* Add a troolean type in Manager
* Sign SAML Message options can accept the default value (#88)
This commit is contained in:
parent
2ce4e19a0d
commit
5754d86ff5
|
@ -487,6 +487,13 @@ function bool(id) {
|
|||
if(lmdata(id)==1){$('#On').attr('checked',true)}else{$('#Off').attr('checked',true)}
|
||||
display('bool',lmtext(id));
|
||||
}
|
||||
function trool(id) {
|
||||
currentId=id;
|
||||
if(lmdata(id)==1){$('#On').attr('checked',true)}
|
||||
if(lmdata(id)==0){$('#Off').attr('checked',true)}
|
||||
else{$('#Default').attr('checked',true)}
|
||||
display('trool',lmtext(id));
|
||||
}
|
||||
function int(id) {
|
||||
currentId=id;
|
||||
$('#int').attr('value',lmdata(id));
|
||||
|
|
|
@ -255,6 +255,13 @@
|
|||
<input id="Off" type="radio" name="boolean" value="0" onclick="setlmdata(currentId,0)"/> <lang en="Off" fr="Désactivé"/>
|
||||
</div>
|
||||
|
||||
<!-- Troolean -->
|
||||
<div id="content_trool" class="hidden">
|
||||
<input id="On" type="radio" name="boolean" value="1" onclick="setlmdata(currentId,1)"/> <lang en="On" fr="Activé"/>
|
||||
<input id="Off" type="radio" name="boolean" value="0" onclick="setlmdata(currentId,0)"/> <lang en="Off" fr="Désactivé"/>
|
||||
<input id="Default" type="radio" name="boolean" value="-1" onclick="setlmdata(currentId,-1)"/> <lang en="Default" fr="Par défaut"/>
|
||||
</div>
|
||||
|
||||
<div id="content_btext" class="hidden">
|
||||
<input type="text" id="btextKey" /> <input type="text" id="btextValue" />
|
||||
<br />
|
||||
|
|
|
@ -240,6 +240,7 @@ sub confNode {
|
|||
'int' => 0,
|
||||
textarea => '',
|
||||
bool => 0,
|
||||
trool => -1,
|
||||
filearea => '',
|
||||
select => '',
|
||||
}->{$type};
|
||||
|
|
|
@ -106,11 +106,11 @@ sub cstruct {
|
|||
],
|
||||
|
||||
samlIDPMetaDataOptionsSignSSOMessage =>
|
||||
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsSignSSOMessage",
|
||||
"trool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsSignSSOMessage",
|
||||
samlIDPMetaDataOptionsCheckSSOMessageSignature =>
|
||||
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsCheckSSOMessageSignature",
|
||||
samlIDPMetaDataOptionsSignSLOMessage =>
|
||||
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsSignSLOMessage",
|
||||
"trool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsSignSLOMessage",
|
||||
samlIDPMetaDataOptionsCheckSLOMessageSignature =>
|
||||
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsCheckSLOMessageSignature",
|
||||
|
||||
|
@ -187,11 +187,11 @@ sub cstruct {
|
|||
],
|
||||
|
||||
samlSPMetaDataOptionsSignSSOMessage =>
|
||||
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsSignSSOMessage",
|
||||
"trool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsSignSSOMessage",
|
||||
samlSPMetaDataOptionsCheckSSOMessageSignature =>
|
||||
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsCheckSSOMessageSignature",
|
||||
samlSPMetaDataOptionsSignSLOMessage =>
|
||||
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsSignSLOMessage",
|
||||
"trool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsSignSLOMessage",
|
||||
samlSPMetaDataOptionsCheckSLOMessageSignature =>
|
||||
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsCheckSLOMessageSignature",
|
||||
},
|
||||
|
|
|
@ -578,12 +578,24 @@ sub extractFormInfo {
|
|||
my $signSLOMessage =
|
||||
$self->{samlIDPMetaDataOptions}->{$idpConfKey}
|
||||
->{samlIDPMetaDataOptionsSignSLOMessage};
|
||||
unless ($signSLOMessage) {
|
||||
|
||||
if ( $signSLOMessage == 0 ) {
|
||||
$self->lmLog(
|
||||
"SLO message to IDP $idpConfKey will not be signed",
|
||||
'debug' );
|
||||
$self->disableSignature($logout);
|
||||
}
|
||||
elsif ( $signSLOMessage == 1 ) {
|
||||
$self->lmLog( "SLO message to IDP $idpConfKey will be signed",
|
||||
'debug' );
|
||||
$self->forceSignature($logout);
|
||||
}
|
||||
else {
|
||||
$self->lmLog(
|
||||
"SLO message to IDP $idpConfKey signature according to metadata",
|
||||
'debug'
|
||||
);
|
||||
}
|
||||
|
||||
# Logout response
|
||||
unless ( $self->buildLogoutResponseMsg($logout) ) {
|
||||
|
|
|
@ -382,10 +382,17 @@ sub issuerForUnAuthUser {
|
|||
$self->{samlSPMetaDataOptions}->{$spConfKey}
|
||||
->{samlSPMetaDataOptionsSignSLOMessage};
|
||||
|
||||
unless ($signSLOMessage) {
|
||||
$self->lmLog( "Do not sign this SLO response", 'debug' );
|
||||
$self->sendSLOErrorResponse( $logout, $method )
|
||||
unless ( $self->disableSignature($logout) );
|
||||
if ( $signSLOMessage == 0 ) {
|
||||
$self->lmLog( "SLO response will not be signed", 'debug' );
|
||||
$self->disableSignature($logout);
|
||||
}
|
||||
elsif ( $signSLOMessage == 1 ) {
|
||||
$self->lmLog( "SLO response will be signed", 'debug' );
|
||||
$self->forceSignature($logout);
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "SLO response signature according to metadata",
|
||||
'debug' );
|
||||
}
|
||||
|
||||
# Send logout response
|
||||
|
@ -1521,9 +1528,17 @@ sub issuerForAuthUser {
|
|||
$self->{samlSPMetaDataOptions}->{$spConfKey}
|
||||
->{samlSPMetaDataOptionsSignSSOMessage};
|
||||
|
||||
unless ($signSSOMessage) {
|
||||
$self->lmLog( "Do not sign this SSO response", 'debug' );
|
||||
return PE_ERROR unless ( $self->disableSignature($login) );
|
||||
if ( $signSSOMessage == 0 ) {
|
||||
$self->lmLog( "SSO response will not be signed", 'debug' );
|
||||
$self->disableSignature($login);
|
||||
}
|
||||
elsif ( $signSSOMessage == 1 ) {
|
||||
$self->lmLog( "SSO response will be signed", 'debug' );
|
||||
$self->forceSignature($login);
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "SLO response signature according to metadata",
|
||||
'debug' );
|
||||
}
|
||||
|
||||
# Build SAML response
|
||||
|
|
|
@ -855,9 +855,16 @@ sub createAuthnRequest {
|
|||
}
|
||||
|
||||
# Signature
|
||||
unless ($signSSOMessage) {
|
||||
$self->lmLog( "Do not sign this SSO request", 'debug' );
|
||||
return unless ( $self->disableSignature($login) );
|
||||
if ( $signSSOMessage == 0 ) {
|
||||
$self->lmLog( "SSO request will not be signed", 'debug' );
|
||||
$self->disableSignature($login);
|
||||
}
|
||||
elsif ( $signSSOMessage == 1 ) {
|
||||
$self->lmLog( "SSO request will be signed", 'debug' );
|
||||
$self->forceSignature($login);
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "SSO request signature according to metadata", 'debug' );
|
||||
}
|
||||
|
||||
# Requested authentication context
|
||||
|
@ -1339,9 +1346,16 @@ sub createLogoutRequest {
|
|||
$self->lmLog( "Set $relaystate in RelayState", 'debug' );
|
||||
|
||||
# Signature
|
||||
unless ($signSLOMessage) {
|
||||
$self->lmLog( "Do not sign this SLO request", 'debug' );
|
||||
return unless ( $self->disableSignature($logout) );
|
||||
if ( $signSLOMessage == 0 ) {
|
||||
$self->lmLog( "SLO request will not be signed", 'debug' );
|
||||
$self->disableSignature($logout);
|
||||
}
|
||||
elsif ( $signSLOMessage == 1 ) {
|
||||
$self->lmLog( "SLO request will be signed", 'debug' );
|
||||
$self->forceSignature($logout);
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "SLO request signature according to metadata", 'debug' );
|
||||
}
|
||||
|
||||
# Build logout request
|
||||
|
@ -2369,10 +2383,16 @@ sub sendLogoutRequestToServiceProvider {
|
|||
$self->{samlSPMetaDataOptions}->{$spConfKey}
|
||||
->{samlSPMetaDataOptionsSignSLOMessage};
|
||||
|
||||
unless ($signSLOMessage) {
|
||||
$self->lmLog( "Do not sign this SLO request", 'debug' );
|
||||
return ( 0, undef, undef )
|
||||
unless ( $self->disableSignature($logout) );
|
||||
if ( $signSLOMessage == 0 ) {
|
||||
$self->lmLog( "SLO request will not be signed", 'debug' );
|
||||
$self->disableSignature($logout);
|
||||
}
|
||||
elsif ( $signSLOMessage == 1 ) {
|
||||
$self->lmLog( "SLO request will be signed", 'debug' );
|
||||
$self->forceSignature($logout);
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "SLO request signature according to metadata", 'debug' );
|
||||
}
|
||||
|
||||
# Relay State
|
||||
|
|
Loading…
Reference in New Issue
Block a user