dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secure Token configuration in Manager (#288)

Browse Source
This commit is contained in:
Clément Oudot 2011-07-06 09:36:15 +00:00
parent e69d175174
commit 846a9b8998
3 changed files with 97 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
modules/lemonldap-ng-manager/example/skins/default/js/manager.js
View File

@ -68,6 +68,7 @@ var helpCh={
'samlSPExportedAttributes':'/pages/documentation/latest/idpsaml.html#exported_attributes',
'samlSPMetaDataXML':'/pages/documentation/latest/idpsaml.html#metadata',
'samlSPOptions':'/pages/documentation/latest/idpsaml.html#options',
'securetoken':'/pages/documentation/latest/securetoken.html',
'security':'/pages/documentation/latest/security.html#configure_security_settings',
'sessions':'/pages/documentation/latest/sessions.html',
'sessionsdb':'/pages/documentation/latest/start.html#sessions_database',

69
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
View File

@ -850,7 +850,8 @@ sub struct {
},
specialHandlers => {
_nodes => [qw(zimbraHandler sympaHandler)],
_nodes =>
[qw(zimbraHandler sympaHandler secureTokenHandler)],
# Zimbra
zimbraHandler => {
@ -872,6 +873,20 @@ sub struct {
sympaSecret => 'text:/sympaSecret',
sympaMailKey => 'text:/sympaMailKey',
},
# Secure Token
secureTokenHandler => {
_nodes => [
qw(secureTokenMemcachedServers secureTokenExpiration secureTokenAttribute secureTokenUrls secureTokenHeader)
],
_help => 'securetoken',
secureTokenMemcachedServers =>
'text:/secureTokenMemcachedServers',
secureTokenExpiration => 'int:/secureTokenExpiration',
secureTokenAttribute => 'text:secureTokenAttribute',
secureTokenUrls => 'text:/secureTokenUrls',
secureTokenHeader => 'text:/secureTokenHeader',
},
},
logoutServices => {
@ -1773,6 +1788,13 @@ sub testStruct {
yubikeyClientID => $testNotDefined,
yubikeySecretKey => $testNotDefined,
yubikeyPublicIDSize => $integer,
# Secure Token
secureTokenMemcachedServers => $testNotDefined,
secureTokenExpiration => $integer,
secureTokenAttribute => $testNotDefined,
secureTokenUrls => $testNotDefined,
secureTokenHeader => $testNotDefined,
};
}
@ -1836,26 +1858,31 @@ sub defaultConf {
protection => 'none',
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
securedCookie => '0',
singleSession => '0',
singleIP => '0',
singleUserByIP => '0',
Soap => '1',
SSLRequired => '0',
storePassword => '0',
syslog => '',
timeout => '72000',
timeoutActivity => '0',
userControl => '^[\w\.\-@]+$',
userDB => 'LDAP',
passwordDB => 'LDAP',
useRedirectOnError => '1',
useRedirectOnForbidden => '0',
useSafeJail => '1',
useXForwardedForIP => '0',
vhostPort => '-1',
vhostHttps => '-1',
whatToTrace => '$_whatToTrace',
yubikeyPublicIDSize => '12',
secureTokenMemcachedServers => '127.0.0.1:11211',
secureTokenExpiration => '60',
secureTokenAttribute => 'uid',
secureTokenUrls => '.*',
secureTokenHeader => 'Auth-Token',
singleSession => '0',
singleIP => '0',
singleUserByIP => '0',
Soap => '1',
SSLRequired => '0',
storePassword => '0',
syslog => '',
timeout => '72000',
timeoutActivity => '0',
userControl => '^[\w\.\-@]+$',
userDB => 'LDAP',
passwordDB => 'LDAP',
useRedirectOnError => '1',
useRedirectOnForbidden => '0',
useSafeJail => '1',
useXForwardedForIP => '0',
vhostPort => '-1',
vhostHttps => '-1',
whatToTrace => '$_whatToTrace',
yubikeyPublicIDSize => '12',
########
# SAML #
########

84
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
View File

@ -274,6 +274,12 @@ sub en {
remotePortal => 'Portal URL',
rules => 'Rules',
securedCookie => 'Secured Cookie (SSL)',
secureTokenAttribute => 'Attribute to store',
secureTokenExpiration => 'Token expiration',
secureTokenHandler => 'Secure Token',
secureTokenHeader => 'Header name',
secureTokenMemcachedServers => 'Memcached servers',
secureTokenUrls => 'Protected URLs',
security => 'Security',
session => 'session',
sessions => 'sessions',
@ -693,42 +699,48 @@ sub fr {
purgeNotification => 'Supprimer définitivement la notification',
randomPasswordRegexp =>
'Expression regulière pour la génération des mots de passe',
redirection => 'Redirections du Handler',
remoteCookieName => 'Nom du cookie',
remoteGlobalStorage => 'Module des sessions',
remoteGlobalStorageOptions => 'Options du module des sessions',
remoteParams => 'Paramètres Remote',
remotePortal => 'URL du portail',
rules => 'Règles',
securedCookie => 'Cookie sécurisé (SSL)',
security => 'Sécurité',
session => 'session',
sessions => 'sessions',
sessionDeleted => 'La session a été supprimée',
sessionParams => 'Sessions',
sessionStartedAt => 'Session démarrée le ',
sessionStorage => 'Stockage des sessions',
sessionTitle => 'Contenu de la session',
singleIP => 'Une seule IP par utilisateur',
singleSession => 'Une seule session par utilisateur',
singleUserByIP => 'Une seule adresse IP par utilisateur',
slaveAuthnLevel => 'Niveau d\'authentification',
slaveParams => 'Paramètres Slave',
slaveUserHeader => "En-tête identifiant l'utilisateur",
SMTPAuthPass => 'Mot de passe SMTP',
SMTPAuthUser => 'Utilisateur SMTP',
SMTPServer => 'Serveur SMTP',
soap => 'SOAP',
Soap => 'Activation',
soapAuthService => 'URL du portail',
soapSessionService => 'Point d\'accès SOAP des sessions',
specialHandlers => 'Handlers spéciaux',
SSLAuthnLevel => 'Niveau d\'authentification',
SSLLDAPField => 'Attribut LDAP pour le filtre',
sslParams => 'Paramètres SSL',
SSLRequire => 'SSL Requis',
SSLVar => 'Champ extrait du certificat',
startTime => 'Date de création',
redirection => 'Redirections du Handler',
remoteCookieName => 'Nom du cookie',
remoteGlobalStorage => 'Module des sessions',
remoteGlobalStorageOptions => 'Options du module des sessions',
remoteParams => 'Paramètres Remote',
remotePortal => 'URL du portail',
rules => 'Règles',
securedCookie => 'Cookie sécurisé (SSL)',
secureTokenAttribute => 'Attribut à stocker',
secureTokenExpiration => 'Expiration du jeton',
secureTokenHandler => 'Jeton sécurisé',
secureTokenHeader => "Nom de l'en-tête HTTP",
secureTokenMemcachedServers => 'Serveurs Memcached',
secureTokenUrls => 'URLs protégées',
security => 'Sécurité',
session => 'session',
sessions => 'sessions',
sessionDeleted => 'La session a été supprimée',
sessionParams => 'Sessions',
sessionStartedAt => 'Session démarrée le ',
sessionStorage => 'Stockage des sessions',
sessionTitle => 'Contenu de la session',
singleIP => 'Une seule IP par utilisateur',
singleSession => 'Une seule session par utilisateur',
singleUserByIP => 'Une seule adresse IP par utilisateur',
slaveAuthnLevel => 'Niveau d\'authentification',
slaveParams => 'Paramètres Slave',
slaveUserHeader => "En-tête identifiant l'utilisateur",
SMTPAuthPass => 'Mot de passe SMTP',
SMTPAuthUser => 'Utilisateur SMTP',
SMTPServer => 'Serveur SMTP',
soap => 'SOAP',
Soap => 'Activation',
soapAuthService => 'URL du portail',
soapSessionService => 'Point d\'accès SOAP des sessions',
specialHandlers => 'Handlers spéciaux',
SSLAuthnLevel => 'Niveau d\'authentification',
SSLLDAPField => 'Attribut LDAP pour le filtre',
sslParams => 'Paramètres SSL',
SSLRequire => 'SSL Requis',
SSLVar => 'Champ extrait du certificat',
startTime => 'Date de création',
storePassword => "Stocke le mot de passe de l'utilisateur en session",
sympaHandler => 'Sympa',
sympaMailKey => 'Clé de session pour le mail',