J
Jack
Hi,
After have looked into the login code in webmin, I don't understand its
password authentication in the session_login.cgi file.
The session_login.cgi file written with the following codes:
print "$text{'session_prefix'}\n";
print "<form action=$gconfig{'webprefix'}/session_login.cgi
method=post>\n";
^^^^^^^^^^^^^^^^^^^^^^^^^^^
print "<input type=hidden name=page
value='".&html_escape($in{'page'})."'>\n";
print "<table border width=40%>\n";
print "<tr $tb> <td><b>$text{'session_header'}</b></td> </tr>\n";
print "<tr $cb> <td align=center><table cellpadding=3>\n";
if ($gconfig{'realname'}) {
$host = &get_system_hostname();
}
else {
$host = $ENV{'HTTP_HOST'};
$host =~ s/:\d+//g;
$host = &html_escape($host);
}
print "<tr> <td colspan=2 align=center>",
&text($gconfig{'nohostname'} ? 'session_mesg2' :
$gconfig{'usermin'} ? 'session_mesg3' : 'session_mesg',
"<tt>$host</tt>"),"</td> </tr>\n";
print "<tr> <td><b>$text{'session_user'}</b></td>\n";
print "<td><input name=user size=20
value='".&html_escape($in{'failed'})."'></td> </tr>\n";
print "<tr> <td><b>$text{'session_pass'}</b></td>\n";
print "<td><input name=pass size=20 type=password></td> </tr>\n";
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
print "<tr> <td colspan=2 align=center><input type=submit
value='$text{'session_login'}'>\n";
================ end of attachement =================
The password is submitted to the session_login.cgi file, but there is no
perl code in the session_login.cgi file validate the password.
Does anyone know how does session_login.cgi in webmin validate the password?
I need to change the login module in webmin so that it has an option
allow to enter Cyrus user name and password as well when creating new
user. When this admin user login, it also login Cyrus admin server and
somehow pass the reference of cyrus to another cyrus module, from there,
the admin user can also manage email user accounts as well.
Thanks
Sam
After have looked into the login code in webmin, I don't understand its
password authentication in the session_login.cgi file.
The session_login.cgi file written with the following codes:
print "$text{'session_prefix'}\n";
print "<form action=$gconfig{'webprefix'}/session_login.cgi
method=post>\n";
^^^^^^^^^^^^^^^^^^^^^^^^^^^
print "<input type=hidden name=page
value='".&html_escape($in{'page'})."'>\n";
print "<table border width=40%>\n";
print "<tr $tb> <td><b>$text{'session_header'}</b></td> </tr>\n";
print "<tr $cb> <td align=center><table cellpadding=3>\n";
if ($gconfig{'realname'}) {
$host = &get_system_hostname();
}
else {
$host = $ENV{'HTTP_HOST'};
$host =~ s/:\d+//g;
$host = &html_escape($host);
}
print "<tr> <td colspan=2 align=center>",
&text($gconfig{'nohostname'} ? 'session_mesg2' :
$gconfig{'usermin'} ? 'session_mesg3' : 'session_mesg',
"<tt>$host</tt>"),"</td> </tr>\n";
print "<tr> <td><b>$text{'session_user'}</b></td>\n";
print "<td><input name=user size=20
value='".&html_escape($in{'failed'})."'></td> </tr>\n";
print "<tr> <td><b>$text{'session_pass'}</b></td>\n";
print "<td><input name=pass size=20 type=password></td> </tr>\n";
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
print "<tr> <td colspan=2 align=center><input type=submit
value='$text{'session_login'}'>\n";
================ end of attachement =================
The password is submitted to the session_login.cgi file, but there is no
perl code in the session_login.cgi file validate the password.
Does anyone know how does session_login.cgi in webmin validate the password?
I need to change the login module in webmin so that it has an option
allow to enter Cyrus user name and password as well when creating new
user. When this admin user login, it also login Cyrus admin server and
somehow pass the reference of cyrus to another cyrus module, from there,
the admin user can also manage email user accounts as well.
Thanks
Sam