Secure Token configuration in Manager (#288)
This commit is contained in:
Clément Oudot
parent
e69d175174
commit
846a9b8998
|
|
@ -68,6 +68,7 @@ var helpCh={
|
||||||
'samlSPExportedAttributes':'/pages/documentation/latest/idpsaml.html#exported_attributes',
|
'samlSPExportedAttributes':'/pages/documentation/latest/idpsaml.html#exported_attributes',
|
||||||
'samlSPMetaDataXML':'/pages/documentation/latest/idpsaml.html#metadata',
|
'samlSPMetaDataXML':'/pages/documentation/latest/idpsaml.html#metadata',
|
||||||
'samlSPOptions':'/pages/documentation/latest/idpsaml.html#options',
|
'samlSPOptions':'/pages/documentation/latest/idpsaml.html#options',
|
||||||
|
'securetoken':'/pages/documentation/latest/securetoken.html',
|
||||||
'security':'/pages/documentation/latest/security.html#configure_security_settings',
|
'security':'/pages/documentation/latest/security.html#configure_security_settings',
|
||||||
'sessions':'/pages/documentation/latest/sessions.html',
|
'sessions':'/pages/documentation/latest/sessions.html',
|
||||||
'sessionsdb':'/pages/documentation/latest/start.html#sessions_database',
|
'sessionsdb':'/pages/documentation/latest/start.html#sessions_database',
|
||||||
|
|
|
||||||
|
|
@ -850,7 +850,8 @@ sub struct {
|
||||||
},
|
},
|
||||||
|
|
||||||
specialHandlers => {
|
specialHandlers => {
|
||||||
_nodes => [qw(zimbraHandler sympaHandler)],
|
_nodes =>
|
||||||
|
[qw(zimbraHandler sympaHandler secureTokenHandler)],
|
||||||
|
|
||||||
# Zimbra
|
# Zimbra
|
||||||
zimbraHandler => {
|
zimbraHandler => {
|
||||||
|
|
@ -872,6 +873,20 @@ sub struct {
|
||||||
sympaSecret => 'text:/sympaSecret',
|
sympaSecret => 'text:/sympaSecret',
|
||||||
sympaMailKey => 'text:/sympaMailKey',
|
sympaMailKey => 'text:/sympaMailKey',
|
||||||
},
|
},
|
||||||
|
|
||||||
|
# Secure Token
|
||||||
|
secureTokenHandler => {
|
||||||
|
_nodes => [
|
||||||
|
qw(secureTokenMemcachedServers secureTokenExpiration secureTokenAttribute secureTokenUrls secureTokenHeader)
|
||||||
|
],
|
||||||
|
_help => 'securetoken',
|
||||||
|
secureTokenMemcachedServers =>
|
||||||
|
'text:/secureTokenMemcachedServers',
|
||||||
|
secureTokenExpiration => 'int:/secureTokenExpiration',
|
||||||
|
secureTokenAttribute => 'text:secureTokenAttribute',
|
||||||
|
secureTokenUrls => 'text:/secureTokenUrls',
|
||||||
|
secureTokenHeader => 'text:/secureTokenHeader',
|
||||||
|
},
|
||||||
},
|
},
|
||||||
|
|
||||||
logoutServices => {
|
logoutServices => {
|
||||||
|
|
@ -1773,6 +1788,13 @@ sub testStruct {
|
||||||
yubikeyClientID => $testNotDefined,
|
yubikeyClientID => $testNotDefined,
|
||||||
yubikeySecretKey => $testNotDefined,
|
yubikeySecretKey => $testNotDefined,
|
||||||
yubikeyPublicIDSize => $integer,
|
yubikeyPublicIDSize => $integer,
|
||||||
|
|
||||||
|
# Secure Token
|
||||||
|
secureTokenMemcachedServers => $testNotDefined,
|
||||||
|
secureTokenExpiration => $integer,
|
||||||
|
secureTokenAttribute => $testNotDefined,
|
||||||
|
secureTokenUrls => $testNotDefined,
|
||||||
|
secureTokenHeader => $testNotDefined,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1836,26 +1858,31 @@ sub defaultConf {
|
||||||
protection => 'none',
|
protection => 'none',
|
||||||
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
||||||
securedCookie => '0',
|
securedCookie => '0',
|
||||||
singleSession => '0',
|
secureTokenMemcachedServers => '127.0.0.1:11211',
|
||||||
singleIP => '0',
|
secureTokenExpiration => '60',
|
||||||
singleUserByIP => '0',
|
secureTokenAttribute => 'uid',
|
||||||
Soap => '1',
|
secureTokenUrls => '.*',
|
||||||
SSLRequired => '0',
|
secureTokenHeader => 'Auth-Token',
|
||||||
storePassword => '0',
|
singleSession => '0',
|
||||||
syslog => '',
|
singleIP => '0',
|
||||||
timeout => '72000',
|
singleUserByIP => '0',
|
||||||
timeoutActivity => '0',
|
Soap => '1',
|
||||||
userControl => '^[\w\.\-@]+$',
|
SSLRequired => '0',
|
||||||
userDB => 'LDAP',
|
storePassword => '0',
|
||||||
passwordDB => 'LDAP',
|
syslog => '',
|
||||||
useRedirectOnError => '1',
|
timeout => '72000',
|
||||||
useRedirectOnForbidden => '0',
|
timeoutActivity => '0',
|
||||||
useSafeJail => '1',
|
userControl => '^[\w\.\-@]+$',
|
||||||
useXForwardedForIP => '0',
|
userDB => 'LDAP',
|
||||||
vhostPort => '-1',
|
passwordDB => 'LDAP',
|
||||||
vhostHttps => '-1',
|
useRedirectOnError => '1',
|
||||||
whatToTrace => '$_whatToTrace',
|
useRedirectOnForbidden => '0',
|
||||||
yubikeyPublicIDSize => '12',
|
useSafeJail => '1',
|
||||||
|
useXForwardedForIP => '0',
|
||||||
|
vhostPort => '-1',
|
||||||
|
vhostHttps => '-1',
|
||||||
|
whatToTrace => '$_whatToTrace',
|
||||||
|
yubikeyPublicIDSize => '12',
|
||||||
########
|
########
|
||||||
# SAML #
|
# SAML #
|
||||||
########
|
########
|
||||||
|
|
|
||||||
|
|
@ -274,6 +274,12 @@ sub en {
|
||||||
remotePortal => 'Portal URL',
|
remotePortal => 'Portal URL',
|
||||||
rules => 'Rules',
|
rules => 'Rules',
|
||||||
securedCookie => 'Secured Cookie (SSL)',
|
securedCookie => 'Secured Cookie (SSL)',
|
||||||
|
secureTokenAttribute => 'Attribute to store',
|
||||||
|
secureTokenExpiration => 'Token expiration',
|
||||||
|
secureTokenHandler => 'Secure Token',
|
||||||
|
secureTokenHeader => 'Header name',
|
||||||
|
secureTokenMemcachedServers => 'Memcached servers',
|
||||||
|
secureTokenUrls => 'Protected URLs',
|
||||||
security => 'Security',
|
security => 'Security',
|
||||||
session => 'session',
|
session => 'session',
|
||||||
sessions => 'sessions',
|
sessions => 'sessions',
|
||||||
|
|
@ -693,42 +699,48 @@ sub fr {
|
||||||
purgeNotification => 'Supprimer définitivement la notification',
|
purgeNotification => 'Supprimer définitivement la notification',
|
||||||
randomPasswordRegexp =>
|
randomPasswordRegexp =>
|
||||||
'Expression regulière pour la génération des mots de passe',
|
'Expression regulière pour la génération des mots de passe',
|
||||||
redirection => 'Redirections du Handler',
|
redirection => 'Redirections du Handler',
|
||||||
remoteCookieName => 'Nom du cookie',
|
remoteCookieName => 'Nom du cookie',
|
||||||
remoteGlobalStorage => 'Module des sessions',
|
remoteGlobalStorage => 'Module des sessions',
|
||||||
remoteGlobalStorageOptions => 'Options du module des sessions',
|
remoteGlobalStorageOptions => 'Options du module des sessions',
|
||||||
remoteParams => 'Paramètres Remote',
|
remoteParams => 'Paramètres Remote',
|
||||||
remotePortal => 'URL du portail',
|
remotePortal => 'URL du portail',
|
||||||
rules => 'Règles',
|
rules => 'Règles',
|
||||||
securedCookie => 'Cookie sécurisé (SSL)',
|
securedCookie => 'Cookie sécurisé (SSL)',
|
||||||
security => 'Sécurité',
|
secureTokenAttribute => 'Attribut à stocker',
|
||||||
session => 'session',
|
secureTokenExpiration => 'Expiration du jeton',
|
||||||
sessions => 'sessions',
|
secureTokenHandler => 'Jeton sécurisé',
|
||||||
sessionDeleted => 'La session a été supprimée',
|
secureTokenHeader => "Nom de l'en-tête HTTP",
|
||||||
sessionParams => 'Sessions',
|
secureTokenMemcachedServers => 'Serveurs Memcached',
|
||||||
sessionStartedAt => 'Session démarrée le ',
|
secureTokenUrls => 'URLs protégées',
|
||||||
sessionStorage => 'Stockage des sessions',
|
security => 'Sécurité',
|
||||||
sessionTitle => 'Contenu de la session',
|
session => 'session',
|
||||||
singleIP => 'Une seule IP par utilisateur',
|
sessions => 'sessions',
|
||||||
singleSession => 'Une seule session par utilisateur',
|
sessionDeleted => 'La session a été supprimée',
|
||||||
singleUserByIP => 'Une seule adresse IP par utilisateur',
|
sessionParams => 'Sessions',
|
||||||
slaveAuthnLevel => 'Niveau d\'authentification',
|
sessionStartedAt => 'Session démarrée le ',
|
||||||
slaveParams => 'Paramètres Slave',
|
sessionStorage => 'Stockage des sessions',
|
||||||
slaveUserHeader => "En-tête identifiant l'utilisateur",
|
sessionTitle => 'Contenu de la session',
|
||||||
SMTPAuthPass => 'Mot de passe SMTP',
|
singleIP => 'Une seule IP par utilisateur',
|
||||||
SMTPAuthUser => 'Utilisateur SMTP',
|
singleSession => 'Une seule session par utilisateur',
|
||||||
SMTPServer => 'Serveur SMTP',
|
singleUserByIP => 'Une seule adresse IP par utilisateur',
|
||||||
soap => 'SOAP',
|
slaveAuthnLevel => 'Niveau d\'authentification',
|
||||||
Soap => 'Activation',
|
slaveParams => 'Paramètres Slave',
|
||||||
soapAuthService => 'URL du portail',
|
slaveUserHeader => "En-tête identifiant l'utilisateur",
|
||||||
soapSessionService => 'Point d\'accès SOAP des sessions',
|
SMTPAuthPass => 'Mot de passe SMTP',
|
||||||
specialHandlers => 'Handlers spéciaux',
|
SMTPAuthUser => 'Utilisateur SMTP',
|
||||||
SSLAuthnLevel => 'Niveau d\'authentification',
|
SMTPServer => 'Serveur SMTP',
|
||||||
SSLLDAPField => 'Attribut LDAP pour le filtre',
|
soap => 'SOAP',
|
||||||
sslParams => 'Paramètres SSL',
|
Soap => 'Activation',
|
||||||
SSLRequire => 'SSL Requis',
|
soapAuthService => 'URL du portail',
|
||||||
SSLVar => 'Champ extrait du certificat',
|
soapSessionService => 'Point d\'accès SOAP des sessions',
|
||||||
startTime => 'Date de création',
|
specialHandlers => 'Handlers spéciaux',
|
||||||
|
SSLAuthnLevel => 'Niveau d\'authentification',
|
||||||
|
SSLLDAPField => 'Attribut LDAP pour le filtre',
|
||||||
|
sslParams => 'Paramètres SSL',
|
||||||
|
SSLRequire => 'SSL Requis',
|
||||||
|
SSLVar => 'Champ extrait du certificat',
|
||||||
|
startTime => 'Date de création',
|
||||||
storePassword => "Stocke le mot de passe de l'utilisateur en session",
|
storePassword => "Stocke le mot de passe de l'utilisateur en session",
|
||||||
sympaHandler => 'Sympa',
|
sympaHandler => 'Sympa',
|
||||||
sympaMailKey => 'Clé de session pour le mail',
|
sympaMailKey => 'Clé de session pour le mail',
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user