diff --git a/fastcgi-server/man/llng-fastcgi-server.1p b/fastcgi-server/man/llng-fastcgi-server.1p index 27fec9427..f3e6c4c15 100644 --- a/fastcgi-server/man/llng-fastcgi-server.1p +++ b/fastcgi-server/man/llng-fastcgi-server.1p @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "llng-fastcgi-server 1" -.TH llng-fastcgi-server 1 "2018-03-20" "perl v5.26.1" "User Contributed Perl Documentation" +.TH llng-fastcgi-server 1 "2018-03-22" "perl v5.26.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm index b54c0823e..23653ddd7 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm @@ -15,25 +15,27 @@ sub defaultValues { 'type' => 'category' } }, - 'authChoiceParam' => 'lmAuth', - 'authentication' => 'Demo', - 'captcha_mail_enabled' => 1, - 'captcha_register_enabled' => 1, - 'captcha_size' => 6, - 'casAccessControlPolicy' => 'none', - 'casAuthnLevel' => 1, - 'checkXSS' => 1, - 'confirmFormMethod' => 'post', - 'cookieName' => 'lemonldap', - 'cspConnect' => '\'self\'', - 'cspDefault' => '\'self\'', - 'cspFont' => '\'self\'', - 'cspImg' => '\'self\' data:', - 'cspScript' => '\'self\'', - 'cspStyle' => '\'self\'', - 'dbiAuthnLevel' => 2, - 'dbiExportedVars' => {}, - 'demoExportedVars' => { + 'authChoiceParam' => 'lmAuth', + 'authentication' => 'Demo', + 'available2F' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey', + 'available2FSelfRegistration' => 'TOTP,U2F,Yubikey', + 'captcha_mail_enabled' => 1, + 'captcha_register_enabled' => 1, + 'captcha_size' => 6, + 'casAccessControlPolicy' => 'none', + 'casAuthnLevel' => 1, + 'checkXSS' => 1, + 'confirmFormMethod' => 'post', + 'cookieName' => 'lemonldap', + 'cspConnect' => '\'self\'', + 'cspDefault' => '\'self\'', + 'cspFont' => '\'self\'', + 'cspImg' => '\'self\' data:', + 'cspScript' => '\'self\'', + 'cspStyle' => '\'self\'', + 'dbiAuthnLevel' => 2, + 'dbiExportedVars' => {}, + 'demoExportedVars' => { 'cn' => 'cn', 'mail' => 'mail', 'uid' => 'uid' @@ -234,6 +236,7 @@ sub defaultValues { 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;', 'samlSPSSODescriptorWantAssertionsSigned' => 1, 'securedCookie' => 0, + 'sfEngine' => '::2F::Engines::Default', 'slaveAuthnLevel' => 2, 'slaveExportedVars' => {}, 'SMTPServer' => '', diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index bd7532b4a..63d405a05 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -600,10 +600,12 @@ sub attributes { 'type' => 'keyTextContainer' }, 'available2F' => { - 'type' => 'text' + 'default' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey', + 'type' => 'text' }, 'available2FSelfRegistration' => { - 'type' => 'text' + 'default' => 'TOTP,U2F,Yubikey', + 'type' => 'text' }, 'captcha_login_enabled' => { 'default' => 0, @@ -2244,7 +2246,6 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ 'type' => 'postContainer' }, 'protection' => { - 'default' => 'none', 'msgFail' => '__authorizedValues__: none authenticate manager', 'test' => qr/^(?:none|authenticate|manager|)$/, 'type' => 'text' @@ -3017,24 +3018,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'type' => 'text' }, 'secureTokenAttribute' => { - 'default' => 'uid', - 'type' => 'text' + 'type' => 'text' }, 'secureTokenExpiration' => { - 'default' => 60, - 'type' => 'text' + 'type' => 'text' }, 'secureTokenHeader' => { - 'default' => 'Auth-Token', - 'type' => 'text' + 'type' => 'text' }, 'secureTokenMemcachedServers' => { - 'default' => '', - 'type' => 'text' + 'type' => 'text' }, 'secureTokenUrls' => { - 'default' => '.*', - 'type' => 'text' + 'type' => 'text' }, 'sessionDataToRemember' => { 'keyMsgFail' => '__invalidSessionData__', @@ -3042,7 +3038,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'type' => 'keyTextContainer' }, 'sfEngine' => { - 'default' => '::2F::Engine::Default', + 'default' => '::2F::Engines::Default', 'type' => 'text' }, 'singleIP' => { diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm index 66dec355b..9c9c9fe9e 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm @@ -87,6 +87,9 @@ sub run { switch(tpl){ '; + my $reverseScanResult = + $self->reverseScan( Lemonldap::NG::Manager::Build::Tree::tree(), '', {} ); + # To build confTree.js, each special node is scanned from # Lemonldap::NG::Manager::Build::CTrees foreach my $node ( sort keys %$mainTree ) { @@ -226,6 +229,14 @@ EOF printf STDERR $format, $self->defaultValuesFile; $defaultValues->{locationRules} = $attributes->{locationRules}->{default}; + foreach ( keys %$attributes ) { + if ( not /(?:MetaData|vhost)/ + and $attributes->{$_}->{default} + and not $reverseScanResult->{$_} ) + { + $defaultValues->{$_} = $attributes->{$_}->{default}; + } + } my $defaultAttr = mydump( $defaultValues, 'defaultValues' ); $defaultAttr = "# This file is generated by $module. Don't modify it by hand package Lemonldap::NG::Common::Conf::DefaultValues; @@ -383,12 +394,7 @@ $managerAttr} printf STDERR $format, $self->reverseTreeFile; open( F, ">", $self->reverseTreeFile ) or die($!); $jsonEnc->pretty(0); - print F $jsonEnc->encode( - $self->reverseScan( - Lemonldap::NG::Manager::Build::Tree::tree(), - '', {} - ) - ); + print F $jsonEnc->encode($reverseScanResult); close F; print STDERR "done\n"; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 8483fd24e..b8a914a7d 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -374,7 +374,6 @@ sub attributes { type => 'text', test => qr/^(?:none|authenticate|manager|)$/, msgFail => '__authorizedValues__: none authenticate manager', - default => 'none', documentation => 'Manager protection method', flags => 'hm', }, @@ -1218,24 +1217,24 @@ sub attributes { 'Authentication level for users authentified by Yubikey second factor' }, yubikey2fClientID => { - type => 'text', + type => 'text', documentation => 'Yubico client ID', }, yubikey2fSecretKey => { - type => 'text', + type => 'text', documentation => 'Yubico secret key', }, yubikey2fNonce => { - type => 'text', + type => 'text', documentation => 'Yubico nonce', }, yubikey2fUrl => { - type => 'text', + type => 'text', documentation => 'Yubico server', }, yubikey2fPublicIDSize => { - type => 'int', - default => 12, + type => 'int', + default => 12, documentation => 'Yubikey public ID size', }, @@ -1430,31 +1429,26 @@ sub attributes { type => 'text', documentation => 'Secure Token attribute', flags => 'h', - default => 'uid', }, secureTokenExpiration => { type => 'text', documentation => 'Secure Token expiration', flags => 'h', - default => 60, }, secureTokenHeader => { type => 'text', documentation => 'Secure Token header', flags => 'h', - default => 'Auth-Token', }, secureTokenMemcachedServers => { type => 'text', documentation => 'Secure Token Memcached servers', flags => 'h', - default => '', }, secureTokenUrls => { type => 'text', documentation => '', flags => 'h', - default => '.*', }, # Zimbra handler parameters @@ -2183,15 +2177,17 @@ sub attributes { # Seconf Factor Engine sfEngine => { type => 'text', - default => '::2F::Engine::Default', + default => '::2F::Engines::Default', documentation => 'Second factor engine', }, available2F => { type => 'text', + default => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey', documentation => 'Available second factor modules', }, available2FSelfRegistration => { - type => 'text', + type => 'text', + default => 'TOTP,U2F,Yubikey', documentation => 'Available self-registration modules for second factor', }, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index 9a3cd316e..f5bd9c874 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -224,7 +224,6 @@ sub reloadConf { } # Load second-factor engine - $self->conf->{'sfEngine'} ||= '::2F::Engines::Default'; return $self->fail unless $self->{_sfEngine} = $self->loadPlugin( $self->conf->{'sfEngine'} );