Configuration for SAML signature method (#1247)
This commit is contained in:
Clément OUDOT
parent
a18037ba33
commit
28c4429b75
|
|
@ -221,8 +221,9 @@ sub defaultValues {
|
||||||
'samlNameIDFormatMapX509' => 'mail',
|
'samlNameIDFormatMapX509' => 'mail',
|
||||||
'samlOrganizationDisplayName' => 'Example',
|
'samlOrganizationDisplayName' => 'Example',
|
||||||
'samlOrganizationName' => 'Example',
|
'samlOrganizationName' => 'Example',
|
||||||
'samlOrganizationURL' => 'http://www.example.com',
|
'samlOrganizationURL' => 'http://www.example.com',
|
||||||
'samlRelayStateTimeout' => 600,
|
'samlRelayStateTimeout' => 600,
|
||||||
|
'samlServiceSignatureMethod' => 'RSA_SHA256',
|
||||||
'samlSPSSODescriptorArtifactResolutionServiceArtifact' =>
|
'samlSPSSODescriptorArtifactResolutionServiceArtifact' =>
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
||||||
'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' =>
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' =>
|
||||||
|
|
|
||||||
|
|
@ -65,7 +65,7 @@ our $issuerParameters = {
|
||||||
issuerDBOpenIDConnect => [qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule)],
|
issuerDBOpenIDConnect => [qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule)],
|
||||||
issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)],
|
issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)],
|
||||||
};
|
};
|
||||||
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlIdPResolveCookie samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter)];
|
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlIdPResolveCookie samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter)];
|
||||||
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcStorage oidcStorageOptions)];
|
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcStorage oidcStorageOptions)];
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@ sub types {
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -662,7 +662,7 @@ sub attributes {
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -1032,7 +1032,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval $s;
|
eval $s;
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -1117,7 +1117,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -1140,7 +1140,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -1495,7 +1495,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval $s;
|
eval $s;
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -1541,7 +1541,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -1900,7 +1900,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -2237,7 +2237,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
@ -2822,6 +2822,20 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
'default' => '',
|
'default' => '',
|
||||||
'type' => 'RSAPublicKeyOrCertificate'
|
'type' => 'RSAPublicKeyOrCertificate'
|
||||||
},
|
},
|
||||||
|
'samlServiceSignatureMethod' => {
|
||||||
|
'default' => 'RSA_SHA256',
|
||||||
|
'select' => [
|
||||||
|
{
|
||||||
|
'k' => 'RSA_SHA1',
|
||||||
|
'v' => 'RSA SHA1'
|
||||||
|
},
|
||||||
|
{
|
||||||
|
'k' => 'RSA_SHA256',
|
||||||
|
'v' => 'RSA SHA256'
|
||||||
|
}
|
||||||
|
],
|
||||||
|
'type' => 'select'
|
||||||
|
},
|
||||||
'samlServiceUseCertificateInResponse' => {
|
'samlServiceUseCertificateInResponse' => {
|
||||||
'default' => 0,
|
'default' => 0,
|
||||||
'type' => 'bool'
|
'type' => 'bool'
|
||||||
|
|
@ -2940,7 +2954,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
${^WARNING_BITS} =
|
${^WARNING_BITS} =
|
||||||
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
|
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55";
|
||||||
}
|
}
|
||||||
eval "$s $val";
|
eval "$s $val";
|
||||||
my $err = join(
|
my $err = join(
|
||||||
|
|
|
||||||
|
|
@ -1441,7 +1441,7 @@ sub attributes {
|
||||||
grep { $_ =~ /Undefined subroutine/ ? () : $_ }
|
grep { $_ =~ /Undefined subroutine/ ? () : $_ }
|
||||||
split( /\n/, $@ ) );
|
split( /\n/, $@ ) );
|
||||||
return $err ? ( 1, "__badExpression__: $err" ) : (1);
|
return $err ? ( 1, "__badExpression__: $err" ) : (1);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
documentation => 'Virtualhost headers',
|
documentation => 'Virtualhost headers',
|
||||||
flags => 'h',
|
flags => 'h',
|
||||||
|
|
@ -1741,6 +1741,14 @@ sub attributes {
|
||||||
default => '',
|
default => '',
|
||||||
documentation => 'SAML encryption public key',
|
documentation => 'SAML encryption public key',
|
||||||
},
|
},
|
||||||
|
samlServiceSignatureMethod => {
|
||||||
|
type => 'select',
|
||||||
|
select => [
|
||||||
|
{ k => 'RSA_SHA1', v => 'RSA SHA1' },
|
||||||
|
{ k => 'RSA_SHA256', v => 'RSA SHA256' },
|
||||||
|
],
|
||||||
|
default => 'RSA_SHA256',
|
||||||
|
},
|
||||||
samlServiceUseCertificateInResponse => {
|
samlServiceUseCertificateInResponse => {
|
||||||
type => 'bool',
|
type => 'bool',
|
||||||
default => 0,
|
default => 0,
|
||||||
|
|
|
||||||
|
|
@ -818,7 +818,8 @@ sub tree {
|
||||||
'samlServicePublicKeyEnc'
|
'samlServicePublicKeyEnc'
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
'samlServiceUseCertificateInResponse'
|
'samlServiceUseCertificateInResponse',
|
||||||
|
'samlServiceSignatureMethod'
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -910,6 +910,7 @@
|
||||||
"samlServicePrivateKeyEnc":"المفتاح الخاص",
|
"samlServicePrivateKeyEnc":"المفتاح الخاص",
|
||||||
"samlServicePrivateKeyEncPwd":"مفتاح كلمة المرور الخاصة",
|
"samlServicePrivateKeyEncPwd":"مفتاح كلمة المرور الخاصة",
|
||||||
"samlServicePublicKeyEnc":"المفتاح العام",
|
"samlServicePublicKeyEnc":"المفتاح العام",
|
||||||
|
"samlServiceSignatureMethod":"Signature method",
|
||||||
"samlServiceUseCertificateInResponse":"استخدم الشهادة الرقمية في الردود",
|
"samlServiceUseCertificateInResponse":"استخدم الشهادة الرقمية في الردود",
|
||||||
"samlAdvanced":"المتقدمة",
|
"samlAdvanced":"المتقدمة",
|
||||||
"samlIdPResolveCookie":"اسم ملف تعريف الارتباط IDP",
|
"samlIdPResolveCookie":"اسم ملف تعريف الارتباط IDP",
|
||||||
|
|
|
||||||
|
|
@ -910,6 +910,7 @@
|
||||||
"samlServicePrivateKeyEnc":"Private key",
|
"samlServicePrivateKeyEnc":"Private key",
|
||||||
"samlServicePrivateKeyEncPwd":"Private key password",
|
"samlServicePrivateKeyEncPwd":"Private key password",
|
||||||
"samlServicePublicKeyEnc":"Public key",
|
"samlServicePublicKeyEnc":"Public key",
|
||||||
|
"samlServiceSignatureMethod":"Signature method",
|
||||||
"samlServiceUseCertificateInResponse":"Use certificate in responses",
|
"samlServiceUseCertificateInResponse":"Use certificate in responses",
|
||||||
"samlAdvanced":"Advanced",
|
"samlAdvanced":"Advanced",
|
||||||
"samlIdPResolveCookie":"IDP resolution cookie name",
|
"samlIdPResolveCookie":"IDP resolution cookie name",
|
||||||
|
|
|
||||||
|
|
@ -910,6 +910,7 @@
|
||||||
"samlServicePrivateKeyEnc":"Clef privée",
|
"samlServicePrivateKeyEnc":"Clef privée",
|
||||||
"samlServicePrivateKeyEncPwd":"Mot de passe de la clef privée",
|
"samlServicePrivateKeyEncPwd":"Mot de passe de la clef privée",
|
||||||
"samlServicePublicKeyEnc":"Clef publique",
|
"samlServicePublicKeyEnc":"Clef publique",
|
||||||
|
"samlServiceSignatureMethod":"Méthode pour la signature",
|
||||||
"samlServiceUseCertificateInResponse":"Utilisation du certificat dans les réponses",
|
"samlServiceUseCertificateInResponse":"Utilisation du certificat dans les réponses",
|
||||||
"samlAdvanced":"Avancé",
|
"samlAdvanced":"Avancé",
|
||||||
"samlIdPResolveCookie":"Nom du cookie de résolution IDP",
|
"samlIdPResolveCookie":"Nom du cookie de résolution IDP",
|
||||||
|
|
|
||||||
|
|
@ -910,6 +910,7 @@
|
||||||
"samlServicePrivateKeyEnc":"Chiave privata",
|
"samlServicePrivateKeyEnc":"Chiave privata",
|
||||||
"samlServicePrivateKeyEncPwd":"Password chiave privata",
|
"samlServicePrivateKeyEncPwd":"Password chiave privata",
|
||||||
"samlServicePublicKeyEnc":"Chiave pubblica",
|
"samlServicePublicKeyEnc":"Chiave pubblica",
|
||||||
|
"samlServiceSignatureMethod":"Signature method",
|
||||||
"samlServiceUseCertificateInResponse":"Utilizza il certificato nelle risposte",
|
"samlServiceUseCertificateInResponse":"Utilizza il certificato nelle risposte",
|
||||||
"samlAdvanced":"Avanzato",
|
"samlAdvanced":"Avanzato",
|
||||||
"samlIdPResolveCookie":"Nome del cookie di risoluzione IDP",
|
"samlIdPResolveCookie":"Nome del cookie di risoluzione IDP",
|
||||||
|
|
|
||||||
|
|
@ -910,6 +910,7 @@
|
||||||
"samlServicePrivateKeyEnc":"Khóa cá nhân",
|
"samlServicePrivateKeyEnc":"Khóa cá nhân",
|
||||||
"samlServicePrivateKeyEncPwd":"Khóa mật khẩu cá nhân",
|
"samlServicePrivateKeyEncPwd":"Khóa mật khẩu cá nhân",
|
||||||
"samlServicePublicKeyEnc":"Khóa công khai",
|
"samlServicePublicKeyEnc":"Khóa công khai",
|
||||||
|
"samlServiceSignatureMethod":"Signature method",
|
||||||
"samlServiceUseCertificateInResponse":"Sử dụng chứng chỉ trong câu trả lời",
|
"samlServiceUseCertificateInResponse":"Sử dụng chứng chỉ trong câu trả lời",
|
||||||
"samlAdvanced":"Nâng cao",
|
"samlAdvanced":"Nâng cao",
|
||||||
"samlIdPResolveCookie":"Tên cookie phân giải IDP",
|
"samlIdPResolveCookie":"Tên cookie phân giải IDP",
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -202,7 +202,7 @@ sub loadService {
|
||||||
);
|
);
|
||||||
|
|
||||||
# Signature method
|
# Signature method
|
||||||
my $method = $self->conf->{samlServiceSignatureMethod} || 'SHA1';
|
my $method = $self->conf->{samlServiceSignatureMethod} || 'RSA_SHA1';
|
||||||
$server->signature_method( $self->getSignatureMethod($method) );
|
$server->signature_method( $self->getSignatureMethod($method) );
|
||||||
$self->logger->debug("Set $method as SAML server signature method ");
|
$self->logger->debug("Set $method as SAML server signature method ");
|
||||||
|
|
||||||
|
|
@ -3074,9 +3074,9 @@ sub getSignatureMethod {
|
||||||
my $signature_method_none = eval 'Lasso::Constants::SIGNATURE_METHOD_NONE';
|
my $signature_method_none = eval 'Lasso::Constants::SIGNATURE_METHOD_NONE';
|
||||||
|
|
||||||
return $signature_method_rsa_sha1
|
return $signature_method_rsa_sha1
|
||||||
if ( $signature_method =~ /^SHA1$/i );
|
if ( $signature_method =~ /^RSA_SHA1$/i );
|
||||||
return $signature_method_rsa_sha256
|
return $signature_method_rsa_sha256
|
||||||
if ( $signature_method =~ /^SHA256$/i );
|
if ( $signature_method =~ /^RSA_SHA256$/i );
|
||||||
return $signature_method_none;
|
return $signature_method_none;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user