/** * Sets basic authentication default values. * * @return void * @throws Engine_Exception */ public function set_basic_authentication_info_default() { clearos_profile(__METHOD__, __LINE__); $product = new Product(); $name = $product->get_name(); $realm = $name . ' - ' . lang('web_proxy_web_proxy'); $tuning = $this->get_tuning(); // TODO: deal with custom tuning if ($tuning['level'] == Tuning::LEVEL_CUSTOM) { $children = 60; } else { $children = $tuning['children']; } // Basic authentication //--------------------- $file = new File(self::FILE_AUTH_CONFIG); $lines = "# This file is managed by the ClearOS API. Use squid.conf for customization.\n"; $lines .= "auth_param basic children {$children}\n"; $lines .= "auth_param basic realm {$realm}\n"; $lines .= "auth_param basic credentialsttl 2 hours\n"; $lines .= "auth_param basic program {$this->file_pam_auth}\n"; // TODO - IPv4 hack below $lines .= "external_acl_type system_group ipv4 %LOGIN {$this->file_squid_unix_group} -p\n"; // Add NTLM if desired and possible //--------------------------------- if ($this->get_ntlm_state() && clearos_library_installed('samba_common/Samba')) { clearos_load_library('samba_common/Samba'); $samba = new \clearos\apps\samba_common\Samba(); if ($samba->is_initialized()) { $domain = $samba->get_workgroup(); // TODO: hard coded web_proxy_plugin below $lines .= "# NTLM\n"; $lines .= "auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp " . "--require-membership-of={$domain}+web_proxy_plugin\n"; $lines .= "auth_param ntlm children {$children}\n"; $lines .= "auth_param ntlm keep_alive on\n"; } } if ($file->exists()) { $file->delete(); } $file->create('root', 'root', '0644'); $file->add_lines($lines); }