Merge branch 'master' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng
This commit is contained in:
commit
74f1cd0cd0
|
@ -129,7 +129,7 @@
|
|||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "llng-fastcgi-server 1"
|
||||
.TH llng-fastcgi-server 1 "2018-03-20" "perl v5.26.1" "User Contributed Perl Documentation"
|
||||
.TH llng-fastcgi-server 1 "2018-03-22" "perl v5.26.1" "User Contributed Perl Documentation"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
|
|
|
@ -15,25 +15,27 @@ sub defaultValues {
|
|||
'type' => 'category'
|
||||
}
|
||||
},
|
||||
'authChoiceParam' => 'lmAuth',
|
||||
'authentication' => 'Demo',
|
||||
'captcha_mail_enabled' => 1,
|
||||
'captcha_register_enabled' => 1,
|
||||
'captcha_size' => 6,
|
||||
'casAccessControlPolicy' => 'none',
|
||||
'casAuthnLevel' => 1,
|
||||
'checkXSS' => 1,
|
||||
'confirmFormMethod' => 'post',
|
||||
'cookieName' => 'lemonldap',
|
||||
'cspConnect' => '\'self\'',
|
||||
'cspDefault' => '\'self\'',
|
||||
'cspFont' => '\'self\'',
|
||||
'cspImg' => '\'self\' data:',
|
||||
'cspScript' => '\'self\'',
|
||||
'cspStyle' => '\'self\'',
|
||||
'dbiAuthnLevel' => 2,
|
||||
'dbiExportedVars' => {},
|
||||
'demoExportedVars' => {
|
||||
'authChoiceParam' => 'lmAuth',
|
||||
'authentication' => 'Demo',
|
||||
'available2F' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey',
|
||||
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
|
||||
'captcha_mail_enabled' => 1,
|
||||
'captcha_register_enabled' => 1,
|
||||
'captcha_size' => 6,
|
||||
'casAccessControlPolicy' => 'none',
|
||||
'casAuthnLevel' => 1,
|
||||
'checkXSS' => 1,
|
||||
'confirmFormMethod' => 'post',
|
||||
'cookieName' => 'lemonldap',
|
||||
'cspConnect' => '\'self\'',
|
||||
'cspDefault' => '\'self\'',
|
||||
'cspFont' => '\'self\'',
|
||||
'cspImg' => '\'self\' data:',
|
||||
'cspScript' => '\'self\'',
|
||||
'cspStyle' => '\'self\'',
|
||||
'dbiAuthnLevel' => 2,
|
||||
'dbiExportedVars' => {},
|
||||
'demoExportedVars' => {
|
||||
'cn' => 'cn',
|
||||
'mail' => 'mail',
|
||||
'uid' => 'uid'
|
||||
|
@ -234,6 +236,7 @@ sub defaultValues {
|
|||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;',
|
||||
'samlSPSSODescriptorWantAssertionsSigned' => 1,
|
||||
'securedCookie' => 0,
|
||||
'sfEngine' => '::2F::Engines::Default',
|
||||
'slaveAuthnLevel' => 2,
|
||||
'slaveExportedVars' => {},
|
||||
'SMTPServer' => '',
|
||||
|
|
|
@ -600,10 +600,12 @@ sub attributes {
|
|||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'available2F' => {
|
||||
'type' => 'text'
|
||||
'default' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey',
|
||||
'type' => 'text'
|
||||
},
|
||||
'available2FSelfRegistration' => {
|
||||
'type' => 'text'
|
||||
'default' => 'TOTP,U2F,Yubikey',
|
||||
'type' => 'text'
|
||||
},
|
||||
'captcha_login_enabled' => {
|
||||
'default' => 0,
|
||||
|
@ -2244,7 +2246,6 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
|||
'type' => 'postContainer'
|
||||
},
|
||||
'protection' => {
|
||||
'default' => 'none',
|
||||
'msgFail' => '__authorizedValues__: none authenticate manager',
|
||||
'test' => qr/^(?:none|authenticate|manager|)$/,
|
||||
'type' => 'text'
|
||||
|
@ -3017,24 +3018,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'type' => 'text'
|
||||
},
|
||||
'secureTokenAttribute' => {
|
||||
'default' => 'uid',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'secureTokenExpiration' => {
|
||||
'default' => 60,
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'secureTokenHeader' => {
|
||||
'default' => 'Auth-Token',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'secureTokenMemcachedServers' => {
|
||||
'default' => '',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'secureTokenUrls' => {
|
||||
'default' => '.*',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'sessionDataToRemember' => {
|
||||
'keyMsgFail' => '__invalidSessionData__',
|
||||
|
@ -3042,7 +3038,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'sfEngine' => {
|
||||
'default' => '::2F::Engine::Default',
|
||||
'default' => '::2F::Engines::Default',
|
||||
'type' => 'text'
|
||||
},
|
||||
'singleIP' => {
|
||||
|
|
|
@ -87,6 +87,9 @@ sub run {
|
|||
switch(tpl){
|
||||
';
|
||||
|
||||
my $reverseScanResult =
|
||||
$self->reverseScan( Lemonldap::NG::Manager::Build::Tree::tree(), '', {} );
|
||||
|
||||
# To build confTree.js, each special node is scanned from
|
||||
# Lemonldap::NG::Manager::Build::CTrees
|
||||
foreach my $node ( sort keys %$mainTree ) {
|
||||
|
@ -226,6 +229,14 @@ EOF
|
|||
|
||||
printf STDERR $format, $self->defaultValuesFile;
|
||||
$defaultValues->{locationRules} = $attributes->{locationRules}->{default};
|
||||
foreach ( keys %$attributes ) {
|
||||
if ( not /(?:MetaData|vhost)/
|
||||
and $attributes->{$_}->{default}
|
||||
and not $reverseScanResult->{$_} )
|
||||
{
|
||||
$defaultValues->{$_} = $attributes->{$_}->{default};
|
||||
}
|
||||
}
|
||||
my $defaultAttr = mydump( $defaultValues, 'defaultValues' );
|
||||
$defaultAttr = "# This file is generated by $module. Don't modify it by hand
|
||||
package Lemonldap::NG::Common::Conf::DefaultValues;
|
||||
|
@ -383,12 +394,7 @@ $managerAttr}
|
|||
printf STDERR $format, $self->reverseTreeFile;
|
||||
open( F, ">", $self->reverseTreeFile ) or die($!);
|
||||
$jsonEnc->pretty(0);
|
||||
print F $jsonEnc->encode(
|
||||
$self->reverseScan(
|
||||
Lemonldap::NG::Manager::Build::Tree::tree(),
|
||||
'', {}
|
||||
)
|
||||
);
|
||||
print F $jsonEnc->encode($reverseScanResult);
|
||||
close F;
|
||||
print STDERR "done\n";
|
||||
}
|
||||
|
|
|
@ -374,7 +374,6 @@ sub attributes {
|
|||
type => 'text',
|
||||
test => qr/^(?:none|authenticate|manager|)$/,
|
||||
msgFail => '__authorizedValues__: none authenticate manager',
|
||||
default => 'none',
|
||||
documentation => 'Manager protection method',
|
||||
flags => 'hm',
|
||||
},
|
||||
|
@ -1218,24 +1217,24 @@ sub attributes {
|
|||
'Authentication level for users authentified by Yubikey second factor'
|
||||
},
|
||||
yubikey2fClientID => {
|
||||
type => 'text',
|
||||
type => 'text',
|
||||
documentation => 'Yubico client ID',
|
||||
},
|
||||
yubikey2fSecretKey => {
|
||||
type => 'text',
|
||||
type => 'text',
|
||||
documentation => 'Yubico secret key',
|
||||
},
|
||||
yubikey2fNonce => {
|
||||
type => 'text',
|
||||
type => 'text',
|
||||
documentation => 'Yubico nonce',
|
||||
},
|
||||
yubikey2fUrl => {
|
||||
type => 'text',
|
||||
type => 'text',
|
||||
documentation => 'Yubico server',
|
||||
},
|
||||
yubikey2fPublicIDSize => {
|
||||
type => 'int',
|
||||
default => 12,
|
||||
type => 'int',
|
||||
default => 12,
|
||||
documentation => 'Yubikey public ID size',
|
||||
},
|
||||
|
||||
|
@ -1430,31 +1429,26 @@ sub attributes {
|
|||
type => 'text',
|
||||
documentation => 'Secure Token attribute',
|
||||
flags => 'h',
|
||||
default => 'uid',
|
||||
},
|
||||
secureTokenExpiration => {
|
||||
type => 'text',
|
||||
documentation => 'Secure Token expiration',
|
||||
flags => 'h',
|
||||
default => 60,
|
||||
},
|
||||
secureTokenHeader => {
|
||||
type => 'text',
|
||||
documentation => 'Secure Token header',
|
||||
flags => 'h',
|
||||
default => 'Auth-Token',
|
||||
},
|
||||
secureTokenMemcachedServers => {
|
||||
type => 'text',
|
||||
documentation => 'Secure Token Memcached servers',
|
||||
flags => 'h',
|
||||
default => '',
|
||||
},
|
||||
secureTokenUrls => {
|
||||
type => 'text',
|
||||
documentation => '',
|
||||
flags => 'h',
|
||||
default => '.*',
|
||||
},
|
||||
|
||||
# Zimbra handler parameters
|
||||
|
@ -2183,15 +2177,17 @@ sub attributes {
|
|||
# Seconf Factor Engine
|
||||
sfEngine => {
|
||||
type => 'text',
|
||||
default => '::2F::Engine::Default',
|
||||
default => '::2F::Engines::Default',
|
||||
documentation => 'Second factor engine',
|
||||
},
|
||||
available2F => {
|
||||
type => 'text',
|
||||
default => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey',
|
||||
documentation => 'Available second factor modules',
|
||||
},
|
||||
available2FSelfRegistration => {
|
||||
type => 'text',
|
||||
type => 'text',
|
||||
default => 'TOTP,U2F,Yubikey',
|
||||
documentation =>
|
||||
'Available self-registration modules for second factor',
|
||||
},
|
||||
|
|
|
@ -224,7 +224,6 @@ sub reloadConf {
|
|||
}
|
||||
|
||||
# Load second-factor engine
|
||||
$self->conf->{'sfEngine'} ||= '::2F::Engines::Default';
|
||||
return $self->fail
|
||||
unless $self->{_sfEngine} =
|
||||
$self->loadPlugin( $self->conf->{'sfEngine'} );
|
||||
|
|
Loading…
Reference in New Issue