#19:
* Dedicated AuthChoice.pm * Authentication choice parameters in Manager
This commit is contained in:
parent
7bcbdaa318
commit
1f4a6e6450
|
@ -102,7 +102,7 @@ sub unserialize {
|
|||
|
||||
# Manage hashes
|
||||
if ( $k =~
|
||||
/^(?:exportedVars|locationRules|groups|exportedHeaders|macros|globalStorageOptions|remoteGlobalStorageOptions|notificationStorageOptions|samlIDPMetaDataXML|samlIDPMetaDataExportedAttributes|samlIDPMetaDataOptions|samlSPMetaDataXML|samlSPMetaDataExportedAttributes|samlSPMetaDataOptions|samlStorageOptions|CAS_proxiedServices|logoutServices)$/
|
||||
/^(?:exportedVars|locationRules|groups|exportedHeaders|macros|globalStorageOptions|remoteGlobalStorageOptions|notificationStorageOptions|samlIDPMetaDataXML|samlIDPMetaDataExportedAttributes|samlIDPMetaDataOptions|samlSPMetaDataXML|samlSPMetaDataExportedAttributes|samlSPMetaDataOptions|samlStorageOptions|CAS_proxiedServices|logoutServices|authChoiceModules)$/
|
||||
and $v ||= {}
|
||||
and not ref($v) )
|
||||
{
|
||||
|
|
|
@ -285,6 +285,7 @@ function display(div,title) {
|
|||
$('#newspsamlmetadatab,#delspsamlmetadatab').hide();
|
||||
$('#newsamlattributeb,#delsamlattributeb').hide();
|
||||
$('#newsamlattributebr').hide();
|
||||
$('#newchoicer,#newchoice,#delchoice').hide();
|
||||
var height_cur=$('#buttons').height()+$('#edition').height()+$('#help').height();
|
||||
var height_max=$('#menu').height();
|
||||
if(height_cur > height_max || $('#help_content').is(':visible')==false){
|
||||
|
@ -337,57 +338,57 @@ function authParams(id) {
|
|||
$('#authOptions').hide();
|
||||
}
|
||||
});
|
||||
formateSelect('authText',[
|
||||
formateSelectAuth('authText',t[0]);
|
||||
display('authParams',lmtext(id));
|
||||
}
|
||||
function formateSelectAuth(id,value){
|
||||
formateSelect(id,[
|
||||
'Apache=Apache',
|
||||
'CAS=Central Authentication Service (CAS)',
|
||||
'DBI=Database (DBI)',
|
||||
'LA=Liberty Alliance',
|
||||
'LDAP=LDAP',
|
||||
'Multi=Multi',
|
||||
'Multi=Multiple',
|
||||
'Null=None',
|
||||
'OpenID=OpenID',
|
||||
'Proxy=Proxy',
|
||||
'Remote=Remote',
|
||||
'SAML=SAML v2',
|
||||
'SSL=SSL',
|
||||
'Twitter=Twitter'
|
||||
],t[0]);
|
||||
display('authParams',lmtext(id));
|
||||
'Twitter=Twitter',
|
||||
'Choice=Authentication choice'
|
||||
],value);
|
||||
}
|
||||
function userdbParams(id) {
|
||||
currentId=id;
|
||||
$('#authOptions').hide();
|
||||
formateSelect('authText',[
|
||||
formateSelectUser('authText',lmdata(id));
|
||||
display('authParams',lmtext(id));
|
||||
}
|
||||
function formateSelectUser(id,value){
|
||||
formateSelect(id,[
|
||||
'DBI=Database (DBI)',
|
||||
'LDAP=LDAP',
|
||||
'Multi=Multi',
|
||||
'Multi=Multiple',
|
||||
'Null=None',
|
||||
'OpenID=OpenID',
|
||||
'Proxy=Proxy',
|
||||
'Remote=Remote',
|
||||
'SAML=SAML v2'
|
||||
],lmdata(id));
|
||||
display('authParams',lmtext(id));
|
||||
],value);
|
||||
}
|
||||
function passworddbParams(id) {
|
||||
currentId=id;
|
||||
$('#authOptions').hide();
|
||||
formateSelect('authText',[
|
||||
formateSelectPassword('authText',lmdata(id));
|
||||
display('authParams',lmtext(id));
|
||||
}
|
||||
function formateSelectPassword(id,value){
|
||||
formateSelect(id,[
|
||||
'DBI=Database (DBI)',
|
||||
'LDAP=LDAP',
|
||||
'Null=None'
|
||||
],lmdata(id));
|
||||
display('authParams',lmtext(id));
|
||||
}
|
||||
function issuerdbParams(id) {
|
||||
currentId=id;
|
||||
$('#authOptions').hide();
|
||||
formateSelect('authText',[
|
||||
'SAML=SAML v2',
|
||||
'OpenID=OpenID',
|
||||
'Null=None'
|
||||
],lmdata(id));
|
||||
display('authParams',lmtext(id));
|
||||
],value);
|
||||
}
|
||||
function skinSelect(id) {
|
||||
currentId=id;
|
||||
|
@ -963,4 +964,47 @@ function decrease() {
|
|||
$("#int").val(current-1)
|
||||
}
|
||||
}
|
||||
/* Authentication choice */
|
||||
function authChoiceRoot(id){
|
||||
currentId=id;
|
||||
display('default','');
|
||||
$('#newchoicer').show();
|
||||
}
|
||||
function newChoiceR(){
|
||||
var newIdValue=newId(currentId);
|
||||
simpleTreeCollection[0].addNode(newIdValue,text4newKey,function(d,s){
|
||||
$('>span',s).attr('onClick','authChoice("'+newIdValue+'")').attr('name',text4newKey).attr('value','Null|Null|Null').attr('id','text_'+newIdValue);
|
||||
authChoice(newIdValue);
|
||||
});
|
||||
return false;
|
||||
}
|
||||
function newChoice(){
|
||||
var newIdValue=newId(currentId);
|
||||
simpleTreeCollection[0].newNodeAfter(newIdValue,text4newKey,function(d,s){
|
||||
$('>span',s).attr('onClick','authChoice("'+newIdValue+'")').attr('name',text4newKey).attr('value','Null|Null|Null').attr('id','text_'+newIdValue);
|
||||
authChoice(newIdValue);
|
||||
});
|
||||
return false;
|
||||
}
|
||||
function delChoice(){
|
||||
delKey();
|
||||
}
|
||||
function authChoice(id){
|
||||
currentId=id;
|
||||
var t=lmdata(id).split('|');
|
||||
$('#authChoiceKey').attr('value',lmtext(id));
|
||||
formateSelectAuth('authChoiceAuth',t[0]);
|
||||
formateSelectUser('authChoiceUser',t[1]);
|
||||
formateSelectPassword('authChoicePassword',t[2]);
|
||||
display('authChoice',lmtext(id));
|
||||
$('#newchoice,#delchoice').show();
|
||||
}
|
||||
function setlmauthchoice(id){
|
||||
var key=$('#authChoiceKey').attr('value');
|
||||
var auth=$('#authChoiceAuth').attr('value');
|
||||
var user=$('#authChoiceUser').attr('value');
|
||||
var password=$('#authChoicePassword').attr('value');
|
||||
setlmtext(id,key);
|
||||
setlmdata(id,auth+'|'+user+'|'+password);
|
||||
}
|
||||
|
||||
|
|
|
@ -134,6 +134,19 @@
|
|||
<button id="delsamlattributeb" style="display:none;" onclick="delSamlAttribute();return false;" class="ui-state-default ui-corner-all">
|
||||
<lang en="Delete attribute" fr="Supprimer l'attribut" />
|
||||
</button>
|
||||
|
||||
<button id="newchoice" style="display:none;" onclick="newChoice();return false;" class="ui-state-default ui-corner-all">
|
||||
<lang en="New choice" fr="Nouveau choix" />
|
||||
</button>
|
||||
|
||||
<button id="newchoicer" style="display:none;" onclick="newChoiceR();return false;" class="ui-state-default ui-corner-all">
|
||||
<lang en="New choice" fr="Nouveau choix" />
|
||||
</button>
|
||||
|
||||
<button id="delchoice" style="display:none;" onclick="delChoice();return false;" class="ui-state-default ui-corner-all">
|
||||
<lang en="Delete choice" fr="Supprimer le choix" />
|
||||
</button>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- Buttons -->
|
||||
|
@ -408,6 +421,32 @@
|
|||
</button>
|
||||
</div>
|
||||
|
||||
<!-- authChoice -->
|
||||
<div id="content_authChoice" class="hidden">
|
||||
<table>
|
||||
<tr>
|
||||
<td><lang en="Key name" fr="Nom de la clef"/></td>
|
||||
<td><input type="text" id="authChoiceKey" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><lang en="Authentication module" fr="Module d'authentification"/></td>
|
||||
<td><select id="authChoiceAuth"></select></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><lang en="User module" fr="Module d'utilisateurs"/></td>
|
||||
<td><select id="authChoiceUser"></select></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><lang en="Password module" fr="Module de mots de passe"/></td>
|
||||
<td><select id="authChoicePassword"></select></td>
|
||||
</tr>
|
||||
</table>
|
||||
<br />
|
||||
<button onclick="setlmauthchoice(currentId);return false;" class="ui-state-default ui-corner-all">
|
||||
<lang en="Apply" fr="Appliquer" />
|
||||
</button>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
|
|
@ -104,7 +104,7 @@ sub confUpload {
|
|||
|
||||
# Special case: avoid bug with node created from parent node
|
||||
if ( $id =~
|
||||
/^(virtualHosts|samlIDPMetaDataExportedAttributes|samlSPMetaDataExportedAttributes)/
|
||||
/^(virtualHosts|samlIDPMetaDataExportedAttributes|samlSPMetaDataExportedAttributes|generalParameters\/authParams\/choiceParams)/
|
||||
)
|
||||
{
|
||||
$self->lmLog( "Special trigger for $id (attribute $name)",
|
||||
|
@ -126,6 +126,10 @@ s/^samlIDPMetaDataExportedAttributes\/([^\/]*)?.*/samlIDPMetaDataExportedAttribu
|
|||
$id =~
|
||||
s/^samlSPMetaDataExportedAttributes\/([^\/]*)?.*/samlSPMetaDataExportedAttributes\/$1\/$name/;
|
||||
|
||||
# Authentication choice
|
||||
$id =~
|
||||
s/^generalParameters\/authParams\/choiceParams\/([^\/]*)?.*/authChoiceModules\/$name/;
|
||||
|
||||
}
|
||||
|
||||
# Normal case
|
||||
|
|
|
@ -300,6 +300,9 @@ sub struct {
|
|||
dbi => ['dbiParams'],
|
||||
apache => ['apacheParams'],
|
||||
null => ['nullParams'],
|
||||
choice => [
|
||||
qw(ldapParams sslParams casParams remoteParams proxyParams openIdParams twitterParams dbiParams apacheParams nullParams choiceParams)
|
||||
]
|
||||
}->{$mod};
|
||||
if ($tmp) {
|
||||
$res{$_}++ foreach (@$tmp);
|
||||
|
@ -545,6 +548,18 @@ sub struct {
|
|||
nullAuthnLevel => 'int:/nullAuthnLevel',
|
||||
},
|
||||
|
||||
# Choice
|
||||
choiceParams => {
|
||||
_nodes => [qw(authChoiceParam n:authChoiceModules)],
|
||||
authChoiceParam => 'text:/authChoiceParam',
|
||||
authChoiceModules => {
|
||||
_nodes =>
|
||||
['hash:/authChoiceModules:default:authChoice'],
|
||||
_js => 'authChoiceRoot',
|
||||
_help => 'default',
|
||||
},
|
||||
},
|
||||
|
||||
},
|
||||
|
||||
# LOGS PARAMETERS
|
||||
|
@ -1466,6 +1481,13 @@ sub testStruct {
|
|||
# Null
|
||||
nullAuthnLevel => $integer,
|
||||
|
||||
# Choice
|
||||
authChoiceParams => $testNotDefined,
|
||||
authChoiceModules => {
|
||||
keyTest => qr/^(\d*)?\w+$/,
|
||||
keyMsgFail => 'Bad choice key',
|
||||
},
|
||||
|
||||
# Zimbra
|
||||
zimbraPreAuthKey => $testNotDefined,
|
||||
zimbraAccountKey => $testNotDefined,
|
||||
|
@ -1486,6 +1508,7 @@ sub defaultConf {
|
|||
my $self = shift;
|
||||
return {
|
||||
authentication => 'LDAP',
|
||||
authChoiceParam => 'lmAuth',
|
||||
CAS_pgtFile => '/tmp/pgt.txt',
|
||||
cda => '0',
|
||||
cookieName => 'lemonldap',
|
||||
|
|
|
@ -64,6 +64,8 @@ sub en {
|
|||
apacheParams => 'Apache parameters',
|
||||
apacheAuthnLevel => 'Authentication level',
|
||||
attributesAndMacros => 'Attributes and macros',
|
||||
authChoiceModules => 'Allowed modules',
|
||||
authChoiceParam => 'URL parameter',
|
||||
authentication => 'Authentication module',
|
||||
authenticationLevel => 'Authentication level',
|
||||
authenticationTitle => 'Authentication',
|
||||
|
@ -99,6 +101,7 @@ sub en {
|
|||
casParams => 'CAS parameters',
|
||||
cda => 'Multiple domains',
|
||||
clickHereToForce => 'Click here to force',
|
||||
choiceParams => 'Choice parameters',
|
||||
Configuration => 'Configuration',
|
||||
confModuledeprecated =>
|
||||
'This module has been deprecated, set "forceUpload=1" in lemonldap-ng.ini to use it',
|
||||
|
@ -407,6 +410,8 @@ sub fr {
|
|||
apacheParams => 'Paramètres Apache',
|
||||
apacheAuthnLevel => 'Niveau d\'authentification',
|
||||
attributesAndMacros => 'Attributs et macros',
|
||||
authChoiceModules => 'Modules autorisés',
|
||||
authChoiceParam => 'Parmètre de l\'URL',
|
||||
authentication => "Module d'authentification",
|
||||
authenticationLevel => 'Niveau d\'authentification',
|
||||
authenticationTitle => 'Authentification',
|
||||
|
@ -442,6 +447,7 @@ sub fr {
|
|||
casParams => 'Paramètres CAS',
|
||||
cda => 'Domaines multiples',
|
||||
clickHereToForce => 'Cliquer ici pour forcer',
|
||||
choiceParams => 'Paramètres des choix',
|
||||
Configuration => 'Configuration',
|
||||
confModuledeprecated =>
|
||||
"Ce module est obsolète, indiquez \"forceUpload=1\" dans le fichier lemonldap-ng.ini pour l'utiliser",
|
||||
|
|
|
@ -134,6 +134,7 @@ lib/Lemonldap/NG/Portal/_SOAP.pm
|
|||
lib/Lemonldap/NG/Portal/_WebForm.pm
|
||||
lib/Lemonldap/NG/Portal/AuthApache.pm
|
||||
lib/Lemonldap/NG/Portal/AuthCAS.pm
|
||||
lib/Lemonldap/NG/Portal/AuthChoice.pm
|
||||
lib/Lemonldap/NG/Portal/AuthDBI.pm
|
||||
lib/Lemonldap/NG/Portal/AuthLA.pm
|
||||
lib/Lemonldap/NG/Portal/AuthLDAP.pm
|
||||
|
|
|
@ -0,0 +1,132 @@
|
|||
##@file
|
||||
# Choice authentication backend file
|
||||
|
||||
##@class
|
||||
# Choice authentication backend class
|
||||
package Lemonldap::NG::Portal::AuthChoice;
|
||||
|
||||
use strict;
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
|
||||
our $VERSION = '0.1';
|
||||
|
||||
## @apmethod int authInit()
|
||||
# Does nothing
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub authInit {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
## @apmethod int setAuthSessionInfo()
|
||||
# Does nothing
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub setAuthSessionInfo {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
## @apmethod int extractFormInfo()
|
||||
# Always display form
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub extractFormInfo {
|
||||
PE_FIRSTACCESS;
|
||||
}
|
||||
|
||||
## @apmethod int authenticate()
|
||||
# Does nothing.
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub authenticate {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
## @apmethod int authFinish()
|
||||
# Does nothing.
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub authFinish {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
## @apmethod int authLogout()
|
||||
# Does nothing
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub authLogout {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
## @apmethod boolean authForce()
|
||||
# Does nothing
|
||||
# @return result
|
||||
sub authForce {
|
||||
return 0;
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
=head1 NAME
|
||||
|
||||
=encoding utf8
|
||||
|
||||
Lemonldap::NG::Portal::AuthChoice - Perl extension for building LemonLDAP::NG
|
||||
compatible portals with authentication choice.
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
use Lemonldap::NG::Portal::SharedConf;
|
||||
my $portal = new Lemonldap::NG::Portal::Simple(
|
||||
configStorage => {...}, # See Lemonldap::NG::Portal
|
||||
authentication => 'Choice',
|
||||
authChoiceModules => { '1Local' => 'LDAP|LDAP|LDAP', '2OpenID' => 'OpenID|Null|Null' },
|
||||
);
|
||||
|
||||
if($portal->process()) {
|
||||
# Write here the menu with CGI methods. This page is displayed ONLY IF
|
||||
# the user was not redirected here.
|
||||
print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
|
||||
print "...";
|
||||
|
||||
# or redirect the user to the menu
|
||||
print $portal->redirect( -uri => 'https://portal/menu');
|
||||
}
|
||||
else {
|
||||
print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
|
||||
print "<html><body><h1>Unable to work</h1>";
|
||||
print "This server isn't well configured. Contact your administrator.";
|
||||
print "</body></html>";
|
||||
}
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
This library just overload few methods of Lemonldap::NG::Portal::Simple to
|
||||
prompt for authentication choice.
|
||||
|
||||
See L<Lemonldap::NG::Portal::Simple> for usage and other methods.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<Lemonldap::NG::Portal>, L<Lemonldap::NG::Portal::Simple>,
|
||||
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
|
||||
|
||||
=head1 AUTHOR
|
||||
|
||||
Clement Oudot, E<lt>clement@oodo.netE<gt>
|
||||
|
||||
=head1 BUG REPORT
|
||||
|
||||
Use OW2 system to report bug or ask for features:
|
||||
L<http://forge.objectweb.org/tracker/?group_id=274>
|
||||
|
||||
=head1 DOWNLOAD
|
||||
|
||||
LemonLDAP::NG is available at
|
||||
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
|
||||
|
||||
=head1 COPYRIGHT AND LICENSE
|
||||
|
||||
Copyright (C) 2010 by Clement Oudot
|
||||
|
||||
This library is free software; you can redistribute it and/or modify
|
||||
it under the same terms as Perl itself, either Perl version 5.8.4 or,
|
||||
at your option, any later version of Perl 5 you may have available.
|
||||
|
||||
=cut
|
||||
|
Loading…
Reference in New Issue
Block a user