dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#19:

Browse Source 
* Dedicated AuthChoice.pm
* Authentication choice parameters in Manager
This commit is contained in:
Clément Oudot 2010-09-06 15:05:54 +00:00
parent 7bcbdaa318
commit 1f4a6e6450
8 changed files with 273 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Serializer.pm
View File

@ -102,7 +102,7 @@ sub unserialize {
# Manage hashes
if ( $k =~
/^(?:exportedVars|locationRules|groups|exportedHeaders|macros|globalStorageOptions|remoteGlobalStorageOptions|notificationStorageOptions|samlIDPMetaDataXML|samlIDPMetaDataExportedAttributes|samlIDPMetaDataOptions|samlSPMetaDataXML|samlSPMetaDataExportedAttributes|samlSPMetaDataOptions|samlStorageOptions|CAS_proxiedServices|logoutServices)$/
/^(?:exportedVars|locationRules|groups|exportedHeaders|macros|globalStorageOptions|remoteGlobalStorageOptions|notificationStorageOptions|samlIDPMetaDataXML|samlIDPMetaDataExportedAttributes|samlIDPMetaDataOptions|samlSPMetaDataXML|samlSPMetaDataExportedAttributes|samlSPMetaDataOptions|samlStorageOptions|CAS_proxiedServices|logoutServices|authChoiceModules)$/
and $v ||= {}
and not ref($v) )
{

88
modules/lemonldap-ng-manager/example/skins/default/manager.js
View File

@ -285,6 +285,7 @@ function display(div,title) {
$('#newspsamlmetadatab,#delspsamlmetadatab').hide();
$('#newsamlattributeb,#delsamlattributeb').hide();
$('#newsamlattributebr').hide();
$('#newchoicer,#newchoice,#delchoice').hide();
var height_cur=$('#buttons').height()+$('#edition').height()+$('#help').height();
var height_max=$('#menu').height();
if(height_cur > height_max || $('#help_content').is(':visible')==false){
@ -337,57 +338,57 @@ function authParams(id) {
$('#authOptions').hide();
}
});
formateSelect('authText',[
formateSelectAuth('authText',t[0]);
display('authParams',lmtext(id));
}
function formateSelectAuth(id,value){
formateSelect(id,[
'Apache=Apache',
'CAS=Central Authentication Service (CAS)',
'DBI=Database (DBI)',
'LA=Liberty Alliance',
'LDAP=LDAP',
'Multi=Multi',
'Multi=Multiple',
'Null=None',
'OpenID=OpenID',
'Proxy=Proxy',
'Remote=Remote',
'SAML=SAML v2',
'SSL=SSL',
'Twitter=Twitter'
],t[0]);
display('authParams',lmtext(id));
'Twitter=Twitter',
'Choice=Authentication choice'
],value);
}
function userdbParams(id) {
currentId=id;
$('#authOptions').hide();
formateSelect('authText',[
formateSelectUser('authText',lmdata(id));
display('authParams',lmtext(id));
}
function formateSelectUser(id,value){
formateSelect(id,[
'DBI=Database (DBI)',
'LDAP=LDAP',
'Multi=Multi',
'Multi=Multiple',
'Null=None',
'OpenID=OpenID',
'Proxy=Proxy',
'Remote=Remote',
'SAML=SAML v2'
],lmdata(id));
display('authParams',lmtext(id));
],value);
}
function passworddbParams(id) {
currentId=id;
$('#authOptions').hide();
formateSelect('authText',[
formateSelectPassword('authText',lmdata(id));
display('authParams',lmtext(id));
}
function formateSelectPassword(id,value){
formateSelect(id,[
'DBI=Database (DBI)',
'LDAP=LDAP',
'Null=None'
],lmdata(id));
display('authParams',lmtext(id));
}
function issuerdbParams(id) {
currentId=id;
$('#authOptions').hide();
formateSelect('authText',[
'SAML=SAML v2',
'OpenID=OpenID',
'Null=None'
],lmdata(id));
display('authParams',lmtext(id));
],value);
}
function skinSelect(id) {
currentId=id;
@ -963,4 +964,47 @@ function decrease() {
$("#int").val(current-1)
}
}
/* Authentication choice */
function authChoiceRoot(id){
currentId=id;
display('default','');
$('#newchoicer').show();
}
function newChoiceR(){
var newIdValue=newId(currentId);
simpleTreeCollection[0].addNode(newIdValue,text4newKey,function(d,s){
$('>span',s).attr('onClick','authChoice("'+newIdValue+'")').attr('name',text4newKey).attr('value','Null|Null|Null').attr('id','text_'+newIdValue);
authChoice(newIdValue);
});
return false;
}
function newChoice(){
var newIdValue=newId(currentId);
simpleTreeCollection[0].newNodeAfter(newIdValue,text4newKey,function(d,s){
$('>span',s).attr('onClick','authChoice("'+newIdValue+'")').attr('name',text4newKey).attr('value','Null|Null|Null').attr('id','text_'+newIdValue);
authChoice(newIdValue);
});
return false;
}
function delChoice(){
delKey();
}
function authChoice(id){
currentId=id;
var t=lmdata(id).split('|');
$('#authChoiceKey').attr('value',lmtext(id));
formateSelectAuth('authChoiceAuth',t[0]);
formateSelectUser('authChoiceUser',t[1]);
formateSelectPassword('authChoicePassword',t[2]);
display('authChoice',lmtext(id));
$('#newchoice,#delchoice').show();
}
function setlmauthchoice(id){
var key=$('#authChoiceKey').attr('value');
var auth=$('#authChoiceAuth').attr('value');
var user=$('#authChoiceUser').attr('value');
var password=$('#authChoicePassword').attr('value');
setlmtext(id,key);
setlmdata(id,auth+'|'+user+'|'+password);
}

39
modules/lemonldap-ng-manager/example/skins/default/manager.tpl
View File

@ -134,6 +134,19 @@
<button id="delsamlattributeb" style="display:none;" onclick="delSamlAttribute();return false;" class="ui-state-default ui-corner-all">
<lang en="Delete attribute" fr="Supprimer l'attribut" />
</button>
<button id="newchoice" style="display:none;" onclick="newChoice();return false;" class="ui-state-default ui-corner-all">
<lang en="New choice" fr="Nouveau choix" />
</button>
<button id="newchoicer" style="display:none;" onclick="newChoiceR();return false;" class="ui-state-default ui-corner-all">
<lang en="New choice" fr="Nouveau choix" />
</button>
<button id="delchoice" style="display:none;" onclick="delChoice();return false;" class="ui-state-default ui-corner-all">
<lang en="Delete choice" fr="Supprimer le choix" />
</button>
</div>
<!-- Buttons -->
@ -408,6 +421,32 @@
</button>
</div>
<!-- authChoice -->
<div id="content_authChoice" class="hidden">
<table>
<tr>
<td><lang en="Key name" fr="Nom de la clef"/></td>
<td><input type="text" id="authChoiceKey" /></td>
</tr>
<tr>
<td><lang en="Authentication module" fr="Module d'authentification"/></td>
<td><select id="authChoiceAuth"></select></td>
</tr>
<tr>
<td><lang en="User module" fr="Module d'utilisateurs"/></td>
<td><select id="authChoiceUser"></select></td>
</tr>
<tr>
<td><lang en="Password module" fr="Module de mots de passe"/></td>
<td><select id="authChoicePassword"></select></td>
</tr>
</table>
<br />
<button onclick="setlmauthchoice(currentId);return false;" class="ui-state-default ui-corner-all">
<lang en="Apply" fr="Appliquer" />
</button>
</div>
</div>
</form>

6
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Uploader.pm
View File

@ -104,7 +104,7 @@ sub confUpload {
# Special case: avoid bug with node created from parent node
if ( $id =~
/^(virtualHosts|samlIDPMetaDataExportedAttributes|samlSPMetaDataExportedAttributes)/
/^(virtualHosts|samlIDPMetaDataExportedAttributes|samlSPMetaDataExportedAttributes|generalParameters\/authParams\/choiceParams)/
)
{
$self->lmLog( "Special trigger for $id (attribute $name)",
@ -126,6 +126,10 @@ s/^samlIDPMetaDataExportedAttributes\/([^\/]*)?.*/samlIDPMetaDataExportedAttribu
$id =~
s/^samlSPMetaDataExportedAttributes\/([^\/]*)?.*/samlSPMetaDataExportedAttributes\/$1\/$name/;
# Authentication choice
$id =~
s/^generalParameters\/authParams\/choiceParams\/([^\/]*)?.*/authChoiceModules\/$name/;
}
# Normal case

23
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
View File

@ -300,6 +300,9 @@ sub struct {
dbi => ['dbiParams'],
apache => ['apacheParams'],
null => ['nullParams'],
choice => [
qw(ldapParams sslParams casParams remoteParams proxyParams openIdParams twitterParams dbiParams apacheParams nullParams choiceParams)
]
}->{$mod};
if ($tmp) {
$res{$_}++ foreach (@$tmp);
@ -545,6 +548,18 @@ sub struct {
nullAuthnLevel => 'int:/nullAuthnLevel',
},
# Choice
choiceParams => {
_nodes => [qw(authChoiceParam n:authChoiceModules)],
authChoiceParam => 'text:/authChoiceParam',
authChoiceModules => {
_nodes =>
['hash:/authChoiceModules:default:authChoice'],
_js => 'authChoiceRoot',
_help => 'default',
},
},
},
# LOGS PARAMETERS
@ -1466,6 +1481,13 @@ sub testStruct {
# Null
nullAuthnLevel => $integer,
# Choice
authChoiceParams => $testNotDefined,
authChoiceModules => {
keyTest => qr/^(\d*)?\w+$/,
keyMsgFail => 'Bad choice key',
},
# Zimbra
zimbraPreAuthKey => $testNotDefined,
zimbraAccountKey => $testNotDefined,
@ -1486,6 +1508,7 @@ sub defaultConf {
my $self = shift;
return {
authentication => 'LDAP',
authChoiceParam => 'lmAuth',
CAS_pgtFile => '/tmp/pgt.txt',
cda => '0',
cookieName => 'lemonldap',

6
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
View File

@ -64,6 +64,8 @@ sub en {
apacheParams => 'Apache parameters',
apacheAuthnLevel => 'Authentication level',
attributesAndMacros => 'Attributes and macros',
authChoiceModules => 'Allowed modules',
authChoiceParam => 'URL parameter',
authentication => 'Authentication module',
authenticationLevel => 'Authentication level',
authenticationTitle => 'Authentication',
@ -99,6 +101,7 @@ sub en {
casParams => 'CAS parameters',
cda => 'Multiple domains',
clickHereToForce => 'Click here to force',
choiceParams => 'Choice parameters',
Configuration => 'Configuration',
confModuledeprecated =>
'This module has been deprecated, set "forceUpload=1" in lemonldap-ng.ini to use it',
@ -407,6 +410,8 @@ sub fr {
apacheParams => 'Paramètres Apache',
apacheAuthnLevel => 'Niveau d\'authentification',
attributesAndMacros => 'Attributs et macros',
authChoiceModules => 'Modules autorisés',
authChoiceParam => 'Parmètre de l\'URL',
authentication => "Module d'authentification",
authenticationLevel => 'Niveau d\'authentification',
authenticationTitle => 'Authentification',
@ -442,6 +447,7 @@ sub fr {
casParams => 'Paramètres CAS',
cda => 'Domaines multiples',
clickHereToForce => 'Cliquer ici pour forcer',
choiceParams => 'Paramètres des choix',
Configuration => 'Configuration',
confModuledeprecated =>
"Ce module est obsolète, indiquez \"forceUpload=1\" dans le fichier lemonldap-ng.ini pour l'utiliser",

1
modules/lemonldap-ng-portal/MANIFEST
View File

@ -134,6 +134,7 @@ lib/Lemonldap/NG/Portal/_SOAP.pm
lib/Lemonldap/NG/Portal/_WebForm.pm
lib/Lemonldap/NG/Portal/AuthApache.pm
lib/Lemonldap/NG/Portal/AuthCAS.pm
lib/Lemonldap/NG/Portal/AuthChoice.pm
lib/Lemonldap/NG/Portal/AuthDBI.pm
lib/Lemonldap/NG/Portal/AuthLA.pm
lib/Lemonldap/NG/Portal/AuthLDAP.pm

132
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthChoice.pm Normal file
View File

@ -0,0 +1,132 @@
##@file
# Choice authentication backend file
##@class
# Choice authentication backend class
package Lemonldap::NG::Portal::AuthChoice;
use strict;
use Lemonldap::NG::Portal::Simple;
our $VERSION = '0.1';
## @apmethod int authInit()
# Does nothing
# @return Lemonldap::NG::Portal constant
sub authInit {
PE_OK;
}
## @apmethod int setAuthSessionInfo()
# Does nothing
# @return Lemonldap::NG::Portal constant
sub setAuthSessionInfo {
PE_OK;
}
## @apmethod int extractFormInfo()
# Always display form
# @return Lemonldap::NG::Portal constant
sub extractFormInfo {
PE_FIRSTACCESS;
}
## @apmethod int authenticate()
# Does nothing.
# @return Lemonldap::NG::Portal constant
sub authenticate {
PE_OK;
}
## @apmethod int authFinish()
# Does nothing.
# @return Lemonldap::NG::Portal constant
sub authFinish {
PE_OK;
}
## @apmethod int authLogout()
# Does nothing
# @return Lemonldap::NG::Portal constant
sub authLogout {
PE_OK;
}
## @apmethod boolean authForce()
# Does nothing
# @return result
sub authForce {
return 0;
}
1;
__END__
=head1 NAME
=encoding utf8
Lemonldap::NG::Portal::AuthChoice - Perl extension for building LemonLDAP::NG
compatible portals with authentication choice.
=head1 SYNOPSIS
use Lemonldap::NG::Portal::SharedConf;
my $portal = new Lemonldap::NG::Portal::Simple(
configStorage => {...}, # See Lemonldap::NG::Portal
authentication => 'Choice',
authChoiceModules => { '1Local' => 'LDAP|LDAP|LDAP', '2OpenID' => 'OpenID|Null|Null' },
);
if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
print "...";
# or redirect the user to the menu
print $portal->redirect( -uri => 'https://portal/menu');
}
else {
print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
print "<html><body><h1>Unable to work</h1>";
print "This server isn't well configured. Contact your administrator.";
print "</body></html>";
}
=head1 DESCRIPTION
This library just overload few methods of Lemonldap::NG::Portal::Simple to
prompt for authentication choice.
See L<Lemonldap::NG::Portal::Simple> for usage and other methods.
=head1 SEE ALSO
L<Lemonldap::NG::Portal>, L<Lemonldap::NG::Portal::Simple>,
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
=head1 AUTHOR
Clement Oudot, E<lt>clement@oodo.netE<gt>
=head1 BUG REPORT
Use OW2 system to report bug or ask for features:
L<http://forge.objectweb.org/tracker/?group_id=274>
=head1 DOWNLOAD
LemonLDAP::NG is available at
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2010 by Clement Oudot
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.4 or,
at your option, any later version of Perl 5 you may have available.
=cut