n";
stream << "\n";
// Realms
stream << "[realms]\n";
LDAPRealmConfigList::Iterator it;
for (it = m_realms.begin(); it != m_realms.end(); ++it) {
LDAPRealmConfig realmcfg = it.data();
stream << " " << realmcfg.name << " = {\n";
stream << " kdc = " << realmcfg.kdc << ":" << realmcfg.kdc_port << "\n";
stream << " admin_server = " << realmcfg.admin_server << ":" << realmcfg.admin_server_port << "\n";
stream << " pkinit_require_eku = " << (realmcfg.pkinit_require_eku?"true":"false") << "\n";
stream << " pkinit_require_krbtgt_otherName = " << (realmcfg.pkinit_require_krbtgt_otherName?"true":"false") << "\n";
stream << " win2k_pkinit = " << (realmcfg.win2k_pkinit?"yes":"no") << "\n";
stream << " win2k_pkinit_require_binding = " << (realmcfg.win2k_pkinit_require_binding?"yes":"no") << "\n";
stream << " }\n";
}
stream << "\n";
// Domain aliases
stream << "[domain_realm]\n";
LDAPRealmConfigList::Iterator it2;
for (it2 = m_realms.begin(); it2 != m_realms.end(); ++it2) {
LDAPRealmConfig realmcfg = it2.data();
TQStringList domains = realmcfg.domain_mappings;
for (TQStringList::Iterator it3 = domains.begin(); it3 != domains.end(); ++it3 ) {
stream << " " << *it3 << " = " << realmcfg.name << "\n";
}
}
file.close();
}
}
int LDAPConfig::buttons() {
return KCModule::Apply|KCModule::Help;
}

@ -74,20 +74,28 @@ class LDAPConfig: public KCModule
virtual TQString quickHelp() const;
virtual const KAboutData *aboutData() const { return myAboutData; };
int bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
private slots:
void processLockouts();
void bondToNewRealm();
void reBondToRealm();
void removeRealm();
void deactivateRealm();
void realmProperties();
private:
void updateRealmList();
void writeKrb5ConfFile();
private:
KAboutData *myAboutData;
KGlobalSettings *kgs;
LDAPConfigBase *base;
LDAPRealmConfigList m_realms;
TQString m_defaultRealm;
int m_ticketLifetime;
};
#endif

@ -50,7 +50,7 @@
<cstring>systemEnableSupport</cstring>
</property>
<property name="text">
<string>&amp;Enable LDAP</string>
<string>&amp;Enable LDAP Realm Support</string>
</property>
</widget>
</grid>
@ -138,6 +138,67 @@
</widget>
</grid>
</widget>
<widget class="TQGroupBox" row="2" column="0">
<property name="name">
<cstring>groupDefaults</cstring>
</property>
<property name="title">
<string>LDAP Default Settings</string>
</property>
<grid>
<property name="name">
<cstring>unnamed</cstring>
</property>
<widget class="TQLabel" row="0" column="0">
<property name="name">
<cstring>unnamed</cstring>
</property>
<property name="text">
<string>Default Realm</string>
</property>
<property name="sizePolicy">
<sizepolicy>
<hsizetype>0</hsizetype>
<vsizetype>0</vsizetype>
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
</widget>
<widget class="KComboBox" row="0" column="1" >
<property name="name">
<cstring>defaultRealm</cstring>
</property>
</widget>
<widget class="TQLabel" row="0" column="2">
<property name="name">
<cstring>unnamed</cstring>
</property>
<property name="text">
<string>Ticket Lifetime (seconds)</string>
</property>
<property name="sizePolicy">
<sizepolicy>
<hsizetype>0</hsizetype>
<vsizetype>0</vsizetype>
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
</widget>
<widget class="KIntNumInput" row="0" column="3" >
<property name="name">
<cstring>ticketLifetime</cstring>
</property>
<property name="minValue">
<number>60</number>
</property>
<property name="maxValue">
<number>1000000</number>
</property>
</widget>
</grid>
</widget>
<spacer row="4" column="0">
<property name="name" stdset="0">
<cstring>Spacer4</cstring>

@ -0,0 +1,51 @@
/***************************************************************************
* Copyright (C) 2012 by Timothy Pearson *
* kb9vqf@pearsoncomputing.net *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
***************************************************************************/
#include <klocale.h>
#include <klineedit.h>
#include <ktextedit.h>
#include <knuminput.h>
#include <kactionselector.h>
#include <tqlistbox.h>
#include <kpushbutton.h>
#include <tqpixmap.h>
#include <tqiconset.h>
#include <tqlabel.h>
#include "ldappasswddlg.h"
LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name)
: KDialogBase(parent, name, true, i18n("LDAP Authentication"), Ok|Cancel, Ok, true)
{
m_base = new BondFinishPage(this);
m_base->px_introSidebar->hide();
m_base->yad_string->hide();
setMainWidget(m_base);
}
void LDAPPasswordDialog::slotOk() {
// RAJA FIXME
accept();
}
#include "ldappasswddlg.moc"

@ -0,0 +1,43 @@
/***************************************************************************
* Copyright (C) 2012 by Timothy Pearson *
* kb9vqf@pearsoncomputing.net *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
***************************************************************************/
#ifndef _LDAPPASSWORDDIALOG_H_
#define _LDAPPASSWORDDIALOG_H_
#include <kdialogbase.h>
#include "ldap.h"
#include "bondfinishpage.h"
class LDAPPasswordDialog : public KDialogBase
{
Q_OBJECT
public:
LDAPPasswordDialog(TQWidget* parent = 0, const char* name = 0);
public slots:
void slotOk();
public:
BondFinishPage *m_base;
};
#endif
Loading…
Cancel
Save