First crack at automated browser configuration. Requires running a

script to set things up on the client machine.

6 files changed, 137 insertions, 1 deletions

diff --git a/ipa-client/Makefile b/ipa-client/Makefile
index d16e53f9f..477f93f86 100644
--- a/ipa-client/Makefile
+++ b/ipa-client/Makefile
@@ -1,4 +1,4 @@
-SUBDIRS=ipa-install
+SUBDIRS=ipa-install firefox
 PYTHONDIR=$(DESTDIR)/usr/share/ipa/ipaclient
 
 all:
diff --git a/ipa-client/firefox/Makefile b/ipa-client/firefox/Makefile
new file mode 100644
index 000000000..f6bf7f3ad
--- /dev/null
+++ b/ipa-client/firefox/Makefile
@@ -0,0 +1,12 @@
+IPADIR=$(DESTDIR)/usr/share/ipa/ipaclient
+
+all:	
+
+install: 
+	-mkdir -p $(IPADIR)
+	install -m 644 ipa.js $(IPADIR)
+	install -m 644 ipa.cfg $(IPADIR)
+
+clean:
+
+test:
diff --git a/ipa-client/firefox/README b/ipa-client/firefox/README
new file mode 100644
index 000000000..d12be6e50
--- /dev/null
+++ b/ipa-client/firefox/README
@@ -0,0 +1,17 @@
+Firefox automatic configuration.
+
+ipa.cfg needs to be installed in the Firefox root directory
+(/usr/lib/firefox-version). It can be a symlink somewhere else. We install
+the actual file into /usr/share/ipa.
+
+ipa.js contains the javascript that sets the desired configuration.
+
+The Firefox all.js needs to be modified to set:
+
+pref('general.config.obscure_value', 0);
+pref('general.config.filename', 'ipa.cfg');
+
+First need to remove any existing values for these.
+
+For more information on autoconfiguration, see:
+http://mit.edu/~firefox/www/maintainers/autoconfig.html
diff --git a/ipa-client/firefox/browsersetup.sh b/ipa-client/firefox/browsersetup.sh
new file mode 100644
index 000000000..dc8aba935
--- /dev/null
+++ b/ipa-client/firefox/browsersetup.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+ipacfg="ipa.cfg"
+
+for file in /usr/lib/firefox-* /usr/lib64/firefox*
+do
+    # Find the configuration file we want to change
+    cfg=`find $file -name all.js`
+
+    # determine the directory by removing all.js
+    dir=`echo $cfg | sed 's/greprefs\/all.js//'`
+
+    # It is possible that there will be empty Firefox directories, so skip
+    # those.
+    if test "X"$cfg != "X"; then
+
+        rm -f $cfg.new
+
+        # If the configuration already exists, remove it
+        if grep general.config.filename $cfg > /dev/null 2>&1; then
+            grep -v general.config.filename $cfg > $cfg.new
+            mv $cfg.new $cfg
+        fi
+
+        # We have the configuration unobscured
+        if grep general.config.filename $cfg > /dev/null 2>&1; then
+            grep -v general.config.obscure_value $cfg > $cfg.new
+            mv $cfg.new $cfg
+        fi
+
+        # Now we can add the new stuff to the file
+        echo "pref('general.config.obscure_value', 0);" >> "$cfg"
+        echo "pref('general.config.filename', '$ipacfg');" >> "$cfg"
+
+        # Create a link to our configuration file
+        rm -f $dir/$ipacfg
+        ln -s /usr/share/ipa/ipa.cfg $dir/$ipacfg
+    fi
+done
diff --git a/ipa-client/firefox/ipa.cfg b/ipa-client/firefox/ipa.cfg
new file mode 100644
index 000000000..448c350b6
--- /dev/null
+++ b/ipa-client/firefox/ipa.cfg
@@ -0,0 +1,19 @@
+#
+/*
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ */
+
+lockPref("autoadmin.global_config_url","file:///usr/share/ipa/ipa.js");
diff --git a/ipa-client/firefox/ipa.js b/ipa-client/firefox/ipa.js
new file mode 100644
index 000000000..011f8923c
--- /dev/null
+++ b/ipa-client/firefox/ipa.js
@@ -0,0 +1,35 @@
+/*
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ */
+ 
+try
+{
+    /* Kerberos SSO configuration */
+    lockPref("network.negotiate-auth.trusted-uris", ".greyoak.com");
+    lockPref("network.negotiate-auth.delegation-uris", ".greyoak.com");
+
+    /* These are the defaults */
+    lockPref("network.negotiate-auth.gsslib", "");
+    lockPref("network.negotiate-auth.using-native-gsslib", true);
+    lockPref("network.negotiate-auth.allow-proxies", true);
+
+    /* For Windows */
+    lockPref("network.auth.use-sspi", false);	
+}
+catch(e)
+{
+    displayError("Error in Autoconfig", e);
+}