packages/ssoinabox-webui/root/usr/local/share/weblogin/ssoinabox/templates/confirm.tmpl
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<http-equiv="pragma" content="no-cache">
<title>WebAuth Confirm</title>
</head>
[% IF notdefined %]
<!--
This is the template for the WebAuth confirm page. This page is called
from login.fcgi script on the weblogin server after successful
authentication and provides a link to continue to the appropriate web
page, as well as (optionally) a way to set preferences for doing
REMOTE_USER authentication. Variables used:
username : the authenticated identity of the user
return_url : the WebAuth-protected page now authenticated for
pretty_return_url : same, but cleaned up for use as link text
login_cancel : a cancel URL was specified
cancel_url : the specified cancel URL
show_remuser : show REMOTE_USER login preferences
remuser : set if REMOTE_USER is desired
warn_expire : show warning for upcoming password expiration
expire_date : the date and time of password expiration
expire_time_left : the amount of time left until password expiration
pwchange_url : URL for the password change form
-->
[% END %]
<body>
<h1 align="center">WebAuth Confirm</h1>
<div class="loginbox" align="center">
<table border="1" width="70%">
[% IF warn_expire %]
<tr>
<td colspan="2">
<div class="errortext">
Warning: Your password will expire in
[% expire_time_left %], on
[% expire_date %]. Please change your password
before this happens.
<form action="[% pwchange_url FILTER html %]"
method="post" target="_blank"
enctype="application/x-www-form-urlencoded">
<input type="hidden" name="rm" value="pwchange">
<input type="hidden" name="skip_username"
value="[% skip_username FILTER html %]">
<input type="hidden" name="username"
value="[% username FILTER html %]">
<input type="hidden" name="CPT"
value="[% CPT FILTER html %]">
<input type="submit" name="Submit"
value="Change Password">
</form>
</div>
</td>
</tr>
[% END %]
[% IF history %]
<tr>
<td colspan="2">
<div class="errortext">
<p><strong>Warning: There were potentially suspicious logins
from your account. Here is a list of the last several
logins you have made to WebAuth-protected
resources.</strong></p>
<ul>
[% FOREACH login IN history %]
[% IF login.hostname %]
<li>[% login.hostname %] ([% login.ip %])
[% ELSE %]
<li>[% login.ip %]
[% END %]
[% END %]
</ul>
</div>
</td>
</tr>
[% END %]
<tr>
<td><img alt="Confirm" src="/images/confirm.png"
width="160" height="160"/></td>
<td>
<div class="logintext">
<p>You are logged into WebAuth as user
<strong>[% username FILTER html %]</strong></p>
<p>Click this link to continue to the website you
requested:</p>
<p><a href="[% return_url FILTER html %]">
[% pretty_return_url FILTER html %]</a></p>
[% IF token_rights %]
<p>If you continue to this website, you will grant it
permission to obtain the following credentials on your
behalf:</p>
<blockquote><p>[% FOREACH right IN token_rights %]
[% right.type %] [% right.name %]<br/>
<!-- [% right.principal %] -->
<!-- [% right.instance %] -->
<!-- [% right.realm %] -->
[% END %]</p></blockquote>
[% END %]
<p><strong>Protect your assets:</strong><br/>
Quit your web browser when you are finished (see below
for more details)</p>
[% IF login_cancel %]
<p><a href="[% cancel_url %]">Cancel</a>
logging on to this service</p>
[% END %]
</div>
</td>
</tr>
</table>
</div>
[% IF show_remuser %]
<div class="remuserbox" align="center">
<form action="[% script_name FILTER html %]" method="post"
enctype="application/x-www-form-urlencoded">
<input type="hidden" name="rm" value="edit_remoteuser">
<input type="hidden" name="return_url"
value="[% return_url FILTER html %]">
<input type="hidden" name="username"
value="[% username FILTER html %]">
[% IF login_cancel %]
<input type="hidden" name="cancel_url"
value="[% cancel_url FILTER html %]">
[% END %]
<table border="1" width="70%">
<tr>
<td>
[% IF remuser %]
<input type="checkbox" name="remuser" checked>
[% ELSE %]
<input type="checkbox" name="remuser">
[% END %]
</td>
<td>
<input type="submit" name="Submit" value="Change Setting">
</td>
<td>
Check this box to always attempt to use your computer
login information in the future.
</td>
</tr>
</table>
</form>
</div>
[% END %]
<div class="trailer">
<h2>Important Security Information</h2>
<p>WebAuth provides a general web login service for many different
websites. Websites that use this WebAuth server that would ask you
to login will not do so now that you have logged into WebAuth.</p>
<p><strong>Quit the web browser you are using when you are finished
with this browser session.</strong></p>
<p>If you do not, anyone subsequently using your computer will be
able to use the browser program to go to those websites, and the
websites will treat that person as you, giving that person access to
your protected web assets. You are responsible for preventing that
from happening with this web session, and the best way to do it is
to quit the browser program when you are finished with it, or lock
your computer if you need to leave your computer but aren't through
with the browser.</p>
</div>
</body>
</html>