Merge branch 'v2.0'
This commit is contained in:
commit
76ec67be69
|
@ -341,8 +341,7 @@ Password Policy
|
|||
- **Minimal upper characters**: leave 0 to bypass the check
|
||||
- **Minimal digit characters**: leave 0 to bypass the check
|
||||
- **Minimal special characters**: leave 0 to bypass the check
|
||||
- **Allowed special characters**: set blanck to forbid special
|
||||
characters (``_`` is not a special character)
|
||||
- **Allowed special characters**: set '__ALL__' value to allow ALL special characters. A blanck value forbids ALL special characters (Note that ``_`` is not a special character)
|
||||
- **Display policy in password form**: enable this to display an
|
||||
information message about password policy constraints
|
||||
|
||||
|
|
|
@ -762,9 +762,9 @@
|
|||
"passwordPolicyMinDigit":"Minimum de chiffres",
|
||||
"passwordPolicyMinLower":"Minimum de minuscules",
|
||||
"passwordPolicyMinSize":"Taille minimale",
|
||||
"passwordPolicyMinSpeChar":"Minimum de caractètes spéciaux",
|
||||
"passwordPolicyMinSpeChar":"Minimum de caractères spéciaux",
|
||||
"passwordPolicyMinUpper":"Minimum de majuscules",
|
||||
"passwordPolicySpecialChar":"Caractètes spéciaux autorisés",
|
||||
"passwordPolicySpecialChar":"Caractères spéciaux autorisés",
|
||||
"passwordResetAllowedRetries":"Nombre d'essais pour réinitialiser le mot de passe",
|
||||
"persistent":"Persistantes",
|
||||
"persistentSessions":"Sessions persistantes",
|
||||
|
|
|
@ -72,6 +72,7 @@ sub displayInit {
|
|||
|| $self->conf->{passwordPolicyMinLower}
|
||||
|| $self->conf->{passwordPolicyMinUpper}
|
||||
|| $self->conf->{passwordPolicyMinDigit}
|
||||
|| $self->conf->{passwordPolicyMinSpeChar}
|
||||
|| $speChars;
|
||||
$self->isPP($isPP);
|
||||
}
|
||||
|
@ -260,7 +261,7 @@ sub display {
|
|||
PPOLICY_MINDIGIT => $self->conf->{passwordPolicyMinDigit},
|
||||
PPOLICY_MINSPECHAR => $self->conf->{passwordPolicyMinSpeChar},
|
||||
(
|
||||
$self->conf->{passwordPolicyMinSpeChar}
|
||||
$self->conf->{passwordPolicyMinSpeChar} || $self->speChars()
|
||||
? ( PPOLICY_ALLOWEDSPECHAR => $self->speChars() )
|
||||
: ()
|
||||
),
|
||||
|
@ -404,6 +405,68 @@ sub display {
|
|||
( $req->data->{waitingMessage} ? ( WAITING_MESSAGE => 1 ) : () ),
|
||||
);
|
||||
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
# Display captcha if it's enabled
|
||||
if ( $req->captcha ) {
|
||||
%templateParams = (
|
||||
%templateParams,
|
||||
CAPTCHA_SRC => $req->captcha,
|
||||
CAPTCHA_SIZE => $self->{conf}->{captcha_size} || 6
|
||||
);
|
||||
}
|
||||
if ( $req->token ) {
|
||||
%templateParams = ( %templateParams, TOKEN => $req->token, );
|
||||
}
|
||||
|
||||
# Show password form if password policy error
|
||||
if (
|
||||
|
||||
$req->{error} == PE_PP_CHANGE_AFTER_RESET
|
||||
or $req->{error} == PE_PP_MUST_SUPPLY_OLD_PASSWORD
|
||||
or $req->{error} == PE_PP_INSUFFICIENT_PASSWORD_QUALITY
|
||||
or $req->{error} == PE_PP_PASSWORD_TOO_SHORT
|
||||
or $req->{error} == PE_PP_PASSWORD_TOO_YOUNG
|
||||
or $req->{error} == PE_PP_PASSWORD_IN_HISTORY
|
||||
or $req->{error} == PE_PASSWORD_MISMATCH
|
||||
or $req->{error} == PE_BADOLDPASSWORD
|
||||
or $req->{error} == PE_PASSWORDFORMEMPTY
|
||||
or ( $req->{error} == PE_PP_PASSWORD_EXPIRED
|
||||
and $self->conf->{ldapAllowResetExpiredPassword} )
|
||||
)
|
||||
{
|
||||
%templateParams = (
|
||||
%templateParams,
|
||||
REQUIRE_OLDPASSWORD =>
|
||||
1, # Old password is required to check user credentials
|
||||
DISPLAY_FORM => 0,
|
||||
DISPLAY_OPENID_FORM => 0,
|
||||
DISPLAY_YUBIKEY_FORM => 0,
|
||||
DISPLAY_PASSWORD => 1,
|
||||
DISPLAY_RESETPASSWORD => 0,
|
||||
AUTH_LOOP => [],
|
||||
CHOICE_PARAM => $self->conf->{authChoiceParam},
|
||||
CHOICE_VALUE => $req->data->{_authChoice},
|
||||
OLDPASSWORD => $self->checkXSSAttack( 'oldpassword',
|
||||
$req->data->{oldpassword} ) ? ""
|
||||
: $req->data->{oldpassword},
|
||||
HIDE_OLDPASSWORD => $self->conf->{hideOldPassword},
|
||||
PPOLICY_NOPOLICY => !$self->isPP(),
|
||||
DISPLAY_PPOLICY => $self->conf->{portalDisplayPasswordPolicy},
|
||||
PPOLICY_MINSIZE => $self->conf->{passwordPolicyMinSize},
|
||||
PPOLICY_MINLOWER => $self->conf->{passwordPolicyMinLower},
|
||||
PPOLICY_MINUPPER => $self->conf->{passwordPolicyMinUpper},
|
||||
PPOLICY_MINDIGIT => $self->conf->{passwordPolicyMinDigit},
|
||||
PPOLICY_MINSPECHAR => $self->conf->{passwordPolicyMinSpeChar},
|
||||
(
|
||||
$self->conf->{passwordPolicyMinSpeChar} || $self->speChars()
|
||||
? ( PPOLICY_ALLOWEDSPECHAR => $self->speChars() )
|
||||
: ()
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
>>>>>>> v2.0
|
||||
# Disable all forms on:
|
||||
# * Logout message
|
||||
# * Account lock
|
||||
|
|
|
@ -195,14 +195,16 @@ sub checkPasswordQuality {
|
|||
}
|
||||
|
||||
## Fobidden special characters
|
||||
$password =~ s/[\Q$speChars\E\w]//g;
|
||||
if ($password) {
|
||||
$self->logger->error( 'Password contains '
|
||||
. length($password)
|
||||
. " forbidden character(s): $password" );
|
||||
return length($password) > 1
|
||||
? PE_PP_NOT_ALLOWED_CHARACTERS
|
||||
: PE_PP_NOT_ALLOWED_CHARACTER;
|
||||
unless ( $speChars eq '__ALL__' ) {
|
||||
$password =~ s/[\Q$speChars\E\w]//g;
|
||||
if ($password) {
|
||||
$self->logger->error( 'Password contains '
|
||||
. length($password)
|
||||
. " forbidden character(s): $password" );
|
||||
return length($password) > 1
|
||||
? PE_PP_NOT_ALLOWED_CHARACTERS
|
||||
: PE_PP_NOT_ALLOWED_CHARACTER;
|
||||
}
|
||||
}
|
||||
|
||||
return PE_OK;
|
||||
|
|
|
@ -48,8 +48,8 @@ ok(
|
|||
ok( $res->[2]->[0] =~ m%<input id="oldpassword" name="oldpassword"%,
|
||||
' Old password input' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="passwordPolicyNone">%,
|
||||
' passwordPolicyNone' )
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="passwordPolicyMinSpeChar">Minimal special characters:</span> 2%,
|
||||
' passwordPolicyMinSpeChar' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(3);
|
||||
|
||||
|
|
Loading…
Reference in New Issue