With the MIRACL Trust RADIUS server, it is possible to configure web pages to display error messages, to customise the OTP page and to list hosts to authorise to if more than one has been configured.
# Default HTML Templates
If the pages parameters are not populated, it defaults to auto-populating the template parameters with a very simple HTML 1.0 code, which is suitable for local testing of the program.
For testing purposes, the
/etc/miracl-radius/integrations/pages_template.yaml file contains parameters
that can be used to load simple HTML templates for displaying error, logout and
services pages. Remember that these parameters do not have to be stored in this
file, they can be stored in any file that is then listed in the config.yaml
includes list.
pages:
error:
template: >-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>RADIUS ERROR</title>
</head>
<body>
<h1>RADIUS ERROR</h1>
<h2>{{ .Data }}</h2>
</body>
</html>
hosts:
template: >-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>RADIUS Authentication Hosts</title>
</head>
<body>
<form action="{{ .URL }}"><label>Choose the host this request will be authenticated to</label><br>
{{ range $host := .Hosts }}<div><input type="radio" id="{{ $host }}" name="host" value="{{ $host }}"><label
for="{{ $host }}">"{{ $host }}"</label></div>{{ end }}<br><input type="submit" value="Submit">
</form>
</body>
</html>
otp:
template: >-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>RADIUS OTP</title>
</head>
<body>
User: {{ .User }} </br>
OTP: {{ .OTP}} </br>
Expiry: {{ .Expiry }}
</body>
</html>
Note that the above snippet is different from the actual
/etc/miracl-radius/integrations/pages_template.yaml file. It contains the
templates that the config schema loads by default if no web page parameters are
filled in (for either HTML templates or fully configured web pages).
-
The program is set up to serve errors (404s, LDAP errors, authentication errors, etc.) in JSON format. The above error page template example shows the available variables. Note that the Data field contains the error message.
-
When more than one host is set in the RADIUS server configuration, this is the page displayed to the user so they choose which one to generate an OTP for. It presents a ’landing page’ list of hosts that the user is authorised to access. After choosing a host, the user is presented with the login page to authenticate.
-
It is possible to configure and style the page which displays the generated One Time Password together with the User ID it is generated for and its expiry contained in the User, OTP and Expiry fields.
