On Fri, Nov 14, 2014 at 8:41 AM, Francisco Jen Ou <[email protected]> wrote:
> Hello, > > I Googled a lot but found no answer. > > Is there a way for pfSense proxy local users to change their passwords? > > Installation: > > pfSense 2.1.5-RELEASE-pfSense (amd64) > squid 2.7.9 pkg v.4.3.4 > > -- > Francisco Jen Ou > > There is not a built-in way to allow proxy local users to change their passwords. It is often more practical to use one of the other authentication mechanisms rather than to try to change the built-in one. The built-in system is designed for simplicity, not for flexibility. That's why the choice of using other authentication methods is given. (Disclaimer: unless you are *completely and totally confident* that you can do it properly and securely, don't actually try to implement the idea below. There are too many things that could go wrong otherwise, including corrupting the pfSense configuration file, or even allowing non-authenticated users to change settings on the firewall. I am not responsible if you break something.) If you have some PHP experience and are willing to dig a bit into the pfSense code to see how to work with the XML config file, you could likely create a simple PHP form that edits the configuration. It could be as simple as taking the user's username, old password, and new password, comparing the old password, and then setting the new password in the pfSense config file. Your code would then call "squid_resync_users()" to apply the change in the XML config to the Squid password file. Whatever you do, don't try to make something that edits the Squid password file directly. Any changes you make to the file directly will be overwritten every time you make changes in the web interface. Your changes would also likely be overwritten when the firewall reboots. Moshe -- Moshe Katz -- [email protected] -- +1(301)867-3732
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
