/usr/share/weblogin/generic/templates/confirm.tmpl is in webauth-weblogin 4.7.0-6build2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<http-equiv="pragma" content="no-cache">
<title>WebAuth Confirm</title>
</head>
[% IF notdefined %]
<!--
This is the template for the WebAuth confirm page. This page is called
from login.fcgi script on the weblogin server after successful
authentication and provides a link to continue to the appropriate web
page, as well as (optionally) a way to set preferences for doing
REMOTE_USER authentication. Variables used:
username : the authenticated identity of the user
authz_subject : the authorization identity of the user
permitted_authz : array of permitted authorization identities
return_url : the WebAuth-protected page now authenticated for
pretty_return_url : same, but cleaned up for use as link text
login_cancel : a cancel URL was specified
cancel_url : the specified cancel URL
show_remuser : show REMOTE_USER login preferences
remuser : set if REMOTE_USER is desired
remember_login : set if single sign-on cookies should be generated
warn_expire : show warning for upcoming password expiration
expire_timestamp : timestamp for password expiration
pwchange_url : URL for the password change form
device_expiring : timestamp of when a device factor will expire
user_message : raw HTML returned by the user information service
ST : Original service token
RT : Original request token
You may customize this file however you wish for your site.
The authors hereby relinquish any claim to any copyright that they may
have in this work, whether granted under contract or by operation of law
or international treaty, and hereby commit to the public, at large, that
they shall not, at any time in the future, seek to enforce any copyright
in this work against any person or entity, or prevent any person or
entity from copying, publishing, distributing or creating derivative
works of this work.
-->
[% END -%]
[% USE date(format = '%Y-%m-%d %l:%M %p') -%]
<body>
<h1 align="center">WebAuth Confirm</h1>
<div class="loginbox" align="center">
<table border="1" width="70%">
[% IF warn_expire %]
<tr>
<td colspan="2">
<div class="errortext">
Warning: Your password will expire in
[% PERL -%]
use Time::Duration;
my $timestamp = $stash->get('expire_timestamp');
print Time::Duration::duration($timestamp - time);
[% END -%]
at [% date.format(expire_timestamp) %]. Please change your
password before this happens.
<form action="[% pwchange_url FILTER html %]"
method="post" target="_blank"
enctype="application/x-www-form-urlencoded">
<input type="hidden" name="rm" value="pwchange">
<input type="hidden" name="skip_username"
value="[% skip_username FILTER html %]">
<input type="hidden" name="username"
value="[% username FILTER html %]">
<input type="hidden" name="CPT"
value="[% CPT FILTER html %]">
<input type="hidden" name="remember_login"
value="[% remember_login FILTER html %]">
<input type="submit" name="Submit"
value="Change Password">
</form>
</div>
</td>
</tr>
[% END %]
[% IF device_expiring %]
<tr>
<td colspan="2">
<div class="errortext">
Warning: Your device long-lived multifactor token will expire
at [% date.format(device_expiring) %]. This will require you
to log in via multifactor again to renew the token.
</div>
</td>
</tr>
[% END %]
[% IF user_message %]
<tr>
<td colspan="2">
<div class="errortext">[% user_message %]</div>
</td>
</tr>
[% END %]
[% IF history.size %]
<tr>
<td colspan="2">
<div class="errortext">
<p><strong>Warning: There were potentially suspicious logins
from your account. Here is a list of the last several
logins you have made to WebAuth-protected
resources.</strong></p>
<ul>
[% FOREACH login IN history %]
[% IF login.hostname %]
<li>
[% IF login.timestamp %]
[% date.format(login.timestamp) %] -
[% END %]
[% login.hostname FILTER html %]
([% login.ip FILTER html %])</li>
[% ELSE %]
<li>
[% IF login.timestamp %]
[% date.format(login.timestamp) %] -
[% END %]
[% login.ip FILTER html %]</li>
[% END %]
[% END %]
</ul>
</div>
</td>
</tr>
[% END %]
<tr>
<td><img alt="Confirm" src="/images/confirm.png"
width="160" height="160"/></td>
<td>
<div class="logintext">
<p>You are logged into WebAuth as user
<strong>[% username FILTER html %]</strong></p>
[% IF authz_subject %]
<p>You will be identified to the website as
<strong>[% authz_subject FILTER html %]</strong></p>
[% END %]
<p>Click this link to continue to the website you
requested:</p>
<p><a href="[% return_url FILTER html %]">
[% pretty_return_url FILTER html %]</a></p>
[% IF token_rights.size %]
<p>If you continue to this website, you will grant it
permission to obtain the following credentials on your
behalf:</p>
<blockquote><p>[% FOREACH right IN token_rights %]
[% right.type FILTER html %]
[% right.name FILTER html %]<br />
<!-- [% right.principal FILTER html %] -->
<!-- [% right.instance FILTER html %] -->
<!-- [% right.realm FILTER html %] -->
[% END %]</p></blockquote>
[% END %]
<p><strong>Protect your assets:</strong><br />
Quit your web browser when you are finished (see below
for more details)</p>
[% IF login_cancel %]
<p><a href="[% cancel_url FILTER html %]">Cancel</a>
logging on to this service</p>
[% END %]
</div>
</td>
</tr>
</table>
</div>
[% IF permitted_authz.size %]
<div class="authzbox" style="width: 70%; margin-left: auto;
margin-right: auto">
<p>
You are permitted to identify to this web site as a user other
than your normal identity. If you want to do that, select a
different identity from the list below.
</p>
<form action="[% script_name FILTER html %]" method="post"
enctype="application/x-www-form-urlencoded"
align="center">
<input type="hidden" name="rm" value="edit_authz_identity">
<input type="hidden" name="ST" value="[% ST FILTER html %]">
<input type="hidden" name="RT" value="[% RT FILTER html %]">
<input type="hidden" name="remember_login"
value="[% remember_login FILTER html %]">
<table>
<tr>
<td><strong>Identity:</strong></td>
<td>
<select name="authz_subject">
<option selected>[% username FILTER html %]</option>
[% FOREACH authz IN permitted_authz %]
<option>[% authz FILTER html %]</option>
[% END %]
</select>
</td>
<td>
<input type="submit" name="Submit" value="Change Identity">
</td>
</tr>
</table>
</form>
</div>
[% END %]
[% IF show_remuser %]
<div class="remuserbox" align="center">
<form action="[% script_name FILTER html %]" method="post"
enctype="application/x-www-form-urlencoded">
<input type="hidden" name="rm" value="edit_remoteuser">
<input type="hidden" name="return_url"
value="[% return_url FILTER html %]">
<input type="hidden" name="username"
value="[% username FILTER html %]">
[% IF login_cancel %]
<input type="hidden" name="cancel_url"
value="[% cancel_url FILTER html %]">
[% END %]
<table border="1" width="70%">
<tr>
<td>
[% IF remuser %]
<input type="checkbox" name="remuser" checked>
[% ELSE %]
<input type="checkbox" name="remuser">
[% END %]
</td>
<td>
<input type="submit" name="Submit" value="Change Setting">
</td>
<td>
Check this box to always attempt to use your computer
login information in the future.
</td>
</tr>
</table>
</form>
</div>
[% END %]
<div class="trailer">
<h2>Important Security Information</h2>
<p>WebAuth provides a general web login service for many different
websites. Websites that use this WebAuth server that would ask you
to login will not do so now that you have logged into WebAuth.</p>
<p><strong>Quit the web browser you are using when you are finished
with this browser session.</strong></p>
<p>If you do not, anyone subsequently using your computer will be
able to use the browser program to go to those websites, and the
websites will treat that person as you, giving that person access to
your protected web assets. You are responsible for preventing that
from happening with this web session, and the best way to do it is
to quit the browser program when you are finished with it, or lock
your computer if you need to leave your computer but aren't through
with the browser.</p>
</div>
</body>
</html>
|