r22476: The OID match is used very oddly in AD, as it is often used for fields
[Samba.git] / webapps / login.esp
blob8d6c049d02d80b6eb4c6f7483ead1e4e2502b8a3
1 <% page_header("plain", "SWAT Login", "");
2    libinclude("auth.js");
3    include("/scripting/forms.js");
5 if (request['SESSION_EXPIRED'] == "True") {
6    write("<b>Your session has expired - please authenticate again<br /></b>\n");
9 var f = FormObj("login", 3, 1);
10 f.element[0].label = "Username";
11 f.element[0].value = form['Username'];
12 f.element[1].label = "Password";
13 f.element[1].value = form['Password'];
14 f.element[1].type  = "password";
15 f.element[2].label = "Domain";
16 f.element[2].type  = "select";
17 f.element[2].list  = getDomainList();
18 f.submit[0] = "Login";
20 f.display();
24         if (request.REQUEST_METHOD == "POST") {
25                 var creds = credentials_init();
26                 creds.set_username(form.Username);
27                 creds.set_password(form.Password);
28                 creds.set_domain(form.Domain);
29                 creds.set_workstation(request['REMOTE_HOST']);
31                 auth = userAuth(creds, request['REMOTE_SOCKET_ADDRESS']);
32                 if (auth == undefined) {
33                         write("<b>Invalid login - please try again<br /></b>\n");
34                 } else if (auth.result) {
35                         session.AUTHENTICATED = true;
36                         session.authinfo = new Object();
38                         session.authinfo.username = auth.username;
39                         session.authinfo.domain = auth.domain;
40                         session.authinfo.credentials = creds;
41                         session.authinfo.session_info = auth.session_info;
42                         
43                         /* if the user was asking for the login page, then now
44                            redirect them to the main page. Otherwise just
45                            redirect them to the current page, which will now
46                            show its true content */
47                         if (request.REQUEST_URI == "/login.esp") {
48                            redirect(session_uri("/"));
49                         } else {
50                            redirect(session_uri(request.REQUEST_URI));
51                         }
52                 } else if (auth.report == undefined) {
53                         write("<b>Login failed - please try again<br /></b>\n");
54                 } else {
55                         write("<b>Login failed: " + auth.report + " - please try again<br /></b>\n");
56                 }
57         }
59 <% page_footer(); %>