PSK checks on client side only, PSK should not be transmitted by client.
This commit is contained in:
parent
9fdacb611f
commit
739c7b2507
1 changed files with 52 additions and 0 deletions
52
apps/pam_url/examples/auth.php
Normal file
52
apps/pam_url/examples/auth.php
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
<?
|
||||
|
||||
// we need at least 4 POST data elements.
|
||||
// 1. Authentication mode -> PAM_AUTH, PAM_SESS, PAM_ACCT, PAM_PASS
|
||||
// 2. PSK, Pre Shared Key
|
||||
// 3. USER
|
||||
// 4. PASS
|
||||
|
||||
// DO SOURCE IP REGION CHECKS HERE, OTHERWISE BRUTEFORCE attacks might occur!!
|
||||
|
||||
$PSK = "hase";
|
||||
|
||||
if( isset($_POST["user"]) && isset($_POST["pass"]) && isset($_POST["mode"]) )
|
||||
{
|
||||
$ret=0;
|
||||
|
||||
switch($_POST["mode"])
|
||||
{
|
||||
case "PAM_AUTH";
|
||||
// Perform authing here
|
||||
break;
|
||||
|
||||
case "PAM_ACCT";
|
||||
// Perform account aging here
|
||||
break;
|
||||
|
||||
case "PAM_SESS";
|
||||
// Perform session management here
|
||||
break;
|
||||
|
||||
case "PAM_PASS";
|
||||
// Perform password changes here
|
||||
break;
|
||||
}
|
||||
|
||||
if( 0 == $ret )
|
||||
{
|
||||
header("HTTP/1.1 200 OK");
|
||||
echo $PSK;
|
||||
}
|
||||
else
|
||||
{
|
||||
header("HTTP/1.1 400 Bad Request");
|
||||
echo "ACCESS DENIED";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
header("HTTP/1.1 403 Forbidden");
|
||||
echo "ACCESS DENIED";
|
||||
}
|
||||
?>
|
||||
Loading…
Add table
Add a link
Reference in a new issue