/**
* Sets basic authentication default values.
*
* @return void
* @throws Engine_Exception
*/
public function set_basic_authentication_info_default()
{
clearos_profile(__METHOD__, __LINE__);
$product = new Product();
$name = $product->get_name();
$realm = $name . ' - ' . lang('web_proxy_web_proxy');
$tuning = $this->get_tuning();
// TODO: deal with custom tuning
if ($tuning['level'] == Tuning::LEVEL_CUSTOM) {
$children = 60;
} else {
$children = $tuning['children'];
}
// Basic authentication
//---------------------
$file = new File(self::FILE_AUTH_CONFIG);
$lines = "# This file is managed by the ClearOS API. Use squid.conf for customization.\n";
$lines .= "auth_param basic children {$children}\n";
$lines .= "auth_param basic realm {$realm}\n";
$lines .= "auth_param basic credentialsttl 2 hours\n";
$lines .= "auth_param basic program {$this->file_pam_auth}\n";
// TODO - IPv4 hack below
$lines .= "external_acl_type system_group ipv4 %LOGIN {$this->file_squid_unix_group} -p\n";
// Add NTLM if desired and possible
//---------------------------------
if ($this->get_ntlm_state() && clearos_library_installed('samba_common/Samba')) {
clearos_load_library('samba_common/Samba');
$samba = new \clearos\apps\samba_common\Samba();
if ($samba->is_initialized()) {
$domain = $samba->get_workgroup();
// TODO: hard coded web_proxy_plugin below
$lines .= "# NTLM\n";
$lines .= "auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp " . "--require-membership-of={$domain}+web_proxy_plugin\n";
$lines .= "auth_param ntlm children {$children}\n";
$lines .= "auth_param ntlm keep_alive on\n";
}
}
if ($file->exists()) {
$file->delete();
}
$file->create('root', 'root', '0644');
$file->add_lines($lines);
}
