2015-12-28 06:29:34 +01:00
|
|
|
# This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
|
2015-05-14 08:44:38 +02:00
|
|
|
package Lemonldap::NG::Manager::Attributes;
|
|
|
|
|
2019-02-12 18:21:38 +01:00
|
|
|
our $VERSION = '2.1.0';
|
2015-05-14 08:44:38 +02:00
|
|
|
|
2019-06-10 08:56:56 +02:00
|
|
|
sub perlExpr {
|
|
|
|
my ( $val, $conf ) = @_;
|
|
|
|
my $cpt = 'Safe'->new;
|
|
|
|
$cpt->share_from( 'MIME::Base64', ['&encode_base64'] );
|
2019-09-13 10:03:28 +02:00
|
|
|
$cpt->share_from(
|
|
|
|
'Lemonldap::NG::Handler::Main::Jail',
|
|
|
|
[
|
|
|
|
'&encrypt', '&token',
|
|
|
|
@Lemonldap::NG::Handler::Main::Jail::builtCustomFunctions
|
|
|
|
]
|
|
|
|
);
|
2019-06-10 08:56:56 +02:00
|
|
|
$cpt->share_from( 'Lemonldap::NG::Common::Safelib',
|
|
|
|
$Lemonldap::NG::Common::Safelib::functions );
|
2019-06-27 17:40:50 +02:00
|
|
|
$cpt->reval("BEGIN { 'warnings'->unimport; } $val");
|
2019-06-10 08:56:56 +02:00
|
|
|
my $err = join(
|
|
|
|
'',
|
|
|
|
grep( { $_ =~ /Undefined subroutine/ ? () : $_; } split( /\n/, $@, 0 ) )
|
|
|
|
);
|
|
|
|
return $err ? ( 1, "__badExpression__: $err" ) : 1;
|
|
|
|
}
|
|
|
|
|
2015-05-14 08:44:38 +02:00
|
|
|
sub types {
|
|
|
|
return {
|
2018-06-20 21:38:26 +02:00
|
|
|
'array' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2018-06-20 21:38:26 +02:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'authParamsText' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'blackWhiteList' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'bool' => {
|
|
|
|
'msgFail' => '__notABoolean__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[01]$/
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'boolOrExpr' => {
|
|
|
|
'msgFail' => '__notAValidPerlExpression__',
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'catAndAppList' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'file' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'hostname' => {
|
|
|
|
'form' => 'text',
|
|
|
|
'msgFail' => '__badHostname__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'int' => {
|
|
|
|
'msgFail' => '__notAnInteger__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^\-?\d+$/
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'keyText' => {
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[a-zA-Z0-9_]+$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^.*$/
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'keyTextContainer' => {
|
|
|
|
'keyMsgFail' => '__badKeyName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^\w[\w\.\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__emptyValueNotAllowed__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/./
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'lmAttrOrMacro' => {
|
|
|
|
'form' => 'text',
|
|
|
|
'test' => sub {
|
|
|
|
my ( $val, $conf ) = @_;
|
|
|
|
return 1
|
2019-09-18 16:04:45 +02:00
|
|
|
if defined $$conf{'macros'}{$val} or $val eq '_timezone';
|
2017-06-23 11:57:07 +02:00
|
|
|
foreach $_ ( keys %$conf ) {
|
|
|
|
return 1
|
2019-09-18 16:04:45 +02:00
|
|
|
if $_ =~ /exportedvars$/i and defined $$conf{$_}{$val};
|
2017-06-23 11:57:07 +02:00
|
|
|
}
|
|
|
|
return 1, "__unknownAttrOrMacro__: $val";
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'longtext' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'menuApp' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'menuCat' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'oidcmetadatajson' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'oidcmetadatajwks' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'oidcOPMetaDataNode' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'oidcRPMetaDataNode' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'password' => {
|
|
|
|
'msgFail' => '__malformedValue__',
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'pcre' => {
|
|
|
|
'form' => 'text',
|
|
|
|
'test' => sub {
|
|
|
|
eval {
|
|
|
|
do {
|
|
|
|
qr/$_[0]/;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
};
|
|
|
|
return $@ ? ( 0, "__badRegexp__: $@" ) : 1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'PerlModule' => {
|
|
|
|
'form' => 'text',
|
|
|
|
'msgFail' => '__badPerlPackageName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'portalskin' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'portalskinbackground' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'post' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'RSAPrivateKey' => {
|
|
|
|
'test' => sub {
|
|
|
|
return $_[0] =~
|
2019-08-06 15:46:24 +02:00
|
|
|
m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s
|
2017-06-23 11:57:07 +02:00
|
|
|
? 1
|
|
|
|
: ( 1, '__badPemEncoding__' );
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'RSAPublicKey' => {
|
|
|
|
'test' => sub {
|
|
|
|
return $_[0] =~
|
|
|
|
m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s
|
|
|
|
? 1
|
|
|
|
: ( 1, '__badPemEncoding__' );
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'RSAPublicKeyOrCertificate' => {
|
|
|
|
'test' => sub {
|
|
|
|
return $_[0] =~
|
|
|
|
m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s
|
|
|
|
? 1
|
|
|
|
: ( 1, '__badPemEncoding__' );
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'rule' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'samlAssertion' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'samlAttribute' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'samlIDPMetaDataNode' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'samlService' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'samlSPMetaDataNode' => {
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'select' => {
|
|
|
|
'test' => sub {
|
2019-09-18 16:04:45 +02:00
|
|
|
my $test =
|
|
|
|
grep( { $_ eq $_[0]; }
|
|
|
|
map( { $$_{'k'}; } @{ $_[2]{'select'}; } ) );
|
2017-06-23 11:57:07 +02:00
|
|
|
return $test
|
|
|
|
? 1
|
|
|
|
: ( 1, "Invalid value '$_[0]' for this select" );
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'subContainer' => {
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/\w/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'text' => {
|
|
|
|
'msgFail' => '__malformedValue__',
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'trool' => {
|
|
|
|
'msgFail' => '__authorizedValues__: -1, 0, 1',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^(?:-1|0|1)$/
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'url' => {
|
|
|
|
'form' => 'text',
|
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/
|
2017-06-23 11:57:07 +02:00
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
sub attributes {
|
|
|
|
return {
|
|
|
|
'activeTimer' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'ADPwdExpireWarning' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'ADPwdMaxAge' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'apacheAuthnLevel' => {
|
|
|
|
'default' => 4,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'applicationList' => {
|
|
|
|
'default' => {
|
|
|
|
'default' => {
|
|
|
|
'catname' => 'Default category',
|
|
|
|
'type' => 'category'
|
|
|
|
}
|
|
|
|
},
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/\w/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'catAndAppList'
|
|
|
|
},
|
2019-09-10 10:15:17 +02:00
|
|
|
'authChoiceAuthBasic' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'authChoiceModules' => {
|
|
|
|
'keyMsgFail' => '__badChoiceKey__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^(\d*)?[a-zA-Z0-9_]+$/,
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'Apache',
|
|
|
|
'v' => 'Apache'
|
2015-12-30 21:32:45 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
2017-04-27 09:51:55 +02:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'CAS',
|
|
|
|
'v' => 'Central Authentication Service (CAS)'
|
2015-12-30 21:32:45 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
2016-01-12 18:20:20 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demo'
|
2015-12-30 21:32:45 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'Facebook',
|
|
|
|
'v' => 'Facebook'
|
2015-12-30 21:32:45 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
2019-02-05 11:51:39 +01:00
|
|
|
'k' => 'GPG',
|
|
|
|
'v' => 'GPG'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Kerberos',
|
|
|
|
'v' => 'Kerberos'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
2017-06-23 16:47:03 +02:00
|
|
|
{
|
|
|
|
'k' => 'LinkedIn',
|
|
|
|
'v' => 'LinkedIn'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'PAM',
|
|
|
|
'v' => 'PAM'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenID',
|
|
|
|
'v' => 'OpenID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenIDConnect',
|
|
|
|
'v' => 'OpenID Connect'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Proxy',
|
|
|
|
'v' => 'Proxy'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Radius',
|
|
|
|
'v' => 'Radius'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Remote',
|
|
|
|
'v' => 'Remote'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SAML',
|
|
|
|
'v' => 'SAML v2'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Slave',
|
|
|
|
'v' => 'Slave'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SSL',
|
|
|
|
'v' => 'SSL'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Twitter',
|
|
|
|
'v' => 'Twitter'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'WebID',
|
|
|
|
'v' => 'WebID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
2019-02-07 09:27:56 +01:00
|
|
|
[ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'CAS',
|
|
|
|
'v' => 'Central Authentication Service (CAS)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demo'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Facebook',
|
|
|
|
'v' => 'Facebook'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenID',
|
|
|
|
'v' => 'OpenID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenIDConnect',
|
|
|
|
'v' => 'OpenID Connect'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Proxy',
|
|
|
|
'v' => 'Proxy'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Remote',
|
|
|
|
'v' => 'Remote'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SAML',
|
|
|
|
'v' => 'SAML v2'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Slave',
|
|
|
|
'v' => 'Slave'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'WebID',
|
|
|
|
'v' => 'WebID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
2019-02-07 09:27:56 +01:00
|
|
|
[ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demo'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
2017-02-23 22:46:00 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
2017-03-07 18:28:09 +01:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
]
|
|
|
|
],
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
'type' => 'authChoiceContainer'
|
|
|
|
},
|
|
|
|
'authChoiceParam' => {
|
|
|
|
'default' => 'lmAuth',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'authentication' => {
|
|
|
|
'default' => 'Demo',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'Apache',
|
|
|
|
'v' => 'Apache'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Facebook',
|
|
|
|
'v' => 'Facebook'
|
|
|
|
},
|
|
|
|
{
|
2019-02-05 11:51:39 +01:00
|
|
|
'k' => 'GPG',
|
|
|
|
'v' => 'GPG'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Kerberos',
|
|
|
|
'v' => 'Kerberos'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
2017-06-23 16:47:03 +02:00
|
|
|
{
|
|
|
|
'k' => 'LinkedIn',
|
|
|
|
'v' => 'LinkedIn'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'PAM',
|
|
|
|
'v' => 'PAM'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Radius',
|
|
|
|
'v' => 'Radius'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SSL',
|
|
|
|
'v' => 'SSL'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Twitter',
|
|
|
|
'v' => 'Twitter'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'WebID',
|
|
|
|
'v' => 'WebID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demonstration'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Choice',
|
|
|
|
'v' => 'authChoice'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Combination',
|
|
|
|
'v' => 'combineMods'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'CAS',
|
|
|
|
'v' => 'Central Authentication Service (CAS)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenID',
|
|
|
|
'v' => 'OpenID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenIDConnect',
|
|
|
|
'v' => 'OpenID Connect'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SAML',
|
|
|
|
'v' => 'SAML v2'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Proxy',
|
|
|
|
'v' => 'Proxy'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Remote',
|
|
|
|
'v' => 'Remote'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Slave',
|
|
|
|
'v' => 'Slave'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'AuthLDAPFilter' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-10-27 15:11:30 +02:00
|
|
|
'autoSigninRules' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2018-03-08 20:43:50 +01:00
|
|
|
'available2F' => {
|
2019-07-12 11:53:22 +02:00
|
|
|
'default' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey,Radius',
|
2018-04-03 10:23:31 +02:00
|
|
|
'type' => 'text'
|
2018-03-08 20:43:50 +01:00
|
|
|
},
|
|
|
|
'available2FSelfRegistration' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'default' => 'TOTP,U2F,Yubikey',
|
|
|
|
'type' => 'text'
|
2018-03-08 20:43:50 +01:00
|
|
|
},
|
2019-09-08 19:26:09 +02:00
|
|
|
'browsersDontStorePassword' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-09-23 11:09:04 +02:00
|
|
|
'bruteForceProtection' => {
|
2018-10-10 23:12:38 +02:00
|
|
|
'default' => 0,
|
2018-09-22 19:24:16 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-09-28 19:50:01 +02:00
|
|
|
'bruteForceProtectionMaxAge' => {
|
|
|
|
'default' => 300,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-12-12 23:51:33 +01:00
|
|
|
'bruteForceProtectionMaxFailed' => {
|
|
|
|
'default' => 3,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-09-28 19:50:01 +02:00
|
|
|
'bruteForceProtectionTempo' => {
|
|
|
|
'default' => 30,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'captcha_login_enabled' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'captcha_mail_enabled' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'captcha_register_enabled' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'captcha_size' => {
|
|
|
|
'default' => 6,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'casAccessControlPolicy' => {
|
|
|
|
'default' => 'none',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'none',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'error',
|
|
|
|
'v' => 'Display error on portal'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'faketicket',
|
|
|
|
'v' => 'Send a fake service ticket'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'casAppMetaDataExportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'cn' => 'cn',
|
|
|
|
'mail' => 'mail',
|
|
|
|
'uid' => 'uid'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'casAppMetaDataNodes' => {
|
|
|
|
'type' => 'casAppMetaDataNodeContainer'
|
|
|
|
},
|
|
|
|
'casAppMetaDataOptions' => {
|
|
|
|
'type' => 'subContainer'
|
|
|
|
},
|
|
|
|
'casAppMetaDataOptionsRule' => {
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'casAppMetaDataOptionsService' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
2019-04-25 20:35:41 +02:00
|
|
|
'casAppMetaDataOptionsUserAttribute' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'casAttr' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'casAttributes' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'casAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataExportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'cn' => 'cn',
|
|
|
|
'mail' => 'mail',
|
|
|
|
'uid' => 'uid'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataNodes' => {
|
|
|
|
'type' => 'casSrvMetaDataNodeContainer'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataOptions' => {
|
|
|
|
'type' => 'subContainer'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataOptionsDisplayName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataOptionsGateway' => {
|
2018-07-23 00:13:43 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'casSrvMetaDataOptionsIcon' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataOptionsProxiedServices' => {
|
|
|
|
'keyMsgFail' => '__badCasProxyId__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^\w/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'casSrvMetaDataOptionsRenew' => {
|
2018-07-23 00:13:43 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
2019-04-10 21:58:28 +02:00
|
|
|
'casSrvMetaDataOptionsSortNumber' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'casSrvMetaDataOptionsUrl' => {
|
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'casStorage' => {
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'casStorageOptions' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'cda' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-09-18 16:04:45 +02:00
|
|
|
'certificateResetByMailCeaAttribute' => {
|
|
|
|
'default' => 'description',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'certificateResetByMailCertificateAttribute' => {
|
|
|
|
'default' => 'userCertificate;binary',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'certificateResetByMailReplyTo' => {
|
|
|
|
'default' => 'noreply@example.com',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'certificateResetByMailSender' => {
|
|
|
|
'default' => 'noreply@example.com',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'certificateResetByMailStep1Body' => {
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
|
|
|
'certificateResetByMailStep1Subject' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'certificateResetByMailStep2Body' => {
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
|
|
|
'certificateResetByMailStep2Subject' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'certificateResetByMailURL' => {
|
|
|
|
'default' => 'http://auth.example.com/certificateReset',
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'certificateResetByMailValidityDelay' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'cfgAuthor' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'cfgAuthorIP' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'cfgDate' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'cfgLog' => {
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
|
|
|
'cfgNum' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'cfgVersion' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-05-15 21:20:31 +02:00
|
|
|
'checkState' => {
|
2018-07-22 22:35:30 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2018-05-15 21:20:31 +02:00
|
|
|
},
|
|
|
|
'checkStateSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-06-15 19:00:14 +02:00
|
|
|
'checkTime' => {
|
|
|
|
'default' => 600,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-02-23 09:35:43 +01:00
|
|
|
'checkUser' => {
|
2019-02-25 20:10:19 +01:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'checkUserDisplayEmptyValues' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'checkUserDisplayPersistentInfo' => {
|
|
|
|
'default' => 0,
|
2019-02-23 09:35:43 +01:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-02-23 23:02:42 +01:00
|
|
|
'checkUserHiddenAttributes' => {
|
2019-07-07 22:30:24 +02:00
|
|
|
'default' => '_loginHistory _session_id hGroups',
|
2019-02-23 23:02:42 +01:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-03-09 23:29:10 +01:00
|
|
|
'checkUserIdRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2019-03-09 23:29:10 +01:00
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'checkXSS' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'combination' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-03-19 05:56:36 +01:00
|
|
|
'combinationForms' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'combModules' => {
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^\w+$/,
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'Apache',
|
|
|
|
'v' => 'Apache'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Facebook',
|
|
|
|
'v' => 'Facebook'
|
|
|
|
},
|
|
|
|
{
|
2019-02-05 11:51:39 +01:00
|
|
|
'k' => 'GPG',
|
|
|
|
'v' => 'GPG'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Kerberos',
|
|
|
|
'v' => 'Kerberos'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
2019-03-26 07:00:53 +01:00
|
|
|
{
|
|
|
|
'k' => 'LinkedIn',
|
|
|
|
'v' => 'LinkedIn'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'PAM',
|
|
|
|
'v' => 'PAM'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Radius',
|
|
|
|
'v' => 'Radius'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SSL',
|
|
|
|
'v' => 'SSL'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Twitter',
|
|
|
|
'v' => 'Twitter'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'WebID',
|
|
|
|
'v' => 'WebID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demonstration'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'CAS',
|
|
|
|
'v' => 'Central Authentication Service (CAS)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenID',
|
|
|
|
'v' => 'OpenID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OpenIDConnect',
|
|
|
|
'v' => 'OpenID Connect'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SAML',
|
|
|
|
'v' => 'SAML v2'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Proxy',
|
|
|
|
'v' => 'Proxy'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Remote',
|
|
|
|
'v' => 'Remote'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Slave',
|
|
|
|
'v' => 'Slave'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
'type' => 'cmbModuleContainer'
|
|
|
|
},
|
2018-03-09 18:34:59 +01:00
|
|
|
'configStorage' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'confirmFormMethod' => {
|
|
|
|
'default' => 'post',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'get',
|
|
|
|
'v' => 'GET'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'post',
|
|
|
|
'v' => 'POST'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
2019-06-21 14:49:38 +02:00
|
|
|
'contextSwitchingIdRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'test' => sub {
|
|
|
|
return perlExpr(@_);
|
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'contextSwitchingRule' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'contextSwitchingStopWithLogout' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'cookieExpiration' => {
|
2018-07-30 19:18:06 +02:00
|
|
|
'type' => 'int'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'cookieName' => {
|
|
|
|
'default' => 'lemonldap',
|
|
|
|
'msgFail' => '__badCookieName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-05-31 17:00:39 +02:00
|
|
|
'corsAllow_Credentials' => {
|
|
|
|
'default' => 'true',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'corsAllow_Headers' => {
|
|
|
|
'default' => '*',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'corsAllow_Methods' => {
|
|
|
|
'default' => 'POST,GET',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'corsAllow_Origin' => {
|
|
|
|
'default' => '*',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'corsEnabled' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'corsExpose_Headers' => {
|
|
|
|
'default' => '*',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'corsMax_Age' => {
|
2019-09-18 16:04:45 +02:00
|
|
|
'default' => 86400,
|
2019-05-31 17:00:39 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'cspConnect' => {
|
|
|
|
'default' => '\'self\'',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'cspDefault' => {
|
|
|
|
'default' => '\'self\'',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'cspFont' => {
|
|
|
|
'default' => '\'self\'',
|
|
|
|
'type' => 'text'
|
2018-10-18 19:51:50 +02:00
|
|
|
},
|
|
|
|
'cspFormAction' => {
|
2018-10-30 20:32:20 +01:00
|
|
|
'default' => '\'self\'',
|
2018-10-18 19:51:50 +02:00
|
|
|
'type' => 'text'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'cspImg' => {
|
|
|
|
'default' => '\'self\' data:',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'cspScript' => {
|
|
|
|
'default' => '\'self\'',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'cspStyle' => {
|
|
|
|
'default' => '\'self\'',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'customAddParams' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'customAuth' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'customFunctions' => {
|
|
|
|
'msgFail' => '__badCustomFuncName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'customPassword' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'customRegister' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-08-16 15:22:06 +02:00
|
|
|
'customToTrace' => {
|
2019-08-20 22:36:51 +02:00
|
|
|
'type' => 'lmAttrOrMacro'
|
2019-08-16 15:22:06 +02:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'customUserDB' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiAuthChain' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiAuthLoginCol' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiAuthnLevel' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'dbiAuthPassword' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'dbiAuthPasswordCol' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiAuthPasswordHash' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiAuthTable' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiAuthUser' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiDynamicHashEnabled' => {
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'dbiDynamicHashNewPasswordScheme' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiDynamicHashValidSaltedSchemes' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiDynamicHashValidSchemes' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiExportedVars' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'dbiPasswordMailCol' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiUserChain' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiUserPassword' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'dbiUserTable' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'dbiUserUser' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'demoExportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'cn' => 'cn',
|
|
|
|
'mail' => 'mail',
|
|
|
|
'uid' => 'uid'
|
|
|
|
},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2019-07-01 13:28:01 +02:00
|
|
|
'disablePersistentStorage' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'domain' => {
|
|
|
|
'default' => 'example.com',
|
|
|
|
'msgFail' => '__badDomainName__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-08-31 22:59:05 +02:00
|
|
|
'dontCompactConf' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'exportedAttr' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'exportedHeaders' => {
|
|
|
|
'keyMsgFail' => '__badHostname__',
|
|
|
|
'keyTest' =>
|
2017-10-24 12:56:19 +02:00
|
|
|
qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => {
|
|
|
|
'keyMsgFail' => '__badHeaderName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^(?=[^\-])[\w\-]+(?<=[^-])$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'exportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'UA' => 'HTTP_USER_AGENT'
|
|
|
|
},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[_a-zA-Z][a-zA-Z0-9_]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[_a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'ext2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'ext2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-02-14 22:10:48 +01:00
|
|
|
'ext2fCodeActivation' => {
|
|
|
|
'default' => '\\d{6}',
|
2019-02-14 22:41:18 +01:00
|
|
|
'type' => 'pcre'
|
2019-02-14 22:10:48 +01:00
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'ext2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-03-16 22:32:23 +01:00
|
|
|
'ext2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'ext2FSendCommand' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ext2FValidateCommand' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'facebookAppId' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'facebookAppSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'facebookAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'facebookExportedVars' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2018-06-22 18:16:24 +02:00
|
|
|
'facebookUserField' => {
|
|
|
|
'default' => 'id',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'failedLoginNumber' => {
|
|
|
|
'default' => 5,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-04-14 22:34:58 +02:00
|
|
|
'favAppsMaxNumber' => {
|
2019-04-25 23:01:06 +02:00
|
|
|
'default' => 3,
|
2019-04-14 22:34:58 +02:00
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-08-16 12:58:08 +02:00
|
|
|
'forceGlobalStorageUpgradeOTT' => {
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'formTimeout' => {
|
|
|
|
'default' => 120,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'globalStorage' => {
|
|
|
|
'default' => 'Apache::Session::File',
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'globalStorageOptions' => {
|
|
|
|
'default' => {
|
|
|
|
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
|
|
|
'generateModule' =>
|
|
|
|
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
|
|
|
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2019-04-05 22:39:58 +02:00
|
|
|
'gpgAuthnLevel' => {
|
2019-04-21 18:58:01 +02:00
|
|
|
'default' => 5,
|
2019-04-05 22:39:58 +02:00
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-02-05 11:51:39 +01:00
|
|
|
'gpgDb' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'grantSessionRules' => {
|
2019-07-10 17:15:40 +02:00
|
|
|
'default' => {},
|
2017-06-23 11:57:07 +02:00
|
|
|
'keyTest' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
'type' => 'grantContainer'
|
|
|
|
},
|
|
|
|
'groups' => {
|
|
|
|
'default' => {},
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2018-11-09 21:15:44 +01:00
|
|
|
'handlerInternalCache' => {
|
|
|
|
'default' => 15,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-05-26 18:24:56 +02:00
|
|
|
'handlerServiceTokenTTL' => {
|
|
|
|
'default' => 30,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'hiddenAttributes' => {
|
2019-06-15 22:37:38 +02:00
|
|
|
'default' => '_password _2fDevices',
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'hideOldPassword' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'httpOnly' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'https' => {
|
2019-01-25 11:37:14 +01:00
|
|
|
'default' => -1,
|
|
|
|
'type' => 'trool'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
2019-03-06 16:24:10 +01:00
|
|
|
'impersonationHiddenAttributes' => {
|
2019-03-02 23:27:56 +01:00
|
|
|
'default' => '_2fDevices _loginHistory',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-03-08 11:39:19 +01:00
|
|
|
'impersonationIdRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2019-03-08 11:39:19 +01:00
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-03-06 16:24:10 +01:00
|
|
|
'impersonationMergeSSOgroups' => {
|
2019-03-05 14:50:01 +01:00
|
|
|
'default' => 0,
|
2019-06-08 22:07:47 +02:00
|
|
|
'type' => 'boolOrExpr'
|
2019-03-05 14:50:01 +01:00
|
|
|
},
|
2019-03-06 16:24:10 +01:00
|
|
|
'impersonationPrefix' => {
|
2019-03-02 23:27:56 +01:00
|
|
|
'default' => 'real_',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-03-06 16:24:10 +01:00
|
|
|
'impersonationRule' => {
|
2019-03-05 15:07:54 +01:00
|
|
|
'default' => 0,
|
2019-03-02 23:27:56 +01:00
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-03-06 16:24:10 +01:00
|
|
|
'impersonationSkipEmptyValues' => {
|
2019-03-02 23:27:56 +01:00
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'infoFormMethod' => {
|
|
|
|
'default' => 'get',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'get',
|
|
|
|
'v' => 'GET'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'post',
|
|
|
|
'v' => 'POST'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'issuerDBCASActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'issuerDBCASPath' => {
|
|
|
|
'default' => '^/cas/',
|
|
|
|
'type' => 'pcre'
|
|
|
|
},
|
|
|
|
'issuerDBCASRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'issuerDBGetActivation' => {
|
2017-11-02 17:16:21 +01:00
|
|
|
'default' => 0,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'issuerDBGetParameters' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badHostname__',
|
|
|
|
'keyTest' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => {
|
|
|
|
'keyMsgFail' => '__badKeyName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^(?=[^\-])[\w\-]+(?<=[^-])$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => sub {
|
|
|
|
my ( $val, $conf ) = @_;
|
|
|
|
return 1
|
2019-09-18 16:04:45 +02:00
|
|
|
if defined $$conf{'macros'}{$val} or $val eq '_timezone';
|
2017-06-23 11:57:07 +02:00
|
|
|
foreach $_ ( keys %$conf ) {
|
|
|
|
return 1
|
|
|
|
if $_ =~ /exportedvars$/i
|
2019-09-18 16:04:45 +02:00
|
|
|
and defined $$conf{$_}{$val};
|
2017-06-23 11:57:07 +02:00
|
|
|
}
|
|
|
|
return 1, "__unknownAttrOrMacro__: $val";
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'doubleHash'
|
|
|
|
},
|
|
|
|
'issuerDBGetPath' => {
|
|
|
|
'default' => '^/get/',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'issuerDBGetRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'issuerDBOpenIDActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'issuerDBOpenIDConnectActivation' => {
|
2017-11-02 17:16:21 +01:00
|
|
|
'default' => 0,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'issuerDBOpenIDConnectPath' => {
|
|
|
|
'default' => '^/oauth2/',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'issuerDBOpenIDConnectRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'issuerDBOpenIDPath' => {
|
|
|
|
'default' => '^/openidserver/',
|
|
|
|
'type' => 'pcre'
|
|
|
|
},
|
|
|
|
'issuerDBOpenIDRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'issuerDBSAMLActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'issuerDBSAMLPath' => {
|
|
|
|
'default' => '^/saml/',
|
|
|
|
'type' => 'pcre'
|
|
|
|
},
|
|
|
|
'issuerDBSAMLRule' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-09-03 22:51:43 +02:00
|
|
|
'issuersTimeout' => {
|
|
|
|
'default' => 120,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'jsRedirect' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'key' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'krbAuthnLevel' => {
|
|
|
|
'default' => 3,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'krbByJs' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'krbKeytab' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-11-06 16:19:06 +01:00
|
|
|
'krbRemoveDomain' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'ldapAllowResetExpiredPassword' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'ldapAuthnLevel' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'ldapBase' => {
|
|
|
|
'default' => 'dc=example,dc=com',
|
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^(?:\w+=.*|)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapChangePasswordAsUser' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'ldapExportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'cn' => 'cn',
|
|
|
|
'mail' => 'mail',
|
|
|
|
'uid' => 'uid'
|
|
|
|
},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'LDAPFilter' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapGroupAttributeName' => {
|
|
|
|
'default' => 'member',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapGroupAttributeNameGroup' => {
|
|
|
|
'default' => 'dn',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapGroupAttributeNameSearch' => {
|
|
|
|
'default' => 'cn',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapGroupAttributeNameUser' => {
|
|
|
|
'default' => 'dn',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapGroupBase' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-02-02 15:34:24 +01:00
|
|
|
'ldapGroupDecodeSearchedValue' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'ldapGroupObjectClass' => {
|
|
|
|
'default' => 'groupOfNames',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapGroupRecursive' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-09-05 17:17:21 +02:00
|
|
|
'ldapITDS' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'ldapPasswordResetAttribute' => {
|
|
|
|
'default' => 'pwdReset',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapPasswordResetAttributeValue' => {
|
|
|
|
'default' => 'TRUE',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapPort' => {
|
|
|
|
'default' => 389,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'ldapPpolicyControl' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'ldapPwdEnc' => {
|
|
|
|
'default' => 'utf-8',
|
|
|
|
'msgFail' => '__badEncoding__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z0-9_][a-zA-Z0-9_\-]*[a-zA-Z0-9_]$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapRaw' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapSearchDeref' => {
|
|
|
|
'default' => 'find',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'never',
|
|
|
|
'v' => 'never'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'search',
|
|
|
|
'v' => 'search'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'find',
|
|
|
|
'v' => 'find'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'always',
|
|
|
|
'v' => 'always'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'ldapServer' => {
|
|
|
|
'default' => 'ldap://localhost',
|
|
|
|
'test' => sub {
|
|
|
|
my $l = shift();
|
2019-09-18 16:04:45 +02:00
|
|
|
my (@s) = split( /[\s,]+/, $l, 0 );
|
2017-06-23 11:57:07 +02:00
|
|
|
foreach my $s (@s) {
|
|
|
|
return 0, qq[__badLdapUri__: "$s"]
|
|
|
|
unless $s =~
|
|
|
|
m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?::\d{1,5})?/?.*)$]o;
|
|
|
|
}
|
|
|
|
return 1;
|
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'ldapSetPassword' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'ldapTimeout' => {
|
|
|
|
'default' => 120,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'ldapUsePasswordResetAttribute' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'ldapVersion' => {
|
|
|
|
'default' => 3,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 16:47:03 +02:00
|
|
|
'linkedInAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'linkedInClientID' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'linkedInClientSecret' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'linkedInScope' => {
|
2019-08-22 15:08:45 +02:00
|
|
|
'default' => 'r_liteprofile r_emailaddress',
|
2017-06-23 16:47:03 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'linkedInUserField' => {
|
|
|
|
'default' => 'emailAddress',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'localSessionStorage' => {
|
|
|
|
'default' => 'Cache::FileCache',
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'localSessionStorageOptions' => {
|
|
|
|
'default' => {
|
|
|
|
'cache_depth' => 3,
|
|
|
|
'cache_root' => '/tmp',
|
|
|
|
'default_expires_in' => 600,
|
|
|
|
'directory_umask' => '007',
|
|
|
|
'namespace' => 'lemonldap-ng-sessions'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2018-03-09 18:34:59 +01:00
|
|
|
'localStorage' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'localStorageOptions' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'locationRules' => {
|
|
|
|
'default' => {
|
|
|
|
'default' => 'deny'
|
|
|
|
},
|
|
|
|
'keyMsgFail' => '__badHostname__',
|
|
|
|
'keyTest' =>
|
2017-10-24 12:56:19 +02:00
|
|
|
qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => {
|
|
|
|
'keyMsgFail' => '__badRegexp__',
|
|
|
|
'keyTest' => sub {
|
|
|
|
eval {
|
|
|
|
do {
|
|
|
|
qr/$_[0]/;
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
};
|
|
|
|
return $@ ? 0 : 1;
|
|
|
|
},
|
|
|
|
'msgFail' => '__badExpression__',
|
|
|
|
'test' => sub {
|
|
|
|
my ( $val, $conf ) = @_;
|
|
|
|
my $s = $val;
|
|
|
|
if ( $s =~ s/^logout(?:_(?:sso|app(?:_sso)?))?\s*// ) {
|
|
|
|
return $s =~ m[^(?:https?://.*)?$]
|
|
|
|
? 1
|
|
|
|
: ( 0, '__badUrl__' );
|
|
|
|
}
|
|
|
|
$s =~ s/\b(accept|deny|unprotect|skip)\b/1/g;
|
2019-06-10 08:56:56 +02:00
|
|
|
return &perlExpr( $s, $conf );
|
2019-09-18 16:04:45 +02:00
|
|
|
}
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'ruleContainer'
|
|
|
|
},
|
2018-05-11 11:03:02 +02:00
|
|
|
'log4perlConfFile' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'logger' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'loginHistoryEnabled' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-05-07 20:34:20 +02:00
|
|
|
'logLevel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'logoutServices' => {
|
|
|
|
'default' => {},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'lwpOpts' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'lwpSslOpts' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'macros' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badMacroName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2019-02-03 14:43:44 +01:00
|
|
|
'mail2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'mail2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'mail2fBody' => {
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
|
|
|
'mail2fCodeRegex' => {
|
2019-02-03 21:48:49 +01:00
|
|
|
'default' => '\\d{6}',
|
2019-02-03 14:43:44 +01:00
|
|
|
'type' => 'pcre'
|
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'mail2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-02-03 14:43:44 +01:00
|
|
|
'mail2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'mail2fSubject' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'mail2fTimeout' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-01-24 19:45:43 +01:00
|
|
|
'mailBody' => {
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'mailCharset' => {
|
|
|
|
'default' => 'utf-8',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-01-24 19:45:43 +01:00
|
|
|
'mailConfirmBody' => {
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
|
|
|
'mailConfirmSubject' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'mailFrom' => {
|
|
|
|
'default' => 'noreply@example.com',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'mailLDAPFilter' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'mailOnPasswordChange' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-01-24 19:45:43 +01:00
|
|
|
'mailReplyTo' => {
|
2019-01-16 22:57:35 +01:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-01-24 19:45:43 +01:00
|
|
|
'mailSessionKey' => {
|
|
|
|
'default' => 'mail',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'mailSubject' => {
|
2019-01-16 22:57:35 +01:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-01-24 19:45:43 +01:00
|
|
|
'mailTimeout' => {
|
2019-01-19 14:27:00 +01:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-01-24 19:45:43 +01:00
|
|
|
'mailUrl' => {
|
2019-01-16 22:57:35 +01:00
|
|
|
'default' => 'http://auth.example.com/resetpwd',
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'maintenance' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'managerDn' => {
|
|
|
|
'default' => '',
|
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^(?:\w+=.*)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'managerPassword' => {
|
|
|
|
'default' => '',
|
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^\S*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'password'
|
|
|
|
},
|
2018-04-04 23:14:25 +02:00
|
|
|
'max2FDevices' => {
|
|
|
|
'default' => 10,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'max2FDevicesNameLength' => {
|
|
|
|
'default' => 20,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'multiValuesSeparator' => {
|
|
|
|
'default' => '; ',
|
|
|
|
'type' => 'authParamsText'
|
|
|
|
},
|
2018-06-20 21:38:26 +02:00
|
|
|
'mySessionAuthorizedRWKeys' => {
|
|
|
|
'default' =>
|
2018-07-22 22:35:30 +02:00
|
|
|
[ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ],
|
2018-06-20 21:38:26 +02:00
|
|
|
'type' => 'array'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'nginxCustomHandlers' => {
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^\w+$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badPerlPackageName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/,
|
|
|
|
'type' => 'keyTextContainer'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'noAjaxHook' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'notification' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'notificationServer' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-07-25 11:59:00 +02:00
|
|
|
'notificationServerDELETE' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'notificationServerGET' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'notificationServerPOST' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'notificationServerSentAttributes' => {
|
|
|
|
'default' => 'uid reference date title subtitle text check',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'notificationStorage' => {
|
|
|
|
'default' => 'File',
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'notificationStorageOptions' => {
|
|
|
|
'default' => {
|
|
|
|
'dirName' => '/var/lib/lemonldap-ng/notifications'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'notificationWildcard' => {
|
|
|
|
'default' => 'allusers',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'notificationXSLTfile' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'notifyDeleted' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'notifyOther' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'nullAuthnLevel' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataExportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'cn' => 'name',
|
|
|
|
'mail' => 'email',
|
|
|
|
'sn' => 'family_name',
|
|
|
|
'uid' => 'sub'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataJSON' => {
|
|
|
|
'type' => 'file'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataJWKS' => {
|
|
|
|
'type' => 'file'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataNodes' => {
|
|
|
|
'type' => 'oidcOPMetaDataNodeContainer'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptions' => {
|
|
|
|
'type' => 'subContainer'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsAcrValues' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsCheckJWTSignature' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsClientID' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsClientSecret' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsConfigurationURI' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsDisplay' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => ''
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'page',
|
|
|
|
'v' => 'page'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'popup',
|
|
|
|
'v' => 'popup'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'touch',
|
|
|
|
'v' => 'touch'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'wap',
|
|
|
|
'v' => 'wap'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsDisplayName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsIcon' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsIDTokenMaxAge' => {
|
|
|
|
'default' => 30,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsJWKSTimeout' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsMaxAge' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsPrompt' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsScope' => {
|
|
|
|
'default' => 'openid profile',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-04-10 16:37:39 +02:00
|
|
|
'oidcOPMetaDataOptionsSortNumber' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'oidcOPMetaDataOptionsStoreIDToken' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsTokenEndpointAuthMethod' => {
|
|
|
|
'default' => 'client_secret_post',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'client_secret_post',
|
|
|
|
'v' => 'client_secret_post'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'client_secret_basic',
|
|
|
|
'v' => 'client_secret_basic'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsUiLocales' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcOPMetaDataOptionsUseNonce' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcRPCallbackGetParam' => {
|
|
|
|
'default' => 'openidconnectcallback',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataExportedVars' => {
|
|
|
|
'default' => {
|
|
|
|
'email' => 'mail',
|
|
|
|
'family_name' => 'sn',
|
|
|
|
'name' => 'cn'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataNodes' => {
|
|
|
|
'type' => 'oidcRPMetaDataNodeContainer'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptions' => {
|
|
|
|
'type' => 'subContainer'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsAccessTokenExpiration' => {
|
|
|
|
'default' => 3600,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsBypassConsent' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsClientID' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsClientSecret' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsDisplayName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsExtraClaims' => {
|
|
|
|
'default' => {},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsIcon' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsIDTokenExpiration' => {
|
|
|
|
'default' => 3600,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsIDTokenSignAlg' => {
|
|
|
|
'default' => 'HS512',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'none',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'HS256',
|
|
|
|
'v' => 'HS256'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'HS384',
|
|
|
|
'v' => 'HS384'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'HS512',
|
|
|
|
'v' => 'HS512'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'RS256',
|
|
|
|
'v' => 'RS256'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'RS384',
|
|
|
|
'v' => 'RS384'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'RS512',
|
|
|
|
'v' => 'RS512'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsLogoutSessionRequired' => {
|
2018-07-23 00:13:43 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsLogoutType' => {
|
|
|
|
'default' => 'front',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'front',
|
|
|
|
'v' => 'Front Channel'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'back',
|
|
|
|
'v' => 'Back Channel'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsLogoutUrl' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsPostLogoutRedirectUris' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-04-29 10:02:16 +02:00
|
|
|
'oidcRPMetaDataOptionsPublic' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'oidcRPMetaDataOptionsRedirectUris' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-04-29 17:35:23 +02:00
|
|
|
'oidcRPMetaDataOptionsRequirePKCE' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'oidcRPMetaDataOptionsRule' => {
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcRPMetaDataOptionsUserIDAttr' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcRPStateTimeout' => {
|
|
|
|
'default' => 600,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'oidcServiceAllowAuthorizationCodeFlow' => {
|
2017-11-02 17:16:21 +01:00
|
|
|
'default' => 1,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcServiceAllowDynamicRegistration' => {
|
2017-11-02 17:16:21 +01:00
|
|
|
'default' => 0,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcServiceAllowHybridFlow' => {
|
2017-11-02 17:16:21 +01:00
|
|
|
'default' => 0,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcServiceAllowImplicitFlow' => {
|
2017-11-02 17:16:21 +01:00
|
|
|
'default' => 0,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'oidcServiceKeyIdSig' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataAuthnContext' => {
|
|
|
|
'default' => {
|
|
|
|
'loa-1' => 1,
|
|
|
|
'loa-2' => 2,
|
|
|
|
'loa-3' => 3,
|
|
|
|
'loa-4' => 4,
|
|
|
|
'loa-5' => 5
|
|
|
|
},
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/\w/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataAuthorizeURI' => {
|
|
|
|
'default' => 'authorize',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataBackChannelURI' => {
|
|
|
|
'default' => 'blogout',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataCheckSessionURI' => {
|
|
|
|
'default' => 'checksession.html',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataEndSessionURI' => {
|
|
|
|
'default' => 'logout',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataFrontChannelURI' => {
|
|
|
|
'default' => 'flogout',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-08-27 15:32:50 +02:00
|
|
|
'oidcServiceMetaDataIntrospectionURI' => {
|
|
|
|
'default' => 'introspect',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'oidcServiceMetaDataIssuer' => {
|
2019-08-13 18:09:10 +02:00
|
|
|
'type' => 'text'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'oidcServiceMetaDataJWKSURI' => {
|
|
|
|
'default' => 'jwks',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataRegistrationURI' => {
|
|
|
|
'default' => 'register',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataTokenURI' => {
|
|
|
|
'default' => 'token',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServiceMetaDataUserInfoURI' => {
|
|
|
|
'default' => 'userinfo',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'oidcServicePrivateKeySig' => {
|
|
|
|
'type' => 'RSAPrivateKey'
|
|
|
|
},
|
|
|
|
'oidcServicePublicKeySig' => {
|
|
|
|
'type' => 'RSAPublicKey'
|
|
|
|
},
|
|
|
|
'oidcStorage' => {
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'oidcStorageOptions' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'oldNotifFormat' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'openIdAttr' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'openIdAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'openIdExportedVars' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'openIdIDPList' => {
|
|
|
|
'default' => '0;',
|
|
|
|
'type' => 'blackWhiteList'
|
|
|
|
},
|
|
|
|
'openIdIssuerSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'openIdSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'openIdSPList' => {
|
|
|
|
'default' => '0;',
|
|
|
|
'type' => 'blackWhiteList'
|
|
|
|
},
|
|
|
|
'openIdSreg_country' => {
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_dob' => {
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_email' => {
|
|
|
|
'default' => 'mail',
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_fullname' => {
|
|
|
|
'default' => 'cn',
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_gender' => {
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_language' => {
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_nickname' => {
|
|
|
|
'default' => 'uid',
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_postcode' => {
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'openIdSreg_timezone' => {
|
|
|
|
'default' => '_timezone',
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
|
|
|
'pamAuthnLevel' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'pamService' => {
|
|
|
|
'default' => 'login',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'passwordDB' => {
|
|
|
|
'default' => 'Demo',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Choice',
|
|
|
|
'v' => 'authChoice'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demonstration'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
2019-09-05 10:55:08 +02:00
|
|
|
'passwordPolicyMinDigit' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'passwordPolicyMinLower' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'passwordPolicyMinSize' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'passwordPolicyMinUpper' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-11-15 21:16:46 +01:00
|
|
|
'passwordResetAllowedRetries' => {
|
2018-11-15 22:39:05 +01:00
|
|
|
'default' => 3,
|
2018-11-15 21:16:46 +01:00
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-07-04 21:49:09 +02:00
|
|
|
'pdataDomain' => {
|
|
|
|
'default' => '',
|
|
|
|
'msgFail' => '__badDomainName__',
|
|
|
|
'test' =>
|
|
|
|
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'persistentStorage' => {
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'persistentStorageOptions' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'port' => {
|
2019-01-25 11:37:14 +01:00
|
|
|
'default' => -1,
|
|
|
|
'type' => 'int'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'portal' => {
|
|
|
|
'default' => 'http://auth.example.com/',
|
2018-08-07 18:06:36 +02:00
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
|
|
|
'type' => 'url'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'portalAntiFrame' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalCheckLogins' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalDisplayAppslist' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-09-18 16:04:45 +02:00
|
|
|
'portalDisplayCertificateResetByMail' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'portalDisplayChangePassword' => {
|
|
|
|
'default' => '$_auth =~ /^(LDAP|DBI|Demo)$/',
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-04-25 23:01:06 +02:00
|
|
|
'portalDisplayFavApps' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-09-12 18:42:53 +02:00
|
|
|
'portalDisplayGeneratePassword' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'portalDisplayLoginHistory' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'portalDisplayLogout' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2017-09-15 12:32:15 +02:00
|
|
|
'portalDisplayOidcConsents' => {
|
2017-09-15 12:34:43 +02:00
|
|
|
'default' => '$_oidcConnectedRP',
|
2017-09-15 12:32:15 +02:00
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-09-05 13:02:51 +02:00
|
|
|
'portalDisplayPasswordPolicy' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'portalDisplayRegister' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalDisplayResetPassword' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalErrorOnExpiredSession' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalErrorOnMailNotFound' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-10-03 21:27:09 +02:00
|
|
|
'portalForceAuthn' => {
|
2018-10-03 22:32:37 +02:00
|
|
|
'default' => 0,
|
2018-10-03 21:07:10 +02:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-10-03 21:27:09 +02:00
|
|
|
'portalForceAuthnInterval' => {
|
|
|
|
'default' => 5,
|
2018-10-03 21:07:10 +02:00
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-10-08 23:02:59 +02:00
|
|
|
'portalMainLogo' => {
|
|
|
|
'default' => 'common/logos/logo_llng_400px.png',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'portalOpenLinkInNewWindow' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalPingInterval' => {
|
|
|
|
'default' => 60000,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'portalRequireOldPassword' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalSkin' => {
|
|
|
|
'default' => 'bootstrap',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'bootstrap',
|
|
|
|
'v' => 'Bootstrap'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'portalskin'
|
|
|
|
},
|
|
|
|
'portalSkinBackground' => {
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => '1280px-Anse_Source_d\'Argent_2-La_Digue.jpg',
|
|
|
|
'v' => 'Anse'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' =>
|
|
|
|
'1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg',
|
|
|
|
'v' => 'Waterfall'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => '1280px-BrockenSnowedTrees.jpg',
|
|
|
|
'v' => 'Snowed Trees'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' =>
|
|
|
|
'1280px-Cedar_Breaks_National_Monument_partially.jpg',
|
|
|
|
'v' => 'National Monument'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => '1280px-Parry_Peak_from_Winter_Park.jpg',
|
|
|
|
'v' => 'Winter'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Aletschgletscher_mit_Pinus_cembra1.jpg',
|
|
|
|
'v' => 'Pinus'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'portalskinbackground'
|
|
|
|
},
|
|
|
|
'portalSkinRules' => {
|
|
|
|
'keyMsgFail' => '__badSkinRule__',
|
|
|
|
'keyTest' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^\w+$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'portalStatus' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'portalUserAttr' => {
|
|
|
|
'default' => '_user',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'post' => {
|
|
|
|
'keyMsgFail' => '__badHostname__',
|
|
|
|
'keyTest' =>
|
2017-10-24 12:56:19 +02:00
|
|
|
qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'test' => sub {
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
'type' => 'postContainer'
|
|
|
|
},
|
|
|
|
'protection' => {
|
|
|
|
'msgFail' => '__authorizedValues__: none authenticate manager',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^(?:none|authenticate|manager|)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'proxyAuthnLevel' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'proxyAuthService' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'proxySessionService' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'proxyUseSoap' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-07-12 11:53:22 +02:00
|
|
|
'radius2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'radius2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'radius2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'radius2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'radius2fSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'radius2fServer' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'radius2fTimeout' => {
|
|
|
|
'default' => 20,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'radius2fUsernameSessionKey' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'radiusAuthnLevel' => {
|
|
|
|
'default' => 3,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'radiusSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'radiusServer' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'randomPasswordRegexp' => {
|
|
|
|
'default' => '[A-Z]{3}[a-z]{5}.\\d{2}',
|
|
|
|
'type' => 'pcre'
|
|
|
|
},
|
|
|
|
'redirectFormMethod' => {
|
|
|
|
'default' => 'get',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'get',
|
|
|
|
'v' => 'GET'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'post',
|
|
|
|
'v' => 'POST'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'registerConfirmSubject' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'registerDB' => {
|
|
|
|
'default' => 'Null',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Demo',
|
|
|
|
'v' => 'Demonstration'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'registerDoneSubject' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'registerTimeout' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-11-02 17:16:21 +01:00
|
|
|
'registerUrl' => {
|
2017-11-02 18:04:03 +01:00
|
|
|
'default' => 'http://auth.example.com/register',
|
2017-11-02 17:16:21 +01:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-11-26 08:21:00 +01:00
|
|
|
'reloadTimeout' => {
|
|
|
|
'default' => 5,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'reloadUrls' => {
|
2018-11-30 21:45:54 +01:00
|
|
|
'keyTest' =>
|
|
|
|
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/,
|
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
|
|
|
'type' => 'keyTextContainer'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'remoteCookieName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'remoteGlobalStorage' => {
|
|
|
|
'default' => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'remoteGlobalStorageOptions' => {
|
|
|
|
'default' => {
|
|
|
|
'ns' =>
|
|
|
|
'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
|
|
|
'proxy' => 'http://auth.example.com/sessions'
|
|
|
|
},
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'remotePortal' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'requireToken' => {
|
|
|
|
'default' => 1,
|
2019-04-03 23:28:45 +02:00
|
|
|
'type' => 'boolOrExpr'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
2018-02-23 09:38:33 +01:00
|
|
|
'rest2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'rest2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'rest2fInitArgs' => {
|
2018-02-23 12:05:51 +01:00
|
|
|
'keyMsgFail' => '__badKeyName__',
|
|
|
|
'keyTest' => qr/^\w+$/,
|
|
|
|
'msgFail' => '__badValue__',
|
|
|
|
'test' => qr/^\w+$/,
|
|
|
|
'type' => 'keyTextContainer'
|
2018-02-23 09:38:33 +01:00
|
|
|
},
|
|
|
|
'rest2fInitUrl' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'rest2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-03-16 22:32:23 +01:00
|
|
|
'rest2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-02-23 09:38:33 +01:00
|
|
|
'rest2fVerifyArgs' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'rest2fVerifyUrl' => {
|
2018-02-23 12:05:51 +01:00
|
|
|
'keyMsgFail' => '__badKeyName__',
|
|
|
|
'keyTest' => qr/^\w+$/,
|
|
|
|
'msgFail' => '__badValue__',
|
|
|
|
'test' => qr/^\w+$/,
|
|
|
|
'type' => 'url'
|
2018-02-23 09:38:33 +01:00
|
|
|
},
|
2019-04-05 22:39:58 +02:00
|
|
|
'restAuthnLevel' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'restAuthUrl' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
2019-09-06 17:45:51 +02:00
|
|
|
'restClockTolerance' => {
|
|
|
|
'default' => 15,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'restConfigServer' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-06-14 08:51:58 +02:00
|
|
|
'restExportSecretKeys' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'restPwdConfirmUrl' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'restPwdModifyUrl' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'restSessionServer' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'restUserDBUrl' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlAuthnContextMapKerberos' => {
|
|
|
|
'default' => 4,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlAuthnContextMapPassword' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlAuthnContextMapPasswordProtectedTransport' => {
|
|
|
|
'default' => 3,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlAuthnContextMapTLSClient' => {
|
|
|
|
'default' => 5,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlCommonDomainCookieActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlCommonDomainCookieDomain' => {
|
|
|
|
'msgFail' => '__badDomainName__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlCommonDomainCookieReader' => {
|
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlCommonDomainCookieWriter' => {
|
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
2018-09-04 15:24:18 +02:00
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlDiscoveryProtocolActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlDiscoveryProtocolIsPassive' => {
|
2018-11-20 22:36:38 +01:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2018-09-04 15:24:18 +02:00
|
|
|
},
|
|
|
|
'samlDiscoveryProtocolPolicy' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlDiscoveryProtocolURL' => {
|
|
|
|
'msgFail' => '__badUrl__',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlEntityID' => {
|
|
|
|
'default' => '#PORTAL#/saml/metadata',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataExportedAttributes' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badMetadataName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/\w/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'samlAttributeContainer'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataNodes' => {
|
|
|
|
'type' => 'samlIDPMetaDataNodeContainer'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptions' => {
|
|
|
|
'keyMsgFail' => '__badMetadataName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsAdaptSessionUtime' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsAllowLoginFromIDP' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsAllowProxiedAuthn' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsCheckAudience' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsCheckSLOMessageSignature' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsCheckSSOMessageSignature' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsCheckTime' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-02-04 23:13:54 +01:00
|
|
|
'samlIDPMetaDataOptionsDisplayName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'samlIDPMetaDataOptionsEncryptionMode' => {
|
|
|
|
'default' => 'none',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'none',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'nameid',
|
|
|
|
'v' => 'Name ID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'assertion',
|
|
|
|
'v' => 'Assertion'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsForceAuthn' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsForceUTF8' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-02-04 23:13:54 +01:00
|
|
|
'samlIDPMetaDataOptionsIcon' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'samlIDPMetaDataOptionsIsPassive' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsNameIDFormat' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => ''
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'unspecified',
|
|
|
|
'v' => 'Unspecified'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'email',
|
|
|
|
'v' => 'Email'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'x509',
|
|
|
|
'v' => 'X509 certificate'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'windows',
|
|
|
|
'v' => 'Windows'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'kerberos',
|
|
|
|
'v' => 'Kerberos'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'entity',
|
|
|
|
'v' => 'Entity'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'persistent',
|
|
|
|
'v' => 'Persistent'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'transient',
|
|
|
|
'v' => 'Transient'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'encrypted',
|
|
|
|
'v' => 'Encrypted'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsRelayStateURL' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsRequestedAuthnContext' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => ''
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'kerberos',
|
|
|
|
'v' => 'Kerberos'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'password-protected-transport',
|
|
|
|
'v' => 'Password protected transport'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'password',
|
|
|
|
'v' => 'Password'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'tls-client',
|
|
|
|
'v' => 'TLS client certificate'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsResolutionRule' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'longtext'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsSignSLOMessage' => {
|
|
|
|
'default' => -1,
|
|
|
|
'type' => 'trool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsSignSSOMessage' => {
|
|
|
|
'default' => -1,
|
|
|
|
'type' => 'trool'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsSLOBinding' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => ''
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'http-post',
|
|
|
|
'v' => 'POST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'http-redirect',
|
|
|
|
'v' => 'Redirect'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'http-soap',
|
|
|
|
'v' => 'SOAP'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
2019-04-10 16:14:49 +02:00
|
|
|
'samlIDPMetaDataOptionsSortNumber' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'samlIDPMetaDataOptionsSSOBinding' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => ''
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'http-post',
|
|
|
|
'v' => 'POST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'http-redirect',
|
|
|
|
'v' => 'Redirect'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'artifact-get',
|
|
|
|
'v' => 'Artifact GET'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'samlIDPMetaDataOptionsStoreSAMLToken' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-10-02 17:18:17 +02:00
|
|
|
'samlIDPMetaDataOptionsUserAttribute' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'samlIDPMetaDataXML' => {
|
|
|
|
'test' => sub {
|
|
|
|
my $v = shift();
|
|
|
|
return 1 unless $v and %$v;
|
|
|
|
my @msg;
|
|
|
|
my $res = 1;
|
|
|
|
my %entityIds;
|
|
|
|
foreach my $idpId ( keys %$v ) {
|
2019-09-18 16:04:45 +02:00
|
|
|
unless ( $$v{$idpId}{'samlIDPMetaDataXML'} =~
|
2017-06-23 11:57:07 +02:00
|
|
|
/entityID="(.+?)"/is )
|
|
|
|
{
|
2019-02-06 21:27:39 +01:00
|
|
|
push @msg, "$idpId SAML metadata has no EntityID";
|
2017-06-23 11:57:07 +02:00
|
|
|
$res = 0;
|
|
|
|
next;
|
|
|
|
}
|
|
|
|
my $eid = $1;
|
|
|
|
if ( defined $entityIds{$eid} ) {
|
|
|
|
push @msg,
|
|
|
|
"$idpId and $entityIds{$eid} have the same SAML EntityID";
|
|
|
|
$res = 0;
|
|
|
|
next;
|
|
|
|
}
|
|
|
|
$entityIds{$eid} = $idpId;
|
|
|
|
}
|
|
|
|
return $res, join( ', ', @msg );
|
|
|
|
},
|
|
|
|
'type' => 'file'
|
|
|
|
},
|
|
|
|
'samlIdPResolveCookie' => {
|
|
|
|
'default' => 'lemonldapidp',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorArtifactResolutionServiceArtifact' => {
|
|
|
|
'default' =>
|
|
|
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
|
|
|
'type' => 'samlAssertion'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorSingleLogoutServiceSOAP' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlIDPSSODescriptorWantAuthnRequestsSigned' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlMetadataForceUTF8' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlNameIDFormatMapEmail' => {
|
|
|
|
'default' => 'mail',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlNameIDFormatMapKerberos' => {
|
|
|
|
'default' => 'uid',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlNameIDFormatMapWindows' => {
|
|
|
|
'default' => 'uid',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlNameIDFormatMapX509' => {
|
|
|
|
'default' => 'mail',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlOrganizationDisplayName' => {
|
|
|
|
'default' => 'Example',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlOrganizationName' => {
|
|
|
|
'default' => 'Example',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlOrganizationURL' => {
|
|
|
|
'default' => 'http://www.example.com',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-02-27 15:47:44 +01:00
|
|
|
'samlOverrideIDPEntityID' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'samlRelayStateTimeout' => {
|
|
|
|
'default' => 600,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlServicePrivateKeyEnc' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'RSAPrivateKey'
|
|
|
|
},
|
|
|
|
'samlServicePrivateKeyEncPwd' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'samlServicePrivateKeySig' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'RSAPrivateKey'
|
|
|
|
},
|
|
|
|
'samlServicePrivateKeySigPwd' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'samlServicePublicKeyEnc' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'RSAPublicKeyOrCertificate'
|
|
|
|
},
|
|
|
|
'samlServicePublicKeySig' => {
|
|
|
|
'default' => '',
|
|
|
|
'type' => 'RSAPublicKeyOrCertificate'
|
|
|
|
},
|
2018-06-12 18:22:21 +02:00
|
|
|
'samlServiceSignatureMethod' => {
|
2018-06-12 22:35:00 +02:00
|
|
|
'default' => 'RSA_SHA1',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2018-06-12 18:22:21 +02:00
|
|
|
'k' => 'RSA_SHA1',
|
|
|
|
'v' => 'RSA SHA1'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'RSA_SHA256',
|
|
|
|
'v' => 'RSA SHA256'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'samlServiceUseCertificateInResponse' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataExportedAttributes' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badMetadataName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/\w/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'samlAttributeContainer'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataNodes' => {
|
|
|
|
'type' => 'samlSPMetaDataNodeContainer'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptions' => {
|
|
|
|
'keyMsgFail' => '__badMetadataName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsCheckSLOMessageSignature' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsCheckSSOMessageSignature' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsEnableIDPInitiatedURL' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsEncryptionMode' => {
|
|
|
|
'default' => 'none',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'none',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'nameid',
|
|
|
|
'v' => 'Name ID'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'assertion',
|
|
|
|
'v' => 'Assertion'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsForceUTF8' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsNameIDFormat' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => ''
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'unspecified',
|
|
|
|
'v' => 'Unspecified'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'email',
|
|
|
|
'v' => 'Email'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'x509',
|
|
|
|
'v' => 'X509 certificate'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'windows',
|
|
|
|
'v' => 'Windows'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'kerberos',
|
|
|
|
'v' => 'Kerberos'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'entity',
|
|
|
|
'v' => 'Entity'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'persistent',
|
|
|
|
'v' => 'Persistent'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'transient',
|
|
|
|
'v' => 'Transient'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'encrypted',
|
|
|
|
'v' => 'Encrypted'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsNameIDSessionKey' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsNotOnOrAfterTimeout' => {
|
|
|
|
'default' => 72000,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsOneTimeUse' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsRule' => {
|
|
|
|
'test' => sub {
|
2019-06-10 08:56:56 +02:00
|
|
|
return perlExpr(@_);
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => {
|
|
|
|
'default' => 72000,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsSignSLOMessage' => {
|
|
|
|
'default' => -1,
|
|
|
|
'type' => 'trool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataOptionsSignSSOMessage' => {
|
|
|
|
'default' => -1,
|
|
|
|
'type' => 'trool'
|
|
|
|
},
|
|
|
|
'samlSPMetaDataXML' => {
|
|
|
|
'type' => 'file'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorArtifactResolutionServiceArtifact' => {
|
|
|
|
'default' =>
|
|
|
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
|
|
|
'type' => 'samlAssertion'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' => {
|
|
|
|
'default' =>
|
|
|
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
|
|
|
'type' => 'samlAssertion'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => {
|
|
|
|
'default' =>
|
|
|
|
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
|
|
|
'type' => 'samlAssertion'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorAuthnRequestsSigned' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorSingleLogoutServiceSOAP' => {
|
|
|
|
'default' =>
|
|
|
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;',
|
|
|
|
'type' => 'samlService'
|
|
|
|
},
|
|
|
|
'samlSPSSODescriptorWantAssertionsSigned' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'samlStorage' => {
|
|
|
|
'type' => 'PerlModule'
|
|
|
|
},
|
|
|
|
'samlStorageOptions' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'samlUseQueryStringSpecific' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'securedCookie' => {
|
|
|
|
'default' => 0,
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2019-09-18 16:04:45 +02:00
|
|
|
'k' => 0,
|
2017-06-23 11:57:07 +02:00
|
|
|
'v' => 'unsecuredCookie'
|
|
|
|
},
|
|
|
|
{
|
2019-09-18 16:04:45 +02:00
|
|
|
'k' => 1,
|
2017-06-23 11:57:07 +02:00
|
|
|
'v' => 'securedCookie'
|
|
|
|
},
|
|
|
|
{
|
2019-09-18 16:04:45 +02:00
|
|
|
'k' => 2,
|
2017-06-23 11:57:07 +02:00
|
|
|
'v' => 'doubleCookie'
|
|
|
|
},
|
|
|
|
{
|
2019-09-18 16:04:45 +02:00
|
|
|
'k' => 3,
|
2017-06-23 11:57:07 +02:00
|
|
|
'v' => 'doubleCookieForSingleSession'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
2018-03-09 18:34:59 +01:00
|
|
|
'secureTokenAllowOnError' => {
|
2018-03-09 18:45:05 +01:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
|
|
|
'secureTokenAttribute' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
|
|
|
'secureTokenExpiration' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
|
|
|
'secureTokenHeader' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
|
|
|
'secureTokenMemcachedServers' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
|
|
|
'secureTokenUrls' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
2018-05-11 11:03:02 +02:00
|
|
|
'sentryDsn' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'sessionDataToRemember' => {
|
|
|
|
'keyMsgFail' => '__invalidSessionData__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
2018-03-08 16:33:34 +01:00
|
|
|
'sfEngine' => {
|
2018-04-03 10:23:31 +02:00
|
|
|
'default' => '::2F::Engines::Default',
|
2018-03-08 20:36:32 +01:00
|
|
|
'type' => 'text'
|
2018-03-08 16:33:34 +01:00
|
|
|
},
|
2019-07-18 22:41:24 +02:00
|
|
|
'sfExtra' => {
|
|
|
|
'keyTest' => qr/^\w+$/,
|
|
|
|
'select' => [ {
|
|
|
|
'k' => 'Mail2F',
|
|
|
|
'v' => 'E-Mail'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Ext2F',
|
|
|
|
'v' => 'External'
|
2019-07-12 11:53:22 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Radius',
|
|
|
|
'v' => 'Radius'
|
2019-07-18 22:41:24 +02:00
|
|
|
}
|
|
|
|
],
|
|
|
|
'test' => sub {
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
'type' => 'sfExtraContainer'
|
|
|
|
},
|
2019-06-17 22:24:20 +02:00
|
|
|
'sfRemovedMsgRule' => {
|
2019-06-14 21:05:00 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-06-16 15:57:31 +02:00
|
|
|
'sfRemovedNotifMsg' => {
|
|
|
|
'default' =>
|
|
|
|
'_removedSF_ expired second factor(s) has/have been removed!',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-06-17 22:24:20 +02:00
|
|
|
'sfRemovedNotifRef' => {
|
|
|
|
'default' => 'RemoveSF',
|
|
|
|
'type' => 'text'
|
2019-06-14 21:05:00 +02:00
|
|
|
},
|
2019-06-16 15:57:31 +02:00
|
|
|
'sfRemovedNotifTitle' => {
|
|
|
|
'default' => 'Second factor notification',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-06-17 22:24:20 +02:00
|
|
|
'sfRemovedUseNotif' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-08-09 08:21:09 +02:00
|
|
|
'sfRequired' => {
|
2018-08-09 09:56:28 +02:00
|
|
|
'default' => 0,
|
2018-08-15 20:42:08 +02:00
|
|
|
'type' => 'boolOrExpr'
|
2018-08-09 08:21:09 +02:00
|
|
|
},
|
2018-11-07 20:10:31 +01:00
|
|
|
'showLanguages' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'singleIP' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'singleSession' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'singleSessionUserByIP' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'singleUserByIP' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-05-16 10:45:41 +02:00
|
|
|
'skipRenewConfirmation' => {
|
2018-10-17 22:57:59 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2018-05-16 10:45:41 +02:00
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'slaveAuthnLevel' => {
|
|
|
|
'default' => 2,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-09-14 22:07:44 +02:00
|
|
|
'slaveDisplayLogo' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'slaveExportedVars' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'slaveHeaderContent' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'slaveHeaderName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'slaveMasterIP' => {
|
|
|
|
'msgFail' => '__badIPv4Address__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^((?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)\s*)*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'slaveUserHeader' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'SMTPAuthPass' => {
|
|
|
|
'type' => 'password'
|
|
|
|
},
|
|
|
|
'SMTPAuthUser' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'SMTPPort' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'SMTPServer' => {
|
|
|
|
'default' => '',
|
|
|
|
'test' =>
|
2017-06-23 16:47:03 +02:00
|
|
|
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'SMTPTLS' => {
|
|
|
|
'default' => '',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => '',
|
|
|
|
'v' => 'none'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'starttls',
|
|
|
|
'v' => 'SMTP + STARTTLS'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'ssl',
|
|
|
|
'v' => 'SMTPS'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'SMTPTLSOpts' => {
|
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'soapConfigServer' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'soapSessionServer' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'SSLAuthnLevel' => {
|
|
|
|
'default' => 5,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'sslByAjax' => {
|
2018-11-21 21:07:46 +01:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'sslHost' => {
|
|
|
|
'type' => 'url'
|
|
|
|
},
|
|
|
|
'SSLVar' => {
|
2018-04-30 18:06:15 +02:00
|
|
|
'default' => 'SSL_CLIENT_S_DN_Email',
|
|
|
|
'type' => 'text'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'SSLVarIf' => {
|
2018-04-30 18:06:15 +02:00
|
|
|
'default' => {},
|
|
|
|
'type' => 'keyTextContainer'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'staticPrefix' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-03-09 18:34:59 +01:00
|
|
|
'status' => {
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'stayConnected' => {
|
2018-07-22 22:35:30 +02:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'storePassword' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'successLoginNumber' => {
|
|
|
|
'default' => 5,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-05-11 11:03:02 +02:00
|
|
|
'syslogFacility' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'timeout' => {
|
|
|
|
'default' => 72000,
|
|
|
|
'test' => sub {
|
|
|
|
$_[0] > 0;
|
|
|
|
},
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'timeoutActivity' => {
|
|
|
|
'default' => 0,
|
|
|
|
'test' => sub {
|
|
|
|
$_[0] >= 0;
|
|
|
|
},
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'timeoutActivityInterval' => {
|
|
|
|
'default' => 60,
|
|
|
|
'test' => sub {
|
|
|
|
$_[0] >= 0;
|
|
|
|
},
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'tokenUseGlobalStorage' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-02-21 06:48:06 +01:00
|
|
|
'totp2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'totp2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-02-21 22:07:12 +01:00
|
|
|
'totp2fDigits' => {
|
|
|
|
'default' => 6,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-03-18 14:26:45 +01:00
|
|
|
'totp2fDisplayExistingSecret' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-02-21 06:48:06 +01:00
|
|
|
'totp2fInterval' => {
|
|
|
|
'default' => 30,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-02-21 22:07:12 +01:00
|
|
|
'totp2fIssuer' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'totp2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'totp2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-02-21 06:48:06 +01:00
|
|
|
'totp2fRange' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-03-08 20:36:32 +01:00
|
|
|
'totp2fSelfRegistration' => {
|
2018-02-21 06:48:06 +01:00
|
|
|
'default' => 0,
|
2018-03-20 18:19:53 +01:00
|
|
|
'type' => 'boolOrExpr'
|
2018-02-21 06:48:06 +01:00
|
|
|
},
|
2019-06-07 19:25:40 +02:00
|
|
|
'totp2fTTL' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-03-18 14:26:45 +01:00
|
|
|
'totp2fUserCanChangeKey' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-04-03 22:53:47 +02:00
|
|
|
'totp2fUserCanRemoveKey' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'trustedDomains' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'twitterAppName' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'twitterAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'twitterKey' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'twitterSecret' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-06-22 17:44:41 +02:00
|
|
|
'twitterUserField' => {
|
|
|
|
'default' => 'screen_name',
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'u2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'u2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'u2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'u2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'u2fSelfRegistration' => {
|
|
|
|
'default' => 0,
|
2018-03-20 18:19:53 +01:00
|
|
|
'type' => 'boolOrExpr'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
2019-06-07 19:25:40 +02:00
|
|
|
'u2fTTL' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-03-18 22:20:05 +01:00
|
|
|
'u2fUserCanRemoveKey' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'upgradeSession' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'userControl' => {
|
|
|
|
'default' => '^[\\w\\.\\-@]+$',
|
|
|
|
'type' => 'pcre'
|
|
|
|
},
|
|
|
|
'userDB' => {
|
|
|
|
'default' => 'Same',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'Same',
|
|
|
|
'v' => 'Same'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'AD',
|
|
|
|
'v' => 'Active Directory'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DBI',
|
|
|
|
'v' => 'Database (DBI)'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'LDAP',
|
|
|
|
'v' => 'LDAP'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'REST',
|
|
|
|
'v' => 'REST'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Null',
|
|
|
|
'v' => 'None'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Custom',
|
|
|
|
'v' => 'customModule'
|
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
|
|
|
'useRedirectOnError' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'useRedirectOnForbidden' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-05-11 11:03:02 +02:00
|
|
|
'userLogger' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'userPivot' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-05-11 11:03:02 +02:00
|
|
|
'userSyslogFacility' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'useSafeJail' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-03-18 09:30:08 +01:00
|
|
|
'utotp2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'utotp2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'utotp2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'utotp2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'vhostAliases' => {
|
2019-08-13 21:59:30 +02:00
|
|
|
'default' => '',
|
|
|
|
'type' => 'text'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
|
|
|
'vhostAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'vhostHttps' => {
|
|
|
|
'default' => -1,
|
|
|
|
'type' => 'trool'
|
|
|
|
},
|
|
|
|
'vhostMaintenance' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
|
|
|
'vhostOptions' => {
|
|
|
|
'type' => 'subContainer'
|
|
|
|
},
|
|
|
|
'vhostPort' => {
|
|
|
|
'default' => -1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2019-05-26 21:43:13 +02:00
|
|
|
'vhostServiceTokenTTL' => {
|
2019-05-27 23:07:18 +02:00
|
|
|
'default' => -1,
|
2019-05-26 21:43:13 +02:00
|
|
|
'type' => 'int'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'vhostType' => {
|
|
|
|
'default' => 'Main',
|
2019-02-07 09:27:56 +01:00
|
|
|
'select' => [ {
|
2017-06-23 11:57:07 +02:00
|
|
|
'k' => 'AuthBasic',
|
|
|
|
'v' => 'AuthBasic'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'CDA',
|
|
|
|
'v' => 'CDA'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'DevOps',
|
|
|
|
'v' => 'DevOps'
|
|
|
|
},
|
2018-06-07 19:51:48 +02:00
|
|
|
{
|
|
|
|
'k' => 'DevOpsST',
|
|
|
|
'v' => 'DevOpsST'
|
|
|
|
},
|
2019-04-22 19:10:50 +02:00
|
|
|
{
|
|
|
|
'k' => 'Main',
|
|
|
|
'v' => 'Main'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'OAuth2',
|
|
|
|
'v' => 'OAuth2'
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'SecureToken',
|
|
|
|
'v' => 'SecureToken'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
{
|
|
|
|
'k' => 'ServiceToken',
|
|
|
|
'v' => 'ServiceToken'
|
2019-04-22 19:10:50 +02:00
|
|
|
},
|
|
|
|
{
|
|
|
|
'k' => 'Zimbra',
|
|
|
|
'v' => 'ZimbraPreAuth'
|
2017-06-23 11:57:07 +02:00
|
|
|
}
|
|
|
|
],
|
|
|
|
'type' => 'select'
|
|
|
|
},
|
2019-03-15 15:39:41 +01:00
|
|
|
'viewerAllowBrowser' => {
|
|
|
|
'default' => 0,
|
2019-03-14 16:39:49 +01:00
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-04-01 14:42:25 +02:00
|
|
|
'viewerAllowDiff' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2019-04-01 14:57:41 +02:00
|
|
|
'viewerHiddenKeys' => {
|
2019-03-15 15:39:41 +01:00
|
|
|
'default' => 'samlIDPMetaDataNodes samlSPMetaDataNodes',
|
2019-03-13 22:56:16 +01:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2017-06-23 11:57:07 +02:00
|
|
|
'virtualHosts' => {
|
|
|
|
'type' => 'virtualHostContainer'
|
|
|
|
},
|
|
|
|
'webIDAuthnLevel' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'webIDExportedVars' => {
|
|
|
|
'default' => {},
|
|
|
|
'keyMsgFail' => '__badVariableName__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'msgFail' => '__badValue__',
|
2017-06-23 16:47:03 +02:00
|
|
|
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'keyTextContainer'
|
|
|
|
},
|
|
|
|
'webIDWhitelist' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'whatToTrace' => {
|
|
|
|
'default' => 'uid',
|
|
|
|
'type' => 'lmAttrOrMacro'
|
|
|
|
},
|
2018-09-26 20:51:53 +02:00
|
|
|
'wsdlServer' => {
|
2018-11-28 22:12:50 +01:00
|
|
|
'default' => 0,
|
|
|
|
'type' => 'bool'
|
2018-09-26 20:51:53 +02:00
|
|
|
},
|
2018-03-20 18:19:53 +01:00
|
|
|
'yubikey2fActivation' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
|
|
|
'yubikey2fAuthnLevel' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
|
|
|
'yubikey2fClientID' => {
|
|
|
|
'type' => 'text'
|
2017-06-23 11:57:07 +02:00
|
|
|
},
|
2019-08-01 17:27:14 +02:00
|
|
|
'yubikey2fLabel' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'yubikey2fLogo' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-03-20 18:19:53 +01:00
|
|
|
'yubikey2fNonce' => {
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
|
|
|
},
|
2018-03-20 18:19:53 +01:00
|
|
|
'yubikey2fPublicIDSize' => {
|
2017-06-23 11:57:07 +02:00
|
|
|
'default' => 12,
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-03-20 18:19:53 +01:00
|
|
|
'yubikey2fSecretKey' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'yubikey2fSelfRegistration' => {
|
|
|
|
'default' => 0,
|
|
|
|
'type' => 'boolOrExpr'
|
|
|
|
},
|
2019-06-07 19:25:40 +02:00
|
|
|
'yubikey2fTTL' => {
|
|
|
|
'type' => 'int'
|
|
|
|
},
|
2018-03-20 18:19:53 +01:00
|
|
|
'yubikey2fUrl' => {
|
2017-06-23 11:57:07 +02:00
|
|
|
'type' => 'text'
|
2018-03-09 18:34:59 +01:00
|
|
|
},
|
2018-04-03 22:53:47 +02:00
|
|
|
'yubikey2fUserCanRemoveKey' => {
|
|
|
|
'default' => 1,
|
|
|
|
'type' => 'bool'
|
|
|
|
},
|
2018-03-09 18:34:59 +01:00
|
|
|
'zimbraAccountKey' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'zimbraBy' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'zimbraPreAuthKey' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'zimbraSsoUrl' => {
|
|
|
|
'type' => 'text'
|
|
|
|
},
|
|
|
|
'zimbraUrl' => {
|
|
|
|
'type' => 'text'
|
2017-06-23 11:57:07 +02:00
|
|
|
}
|
|
|
|
};
|
2015-05-14 08:44:38 +02:00
|
|
|
}
|
|
|
|
|