From 77ccc9bbc3ac70f9c71c527e6062eebec41be57d Mon Sep 17 00:00:00 2001
From: Xavier Guimard <yadd@debian.org>
Date: Thu, 14 Feb 2019 16:39:27 +0100
Subject: [PATCH 01/58] Skip GPG test if gpg install fails. Fixes debci

See https://bugs.debian.org/922265
---
 lemonldap-ng-portal/t/29-AuthGPG.t | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/t/29-AuthGPG.t b/lemonldap-ng-portal/t/29-AuthGPG.t
index 32a38f1d7..7c5097a66 100644
--- a/lemonldap-ng-portal/t/29-AuthGPG.t
+++ b/lemonldap-ng-portal/t/29-AuthGPG.t
@@ -42,7 +42,10 @@ SKIP: {
     else {
         run( [ 'gpg', '--clearsign', '--homedir', 't/gpghome' ],
             \$token, \$out, \$err, IPC::Run::timeout(10) );
-        ok( $? == 0, "Succeed to sign" );
+        unless ( $? == 0 ) {
+            skip "Local GPG signature fails, aborting", 2;
+        }
+        pass("Succeed to sign");
     }
     $query .= '&' . build_urlencoded( password => $out );
     ok(

From 46f685f9b2a26be411693e5394e2ec96955c2a4d Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:09:59 +0100
Subject: [PATCH 02/58] Improve unit test (#1632)

---
 lemonldap-ng-portal/t/76-2F-Ext-with-BruteForce.t   | 1 +
 lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t | 3 ++-
 lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t      | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/t/76-2F-Ext-with-BruteForce.t b/lemonldap-ng-portal/t/76-2F-Ext-with-BruteForce.t
index bd5b7e4bc..32779a7e7 100644
--- a/lemonldap-ng-portal/t/76-2F-Ext-with-BruteForce.t
+++ b/lemonldap-ng-portal/t/76-2F-Ext-with-BruteForce.t
@@ -12,6 +12,7 @@ my $client = LLNG::Manager::Test->new( {
         ini => {
             logLevel                  => 'error',
             ext2fActivation           => 1,
+            ext2fCodeActivation       => 0,
             ext2FSendCommand          => 't/sendOTP.pl -uid $uid',
             ext2FValidateCommand      => 't/vrfyOTP.pl -uid $uid -code $code',
             authentication            => 'Demo',
diff --git a/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t b/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t
index a85fba2f6..55f138e3a 100644
--- a/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t
+++ b/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t
@@ -10,8 +10,9 @@ count(1);
 
 my $client = LLNG::Manager::Test->new( {
         ini => {
-            logLevel             => 'error',
+            logLevel             => 'debug',
             ext2fActivation      => 1,
+            ext2fCodeActivation  => 0,
             ext2FSendCommand     => 't/sendOTP.pl -uid $uid',
             ext2FValidateCommand => 't/vrfyOTP.pl -uid $uid -code $code',
             authentication       => 'Demo',
diff --git a/lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t b/lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t
index 8bc509b56..86b76ae55 100644
--- a/lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t
+++ b/lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t
@@ -19,6 +19,7 @@ my $client = LLNG::Manager::Test->new( {
             rest2fLogo           => 'u2f.png',
             totp2fActivation     => '$uid eq "dwho"',
             ext2fActivation      => 1,
+            ext2fCodeActivation  => 0,
             ext2FSendCommand     => 't/sendOTP.pl -uid $uid',
             ext2FValidateCommand => 't/vrfyOTP.pl -uid $uid -code $code',
             ext2fLogo            => 'yubikey.png',

From a0c49a89057897f1eaa0f5388c5d0c4d771b52b6 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:10:48 +0100
Subject: [PATCH 03/58] Append parameter (#1632)

---
 .../Lemonldap/NG/Common/Conf/DefaultValues.pm |  1 +
 .../lib/Lemonldap/NG/Manager/Attributes.pm    | 72 ++++++++++---------
 .../Lemonldap/NG/Manager/Build/Attributes.pm  |  5 ++
 .../lib/Lemonldap/NG/Manager/Build/Tree.pm    |  6 +-
 4 files changed, 47 insertions(+), 37 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index 92b85c545..2f5ee043a 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -50,6 +50,7 @@ sub defaultValues {
             'UA' => 'HTTP_USER_AGENT'
         },
         'ext2fActivation'      => 0,
+        'ext2fCodeActivation'  => '\\d{6}',
         'facebookAuthnLevel'   => 1,
         'facebookExportedVars' => {},
         'facebookUserField'    => 'id',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index be49f2985..53d7a7fea 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -8,17 +8,17 @@ sub types {
         'array' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'authParamsText' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'blackWhiteList' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'bool' => {
             'msgFail' => '__notABoolean__',
@@ -36,17 +36,17 @@ sub types {
                         split( /\n/, $@, 0 ) )
                 );
                 return $err ? ( 1, "__badExpression__: $err" ) : 1;
-              }
+            }
         },
         'catAndAppList' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'file' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'hostname' => {
             'form'    => 'text',
@@ -80,48 +80,48 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
                       if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val};
                 }
                 return 1, "__unknownAttrOrMacro__: $val";
-              }
+            }
         },
         'longtext' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'menuApp' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'menuCat' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'oidcmetadatajson' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'oidcmetadatajwks' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'oidcOPMetaDataNode' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'oidcRPMetaDataNode' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'password' => {
             'msgFail' => '__malformedValue__',
             'test'    => sub {
                 1;
-              }
+            }
         },
         'pcre' => {
             'form' => 'text',
@@ -132,7 +132,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
                       }
                 };
                 return $@ ? ( 0, "__badRegexp__: $@" ) : 1;
-              }
+            }
         },
         'PerlModule' => {
             'form'    => 'text',
@@ -142,17 +142,17 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
         'portalskin' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'portalskinbackground' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'post' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'RSAPrivateKey' => {
             'test' => sub {
@@ -160,7 +160,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
 m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s
                   ? 1
                   : ( 1, '__badPemEncoding__' );
-              }
+            }
         },
         'RSAPublicKey' => {
             'test' => sub {
@@ -168,7 +168,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\n
 m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s
                   ? 1
                   : ( 1, '__badPemEncoding__' );
-              }
+            }
         },
         'RSAPublicKeyOrCertificate' => {
             'test' => sub {
@@ -176,37 +176,37 @@ m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\
 m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s
                   ? 1
                   : ( 1, '__badPemEncoding__' );
-              }
+            }
         },
         'rule' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'samlAssertion' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'samlAttribute' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'samlIDPMetaDataNode' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'samlService' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'samlSPMetaDataNode' => {
             'test' => sub {
                 1;
-              }
+            }
         },
         'select' => {
             'test' => sub {
@@ -216,19 +216,19 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\
                 return $test
                   ? 1
                   : ( 1, "Invalid value '$_[0]' for this select" );
-              }
+            }
         },
         'subContainer' => {
             'keyTest' => qr/\w/,
             'test'    => sub {
                 1;
-              }
+            }
         },
         'text' => {
             'msgFail' => '__malformedValue__',
             'test'    => sub {
                 1;
-              }
+            }
         },
         'trool' => {
             'msgFail' => '__authorizedValues__: -1, 0, 1',
@@ -1046,7 +1046,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
                             split( /\n/, $@, 0 ) )
                     );
                     return $err ? ( 1, "__badExpression__: $err" ) : 1;
-                  }
+                }
             },
             'type' => 'keyTextContainer'
         },
@@ -1067,6 +1067,10 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
         'ext2fAuthnLevel' => {
             'type' => 'int'
         },
+        'ext2fCodeActivation' => {
+            'default' => '\\d{6}',
+            'type'    => 'boolOrExpr'
+        },
         'ext2fLogo' => {
             'type' => 'text'
         },
@@ -1222,7 +1226,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
                           and defined $conf->{$_}{$val};
                     }
                     return 1, "__unknownAttrOrMacro__: $val";
-                  }
+                }
             },
             'type' => 'doubleHash'
         },
@@ -1508,7 +1512,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
                             split( /\n/, $@, 0 ) )
                     );
                     return $err ? ( 1, "__badExpression__: $err" ) : 1;
-                  }
+                }
             },
             'type' => 'ruleContainer'
         },
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index aa9df2467..d60b6b994 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -1338,6 +1338,11 @@ sub attributes {
             default       => 0,
             documentation => 'External second factor activation',
         },
+        ext2fCodeActivation => {
+            type          => 'boolOrExpr',
+            default       => '\d{6}',
+            documentation => 'OTP generated by Portal',
+        },
         ext2FSendCommand => {
             type          => 'text',
             documentation => 'Send command of External second factor',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
index 165a574a4..0a6ad068f 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@@ -691,9 +691,9 @@ sub tree {
                             help  => 'external2f.html',
                             form  => 'simpleInputContainer',
                             nodes => [
-                                'ext2fActivation',      'ext2FSendCommand',
-                                'ext2FValidateCommand', 'ext2fAuthnLevel',
-                                'ext2fLogo',
+                                'ext2fActivation',  'ext2fCodeActivation',
+                                'ext2FSendCommand', 'ext2FValidateCommand',
+                                'ext2fAuthnLevel',  'ext2fLogo',
                             ]
                         },
                         {

From 24d5fe7aa7c0e4f0f77d0be38d7f5b67948fe8b4 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:11:14 +0100
Subject: [PATCH 04/58] Improve langs (#1632)

---
 lemonldap-ng-manager/site/htdocs/static/languages/ar.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/languages/de.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/languages/en.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/languages/fr.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/languages/it.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/languages/vi.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/languages/zh.json | 1 +
 lemonldap-ng-manager/site/htdocs/static/reverseTree.json  | 2 +-
 lemonldap-ng-manager/site/htdocs/static/struct.json       | 2 +-
 9 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
index 116e64668..aa8c52896 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@@ -243,6 +243,7 @@
 "exportedVars":"المتغيرات المصدرة",
 "external2f":"External second factor",
 "ext2fActivation":"تفعيل",
+"ext2fCodeActivation":"2F code generated by Portal",
 "ext2fAuthnLevel":"مستوى إثبات الهوية",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"إرسال الأمر",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
index 1dc3b85fe..e7e9ff62b 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
@@ -243,6 +243,7 @@
 "exportedVars":"Exported Variables",
 "external2f":"External second factor",
 "ext2fActivation":"Activation",
+"ext2fCodeActivation":"2F code generated by Portal",
 "ext2fAuthnLevel":"Authentication level",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Send comand",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
index cdf5ad4a2..f20566515 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@@ -243,6 +243,7 @@
 "exportedVars":"Exported Variables",
 "external2f":"External second factor",
 "ext2fActivation":"Activation",
+"ext2fCodeActivation":"2F code generated by Portal",
 "ext2fAuthnLevel":"Authentication level",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Send comand",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
index 527cacc29..badf898c1 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@@ -243,6 +243,7 @@
 "exportedVars":"Attributs à exporter",
 "external2f":"Second facteur externe",
 "ext2fActivation":"Activation",
+"ext2fCodeActivation":"2F code généré par le Portail",
 "ext2fAuthnLevel":"Niveau de l'authentification",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Commande pour l'envoi",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
index e8179e025..226cd66ba 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@@ -243,6 +243,7 @@
 "exportedVars":"Variabili esportate",
 "external2f":"2° fattore esterno",
 "ext2fActivation":"Attivazione",
+"ext2fCodeActivation":"2F code generated by Portal",
 "ext2fAuthnLevel":"Livello di autenticazione",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Invia comando",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
index d2c431f58..4b98a006b 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@@ -243,6 +243,7 @@
 "exportedVars":"Biến đã được xuất",
 "external2f":"Yếu tố thứ 2 bên ngoài",
 "ext2fActivation":"Kích hoạt",
+"ext2fCodeActivation":"2F code generated by Portal",
 "ext2fAuthnLevel":"Mức xác thực",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Gửi lệnh",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
index c0a5ef8d7..ca3c54ac1 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
@@ -243,6 +243,7 @@
 "exportedVars":"Exported Variables",
 "external2f":"External second factor",
 "ext2fActivation":"激活",
+"ext2fCodeActivation":"2F code generated by Portal",
 "ext2fAuthnLevel":"认证级别",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Send comand",
diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
index caa96d927..d2aa407be 100644
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
@@ -1 +1 @@
-{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","bruteForceProtection":"generalParameters/advancedParams/security","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","confirmFormMethod":"generalParameters/advancedParams/forms","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customRegister":"generalParameters/authParams/customParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","demoExportedVars":"generalParameters/authParams/demoParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/external2f","ext2FValidateCommand":"generalParameters/secondFactors/external2f","ext2fActivation":"generalParameters/secondFactors/external2f","ext2fAuthnLevel":"generalParameters/secondFactors/external2f","ext2fLogo":"generalParameters/secondFactors/external2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","formTimeout":"generalParameters/advancedParams/security","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationServer":"generalParameters/plugins/notifications","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthUrl":"generalParameters/authParams/restParams","restConfigServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlIdPResolveCookie":"samlServiceMetaData/samlAdvanced","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleSessionUserByIP":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp","totp2fAuthnLevel":"generalParameters/secondFactors/totp","totp2fDigits":"generalParameters/secondFactors/totp","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp","totp2fInterval":"generalParameters/secondFactors/totp","totp2fIssuer":"generalParameters/secondFactors/totp","totp2fRange":"generalParameters/secondFactors/totp","totp2fSelfRegistration":"generalParameters/secondFactors/totp","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
+{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","bruteForceProtection":"generalParameters/advancedParams/security","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","confirmFormMethod":"generalParameters/advancedParams/forms","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customRegister":"generalParameters/authParams/customParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","demoExportedVars":"generalParameters/authParams/demoParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/external2f","ext2FValidateCommand":"generalParameters/secondFactors/external2f","ext2fActivation":"generalParameters/secondFactors/external2f","ext2fAuthnLevel":"generalParameters/secondFactors/external2f","ext2fCodeActivation":"generalParameters/secondFactors/external2f","ext2fLogo":"generalParameters/secondFactors/external2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","formTimeout":"generalParameters/advancedParams/security","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationServer":"generalParameters/plugins/notifications","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthUrl":"generalParameters/authParams/restParams","restConfigServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlIdPResolveCookie":"samlServiceMetaData/samlAdvanced","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleSessionUserByIP":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp","totp2fAuthnLevel":"generalParameters/secondFactors/totp","totp2fDigits":"generalParameters/secondFactors/totp","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp","totp2fInterval":"generalParameters/secondFactors/totp","totp2fIssuer":"generalParameters/secondFactors/totp","totp2fRange":"generalParameters/secondFactors/totp","totp2fSelfRegistration":"generalParameters/secondFactors/totp","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json
index d2a4b44cb..4f69bb046 100644
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
@@ -1 +1 @@
-[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":"login","id":"pamService","title":"pamService"},{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"bool"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
+[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":"login","id":"pamService","title":"pamService"},{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation","type":"boolOrExpr"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"bool"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file

From 0690a0c7abeb70ffb7c84bde8af42a7c2df19a00 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:12:40 +0100
Subject: [PATCH 05/58] Improve code (#1625)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm     | 4 ++--
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/Get.pm     | 4 ++--
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm  | 4 ++--
 .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm           | 4 ++--
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm    | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm
index 98d4927ef..c534de843 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm
@@ -13,7 +13,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_SENDRESPONSE
 );
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 extends 'Lemonldap::NG::Portal::Main::Issuer',
   'Lemonldap::NG::Portal::Lib::CAS';
@@ -23,7 +23,7 @@ extends 'Lemonldap::NG::Portal::Main::Issuer',
 use constant beforeAuth  => 'storeEnvAndCheckGateway';
 use constant sessionKind => 'ICAS';
 
-has rule => ( is => 'rw', default => sub { {} } );
+has rule => ( is => 'rw' );
 
 sub init {
     my ($self) = @_;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/Get.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/Get.pm
index 95ce996eb..06b653503 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/Get.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/Get.pm
@@ -6,11 +6,11 @@ use URI::Escape;
 use Lemonldap::NG::Common::FormEncode;
 use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_BADURL PE_GET_SERVICE_NOT_ALLOWED);
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 extends 'Lemonldap::NG::Portal::Main::Issuer';
 
-has rule => ( is => 'rw', default => sub { {} } );
+has rule => ( is => 'rw' );
 
 # INITIALIZATION
 
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
index 58850db2a..90a729223 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
@@ -16,7 +16,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_OID_SERVICE_NOT_ALLOWED
 );
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 extends 'Lemonldap::NG::Portal::Main::Issuer';
 
@@ -50,7 +50,7 @@ has spList => (
 
 has openidPortal => ( is => 'rw' );
 
-has rule => ( is => 'rw', default => sub { {} } );
+has rule => ( is => 'rw' );
 
 # INITIALIZATION
 
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
index c9f741936..36875dc61 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
@@ -15,7 +15,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_OIDC_SERVICE_NOT_ALLOWED
 );
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 extends 'Lemonldap::NG::Portal::Main::Issuer',
   'Lemonldap::NG::Portal::Lib::OpenIDConnect',
@@ -29,7 +29,7 @@ sub beforeAuth { 'exportRequestParameters' }
 
 use constant sessionKind => 'OIDCI';
 
-has rule => ( is => 'rw', default => sub { {} } );
+has rule => ( is => 'rw' );
 has configStorage => (
     is      => 'ro',
     lazy    => 1,
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm
index 7461ca787..8a97bbccb 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm
@@ -16,12 +16,12 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_UNAUTHORIZEDPARTNER
 );
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 extends 'Lemonldap::NG::Portal::Main::Issuer',
   'Lemonldap::NG::Portal::Lib::SAML';
 
-has rule           => ( is => 'rw', default => sub { {} } );
+has rule           => ( is => 'rw' );
 has ssoUrlRe       => ( is => 'rw' );
 has ssoUrlArtifact => ( is => 'rw' );
 has ssoGetUrl      => ( is => 'rw' );

From fdaa0fb424e9aa5f777b10d30a8c588240cd2503 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:41:18 +0100
Subject: [PATCH 06/58] Modify parameter type (#1632)

---
 lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm     | 2 +-
 .../lib/Lemonldap/NG/Manager/Build/Attributes.pm                | 2 +-
 lemonldap-ng-manager/site/htdocs/static/struct.json             | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index 53d7a7fea..9e08efa2d 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -1069,7 +1069,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
         },
         'ext2fCodeActivation' => {
             'default' => '\\d{6}',
-            'type'    => 'boolOrExpr'
+            'type'    => 'pcre'
         },
         'ext2fLogo' => {
             'type' => 'text'
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index d60b6b994..32c6329e1 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -1339,7 +1339,7 @@ sub attributes {
             documentation => 'External second factor activation',
         },
         ext2fCodeActivation => {
-            type          => 'boolOrExpr',
+            type          => 'pcre',
             default       => '\d{6}',
             documentation => 'OTP generated by Portal',
         },
diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json
index 4f69bb046..0269ed380 100644
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
@@ -1 +1 @@
-[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":"login","id":"pamService","title":"pamService"},{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation","type":"boolOrExpr"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"bool"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
+[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":"login","id":"pamService","title":"pamService"},{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"bool"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file

From 60e80fe1b121e90125e74bdeff7bfbe412bb5b23 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:41:58 +0100
Subject: [PATCH 07/58] Improve code (#1629)

---
 .../lib/Lemonldap/NG/Portal/2F/Mail2F.pm            | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm
index 60181531f..3fdfd0ed4 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm
@@ -41,19 +41,16 @@ has ott => (
 
 sub init {
     my ($self) = @_;
-    foreach (qw(mail2fCodeRegex mailSessionKey)) {
-        unless ( $self->conf->{$_} ) {
-            $self->error("Missing $_ parameter, aborting");
-            return 0;
-        }
+    $self->{conf}->{mail2fCodeRegex} ||= '\d{6}';
+    unless ( $self->conf->{mailSessionKey} ) {
+        $self->error("Missing 'mailSessionKey' parameter, aborting");
+        return 0;
     }
     $self->logo( $self->conf->{mail2fLogo} )
         if ( $self->conf->{mail2fLogo} );
     return $self->SUPER::init();
 }
 
-# RUNNING METHODS
-
 sub run {
     my ( $self, $req, $token ) = @_;
 
@@ -80,7 +77,7 @@ sub run {
         $subject = 'mail2fSubject';
         $tr->( \$subject );
     }
-    my ($body, $html);
+    my ( $body, $html );
     if ( $self->conf->{mail2fBody} ) {
 
         # We use a specific text message, no html

From 90ddec7ce0f59ed1c6015e688689c8864178d284 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 14 Feb 2019 22:43:38 +0100
Subject: [PATCH 08/58] WIP - Optionaly let Ext2F module handle code generation
 (#1632)

---
 .../lib/Lemonldap/NG/Portal/2F/Ext2F.pm       | 102 +++++++++++++-----
 1 file changed, 73 insertions(+), 29 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
index 3dac32de5..45f00faef 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
@@ -2,32 +2,46 @@ package Lemonldap::NG::Portal::2F::Ext2F;
 
 use strict;
 use Mouse;
+use String::Random;
 use Lemonldap::NG::Portal::Main::Constants qw(
-  PE_BADCREDENTIALS
-  PE_ERROR
-  PE_FORMEMPTY
-  PE_OK
-  PE_SENDRESPONSE
+    PE_BADCREDENTIALS
+    PE_ERROR
+    PE_FORMEMPTY
+    PE_OK
+    PE_SENDRESPONSE
 );
 
-our $VERSION = '2.0.0';
+our $VERSION = '2.0.3';
 
 extends 'Lemonldap::NG::Portal::Main::SecondFactor';
 
 # INITIALIZATION
 
 has prefix => ( is => 'ro', default => 'ext' );
+has random => ( is => 'rw' );
 
 sub init {
     my ($self) = @_;
-    foreach (qw(ext2FSendCommand ext2FValidateCommand)) {
-        unless ( $self->conf->{$_} ) {
-            $self->error("Missing $_ parameter, aborting");
-            return 0;
+    unless ( $self->conf->{ext2fCodeActivation} ) {
+        foreach (qw(ext2FSendCommand ext2FValidateCommand)) {
+            unless ( $self->conf->{$_} ) {
+                $self->error("Missing $_ parameter, aborting");
+                return 0;
+            }
         }
+        $self->logo( $self->conf->{ext2fLogo} )
+            if ( $self->conf->{ext2fLogo} );
+        return $self->SUPER::init();
     }
-    $self->logo( $self->conf->{ext2fLogo} ) if ( $self->conf->{ext2fLogo} );
-    return $self->SUPER::init();
+    if (    $self->conf->{ext2fCodeActivation}
+        and $self->conf->{ext2FSendCommand} )
+    {
+        $self->random( String::Random->new );
+        $self->logo( $self->conf->{ext2fLogo} )
+            if ( $self->conf->{ext2fLogo} );
+        return $self->SUPER::init();
+    }
+    return 0;
 }
 
 # RUNNING METHODS
@@ -38,14 +52,23 @@ sub run {
     my $checkLogins = $req->param('checkLogins');
     $self->logger->debug("Ext2F checkLogins set") if ($checkLogins);
 
+    # Generate OTP to send
+    if ( $self->{random} ) {
+        my $code
+            = $self->random->randregex( $self->conf->{ext2fOTPActivation} );
+        $self->logger->debug("Generated ext2f code : $code");
+        $self->ott->updateToken( $token, __ext2fcode => $code );
+    }
+
     # Prepare command and launch it
     $self->logger->debug( 'Launching "Send" external 2F command -> '
-          . $self->conf->{ext2FSendCommand} );
-    if ( my $c =
-        $self->launch( $req->sessionInfo, $self->conf->{ext2FSendCommand} ) )
+            . $self->conf->{ext2FSendCommand} );
+    if ( my $c
+        = $self->launch( $req->sessionInfo, $self->conf->{ext2FSendCommand} )
+        )
     {
         $self->logger->error("External send command failed (code $c)");
-        return $self->p->do( $req, [ sub { PE_ERROR } ] );
+        return $self->p->do( $req, [ sub {PE_ERROR} ] );
     }
 
     # Prepare form
@@ -67,24 +90,44 @@ sub run {
 
 sub verify {
     my ( $self, $req, $session ) = @_;
-    my $code;
-    unless ( $code = $req->param('code') ) {
+    my $usercode;
+    unless ( $usercode = $req->param('code') ) {
         $self->userLogger->error('External 2F: no code');
         return PE_FORMEMPTY;
     }
 
-    # Prepare command and launch it
-    $self->logger->debug( 'Launching "Validate" external 2F command -> '
-          . $self->conf->{ext2FValidateCommand} );
-    $self->logger->debug(" code -> $code");
-    if ( my $c =
-        $self->launch( $session, $self->conf->{ext2FValidateCommand}, $code ) )
-    {
-        $self->userLogger->warn( 'Second factor failed for '
-              . $session->{ $self->conf->{whatToTrace} } );
-        return PE_BADCREDENTIALS;
+    unless ( $self->conf->{ext2fCodeActivation} ) {
+
+        # Prepare command and launch it
+        $self->logger->debug( 'Launching "Validate" external 2F command -> '
+                . $self->conf->{ext2FValidateCommand} );
+        $self->logger->debug(" code -> $usercode");
+        if (my $c = $self->launch(
+                $session, $self->conf->{ext2FValidateCommand}, $usercode
+            )
+            )
+        {
+            $self->userLogger->warn( 'Second factor failed for '
+                    . $session->{ $self->conf->{whatToTrace} } );
+            $self->logger->error("External verify command failed (code $c)");
+            return PE_BADCREDENTIALS;
+        }
+        return PE_OK;
     }
-    PE_OK;
+
+    my $savedcode = $session->{__ext2fcode};
+    unless ($savedcode) {
+        $self->logger->error(
+            'Unable to find generated 2F code in token session');
+        return PE_ERROR;
+    }
+
+    $self->logger->debug("Verifying Ext 2F code: $usercode VS $savedcode");
+    return PE_OK if ( $usercode eq $savedcode );
+
+    $self->userLogger->warn( 'Second factor failed for '
+            . $session->{ $self->conf->{whatToTrace} } );
+    return PE_BADCREDENTIALS;
 }
 
 # system() is used with an array to avoid shell injection
@@ -102,3 +145,4 @@ sub launch {
 }
 
 1;
+

From 7802cbcc713ea8d9d9bcab3dcaaa9253e4d469af Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 16 Feb 2019 21:59:53 +0100
Subject: [PATCH 09/58] Optionaly let Ext2F module handle code generation
 (#1632)

---
 .../lib/Lemonldap/NG/Portal/2F/Ext2F.pm       | 21 +++++++++++--------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
index 45f00faef..9e6968c1c 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
@@ -33,9 +33,11 @@ sub init {
             if ( $self->conf->{ext2fLogo} );
         return $self->SUPER::init();
     }
-    if (    $self->conf->{ext2fCodeActivation}
-        and $self->conf->{ext2FSendCommand} )
-    {
+    if ( $self->conf->{ext2fCodeActivation} ) {
+        unless ( $self->conf->{ext2FSendCommand} ) {
+            $self->error("Missing 'ext2FSendCommand' parameter, aborting");
+            return 0;
+        }
         $self->random( String::Random->new );
         $self->logo( $self->conf->{ext2fLogo} )
             if ( $self->conf->{ext2fLogo} );
@@ -52,10 +54,11 @@ sub run {
     my $checkLogins = $req->param('checkLogins');
     $self->logger->debug("Ext2F checkLogins set") if ($checkLogins);
 
-    # Generate OTP to send
-    if ( $self->{random} ) {
-        my $code
-            = $self->random->randregex( $self->conf->{ext2fOTPActivation} );
+    # Generate Code to send
+    my $code;
+    if ( $self->conf->{ext2fCodeActivation} ) {
+        $code
+            = $self->random->randregex( $self->conf->{ext2fCodeActivation} );
         $self->logger->debug("Generated ext2f code : $code");
         $self->ott->updateToken( $token, __ext2fcode => $code );
     }
@@ -64,7 +67,7 @@ sub run {
     $self->logger->debug( 'Launching "Send" external 2F command -> '
             . $self->conf->{ext2FSendCommand} );
     if ( my $c
-        = $self->launch( $req->sessionInfo, $self->conf->{ext2FSendCommand} )
+        = $self->launch( $req->sessionInfo, $self->conf->{ext2FSendCommand}, $code )
         )
     {
         $self->logger->error("External send command failed (code $c)");
@@ -92,7 +95,7 @@ sub verify {
     my ( $self, $req, $session ) = @_;
     my $usercode;
     unless ( $usercode = $req->param('code') ) {
-        $self->userLogger->error('External 2F: no code');
+        $self->userLogger->error('External 2F: no code found');
         return PE_FORMEMPTY;
     }
 

From a28310956ef896ac27b91cee62dc2d6a68198bd4 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 16 Feb 2019 22:00:25 +0100
Subject: [PATCH 10/58] Append unit test (#1632)

---
 ...th-HISTORY.t => 70-2F-TOTP-with-History.t} |  0
 ...ith-HISTORY.t => 71-2F-U2F-with-History.t} |  0
 ...> 73-2F-UTOTP-TOTP-and-U2F-with-History.t} |  0
 ...t => 73-2F-UTOTP-TOTP-only-with-History.t} |  0
 .../t/76-2F-Ext-with-CodeActivation.t         | 66 +++++++++++++++++++
 .../t/76-2F-Ext-with-GrantSession.t           |  2 +-
 ...ith-HISTORY.t => 76-2F-Ext-with-History.t} |  0
 lemonldap-ng-portal/t/sendCode.pl             |  7 ++
 8 files changed, 74 insertions(+), 1 deletion(-)
 rename lemonldap-ng-portal/t/{70-2F-TOTP-with-HISTORY.t => 70-2F-TOTP-with-History.t} (100%)
 rename lemonldap-ng-portal/t/{71-2F-U2F-with-HISTORY.t => 71-2F-U2F-with-History.t} (100%)
 rename lemonldap-ng-portal/t/{73-2F-UTOTP-TOTP-and-U2F-with-HISTORY.t => 73-2F-UTOTP-TOTP-and-U2F-with-History.t} (100%)
 rename lemonldap-ng-portal/t/{73-2F-UTOTP-TOTP-only-with-HISTORY.t => 73-2F-UTOTP-TOTP-only-with-History.t} (100%)
 create mode 100644 lemonldap-ng-portal/t/76-2F-Ext-with-CodeActivation.t
 rename lemonldap-ng-portal/t/{76-2F-Ext-with-HISTORY.t => 76-2F-Ext-with-History.t} (100%)
 create mode 100755 lemonldap-ng-portal/t/sendCode.pl

diff --git a/lemonldap-ng-portal/t/70-2F-TOTP-with-HISTORY.t b/lemonldap-ng-portal/t/70-2F-TOTP-with-History.t
similarity index 100%
rename from lemonldap-ng-portal/t/70-2F-TOTP-with-HISTORY.t
rename to lemonldap-ng-portal/t/70-2F-TOTP-with-History.t
diff --git a/lemonldap-ng-portal/t/71-2F-U2F-with-HISTORY.t b/lemonldap-ng-portal/t/71-2F-U2F-with-History.t
similarity index 100%
rename from lemonldap-ng-portal/t/71-2F-U2F-with-HISTORY.t
rename to lemonldap-ng-portal/t/71-2F-U2F-with-History.t
diff --git a/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F-with-HISTORY.t b/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F-with-History.t
similarity index 100%
rename from lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F-with-HISTORY.t
rename to lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F-with-History.t
diff --git a/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-only-with-HISTORY.t b/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-only-with-History.t
similarity index 100%
rename from lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-only-with-HISTORY.t
rename to lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-only-with-History.t
diff --git a/lemonldap-ng-portal/t/76-2F-Ext-with-CodeActivation.t b/lemonldap-ng-portal/t/76-2F-Ext-with-CodeActivation.t
new file mode 100644
index 000000000..72d39f356
--- /dev/null
+++ b/lemonldap-ng-portal/t/76-2F-Ext-with-CodeActivation.t
@@ -0,0 +1,66 @@
+use Test::More;
+use strict;
+use IO::String;
+use Data::Dumper;
+
+require 't/test-lib.pm';
+
+use_ok('Lemonldap::NG::Common::FormEncode');
+count(1);
+
+my $client = LLNG::Manager::Test->new( {
+        ini => {
+            logLevel             => 'error',
+            ext2fActivation      => 1,
+            ext2fCodeActivation  => 'A1b2C0',
+            ext2FSendCommand     => 't/sendCode.pl -uid $uid -code $code',
+            authentication       => 'Demo',
+            userDB               => 'Same',
+        }
+    }
+);
+
+my $res;
+
+# Try to authenticate
+# -------------------
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new('user=dwho&password=dwho'),
+        length => 23,
+        accept => 'text/html',
+    ),
+    'Auth query'
+);
+count(1);
+
+my ( $host, $url, $query ) =
+  expectForm( $res, undef, '/ext2fcheck', 'token', 'code' );
+
+ok(
+    $res->[2]->[0] =~
+qr%<input name="code" value="" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />%,
+    'Found EXTCODE input'
+) or print STDERR Dumper( $res->[2]->[0] );
+count(1);
+
+$query =~ s/code=/code=A1b2C0/;
+ok(
+    $res = $client->_post(
+        '/ext2fcheck',
+        IO::String->new($query),
+        length => length($query),
+        accept => 'text/html',
+    ),
+    'Post code'
+);
+count(1);
+
+my $id = expectCookie($res);
+$client->logout($id);
+
+clean_sessions();
+
+done_testing( count() );
+
diff --git a/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t b/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t
index 55f138e3a..149465620 100644
--- a/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t
+++ b/lemonldap-ng-portal/t/76-2F-Ext-with-GrantSession.t
@@ -10,7 +10,7 @@ count(1);
 
 my $client = LLNG::Manager::Test->new( {
         ini => {
-            logLevel             => 'debug',
+            logLevel             => 'error',
             ext2fActivation      => 1,
             ext2fCodeActivation  => 0,
             ext2FSendCommand     => 't/sendOTP.pl -uid $uid',
diff --git a/lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t b/lemonldap-ng-portal/t/76-2F-Ext-with-History.t
similarity index 100%
rename from lemonldap-ng-portal/t/76-2F-Ext-with-HISTORY.t
rename to lemonldap-ng-portal/t/76-2F-Ext-with-History.t
diff --git a/lemonldap-ng-portal/t/sendCode.pl b/lemonldap-ng-portal/t/sendCode.pl
new file mode 100755
index 000000000..cde4307fd
--- /dev/null
+++ b/lemonldap-ng-portal/t/sendCode.pl
@@ -0,0 +1,7 @@
+#!/usr/bin/perl
+use strict;
+use warnings;
+
+my ( $swt1, $user, $swt2, $code ) = @ARGV;
+
+exit !( $swt1 eq '-uid' && $user eq 'dwho' && $swt2 eq '-code' && defined $code );

From 7b22aecd67fdb97a84febe5a21d127e4010beb23 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 16 Feb 2019 22:40:40 +0100
Subject: [PATCH 11/58] Update config. test (#1632)

---
 .../lib/Lemonldap/NG/Manager/Conf/Tests.pm    | 223 +++++++++---------
 1 file changed, 111 insertions(+), 112 deletions(-)

diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
index 05970827a..beb1e9f2b 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
@@ -31,8 +31,7 @@ sub tests {
         portalIsInDomain => sub {
             return (
                 1,
-                (
-                    index( $conf->{portal}, $conf->{domain} ) > 0
+                (   index( $conf->{portal}, $conf->{domain} ) > 0
                     ? ''
                     : "Portal seems not to be in the domain $conf->{domain}"
                 )
@@ -44,7 +43,7 @@ sub tests {
 
             # Checking for ending slash
             $conf->{portal} .= '/'
-              unless ( $conf->{portal} =~ qr#/$# );
+                unless ( $conf->{portal} =~ qr#/$# );
 
             # Deleting trailing ending slash
             my $regex = qr#/+$#;
@@ -62,11 +61,10 @@ sub tests {
             }
             return (
                 1,
-                (
-                    @pb
+                (   @pb
                     ? 'Virtual hosts '
-                      . join( ', ', @pb )
-                      . " are not in $conf->{domain} and cross-domain-authentication is not set"
+                        . join( ', ', @pb )
+                        . " are not in $conf->{domain} and cross-domain-authentication is not set"
                     : undef
                 )
             );
@@ -80,9 +78,9 @@ sub tests {
             }
             if (@pb) {
                 return ( 0,
-                        'Virtual hosts '
-                      . join( ', ', @pb )
-                      . " contain a port, this is not allowed" );
+                          'Virtual hosts '
+                        . join( ', ', @pb )
+                        . " contain a port, this is not allowed" );
             }
             else { return 1; }
         },
@@ -95,9 +93,9 @@ sub tests {
             }
             if (@pb) {
                 return ( 0,
-                        'Virtual hosts '
-                      . join( ', ', @pb )
-                      . " must be in lower case" );
+                          'Virtual hosts '
+                        . join( ', ', @pb )
+                        . " must be in lower case" );
             }
             else { return 1; }
         },
@@ -105,12 +103,12 @@ sub tests {
         # Check if "userDB" and "authentication" are consistent
         authAndUserDBConsistency => sub {
             foreach
-              my $type (qw(Facebook Google OpenID OpenIDConnect SAML WebID))
+                my $type (qw(Facebook Google OpenID OpenIDConnect SAML WebID))
             {
                 return ( 0,
-"\"$type\" can not be used as user database without using \"$type\" for authentication"
-                  )
-                  if (  $conf->{userDB} =~ /$type/
+                    "\"$type\" can not be used as user database without using \"$type\" for authentication"
+                    )
+                    if ($conf->{userDB} =~ /$type/
                     and $conf->{authentication} !~ /$type/ );
             }
             return 1;
@@ -120,30 +118,29 @@ sub tests {
         checkAttrAndMacros => sub {
             my @tmp;
             foreach my $k ( keys %$conf ) {
-                if ( $k =~
-/^(?:openIdSreg_(?:(?:(?:full|nick)nam|languag|postcod|timezon)e|country|gender|email|dob)|whatToTrace)$/
-                  )
+                if ( $k
+                    =~ /^(?:openIdSreg_(?:(?:(?:full|nick)nam|languag|postcod|timezon)e|country|gender|email|dob)|whatToTrace)$/
+                    )
                 {
                     my $v = $conf->{$k};
                     $v =~ s/^$//;
                     next if ( $v =~ /^_/ );
                     push @tmp,
-                      $k
-                      unless (
+                        $k
+                        unless (
                         defined(
                             $conf->{exportedVars}->{$v}
-                              or defined( $conf->{macros}->{$v} )
+                                or defined( $conf->{macros}->{$v} )
                         )
-                      );
+                        );
                 }
             }
             return (
                 1,
-                (
-                    @tmp
+                (   @tmp
                     ? 'Values of parameter(s) "'
-                      . join( ', ', @tmp )
-                      . '" are not defined in exported attributes or macros'
+                        . join( ', ', @tmp )
+                        . '" are not defined in exported attributes or macros'
                     : ''
                 )
             );
@@ -155,18 +152,18 @@ sub tests {
             if ( $conf->{userDB} =~ /^Google$/ ) {
                 foreach my $k ( keys %{ $conf->{exportedVars} } ) {
                     my $v = $conf->{exportedVars}->{$k};
-                    if ( $v !~ Lemonldap::NG::Common::Regexp::GOOGLEAXATTR() ) {
+                    if ( $v !~ Lemonldap::NG::Common::Regexp::GOOGLEAXATTR() )
+                    {
                         push @tmp, $v;
                     }
                 }
             }
             return (
                 1,
-                (
-                    @tmp
+                (   @tmp
                     ? 'Values of parameter(s) "'
-                      . join( ', ', @tmp )
-                      . '" are not exported by Google'
+                        . join( ', ', @tmp )
+                        . '" are not exported by Google'
                     : ''
                 )
             );
@@ -178,7 +175,8 @@ sub tests {
             if ( $conf->{userDB} =~ /^OpenID$/ ) {
                 foreach my $k ( keys %{ $conf->{exportedVars} } ) {
                     my $v = $conf->{exportedVars}->{$k};
-                    if ( $v !~ Lemonldap::NG::Common::Regexp::OPENIDSREGATTR() )
+                    if ( $v
+                        !~ Lemonldap::NG::Common::Regexp::OPENIDSREGATTR() )
                     {
                         push @tmp, $v;
                     }
@@ -186,11 +184,10 @@ sub tests {
             }
             return (
                 1,
-                (
-                    @tmp
+                (   @tmp
                     ? 'Values of parameter(s) "'
-                      . join( ', ', @tmp )
-                      . '" are not exported by OpenID SREG'
+                        . join( ', ', @tmp )
+                        . '" are not exported by OpenID SREG'
                     : ''
                 )
             );
@@ -199,39 +196,40 @@ sub tests {
         # Try to use Apache::Session module
         testApacheSession => sub {
             my ( $id, %h );
-            my $gc = Lemonldap::NG::Handler::Main->tsv->{sessionStorageModule};
+            my $gc
+                = Lemonldap::NG::Handler::Main->tsv->{sessionStorageModule};
             return 1
-              if ( ( $gc and $gc eq $conf->{globalStorage} )
-                or $conf->{globalStorage} =~
-                /^Lemonldap::NG::Common::Apache::Session::/ );
+                if ( ( $gc and $gc eq $conf->{globalStorage} )
+                or $conf->{globalStorage}
+                =~ /^Lemonldap::NG::Common::Apache::Session::/ );
             eval "use $conf->{globalStorage}";
             return ( -1, "Unknown package $conf->{globalStorage}" ) if ($@);
             eval {
                 tie %h, 'Lemonldap::NG::Common::Apache::Session', undef,
-                  {
+                    {
                     %{ $conf->{globalStorageOptions} },
                     backend => $conf->{globalStorage}
-                  };
+                    };
             };
             return ( -1, "Unable to create a session ($@)" )
-              if ( $@ or not tied(%h) );
+                if ( $@ or not tied(%h) );
             eval {
                 $h{a} = 1;
                 $id = $h{_session_id} or return ( -1, 'No _session_id' );
                 untie(%h);
                 tie %h, 'Lemonldap::NG::Common::Apache::Session', $id,
-                  {
+                    {
                     %{ $conf->{globalStorageOptions} },
                     backend => $conf->{globalStorage}
-                  };
+                    };
             };
             return ( -1, "Unable to insert data ($@)" ) if ($@);
             return ( -1, "Unable to recover data stored" )
-              unless ( $h{a} == 1 );
+                unless ( $h{a} == 1 );
             eval { tied(%h)->delete; };
             return ( -1, "Unable to delete session ($@)" ) if ($@);
             return ( -1,
-'All sessions may be lost and you must restart all your Apache servers'
+                'All sessions may be lost and you must restart all your Apache servers'
             ) if ( $gc and $conf->{globalStorage} ne $gc );
             return 1;
         },
@@ -241,9 +239,8 @@ sub tests {
             my $cn = Lemonldap::NG::Handler::Main->tsv->{cookieName};
             return (
                 1,
-                (
-                    $cn
-                      and $cn ne $conf->{cookieName}
+                (   $cn
+                        and $cn ne $conf->{cookieName}
                     ? 'Cookie name has changed, you must restart all your web servers'
                     : ()
                 )
@@ -254,10 +251,10 @@ sub tests {
         cookieTTL => sub {
             return 1 unless ( defined $conf->{cookieExpiration} );
             return ( 0, "Cookie TTL must be higher than one minute" )
-              unless ( $conf->{cookieExpiration} == 0
+                unless ( $conf->{cookieExpiration} == 0
                 || $conf->{cookieExpiration} > 60 );
             return ( 1, "Cookie TTL should be higher or equal than one hour" )
-              unless ( $conf->{cookieExpiration} >= 3600
+                unless ( $conf->{cookieExpiration} >= 3600
                 || $conf->{cookieExpiration} == 0 );
 
             # Return
@@ -268,7 +265,7 @@ sub tests {
         sessionTimeout => sub {
             return 1 unless ( defined $conf->{timeout} );
             return ( -1, "Session timeout should be higher than ten minutes" )
-              unless ( $conf->{timeout} > 600
+                unless ( $conf->{timeout} > 600
                 || $conf->{timeout} == 0 );
 
             # Return
@@ -279,9 +276,9 @@ sub tests {
         sessionTimeoutActivity => sub {
             return 1 unless ( defined $conf->{timeoutActivity} );
             return ( 0,
-"Session activity timeout must be higher or equal than one minute"
-              )
-              unless ( $conf->{timeoutActivity} > 59
+                "Session activity timeout must be higher or equal than one minute"
+                )
+                unless ( $conf->{timeoutActivity} > 59
                 || $conf->{timeoutActivity} == 0 );
 
             # Return
@@ -292,11 +289,11 @@ sub tests {
         timeoutActivityInterval => sub {
             return 1 unless ( defined $conf->{timeoutActivityInterval} );
             return ( 0,
-"Activity timeout interval must be lower than session activity timeout"
-              )
-              if (  $conf->{timeoutActivity}
-                and $conf->{timeoutActivity} <=
-                $conf->{timeoutActivityInterval} );
+                "Activity timeout interval must be lower than session activity timeout"
+                )
+                if ($conf->{timeoutActivity}
+                and $conf->{timeoutActivity}
+                <= $conf->{timeoutActivityInterval} );
 
             # Return
             return 1;
@@ -306,8 +303,7 @@ sub tests {
         managerProtection => sub {
             return (
                 1,
-                (
-                    $conf->{cfgAuthor} eq 'anonymous'
+                (   $conf->{cfgAuthor} eq 'anonymous'
                     ? 'Your manager seems to be unprotected'
                     : ''
                 )
@@ -323,7 +319,7 @@ sub tests {
             # Use SMTP
             eval "use Net::SMTP";
             return ( 1, "Net::SMTP module is required to use SMTP server" )
-              if ($@);
+                if ($@);
 
             # Create SMTP object
             my $smtp = Net::SMTP->new(
@@ -333,15 +329,15 @@ sub tests {
             );
             return ( 1,
                 "SMTP connection to " . $conf->{SMTPServer} . " failed" )
-              unless ($smtp);
+                unless ($smtp);
 
             # Skip other tests if no authentication
             return 1
-              unless ( $conf->{SMTPAuthUser} and $conf->{SMTPAuthPass} );
+                unless ( $conf->{SMTPAuthUser} and $conf->{SMTPAuthPass} );
 
             # Try authentication
             return ( 1, "SMTP authentication failed" )
-              unless $smtp->auth( $conf->{SMTPAuthUser},
+                unless $smtp->auth( $conf->{SMTPAuthUser},
                 $conf->{SMTPAuthPass} );
 
             # Return
@@ -351,15 +347,14 @@ sub tests {
         # SAML entity ID must be uniq
         samlIDPEntityIdUniqueness => sub {
             return 1
-              unless ( $conf->{samlIDPMetaDataXML}
+                unless ( $conf->{samlIDPMetaDataXML}
                 and %{ $conf->{samlIDPMetaDataXML} } );
             my @msg;
             my $res = 1;
             my %entityIds;
             foreach my $idpId ( keys %{ $conf->{samlIDPMetaDataXML} } ) {
-                unless (
-                    $conf->{samlIDPMetaDataXML}->{$idpId}->{samlIDPMetaDataXML}
-                    =~ /entityID=(['"])(.+?)\1/si )
+                unless ( $conf->{samlIDPMetaDataXML}->{$idpId}
+                    ->{samlIDPMetaDataXML} =~ /entityID=(['"])(.+?)\1/si )
                 {
                     push @msg, "$idpId SAML metadata has no EntityID";
                     $res = 0;
@@ -368,7 +363,7 @@ sub tests {
                 my $eid = $2;
                 if ( defined $entityIds{$eid} ) {
                     push @msg,
-                      "$idpId and $entityIds{$eid} have the same SAML EntityID";
+                        "$idpId and $entityIds{$eid} have the same SAML EntityID";
                     $res = 0;
                     next;
                 }
@@ -378,15 +373,15 @@ sub tests {
         },
         samlSPEntityIdUniqueness => sub {
             return 1
-              unless ( $conf->{samlSPMetaDataXML}
+                unless ( $conf->{samlSPMetaDataXML}
                 and %{ $conf->{samlSPMetaDataXML} } );
             my @msg;
             my $res = 1;
             my %entityIds;
             foreach my $spId ( keys %{ $conf->{samlSPMetaDataXML} } ) {
                 unless (
-                    $conf->{samlSPMetaDataXML}->{$spId}->{samlSPMetaDataXML} =~
-                    /entityID=(['"])(.+?)\1/si )
+                    $conf->{samlSPMetaDataXML}->{$spId}->{samlSPMetaDataXML}
+                    =~ /entityID=(['"])(.+?)\1/si )
                 {
                     push @msg, "$spId SAML metadata has no EntityID";
                     $res = 0;
@@ -395,7 +390,7 @@ sub tests {
                 my $eid = $2;
                 if ( defined $entityIds{$eid} ) {
                     push @msg,
-                      "$spId and $entityIds{$eid} have the same SAML EntityID";
+                        "$spId and $entityIds{$eid} have the same SAML EntityID";
                     $res = 0;
                     next;
                 }
@@ -409,7 +404,7 @@ sub tests {
             return 1 unless ( $conf->{authentication} eq 'Combination' );
             require Lemonldap::NG::Common::Combination::Parser;
             return ( 0, 'No module declared for combination' )
-              unless ( $conf->{combModules} and %{ $conf->{combModules} } );
+                unless ( $conf->{combModules} and %{ $conf->{combModules} } );
             my $moduleList;
             foreach my $md ( keys %{ $conf->{combModules} } ) {
                 my $entry = $conf->{combModules}->{$md};
@@ -420,8 +415,8 @@ sub tests {
                 );
             }
             eval {
-                Lemonldap::NG::Common::Combination::Parser->parse( $moduleList,
-                    $conf->{combination} );
+                Lemonldap::NG::Common::Combination::Parser->parse(
+                    $moduleList, $conf->{combination} );
             };
             return ( 0, $@ ) if ($@);
 
@@ -433,9 +428,9 @@ sub tests {
         combinationParameters => sub {
             return 1 unless ( $conf->{authentication} eq "Combination" );
             return ( 0, "Combination rule must be defined" )
-              unless ( $conf->{combination} );
+                unless ( $conf->{combination} );
             return ( 0, 'userDB must be set to "Same" to enable Combination' )
-              unless ( $conf->{userDB} eq "Same" );
+                unless ( $conf->{userDB} eq "Same" );
 
             # Return
             return 1;
@@ -458,7 +453,7 @@ sub tests {
                 eval "use Convert::Base32";
                 return ( 1,
                     "Convert::Base32 module is required to enable TOTP" )
-                  if ($@);
+                    if ($@);
             }
 
             # Use U2F
@@ -467,7 +462,7 @@ sub tests {
             {
                 eval "use Crypt::U2F::Server::Simple";
                 return ( 1,
-"Crypt::U2F::Server::Simple module is required to enable U2F"
+                    "Crypt::U2F::Server::Simple module is required to enable U2F"
                 ) if ($@);
             }
 
@@ -475,7 +470,7 @@ sub tests {
             if ( $conf->{yubikey2fActivation} ) {
                 eval "use Auth::Yubikey_WebClient";
                 return ( 1,
-"Auth::Yubikey_WebClient module is required to enable Yubikey"
+                    "Auth::Yubikey_WebClient module is required to enable Yubikey"
                 ) if ($@);
             }
 
@@ -489,7 +484,7 @@ sub tests {
             my $w = "";
             foreach ( 'totp', 'u' ) {
                 $w .= uc($_) . "2F is activated twice \n"
-                  if ( $conf->{ $_ . '2fActivation' } eq '1' );
+                    if ( $conf->{ $_ . '2fActivation' } eq '1' );
             }
             return ( 1, ( $w ? $w : () ) );
         },
@@ -500,9 +495,9 @@ sub tests {
             return 1 unless ( defined $conf->{totp2fDigits} );
             return (
                 1,
-                ( (
-                             $conf->{totp2fDigits} == 6
-                          or $conf->{totp2fDigits} == 8
+                (
+                    (          $conf->{totp2fDigits} == 6
+                            or $conf->{totp2fDigits} == 8
                     )
                     ? ''
                     : 'TOTP should be 6 or 8 digits long'
@@ -514,9 +509,9 @@ sub tests {
         totp2fParams => sub {
             return 1 unless ( $conf->{totp2fActivation} );
             return ( 0, 'TOTP range must be defined' )
-              unless ( $conf->{totp2fRange} );
+                unless ( $conf->{totp2fRange} );
             return ( 1, "TOTP interval should be higher than 10s" )
-              unless ( $conf->{totp2fInterval} > 10 );
+                unless ( $conf->{totp2fInterval} > 10 );
 
             # Return
             return 1;
@@ -527,12 +522,11 @@ sub tests {
         yubikey2fParams => sub {
             return 1 unless ( $conf->{yubikey2fActivation} );
             return ( 0, "Yubikey client ID and secret key must be set" )
-              unless ( defined $conf->{yubikey2fSecretKey}
+                unless ( defined $conf->{yubikey2fSecretKey}
                 && defined $conf->{yubikey2fClientID} );
             return (
                 1,
-                (
-                    ( $conf->{yubikey2fPublicIDSize} == 12 )
+                (   ( $conf->{yubikey2fPublicIDSize} == 12 )
                     ? ''
                     : 'Yubikey public ID size should be 12 digits long'
                 )
@@ -543,7 +537,7 @@ sub tests {
         rest2fVerifyUrl => sub {
             return 1 unless ( $conf->{rest2fActivation} );
             return ( 0, "REST 2F Verify URL must be set" )
-              unless ( defined $conf->{rest2fVerifyUrl} );
+                unless ( defined $conf->{rest2fVerifyUrl} );
 
             # Return
             return 1;
@@ -557,15 +551,16 @@ sub tests {
             my $ok  = 0;
             foreach (qw(u totp yubikey)) {
                 $ok ||= $conf->{ $_ . '2fActivation' }
-                  && $conf->{ $_ . '2fSelfRegistration' };
+                    && $conf->{ $_ . '2fSelfRegistration' };
                 last if ($ok);
             }
 
             $ok ||= $conf->{'utotp2fActivation'}
-              && ( $conf->{'u2fSelfRegistration'}
+                && ( $conf->{'u2fSelfRegistration'}
                 || $conf->{'totp2fSelfRegistration'} );
-            $msg = "A self registrable module should be enabled to require 2FA"
-              unless ($ok);
+            $msg
+                = "A self registrable module should be enabled to require 2FA"
+                unless ($ok);
 
             return ( 1, $msg );
         },
@@ -573,9 +568,12 @@ sub tests {
         # Error if external 2F Send or Validate command is missing
         ext2fCommands => sub {
             return 1 unless ( $conf->{ext2fActivation} );
-            return ( 0, "External 2F Send or Validate command must be set" )
-              unless ( defined $conf->{ext2FSendCommand}
-                && defined $conf->{ext2FValidateCommand} );
+            return ( 0, "External 2F Send command must be set" )
+                unless ( defined $conf->{ext2FSendCommand} );
+            unless ( defined $conf->{ext2fCodeActivation} ) {
+                return ( 0, "External 2F Validate command must be set" )
+                    unless ( defined $conf->{ext2FValidateCommand} );
+            }
 
             # Return
             return 1;
@@ -585,9 +583,9 @@ sub tests {
         formTimeout => sub {
             return 1 unless ( defined $conf->{formTimeout} );
             return ( 0, "XSRF form token TTL must be higher than 30s" )
-              unless ( $conf->{formTimeout} > 30 );
+                unless ( $conf->{formTimeout} > 30 );
             return ( 1, "XSRF form token TTL should not be higher than 2mn" )
-              if ( $conf->{formTimeout} > 120 );
+                if ( $conf->{formTimeout} > 120 );
 
             # Return
             return 1;
@@ -596,8 +594,9 @@ sub tests {
         # Warn if number of password reset retries is null
         passwordResetRetries => sub {
             return 1 unless ( $conf->{portalDisplayResetPassword} );
-            return ( 1, "Number of reset password retries should not be null" )
-              unless ( $conf->{passwordResetAllowedRetries} );
+            return ( 1,
+                "Number of reset password retries should not be null" )
+                unless ( $conf->{passwordResetAllowedRetries} );
 
             # Return
             return 1;
@@ -607,10 +606,10 @@ sub tests {
         bruteForceProtection => sub {
             return 1 unless ( $conf->{bruteForceProtection} );
             return ( 1,
-'"History" plugin is required to enable "BruteForceProtection" plugin'
+                '"History" plugin is required to enable "BruteForceProtection" plugin'
             ) unless ( $conf->{loginHistoryEnabled} );
             return ( 1,
-'Number of failed logins must be higher than 2 to enable "BruteForceProtection" plugin'
+                'Number of failed logins must be higher than 2 to enable "BruteForceProtection" plugin'
             ) unless ( $conf->{failedLoginNumber} > 2 );
 
             # Return
@@ -621,9 +620,9 @@ sub tests {
         checkMailResetSecurity => sub {
             return 1 unless ( $conf->{portalDisplayResetPassword} );
             return ( -1,
-'"passwordMailReset" plugin is enabled without CSRF Token neither Captcha required !!!'
-              )
-              unless ( $conf->{requireToken}
+                '"passwordMailReset" plugin is enabled without CSRF Token neither Captcha required !!!'
+                )
+                unless ( $conf->{requireToken}
                 or $conf->{captcha_mail_enabled} );
 
             # Return

From c73c7df989d3f7c8fbb9ec61f6c9389d3b1e02b6 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 16 Feb 2019 22:41:00 +0100
Subject: [PATCH 12/58] Update langs (#1632)

---
 lemonldap-ng-manager/site/htdocs/static/languages/ar.json | 2 +-
 lemonldap-ng-manager/site/htdocs/static/languages/de.json | 2 +-
 lemonldap-ng-manager/site/htdocs/static/languages/en.json | 2 +-
 lemonldap-ng-manager/site/htdocs/static/languages/fr.json | 2 +-
 lemonldap-ng-manager/site/htdocs/static/languages/it.json | 2 +-
 lemonldap-ng-manager/site/htdocs/static/languages/vi.json | 2 +-
 lemonldap-ng-manager/site/htdocs/static/languages/zh.json | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
index aa8c52896..804120dc7 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@@ -243,7 +243,7 @@
 "exportedVars":"المتغيرات المصدرة",
 "external2f":"External second factor",
 "ext2fActivation":"تفعيل",
-"ext2fCodeActivation":"2F code generated by Portal",
+"ext2fCodeActivation":"Code regex",
 "ext2fAuthnLevel":"مستوى إثبات الهوية",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"إرسال الأمر",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
index e7e9ff62b..81f0e55a3 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
@@ -243,7 +243,7 @@
 "exportedVars":"Exported Variables",
 "external2f":"External second factor",
 "ext2fActivation":"Activation",
-"ext2fCodeActivation":"2F code generated by Portal",
+"ext2fCodeActivation":"Code regex",
 "ext2fAuthnLevel":"Authentication level",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Send comand",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
index f20566515..6633c90e1 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@@ -243,7 +243,7 @@
 "exportedVars":"Exported Variables",
 "external2f":"External second factor",
 "ext2fActivation":"Activation",
-"ext2fCodeActivation":"2F code generated by Portal",
+"ext2fCodeActivation":"Code regex",
 "ext2fAuthnLevel":"Authentication level",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Send comand",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
index badf898c1..42e05005e 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@@ -243,7 +243,7 @@
 "exportedVars":"Attributs à exporter",
 "external2f":"Second facteur externe",
 "ext2fActivation":"Activation",
-"ext2fCodeActivation":"2F code généré par le Portail",
+"ext2fCodeActivation":"Expression régulière pour la génération du code",
 "ext2fAuthnLevel":"Niveau de l'authentification",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Commande pour l'envoi",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
index 226cd66ba..35132a93d 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@@ -243,7 +243,7 @@
 "exportedVars":"Variabili esportate",
 "external2f":"2° fattore esterno",
 "ext2fActivation":"Attivazione",
-"ext2fCodeActivation":"2F code generated by Portal",
+"ext2fCodeActivation":"Code regex",
 "ext2fAuthnLevel":"Livello di autenticazione",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Invia comando",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
index 4b98a006b..98c93d585 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@@ -243,7 +243,7 @@
 "exportedVars":"Biến đã được xuất",
 "external2f":"Yếu tố thứ 2 bên ngoài",
 "ext2fActivation":"Kích hoạt",
-"ext2fCodeActivation":"2F code generated by Portal",
+"ext2fCodeActivation":"Code regex",
 "ext2fAuthnLevel":"Mức xác thực",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Gửi lệnh",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
index ca3c54ac1..1ca5cdda9 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
@@ -243,7 +243,7 @@
 "exportedVars":"Exported Variables",
 "external2f":"External second factor",
 "ext2fActivation":"激活",
-"ext2fCodeActivation":"2F code generated by Portal",
+"ext2fCodeActivation":"Code regex",
 "ext2fAuthnLevel":"认证级别",
 "ext2fLogo":"Logo",
 "ext2FSendCommand":"Send comand",

From 9679a671634a019dc56e41a569e3f41a8437b327 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 16 Feb 2019 22:42:08 +0100
Subject: [PATCH 13/58] Tidy (#1632)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
index 9e6968c1c..c8d04366c 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
@@ -66,8 +66,9 @@ sub run {
     # Prepare command and launch it
     $self->logger->debug( 'Launching "Send" external 2F command -> '
             . $self->conf->{ext2FSendCommand} );
-    if ( my $c
-        = $self->launch( $req->sessionInfo, $self->conf->{ext2FSendCommand}, $code )
+    if (my $c = $self->launch(
+            $req->sessionInfo, $self->conf->{ext2FSendCommand}, $code
+        )
         )
     {
         $self->logger->error("External send command failed (code $c)");

From 16cb5693dc41b55b5d88c7f2d8db503a12bd15a2 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 16 Feb 2019 23:37:17 +0100
Subject: [PATCH 14/58] WIP - Load default template if does not exist (#1653)

---
 lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
index 99d2ca74c..c606cf0ac 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
@@ -242,6 +242,9 @@ sub sendHtml {
     $args{headers} ||= $req->respHeaders || [];
     my $htpl;
     $template = ( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
+    unless (-f $template){
+        $template = $self->templateDir . "/bootstrap/$template.tpl";
+    }
     return $self->sendError( $req, "Unable to read $template", 500 )
       unless ( -r $template and -f $template );
     eval {

From 93295f2035dc4ea9e8222a4fa80c975291c4a9ec Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 17 Feb 2019 22:20:51 +0100
Subject: [PATCH 15/58] Load default template if does not exist (#1653)

---
 lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
index c606cf0ac..27f2545a2 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
@@ -241,9 +241,12 @@ sub sendHtml {
     $args{code} ||= 200;
     $args{headers} ||= $req->respHeaders || [];
     my $htpl;
+    my $tmpl = $template;
     $template = ( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
     unless (-f $template){
-        $template = $self->templateDir . "/bootstrap/$template.tpl";
+        $self->logger->debug("$template NOT found!!!");
+        $template = $self->conf->{templateDir} . '/bootstrap/' . "$tmpl.tpl";
+        $self->logger->debug("-> Try to load $template");
     }
     return $self->sendError( $req, "Unable to read $template", 500 )
       unless ( -r $template and -f $template );

From 8ccb4571d3daa35d03e27f05f4df3b30717b54b8 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 17 Feb 2019 22:27:53 +0100
Subject: [PATCH 16/58] Update MANIFEST

---
 lemonldap-ng-portal/MANIFEST | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST
index 13965c3f2..70c73d52c 100644
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@@ -496,21 +496,22 @@ t/66-CDA-already-auth.t
 t/66-CDA-with-REST.t
 t/66-CDA-with-SOAP.t
 t/66-CDA.t
-t/70-2F-TOTP-with-HISTORY.t
+t/70-2F-TOTP-with-History.t
 t/70-2F-TOTP.t
 t/70-2F-TOTP_8.t
-t/71-2F-U2F-with-HISTORY.t
+t/71-2F-U2F-with-History.t
 t/71-2F-U2F.t
 t/72-2F-REST-with-HISTORY.t
-t/73-2F-UTOTP-TOTP-and-U2F-with-HISTORY.t
+t/73-2F-UTOTP-TOTP-and-U2F-with-History.t
 t/73-2F-UTOTP-TOTP-and-U2F.t
-t/73-2F-UTOTP-TOTP-only-with-HISTORY.t
+t/73-2F-UTOTP-TOTP-only-with-History.t
 t/73-2F-UTOTP-TOTP-only.t
 t/74-2F-Required.t
 t/75-2F-Registers.t
 t/76-2F-Ext-with-BruteForce.t
+t/76-2F-Ext-with-CodeActivation.t
 t/76-2F-Ext-with-GrantSession.t
-t/76-2F-Ext-with-HISTORY.t
+t/76-2F-Ext-with-History.t
 t/77-2F-Mail.t
 t/90-Translations.t
 t/99-pod.t
@@ -525,6 +526,7 @@ t/lmConf-1.json
 t/pdata.pm
 t/README.md
 t/saml-lib.pm
+t/sendCode.pl
 t/sendOTP.pl
 t/sessions/lock/.exists
 t/sessions/saml/lock/.exists

From 063c0f0d1be41a7a7efb13982188805cba8aef6a Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 18 Feb 2019 20:39:47 +0100
Subject: [PATCH 17/58] Partial revert - Modify Portal side is more consistent
 (#1653)

---
 .../lib/Lemonldap/NG/Common/PSGI.pm           |   6 -
 .../lib/Lemonldap/NG/Portal/Main/Run.pm       | 201 +++++++++---------
 2 files changed, 100 insertions(+), 107 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
index 27f2545a2..99d2ca74c 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
@@ -241,13 +241,7 @@ sub sendHtml {
     $args{code} ||= 200;
     $args{headers} ||= $req->respHeaders || [];
     my $htpl;
-    my $tmpl = $template;
     $template = ( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
-    unless (-f $template){
-        $self->logger->debug("$template NOT found!!!");
-        $template = $self->conf->{templateDir} . '/bootstrap/' . "$tmpl.tpl";
-        $self->logger->debug("-> Try to load $template");
-    }
     return $self->sendError( $req, "Unable to read $template", 500 )
       unless ( -r $template and -f $template );
     eval {
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
index 5a6c55ed4..636715f21 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -17,11 +17,11 @@ use strict;
 use URI::Escape;
 
 # List constants
-sub authProcess { qw(extractFormInfo getUser authenticate) }
+sub authProcess {qw(extractFormInfo getUser authenticate)}
 
 sub sessionData {
     qw(setAuthSessionInfo setSessionInfo setMacros setGroups setPersistentSessionInfo
-      setLocalGroups store secondFactor);
+        setLocalGroups store secondFactor);
 }
 
 sub validSession {
@@ -56,11 +56,9 @@ sub handler {
     if ( $sp or %{ $req->pdata } ) {
         my %v = (
             name => $self->conf->{cookieName} . 'pdata',
-            (
-                %{ $req->pdata }
+            (   %{ $req->pdata }
                 ? ( value => uri_escape( JSON::to_json( $req->pdata ) ) )
-                : (
-                    value   => '',
+                : ( value   => '',
                     expires => 'Wed, 21 Oct 2015 00:00:00 GMT'
                 )
             )
@@ -94,8 +92,7 @@ sub login {
     my ( $self, $req ) = @_;
     return $self->do(
         $req,
-        [
-            'controlUrl',        @{ $self->beforeAuth },
+        [   'controlUrl',        @{ $self->beforeAuth },
             $self->authProcess,  @{ $self->betweenAuthAndData },
             $self->sessionData,  @{ $self->afterData },
             $self->validSession, @{ $self->endAuth },
@@ -107,8 +104,7 @@ sub postLogin {
     my ( $self, $req ) = @_;
     return $self->do(
         $req,
-        [
-            'restoreArgs',                  'controlUrl',
+        [   'restoreArgs',                  'controlUrl',
             @{ $self->beforeAuth },         $self->authProcess,
             @{ $self->betweenAuthAndData }, $self->sessionData,
             @{ $self->afterData },          $self->validSession,
@@ -121,8 +117,7 @@ sub authenticatedRequest {
     my ( $self, $req ) = @_;
     return $self->do(
         $req,
-        [
-            'importHandlerData', 'controlUrl',
+        [   'importHandlerData', 'controlUrl',
             'checkLogout',       @{ $self->forAuthUser }
         ]
     );
@@ -132,8 +127,7 @@ sub postAuthenticatedRequest {
     my ( $self, $req ) = @_;
     return $self->do(
         $req,
-        [
-            'importHandlerData', 'restoreArgs',
+        [   'importHandlerData', 'restoreArgs',
             'controlUrl',        'checkLogout',
             @{ $self->forAuthUser }
         ]
@@ -150,8 +144,8 @@ sub refresh {
     foreach ( keys %data ) {
         delete $data{$_} unless ( /^_/ or /^(?:startTime)$/ );
     }
-    $req->steps( [
-            'getUser',
+    $req->steps(
+        [   'getUser',
             @{ $self->betweenAuthAndData },
             'setAuthSessionInfo',
             'setSessionInfo',
@@ -169,21 +163,21 @@ sub refresh {
     if ($res) {
         $req->info(
             $self->loadTemplate(
-                'simpleInfo', params => { trspan => 'rightsReloadNeedsLogout' }
+                'simpleInfo',
+                params => { trspan => 'rightsReloadNeedsLogout' }
             )
         );
         $req->urldc( $self->conf->{portal} );
-        return $self->do( $req, [ sub { PE_INFO } ] );
+        return $self->do( $req, [ sub {PE_INFO} ] );
     }
-    return $self->do( $req, [ sub { PE_OK } ] );
+    return $self->do( $req, [ sub {PE_OK} ] );
 }
 
 sub logout {
     my ( $self, $req ) = @_;
     return $self->do(
         $req,
-        [
-            'controlUrl', @{ $self->beforeLogout },
+        [   'controlUrl', @{ $self->beforeLogout },
             'authLogout', 'deleteSession'
         ]
     );
@@ -200,9 +194,9 @@ sub do {
 
     # Update status
     if ( my $p = $self->HANDLER->tsv->{statusPipe} ) {
-        $p->print( ( $req->user ? $req->user : $req->address ) . ' => '
-              . $req->uri
-              . " $err\n" );
+        $p->print(( $req->user ? $req->user : $req->address ) . ' => '
+                . $req->uri
+                . " $err\n" );
     }
 
     # Update history
@@ -228,16 +222,14 @@ sub do {
         else {
             return $self->sendJSONresponse(
                 $req,
-                {
-                    result => 1,
+                {   result => 1,
                     code   => $err
                 }
             );
         }
     }
     else {
-        if (
-                $err
+        if (    $err
             and $err != PE_LOGOUT_OK
             and (
                 $err != PE_REDIRECT
@@ -246,7 +238,7 @@ sub do {
                     and $req->data->{redirectFormMethod} eq 'post' )
                 or $req->info
             )
-          )
+            )
         {
             my ( $tpl, $prms ) = $self->display($req);
             $self->logger->debug("Calling sendHtml with template $tpl");
@@ -264,21 +256,20 @@ sub do {
 
 sub getModule {
     my ( $self, $req, $type ) = @_;
-    if (
-        my $mod = {
+    if (my $mod = {
             auth     => '_authentication',
             user     => '_userDB',
             password => '_passwordDB'
         }->{$type}
-      )
+        )
     {
         if ( my $sub = $self->$mod->can('name') ) {
             return $sub->( $self->$mod, $req, $type );
         }
         else {
             my $s = ref( $self->$mod );
-            $s =~
-s/^Lemonldap::NG::Portal::(?:(?:Issuer|UserDB|Auth|Password)::)?//;
+            $s
+                =~ s/^Lemonldap::NG::Portal::(?:(?:Issuer|UserDB|Auth|Password)::)?//;
             return $s;
         }
     }
@@ -295,7 +286,7 @@ sub autoRedirect {
 
     # Set redirection URL if needed
     $req->{urldc} ||= $self->conf->{portal}
-      if ( $req->mustRedirect and not( $req->info ) );
+        if ( $req->mustRedirect and not( $req->info ) );
 
     # Redirection should be made if urldc defined
     if ( $req->{urldc} ) {
@@ -305,8 +296,9 @@ sub autoRedirect {
             $req->data->{redirectFormMethod} = "get";
         }
         else {
-            return [ 302,
-                [ Location => $req->{urldc}, @{ $req->respHeaders } ], [] ];
+            return [
+                302, [ Location => $req->{urldc}, @{ $req->respHeaders } ], []
+            ];
         }
     }
     my ( $tpl, $prms ) = $self->display($req);
@@ -326,8 +318,8 @@ sub getApacheSession {
         $self->logger->debug("Try to get a new $args{kind} session");
     }
 
-    my $as = Lemonldap::NG::Common::Session->new( {
-            storageModule        => $self->conf->{globalStorage},
+    my $as = Lemonldap::NG::Common::Session->new(
+        {   storageModule        => $self->conf->{globalStorage},
             storageModuleOptions => $self->conf->{globalStorageOptions},
             cacheModule          => $self->conf->{localSessionStorage},
             cacheModuleOptions   => $self->conf->{localSessionStorageOptions},
@@ -341,8 +333,7 @@ sub getApacheSession {
     if ( my $err = $as->error ) {
         $self->lmLog(
             $err,
-            (
-                $err =~ /(?:Object does not exist|Invalid session ID)/
+            (   $err =~ /(?:Object does not exist|Invalid session ID)/
                 ? 'notice'
                 : 'error'
             )
@@ -357,21 +348,19 @@ sub getApacheSession {
     $self->logger->debug("Get session $id from Portal::Main::Run") if ($id);
     $self->logger->debug(
         "Check session validity  -> " . $self->conf->{timeoutActivity} . "s" )
-      if ( $self->conf->{timeoutActivity} );
+        if ( $self->conf->{timeoutActivity} );
     my $now = time;
-    if (
-            $id
+    if (    $id
         and defined $as->data->{_utime}
         and (
             ( ( $now - $as->data->{_utime} ) > $self->conf->{timeout} )
-            or (
-                    $self->conf->{timeoutActivity}
+            or (    $self->conf->{timeoutActivity}
                 and $as->data->{_lastSeen}
-                and ( ( $now - $as->data->{_lastSeen} ) >
-                    $self->conf->{timeoutActivity} )
+                and ( ( $now - $as->data->{_lastSeen} )
+                    > $self->conf->{timeoutActivity} )
             )
         )
-      )
+        )
     {
         $self->logger->debug("Session $args{kind} $id expired");
         return;
@@ -393,8 +382,8 @@ sub getPersistentSession {
 
     $info->{_session_uid} = $uid;
 
-    my $ps = Lemonldap::NG::Common::Session->new( {
-            storageModule        => $self->conf->{persistentStorage},
+    my $ps = Lemonldap::NG::Common::Session->new(
+        {   storageModule        => $self->conf->{persistentStorage},
             storageModuleOptions => $self->conf->{persistentStorageOptions},
             id                   => $pid,
             force                => 1,
@@ -435,10 +424,11 @@ sub updatePersistentSession {
     # Return if no infos to update
     return () unless ( ref $infos eq 'HASH' and %$infos );
     $uid ||= $req->{sessionInfo}->{ $self->conf->{whatToTrace} }
-      || $req->userData->{ $self->conf->{whatToTrace} };
+        || $req->userData->{ $self->conf->{whatToTrace} };
     $self->logger->debug("Found 'whatToTrace' -> $uid");
     unless ($uid) {
-        $self->logger->debug('No uid found, skipping updatePersistentSession');
+        $self->logger->debug(
+            'No uid found, skipping updatePersistentSession');
         return ();
     }
     $self->logger->debug("Update $uid persistent session");
@@ -480,14 +470,14 @@ sub updateSession {
         foreach ( keys %$infos ) {
             $self->logger->debug(
                 "Update sessionInfo $_ with " . $infos->{$_} );
-            $req->{sessionInfo}->{$_} = $self->HANDLER->data->{$_} =
-              $infos->{$_};
+            $req->{sessionInfo}->{$_} = $self->HANDLER->data->{$_}
+                = $infos->{$_};
         }
 
         # Update session in global storage with _updateTime
         $infos->{_updateTime} = strftime( "%Y%m%d%H%M%S", localtime() );
-        if ( my $apacheSession =
-            $self->getApacheSession( $id, info => $infos ) )
+        if ( my $apacheSession
+            = $self->getApacheSession( $id, info => $infos ) )
         {
             if ( $apacheSession->error ) {
                 $self->logger->error("Cannot update session $id");
@@ -570,10 +560,10 @@ sub isTrustedUrl {
 
 sub stamp {
     my $self = shift;
-    my $res =
-        $self->conf->{cipher}
-      ? $self->conf->{cipher}->encrypt( time() )
-      : 1;
+    my $res
+        = $self->conf->{cipher}
+        ? $self->conf->{cipher}->encrypt( time() )
+        : 1;
     $res =~ s/\+/%2B/g;
     return $res;
 }
@@ -705,7 +695,7 @@ sub cookie {
     $h{path} ||= '/';
     $h{HttpOnly} //= $self->conf->{httpOnly};
     $h{max_age}  //= $self->conf->{cookieExpiration}
-      if ( $self->conf->{cookieExpiration} );
+        if ( $self->conf->{cookieExpiration} );
     foreach (qw(domain path expires max_age HttpOnly)) {
         my $f = $_;
         $f =~ s/_/-/g;
@@ -726,16 +716,24 @@ sub _dump {
 
 sub sendHtml {
     my ( $self, $req, $template, %args ) = @_;
+
     $args{params}->{TROVER} = $self->trOver;
-    $args{templateDir} =
-      $self->conf->{templateDir} . '/' . $self->getSkin($req);
+    $args{templateDir}
+        = $self->conf->{templateDir} . '/' . $self->getSkin($req);
+    my $tmpl = $args{templateDir} . "/$template.tpl";
+    unless ( -f $tmpl ) {
+        $self->logger->debug("Template : $tmpl NOT found!!!");
+        $args{templateDir} = $self->conf->{templateDir} . '/bootstrap';
+        $tmpl = $args{templateDir} . "/$template.tpl";
+        $self->logger->debug("-> Trying to load $tmpl");
+    }
     my $res = $self->SUPER::sendHtml( $req, $template, %args );
     push @{ $res->[1] },
-      'X-XSS-Protection'       => '1; mode=block',
-      'X-Content-Type-Options' => 'nosniff',
-      'Cache-Control'          => 'no-cache, no-store, must-revalidate',# HTTP 1.1
-      'Pragma'                 => 'no-cache',                           # HTTP 1.0
-      'Expires'                => '0';                                  # Proxies
+        'X-XSS-Protection'       => '1; mode=block',
+        'X-Content-Type-Options' => 'nosniff',
+        'Cache-Control' => 'no-cache, no-store, must-revalidate',   # HTTP 1.1
+        'Pragma'        => 'no-cache',                              # HTTP 1.0
+        'Expires'       => '0';                                     # Proxies
 
     # Set authorized URL for POST
     my $csp = $self->csp . "form-action " . $self->conf->{cspFormAction};
@@ -749,13 +747,14 @@ sub sendHtml {
     if ( defined $url ) {
         $self->logger->debug("Required Params URL : $url");
         if ( $url =~ s#(https?://[^/]+).*#$1# ) {
-            $self->logger->debug("Set CSP form-action with Params URL : $url");
+            $self->logger->debug(
+                "Set CSP form-action with Params URL : $url");
             $csp .= " $url";
         }
     }
     if ( defined $req->{cspFormAction} ) {
-        $self->logger->debug(
-            "Set CSP form-action with request URL: " . $req->{cspFormAction} );
+        $self->logger->debug( "Set CSP form-action with request URL: "
+                . $req->{cspFormAction} );
         $csp .= " " . $req->{cspFormAction};
     }
 
@@ -781,7 +780,7 @@ sub sendHtml {
     my @url;
     if ( $req->info ) {
         @url = map { s#https?://([^/]+).*#$1#; $_ }
-          ( $req->info =~ /<iframe.*?src="(.*?)"/sg );
+            ( $req->info =~ /<iframe.*?src="(.*?)"/sg );
     }
     if (@url) {
         $csp .= join( ' ', 'child-src', @url ) . ';';
@@ -797,18 +796,17 @@ sub sendCss {
     my ( $self, $req ) = @_;
     my $s = '/* LL::NG Portal CSS */';
     if ( $self->conf->{portalSkinBackground} ) {
-        $s .=
-            'html,body{background:url("'
-          . $self->staticPrefix
-          . '/common/backgrounds/'
-          . $self->conf->{portalSkinBackground}
-          . '") no-repeat center fixed;'
-          . 'background-size:cover;}';
+        $s
+            .= 'html,body{background:url("'
+            . $self->staticPrefix
+            . '/common/backgrounds/'
+            . $self->conf->{portalSkinBackground}
+            . '") no-repeat center fixed;'
+            . 'background-size:cover;}';
     }
     return [
         200,
-        [
-            'Content-Type'   => 'text/css',
+        [   'Content-Type'   => 'text/css',
             'Content-Length' => length($s),
             'Cache-Control'  => 'public,max-age=3600',
         ],
@@ -832,16 +830,16 @@ sub lmError {
 
     # Error code
     $templateParams{"ERROR$_"} = ( $httpError == $_ ? 1 : 0 )
-      foreach ( 403, 404, 500, 502, 503 );
+        foreach ( 403, 404, 500, 502, 503 );
     return $self->sendHtml( $req, 'error', params => \%templateParams );
 }
 
 sub rebuildCookies {
     my ( $self, $req ) = @_;
     my @tmp;
-    for ( my $i = 0 ; $i < @{ $req->{respHeaders} } ; $i += 2 ) {
+    for ( my $i = 0; $i < @{ $req->{respHeaders} }; $i += 2 ) {
         push @tmp, $req->respHeaders->[0], $req->respHeaders->[1]
-          unless ( $req->respHeaders->[0] eq 'Set-Cookie' );
+            unless ( $req->respHeaders->[0] eq 'Set-Cookie' );
     }
     $req->{respHeaders} = \@tmp;
     $self->buildCookie($req);
@@ -856,8 +854,8 @@ sub tplParams {
     $portalPath =~ s#[^/]+\.fcgi$##;
 
     for my $session_key ( keys %{ $req->{sessionInfo} } ) {
-        $templateParams{ "session_" . $session_key } =
-          $req->{sessionInfo}->{$session_key};
+        $templateParams{ "session_" . $session_key }
+            = $req->{sessionInfo}->{$session_key};
     }
 
     for my $env_key ( keys %{ $req->env } ) {
@@ -878,7 +876,7 @@ sub tplParams {
 sub registerLogin {
     my ( $self, $req ) = @_;
     return
-      unless ( $self->conf->{loginHistoryEnabled}
+        unless ( $self->conf->{loginHistoryEnabled}
         and defined $req->authResult );
     my $history = $req->sessionInfo->{_loginHistory} ||= {};
     my $type = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login';
@@ -888,17 +886,18 @@ sub registerLogin {
     # Gather current login's parameters
     my $login = $self->_sumUpSession( $req->{sessionInfo}, 1 );
     $login->{error} = $self->error( $req->authResult )
-      if ( $req->authResult );
+        if ( $req->authResult );
 
     $self->logger->debug( " Current login -> " . $login->{error} )
-      if ( $login->{error} );
+        if ( $login->{error} );
 
     # Add current login into history
     unshift @{ $history->{$type} }, $login;
 
     # Forget oldest logins
     splice @{ $history->{$type} }, $self->conf->{ $type . "Number" }
-      if ( scalar @{ $history->{$type} } > $self->conf->{ $type . "Number" } );
+        if (
+        scalar @{ $history->{$type} } > $self->conf->{ $type . "Number" } );
 
     # Save into persistent session
     $self->updatePersistentSession( $req, { _loginHistory => $history, } );
@@ -911,12 +910,12 @@ sub registerLogin {
 # @return hashref
 sub _sumUpSession {
     my ( $self, $session, $withoutUser ) = @_;
-    my $res =
-      $withoutUser
-      ? {}
-      : { user => $session->{ $self->conf->{whatToTrace} } };
+    my $res
+        = $withoutUser
+        ? {}
+        : { user => $session->{ $self->conf->{whatToTrace} } };
     $res->{$_} = $session->{$_}
-      foreach ( "_utime", "ipAddr",
+        foreach ( "_utime", "ipAddr",
         keys %{ $self->conf->{sessionDataToRemember} } );
     return $res;
 }
@@ -925,12 +924,12 @@ sub _sumUpSession {
 sub loadTemplate {
     my ( $self, $name, %prm ) = @_;
     $name .= '.tpl';
-    my $file =
-        $self->conf->{templateDir} . '/'
-      . $self->conf->{portalSkin} . '/'
-      . $name;
+    my $file
+        = $self->conf->{templateDir} . '/'
+        . $self->conf->{portalSkin} . '/'
+        . $name;
     $file = $self->conf->{templateDir} . '/common/' . $name
-      unless ( -e $file );
+        unless ( -e $file );
     unless ( -e $file ) {
         die "Unable to find $name in $self->conf->{templateDir}";
     }

From 9134fc9eeb3d449d08abff4d521745e17f2c3b95 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 19 Feb 2019 14:57:50 +0100
Subject: [PATCH 18/58] Update portal-nginx.conf

---
 _example/etc/portal-nginx.conf | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/_example/etc/portal-nginx.conf b/_example/etc/portal-nginx.conf
index 07aa35e1f..d96eccc43 100644
--- a/_example/etc/portal-nginx.conf
+++ b/_example/etc/portal-nginx.conf
@@ -1,3 +1,10 @@
+## map directive must be in http context
+# Uncomment this if you use Auth SSL:
+#map $ssl_client_s_dn  $ssl_client_s_dn_cn {
+#  default           "";
+#  ~/CN=(?<CN>[^/]+) $CN;
+#}
+
 server {
   listen __PORT__;
   server_name auth.__DNSDOMAIN__;
@@ -29,11 +36,7 @@ server {
     fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
     fastcgi_param PATH_INFO  $fastcgi_path_info;
     # Uncomment this if you use Auth SSL:
-    #map $ssl_client_s_dn  $ssl_client_s_dn_cn {
-    #  default           "";
-    #  ~/CN=(?<CN>[^/]+) $CN;
-    #}
-    #fastcgi_param  SSL_CLIENT_S_DN_CN $ssl_client_s_dn_cn
+    #fastcgi_param  SSL_CLIENT_S_DN_CN $ssl_client_s_dn_cn;
 
     # OR TO USE uWSGI
     #include /etc/nginx/uwsgi_params;
@@ -41,6 +44,8 @@ server {
     #uwsgi_param LLTYPE psgi;
     #uwsgi_param SCRIPT_FILENAME $document_root$sc;
     #uwsgi_param SCRIPT_NAME $sc;
+    # Uncomment this if you use Auth SSL:
+    #uwsgi_param  SSL_CLIENT_S_DN_CN $ssl_client_s_dn_cn;
 
   }
 
@@ -49,7 +54,7 @@ server {
     try_files $uri $uri/ =404;
 
     # Uncomment this if you use https only
-    #add_header Strict-Transport-Security "15768000";
+    #add_header Strict-Transport-Security max-age=15768000;
   }
 
   location /static/ {

From 62167a41f19d364079ed995e49894aaf327de3b7 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 19 Feb 2019 17:27:28 +0100
Subject: [PATCH 19/58] Load Portal despite translation file does not exist
 (#1595)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
index 427112d39..7f3bcc60d 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
@@ -97,7 +97,7 @@ sub init {
     );
 
     # Load override messages from file and lemonldap-ng.ini
-    if ( $self->{localConfig}->{translations} ) {
+    if ( $self->{localConfig}->{translations} and -f $self->{localConfig}->{translations} and -r $self->{localConfig}->{translations} ) {
         open my $tr_file, '<', $self->{localConfig}->{translations}
             or die "Can't open"
             . $self->{localConfig}->{translations} . " : $!";

From 28caeea3c212ea40ad23220990920a9ecbfc6fe1 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 19 Feb 2019 20:10:41 +0100
Subject: [PATCH 20/58] Partial revert (#1595)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
index 7f3bcc60d..e278c16ff 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
@@ -97,14 +97,16 @@ sub init {
     );
 
     # Load override messages from file and lemonldap-ng.ini
-    if ( $self->{localConfig}->{translations} and -f $self->{localConfig}->{translations} and -r $self->{localConfig}->{translations} ) {
+    if ( $self->{localConfig}->{translations}
+        and -r $self->{localConfig}->{translations} )
+    {
         open my $tr_file, '<', $self->{localConfig}->{translations}
             or die "Can't open"
             . $self->{localConfig}->{translations} . " : $!";
         while (<$tr_file>) {
             chomp;
             $_ =~ /^([\w_]+)\s+=\s+(.+)$/;
-            $self->{localConfig}->{ $1 } = $2;
+            $self->{localConfig}->{$1} = $2;
         }
         close $tr_file or die "Can't close $tr_file : $!";
     }

From 9377bf9d1b561e06aaf3af43faeccfa987e91708 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 19 Feb 2019 22:51:45 +0100
Subject: [PATCH 21/58] Override msg with local json files (#1595)

---
 lemonldap-ng-portal/site/coffee/portal.coffee                | 1 +
 lemonldap-ng-portal/site/htdocs/static/common/js/portal.js   | 1 +
 .../site/htdocs/static/common/js/portal.min.js               | 2 +-
 lemonldap-ng-portal/site/templates/bootstrap/error.json      | 5 +++++
 lemonldap-ng-portal/site/templates/bootstrap/error.tpl       | 2 ++
 lemonldap-ng-portal/site/templates/bootstrap/login.json      | 5 +++++
 lemonldap-ng-portal/site/templates/bootstrap/login.tpl       | 1 +
 lemonldap-ng-portal/site/templates/localeTranslations.txt    | 1 +
 8 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 lemonldap-ng-portal/site/templates/bootstrap/error.json
 create mode 100644 lemonldap-ng-portal/site/templates/bootstrap/login.json

diff --git a/lemonldap-ng-portal/site/coffee/portal.coffee b/lemonldap-ng-portal/site/coffee/portal.coffee
index a18750b3c..d78cb0829 100644
--- a/lemonldap-ng-portal/site/coffee/portal.coffee
+++ b/lemonldap-ng-portal/site/coffee/portal.coffee
@@ -53,6 +53,7 @@ getValues = () ->
 		catch e
 			console.log 'Parsing error', e
 			console.log 'JSON', $(this).text()
+	console.log values
 	values
 
 # Code from http://snipplr.com/view/29434/
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
index cba8524f1..889a3dc70 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
@@ -78,6 +78,7 @@ LemonLDAP::NG Portal jQuery scripts
         return console.log('JSON', $(this).text());
       }
     });
+    console.log(values);
     return values;
   };
 
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
index 62767de42..2e7652979 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
@@ -1 +1 @@
-(function(){var datas,delKey,getCookie,getValues,isHiddenFormValueSet,ping,removeOidcConsent,restoreOrder,setCookie,setKey,setOrder,setSelector,translate,translatePage,translationFields,indexOf=[].indexOf||function(item){for(var i=0,l=this.length;i<l;i++){if(i in this&&this[i]===item)return i}return-1};translationFields={};translatePage=function(lang){return $.getJSON(window.staticPrefix+"languages/"+lang+".json",function(data){var k,ref,ref1,v;translationFields=data;ref=window.datas.trOver.all;for(k in ref){v=ref[k];translationFields[k]=v}if(window.datas.trOver[lang]){ref1=window.datas.trOver[lang];for(k in ref1){v=ref1[k];translationFields[k]=v}}$("[trspan]").each(function(){var args,i,len,txt;args=$(this).attr("trspan").split(",");txt=translate(args.shift());for(i=0,len=args.length;i<len;i++){v=args[i];txt=txt.replace(/%[sd]/,v)}return $(this).text(txt)});$("[trmsg]").each(function(){return $(this).text(translate("PE"+$(this).attr("trmsg")))});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",translate($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var d;d=new Date($(this).attr("localtime")*1e3);return $(this).text(d.toLocaleString())})})};translate=function(str){if(translationFields[str]){return translationFields[str]}else{return str}};window.translate=translate;getValues=function(){var values;values={};$("script[type='application/init']").each(function(){var e,k,results,tmp;try{tmp=JSON.parse($(this).text());results=[];for(k in tmp){results.push(values[k]=tmp[k])}return results}catch(error1){e=error1;console.log("Parsing error",e);return console.log("JSON",$(this).text())}});return values};setSelector="#appslist";setOrder=function(){return setKey("_appsListOrder",$(setSelector).sortable("toArray").join())};removeOidcConsent=function(partner){var e;e=function(j,s,e){return alert(s+" "+e)};return delKey("_oidcConsents",partner,function(){return $("[partner='"+partner+"']").hide()},e)};setKey=function(key,val,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){var d;d={token:data.token};d[key]=val;return $.ajax({type:"PUT",url:datas["scriptname"]+"/mysession/persistent",dataType:"json",data:d,success:success,error:error})}})};delKey=function(key,sub,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){return $.ajax({type:"DELETE",url:datas["scriptname"]+"/mysession/persistent/"+key+"?sub="+sub+"&token="+data.token,dataType:"json",success:success,error:error})}})};restoreOrder=function(){var IDs,child,i,item,itemID,items,l,len,len1,list,rebuild,savedOrd,v;list=$(setSelector);if(!(list!=null&&datas["appslistorder"])){return null}IDs=datas["appslistorder"].split(",");items=list.sortable("toArray");rebuild=[];for(i=0,len=items.length;i<len;i++){v=items[i];rebuild[v]=v}for(l=0,len1=IDs.length;l<len1;l++){itemID=IDs[l];if(rebuild[itemID]){item=rebuild[itemID];child=$(setSelector+".ui-sortable").children("#"+item);savedOrd=$(setSelector+".ui-sortable").children("#"+itemID);child.remove();$(setSelector+".ui-sortable").filter(":first").append(savedOrd)}}return 1};isHiddenFormValueSet=function(option){return $("#lmhidden_"+option).length};ping=function(){return $.ajax({type:"POST",url:datas["scriptname"],data:{ping:1},dataType:"json",success:function(data){if(data.result!=null&&data.result===1){return setTimeout(ping,datas["pingInterval"])}else{return location.reload(true)}},error:function(j,t,e){return location.reload(true)}})};window.ping=ping;getCookie=function(cname){var c,ca,i,len,name,re;name=cname+"=";ca=decodeURIComponent(document.cookie).split(";");re=new RegExp("^ *"+cname+"=");for(i=0,len=ca.length;i<len;i++){c=ca[i];if(c.match(re)){c=c.replace(re,"");return c}}return""};setCookie=function(name,value,exdays){var d;d=new Date;d.setTime(d.getTime()+exdays*864e5);return document.cookie=name+"="+value+"; expires="+d.toUTCString()+"; path=/"};datas={};$(document).ready(function(){var action,al,authMenuTabs,back_url,i,l,lang,langdiv,langs,langs2,len,len1,len2,len3,link,m,menuIndex,menuTabs,method,n,nl,nlangs,re,ref,ref1,ref2;datas=getValues();window.datas=datas;if(datas["antiframe"]&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:.5,revert:true,items:"> div.category",update:function(){return setOrder()}});restoreOrder();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-((new Date).getTimezoneOffset()/60));menuTabs=$("#menu").tabs({active:0});menuIndex=$('#menu a[href="#'+datas["displaytab"]+'"]').parent().index();if(menuIndex<0){menuIndex=0}menuTabs.tabs("option","active",menuIndex);authMenuTabs=$("#authMenu").tabs({active:0});if(datas["choicetab"]){authMenuTabs.tabs("option","active",$('#authMenu a[href="#'+datas["choicetab"]+'"]').parent().index())}if(datas["login"]){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(datas["newwindow"]){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){action=$("form.login").attr("action");method=$("form.login").attr("method");back_url="";if(action.indexOf("?")!==-1){action.substring(0,action.indexOf("?"))+"?"}else{back_url=action+"?"}$("form.login input[type=hidden]").each(function(index){return back_url+="&"+$(this).attr("name")+"="+$(this).val()});link=$("p.removeOther a").attr("href")+"&method="+method+"&url="+btoa(back_url);$("p.removeOther a").attr("href",link)}lang=getCookie("llnglanguage");if(!lang){if(navigator){langs=[];langs2=[];nlangs=[navigator.language];if(navigator.languages){nlangs=navigator.languages}ref=window.availableLanguages;for(i=0,len=ref.length;i<len;i++){al=ref[i];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}for(l=0,len1=nlangs.length;l<len1;l++){nl=nlangs[l];console.log("Navigator lang",nl);ref1=window.availableLanguages;for(m=0,len2=ref1.length;m<len2;m++){al=ref1[m];console.log(" Available lang",al);re=new RegExp("^"+al+"-?");if(nl.match(re)){console.log("  Matching lang =",al);langs.push(al)}else if(al.substring(0,1)===nl.substring(0,1)){langs2.push(al)}}}lang=langs[0]?langs[0]:langs2[0]?langs2[0]:window.availableLanguages[0]}else{lang=window.availableLanguages[0]}}else if(indexOf.call(window.availableLanguages,lang)<0){lang=window.availableLanguages[0]}console.log("Selected lang ->",lang);setCookie("llnglanguage",lang);translatePage(lang);langdiv="";ref2=window.availableLanguages;for(n=0,len3=ref2.length;n<len3;n++){al=ref2[n];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}$("#languages").html(langdiv);$(".langicon").on("click",function(){lang=$(this).attr("title");setCookie("llnglanguage",lang);return translatePage(lang)});if(datas["pingInterval"]&&datas["pingInterval"]>0){window.setTimeout(ping,datas["pingInterval"])}$(".localeDate").each(function(){var s;s=new Date($(this).attr("val")*1e3);return $(this).text(s.toLocaleString())});return $(".oidcConsent").on("click",function(){return removeOidcConsent($(this).attr("partner"))})})}).call(this);
+(function(){var datas,delKey,getCookie,getValues,isHiddenFormValueSet,ping,removeOidcConsent,restoreOrder,setCookie,setKey,setOrder,setSelector,translate,translatePage,translationFields,indexOf=[].indexOf||function(item){for(var i=0,l=this.length;i<l;i++){if(i in this&&this[i]===item)return i}return-1};translationFields={};translatePage=function(lang){return $.getJSON(window.staticPrefix+"languages/"+lang+".json",function(data){var k,ref,ref1,v;translationFields=data;ref=window.datas.trOver.all;for(k in ref){v=ref[k];translationFields[k]=v}if(window.datas.trOver[lang]){ref1=window.datas.trOver[lang];for(k in ref1){v=ref1[k];translationFields[k]=v}}$("[trspan]").each(function(){var args,i,len,txt;args=$(this).attr("trspan").split(",");txt=translate(args.shift());for(i=0,len=args.length;i<len;i++){v=args[i];txt=txt.replace(/%[sd]/,v)}return $(this).text(txt)});$("[trmsg]").each(function(){return $(this).text(translate("PE"+$(this).attr("trmsg")))});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",translate($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var d;d=new Date($(this).attr("localtime")*1e3);return $(this).text(d.toLocaleString())})})};translate=function(str){if(translationFields[str]){return translationFields[str]}else{return str}};window.translate=translate;getValues=function(){var values;values={};$("script[type='application/init']").each(function(){var e,k,results,tmp;try{tmp=JSON.parse($(this).text());results=[];for(k in tmp){results.push(values[k]=tmp[k])}return results}catch(error1){e=error1;console.log("Parsing error",e);return console.log("JSON",$(this).text())}});console.log(values);return values};setSelector="#appslist";setOrder=function(){return setKey("_appsListOrder",$(setSelector).sortable("toArray").join())};removeOidcConsent=function(partner){var e;e=function(j,s,e){return alert(s+" "+e)};return delKey("_oidcConsents",partner,function(){return $("[partner='"+partner+"']").hide()},e)};setKey=function(key,val,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){var d;d={token:data.token};d[key]=val;return $.ajax({type:"PUT",url:datas["scriptname"]+"/mysession/persistent",dataType:"json",data:d,success:success,error:error})}})};delKey=function(key,sub,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){return $.ajax({type:"DELETE",url:datas["scriptname"]+"/mysession/persistent/"+key+"?sub="+sub+"&token="+data.token,dataType:"json",success:success,error:error})}})};restoreOrder=function(){var IDs,child,i,item,itemID,items,l,len,len1,list,rebuild,savedOrd,v;list=$(setSelector);if(!(list!=null&&datas["appslistorder"])){return null}IDs=datas["appslistorder"].split(",");items=list.sortable("toArray");rebuild=[];for(i=0,len=items.length;i<len;i++){v=items[i];rebuild[v]=v}for(l=0,len1=IDs.length;l<len1;l++){itemID=IDs[l];if(rebuild[itemID]){item=rebuild[itemID];child=$(setSelector+".ui-sortable").children("#"+item);savedOrd=$(setSelector+".ui-sortable").children("#"+itemID);child.remove();$(setSelector+".ui-sortable").filter(":first").append(savedOrd)}}return 1};isHiddenFormValueSet=function(option){return $("#lmhidden_"+option).length};ping=function(){return $.ajax({type:"POST",url:datas["scriptname"],data:{ping:1},dataType:"json",success:function(data){if(data.result!=null&&data.result===1){return setTimeout(ping,datas["pingInterval"])}else{return location.reload(true)}},error:function(j,t,e){return location.reload(true)}})};window.ping=ping;getCookie=function(cname){var c,ca,i,len,name,re;name=cname+"=";ca=decodeURIComponent(document.cookie).split(";");re=new RegExp("^ *"+cname+"=");for(i=0,len=ca.length;i<len;i++){c=ca[i];if(c.match(re)){c=c.replace(re,"");return c}}return""};setCookie=function(name,value,exdays){var d;d=new Date;d.setTime(d.getTime()+exdays*864e5);return document.cookie=name+"="+value+"; expires="+d.toUTCString()+"; path=/"};datas={};$(document).ready(function(){var action,al,authMenuTabs,back_url,i,l,lang,langdiv,langs,langs2,len,len1,len2,len3,link,m,menuIndex,menuTabs,method,n,nl,nlangs,re,ref,ref1,ref2;datas=getValues();window.datas=datas;if(datas["antiframe"]&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:.5,revert:true,items:"> div.category",update:function(){return setOrder()}});restoreOrder();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-((new Date).getTimezoneOffset()/60));menuTabs=$("#menu").tabs({active:0});menuIndex=$('#menu a[href="#'+datas["displaytab"]+'"]').parent().index();if(menuIndex<0){menuIndex=0}menuTabs.tabs("option","active",menuIndex);authMenuTabs=$("#authMenu").tabs({active:0});if(datas["choicetab"]){authMenuTabs.tabs("option","active",$('#authMenu a[href="#'+datas["choicetab"]+'"]').parent().index())}if(datas["login"]){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(datas["newwindow"]){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){action=$("form.login").attr("action");method=$("form.login").attr("method");back_url="";if(action.indexOf("?")!==-1){action.substring(0,action.indexOf("?"))+"?"}else{back_url=action+"?"}$("form.login input[type=hidden]").each(function(index){return back_url+="&"+$(this).attr("name")+"="+$(this).val()});link=$("p.removeOther a").attr("href")+"&method="+method+"&url="+btoa(back_url);$("p.removeOther a").attr("href",link)}lang=getCookie("llnglanguage");if(!lang){if(navigator){langs=[];langs2=[];nlangs=[navigator.language];if(navigator.languages){nlangs=navigator.languages}ref=window.availableLanguages;for(i=0,len=ref.length;i<len;i++){al=ref[i];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}for(l=0,len1=nlangs.length;l<len1;l++){nl=nlangs[l];console.log("Navigator lang",nl);ref1=window.availableLanguages;for(m=0,len2=ref1.length;m<len2;m++){al=ref1[m];console.log(" Available lang",al);re=new RegExp("^"+al+"-?");if(nl.match(re)){console.log("  Matching lang =",al);langs.push(al)}else if(al.substring(0,1)===nl.substring(0,1)){langs2.push(al)}}}lang=langs[0]?langs[0]:langs2[0]?langs2[0]:window.availableLanguages[0]}else{lang=window.availableLanguages[0]}}else if(indexOf.call(window.availableLanguages,lang)<0){lang=window.availableLanguages[0]}console.log("Selected lang ->",lang);setCookie("llnglanguage",lang);translatePage(lang);langdiv="";ref2=window.availableLanguages;for(n=0,len3=ref2.length;n<len3;n++){al=ref2[n];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}$("#languages").html(langdiv);$(".langicon").on("click",function(){lang=$(this).attr("title");setCookie("llnglanguage",lang);return translatePage(lang)});if(datas["pingInterval"]&&datas["pingInterval"]>0){window.setTimeout(ping,datas["pingInterval"])}$(".localeDate").each(function(){var s;s=new Date($(this).attr("val")*1e3);return $(this).text(s.toLocaleString())});return $(".oidcConsent").on("click",function(){return removeOidcConsent($(this).attr("partner"))})})}).call(this);
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/error.json b/lemonldap-ng-portal/site/templates/bootstrap/error.json
new file mode 100644
index 000000000..ea94bf6f7
--- /dev/null
+++ b/lemonldap-ng-portal/site/templates/bootstrap/error.json
@@ -0,0 +1,5 @@
+<script type="application/init">
+ {
+ "trOver":{"all":{},"fr":{"PE5":"Pas de chance, râté ! Merci de réessayer ..."},"en":{}}
+ }
+ </script>
\ No newline at end of file
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/error.tpl b/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
index 97656794c..cbe04ddcf 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
@@ -1,4 +1,6 @@
 <TMPL_INCLUDE NAME="header.tpl">
+<TMPL_INCLUDE NAME="error.json">
+
 <div id="errorcontent" class="container">
   <TMPL_IF AUTH_ERROR>
     <div class="message message-<TMPL_VAR NAME="AUTH_ERROR_TYPE"> alert"><span trmsg="<TMPL_VAR NAME="AUTH_ERROR">"></span></div>
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/login.json b/lemonldap-ng-portal/site/templates/bootstrap/login.json
new file mode 100644
index 000000000..9512a7361
--- /dev/null
+++ b/lemonldap-ng-portal/site/templates/bootstrap/login.json
@@ -0,0 +1,5 @@
+<script type="application/init">
+ {
+ "trOver":{"all":{},"en":{"PE9":"You are welcome! Please login..."},"fr":{}}
+ }
+ </script>
\ No newline at end of file
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/login.tpl b/lemonldap-ng-portal/site/templates/bootstrap/login.tpl
index d2194b1c6..7cd6252a9 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/login.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/login.tpl
@@ -1,4 +1,5 @@
 <TMPL_INCLUDE NAME="header.tpl">
+<TMPL_INCLUDE NAME="login.json">
 
 <main id="logincontent" class="container">
 
diff --git a/lemonldap-ng-portal/site/templates/localeTranslations.txt b/lemonldap-ng-portal/site/templates/localeTranslations.txt
index b448b3258..64011a00e 100644
--- a/lemonldap-ng-portal/site/templates/localeTranslations.txt
+++ b/lemonldap-ng-portal/site/templates/localeTranslations.txt
@@ -1,3 +1,4 @@
 error_en_5 = Big brother is watching you, authenticated user
+error_en_9 = Do you really want to login ?
 error_fr_0 = Souriez, vous êtes surveillés !
 msg_fr_selectIdP = Portail de Fédération des Identités
\ No newline at end of file

From 53eb78c53d779349424a01f0ffa28bba6b2659d6 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 19 Feb 2019 23:03:40 +0100
Subject: [PATCH 22/58] Update unit test (#1595)

---
 lemonldap-ng-portal/t/02-Password-Demo.t | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lemonldap-ng-portal/t/02-Password-Demo.t b/lemonldap-ng-portal/t/02-Password-Demo.t
index cb4e4ef87..a4888e94e 100644
--- a/lemonldap-ng-portal/t/02-Password-Demo.t
+++ b/lemonldap-ng-portal/t/02-Password-Demo.t
@@ -31,9 +31,9 @@ ok( $res->[2]->[0] =~ m%"trOver"%,
 ok( $res->[2]->[0] =~ m%"all":\{\}%,
     ' all found' )
   or print STDERR Dumper( $res->[2]->[0] );
-ok( $res->[2]->[0] =~ m%"en":\{"PE5":"Big brother is watching you, authenticated user"\}%,
-    ' en found' )
-  or print STDERR Dumper( $res->[2]->[0] );
+#ok( $res->[2]->[0] =~ m%"en":\{"PE5":"Big brother is watching you, authenticated user"\}%,
+ #   ' en found' )
+  #or print STDERR Dumper( $res->[2]->[0] );
 ok( $res->[2]->[0] =~ m%"PE0":"Souriez, vous êtes surveillés !"%,
     ' PE0 found' )
   or print STDERR Dumper( $res->[2]->[0] );
@@ -46,7 +46,8 @@ ok( $res->[2]->[0] =~ m%"fr":\{%,
 ok( $res->[2]->[0] =~ m%"PE85":"From lemonlap-ng.ini"%,
     ' PE85 found' )
   or print STDERR Dumper( $res->[2]->[0] );
-count(9);
+#count(9);
+count(8);
 
 # Try yo authenticate
 # -------------------

From 9fafa1d8d5055547d011aff8ee0899e45441ce97 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Wed, 20 Feb 2019 23:22:56 +0100
Subject: [PATCH 23/58] Override msg with local json files (#1595)

---
 .../lib/Lemonldap/NG/Portal/Main/Run.pm        | 18 ++++++++++++++++--
 .../site/templates/bootstrap/error.json        |  5 -----
 .../templates/bootstrap/error.json.example     |  3 +++
 .../site/templates/bootstrap/error.tpl         |  1 -
 .../site/templates/bootstrap/header.tpl        |  1 +
 .../site/templates/bootstrap/login.json        |  8 +++-----
 .../site/templates/bootstrap/login.tpl         |  1 -
 .../site/templates/common/trover.tpl           |  5 +++++
 lemonldap-ng-portal/t/02-Password-Demo.t       | 10 +++++-----
 9 files changed, 33 insertions(+), 19 deletions(-)
 delete mode 100644 lemonldap-ng-portal/site/templates/bootstrap/error.json
 create mode 100644 lemonldap-ng-portal/site/templates/bootstrap/error.json.example
 create mode 100644 lemonldap-ng-portal/site/templates/common/trover.tpl

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
index 636715f21..3f6713a57 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -720,13 +720,27 @@ sub sendHtml {
     $args{params}->{TROVER} = $self->trOver;
     $args{templateDir}
         = $self->conf->{templateDir} . '/' . $self->getSkin($req);
-    my $tmpl = $args{templateDir} . "/$template.tpl";
+    my $tmpl       = $args{templateDir} . "/$template.tpl";
+    my $troverJson = $args{templateDir} . "/$template.json";
     unless ( -f $tmpl ) {
         $self->logger->debug("Template : $tmpl NOT found!!!");
         $args{templateDir} = $self->conf->{templateDir} . '/bootstrap';
-        $tmpl = $args{templateDir} . "/$template.tpl";
+        $tmpl              = $args{templateDir} . "/$template.tpl";
+        $troverJson        = $args{templateDir} . "/$template.json";
         $self->logger->debug("-> Trying to load $tmpl");
     }
+    if ( -r $troverJson ) {
+        open my $tr_file, '<', $troverJson
+            or die "Can't open"
+            . $troverJson . " : $!";
+        while (<$tr_file>) {
+            chomp;
+            $args{params}->{TROVERbyJSON} .= $_;
+        }
+        close $tr_file or die "Can't close $tr_file : $!";
+        $self->logger->debug(" -> Overriding messages with $troverJson");
+        $self->logger->debug("   -> File content : $args{params}->{TROVERbyJSON}");
+    }
     my $res = $self->SUPER::sendHtml( $req, $template, %args );
     push @{ $res->[1] },
         'X-XSS-Protection'       => '1; mode=block',
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/error.json b/lemonldap-ng-portal/site/templates/bootstrap/error.json
deleted file mode 100644
index ea94bf6f7..000000000
--- a/lemonldap-ng-portal/site/templates/bootstrap/error.json
+++ /dev/null
@@ -1,5 +0,0 @@
-<script type="application/init">
- {
- "trOver":{"all":{},"fr":{"PE5":"Pas de chance, râté ! Merci de réessayer ..."},"en":{}}
- }
- </script>
\ No newline at end of file
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/error.json.example b/lemonldap-ng-portal/site/templates/bootstrap/error.json.example
new file mode 100644
index 000000000..d4ed76e76
--- /dev/null
+++ b/lemonldap-ng-portal/site/templates/bootstrap/error.json.example
@@ -0,0 +1,3 @@
+{
+"trOver":{"all":{},"fr":{"PE5":"Pas de chance, râté ! Merci de réessayer ..."},"en":{}}
+}
\ No newline at end of file
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/error.tpl b/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
index cbe04ddcf..015f14626 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
@@ -1,5 +1,4 @@
 <TMPL_INCLUDE NAME="header.tpl">
-<TMPL_INCLUDE NAME="error.json">
 
 <div id="errorcontent" class="container">
   <TMPL_IF AUTH_ERROR>
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/header.tpl b/lemonldap-ng-portal/site/templates/bootstrap/header.tpl
index 10b602e62..b2f4a1456 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/header.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/header.tpl
@@ -39,6 +39,7 @@
   <link rel="openid2.provider" href="<TMPL_VAR NAME="PROVIDERURI">" />
  </TMPL_IF>
  <TMPL_INCLUDE NAME="../common/script.tpl">
+ <TMPL_INCLUDE NAME="../common/trover.tpl">
 <!-- //if:usedebianlibs
   <script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX"><TMPL_VAR NAME="SKIN">/js/skin.min.js"></script>
   <script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">common/js/portal.min.js"></script>
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/login.json b/lemonldap-ng-portal/site/templates/bootstrap/login.json
index 9512a7361..085ecba4c 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/login.json
+++ b/lemonldap-ng-portal/site/templates/bootstrap/login.json
@@ -1,5 +1,3 @@
-<script type="application/init">
- {
- "trOver":{"all":{},"en":{"PE9":"You are welcome! Please login..."},"fr":{}}
- }
- </script>
\ No newline at end of file
+{
+"trOver":{"all":{},"en":{"PE9":"You are welcome! Please login..."},"fr":{}}
+}
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/login.tpl b/lemonldap-ng-portal/site/templates/bootstrap/login.tpl
index 7cd6252a9..d2194b1c6 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/login.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/login.tpl
@@ -1,5 +1,4 @@
 <TMPL_INCLUDE NAME="header.tpl">
-<TMPL_INCLUDE NAME="login.json">
 
 <main id="logincontent" class="container">
 
diff --git a/lemonldap-ng-portal/site/templates/common/trover.tpl b/lemonldap-ng-portal/site/templates/common/trover.tpl
new file mode 100644
index 000000000..4746e110b
--- /dev/null
+++ b/lemonldap-ng-portal/site/templates/common/trover.tpl
@@ -0,0 +1,5 @@
+<TMPL_IF NAME="TROVERbyJSON">
+ <script type="application/init">
+ 	<TMPL_VAR NAME="TROVERbyJSON">
+ </script>
+</TMPL_IF>
\ No newline at end of file
diff --git a/lemonldap-ng-portal/t/02-Password-Demo.t b/lemonldap-ng-portal/t/02-Password-Demo.t
index a4888e94e..4b0778cf9 100644
--- a/lemonldap-ng-portal/t/02-Password-Demo.t
+++ b/lemonldap-ng-portal/t/02-Password-Demo.t
@@ -31,9 +31,9 @@ ok( $res->[2]->[0] =~ m%"trOver"%,
 ok( $res->[2]->[0] =~ m%"all":\{\}%,
     ' all found' )
   or print STDERR Dumper( $res->[2]->[0] );
-#ok( $res->[2]->[0] =~ m%"en":\{"PE5":"Big brother is watching you, authenticated user"\}%,
- #   ' en found' )
-  #or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%"en":\{"PE9":"You are welcome! Please login..."\}%,
+    ' en found' )
+  or print STDERR Dumper( $res->[2]->[0] );
 ok( $res->[2]->[0] =~ m%"PE0":"Souriez, vous êtes surveillés !"%,
     ' PE0 found' )
   or print STDERR Dumper( $res->[2]->[0] );
@@ -46,8 +46,8 @@ ok( $res->[2]->[0] =~ m%"fr":\{%,
 ok( $res->[2]->[0] =~ m%"PE85":"From lemonlap-ng.ini"%,
     ' PE85 found' )
   or print STDERR Dumper( $res->[2]->[0] );
-#count(9);
-count(8);
+count(9);
+
 
 # Try yo authenticate
 # -------------------

From b57a0788c22a8b48cd2d57b40150abd3cb6e3b8f Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 21 Feb 2019 16:25:02 +0100
Subject: [PATCH 24/58] Check JSON structure (#1595)

---
 .../lib/Lemonldap/NG/Portal/Main/Run.pm         | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
index 3f6713a57..a3609a615 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -15,6 +15,7 @@ package Lemonldap::NG::Portal::Main;
 
 use strict;
 use URI::Escape;
+use JSON;
 
 # List constants
 sub authProcess {qw(extractFormInfo getUser authenticate)}
@@ -729,17 +730,25 @@ sub sendHtml {
         $troverJson        = $args{templateDir} . "/$template.json";
         $self->logger->debug("-> Trying to load $tmpl");
     }
+
     if ( -r $troverJson ) {
         open my $tr_file, '<', $troverJson
-            or die "Can't open"
-            . $troverJson . " : $!";
+            or die "Can't open" . $troverJson . " : $!";
         while (<$tr_file>) {
             chomp;
             $args{params}->{TROVERbyJSON} .= $_;
         }
         close $tr_file or die "Can't close $tr_file : $!";
-        $self->logger->debug(" -> Overriding messages with $troverJson");
-        $self->logger->debug("   -> File content : $args{params}->{TROVERbyJSON}");
+        eval { decode_json( $args{params}->{TROVERbyJSON} ) };
+        if ($@) {
+            $self->logger->debug("$troverJson is NOT a regular JSON file!!!");
+            $args{params}->{TROVERbyJSON} = '';
+        }
+        else {
+            $self->logger->debug(" -> Overriding messages with $troverJson");
+            $self->logger->debug(
+                "   -> File content : $args{params}->{TROVERbyJSON}");
+        }
     }
     my $res = $self->SUPER::sendHtml( $req, $template, %args );
     push @{ $res->[1] },

From 00fae442e98e0a4ede2ce88373ef8d99eead2c90 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 21 Feb 2019 16:33:12 +0100
Subject: [PATCH 25/58] Update version (#1595)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
index a3609a615..d8e282fb0 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -9,7 +9,7 @@
 #
 package Lemonldap::NG::Portal::Main::Run;
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 package Lemonldap::NG::Portal::Main;
 

From ac5007fd9625044f2e2ce4454e9a30856d555cdb Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 21 Feb 2019 16:33:47 +0100
Subject: [PATCH 26/58] Update manifest

---
 lemonldap-ng-portal/MANIFEST | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST
index 70c73d52c..0fa7cda3b 100644
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@@ -329,6 +329,7 @@ site/templates/bootstrap/customhead.tpl
 site/templates/bootstrap/customheader.tpl
 site/templates/bootstrap/customLoginFooter.tpl
 site/templates/bootstrap/customLoginHeader.tpl
+site/templates/bootstrap/error.json.example
 site/templates/bootstrap/error.tpl
 site/templates/bootstrap/ext2fcheck.tpl
 site/templates/bootstrap/footer.tpl
@@ -337,6 +338,7 @@ site/templates/bootstrap/header.tpl
 site/templates/bootstrap/idpchoice.tpl
 site/templates/bootstrap/info.tpl
 site/templates/bootstrap/ldapPpGrace.tpl
+site/templates/bootstrap/login.json
 site/templates/bootstrap/login.tpl
 site/templates/bootstrap/mail.tpl
 site/templates/bootstrap/menu.tpl
@@ -394,6 +396,7 @@ site/templates/common/oidc_checksession.tpl
 site/templates/common/redirect.tpl
 site/templates/common/registerBrowser.tpl
 site/templates/common/script.tpl
+site/templates/common/trover.tpl
 site/templates/localeTranslations.txt
 t/01-AuthDemo.t
 t/01-pdata.t

From 697882bd45a9979ce32a6e01f80158d033cc9992 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 23 Feb 2019 09:35:43 +0100
Subject: [PATCH 27/58] WIP - checkUser plugin skeleton (#1658)

---
 .../Lemonldap/NG/Common/Conf/DefaultValues.pm |   1 +
 .../lib/Lemonldap/NG/Manager/Attributes.pm    |   4 +
 .../Lemonldap/NG/Manager/Build/Attributes.pm  |   6 +
 .../lib/Lemonldap/NG/Portal/Main/Plugins.pm   |   1 +
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 111 ++++++++++++++++++
 .../site/templates/bootstrap/checkuser.tpl    |  36 ++++++
 6 files changed, 159 insertions(+)
 create mode 100644 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
 create mode 100644 lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index 2f5ee043a..d987d55ae 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -28,6 +28,7 @@ sub defaultValues {
         'casAccessControlPolicy'        => 'none',
         'casAuthnLevel'                 => 1,
         'checkTime'                     => 600,
+        'checkUser'                     => 1,
         'checkXSS'                      => 1,
         'confirmFormMethod'             => 'post',
         'cookieName'                    => 'lemonldap',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index 9e08efa2d..5599a514b 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -767,6 +767,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => 600,
             'type'    => 'int'
         },
+        'checkUser' => {
+            'default' => 1,
+            'type'    => 'bool'
+        },
         'checkXSS' => {
             'default' => 1,
             'type'    => 'bool'
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index 32c6329e1..ce6d63cc1 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -578,6 +578,12 @@ sub attributes {
             documentation => 'Enable Cross Domain Authentication',
             flags         => 'hp',
         },
+        checkUser => {
+            default       => 1,
+            type          => 'bool',
+            documentation => 'Enable Check user',
+            flags         => 'p',
+        },
         checkXSS => {
             default       => 1,
             type          => 'bool',
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
index 802d2601c..571ec9da5 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
@@ -25,6 +25,7 @@ our @pList = (
     autoSigninRules            => '::Plugins::AutoSignin',
     checkState                 => '::Plugins::CheckState',
     portalForceAuthn           => '::Plugins::ForceAuthn',
+    checkUser                  => '::Plugins::CheckUser',
 );
 
 ##@method list enabledPlugins
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
new file mode 100644
index 000000000..abe0ca321
--- /dev/null
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -0,0 +1,111 @@
+package Lemonldap::NG::Portal::Plugins::CheckUser;
+
+use Data::Dumper;
+use strict;
+use Mouse;
+use Lemonldap::NG::Portal::Main::Constants qw(
+    PE_CONFIRM
+    PE_OK
+    PE_TOKENEXPIRED
+    PE_USERNOTFOUND
+);
+
+our $VERSION = '2.0.3';
+
+extends 'Lemonldap::NG::Portal::Main::Plugin';
+
+# INITIALIZATION
+
+has ott => (
+    is      => 'rw',
+    lazy    => 1,
+    default => sub {
+        my $ott = $_[0]->{p}
+            ->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
+        $ott->timeout( $_[0]->{conf}->{formTimeout} );
+        return $ott;
+    }
+);
+
+sub init {
+    my ($self) = @_;
+    $self->addAuthRoute( checkuser => 'check', [ 'GET', 'POST' ] );
+    return 1;
+}
+
+# RUNNING METHOD
+
+sub check {
+    my ( $self, $req ) = @_;
+    my $hdrs  = my $attrs = {};
+    my $auth  = 0;
+    my $msg   = 'checkUser';
+
+    ## Check user attributes
+    # Use submitted attribute if exists
+    $req->{user} = $req->param('user') if ( $req->param('user') );
+    $attrs = $self->_attributes($req);
+
+    if ( $req->error ) {
+        $msg   = 'PE' . $req->{error};
+        $attrs = {};
+    }
+
+    # Check if user is allowed to access submitted URL and compute headers
+    if ( $req->param('url') ) {
+
+        # Return VirtualHost headers
+        $hdrs = $self->_headers($req);
+
+        # User is allowed ?
+        $auth = $self->_authorized($req);
+    }
+
+    # Display form
+    return $self->p->sendHtml(
+        $req,
+        'checkuser',
+        params => {
+            MAIN_LOGO  => $self->conf->{portalMainLogo},
+            LANGS      => $self->conf->{showLanguages},
+            MSG        => $msg,
+            HEADERS    => %$hdrs,
+            ATTRIBUTES => %$attrs,
+            ALLOWED    => $auth,
+            PORTAL     => $self->conf->{portal},
+        }
+    );
+}
+
+sub _attributes {
+    my ( $self, $req ) = @_;
+
+    # Search user in database
+    $req->steps(
+        [   'getUser',                  'setSessionInfo',
+            'setMacros',                'setGroups',
+            'setPersistentSessionInfo', 'setLocalGroups'
+        ]
+    );
+    if ( my $error = $self->p->process($req) ) {
+        if ( $error == PE_USERNOTFOUND ) {
+            $self->userLogger->warn( "Check asked for an unvalid user ("
+                    . $req->param('user')
+                    . ")" );
+        }
+        return $req->error($error);
+    }
+    return $req->{sessionInfo};
+}
+
+sub _headers {
+    my ( $self, $req ) = @_;
+    return {};
+}
+
+sub _authorized {
+    my ( $self, $req ) = @_;
+    return 1;
+}
+
+1;
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
new file mode 100644
index 000000000..75252a4df
--- /dev/null
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -0,0 +1,36 @@
+<TMPL_INCLUDE NAME="header.tpl">
+
+<div id="errorcontent" class="container">
+<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
+
+<form id="checkuser" action="/checkuser" method="post" class="password" role="form">
+  <!--
+  <input type="hidden" name="confirm" value="<TMPL_VAR NAME="CONFIRMKEY">">
+  <input type="hidden" name="url" value="<TMPL_VAR NAME="URL">">
+  -->
+  <div class="input-group mb-3">
+    <div class="input-group-prepend">
+      <span class="input-group-text"><i class="fa fa-user"></i> </span>
+    </div>
+    <input name="user" type="text" class="form-control" value="<TMPL_VAR NAME="LOGIN">" trplaceholder="user" aria-required="true"/>
+  </div>
+  <div class="input-group mb-3">
+    <div class="input-group-prepend">
+      <span class="input-group-text"><i class="fa fa-link"></i> </span>
+    </div>
+    <input name="url" type="text" class="form-control" trplaceholder="URL" aria-required="true"/>
+  </div>
+  <div class="buttons">
+    <button type="submit" class="btn btn-success">
+      <span class="fa fa-sign-in"></span>
+      <span trspan="checkUser">Check user</span>
+    </button>
+    <a href="<TMPL_VAR NAME="PORTAL_URL">" class="btn btn-primary" role="button">
+      <span class="fa fa-home"></span>
+      <span trspan="goToPortal">Go to portal</span>
+    </a>
+  </div>
+</form>
+</div>
+
+<TMPL_INCLUDE NAME="footer.tpl">

From 0c0b3dd0691264befe0dd8006d6286babcd22eae Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 23 Feb 2019 11:19:40 +0100
Subject: [PATCH 28/58] WIP - checkUser test access (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 28 ++++++++++++-------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index abe0ca321..48c2889b9 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -37,14 +37,15 @@ sub init {
 
 sub check {
     my ( $self, $req ) = @_;
-    my $hdrs  = my $attrs = {};
-    my $auth  = 0;
-    my $msg   = 'checkUser';
+    my $hdrs = my $attrs = {};
+    my $auth = 0;
+    my $msg  = 'checkUser';
 
     ## Check user attributes
     # Use submitted attribute if exists
     $req->{user} = $req->param('user') if ( $req->param('user') );
     $attrs = $self->_attributes($req);
+    $self->logger->debug( "######## " . Dumper($attrs) );
 
     if ( $req->error ) {
         $msg   = 'PE' . $req->{error};
@@ -52,13 +53,13 @@ sub check {
     }
 
     # Check if user is allowed to access submitted URL and compute headers
-    if ( $req->param('url') ) {
-
-        # Return VirtualHost headers
-        $hdrs = $self->_headers($req);
+    if ( $req->param('url') and %$attrs ) {
 
         # User is allowed ?
-        $auth = $self->_authorized($req);
+        $auth = $self->_authorized( $req, $req->param('url') );
+        $self->logger->debug( "******** " . $auth );
+        # Return VirtualHost headers
+        $hdrs = $self->_headers( $req, $req->param('url') );
     }
 
     # Display form
@@ -104,8 +105,15 @@ sub _headers {
 }
 
 sub _authorized {
-    my ( $self, $req ) = @_;
-    return 1;
+    my ( $self, $req, $uri ) = @_;
+
+    # Check rights
+    my ( $vhost, $appuri ) = $uri =~ m#^https?://([^/]*)(.*)#;
+    $vhost =~ s/:\d+$//;
+    $vhost = $self->p->HANDLER->resolveAlias($vhost);
+    $appuri ||= '/';
+    return $self->p->HANDLER->grant( $req, $req->{sessionInfo}, $appuri, undef,
+        $vhost );
 }
 
 1;

From c3255e1ed81505a15ea8c61de69be35d87bff5b0 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 23 Feb 2019 20:39:53 +0100
Subject: [PATCH 29/58] WIP - checkUser prepare loop (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 62 +++++++++++++------
 .../site/templates/bootstrap/checkuser.tpl    |  4 +-
 2 files changed, 47 insertions(+), 19 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 48c2889b9..dbb892a3f 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -36,30 +36,53 @@ sub init {
 # RUNNING METHOD
 
 sub check {
-    my ( $self, $req ) = @_;
-    my $hdrs = my $attrs = {};
-    my $auth = 0;
-    my $msg  = 'checkUser';
+    my ( $self, $req )   = @_;
+    my ( $hdrs, $attrs, $array_attrs, $array_hdrs ) = ( {}, {}, [],[] );
+    my $msg         = 'checkUser';
+    my $auth        = 0;
 
     ## Check user attributes
     # Use submitted attribute if exists
+    my $url = $req->param('url') || '';
     $req->{user} = $req->param('user') if ( $req->param('user') );
+    $self->logger->debug("Check requested for $req->{user}");
     $attrs = $self->_attributes($req);
-    $self->logger->debug( "######## " . Dumper($attrs) );
-
     if ( $req->error ) {
         $msg   = 'PE' . $req->{error};
         $attrs = {};
     }
 
+    $self->logger->debug( "######## " . Dumper($attrs) );
+
+    # Create an array of hashes for template loop
+    while ( my ( $k, $v ) = each %$attrs ) {
+        push @$array_attrs, { key => $k, value => $v };
+
+        ##### TODO -> DELETE hidden attributes
+
+    }
+
+    $self->logger->debug( "******** " . Dumper($array_attrs) );
+
     # Check if user is allowed to access submitted URL and compute headers
-    if ( $req->param('url') and %$attrs ) {
+    if ( $url and %$attrs ) {
 
         # User is allowed ?
-        $auth = $self->_authorized( $req, $req->param('url') );
-        $self->logger->debug( "******** " . $auth );
+        $auth = $self->_authorized( $req, $url );
+        $self->logger->debug(
+            "checkUser requested for user: $req->{user} and URL: $url");
+        my $result = $auth ? "ALLOWED" : "FORBIDDEN";
+        $self->userLogger->notice(
+            "checkUser -> $req->{user} is $result to access: $url");
+
         # Return VirtualHost headers
-        $hdrs = $self->_headers( $req, $req->param('url') );
+        $hdrs = $self->_headers( $req, $url );
+        while ( my ( $k, $v ) = each %$hdrs ) {
+            push @$array_hdrs, { key => $k, value => $v };
+        }
+
+        $self->logger->debug( "+++++++++++++ " . Dumper($array_hdrs) );
+        
     }
 
     # Display form
@@ -67,13 +90,15 @@ sub check {
         $req,
         'checkuser',
         params => {
+            PORTAL     => $self->conf->{portal},
             MAIN_LOGO  => $self->conf->{portalMainLogo},
             LANGS      => $self->conf->{showLanguages},
             MSG        => $msg,
-            HEADERS    => %$hdrs,
-            ATTRIBUTES => %$attrs,
+            LOGIN      => $req->{user},
+            URL        => $url,
             ALLOWED    => $auth,
-            PORTAL     => $self->conf->{portal},
+            HEADERS    => $array_hdrs,
+            ATTRIBUTES => $array_attrs,
         }
     );
 }
@@ -90,10 +115,11 @@ sub _attributes {
     );
     if ( my $error = $self->p->process($req) ) {
         if ( $error == PE_USERNOTFOUND ) {
-            $self->userLogger->warn( "Check asked for an unvalid user ("
-                    . $req->param('user')
+            $self->userLogger->warn( "Check requested for an unvalid user ("
+                    . $req->{user}
                     . ")" );
         }
+        $self->logger->debug("Process returned error: $error");
         return $req->error($error);
     }
     return $req->{sessionInfo};
@@ -101,7 +127,7 @@ sub _attributes {
 
 sub _headers {
     my ( $self, $req ) = @_;
-    return {};
+    return { 'HEADER1' => 'TEST' };
 }
 
 sub _authorized {
@@ -112,8 +138,8 @@ sub _authorized {
     $vhost =~ s/:\d+$//;
     $vhost = $self->p->HANDLER->resolveAlias($vhost);
     $appuri ||= '/';
-    return $self->p->HANDLER->grant( $req, $req->{sessionInfo}, $appuri, undef,
-        $vhost );
+    return $self->p->HANDLER->grant( $req, $req->{sessionInfo}, $appuri,
+        undef, $vhost );
 }
 
 1;
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index 75252a4df..c60efa8fd 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -18,7 +18,7 @@
     <div class="input-group-prepend">
       <span class="input-group-text"><i class="fa fa-link"></i> </span>
     </div>
-    <input name="url" type="text" class="form-control" trplaceholder="URL" aria-required="true"/>
+    <input name="url" type="text" class="form-control" value="<TMPL_VAR NAME="URL">" trplaceholder="URL" aria-required="true"/>
   </div>
   <div class="buttons">
     <button type="submit" class="btn btn-success">
@@ -33,4 +33,6 @@
 </form>
 </div>
 
+
+
 <TMPL_INCLUDE NAME="footer.tpl">

From 30148caf2d156f29bd18ca189e166b62415e823a Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 23 Feb 2019 23:02:42 +0100
Subject: [PATCH 30/58] WIP - checkUser hide secret attributes (#1658)

---
 .../Lemonldap/NG/Common/Conf/DefaultValues.pm |  1 +
 .../lib/Lemonldap/NG/Manager/Attributes.pm    |  4 ++
 .../Lemonldap/NG/Manager/Build/Attributes.pm  |  6 +++
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 36 ++++++++------
 .../site/templates/bootstrap/2fregisters.tpl  |  5 +-
 .../site/templates/bootstrap/checkuser.tpl    | 48 +++++++++++++++++++
 6 files changed, 83 insertions(+), 17 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index d987d55ae..2606cde79 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -29,6 +29,7 @@ sub defaultValues {
         'casAuthnLevel'                 => 1,
         'checkTime'                     => 600,
         'checkUser'                     => 1,
+        'checkUserHiddenAttributes'     => 'UA',
         'checkXSS'                      => 1,
         'confirmFormMethod'             => 'post',
         'cookieName'                    => 'lemonldap',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index 5599a514b..8bdf12ba3 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -771,6 +771,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => 1,
             'type'    => 'bool'
         },
+        'checkUserHiddenAttributes' => {
+            'default' => 'UA',
+            'type'    => 'text'
+        },
         'checkXSS' => {
             'default' => 1,
             'type'    => 'bool'
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index ce6d63cc1..7ebb6ff41 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -584,6 +584,12 @@ sub attributes {
             documentation => 'Enable Check user',
             flags         => 'p',
         },
+        checkUserHiddenAttributes => {
+            type          => 'text',
+            default       => 'UA',
+            documentation => 'Attributes to hide in CheckUser plugin',
+            flags         => 'p',
+        },
         checkXSS => {
             default       => 1,
             type          => 'bool',
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index dbb892a3f..64cd2cdfa 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -27,6 +27,10 @@ has ott => (
     }
 );
 
+sub hAttr {
+    $_[0]->{conf}->{checkUserHiddenAttributes} . ' ' . $_[0]->{conf}->{hiddenAttributes} ;
+}
+
 sub init {
     my ($self) = @_;
     $self->addAuthRoute( checkuser => 'check', [ 'GET', 'POST' ] );
@@ -37,9 +41,10 @@ sub init {
 
 sub check {
     my ( $self, $req )   = @_;
-    my ( $hdrs, $attrs, $array_attrs, $array_hdrs ) = ( {}, {}, [],[] );
-    my $msg         = 'checkUser';
-    my $auth        = 0;
+    my ( $hdrs, $attrs, $array_attrs, $array_hdrs ) = ( {}, {}, [], [] );
+    my $msg    = 'checkUser';
+    my $result = '';
+    my $auth   = 0;
 
     ## Check user attributes
     # Use submitted attribute if exists
@@ -56,12 +61,12 @@ sub check {
 
     # Create an array of hashes for template loop
     while ( my ( $k, $v ) = each %$attrs ) {
-        push @$array_attrs, { key => $k, value => $v };
 
-        ##### TODO -> DELETE hidden attributes
+        # Ignore hidden attributes
+        push @$array_attrs, { key => $k, value => $v } unless ( $self->hAttr =~ /\b$k\b/ );
 
     }
-
+    @$array_attrs =  sort { $a->{key} cmp $b->{key} } @$array_attrs;
     $self->logger->debug( "******** " . Dumper($array_attrs) );
 
     # Check if user is allowed to access submitted URL and compute headers
@@ -71,7 +76,7 @@ sub check {
         $auth = $self->_authorized( $req, $url );
         $self->logger->debug(
             "checkUser requested for user: $req->{user} and URL: $url");
-        my $result = $auth ? "ALLOWED" : "FORBIDDEN";
+        $result = $auth ? "ALLOWED" : "FORBIDDEN";
         $self->userLogger->notice(
             "checkUser -> $req->{user} is $result to access: $url");
 
@@ -82,7 +87,7 @@ sub check {
         }
 
         $self->logger->debug( "+++++++++++++ " . Dumper($array_hdrs) );
-        
+
     }
 
     # Display form
@@ -96,7 +101,7 @@ sub check {
             MSG        => $msg,
             LOGIN      => $req->{user},
             URL        => $url,
-            ALLOWED    => $auth,
+            ALLOWED    => $result,
             HEADERS    => $array_hdrs,
             ATTRIBUTES => $array_attrs,
         }
@@ -110,7 +115,8 @@ sub _attributes {
     $req->steps(
         [   'getUser',                  'setSessionInfo',
             'setMacros',                'setGroups',
-            'setPersistentSessionInfo', 'setLocalGroups'
+            #'setPersistentSessionInfo', 'setLocalGroups'
+            'setLocalGroups'
         ]
     );
     if ( my $error = $self->p->process($req) ) {
@@ -125,11 +131,6 @@ sub _attributes {
     return $req->{sessionInfo};
 }
 
-sub _headers {
-    my ( $self, $req ) = @_;
-    return { 'HEADER1' => 'TEST' };
-}
-
 sub _authorized {
     my ( $self, $req, $uri ) = @_;
 
@@ -142,4 +143,9 @@ sub _authorized {
         undef, $vhost );
 }
 
+sub _headers {
+    my ( $self, $req ) = @_;
+    return { 'HEADER1' => 'TEST' };
+}
+
 1;
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl b/lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl
index 35e6850c3..b1f61d573 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl
@@ -19,14 +19,15 @@
           <th><span trspan="date">Date</span></th>
           <th>
             <TMPL_IF NAME="ACTION">
-              <span trspan="action">Action</span></th>
+              <span trspan="action">Action</span>
             </TMPL_IF>
+          </th>
         </tr>
       </thead>
       <tbody>
         <TMPL_LOOP NAME="SFDEVICES">
           <tr id='delete-<TMPL_VAR NAME="epoch">'>
-            <td class="align-middle" ><TMPL_VAR NAME="type"></td>
+            <td class="align-middle"><TMPL_VAR NAME="type"></td>
             <td class="align-middle"><TMPL_VAR NAME="name"></td>
             <td class="data-epoch"><TMPL_VAR NAME="epoch"></td>
             <td>
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index c60efa8fd..ba730962c 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -33,6 +33,54 @@
 </form>
 </div>
 
+<TMPL_IF NAME="ALLOWED">
+<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="ALLOWED">"></span></div>
+</TMPL_IF>
 
+<TMPL_IF NAME="HEADERS">
+  <div class="card mb-3 border-secondary">
+  <div class="card-body table-responsive">
+  <table class="table table-hover">
+    <thead>
+      <tr>
+        <th><span trspan="key">Key</span></th>
+        <th><span trspan="value">Value</span></th>
+      </tr>
+    </thead>
+    <tbody>
+      <TMPL_LOOP NAME="HEADERS">
+        <tr>
+          <td class="align-middle"><TMPL_VAR NAME="key"></td>
+          <td class="align-middle"><TMPL_VAR NAME="value"></td>
+        </tr>
+      </TMPL_LOOP>
+    </tbody>
+  </table>
+  </div>
+  </div>
+</TMPL_IF>
+
+<TMPL_IF NAME="ATTRIBUTES">
+  <div class="card mb-3 border-secondary">
+  <div class="card-body table-responsive">
+  <table class="table table-hover">
+    <thead>
+      <tr>
+        <th><span trspan="key">Key</span></th>
+        <th><span trspan="value">Value</span></th>
+      </tr>
+    </thead>
+    <tbody>
+      <TMPL_LOOP NAME="ATTRIBUTES">
+        <tr>
+          <td class="align-middle"><TMPL_VAR NAME="key"></td>
+          <td class="align-middle"><TMPL_VAR NAME="value"></td>
+        </tr>
+      </TMPL_LOOP>
+    </tbody>
+  </table>
+  </div>
+  </div>
+</TMPL_IF>
 
 <TMPL_INCLUDE NAME="footer.tpl">

From 557539805a31882373db161d9900a066ed6ac3ef Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sat, 23 Feb 2019 23:24:13 +0100
Subject: [PATCH 31/58] WIP - checkUser hide secret attributes (#1658)

---
 .../Lemonldap/NG/Common/Conf/DefaultValues.pm |  2 +-
 .../lib/Lemonldap/NG/Manager/Attributes.pm    |  2 +-
 .../Lemonldap/NG/Manager/Build/Attributes.pm  |  2 +-
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  |  6 ++---
 .../site/templates/bootstrap/checkuser.tpl    | 26 ++++++++++---------
 5 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index 2606cde79..4e1f30ab0 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -29,7 +29,7 @@ sub defaultValues {
         'casAuthnLevel'                 => 1,
         'checkTime'                     => 600,
         'checkUser'                     => 1,
-        'checkUserHiddenAttributes'     => 'UA',
+        'checkUserHiddenAttributes'     => 'UA _2fDevices',
         'checkXSS'                      => 1,
         'confirmFormMethod'             => 'post',
         'cookieName'                    => 'lemonldap',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index 8bdf12ba3..40d5380fa 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -772,7 +772,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'type'    => 'bool'
         },
         'checkUserHiddenAttributes' => {
-            'default' => 'UA',
+            'default' => 'UA _2fDevices',
             'type'    => 'text'
         },
         'checkXSS' => {
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index 7ebb6ff41..bb85d3b10 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -586,7 +586,7 @@ sub attributes {
         },
         checkUserHiddenAttributes => {
             type          => 'text',
-            default       => 'UA',
+            default       => 'UA _2fDevices',
             documentation => 'Attributes to hide in CheckUser plugin',
             flags         => 'p',
         },
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 64cd2cdfa..1ef111f00 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -63,11 +63,9 @@ sub check {
     while ( my ( $k, $v ) = each %$attrs ) {
 
         # Ignore hidden attributes
-        push @$array_attrs, { key => $k, value => $v } unless ( $self->hAttr =~ /\b$k\b/ );
-
+        push @$array_attrs, { key => $k, value => $v } unless ( $self->hAttr =~ /\b$k\b/ or !$v );
     }
     @$array_attrs =  sort { $a->{key} cmp $b->{key} } @$array_attrs;
-    $self->logger->debug( "******** " . Dumper($array_attrs) );
 
     # Check if user is allowed to access submitted URL and compute headers
     if ( $url and %$attrs ) {
@@ -85,9 +83,9 @@ sub check {
         while ( my ( $k, $v ) = each %$hdrs ) {
             push @$array_hdrs, { key => $k, value => $v };
         }
+        @$array_hdrs =  sort { $a->{key} cmp $b->{key} } @$array_hdrs;
 
         $self->logger->debug( "+++++++++++++ " . Dumper($array_hdrs) );
-
     }
 
     # Display form
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index ba730962c..d2edcbd2a 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -20,18 +20,7 @@
     </div>
     <input name="url" type="text" class="form-control" value="<TMPL_VAR NAME="URL">" trplaceholder="URL" aria-required="true"/>
   </div>
-  <div class="buttons">
-    <button type="submit" class="btn btn-success">
-      <span class="fa fa-sign-in"></span>
-      <span trspan="checkUser">Check user</span>
-    </button>
-    <a href="<TMPL_VAR NAME="PORTAL_URL">" class="btn btn-primary" role="button">
-      <span class="fa fa-home"></span>
-      <span trspan="goToPortal">Go to portal</span>
-    </a>
-  </div>
-</form>
-</div>
+
 
 <TMPL_IF NAME="ALLOWED">
 <div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="ALLOWED">"></span></div>
@@ -83,4 +72,17 @@
   </div>
 </TMPL_IF>
 
+  <div class="buttons">
+    <button type="submit" class="btn btn-success">
+      <span class="fa fa-sign-in"></span>
+      <span trspan="checkUser">Check user</span>
+    </button>
+    <a href="<TMPL_VAR NAME="PORTAL_URL">" class="btn btn-primary" role="button">
+      <span class="fa fa-home"></span>
+      <span trspan="goToPortal">Go to portal</span>
+    </a>
+  </div>
+</form>
+</div>
+
 <TMPL_INCLUDE NAME="footer.tpl">

From e296d1d4073d73666a78c3fe68881b57529749d3 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 24 Feb 2019 22:07:55 +0100
Subject: [PATCH 32/58] WIP - Append checkHeaders function (#1658)

---
 .../lib/Lemonldap/NG/Handler/Main/Run.pm      | 199 ++++++++++--------
 1 file changed, 108 insertions(+), 91 deletions(-)

diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
index 77756fcb4..b5d2fc537 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
@@ -1,7 +1,7 @@
 # Main running methods file
 package Lemonldap::NG::Handler::Main::Run;
 
-our $VERSION = '2.0.2';
+our $VERSION = '2.0.3';
 
 package Lemonldap::NG::Handler::Main;
 
@@ -44,20 +44,20 @@ sub getStatus {
     if ( $ENV{LLNGSTATUSHOST} ) {
         require IO::Socket::INET;
         foreach ( 64322 .. 64331 ) {
-            if ( $statusOut =
-                IO::Socket::INET->new( Proto => 'udp', LocalPort => $_ ) )
+            if ( $statusOut
+                = IO::Socket::INET->new( Proto => 'udp', LocalPort => $_ ) )
             {
-                $args =
-                  ' host=' . ( $ENV{LLNGSTATUSCLIENT} || 'localhost' ) . ":$_";
+                $args = ' host='
+                    . ( $ENV{LLNGSTATUSCLIENT} || 'localhost' ) . ":$_";
                 last;
             }
         }
         return $class->abort( $req,
-            "$class: status page can not be displayed, unable to open socket" )
-          unless ($statusOut);
+            "$class: status page can not be displayed, unable to open socket"
+        ) unless ($statusOut);
     }
     return $class->abort( $req, "$class: status page can not be displayed" )
-      unless ( $statusPipe and $statusOut );
+        unless ( $statusPipe and $statusOut );
     my $q = $req->{env}->{QUERY_STRING} || '';
     if ( $q =~ /\s/ ) {
         $class->logger->error("Bad characters in query");
@@ -84,12 +84,12 @@ sub checkType {
 
     if ( time() - $class->lastCheck > $class->checkTime ) {
         die("$class: No configuration found")
-          unless ( $class->checkConf );
+            unless ( $class->checkConf );
     }
     my $vhost = $class->resolveAlias($req);
     return ( defined $class->tsv->{type}->{$vhost} )
-      ? $class->tsv->{type}->{$vhost}
-      : 'Main';
+        ? $class->tsv->{type}->{$vhost}
+        : 'Main';
 }
 
 ## @rmethod int run
@@ -125,7 +125,7 @@ sub run {
     my ($cond);
     ( $cond, $protection ) = $class->conditionSub($rule) if ($rule);
     $protection = $class->isUnprotected( $req, $uri ) || 0
-      unless ( defined $protection );
+        unless ( defined $protection );
 
     if ( $protection == $class->SKIP ) {
         $class->logger->debug("Access control skipped");
@@ -150,7 +150,7 @@ sub run {
 
         # AUTHORIZATION
         return ( $class->forbidden( $req, $session ), $session )
-          unless ( $class->grant( $req, $session, $uri, $cond ) );
+            unless ( $class->grant( $req, $session, $uri, $cond ) );
         $class->updateStatus( $req, 'OK',
             $session->{ $class->tsv->{whatToTrace} } );
 
@@ -168,8 +168,8 @@ sub run {
 
         # Log access granted
         $class->logger->debug( "User "
-              . $session->{ $class->tsv->{whatToTrace} }
-              . " was granted to access to $uri" );
+                . $session->{ $class->tsv->{whatToTrace} }
+                . " was granted to access to $uri" );
 
         #  Catch POST rules
         $class->postOutputFilter( $req, $session, $uri );
@@ -192,7 +192,7 @@ sub run {
 
         # Redirect user to the portal
         $class->logger->info("No cookie found")
-          unless ($id);
+            unless ($id);
 
         # if the cookie was fetched, a log is sent by retrieveSession()
         $class->updateStatus( $req, $id ? 'EXPIRED' : 'REDIRECT' );
@@ -243,10 +243,10 @@ sub lmLog {
 sub checkMaintenanceMode {
     my ( $class, $req ) = @_;
     my $vhost = $class->resolveAlias($req);
-    my $_maintenance =
-      ( defined $class->tsv->{maintenance}->{$vhost} )
-      ? $class->tsv->{maintenance}->{$vhost}
-      : $class->tsv->{maintenance}->{_};
+    my $_maintenance
+        = ( defined $class->tsv->{maintenance}->{$vhost} )
+        ? $class->tsv->{maintenance}->{$vhost}
+        : $class->tsv->{maintenance}->{_};
 
     if ($_maintenance) {
         $class->logger->debug("Maintenance mode enabled");
@@ -272,17 +272,17 @@ sub grant {
         }
     }
     for (
-        my $i = 0 ;
-        $i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
+        my $i = 0;
+        $i < ( $class->tsv->{locationCount}->{$vhost} || 0 );
         $i++
-      )
+        )
     {
         if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
             $class->logger->debug( 'Regexp "'
-                  . $class->tsv->{locationConditionText}->{$vhost}->[$i]
-                  . '" match' );
+                    . $class->tsv->{locationConditionText}->{$vhost}->[$i]
+                    . '" match' );
             return $class->tsv->{locationCondition}->{$vhost}->[$i]
-              ->( $req, $session );
+                ->( $req, $session );
         }
     }
     unless ( $class->tsv->{defaultCondition}->{$vhost} ) {
@@ -319,8 +319,8 @@ sub forbidden {
 
     # Log forbidding
     $class->userLogger->notice( "User "
-          . $session->{ $class->tsv->{whatToTrace} }
-          . " was forbidden to access to $vhost$uri" );
+            . $session->{ $class->tsv->{whatToTrace} }
+            . " was forbidden to access to $vhost$uri" );
     $class->updateStatus( $req, 'REJECT',
         $session->{ $class->tsv->{whatToTrace} } );
 
@@ -377,9 +377,9 @@ sub goToPortal {
     $class->logger->debug(
         "Redirect $req->{env}->{REMOTE_ADDR} to portal (url was $url)");
     $class->set_header_out( $req,
-            'Location' => $class->tsv->{portal}->()
-          . "$path?url=$urlc_init"
-          . ( $arg ? "&$arg" : "" ) );
+              'Location' => $class->tsv->{portal}->()
+            . "$path?url=$urlc_init"
+            . ( $arg ? "&$arg" : "" ) );
     return $class->REDIRECT;
 }
 
@@ -389,9 +389,9 @@ sub goToError {
     $class->logger->debug(
         "Redirect $req->{env}->{REMOTE_ADDR} to lmError (url was $url)");
     $class->set_header_out( $req,
-            'Location' => $class->tsv->{portal}->()
-          . "/lmerror/$code"
-          . "?url=$urlc_init" );
+              'Location' => $class->tsv->{portal}->()
+            . "/lmerror/$code"
+            . "?url=$urlc_init" );
     return $class->REDIRECT;
 }
 
@@ -403,12 +403,12 @@ sub fetchId {
     my $t                 = $req->{env}->{HTTP_COOKIE} or return 0;
     my $vhost             = $class->resolveAlias($req);
     my $lookForHttpCookie = ( $class->tsv->{securedCookie} =~ /^(2|3)$/
-          and not $class->_isHttps( $req, $vhost ) );
+            and not $class->_isHttps( $req, $vhost ) );
     my $cn = $class->tsv->{cookieName};
-    my $value =
-      $lookForHttpCookie
-      ? ( $t =~ /${cn}http=([^,; ]+)/o ? $1 : 0 )
-      : ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
+    my $value
+        = $lookForHttpCookie
+        ? ( $t =~ /${cn}http=([^,; ]+)/o ? $1 : 0 )
+        : ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
 
     if ( $value && $lookForHttpCookie && $class->tsv->{securedCookie} == 3 ) {
         $value = $class->tsv->{cipher}->decryptHex( $value, "http" );
@@ -446,8 +446,8 @@ sub retrieveSession {
 
     # 2. Get the session from cache or backend
     my $session = $req->data->{session} = (
-        Lemonldap::NG::Common::Session->new( {
-                storageModule        => $class->tsv->{sessionStorageModule},
+        Lemonldap::NG::Common::Session->new(
+            {   storageModule        => $class->tsv->{sessionStorageModule},
                 storageModuleOptions => $class->tsv->{sessionStorageOptions},
                 cacheModule          => $class->tsv->{sessionCacheModule},
                 cacheModuleOptions   => $class->tsv->{sessionCacheOptions},
@@ -464,36 +464,36 @@ sub retrieveSession {
 
         # Verify that session is valid
         $class->logger->error(
-"_utime is not defined. This should not happen. Check if it is well transmitted to handler"
+            "_utime is not defined. This should not happen. Check if it is well transmitted to handler"
         ) unless $session->data->{_utime};
 
         $class->logger->debug("Check session validity from Handler");
-        $class->logger->debug( "Session timeout -> " . $class->tsv->{timeout} );
+        $class->logger->debug(
+            "Session timeout -> " . $class->tsv->{timeout} );
         $class->logger->debug( "Session timeoutActivity -> "
-              . $class->tsv->{timeoutActivity}
-              . "s" )
-          if ( $class->tsv->{timeoutActivity} );
+                . $class->tsv->{timeoutActivity}
+                . "s" )
+            if ( $class->tsv->{timeoutActivity} );
         $class->logger->debug(
             "Session _utime -> " . $session->data->{_utime} );
         $class->logger->debug( "now -> " . $now );
         $class->logger->debug( "_lastSeen -> " . $session->data->{_lastSeen} )
-          if ( $session->data->{_lastSeen} );
+            if ( $session->data->{_lastSeen} );
         my $delta = $now - $session->data->{_lastSeen}
-          if ( $session->data->{_lastSeen} );
+            if ( $session->data->{_lastSeen} );
         $class->logger->debug( "now - _lastSeen = " . $delta )
-          if ( $session->data->{_lastSeen} );
+            if ( $session->data->{_lastSeen} );
         $class->logger->debug( "Session timeoutActivityInterval -> "
-              . $class->tsv->{timeoutActivityInterval} )
-          if ( $class->tsv->{timeoutActivityInterval} );
+                . $class->tsv->{timeoutActivityInterval} )
+            if ( $class->tsv->{timeoutActivityInterval} );
         my $ttl = $class->tsv->{timeout} - $now + $session->data->{_utime};
         $class->logger->debug( "Session TTL = " . $ttl );
 
-        if (
-            $now - $session->data->{_utime} > $class->tsv->{timeout}
+        if ($now - $session->data->{_utime} > $class->tsv->{timeout}
             or (    $class->tsv->{timeoutActivity}
                 and $session->data->{_lastSeen}
                 and $delta > $class->tsv->{timeoutActivity} )
-          )
+            )
         {
             $class->logger->info("Session $id expired");
 
@@ -503,11 +503,10 @@ sub retrieveSession {
         }
 
         # Update the session to notify activity, if necessary
-        if (
-            $class->tsv->{timeoutActivity}
-            and ( $now - $session->data->{_lastSeen} >
-                $class->tsv->{timeoutActivityInterval} )
-          )
+        if ($class->tsv->{timeoutActivity}
+            and ( $now - $session->data->{_lastSeen}
+                > $class->tsv->{timeoutActivityInterval} )
+            )
         {
             $req->data->{session}->update( { '_lastSeen' => $now } );
             $class->data( $session->data );
@@ -594,9 +593,9 @@ sub _buildUrl {
     my $_https     = $class->_isHttps( $req, $vhost );
     my $portString = $class->_getPort( $req, $vhost );
     $portString = (
-             ( $realvhost =~ /:\d+/ )
-          or ( $_https  && $portString == 443 )
-          or ( !$_https && $portString == 80 )
+               ( $realvhost =~ /:\d+/ )
+            or ( $_https  && $portString == 443 )
+            or ( !$_https && $portString == 80 )
     ) ? '' : ":$portString";
     my $url = "http" . ( $_https ? "s" : "" ) . "://$realvhost$portString$s";
     $class->logger->debug("Build URL $url");
@@ -612,10 +611,10 @@ sub isUnprotected {
     my ( $class, $req, $uri ) = @_;
     my $vhost = $class->resolveAlias($req);
     for (
-        my $i = 0 ;
-        $i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
+        my $i = 0;
+        $i < ( $class->tsv->{locationCount}->{$vhost} || 0 );
         $i++
-      )
+        )
     {
         if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
             return $class->tsv->{locationProtection}->{$vhost}->[$i];
@@ -632,8 +631,8 @@ sub sendHeaders {
     if ( defined $class->tsv->{forgeHeaders}->{$vhost} ) {
 
         # Log headers in debug mode
-        my %headers =
-          $class->tsv->{forgeHeaders}->{$vhost}->( $req, $session );
+        my %headers
+            = $class->tsv->{forgeHeaders}->{$vhost}->( $req, $session );
         foreach my $h ( sort keys %headers ) {
             if ( defined( my $v = $headers{$h} ) ) {
                 $class->logger->debug("Send header $h with value $v");
@@ -646,6 +645,23 @@ sub sendHeaders {
     }
 }
 
+sub checkHeaders {
+    my ( $class, $req, $session ) = @_;
+    my $vhost          = $class->resolveAlias($req);
+    my $array_headers = [];
+    if ( defined $class->tsv->{forgeHeaders}->{$vhost} ) {
+
+        # Create array of hashes with headers
+        my %headers
+            = $class->tsv->{forgeHeaders}->{$vhost}->( $req, $session );
+        foreach my $h ( sort keys %headers ) {
+            push @$array_headers, { key => $h, value => $headers{$h} }
+                if ( defined $headers{$h} );
+        }
+    }
+    return $array_headers;
+}
+
 ## @rmethod void cleanHeaders()
 # Unset HTTP headers, when sendHeaders is skipped
 sub cleanHeaders {
@@ -665,7 +681,7 @@ sub resolveAlias {
 
     $vhost =~ s/:\d+//;
     return $class->tsv->{vhostAlias}->{$vhost}
-      if ( $class->tsv->{vhostAlias}->{$vhost} );
+        if ( $class->tsv->{vhostAlias}->{$vhost} );
     return $vhost if ( $class->tsv->{defaultCondition}->{$vhost} );
     my $v = $vhost;
     while ( $v =~ s/[\w\-]+/\*/ ) {
@@ -738,8 +754,8 @@ sub postOutputFilter {
         $class->logger->debug("Filling a html form with fake data");
 
         $class->unset_header_in( $req, "Accept-Encoding" );
-        my %postdata =
-          $class->tsv->{outputPostData}->{$vhost}->{$uri}->( $req, $session );
+        my %postdata = $class->tsv->{outputPostData}->{$vhost}->{$uri}
+            ->( $req, $session );
         my $formParams = $class->tsv->{postFormParams}->{$vhost}->{$uri};
         my $js = $class->postJavascript( $req, \%postdata, $formParams );
         $class->addToHtmlHead( $req, $js );
@@ -756,8 +772,8 @@ sub postInputFilter {
     if ( defined( $class->tsv->{inputPostData}->{$vhost}->{$uri} ) ) {
         $class->logger->debug("Replacing fake data with real form data");
 
-        my %data =
-          $class->tsv->{inputPostData}->{$vhost}->{$uri}->( $req, $session );
+        my %data = $class->tsv->{inputPostData}->{$vhost}->{$uri}
+            ->( $req, $session );
         foreach ( keys %data ) {
             $data{$_} = uri_escape( $data{$_} );
         }
@@ -777,32 +793,33 @@ sub postJavascript {
     foreach my $name ( keys %$data ) {
         use bytes;
         my $value = "x" x bytes::length( $data->{$name} );
-        $filler .=
-"form.find('input[name=\"$name\"], select[name=\"$name\"], textarea[name=\"$name\"]').val('$value')\n";
+        $filler
+            .= "form.find('input[name=\"$name\"], select[name=\"$name\"], textarea[name=\"$name\"]').val('$value')\n";
     }
 
-    my $submitter =
-        $formParams->{buttonSelector} eq "none" ? ""
-      : $formParams->{buttonSelector}
-      ? "form.find('$formParams->{buttonSelector}').click();\n"
-      : "form.submit();\n";
+    my $submitter
+        = $formParams->{buttonSelector} eq "none" ? ""
+        : $formParams->{buttonSelector}
+        ? "form.find('$formParams->{buttonSelector}').click();\n"
+        : "form.submit();\n";
 
     my $jqueryUrl = $formParams->{jqueryUrl} || "";
-    $jqueryUrl = &{ $class->tsv->{portal} } . "skins/common/js/jquery-1.10.2.js"
-      if ( $jqueryUrl eq "default" );
+    $jqueryUrl
+        = &{ $class->tsv->{portal} } . "skins/common/js/jquery-1.10.2.js"
+        if ( $jqueryUrl eq "default" );
     $jqueryUrl = "<script type='text/javascript' src='$jqueryUrl'></script>\n"
-      if ($jqueryUrl);
+        if ($jqueryUrl);
 
     return
-        $jqueryUrl
-      . "<script type='text/javascript'>\n"
-      . "/* script added by Lemonldap::NG */\n"
-      . "jQuery(window).on('load', function() {\n"
-      . "var form = jQuery('$form');\n"
-      . "form.attr('autocomplete', 'off');\n"
-      . $filler
-      . $submitter . "})\n"
-      . "</script>\n";
+          $jqueryUrl
+        . "<script type='text/javascript'>\n"
+        . "/* script added by Lemonldap::NG */\n"
+        . "jQuery(window).on('load', function() {\n"
+        . "var form = jQuery('$form');\n"
+        . "form.attr('autocomplete', 'off');\n"
+        . $filler
+        . $submitter . "})\n"
+        . "</script>\n";
 }
 
 1;

From ba2ab0c4a2499574b7d7f48f4494fe2616a4f930 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 24 Feb 2019 22:10:45 +0100
Subject: [PATCH 33/58] WIP - checkUser display transmitted headers (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 45 ++++++++++---------
 1 file changed, 23 insertions(+), 22 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 1ef111f00..6192541c1 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -28,7 +28,8 @@ has ott => (
 );
 
 sub hAttr {
-    $_[0]->{conf}->{checkUserHiddenAttributes} . ' ' . $_[0]->{conf}->{hiddenAttributes} ;
+    $_[0]->{conf}->{checkUserHiddenAttributes} . ' '
+        . $_[0]->{conf}->{hiddenAttributes};
 }
 
 sub init {
@@ -40,7 +41,7 @@ sub init {
 # RUNNING METHOD
 
 sub check {
-    my ( $self, $req )   = @_;
+    my ( $self, $req ) = @_;
     my ( $hdrs, $attrs, $array_attrs, $array_hdrs ) = ( {}, {}, [], [] );
     my $msg    = 'checkUser';
     my $result = '';
@@ -63,9 +64,10 @@ sub check {
     while ( my ( $k, $v ) = each %$attrs ) {
 
         # Ignore hidden attributes
-        push @$array_attrs, { key => $k, value => $v } unless ( $self->hAttr =~ /\b$k\b/ or !$v );
+        push @$array_attrs, { key => $k, value => $v }
+            unless ( $self->hAttr =~ /\b$k\b/ or !$v );
     }
-    @$array_attrs =  sort { $a->{key} cmp $b->{key} } @$array_attrs;
+    @$array_attrs = sort { $a->{key} cmp $b->{key} } @$array_attrs;
 
     # Check if user is allowed to access submitted URL and compute headers
     if ( $url and %$attrs ) {
@@ -79,13 +81,7 @@ sub check {
             "checkUser -> $req->{user} is $result to access: $url");
 
         # Return VirtualHost headers
-        $hdrs = $self->_headers( $req, $url );
-        while ( my ( $k, $v ) = each %$hdrs ) {
-            push @$array_hdrs, { key => $k, value => $v };
-        }
-        @$array_hdrs =  sort { $a->{key} cmp $b->{key} } @$array_hdrs;
-
-        $self->logger->debug( "+++++++++++++ " . Dumper($array_hdrs) );
+        $array_hdrs = $self->_headers( $req, $url );
     }
 
     # Display form
@@ -93,13 +89,13 @@ sub check {
         $req,
         'checkuser',
         params => {
-            PORTAL     => $self->conf->{portal},
-            MAIN_LOGO  => $self->conf->{portalMainLogo},
-            LANGS      => $self->conf->{showLanguages},
-            MSG        => $msg,
-            LOGIN      => $req->{user},
-            URL        => $url,
-            ALLOWED    => $result,
+            PORTAL    => $self->conf->{portal},
+            MAIN_LOGO => $self->conf->{portalMainLogo},
+            LANGS     => $self->conf->{showLanguages},
+            MSG       => $msg,
+            LOGIN     => $req->{user},
+            URL       => $url,
+            ALLOWED   => $result,
             HEADERS    => $array_hdrs,
             ATTRIBUTES => $array_attrs,
         }
@@ -111,8 +107,9 @@ sub _attributes {
 
     # Search user in database
     $req->steps(
-        [   'getUser',                  'setSessionInfo',
-            'setMacros',                'setGroups',
+        [   'getUser',   'setSessionInfo',
+            'setMacros', 'setGroups',
+
             #'setPersistentSessionInfo', 'setLocalGroups'
             'setLocalGroups'
         ]
@@ -142,8 +139,12 @@ sub _authorized {
 }
 
 sub _headers {
-    my ( $self, $req ) = @_;
-    return { 'HEADER1' => 'TEST' };
+    my ( $self, $req, $uri ) = @_;
+    my ( $vhost, $appuri ) = $uri =~ m#^https?://([^/]*)(.*)#;
+    $vhost =~ s/:\d+$//;
+    $req->{env}->{HTTP_HOST} = $vhost;
+    $self->p->HANDLER->headersInit( $self->{conf} );
+    return $self->p->HANDLER->checkHeaders( $req, $req->{sessionInfo} );
 }
 
 1;

From e22a2835d1a5c3ec90d1ee94f5546e07b2740b21 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 24 Feb 2019 22:30:46 +0100
Subject: [PATCH 34/58] WIP - checkUser replace 'each' loop ;-) (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 36 +++++++++----------
 1 file changed, 17 insertions(+), 19 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 6192541c1..d6a5fe0b0 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -1,6 +1,5 @@
 package Lemonldap::NG::Portal::Plugins::CheckUser;
 
-use Data::Dumper;
 use strict;
 use Mouse;
 use Lemonldap::NG::Portal::Main::Constants qw(
@@ -47,33 +46,30 @@ sub check {
     my $result = '';
     my $auth   = 0;
 
-    ## Check user attributes
+    ## Check user session datas
     # Use submitted attribute if exists
     my $url = $req->param('url') || '';
     $req->{user} = $req->param('user') if ( $req->param('user') );
     $self->logger->debug("Check requested for $req->{user}");
-    $attrs = $self->_attributes($req);
+    $attrs = $self->_userDatas($req);
     if ( $req->error ) {
         $msg   = 'PE' . $req->{error};
         $attrs = {};
     }
 
-    $self->logger->debug( "######## " . Dumper($attrs) );
-
     # Create an array of hashes for template loop
-    while ( my ( $k, $v ) = each %$attrs ) {
+    foreach my $k ( sort keys %$attrs ) {
 
         # Ignore hidden attributes
-        push @$array_attrs, { key => $k, value => $v }
-            unless ( $self->hAttr =~ /\b$k\b/ or !$v );
+        push @$array_attrs, { key => $k, value => $attrs->{$k} }
+            unless ( $self->hAttr =~ /\b$k\b/ or !$attrs->{$k} );
     }
-    @$array_attrs = sort { $a->{key} cmp $b->{key} } @$array_attrs;
 
     # Check if user is allowed to access submitted URL and compute headers
     if ( $url and %$attrs ) {
 
         # User is allowed ?
-        $auth = $self->_authorized( $req, $url );
+        $auth = $self->_authorization( $req, $url );
         $self->logger->debug(
             "checkUser requested for user: $req->{user} and URL: $url");
         $result = $auth ? "ALLOWED" : "FORBIDDEN";
@@ -89,23 +85,25 @@ sub check {
         $req,
         'checkuser',
         params => {
-            PORTAL    => $self->conf->{portal},
-            MAIN_LOGO => $self->conf->{portalMainLogo},
-            LANGS     => $self->conf->{showLanguages},
-            MSG       => $msg,
-            LOGIN     => $req->{user},
-            URL       => $url,
-            ALLOWED   => $result,
+            PORTAL     => $self->conf->{portal},
+            MAIN_LOGO  => $self->conf->{portalMainLogo},
+            LANGS      => $self->conf->{showLanguages},
+            MSG        => $msg,
+            LOGIN      => $req->{user},
+            URL        => $url,
+            ALLOWED    => $result,
             HEADERS    => $array_hdrs,
             ATTRIBUTES => $array_attrs,
         }
     );
 }
 
-sub _attributes {
+sub _userDatas {
     my ( $self, $req ) = @_;
 
     # Search user in database
+    my $steps = ['getUser',   'setSessionInfo','setMacros', 'setGroups', ];
+    push @$steps, 0 ? 'setPersistentSessionInfo', 'setLocalGroups' : 'setLocalGroups';
     $req->steps(
         [   'getUser',   'setSessionInfo',
             'setMacros', 'setGroups',
@@ -126,7 +124,7 @@ sub _attributes {
     return $req->{sessionInfo};
 }
 
-sub _authorized {
+sub _authorization {
     my ( $self, $req, $uri ) = @_;
 
     # Check rights

From 0f04629ed1750065e820cf811d3ee11086029c63 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 24 Feb 2019 22:47:39 +0100
Subject: [PATCH 35/58] WIP - checkUser prepare conf (#1658)

---
 .../lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm      | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index d6a5fe0b0..8c290936d 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -103,15 +103,8 @@ sub _userDatas {
 
     # Search user in database
     my $steps = ['getUser',   'setSessionInfo','setMacros', 'setGroups', ];
-    push @$steps, 0 ? 'setPersistentSessionInfo', 'setLocalGroups' : 'setLocalGroups';
-    $req->steps(
-        [   'getUser',   'setSessionInfo',
-            'setMacros', 'setGroups',
-
-            #'setPersistentSessionInfo', 'setLocalGroups'
-            'setLocalGroups'
-        ]
-    );
+    0 ? push @$steps, 'setPersistentSessionInfo', 'setLocalGroups' : push @$steps, 'setLocalGroups';
+    $req->steps( $steps );
     if ( my $error = $self->p->process($req) ) {
         if ( $error == PE_USERNOTFOUND ) {
             $self->userLogger->warn( "Check requested for an unvalid user ("

From f0684f6c24e7211e78b27643ba048d3eb75a48f2 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 10:58:06 +0100
Subject: [PATCH 36/58] WIP - checkUser use OTT (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 71 +++++++++++++++++--
 .../site/templates/bootstrap/checkuser.tpl    |  5 ++
 2 files changed, 72 insertions(+), 4 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 8c290936d..588aacef0 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -7,6 +7,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
     PE_OK
     PE_TOKENEXPIRED
     PE_USERNOTFOUND
+    PE_NOTOKEN
 );
 
 our $VERSION = '2.0.3';
@@ -33,7 +34,8 @@ sub hAttr {
 
 sub init {
     my ($self) = @_;
-    $self->addAuthRoute( checkuser => 'check', [ 'GET', 'POST' ] );
+    $self->addAuthRoute( checkuser => 'check',   ['POST'] );
+    $self->addAuthRoute( checkuser => 'display', ['GET'] );
     return 1;
 }
 
@@ -46,6 +48,43 @@ sub check {
     my $result = '';
     my $auth   = 0;
 
+    # Check token
+    if ( $self->conf->{requireToken} ) {
+        my $token = $req->param('token');
+        unless ($token) {
+            $self->userLogger->warn('CheckUser try without token');
+my $token = $self->ott->createToken( $req->sessionInfo );
+            #return $self->p->sendError( $req, 'Unable to build Metadata' );
+            return $self->p->sendHtml(
+                $req,
+                'checkuser',
+                params => {
+                    PORTAL    => $self->conf->{portal},
+                    MAIN_LOGO => $self->conf->{portalMainLogo},
+                    LANGS     => $self->conf->{showLanguages},
+                    MSG       => 'CheckUser try without token',
+                    TOKEN      => $token,
+                }
+            );
+        }
+        unless ( $self->ott->getToken($token) ) {
+            $self->userLogger->warn('Ask try with expired/bad token');
+my $token = $self->ott->createToken( $req->sessionInfo );
+            #return $self->p->sendError( $req, 'Unable to build Metadata' );
+            return $self->p->sendHtml(
+                $req,
+                'checkuser',
+                params => {
+                    PORTAL    => $self->conf->{portal},
+                    MAIN_LOGO => $self->conf->{portalMainLogo},
+                    LANGS     => $self->conf->{showLanguages},
+                    MSG       => 'Ask try with expired/bad token',
+                    TOKEN      => $token,
+                }
+            );
+        }
+    }
+
     ## Check user session datas
     # Use submitted attribute if exists
     my $url = $req->param('url') || '';
@@ -59,6 +98,7 @@ sub check {
 
     # Create an array of hashes for template loop
     foreach my $k ( sort keys %$attrs ) {
+        $self->logger->debug("Delete hidden attributes");
 
         # Ignore hidden attributes
         push @$array_attrs, { key => $k, value => $attrs->{$k} }
@@ -79,6 +119,7 @@ sub check {
         # Return VirtualHost headers
         $array_hdrs = $self->_headers( $req, $url );
     }
+    my $token = $self->ott->createToken( $req->sessionInfo );
 
     # Display form
     return $self->p->sendHtml(
@@ -94,6 +135,26 @@ sub check {
             ALLOWED    => $result,
             HEADERS    => $array_hdrs,
             ATTRIBUTES => $array_attrs,
+            TOKEN      => $token,
+        }
+    );
+}
+
+sub display {
+    my ( $self, $req ) = @_;
+    my $token = $self->ott->createToken( $req->sessionInfo );
+
+    # Display form
+    return $self->p->sendHtml(
+        $req,
+        'checkuser',
+        params => {
+            PORTAL    => $self->conf->{portal},
+            MAIN_LOGO => $self->conf->{portalMainLogo},
+            LANGS     => $self->conf->{showLanguages},
+            MSG       => 'checkUser',
+            LOGIN     => $req->{user},
+            TOKEN     => $token,
         }
     );
 }
@@ -102,9 +163,11 @@ sub _userDatas {
     my ( $self, $req ) = @_;
 
     # Search user in database
-    my $steps = ['getUser',   'setSessionInfo','setMacros', 'setGroups', ];
-    0 ? push @$steps, 'setPersistentSessionInfo', 'setLocalGroups' : push @$steps, 'setLocalGroups';
-    $req->steps( $steps );
+    my $steps = [ 'getUser', 'setSessionInfo', 'setMacros', 'setGroups' ];
+    1
+        ? push @$steps, 'setPersistentSessionInfo', 'setLocalGroups'
+        : push @$steps, 'setLocalGroups';
+    $req->steps($steps);
     if ( my $error = $self->p->process($req) ) {
         if ( $error == PE_USERNOTFOUND ) {
             $self->userLogger->warn( "Check requested for an unvalid user ("
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index d2edcbd2a..5ab59f390 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -4,6 +4,11 @@
 <div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
 
 <form id="checkuser" action="/checkuser" method="post" class="password" role="form">
+
+      <TMPL_IF NAME="TOKEN">
+        <input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
+      </TMPL_IF>
+  
   <!--
   <input type="hidden" name="confirm" value="<TMPL_VAR NAME="CONFIRMKEY">">
   <input type="hidden" name="url" value="<TMPL_VAR NAME="URL">">

From 1ea6e925339e8c8c237ad9bcbfde5c496b065a98 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 20:10:19 +0100
Subject: [PATCH 37/58] WIP - checkUser append translations and parameters
 (#1658)

---
 .../Lemonldap/NG/Common/Conf/DefaultValues.pm  |  3 +--
 .../lib/Lemonldap/NG/Manager/Attributes.pm     | 12 ++++++++++--
 .../Lemonldap/NG/Manager/Build/Attributes.pm   | 18 +++++++++++++++---
 .../lib/Lemonldap/NG/Manager/Build/Tree.pm     | 11 +++++++++++
 .../site/htdocs/static/languages/ar.json       |  5 +++++
 .../site/htdocs/static/languages/de.json       |  5 +++++
 .../site/htdocs/static/languages/en.json       |  5 +++++
 .../site/htdocs/static/languages/fr.json       |  5 +++++
 .../site/htdocs/static/languages/it.json       |  5 +++++
 .../site/htdocs/static/languages/vi.json       |  5 +++++
 .../site/htdocs/static/languages/zh.json       |  5 +++++
 .../site/htdocs/static/reverseTree.json        |  2 +-
 .../site/htdocs/static/struct.json             |  2 +-
 .../site/htdocs/static/languages/ar.json       |  1 +
 .../site/htdocs/static/languages/de.json       |  1 +
 .../site/htdocs/static/languages/en.json       |  2 ++
 .../site/htdocs/static/languages/es.json       |  2 ++
 .../site/htdocs/static/languages/fr.json       |  5 ++++-
 .../site/htdocs/static/languages/it.json       |  3 +++
 .../site/htdocs/static/languages/nl.json       |  3 +++
 .../site/htdocs/static/languages/pt.json       |  3 +++
 .../site/htdocs/static/languages/ro.json       |  3 +++
 .../site/htdocs/static/languages/vi.json       |  3 +++
 .../site/htdocs/static/languages/zh.json       |  3 +++
 24 files changed, 102 insertions(+), 10 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index 4e1f30ab0..de9f70406 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -28,8 +28,7 @@ sub defaultValues {
         'casAccessControlPolicy'        => 'none',
         'casAuthnLevel'                 => 1,
         'checkTime'                     => 600,
-        'checkUser'                     => 1,
-        'checkUserHiddenAttributes'     => 'UA _2fDevices',
+        'checkUserHiddenAttributes'     => 'UA _2fDevices _loginHistory',
         'checkXSS'                      => 1,
         'confirmFormMethod'             => 'post',
         'cookieName'                    => 'lemonldap',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index 40d5380fa..fe8c0e358 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -768,11 +768,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'type'    => 'int'
         },
         'checkUser' => {
-            'default' => 1,
+            'default' => 0,
+            'type'    => 'bool'
+        },
+        'checkUserDisplayEmptyValues' => {
+            'default' => 0,
+            'type'    => 'bool'
+        },
+        'checkUserDisplayPersistentInfo' => {
+            'default' => 0,
             'type'    => 'bool'
         },
         'checkUserHiddenAttributes' => {
-            'default' => 'UA _2fDevices',
+            'default' => 'UA _2fDevices _loginHistory',
             'type'    => 'text'
         },
         'checkXSS' => {
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index bb85d3b10..eaf35b61e 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -579,17 +579,29 @@ sub attributes {
             flags         => 'hp',
         },
         checkUser => {
-            default       => 1,
+            default       => 0,
             type          => 'bool',
-            documentation => 'Enable Check user',
+            documentation => 'Enable check user',
             flags         => 'p',
         },
         checkUserHiddenAttributes => {
             type          => 'text',
-            default       => 'UA _2fDevices',
+            default       => 'UA _2fDevices _loginHistory',
             documentation => 'Attributes to hide in CheckUser plugin',
             flags         => 'p',
         },
+        checkUserDisplayPersistentInfo => {
+            default       => 0,
+            type          => 'bool',
+            documentation => 'Display persistent session info',
+            flags         => 'p',
+        },
+        checkUserDisplayEmptyValues => {
+            default       => 0,
+            type          => 'bool',
+            documentation => 'Display session empty values',
+            flags         => 'p',
+        },
         checkXSS => {
             default       => 1,
             type          => 'bool',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
index 0a6ad068f..81cf2ad21 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@@ -637,6 +637,17 @@ sub tree {
                             form  => 'simpleInputContainer',
                             nodes => [ 'checkState', 'checkStateSecret', ],
                         },
+                        {
+                            title => 'checkUsers',
+                            help  => 'checkuser.html',
+                            form  => 'simpleInputContainer',
+                            nodes => [
+                                'checkUser',
+                                'checkUserHiddenAttributes',
+                                'checkUserDisplayPersistentInfo',
+                                'checkUserDisplayEmptyValues',
+                            ]
+                        },
                     ]
                 },
                 {
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
index 804120dc7..7884bfdf3 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@@ -151,6 +151,11 @@
 "clickHereToForce":"انقر هنا لإجبار",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
+"checkUsers":"Session check",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Hidden attributes",
+"checkUserDisplayPersistentInfo":"Display persistent session",
+"checkUserDisplayEmptyValues":"Display empty values",
 "choiceParams":"اختيارالإعدادات",
 "chooseLogo":"اختيار الشعار",
 "chooseSkin":"اختيار الغلاف",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
index 81f0e55a3..284b2ce46 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
@@ -152,6 +152,11 @@
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
 "choiceParams":"Choice parameters",
+"checkUsers":"Session check",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Hidden attributes",
+"checkUserDisplayPersistentInfo":"Display persistent session",
+"checkUserDisplayEmptyValues":"Display empty values",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
 "combination":"Combination",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
index 6633c90e1..c5ce2ac9d 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@@ -151,6 +151,11 @@
 "clickHereToForce":"Click here to force",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
+"checkUsers":"Session check",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Hidden attributes",
+"checkUserDisplayPersistentInfo":"Display persistent session",
+"checkUserDisplayEmptyValues":"Display empty values",
 "choiceParams":"Choice parameters",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
index 42e05005e..af9466671 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@@ -152,6 +152,11 @@
 "checkState":"Activation",
 "checkStateSecret":"Secret partagé",
 "choiceParams":"Paramètres des choix",
+"checkUsers":"Vérification de session",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Attributs masqués",
+"checkUserDisplayPersistentInfo":"Afficher les données de session persistante",
+"checkUserDisplayEmptyValues":"Afficher les valeurs nulles",
 "chooseLogo":"Choisir le logo",
 "chooseSkin":"Choisir le thème",
 "combination":"Combinaison",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
index 35132a93d..971ea4eb3 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@@ -151,6 +151,11 @@
 "clickHereToForce":"Clicca qui per forzare",
 "checkState":"Attivazione",
 "checkStateSecret":"Segreto condiviso",
+"checkUsers":"Session check",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Hidden attributes",
+"checkUserDisplayPersistentInfo":"Display persistent session",
+"checkUserDisplayEmptyValues":"Display empty values",
 "choiceParams":"Scelta parametri",
 "chooseLogo":"Scegli logo",
 "chooseSkin":"Scegli interfaccia",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
index 98c93d585..c64d2b612 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@@ -151,6 +151,11 @@
 "clickHereToForce":"Nhấp vào đây để bắt buộc",
 "checkState":"Kích hoạt",
 "checkStateSecret":"Shared secret",
+"checkUsers":"Session check",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Hidden attributes",
+"checkUserDisplayPersistentInfo":"Display persistent session",
+"checkUserDisplayEmptyValues":"Display empty values",
 "choiceParams":"Các tham số lựa chọn",
 "chooseLogo":"Chọn logo",
 "chooseSkin":"Chọn giao diện",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
index 1ca5cdda9..a12b09807 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
@@ -151,6 +151,11 @@
 "clickHereToForce":"Click here to force",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
+"checkUsers":"Session check",
+"checkUser":"Activation",
+"checkUserHiddenAttributes":"Hidden attributes",
+"checkUserDisplayPersistentInfo":"Display persistent session",
+"checkUserDisplayEmptyValues":"Display empty values",
 "choiceParams":"Choice parameters",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
index d2aa407be..86ccf0574 100644
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
@@ -1 +1 @@
-{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","bruteForceProtection":"generalParameters/advancedParams/security","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","confirmFormMethod":"generalParameters/advancedParams/forms","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customRegister":"generalParameters/authParams/customParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","demoExportedVars":"generalParameters/authParams/demoParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/external2f","ext2FValidateCommand":"generalParameters/secondFactors/external2f","ext2fActivation":"generalParameters/secondFactors/external2f","ext2fAuthnLevel":"generalParameters/secondFactors/external2f","ext2fCodeActivation":"generalParameters/secondFactors/external2f","ext2fLogo":"generalParameters/secondFactors/external2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","formTimeout":"generalParameters/advancedParams/security","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationServer":"generalParameters/plugins/notifications","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthUrl":"generalParameters/authParams/restParams","restConfigServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlIdPResolveCookie":"samlServiceMetaData/samlAdvanced","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleSessionUserByIP":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp","totp2fAuthnLevel":"generalParameters/secondFactors/totp","totp2fDigits":"generalParameters/secondFactors/totp","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp","totp2fInterval":"generalParameters/secondFactors/totp","totp2fIssuer":"generalParameters/secondFactors/totp","totp2fRange":"generalParameters/secondFactors/totp","totp2fSelfRegistration":"generalParameters/secondFactors/totp","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
+{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","bruteForceProtection":"generalParameters/advancedParams/security","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","confirmFormMethod":"generalParameters/advancedParams/forms","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customRegister":"generalParameters/authParams/customParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","demoExportedVars":"generalParameters/authParams/demoParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/external2f","ext2FValidateCommand":"generalParameters/secondFactors/external2f","ext2fActivation":"generalParameters/secondFactors/external2f","ext2fAuthnLevel":"generalParameters/secondFactors/external2f","ext2fCodeActivation":"generalParameters/secondFactors/external2f","ext2fLogo":"generalParameters/secondFactors/external2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","formTimeout":"generalParameters/advancedParams/security","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationServer":"generalParameters/plugins/notifications","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthUrl":"generalParameters/authParams/restParams","restConfigServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlIdPResolveCookie":"samlServiceMetaData/samlAdvanced","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleSessionUserByIP":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp","totp2fAuthnLevel":"generalParameters/secondFactors/totp","totp2fDigits":"generalParameters/secondFactors/totp","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp","totp2fInterval":"generalParameters/secondFactors/totp","totp2fIssuer":"generalParameters/secondFactors/totp","totp2fRange":"generalParameters/secondFactors/totp","totp2fSelfRegistration":"generalParameters/secondFactors/totp","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json
index 0269ed380..ac9c33e39 100644
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
@@ -1 +1 @@
-[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":"login","id":"pamService","title":"pamService"},{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"bool"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
+[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":"login","id":"pamService","title":"pamService"},{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":"UA _2fDevices _loginHistory","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"bool"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"bool"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"bool"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
index 6b2f14ae1..ee47400b5 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
@@ -114,6 +114,7 @@
 "changeKey":"Generate new key",
 "changePwd":"غير كلمة المرور الخاصة بك",
 "checkLastLogins":"تحقق من آخر تسجيلات دخول الخاصة بي",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"اختر أحد التطبيقات المسموح لك بالدخول إليها",
 "clickHere":"الرجاء الضغط هنا",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
index b70e753db..dba4c8c81 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
@@ -114,6 +114,7 @@
 "changeKey":"Neuen Schlüssel erzeugen",
 "changePwd":"Ändere dein Passwort",
 "checkLastLogins":"Überprüfe meine letzten Logins",
+"checkUser":"Check user session",
 "choose2f":"Wählen deinen Ihren zweiten Faktor",
 "chooseApp":"Wählen Sie eine Anwendung aus, auf die du zugreifen darfst",
 "clickHere":"Bitte hier klicken",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index cbbff9c9d..07ee569aa 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -98,6 +98,7 @@
 "accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
 "accountCreationSuccess":"Your account was successfully created.",
 "action":"Action",
+"allowed":"Access ALLOWED",
 "anotherInformation":"Another information:",
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
@@ -137,6 +138,7 @@
 "errorMsg":"Error Message",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Forgot your password?",
 "generatePwd":"Generate the password automatically",
 "gotNewMessages":"You have some new messages",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
index e59f41c07..c8daab813 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
@@ -98,6 +98,7 @@
 "accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
 "accountCreationSuccess":"Your account was successfully created.",
 "action":"Action",
+"allowed":"Access ALLOWED",
 "anotherInformation":"Another information:",
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
@@ -137,6 +138,7 @@
 "errorMsg":"Error Message",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Forgot your password?",
 "generatePwd":"Generate the password automatically",
 "gotNewMessages":"You have some new messages",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index a11e23f89..08ddbb2d5 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -4,7 +4,7 @@
 "PE2":"Identifiant ou mot de passe non renseigné",
 "PE3":"Compte ou mot de passe LDAP de l'application incorrect",
 "PE4":"Utilisateur inexistant",
-"PE5":"Mot de passe ou identifiant incorrect",
+"PE5":"Identifiant ou mot de passe incorrect",
 "PE6":"Connexion impossible au serveur LDAP",
 "PE7":"Erreur anormale du serveur LDAP",
 "PE8":"Erreur du module Apache::Session choisi",
@@ -98,6 +98,7 @@
 "accountCreated":"Votre compte a été créé, un mot de passe temporaire a été envoyé à votre adresse mail.",
 "accountCreationSuccess":"Votre compte a bien été créé.",
 "action":"Action",
+"allowed":"Accès AUTORISE",
 "anotherInformation":"Une autre information :",
 "areYouSure":"Êtes-vous sûr ?",
 "askToRenew":"Cette application nécessite une authentification plus récente. Voulez-vous vous réauthentifier ?",
@@ -114,6 +115,7 @@
 "changeKey": "Générer une nouvelle clef",
 "changePwd":"Changez votre mot de passe",
 "checkLastLogins":"Voir mes dernières connexions",
+"checkUser":"Vérifier la session",
 "choose2f":"Choisissez votre second facteur",
 "chooseApp":"Choisissez une application à laquelle vous êtes autorisé à accéder",
 "clickHere":"Cliquez ici",
@@ -136,6 +138,7 @@
 "enterYubikey":"Utilisez votre Yubikey",
 "errorMsg":"Message d'erreur",
 "fillTheForm":"Remplissez le formulaire",
+"forbidden":"Accès INTERDIT",
 "firstName":"Prénom",
 "forgotPwd":"Mot de passe oublié ?",
 "generatePwd":"Générer le mot de passe automatiquement",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
index 19f9178cf..a93e5310c 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
@@ -98,6 +98,7 @@
 "accountCreated":"Il tuo account è stato creato, la tua password temporanea è stata inviata all'indirizzo email.",
 "accountCreationSuccess":"Il tuo account è stato creato con successo.",
 "action":"Azione",
+"allowed":"Access ALLOWED",
 "anotherInformation":"Un'altra informazione:",
 "areYouSure":"Sei sicuro?",
 "askToRenew":"Questa applicazione richiede un'autenticazione più recente. Vuoi reautenticare?",
@@ -114,6 +115,7 @@
 "changeKey":"Genera nuova chiave",
 "changePwd":"Cambia la tua password",
 "checkLastLogins":"Controllare i miei ultimi accessi",
+"checkUser":"Check user session",
 "choose2f":"Scegli il tuo secondo fattore",
 "chooseApp":"Scegli un'applicazione alla quale ti è consentito l'accesso",
 "clickHere":"Per favore clicka qui",
@@ -137,6 +139,7 @@
 "errorMsg":"Messaggio di errore",
 "fillTheForm":"Compila il modulo",
 "firstName":"Nome",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Password dimenticata?",
 "generatePwd":"Generare automaticamente la password",
 "gotNewMessages":"Hai dei nuovi messaggi",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
index 5f3c281ed..3388c5510 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
@@ -98,6 +98,7 @@
 "accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
 "accountCreationSuccess":"Your account was successfully created.",
 "action":"Action",
+"allowed":"Access ALLOWED",
 "anotherInformation":"Another information:",
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
@@ -114,6 +115,7 @@
 "changeKey":"Generate new key",
 "changePwd":"Change your password",
 "checkLastLogins":"Check my last logins",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
 "clickHere":"Please click here",
@@ -137,6 +139,7 @@
 "errorMsg":"Error Message",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Forgot your password?",
 "generatePwd":"Generate the password automatically",
 "gotNewMessages":"You have some new messages",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
index 934e84cdd..56a1a6969 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
@@ -99,6 +99,7 @@
 "accountCreationSuccess":"Your account was successfully created.",
 "action":"Action",
 "anotherInformation":"Another information:",
+"allowed":"Access ALLOWED",
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
@@ -114,6 +115,7 @@
 "changeKey":"Generate new key",
 "changePwd":"Change your password",
 "checkLastLogins":"Check my last logins",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
 "clickHere":"Please click here",
@@ -137,6 +139,7 @@
 "errorMsg":"Error Message",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Forgot your password?",
 "generatePwd":"Generate the password automatically",
 "gotNewMessages":"You have some new messages",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
index df7b5ee65..76b41a4c9 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
@@ -99,6 +99,7 @@
 "accountCreationSuccess":"Your account was successfully created.",
 "action":"Action",
 "anotherInformation":"Another information:",
+"allowed":"Access ALLOWED",
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
@@ -114,6 +115,7 @@
 "changeKey":"Generate new key",
 "changePwd":"Change your password",
 "checkLastLogins":"Check my last logins",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
 "clickHere":"Please click here",
@@ -137,6 +139,7 @@
 "errorMsg":"Error Message",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Forgot your password?",
 "generatePwd":"Generate the password automatically",
 "gotNewMessages":"You have some new messages",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
index fb7648e0e..a08cd7407 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
@@ -99,6 +99,7 @@
 "accountCreationSuccess":"Tài khoản của bạn đã được tạo thành công.",
 "action":"Action",
 "anotherInformation":"Thông tin khác:",
+"allowed":"Access ALLOWED",
 "areYouSure":"Bạn có chắc không?",
 "askToRenew":"Ứng dụng này cần có chứng thực gần đây hơn. Bạn có muốn chứng thực lại?",
 "askToUpgrade":"Ứng dụng này cần một mức xác thực cao hơn. Bạn có muốn chứng thực lại?",
@@ -114,6 +115,7 @@
 "changeKey":"Generate new key",
 "changePwd":"Thay đổi mật khẩu của bạn",
 "checkLastLogins":"Kiểm tra lần đăng nhập cuối cùng của bạn",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Chọn một ứng dụng bạn được phép truy cập vào",
 "clickHere":"Vui lòng nhấp vào đây",
@@ -137,6 +139,7 @@
 "errorMsg":"Thông báo lỗi",
 "fillTheForm":"Fill the form",
 "firstName":"Tên",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Quên mật khẩu của bạn?",
 "generatePwd":"Tạo mật khẩu tự động",
 "gotNewMessages":"Bạn có một số tin nhắn mới",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
index 93a8e3172..7143646e7 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
@@ -98,6 +98,7 @@
 "accountCreated":"您的账号已创建，临时密码已发送至您的邮箱",
 "accountCreationSuccess":"你的账户已创建",
 "action":"Action",
+"allowed":"Access ALLOWED",
 "anotherInformation":"Another information:",
 "areYouSure":"您确定吗？",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
@@ -114,6 +115,7 @@
 "changeKey":"Generate new key",
 "changePwd":"修改您的密码",
 "checkLastLogins":"Check my last logins",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
 "clickHere":"请点击这里",
@@ -138,6 +140,7 @@
 "fillTheForm":"Fill the form",
 "firstName":"名",
 "forgotPwd":"忘记密码？",
+"forbidden":"Access FORBIDDEN",
 "generatePwd":"自动生成密码",
 "gotNewMessages":"您有一些新消息",
 "goToPortal":"回到首页",

From f7026644098e8d38d1ea69fd4a72fea048fe9217 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 20:11:32 +0100
Subject: [PATCH 38/58] WIP - checkUser Improve code (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 84 ++++++++++---------
 1 file changed, 45 insertions(+), 39 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 588aacef0..437c78ac3 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -51,38 +51,28 @@ sub check {
     # Check token
     if ( $self->conf->{requireToken} ) {
         my $token = $req->param('token');
+        my $msg   = '';
         unless ($token) {
             $self->userLogger->warn('CheckUser try without token');
-my $token = $self->ott->createToken( $req->sessionInfo );
-            #return $self->p->sendError( $req, 'Unable to build Metadata' );
-            return $self->p->sendHtml(
-                $req,
-                'checkuser',
-                params => {
-                    PORTAL    => $self->conf->{portal},
-                    MAIN_LOGO => $self->conf->{portalMainLogo},
-                    LANGS     => $self->conf->{showLanguages},
-                    MSG       => 'CheckUser try without token',
-                    TOKEN      => $token,
-                }
-            );
+            $msg   = PE_NOTOKEN;
+            $token = $self->ott->createToken( $req->sessionInfo );
         }
         unless ( $self->ott->getToken($token) ) {
             $self->userLogger->warn('Ask try with expired/bad token');
-my $token = $self->ott->createToken( $req->sessionInfo );
-            #return $self->p->sendError( $req, 'Unable to build Metadata' );
-            return $self->p->sendHtml(
-                $req,
-                'checkuser',
-                params => {
-                    PORTAL    => $self->conf->{portal},
-                    MAIN_LOGO => $self->conf->{portalMainLogo},
-                    LANGS     => $self->conf->{showLanguages},
-                    MSG       => 'Ask try with expired/bad token',
-                    TOKEN      => $token,
-                }
-            );
+            $msg   = PE_TOKENEXPIRED;
+            $token = $self->ott->createToken( $req->sessionInfo );
         }
+        return $self->p->sendHtml(
+            $req,
+            'checkuser',
+            params => {
+                PORTAL    => $self->conf->{portal},
+                MAIN_LOGO => $self->conf->{portalMainLogo},
+                LANGS     => $self->conf->{showLanguages},
+                MSG       => "PE$msg",
+                TOKEN     => $token,
+            }
+        ) if $msg;
     }
 
     ## Check user session datas
@@ -100,9 +90,15 @@ my $token = $self->ott->createToken( $req->sessionInfo );
     foreach my $k ( sort keys %$attrs ) {
         $self->logger->debug("Delete hidden attributes");
 
-        # Ignore hidden attributes
-        push @$array_attrs, { key => $k, value => $attrs->{$k} }
-            unless ( $self->hAttr =~ /\b$k\b/ or !$attrs->{$k} );
+        # Ignore hidden attributes or empty values
+        if ( $self->conf->{checkUserDisplayEmptyValues} ) {
+            push @$array_attrs, { key => $k, value => $attrs->{$k} }
+                unless ( $self->hAttr =~ /\b$k\b/ );
+        }
+        else {
+            push @$array_attrs, { key => $k, value => $attrs->{$k} }
+                unless ( $self->hAttr =~ /\b$k\b/ or !$attrs->{$k} );
+        }
     }
 
     # Check if user is allowed to access submitted URL and compute headers
@@ -112,7 +108,7 @@ my $token = $self->ott->createToken( $req->sessionInfo );
         $auth = $self->_authorization( $req, $url );
         $self->logger->debug(
             "checkUser requested for user: $req->{user} and URL: $url");
-        $result = $auth ? "ALLOWED" : "FORBIDDEN";
+        $result = $auth ? "allowed" : "forbidden";
         $self->userLogger->notice(
             "checkUser -> $req->{user} is $result to access: $url");
 
@@ -126,12 +122,18 @@ my $token = $self->ott->createToken( $req->sessionInfo );
         $req,
         'checkuser',
         params => {
-            PORTAL     => $self->conf->{portal},
-            MAIN_LOGO  => $self->conf->{portalMainLogo},
-            LANGS      => $self->conf->{showLanguages},
-            MSG        => $msg,
-            LOGIN      => $req->{user},
-            URL        => $url,
+            PORTAL    => $self->conf->{portal},
+            MAIN_LOGO => $self->conf->{portalMainLogo},
+            LANGS     => $self->conf->{showLanguages},
+            MSG       => $msg,
+            LOGIN     => (
+                  $self->p->checkXSSAttack( 'LOGIN', $req->{user} ) ? ""
+                : $req->{user}
+            ),
+            URL => (
+                  $self->p->checkXSSAttack( 'URL', $url ) ? ""
+                : $url
+            ),
             ALLOWED    => $result,
             HEADERS    => $array_hdrs,
             ATTRIBUTES => $array_attrs,
@@ -153,8 +155,12 @@ sub display {
             MAIN_LOGO => $self->conf->{portalMainLogo},
             LANGS     => $self->conf->{showLanguages},
             MSG       => 'checkUser',
-            LOGIN     => $req->{user},
-            TOKEN     => $token,
+            LOGIN     => (
+                $self->p->checkXSSAttack( 'LOGIN', $req->{user} )
+                ? ""
+                : $req->{user}
+            ),
+            TOKEN => $token,
         }
     );
 }
@@ -164,7 +170,7 @@ sub _userDatas {
 
     # Search user in database
     my $steps = [ 'getUser', 'setSessionInfo', 'setMacros', 'setGroups' ];
-    1
+    $self->conf->{checkUserDisplayPersistentInfo}
         ? push @$steps, 'setPersistentSessionInfo', 'setLocalGroups'
         : push @$steps, 'setLocalGroups';
     $req->steps($steps);

From 8401e292f8b905527feb5dd6aa5c6d467951d357 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 20:29:43 +0100
Subject: [PATCH 39/58] Fix langs (#1658)

---
 lemonldap-ng-portal/site/htdocs/static/languages/ar.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/de.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/en.json | 1 +
 lemonldap-ng-portal/site/htdocs/static/languages/es.json | 1 +
 lemonldap-ng-portal/site/htdocs/static/languages/pt.json | 2 +-
 5 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
index ee47400b5..2b1ab12e7 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
@@ -98,6 +98,7 @@
 "accountCreated":"تم إنشاء حسابك و إرسال كلمة المرور المؤقتة إلى بريدك الإلكتروني.",
 "accountCreationSuccess":"تم إنشاء حسابك بنجاح.",
 "action":"Action",
+"allowed":"Access ALLOWED",
 "anotherInformation":"معلومات أخرى:",
 "areYouSure":"هل أنت واثق؟",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
@@ -138,6 +139,7 @@
 "errorMsg":"رسالة خاطئة",
 "fillTheForm":"Fill the form",
 "firstName":"الاسم الاول",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"نسيت كلمة المرور؟",
 "generatePwd":"إنشاء كلمة المرور تلقائيا",
 "gotNewMessages":"لديك بعض الرسائل الجديدة",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
index dba4c8c81..a5dda0df2 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
@@ -98,6 +98,7 @@
 "accountCreated":"Ihr Konto wurde erstellt, das temporäre Passwort wurde an Ihre E-Mail-Adresse gesendet.",
 "accountCreationSuccess":"Ihr Account wurde erfolgreich erstellt.",
 "action":"Aktion",
+"allowed":"Access ALLOWED",
 "anotherInformation":"Eine weitere Information:",
 "areYouSure":"Sind Sie sicher ?",
 "askToRenew":"Diese Anwendung benötigt eine neuere Authentifizierung. Möchten Sie sich erneut authentifizieren?",
@@ -138,6 +139,7 @@
 "errorMsg":"Fehlermeldung",
 "fillTheForm":"Fülle das Formular aus",
 "firstName":"Vorname",
+"forbidden":"Access FORBIDDEN",
 "forgotPwd":"Passwort vergessen ?",
 "generatePwd":"Passwort automatisch generieren",
 "gotNewMessages":"Du hast neue Nachrichten",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index 07ee569aa..3308718d8 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -115,6 +115,7 @@
 "changeKey": "Generate new key",
 "changePwd":"Change your password",
 "checkLastLogins":"Check my last logins",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
 "clickHere":"Please click here",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
index c8daab813..b79c06e2c 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
@@ -115,6 +115,7 @@
 "changeKey":"Generate new key",
 "changePwd":"Change your password",
 "checkLastLogins":"Check my last logins",
+"checkUser":"Check user session",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
 "clickHere":"Please click here",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
index 56a1a6969..bf91606ac 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
@@ -98,8 +98,8 @@
 "accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
 "accountCreationSuccess":"Your account was successfully created.",
 "action":"Action",
-"anotherInformation":"Another information:",
 "allowed":"Access ALLOWED",
+"anotherInformation":"Another information:",
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",

From 5226a4fc9a9188f8a23d63085e67d0268a91558c Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 20:41:37 +0100
Subject: [PATCH 40/58] Fix langs (#1658)

---
 lemonldap-ng-portal/site/htdocs/static/languages/en.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/es.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/fr.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/it.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/nl.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/pt.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/ro.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/vi.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/zh.json | 2 ++
 9 files changed, 18 insertions(+)

diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index 3308718d8..71f807190 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -149,6 +149,7 @@
 "imSure":"I'm sure",
 "info":"Information",
 "ipAddr":"IP address",
+"key":"Key",
 "lastFailedLogins":"Last failed logins",
 "lastLogins":"Last logins",
 "lastName":"Last name",
@@ -230,6 +231,7 @@
 "upgradeSession":"Upgrade session",
 "user":"User",
 "useYubikey":"use your Yubikey",
+"value":"Value",
 "verify": "Verify",
 "wait":"Wait",
 "warning":"Warning",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
index b79c06e2c..94afa833c 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
@@ -149,6 +149,7 @@
 "imSure":"I'm sure",
 "info":"Information",
 "ipAddr":"IP address",
+"key":"Key",
 "lastFailedLogins":"Last failed logins",
 "lastLogins":"Last logins",
 "lastName":"Last name",
@@ -230,6 +231,7 @@
 "upgradeSession":"Upgrade session",
 "user":"User",
 "useYubikey":"use your Yubikey",
+"value":"Value",
 "verify":"Verify",
 "wait":"Wait",
 "warning":"Warning",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index 08ddbb2d5..7c26a46d0 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -149,6 +149,7 @@
 "imSure":"Je suis sûr",
 "info":"Information",
 "ipAddr":"Adresse IP",
+"key":"Clef",
 "lastFailedLogins":"Dernières connexions refusées",
 "lastLogins":"Dernières connexions",
 "lastName":"Nom",
@@ -230,6 +231,7 @@
 "upgradeSession":"Se réauthentifier",
 "user":"Utilisateur",
 "useYubikey":"Utilisez votre Yubikey",
+"value":"Valeur",
 "verify": "Vérifier",
 "wait":"Attendre",
 "warning":"Attention",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
index a93e5310c..e98f138d7 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
@@ -149,6 +149,7 @@
 "imSure":"Sono sicuro",
 "info":"Informazioni",
 "ipAddr":"Indirizzo IP",
+"key":"Key",
 "lastFailedLogins":"Ultimi login non riusciti",
 "lastLogins":"Ultimi accessi",
 "lastName":"Cognome",
@@ -230,6 +231,7 @@
 "upgradeSession":"Sessione di aggiornamento",
 "user":"Utente",
 "useYubikey":"Usa la tua Yubikey",
+"value":"Value",
 "verify":"Verifica",
 "wait":"Attendere",
 "warning":"Avvertimento",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
index 3388c5510..704267abd 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
@@ -149,6 +149,7 @@
 "imSure":"I'm sure",
 "info":"Information",
 "ipAddr":"IP address",
+"key":"Key",
 "lastFailedLogins":"Last failed logins",
 "lastLogins":"Last logins",
 "lastName":"Last name",
@@ -230,6 +231,7 @@
 "upgradeSession":"Upgrade session",
 "user":"User",
 "useYubikey":"use your Yubikey",
+"value":"Value",
 "verify":"Verify",
 "wait":"Wait",
 "warning":"Warning",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
index bf91606ac..925078939 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
@@ -149,6 +149,7 @@
 "imSure":"I'm sure",
 "info":"Information",
 "ipAddr":"IP address",
+"key":"Key",
 "lastFailedLogins":"Last failed logins",
 "lastLogins":"Last logins",
 "lastName":"Last name",
@@ -230,6 +231,7 @@
 "upgradeSession":"Upgrade session",
 "user":"User",
 "useYubikey":"use your Yubikey",
+"value":"Value",
 "verify":"Verify",
 "wait":"Wait",
 "warning":"Warning",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
index 76b41a4c9..45cce0f7b 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
@@ -149,6 +149,7 @@
 "imSure":"I'm sure",
 "info":"Information",
 "ipAddr":"IP address",
+"key":"Key",
 "lastFailedLogins":"Last failed logins",
 "lastLogins":"Last logins",
 "lastName":"Last name",
@@ -230,6 +231,7 @@
 "upgradeSession":"Upgrade session",
 "user":"User",
 "useYubikey":"use your Yubikey",
+"value":"Value",
 "verify":"Verify",
 "wait":"Wait",
 "warning":"Warning",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
index a08cd7407..3f321e36d 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
@@ -149,6 +149,7 @@
 "imSure":"Tôi chắc chắn",
 "info":"Thông tin",
 "ipAddr":"Địa chỉ IP",
+"key":"Key",
 "lastFailedLogins":"Lần cuối đăng nhập thất bại",
 "lastLogins":"Đăng nhập lần cuối",
 "lastName":"Họ",
@@ -230,6 +231,7 @@
 "upgradeSession":"Phiên nâng cấp",
 "user":"Người dùng",
 "useYubikey":"sử dụng Yubikey của bạn",
+"value":"Value",
 "verify":"Xác minh",
 "wait":"Hãy đợi",
 "warning":"Cảnh báo",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
index 7143646e7..a5e3ea8f0 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
@@ -149,6 +149,7 @@
 "imSure":"我确认",
 "info":"信息",
 "ipAddr":"IP 地址",
+"key":"Key",
 "lastFailedLogins":"上次失败的认证",
 "lastLogins":"上次登陆",
 "lastName":"姓氏",
@@ -230,6 +231,7 @@
 "upgradeSession":"升级会话",
 "user":"用户",
 "useYubikey":"使用您的 Yubikey",
+"value":"Value",
 "verify":"验证",
 "wait":"等待",
 "warning":"警告",

From 33efa4002c735ab6ddbfea8e31801ee71803ae2b Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 20:52:19 +0100
Subject: [PATCH 41/58] Fix langs (#1658)

---
 lemonldap-ng-portal/site/htdocs/static/languages/ar.json | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/de.json | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
index 2b1ab12e7..9beada9f4 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
@@ -149,6 +149,7 @@
 "imSure":"انا متاكد",
 "info":"معلومات",
 "ipAddr":"عنوان الأي بي",
+"key":"Key",
 "lastFailedLogins":"عمليات تسجيل الدخول الأخيرة الغير الناجحة",
 "lastLogins":"آخر تسجيلات دخول",
 "lastName":"اسم العائلة",
@@ -230,6 +231,7 @@
 "upgradeSession":"ترقية الجلسة",
 "user":"المستخدم",
 "useYubikey":"استخدم اليوبي كي الخاص بك",
+"value":"Value",
 "verify":"التحقق",
 "wait":"انتظر",
 "warning":"تحذير",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
index a5dda0df2..699a1630d 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
@@ -149,6 +149,7 @@
 "imSure":"Ich bin sicher",
 "info":"Information",
 "ipAddr":"IP Adresse",
+"key":"Key",
 "lastFailedLogins":"Letzte fehlgeschlagene Anmeldungen",
 "lastLogins":"Letzte Anmeldungen",
 "lastName":"Nachname",
@@ -230,6 +231,7 @@
 "upgradeSession":"Upgrade session",
 "user":"Benutzer",
 "useYubikey":"use your Yubikey",
+"value":"Value",
 "verify":"Verify",
 "wait":"Warten",
 "warning":"Warnung",

From 3f9957ee6cebdfdad71b80b6ce9cd0015c88bde1 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 22:25:25 +0100
Subject: [PATCH 42/58] Fix log msg (#1658)

---
 .../lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 437c78ac3..bea4f2b2a 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -87,8 +87,8 @@ sub check {
     }
 
     # Create an array of hashes for template loop
+    $self->logger->debug("Delete hidden attributes");
     foreach my $k ( sort keys %$attrs ) {
-        $self->logger->debug("Delete hidden attributes");
 
         # Ignore hidden attributes or empty values
         if ( $self->conf->{checkUserDisplayEmptyValues} ) {

From 70a5c645d806c4305f0a86b018e69fb24bac333a Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Mon, 25 Feb 2019 23:34:58 +0100
Subject: [PATCH 43/58] Improve checkUser display (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 14 +++++++-----
 .../site/templates/bootstrap/checkuser.tpl    | 22 +++++++++----------
 2 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index bea4f2b2a..72a6b2fad 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -70,6 +70,7 @@ sub check {
                 MAIN_LOGO => $self->conf->{portalMainLogo},
                 LANGS     => $self->conf->{showLanguages},
                 MSG       => "PE$msg",
+                ALERTE    => 'message-warning',
                 TOKEN     => $token,
             }
         ) if $msg;
@@ -126,6 +127,7 @@ sub check {
             MAIN_LOGO => $self->conf->{portalMainLogo},
             LANGS     => $self->conf->{showLanguages},
             MSG       => $msg,
+            ALERTE    => 'message-positive',
             LOGIN     => (
                   $self->p->checkXSSAttack( 'LOGIN', $req->{user} ) ? ""
                 : $req->{user}
@@ -134,10 +136,11 @@ sub check {
                   $self->p->checkXSSAttack( 'URL', $url ) ? ""
                 : $url
             ),
-            ALLOWED    => $result,
-            HEADERS    => $array_hdrs,
-            ATTRIBUTES => $array_attrs,
-            TOKEN      => $token,
+            ALLOWED     => $result,
+            ALERTE_AUTH => ($result eq 'allowed' ? "alert-success" : "alert-danger"),
+            HEADERS     => $array_hdrs,
+            ATTRIBUTES  => $array_attrs,
+            TOKEN       => $token,
         }
     );
 }
@@ -155,6 +158,7 @@ sub display {
             MAIN_LOGO => $self->conf->{portalMainLogo},
             LANGS     => $self->conf->{showLanguages},
             MSG       => 'checkUser',
+            ALERTE    => 'message-positive',
             LOGIN     => (
                 $self->p->checkXSSAttack( 'LOGIN', $req->{user} )
                 ? ""
@@ -176,7 +180,7 @@ sub _userDatas {
     $req->steps($steps);
     if ( my $error = $self->p->process($req) ) {
         if ( $error == PE_USERNOTFOUND ) {
-            $self->userLogger->warn( "Check requested for an unvalid user ("
+            $self->userLogger->warn( 'Check requested for an unvalid user ('
                     . $req->{user}
                     . ")" );
         }
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index 5ab59f390..262b664de 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -1,18 +1,16 @@
 <TMPL_INCLUDE NAME="header.tpl">
 
 <div id="errorcontent" class="container">
-<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
-
-<form id="checkuser" action="/checkuser" method="post" class="password" role="form">
-
-      <TMPL_IF NAME="TOKEN">
-        <input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
-      </TMPL_IF>
-  
   <!--
-  <input type="hidden" name="confirm" value="<TMPL_VAR NAME="CONFIRMKEY">">
-  <input type="hidden" name="url" value="<TMPL_VAR NAME="URL">">
-  -->
+<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
+-->
+<div class="message <TMPL_VAR NAME="ALERTE"> alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
+<form id="checkuser" action="/checkuser" method="post" class="password" role="form">
+  
+  <TMPL_IF NAME="TOKEN">
+    <input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
+  </TMPL_IF>
+
   <div class="input-group mb-3">
     <div class="input-group-prepend">
       <span class="input-group-text"><i class="fa fa-user"></i> </span>
@@ -28,7 +26,7 @@
 
 
 <TMPL_IF NAME="ALLOWED">
-<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="ALLOWED">"></span></div>
+<div class="alert <TMPL_VAR NAME="ALERTE_AUTH">"><span trspan="<TMPL_VAR NAME="ALLOWED">"></span></div>
 </TMPL_IF>
 
 <TMPL_IF NAME="HEADERS">

From dae8adb4438ddffc8a61534c9bee220578e0f3ca Mon Sep 17 00:00:00 2001
From: Xavier Guimard <yadd@debian.org>
Date: Mon, 25 Feb 2019 23:48:20 +0100
Subject: [PATCH 44/58] Read rules in PSGI::Try (#1658)

---
 lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
index b12d28c51..8eede3406 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
@@ -60,7 +60,7 @@ sub _run {
             $self->routes( $self->authRoutes );
             $req->userData( $self->api->data );
         }
-        else {
+        elsif ( $res->[0] != 403 ) {
             # Unset headers (handler adds a Location header)
             $self->logger->debug(
                 "User not authenticated, Try in use, cancel redirection");
@@ -68,6 +68,9 @@ sub _run {
             $req->respHeaders( [] );
             $self->routes( $self->unAuthRoutes );
         }
+        else {
+            return $res;
+        }
         $res = $self->handler($req);
 
         # Insert respHeaders in response only if not already set

From 222e1890cf1ecd66ad15043d4e8cfea10a5abacd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= <clement@oodo.net>
Date: Tue, 26 Feb 2019 18:58:53 +0100
Subject: [PATCH 45/58] Fix HTML code for ext2fcheck template

---
 lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl b/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl
index 273679663..24f6076d8 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl
@@ -13,8 +13,8 @@
     <div class="input-group mb-3">
       <div class="input-group-prepend">
         <span class="input-group-text"><i class="fa fa-lock"></i> </span>
-        <input name="code" value="" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />
       </div>
+      <input name="code" value="" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />
     </div>
   </div>
   <div class="buttons">

From 36a8a152e7f1819b2547c063aa76b9a952a39e02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= <clement@oodo.net>
Date: Tue, 26 Feb 2019 19:11:47 +0100
Subject: [PATCH 46/58] Fix HTML code for ext2fcheck template

---
 lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl b/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl
index 24f6076d8..1b866073a 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl
@@ -23,13 +23,13 @@
       <span trspan="connect">Connect</span>
     </button>
   </div>
-  <br/>
   <div class="buttons">
   <a href="<TMPL_VAR NAME="PORTAL_URL">?cancel=1" class="btn btn-primary" role="button">
     <span class="fa fa-home"></span>
     <span trspan="cancel">Cancel</span>
   </a>
   </div>
+</form>
 </div>
 </main>
 

From 2cc1af5de948b1b13771a78d0fb329b384e20d25 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 10:25:17 +0100
Subject: [PATCH 47/58] Improve checkUser display (#1658)

---
 lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index 262b664de..d37d7b668 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -6,7 +6,7 @@
 -->
 <div class="message <TMPL_VAR NAME="ALERTE"> alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
 <form id="checkuser" action="/checkuser" method="post" class="password" role="form">
-  
+
   <TMPL_IF NAME="TOKEN">
     <input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
   </TMPL_IF>
@@ -21,7 +21,7 @@
     <div class="input-group-prepend">
       <span class="input-group-text"><i class="fa fa-link"></i> </span>
     </div>
-    <input name="url" type="text" class="form-control" value="<TMPL_VAR NAME="URL">" trplaceholder="URL" aria-required="true"/>
+    <input name="url" type="text" class="form-control" value="<TMPL_VAR NAME="URL">" trplaceholder="http://auth.example.com" aria-required="true"/>
   </div>
 
 

From 212be233135f787048a51415655487f432c0e2f4 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 11:03:16 +0100
Subject: [PATCH 48/58] Improve checkUser display (#1658)

---
 .../lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm            | 6 +++---
 lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl  | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 72a6b2fad..9e2096a6b 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -70,7 +70,7 @@ sub check {
                 MAIN_LOGO => $self->conf->{portalMainLogo},
                 LANGS     => $self->conf->{showLanguages},
                 MSG       => "PE$msg",
-                ALERTE    => 'message-warning',
+                ALERTE    => 'alert-warning',
                 TOKEN     => $token,
             }
         ) if $msg;
@@ -127,7 +127,7 @@ sub check {
             MAIN_LOGO => $self->conf->{portalMainLogo},
             LANGS     => $self->conf->{showLanguages},
             MSG       => $msg,
-            ALERTE    => 'message-positive',
+            ALERTE    => 'alert-info',
             LOGIN     => (
                   $self->p->checkXSSAttack( 'LOGIN', $req->{user} ) ? ""
                 : $req->{user}
@@ -158,7 +158,7 @@ sub display {
             MAIN_LOGO => $self->conf->{portalMainLogo},
             LANGS     => $self->conf->{showLanguages},
             MSG       => 'checkUser',
-            ALERTE    => 'message-positive',
+            ALERTE    => 'alert-info',
             LOGIN     => (
                 $self->p->checkXSSAttack( 'LOGIN', $req->{user} )
                 ? ""
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index d37d7b668..ce925795c 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -4,7 +4,7 @@
   <!--
 <div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
 -->
-<div class="message <TMPL_VAR NAME="ALERTE"> alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
+<div class="alert <TMPL_VAR NAME="ALERTE"> alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
 <form id="checkuser" action="/checkuser" method="post" class="password" role="form">
 
   <TMPL_IF NAME="TOKEN">

From cc99cec73aa114bd328be28f5b749dbfd583e16e Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 18:58:44 +0100
Subject: [PATCH 49/58] Improve code (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 25 ++++++++-----------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 9e2096a6b..0d7ff4568 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -3,8 +3,6 @@ package Lemonldap::NG::Portal::Plugins::CheckUser;
 use strict;
 use Mouse;
 use Lemonldap::NG::Portal::Main::Constants qw(
-    PE_CONFIRM
-    PE_OK
     PE_TOKENEXPIRED
     PE_USERNOTFOUND
     PE_NOTOKEN
@@ -43,15 +41,12 @@ sub init {
 
 sub check {
     my ( $self, $req ) = @_;
-    my ( $hdrs, $attrs, $array_attrs, $array_hdrs ) = ( {}, {}, [], [] );
-    my $msg    = 'checkUser';
-    my $result = '';
-    my $auth   = 0;
+    my ( $attrs, $array_attrs, $array_hdrs ) = ( {}, [], [] );
+    my $msg = my $auth = '';
 
     # Check token
     if ( $self->conf->{requireToken} ) {
         my $token = $req->param('token');
-        my $msg   = '';
         unless ($token) {
             $self->userLogger->warn('CheckUser try without token');
             $msg   = PE_NOTOKEN;
@@ -86,6 +81,7 @@ sub check {
         $msg   = 'PE' . $req->{error};
         $attrs = {};
     }
+    else { $msg = 'checkUser' }
 
     # Create an array of hashes for template loop
     $self->logger->debug("Delete hidden attributes");
@@ -109,9 +105,9 @@ sub check {
         $auth = $self->_authorization( $req, $url );
         $self->logger->debug(
             "checkUser requested for user: $req->{user} and URL: $url");
-        $result = $auth ? "allowed" : "forbidden";
+        $auth = $auth ? "allowed" : "forbidden";
         $self->userLogger->notice(
-            "checkUser -> $req->{user} is $result to access: $url");
+            "checkUser -> $req->{user} is $auth to access: $url");
 
         # Return VirtualHost headers
         $array_hdrs = $self->_headers( $req, $url );
@@ -136,11 +132,12 @@ sub check {
                   $self->p->checkXSSAttack( 'URL', $url ) ? ""
                 : $url
             ),
-            ALLOWED     => $result,
-            ALERTE_AUTH => ($result eq 'allowed' ? "alert-success" : "alert-danger"),
-            HEADERS     => $array_hdrs,
-            ATTRIBUTES  => $array_attrs,
-            TOKEN       => $token,
+            ALLOWED => $auth,
+            ALERTE_AUTH =>
+                ( $auth eq 'allowed' ? "alert-success" : "alert-danger" ),
+            HEADERS    => $array_hdrs,
+            ATTRIBUTES => $array_attrs,
+            TOKEN      => $token,
         }
     );
 }

From 36200c32c5299e69488b41c79dd29913796480de Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 19:30:49 +0100
Subject: [PATCH 50/58] Improve display (#1658)

---
 .../Lemonldap/NG/Portal/Plugins/CheckUser.pm  | 42 ++++++++++---------
 1 file changed, 23 insertions(+), 19 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
index 0d7ff4568..228c1247c 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
@@ -3,8 +3,8 @@ package Lemonldap::NG::Portal::Plugins::CheckUser;
 use strict;
 use Mouse;
 use Lemonldap::NG::Portal::Main::Constants qw(
+    PE_BADCREDENTIALS
     PE_TOKENEXPIRED
-    PE_USERNOTFOUND
     PE_NOTOKEN
 );
 
@@ -81,21 +81,23 @@ sub check {
         $msg   = 'PE' . $req->{error};
         $attrs = {};
     }
-    else { $msg = 'checkUser' }
+    else {
 
-    # Create an array of hashes for template loop
-    $self->logger->debug("Delete hidden attributes");
-    foreach my $k ( sort keys %$attrs ) {
+        # Create an array of hashes for template loop
+        $self->logger->debug("Delete hidden or empty attributes");
+        foreach my $k ( sort keys %$attrs ) {
 
-        # Ignore hidden attributes or empty values
-        if ( $self->conf->{checkUserDisplayEmptyValues} ) {
-            push @$array_attrs, { key => $k, value => $attrs->{$k} }
-                unless ( $self->hAttr =~ /\b$k\b/ );
-        }
-        else {
-            push @$array_attrs, { key => $k, value => $attrs->{$k} }
-                unless ( $self->hAttr =~ /\b$k\b/ or !$attrs->{$k} );
+            # Ignore hidden attributes or empty values
+            if ( $self->conf->{checkUserDisplayEmptyValues} ) {
+                push @$array_attrs, { key => $k, value => $attrs->{$k} }
+                    unless ( $self->hAttr =~ /\b$k\b/ );
+            }
+            else {
+                push @$array_attrs, { key => $k, value => $attrs->{$k} }
+                    unless ( $self->hAttr =~ /\b$k\b/ or !$attrs->{$k} );
+            }
         }
+        $msg = 'checkUser';
     }
 
     # Check if user is allowed to access submitted URL and compute headers
@@ -106,8 +108,9 @@ sub check {
         $self->logger->debug(
             "checkUser requested for user: $req->{user} and URL: $url");
         $auth = $auth ? "allowed" : "forbidden";
-        $self->userLogger->notice(
-            "checkUser -> $req->{user} is $auth to access: $url");
+        $self->userLogger->notice( "checkUser -> $req->{user} is "
+                . uc($auth)
+                . " to access: $url" );
 
         # Return VirtualHost headers
         $array_hdrs = $self->_headers( $req, $url );
@@ -123,8 +126,9 @@ sub check {
             MAIN_LOGO => $self->conf->{portalMainLogo},
             LANGS     => $self->conf->{showLanguages},
             MSG       => $msg,
-            ALERTE    => 'alert-info',
-            LOGIN     => (
+            ALERTE =>
+                ( $msg eq 'checkUser' ? 'alert-info' : 'alert-warning' ),
+            LOGIN => (
                   $self->p->checkXSSAttack( 'LOGIN', $req->{user} ) ? ""
                 : $req->{user}
             ),
@@ -134,7 +138,7 @@ sub check {
             ),
             ALLOWED => $auth,
             ALERTE_AUTH =>
-                ( $auth eq 'allowed' ? "alert-success" : "alert-danger" ),
+                ( $auth eq 'allowed' ? 'alert-success' : 'alert-danger' ),
             HEADERS    => $array_hdrs,
             ATTRIBUTES => $array_attrs,
             TOKEN      => $token,
@@ -176,7 +180,7 @@ sub _userDatas {
         : push @$steps, 'setLocalGroups';
     $req->steps($steps);
     if ( my $error = $self->p->process($req) ) {
-        if ( $error == PE_USERNOTFOUND ) {
+        if ( $error == PE_BADCREDENTIALS ) {
             $self->userLogger->warn( 'Check requested for an unvalid user ('
                     . $req->{user}
                     . ")" );

From 97523420bff3ff4d232d3a56315ada99ac4d2f5f Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 19:55:23 +0100
Subject: [PATCH 51/58] Improve display (#1658)

---
 .../site/templates/bootstrap/checkuser.tpl     | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index ce925795c..9cfe20e58 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -28,15 +28,22 @@
 <TMPL_IF NAME="ALLOWED">
 <div class="alert <TMPL_VAR NAME="ALERTE_AUTH">"><span trspan="<TMPL_VAR NAME="ALLOWED">"></span></div>
 </TMPL_IF>
-
 <TMPL_IF NAME="HEADERS">
+  <div class="buttons">
+    <button type="submit" class="btn btn-success">
+      <span class="fa fa-sign-in"></span>
+      <span trspan="checkUser">Check user</span>
+    </button>
+  </div>
+  <div>&nbsp;</div>
   <div class="card mb-3 border-secondary">
   <div class="card-body table-responsive">
   <table class="table table-hover">
     <thead>
+      <tr class="align-middle">HEADERS</tr>
       <tr>
-        <th><span trspan="key">Key</span></th>
-        <th><span trspan="value">Value</span></th>
+        <th class="align-middle"><span trspan="key">Key</span></th>
+        <th class="align-middle"><span trspan="value">Value</span></th>
       </tr>
     </thead>
     <tbody>
@@ -57,9 +64,10 @@
   <div class="card-body table-responsive">
   <table class="table table-hover">
     <thead>
+      <tr class="align-middle">ATTRIBUTES</tr>
       <tr>
-        <th><span trspan="key">Key</span></th>
-        <th><span trspan="value">Value</span></th>
+        <th class="align-middle"><span trspan="key">Key</span></th>
+        <th class="align-middle"><span trspan="value">Value</span></th>
       </tr>
     </thead>
     <tbody>

From d557018c8fbbddf3145793808af9f2911df21eec Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 20:05:16 +0100
Subject: [PATCH 52/58] Improve display & langs (#1658)

---
 lemonldap-ng-portal/site/htdocs/static/languages/ar.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/de.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/en.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/es.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/fr.json   | 4 +++-
 lemonldap-ng-portal/site/htdocs/static/languages/it.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/nl.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/pt.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/ro.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/vi.json   | 2 ++
 lemonldap-ng-portal/site/htdocs/static/languages/zh.json   | 2 ++
 lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl | 4 ++--
 12 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
index 9beada9f4..447a8aeb2 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
@@ -103,6 +103,7 @@
 "areYouSure":"هل أنت واثق؟",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"بوابة إثبات الهوية",
 "authRemaining":"٪ s المصادقة المتبقية، غيير كلمة المرور الخاصة بك!",
 "autoAccept":"تقبل تلقائيا في 30 ثانية",
@@ -145,6 +146,7 @@
 "gotNewMessages":"لديك بعض الرسائل الجديدة",
 "goToPortal":"انتقل إلى البوابة",
 "gplSoft":"البرمجيات الحرة التي تغطيها رخصة GPL",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"انا متاكد",
 "info":"معلومات",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
index 699a1630d..8d16d15ca 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
@@ -103,6 +103,7 @@
 "areYouSure":"Sind Sie sicher ?",
 "askToRenew":"Diese Anwendung benötigt eine neuere Authentifizierung. Möchten Sie sich erneut authentifizieren?",
 "askToUpgrade":"Diese Anwendung benötigt eine höhere Authentifizierungsstufe. Möchten Sie sich erneut authentifizieren?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentifizierungsportal",
 "authRemaining":"%sverbleibende Authentifizierungen, bitte Passwort ändern!",
 "autoAccept":"Automatisch in 30 Sekunden annehmen",
@@ -145,6 +146,7 @@
 "gotNewMessages":"Du hast neue Nachrichten",
 "goToPortal":"Zum Portal",
 "gplSoft":"Freie Software, die von der GPL-Lizenz abgedeckt wird",
+"headers":"HEADERS",
 "id":"ID",
 "imSure":"Ich bin sicher",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index 71f807190..c5a2a5548 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -103,6 +103,7 @@
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentication portal",
 "authRemaining":"%s authentications remaining, change your password!",
 "autoAccept":"Automatically accept in 30 seconds",
@@ -145,6 +146,7 @@
 "gotNewMessages":"You have some new messages",
 "goToPortal":"Go to portal",
 "gplSoft":"free software covered by the GPL license",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"I'm sure",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
index 94afa833c..029d664e3 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
@@ -103,6 +103,7 @@
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentication portal",
 "authRemaining":"%s authentications remaining, change your password!",
 "autoAccept":"Automatically accept in 30 seconds",
@@ -145,6 +146,7 @@
 "gotNewMessages":"You have some new messages",
 "goToPortal":"Go to portal",
 "gplSoft":"free software covered by the GPL license",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"I'm sure",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index 7c26a46d0..96d7cef8f 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -103,6 +103,7 @@
 "areYouSure":"Êtes-vous sûr ?",
 "askToRenew":"Cette application nécessite une authentification plus récente. Voulez-vous vous réauthentifier ?",
 "askToUpgrade":"Cette application nécessite un plus haut niveau d'authentification. Voulez-vous vous réauthentifier ?",
+"attributes":"ATTRIBUTS",
 "authPortal":"Portail d'authentification",
 "authRemaining":"%s authentifications restantes, changez votre mot de passe !",
 "autoAccept":"Acceptation automatique dans 30 secondes",
@@ -115,7 +116,7 @@
 "changeKey": "Générer une nouvelle clef",
 "changePwd":"Changez votre mot de passe",
 "checkLastLogins":"Voir mes dernières connexions",
-"checkUser":"Vérifier la session",
+"checkUser":"Vérifier la session d'un utilisateur",
 "choose2f":"Choisissez votre second facteur",
 "chooseApp":"Choisissez une application à laquelle vous êtes autorisé à accéder",
 "clickHere":"Cliquez ici",
@@ -145,6 +146,7 @@
 "gotNewMessages":"Vous avez de nouveaux messages",
 "goToPortal":"Aller au portail",
 "gplSoft":"logiciel libre protégé par la licence GPL",
+"headers":"ENTETES",
 "id":"Id",
 "imSure":"Je suis sûr",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
index e98f138d7..33fd624cd 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
@@ -103,6 +103,7 @@
 "areYouSure":"Sei sicuro?",
 "askToRenew":"Questa applicazione richiede un'autenticazione più recente. Vuoi reautenticare?",
 "askToUpgrade":"Questa applicazione richiede un livello di autenticazione superiore. Vuoi reautenticare?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Portale di autenticazione",
 "authRemaining":"Rimangono ancora %s autenticazioni, modifica la password!",
 "autoAccept":"Accetta automaticamente in 30 secondi",
@@ -145,6 +146,7 @@
 "gotNewMessages":"Hai dei nuovi messaggi",
 "goToPortal":"Vai al portale",
 "gplSoft":"Software libero coperto dalla licenza GPL",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"Sono sicuro",
 "info":"Informazioni",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
index 704267abd..3aefb087b 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
@@ -103,6 +103,7 @@
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentication portal",
 "authRemaining":"%s authentications remaining, change your password!",
 "autoAccept":"Automatically accept in 30 seconds",
@@ -145,6 +146,7 @@
 "gotNewMessages":"You have some new messages",
 "goToPortal":"Go to portal",
 "gplSoft":"free software covered by the GPL license",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"I'm sure",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
index 925078939..26ce9e410 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
@@ -103,6 +103,7 @@
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentication portal",
 "authRemaining":"%s authentications remaining, change your password!",
 "autoAccept":"Automatically accept in 30 seconds",
@@ -145,6 +146,7 @@
 "gotNewMessages":"You have some new messages",
 "goToPortal":"Go to portal",
 "gplSoft":"free software covered by the GPL license",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"I'm sure",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
index 45cce0f7b..40d518ede 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
@@ -103,6 +103,7 @@
 "areYouSure":"Are you sure?",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentication portal",
 "authRemaining":"%s authentications remaining, change your password!",
 "autoAccept":"Automatically accept in 30 seconds",
@@ -145,6 +146,7 @@
 "gotNewMessages":"You have some new messages",
 "goToPortal":"Go to portal",
 "gplSoft":"free software covered by the GPL license",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"I'm sure",
 "info":"Information",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
index 3f321e36d..f2a84e8c6 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
@@ -103,6 +103,7 @@
 "areYouSure":"Bạn có chắc không?",
 "askToRenew":"Ứng dụng này cần có chứng thực gần đây hơn. Bạn có muốn chứng thực lại?",
 "askToUpgrade":"Ứng dụng này cần một mức xác thực cao hơn. Bạn có muốn chứng thực lại?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Cổng thông tin xác thực",
 "authRemaining":"%s xác thực vẫn còn, thay đổi mật khẩu của bạn!",
 "autoAccept":"Tự động chấp nhận trong 30 giây",
@@ -145,6 +146,7 @@
 "gotNewMessages":"Bạn có một số tin nhắn mới",
 "goToPortal":"Đi tới cổng thông tin",
 "gplSoft":"phần mềm tự do được cấp phép bởi GPL",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"Tôi chắc chắn",
 "info":"Thông tin",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
index a5e3ea8f0..3037775bf 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
@@ -103,6 +103,7 @@
 "areYouSure":"您确定吗？",
 "askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate?",
 "askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate?",
+"attributes":"ATTRIBUTES",
 "authPortal":"Authentication portal",
 "authRemaining":"%s authentications remaining, change your password!",
 "autoAccept":"30秒后自动接受",
@@ -145,6 +146,7 @@
 "gotNewMessages":"您有一些新消息",
 "goToPortal":"回到首页",
 "gplSoft":"free software covered by the GPL license",
+"headers":"HEADERS",
 "id":"Id",
 "imSure":"我确认",
 "info":"信息",
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
index 9cfe20e58..b54de5cc9 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl
@@ -40,7 +40,7 @@
   <div class="card-body table-responsive">
   <table class="table table-hover">
     <thead>
-      <tr class="align-middle">HEADERS</tr>
+      <tr class="align-middle"><span trspan="headers">HEADERS</span></tr>
       <tr>
         <th class="align-middle"><span trspan="key">Key</span></th>
         <th class="align-middle"><span trspan="value">Value</span></th>
@@ -64,7 +64,7 @@
   <div class="card-body table-responsive">
   <table class="table table-hover">
     <thead>
-      <tr class="align-middle">ATTRIBUTES</tr>
+      <tr class="align-middle"><span trspan="attributes">ATTRIBUTES</span></tr>
       <tr>
         <th class="align-middle"><span trspan="key">Key</span></th>
         <th class="align-middle"><span trspan="value">Value</span></th>

From cb65e0984e5ddfff9bcfcb44388388f87d39718f Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 21:55:03 +0100
Subject: [PATCH 53/58] Append comment (#1658)

---
 lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
index b5d2fc537..82076351a 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
@@ -645,9 +645,11 @@ sub sendHeaders {
     }
 }
 
+## @rfunction array ref checkHeaders()
+# Return computed headers by forgeHeadersInit() for the current virtual host
 sub checkHeaders {
     my ( $class, $req, $session ) = @_;
-    my $vhost          = $class->resolveAlias($req);
+    my $vhost         = $class->resolveAlias($req);
     my $array_headers = [];
     if ( defined $class->tsv->{forgeHeaders}->{$vhost} ) {
 

From 0209e7364b58e954536b970e03eba525318f85a5 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 22:01:15 +0100
Subject: [PATCH 54/58] Display empty headers (#1658)

---
 lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
index 82076351a..7aa966f97 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
@@ -647,6 +647,7 @@ sub sendHeaders {
 
 ## @rfunction array ref checkHeaders()
 # Return computed headers by forgeHeadersInit() for the current virtual host
+# [ { key => 'header1', value => 'value1' }, { key => 'header2', value => 'value2' }, ...]
 sub checkHeaders {
     my ( $class, $req, $session ) = @_;
     my $vhost         = $class->resolveAlias($req);
@@ -657,8 +658,9 @@ sub checkHeaders {
         my %headers
             = $class->tsv->{forgeHeaders}->{$vhost}->( $req, $session );
         foreach my $h ( sort keys %headers ) {
-            push @$array_headers, { key => $h, value => $headers{$h} }
-                if ( defined $headers{$h} );
+            defined $headers{$h}
+            ? push @$array_headers, { key => $h, value => $headers{$h} }
+            : push @$array_headers, { key => $h, value => '' };
         }
     }
     return $array_headers;

From d273b7710da18e3271755a455bb665efac2d3b20 Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Tue, 26 Feb 2019 23:03:30 +0100
Subject: [PATCH 55/58] Hide message boxes if needed (#1660)

---
 lemonldap-ng-portal/site/coffee/portal.coffee              | 3 +++
 lemonldap-ng-portal/site/htdocs/static/common/js/portal.js | 7 ++++++-
 .../site/htdocs/static/common/js/portal.min.js             | 2 +-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-portal/site/coffee/portal.coffee b/lemonldap-ng-portal/site/coffee/portal.coffee
index d78cb0829..39005b502 100644
--- a/lemonldap-ng-portal/site/coffee/portal.coffee
+++ b/lemonldap-ng-portal/site/coffee/portal.coffee
@@ -29,6 +29,9 @@ translatePage = (lang) ->
 			$(this).text txt
 		$("[trmsg]").each ->
 			$(this).text translate "PE#{$(this).attr 'trmsg'}"
+			msg = translate "PE#{$(this).attr 'trmsg'}"
+			if msg.match /_null_/
+				$(this).parent().hide()
 		$("[trplaceholder]").each ->
 			$(this).attr 'placeholder', translate($(this).attr('trplaceholder'))
 		$("[localtime]").each ->
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
index 889a3dc70..c5f4e2ad6 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
@@ -37,7 +37,12 @@ LemonLDAP::NG Portal jQuery scripts
         return $(this).text(txt);
       });
       $("[trmsg]").each(function() {
-        return $(this).text(translate("PE" + ($(this).attr('trmsg'))));
+        var msg;
+        $(this).text(translate("PE" + ($(this).attr('trmsg'))));
+        msg = translate("PE" + ($(this).attr('trmsg')));
+        if (msg.match(/_null_/)) {
+          return $(this).parent().hide();
+        }
       });
       $("[trplaceholder]").each(function() {
         return $(this).attr('placeholder', translate($(this).attr('trplaceholder')));
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
index 2e7652979..d52e694eb 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
@@ -1 +1 @@
-(function(){var datas,delKey,getCookie,getValues,isHiddenFormValueSet,ping,removeOidcConsent,restoreOrder,setCookie,setKey,setOrder,setSelector,translate,translatePage,translationFields,indexOf=[].indexOf||function(item){for(var i=0,l=this.length;i<l;i++){if(i in this&&this[i]===item)return i}return-1};translationFields={};translatePage=function(lang){return $.getJSON(window.staticPrefix+"languages/"+lang+".json",function(data){var k,ref,ref1,v;translationFields=data;ref=window.datas.trOver.all;for(k in ref){v=ref[k];translationFields[k]=v}if(window.datas.trOver[lang]){ref1=window.datas.trOver[lang];for(k in ref1){v=ref1[k];translationFields[k]=v}}$("[trspan]").each(function(){var args,i,len,txt;args=$(this).attr("trspan").split(",");txt=translate(args.shift());for(i=0,len=args.length;i<len;i++){v=args[i];txt=txt.replace(/%[sd]/,v)}return $(this).text(txt)});$("[trmsg]").each(function(){return $(this).text(translate("PE"+$(this).attr("trmsg")))});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",translate($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var d;d=new Date($(this).attr("localtime")*1e3);return $(this).text(d.toLocaleString())})})};translate=function(str){if(translationFields[str]){return translationFields[str]}else{return str}};window.translate=translate;getValues=function(){var values;values={};$("script[type='application/init']").each(function(){var e,k,results,tmp;try{tmp=JSON.parse($(this).text());results=[];for(k in tmp){results.push(values[k]=tmp[k])}return results}catch(error1){e=error1;console.log("Parsing error",e);return console.log("JSON",$(this).text())}});console.log(values);return values};setSelector="#appslist";setOrder=function(){return setKey("_appsListOrder",$(setSelector).sortable("toArray").join())};removeOidcConsent=function(partner){var e;e=function(j,s,e){return alert(s+" "+e)};return delKey("_oidcConsents",partner,function(){return $("[partner='"+partner+"']").hide()},e)};setKey=function(key,val,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){var d;d={token:data.token};d[key]=val;return $.ajax({type:"PUT",url:datas["scriptname"]+"/mysession/persistent",dataType:"json",data:d,success:success,error:error})}})};delKey=function(key,sub,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){return $.ajax({type:"DELETE",url:datas["scriptname"]+"/mysession/persistent/"+key+"?sub="+sub+"&token="+data.token,dataType:"json",success:success,error:error})}})};restoreOrder=function(){var IDs,child,i,item,itemID,items,l,len,len1,list,rebuild,savedOrd,v;list=$(setSelector);if(!(list!=null&&datas["appslistorder"])){return null}IDs=datas["appslistorder"].split(",");items=list.sortable("toArray");rebuild=[];for(i=0,len=items.length;i<len;i++){v=items[i];rebuild[v]=v}for(l=0,len1=IDs.length;l<len1;l++){itemID=IDs[l];if(rebuild[itemID]){item=rebuild[itemID];child=$(setSelector+".ui-sortable").children("#"+item);savedOrd=$(setSelector+".ui-sortable").children("#"+itemID);child.remove();$(setSelector+".ui-sortable").filter(":first").append(savedOrd)}}return 1};isHiddenFormValueSet=function(option){return $("#lmhidden_"+option).length};ping=function(){return $.ajax({type:"POST",url:datas["scriptname"],data:{ping:1},dataType:"json",success:function(data){if(data.result!=null&&data.result===1){return setTimeout(ping,datas["pingInterval"])}else{return location.reload(true)}},error:function(j,t,e){return location.reload(true)}})};window.ping=ping;getCookie=function(cname){var c,ca,i,len,name,re;name=cname+"=";ca=decodeURIComponent(document.cookie).split(";");re=new RegExp("^ *"+cname+"=");for(i=0,len=ca.length;i<len;i++){c=ca[i];if(c.match(re)){c=c.replace(re,"");return c}}return""};setCookie=function(name,value,exdays){var d;d=new Date;d.setTime(d.getTime()+exdays*864e5);return document.cookie=name+"="+value+"; expires="+d.toUTCString()+"; path=/"};datas={};$(document).ready(function(){var action,al,authMenuTabs,back_url,i,l,lang,langdiv,langs,langs2,len,len1,len2,len3,link,m,menuIndex,menuTabs,method,n,nl,nlangs,re,ref,ref1,ref2;datas=getValues();window.datas=datas;if(datas["antiframe"]&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:.5,revert:true,items:"> div.category",update:function(){return setOrder()}});restoreOrder();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-((new Date).getTimezoneOffset()/60));menuTabs=$("#menu").tabs({active:0});menuIndex=$('#menu a[href="#'+datas["displaytab"]+'"]').parent().index();if(menuIndex<0){menuIndex=0}menuTabs.tabs("option","active",menuIndex);authMenuTabs=$("#authMenu").tabs({active:0});if(datas["choicetab"]){authMenuTabs.tabs("option","active",$('#authMenu a[href="#'+datas["choicetab"]+'"]').parent().index())}if(datas["login"]){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(datas["newwindow"]){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){action=$("form.login").attr("action");method=$("form.login").attr("method");back_url="";if(action.indexOf("?")!==-1){action.substring(0,action.indexOf("?"))+"?"}else{back_url=action+"?"}$("form.login input[type=hidden]").each(function(index){return back_url+="&"+$(this).attr("name")+"="+$(this).val()});link=$("p.removeOther a").attr("href")+"&method="+method+"&url="+btoa(back_url);$("p.removeOther a").attr("href",link)}lang=getCookie("llnglanguage");if(!lang){if(navigator){langs=[];langs2=[];nlangs=[navigator.language];if(navigator.languages){nlangs=navigator.languages}ref=window.availableLanguages;for(i=0,len=ref.length;i<len;i++){al=ref[i];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}for(l=0,len1=nlangs.length;l<len1;l++){nl=nlangs[l];console.log("Navigator lang",nl);ref1=window.availableLanguages;for(m=0,len2=ref1.length;m<len2;m++){al=ref1[m];console.log(" Available lang",al);re=new RegExp("^"+al+"-?");if(nl.match(re)){console.log("  Matching lang =",al);langs.push(al)}else if(al.substring(0,1)===nl.substring(0,1)){langs2.push(al)}}}lang=langs[0]?langs[0]:langs2[0]?langs2[0]:window.availableLanguages[0]}else{lang=window.availableLanguages[0]}}else if(indexOf.call(window.availableLanguages,lang)<0){lang=window.availableLanguages[0]}console.log("Selected lang ->",lang);setCookie("llnglanguage",lang);translatePage(lang);langdiv="";ref2=window.availableLanguages;for(n=0,len3=ref2.length;n<len3;n++){al=ref2[n];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}$("#languages").html(langdiv);$(".langicon").on("click",function(){lang=$(this).attr("title");setCookie("llnglanguage",lang);return translatePage(lang)});if(datas["pingInterval"]&&datas["pingInterval"]>0){window.setTimeout(ping,datas["pingInterval"])}$(".localeDate").each(function(){var s;s=new Date($(this).attr("val")*1e3);return $(this).text(s.toLocaleString())});return $(".oidcConsent").on("click",function(){return removeOidcConsent($(this).attr("partner"))})})}).call(this);
+(function(){var datas,delKey,getCookie,getValues,isHiddenFormValueSet,ping,removeOidcConsent,restoreOrder,setCookie,setKey,setOrder,setSelector,translate,translatePage,translationFields,indexOf=[].indexOf||function(item){for(var i=0,l=this.length;i<l;i++){if(i in this&&this[i]===item)return i}return-1};translationFields={};translatePage=function(lang){return $.getJSON(window.staticPrefix+"languages/"+lang+".json",function(data){var k,ref,ref1,v;translationFields=data;ref=window.datas.trOver.all;for(k in ref){v=ref[k];translationFields[k]=v}if(window.datas.trOver[lang]){ref1=window.datas.trOver[lang];for(k in ref1){v=ref1[k];translationFields[k]=v}}$("[trspan]").each(function(){var args,i,len,txt;args=$(this).attr("trspan").split(",");txt=translate(args.shift());for(i=0,len=args.length;i<len;i++){v=args[i];txt=txt.replace(/%[sd]/,v)}return $(this).text(txt)});$("[trmsg]").each(function(){var msg;$(this).text(translate("PE"+$(this).attr("trmsg")));msg=translate("PE"+$(this).attr("trmsg"));if(msg.match(/_null_/)){return $(this).parent().hide()}});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",translate($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var d;d=new Date($(this).attr("localtime")*1e3);return $(this).text(d.toLocaleString())})})};translate=function(str){if(translationFields[str]){return translationFields[str]}else{return str}};window.translate=translate;getValues=function(){var values;values={};$("script[type='application/init']").each(function(){var e,k,results,tmp;try{tmp=JSON.parse($(this).text());results=[];for(k in tmp){results.push(values[k]=tmp[k])}return results}catch(error1){e=error1;console.log("Parsing error",e);return console.log("JSON",$(this).text())}});console.log(values);return values};setSelector="#appslist";setOrder=function(){return setKey("_appsListOrder",$(setSelector).sortable("toArray").join())};removeOidcConsent=function(partner){var e;e=function(j,s,e){return alert(s+" "+e)};return delKey("_oidcConsents",partner,function(){return $("[partner='"+partner+"']").hide()},e)};setKey=function(key,val,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){var d;d={token:data.token};d[key]=val;return $.ajax({type:"PUT",url:datas["scriptname"]+"/mysession/persistent",dataType:"json",data:d,success:success,error:error})}})};delKey=function(key,sub,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){return $.ajax({type:"DELETE",url:datas["scriptname"]+"/mysession/persistent/"+key+"?sub="+sub+"&token="+data.token,dataType:"json",success:success,error:error})}})};restoreOrder=function(){var IDs,child,i,item,itemID,items,l,len,len1,list,rebuild,savedOrd,v;list=$(setSelector);if(!(list!=null&&datas["appslistorder"])){return null}IDs=datas["appslistorder"].split(",");items=list.sortable("toArray");rebuild=[];for(i=0,len=items.length;i<len;i++){v=items[i];rebuild[v]=v}for(l=0,len1=IDs.length;l<len1;l++){itemID=IDs[l];if(rebuild[itemID]){item=rebuild[itemID];child=$(setSelector+".ui-sortable").children("#"+item);savedOrd=$(setSelector+".ui-sortable").children("#"+itemID);child.remove();$(setSelector+".ui-sortable").filter(":first").append(savedOrd)}}return 1};isHiddenFormValueSet=function(option){return $("#lmhidden_"+option).length};ping=function(){return $.ajax({type:"POST",url:datas["scriptname"],data:{ping:1},dataType:"json",success:function(data){if(data.result!=null&&data.result===1){return setTimeout(ping,datas["pingInterval"])}else{return location.reload(true)}},error:function(j,t,e){return location.reload(true)}})};window.ping=ping;getCookie=function(cname){var c,ca,i,len,name,re;name=cname+"=";ca=decodeURIComponent(document.cookie).split(";");re=new RegExp("^ *"+cname+"=");for(i=0,len=ca.length;i<len;i++){c=ca[i];if(c.match(re)){c=c.replace(re,"");return c}}return""};setCookie=function(name,value,exdays){var d;d=new Date;d.setTime(d.getTime()+exdays*864e5);return document.cookie=name+"="+value+"; expires="+d.toUTCString()+"; path=/"};datas={};$(document).ready(function(){var action,al,authMenuTabs,back_url,i,l,lang,langdiv,langs,langs2,len,len1,len2,len3,link,m,menuIndex,menuTabs,method,n,nl,nlangs,re,ref,ref1,ref2;datas=getValues();window.datas=datas;if(datas["antiframe"]&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:.5,revert:true,items:"> div.category",update:function(){return setOrder()}});restoreOrder();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-((new Date).getTimezoneOffset()/60));menuTabs=$("#menu").tabs({active:0});menuIndex=$('#menu a[href="#'+datas["displaytab"]+'"]').parent().index();if(menuIndex<0){menuIndex=0}menuTabs.tabs("option","active",menuIndex);authMenuTabs=$("#authMenu").tabs({active:0});if(datas["choicetab"]){authMenuTabs.tabs("option","active",$('#authMenu a[href="#'+datas["choicetab"]+'"]').parent().index())}if(datas["login"]){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(datas["newwindow"]){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){action=$("form.login").attr("action");method=$("form.login").attr("method");back_url="";if(action.indexOf("?")!==-1){action.substring(0,action.indexOf("?"))+"?"}else{back_url=action+"?"}$("form.login input[type=hidden]").each(function(index){return back_url+="&"+$(this).attr("name")+"="+$(this).val()});link=$("p.removeOther a").attr("href")+"&method="+method+"&url="+btoa(back_url);$("p.removeOther a").attr("href",link)}lang=getCookie("llnglanguage");if(!lang){if(navigator){langs=[];langs2=[];nlangs=[navigator.language];if(navigator.languages){nlangs=navigator.languages}ref=window.availableLanguages;for(i=0,len=ref.length;i<len;i++){al=ref[i];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}for(l=0,len1=nlangs.length;l<len1;l++){nl=nlangs[l];console.log("Navigator lang",nl);ref1=window.availableLanguages;for(m=0,len2=ref1.length;m<len2;m++){al=ref1[m];console.log(" Available lang",al);re=new RegExp("^"+al+"-?");if(nl.match(re)){console.log("  Matching lang =",al);langs.push(al)}else if(al.substring(0,1)===nl.substring(0,1)){langs2.push(al)}}}lang=langs[0]?langs[0]:langs2[0]?langs2[0]:window.availableLanguages[0]}else{lang=window.availableLanguages[0]}}else if(indexOf.call(window.availableLanguages,lang)<0){lang=window.availableLanguages[0]}console.log("Selected lang ->",lang);setCookie("llnglanguage",lang);translatePage(lang);langdiv="";ref2=window.availableLanguages;for(n=0,len3=ref2.length;n<len3;n++){al=ref2[n];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}$("#languages").html(langdiv);$(".langicon").on("click",function(){lang=$(this).attr("title");setCookie("llnglanguage",lang);return translatePage(lang)});if(datas["pingInterval"]&&datas["pingInterval"]>0){window.setTimeout(ping,datas["pingInterval"])}$(".localeDate").each(function(){var s;s=new Date($(this).attr("val")*1e3);return $(this).text(s.toLocaleString())});return $(".oidcConsent").on("click",function(){return removeOidcConsent($(this).attr("partner"))})})}).call(this);

From 47fb53341a1d851cee32156628fdc6b0734ff80d Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Wed, 27 Feb 2019 09:49:58 +0100
Subject: [PATCH 56/58] Hide message boxes if needed (#1660)

---
 lemonldap-ng-portal/site/coffee/portal.coffee                  | 2 +-
 lemonldap-ng-portal/site/htdocs/static/common/js/portal.js     | 2 +-
 lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lemonldap-ng-portal/site/coffee/portal.coffee b/lemonldap-ng-portal/site/coffee/portal.coffee
index 39005b502..540d9d308 100644
--- a/lemonldap-ng-portal/site/coffee/portal.coffee
+++ b/lemonldap-ng-portal/site/coffee/portal.coffee
@@ -30,7 +30,7 @@ translatePage = (lang) ->
 		$("[trmsg]").each ->
 			$(this).text translate "PE#{$(this).attr 'trmsg'}"
 			msg = translate "PE#{$(this).attr 'trmsg'}"
-			if msg.match /_null_/
+			if msg.match /_hide_/
 				$(this).parent().hide()
 		$("[trplaceholder]").each ->
 			$(this).attr 'placeholder', translate($(this).attr('trplaceholder'))
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
index c5f4e2ad6..cbbcba272 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js
@@ -40,7 +40,7 @@ LemonLDAP::NG Portal jQuery scripts
         var msg;
         $(this).text(translate("PE" + ($(this).attr('trmsg'))));
         msg = translate("PE" + ($(this).attr('trmsg')));
-        if (msg.match(/_null_/)) {
+        if (msg.match(/_hide_/)) {
           return $(this).parent().hide();
         }
       });
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
index d52e694eb..47fbf2760 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js
@@ -1 +1 @@
-(function(){var datas,delKey,getCookie,getValues,isHiddenFormValueSet,ping,removeOidcConsent,restoreOrder,setCookie,setKey,setOrder,setSelector,translate,translatePage,translationFields,indexOf=[].indexOf||function(item){for(var i=0,l=this.length;i<l;i++){if(i in this&&this[i]===item)return i}return-1};translationFields={};translatePage=function(lang){return $.getJSON(window.staticPrefix+"languages/"+lang+".json",function(data){var k,ref,ref1,v;translationFields=data;ref=window.datas.trOver.all;for(k in ref){v=ref[k];translationFields[k]=v}if(window.datas.trOver[lang]){ref1=window.datas.trOver[lang];for(k in ref1){v=ref1[k];translationFields[k]=v}}$("[trspan]").each(function(){var args,i,len,txt;args=$(this).attr("trspan").split(",");txt=translate(args.shift());for(i=0,len=args.length;i<len;i++){v=args[i];txt=txt.replace(/%[sd]/,v)}return $(this).text(txt)});$("[trmsg]").each(function(){var msg;$(this).text(translate("PE"+$(this).attr("trmsg")));msg=translate("PE"+$(this).attr("trmsg"));if(msg.match(/_null_/)){return $(this).parent().hide()}});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",translate($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var d;d=new Date($(this).attr("localtime")*1e3);return $(this).text(d.toLocaleString())})})};translate=function(str){if(translationFields[str]){return translationFields[str]}else{return str}};window.translate=translate;getValues=function(){var values;values={};$("script[type='application/init']").each(function(){var e,k,results,tmp;try{tmp=JSON.parse($(this).text());results=[];for(k in tmp){results.push(values[k]=tmp[k])}return results}catch(error1){e=error1;console.log("Parsing error",e);return console.log("JSON",$(this).text())}});console.log(values);return values};setSelector="#appslist";setOrder=function(){return setKey("_appsListOrder",$(setSelector).sortable("toArray").join())};removeOidcConsent=function(partner){var e;e=function(j,s,e){return alert(s+" "+e)};return delKey("_oidcConsents",partner,function(){return $("[partner='"+partner+"']").hide()},e)};setKey=function(key,val,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){var d;d={token:data.token};d[key]=val;return $.ajax({type:"PUT",url:datas["scriptname"]+"/mysession/persistent",dataType:"json",data:d,success:success,error:error})}})};delKey=function(key,sub,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){return $.ajax({type:"DELETE",url:datas["scriptname"]+"/mysession/persistent/"+key+"?sub="+sub+"&token="+data.token,dataType:"json",success:success,error:error})}})};restoreOrder=function(){var IDs,child,i,item,itemID,items,l,len,len1,list,rebuild,savedOrd,v;list=$(setSelector);if(!(list!=null&&datas["appslistorder"])){return null}IDs=datas["appslistorder"].split(",");items=list.sortable("toArray");rebuild=[];for(i=0,len=items.length;i<len;i++){v=items[i];rebuild[v]=v}for(l=0,len1=IDs.length;l<len1;l++){itemID=IDs[l];if(rebuild[itemID]){item=rebuild[itemID];child=$(setSelector+".ui-sortable").children("#"+item);savedOrd=$(setSelector+".ui-sortable").children("#"+itemID);child.remove();$(setSelector+".ui-sortable").filter(":first").append(savedOrd)}}return 1};isHiddenFormValueSet=function(option){return $("#lmhidden_"+option).length};ping=function(){return $.ajax({type:"POST",url:datas["scriptname"],data:{ping:1},dataType:"json",success:function(data){if(data.result!=null&&data.result===1){return setTimeout(ping,datas["pingInterval"])}else{return location.reload(true)}},error:function(j,t,e){return location.reload(true)}})};window.ping=ping;getCookie=function(cname){var c,ca,i,len,name,re;name=cname+"=";ca=decodeURIComponent(document.cookie).split(";");re=new RegExp("^ *"+cname+"=");for(i=0,len=ca.length;i<len;i++){c=ca[i];if(c.match(re)){c=c.replace(re,"");return c}}return""};setCookie=function(name,value,exdays){var d;d=new Date;d.setTime(d.getTime()+exdays*864e5);return document.cookie=name+"="+value+"; expires="+d.toUTCString()+"; path=/"};datas={};$(document).ready(function(){var action,al,authMenuTabs,back_url,i,l,lang,langdiv,langs,langs2,len,len1,len2,len3,link,m,menuIndex,menuTabs,method,n,nl,nlangs,re,ref,ref1,ref2;datas=getValues();window.datas=datas;if(datas["antiframe"]&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:.5,revert:true,items:"> div.category",update:function(){return setOrder()}});restoreOrder();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-((new Date).getTimezoneOffset()/60));menuTabs=$("#menu").tabs({active:0});menuIndex=$('#menu a[href="#'+datas["displaytab"]+'"]').parent().index();if(menuIndex<0){menuIndex=0}menuTabs.tabs("option","active",menuIndex);authMenuTabs=$("#authMenu").tabs({active:0});if(datas["choicetab"]){authMenuTabs.tabs("option","active",$('#authMenu a[href="#'+datas["choicetab"]+'"]').parent().index())}if(datas["login"]){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(datas["newwindow"]){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){action=$("form.login").attr("action");method=$("form.login").attr("method");back_url="";if(action.indexOf("?")!==-1){action.substring(0,action.indexOf("?"))+"?"}else{back_url=action+"?"}$("form.login input[type=hidden]").each(function(index){return back_url+="&"+$(this).attr("name")+"="+$(this).val()});link=$("p.removeOther a").attr("href")+"&method="+method+"&url="+btoa(back_url);$("p.removeOther a").attr("href",link)}lang=getCookie("llnglanguage");if(!lang){if(navigator){langs=[];langs2=[];nlangs=[navigator.language];if(navigator.languages){nlangs=navigator.languages}ref=window.availableLanguages;for(i=0,len=ref.length;i<len;i++){al=ref[i];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}for(l=0,len1=nlangs.length;l<len1;l++){nl=nlangs[l];console.log("Navigator lang",nl);ref1=window.availableLanguages;for(m=0,len2=ref1.length;m<len2;m++){al=ref1[m];console.log(" Available lang",al);re=new RegExp("^"+al+"-?");if(nl.match(re)){console.log("  Matching lang =",al);langs.push(al)}else if(al.substring(0,1)===nl.substring(0,1)){langs2.push(al)}}}lang=langs[0]?langs[0]:langs2[0]?langs2[0]:window.availableLanguages[0]}else{lang=window.availableLanguages[0]}}else if(indexOf.call(window.availableLanguages,lang)<0){lang=window.availableLanguages[0]}console.log("Selected lang ->",lang);setCookie("llnglanguage",lang);translatePage(lang);langdiv="";ref2=window.availableLanguages;for(n=0,len3=ref2.length;n<len3;n++){al=ref2[n];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}$("#languages").html(langdiv);$(".langicon").on("click",function(){lang=$(this).attr("title");setCookie("llnglanguage",lang);return translatePage(lang)});if(datas["pingInterval"]&&datas["pingInterval"]>0){window.setTimeout(ping,datas["pingInterval"])}$(".localeDate").each(function(){var s;s=new Date($(this).attr("val")*1e3);return $(this).text(s.toLocaleString())});return $(".oidcConsent").on("click",function(){return removeOidcConsent($(this).attr("partner"))})})}).call(this);
+(function(){var datas,delKey,getCookie,getValues,isHiddenFormValueSet,ping,removeOidcConsent,restoreOrder,setCookie,setKey,setOrder,setSelector,translate,translatePage,translationFields,indexOf=[].indexOf||function(item){for(var i=0,l=this.length;i<l;i++){if(i in this&&this[i]===item)return i}return-1};translationFields={};translatePage=function(lang){return $.getJSON(window.staticPrefix+"languages/"+lang+".json",function(data){var k,ref,ref1,v;translationFields=data;ref=window.datas.trOver.all;for(k in ref){v=ref[k];translationFields[k]=v}if(window.datas.trOver[lang]){ref1=window.datas.trOver[lang];for(k in ref1){v=ref1[k];translationFields[k]=v}}$("[trspan]").each(function(){var args,i,len,txt;args=$(this).attr("trspan").split(",");txt=translate(args.shift());for(i=0,len=args.length;i<len;i++){v=args[i];txt=txt.replace(/%[sd]/,v)}return $(this).text(txt)});$("[trmsg]").each(function(){var msg;$(this).text(translate("PE"+$(this).attr("trmsg")));msg=translate("PE"+$(this).attr("trmsg"));if(msg.match(/_hide_/)){return $(this).parent().hide()}});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",translate($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var d;d=new Date($(this).attr("localtime")*1e3);return $(this).text(d.toLocaleString())})})};translate=function(str){if(translationFields[str]){return translationFields[str]}else{return str}};window.translate=translate;getValues=function(){var values;values={};$("script[type='application/init']").each(function(){var e,k,results,tmp;try{tmp=JSON.parse($(this).text());results=[];for(k in tmp){results.push(values[k]=tmp[k])}return results}catch(error1){e=error1;console.log("Parsing error",e);return console.log("JSON",$(this).text())}});console.log(values);return values};setSelector="#appslist";setOrder=function(){return setKey("_appsListOrder",$(setSelector).sortable("toArray").join())};removeOidcConsent=function(partner){var e;e=function(j,s,e){return alert(s+" "+e)};return delKey("_oidcConsents",partner,function(){return $("[partner='"+partner+"']").hide()},e)};setKey=function(key,val,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){var d;d={token:data.token};d[key]=val;return $.ajax({type:"PUT",url:datas["scriptname"]+"/mysession/persistent",dataType:"json",data:d,success:success,error:error})}})};delKey=function(key,sub,success,error){return $.ajax({type:"GET",url:datas["scriptname"]+"/mysession/?gettoken",dataType:"json",error:error,success:function(data){return $.ajax({type:"DELETE",url:datas["scriptname"]+"/mysession/persistent/"+key+"?sub="+sub+"&token="+data.token,dataType:"json",success:success,error:error})}})};restoreOrder=function(){var IDs,child,i,item,itemID,items,l,len,len1,list,rebuild,savedOrd,v;list=$(setSelector);if(!(list!=null&&datas["appslistorder"])){return null}IDs=datas["appslistorder"].split(",");items=list.sortable("toArray");rebuild=[];for(i=0,len=items.length;i<len;i++){v=items[i];rebuild[v]=v}for(l=0,len1=IDs.length;l<len1;l++){itemID=IDs[l];if(rebuild[itemID]){item=rebuild[itemID];child=$(setSelector+".ui-sortable").children("#"+item);savedOrd=$(setSelector+".ui-sortable").children("#"+itemID);child.remove();$(setSelector+".ui-sortable").filter(":first").append(savedOrd)}}return 1};isHiddenFormValueSet=function(option){return $("#lmhidden_"+option).length};ping=function(){return $.ajax({type:"POST",url:datas["scriptname"],data:{ping:1},dataType:"json",success:function(data){if(data.result!=null&&data.result===1){return setTimeout(ping,datas["pingInterval"])}else{return location.reload(true)}},error:function(j,t,e){return location.reload(true)}})};window.ping=ping;getCookie=function(cname){var c,ca,i,len,name,re;name=cname+"=";ca=decodeURIComponent(document.cookie).split(";");re=new RegExp("^ *"+cname+"=");for(i=0,len=ca.length;i<len;i++){c=ca[i];if(c.match(re)){c=c.replace(re,"");return c}}return""};setCookie=function(name,value,exdays){var d;d=new Date;d.setTime(d.getTime()+exdays*864e5);return document.cookie=name+"="+value+"; expires="+d.toUTCString()+"; path=/"};datas={};$(document).ready(function(){var action,al,authMenuTabs,back_url,i,l,lang,langdiv,langs,langs2,len,len1,len2,len3,link,m,menuIndex,menuTabs,method,n,nl,nlangs,re,ref,ref1,ref2;datas=getValues();window.datas=datas;if(datas["antiframe"]&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:.5,revert:true,items:"> div.category",update:function(){return setOrder()}});restoreOrder();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-((new Date).getTimezoneOffset()/60));menuTabs=$("#menu").tabs({active:0});menuIndex=$('#menu a[href="#'+datas["displaytab"]+'"]').parent().index();if(menuIndex<0){menuIndex=0}menuTabs.tabs("option","active",menuIndex);authMenuTabs=$("#authMenu").tabs({active:0});if(datas["choicetab"]){authMenuTabs.tabs("option","active",$('#authMenu a[href="#'+datas["choicetab"]+'"]').parent().index())}if(datas["login"]){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(datas["newwindow"]){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){action=$("form.login").attr("action");method=$("form.login").attr("method");back_url="";if(action.indexOf("?")!==-1){action.substring(0,action.indexOf("?"))+"?"}else{back_url=action+"?"}$("form.login input[type=hidden]").each(function(index){return back_url+="&"+$(this).attr("name")+"="+$(this).val()});link=$("p.removeOther a").attr("href")+"&method="+method+"&url="+btoa(back_url);$("p.removeOther a").attr("href",link)}lang=getCookie("llnglanguage");if(!lang){if(navigator){langs=[];langs2=[];nlangs=[navigator.language];if(navigator.languages){nlangs=navigator.languages}ref=window.availableLanguages;for(i=0,len=ref.length;i<len;i++){al=ref[i];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}for(l=0,len1=nlangs.length;l<len1;l++){nl=nlangs[l];console.log("Navigator lang",nl);ref1=window.availableLanguages;for(m=0,len2=ref1.length;m<len2;m++){al=ref1[m];console.log(" Available lang",al);re=new RegExp("^"+al+"-?");if(nl.match(re)){console.log("  Matching lang =",al);langs.push(al)}else if(al.substring(0,1)===nl.substring(0,1)){langs2.push(al)}}}lang=langs[0]?langs[0]:langs2[0]?langs2[0]:window.availableLanguages[0]}else{lang=window.availableLanguages[0]}}else if(indexOf.call(window.availableLanguages,lang)<0){lang=window.availableLanguages[0]}console.log("Selected lang ->",lang);setCookie("llnglanguage",lang);translatePage(lang);langdiv="";ref2=window.availableLanguages;for(n=0,len3=ref2.length;n<len3;n++){al=ref2[n];langdiv+='<img class="langicon" src="'+window.staticPrefix+"common/"+al+'.png" title="'+al+'" alt="['+al+']"> '}$("#languages").html(langdiv);$(".langicon").on("click",function(){lang=$(this).attr("title");setCookie("llnglanguage",lang);return translatePage(lang)});if(datas["pingInterval"]&&datas["pingInterval"]>0){window.setTimeout(ping,datas["pingInterval"])}$(".localeDate").each(function(){var s;s=new Date($(this).attr("val")*1e3);return $(this).text(s.toLocaleString())});return $(".oidcConsent").on("click",function(){return removeOidcConsent($(this).attr("partner"))})})}).call(this);

From 12d2db35a92f7cc47eed68270cbfce85ae562279 Mon Sep 17 00:00:00 2001
From: Maxime Besson <maxime.besson@worteks.com>
Date: Wed, 27 Feb 2019 18:05:35 +0100
Subject: [PATCH 57/58] Add new URLs for SP-only or IDP-only SAML metadata

This commit adds two new URLs:

/saml/metadata/idp : IDP-only metadata
/saml/metadata/sp : SP-only metadata

/saml/metadata keeps providing metadata for all SAML services
---
 .../Lemonldap/NG/Common/Conf/SAML/Metadata.pm    | 16 +++++++++++++++-
 .../lib/Lemonldap/NG/Portal/Lib/SAML.pm          |  7 ++++---
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm
index 9bb715b3d..a81882f35 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm
@@ -23,7 +23,7 @@ my $dataStart = tell(DATA);
 # SAML 2 description.
 # @return string
 sub serviceToXML {
-    my ( $self, $conf ) = @_;
+    my ( $self, $conf, $type ) = @_;
 
     seek DATA, $dataStart, 0;
     my $s = join '', <DATA>;
@@ -41,6 +41,14 @@ sub serviceToXML {
       samlOrganizationURL
     );
 
+    if ($type eq 'idp') {
+	    $template->param( 'hideSPMetadata', 1);
+    }
+
+    if ($type eq 'sp') {
+	    $template->param( 'hideIDPMetadata', 1);
+    }
+
     foreach (@param_auto) {
         $template->param( $_, $self->getValue( $_, $conf ) );
     }
@@ -195,6 +203,7 @@ __DATA__
     xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
     entityID="<TMPL_VAR NAME="samlEntityID">">
 
+  <TMPL_UNLESS NAME="hideIDPMetadata">
   <IDPSSODescriptor
       WantAuthnRequestsSigned="<TMPL_VAR NAME="samlIDPSSODescriptorWantAuthnRequestsSigned">"
       protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
@@ -253,7 +262,9 @@ __DATA__
       ResponseLocation="<TMPL_VAR NAME="samlIDPSSODescriptorSingleSignOnServiceHTTPArtifactResponseLocation">"
       </TMPL_IF>/>
   </IDPSSODescriptor>
+  </TMPL_UNLESS>
 
+  <TMPL_UNLESS NAME="hideSPMetadata">
   <SPSSODescriptor
       AuthnRequestsSigned="<TMPL_VAR NAME="samlSPSSODescriptorAuthnRequestsSigned">"
       WantAssertionsSigned="<TMPL_VAR NAME="samlSPSSODescriptorWantAssertionsSigned">"
@@ -305,7 +316,9 @@ __DATA__
       Binding="<TMPL_VAR NAME="samlSPSSODescriptorAssertionConsumerServiceHTTPPostBinding">"
       Location="<TMPL_VAR NAME="samlSPSSODescriptorAssertionConsumerServiceHTTPPostLocation">" />
   </SPSSODescriptor>
+  </TMPL_UNLESS>
 
+  <TMPL_UNLESS NAME="hideIDPMetadata">
   <AttributeAuthorityDescriptor
     protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <KeyDescriptor use="signing">
@@ -328,6 +341,7 @@ __DATA__
     <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
     <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
   </AttributeAuthorityDescriptor>
+  </TMPL_UNLESS>
   
   <Organization>
     <OrganizationName xml:lang="en"><TMPL_VAR NAME="samlOrganizationName"></OrganizationName>
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
index 22f437595..089cd7479 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
@@ -145,11 +145,11 @@ sub init {
 
     return 0 unless ( $self->lassoServer( $self->loadService ) );
     $self->addUnauthRoute(
-        ( $self->{path} || 'saml' ) => { 'metadata' => 'metadata' },
+        ( $self->{path} || 'saml' ) => { 'metadata' => { ':type' => 'metadata' }},
         ['GET']
     );
     $self->addAuthRoute(
-        ( $self->{path} || 'saml' ) => { 'metadata' => 'metadata' },
+        ( $self->{path} || 'saml' ) => { 'metadata' => { ':type' => 'metadata' }},
         ['GET']
     );
     return 1;
@@ -3072,9 +3072,10 @@ sub importRealSession {
 
 sub metadata {
     my ( $self, $req ) = @_;
+    my $type = $req->param('type');
     require Lemonldap::NG::Common::Conf::SAML::Metadata;
     if ( my $metadata = Lemonldap::NG::Common::Conf::SAML::Metadata->new() ) {
-        my $s = $metadata->serviceToXML( $self->conf );
+        my $s = $metadata->serviceToXML( $self->conf, $type);
         return [
             200,
             [

From 7ad2e0e694ae97e0c0eadf230ff8881d5d3ed161 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= <clement@oodo.net>
Date: Thu, 28 Feb 2019 08:47:33 +0100
Subject: [PATCH 58/58] Remove warning in unit tests (\!61)

---
 .../lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm
index a81882f35..98a1100a8 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm
@@ -41,11 +41,11 @@ sub serviceToXML {
       samlOrganizationURL
     );
 
-    if ($type eq 'idp') {
+    if ($type and $type eq 'idp') {
 	    $template->param( 'hideSPMetadata', 1);
     }
 
-    if ($type eq 'sp') {
+    if ($type and $type eq 'sp') {
 	    $template->param( 'hideIDPMetadata', 1);
     }