Secure Token configuration in Manager (#288)
This commit is contained in:
parent
e69d175174
commit
846a9b8998
|
@ -68,6 +68,7 @@ var helpCh={
|
|||
'samlSPExportedAttributes':'/pages/documentation/latest/idpsaml.html#exported_attributes',
|
||||
'samlSPMetaDataXML':'/pages/documentation/latest/idpsaml.html#metadata',
|
||||
'samlSPOptions':'/pages/documentation/latest/idpsaml.html#options',
|
||||
'securetoken':'/pages/documentation/latest/securetoken.html',
|
||||
'security':'/pages/documentation/latest/security.html#configure_security_settings',
|
||||
'sessions':'/pages/documentation/latest/sessions.html',
|
||||
'sessionsdb':'/pages/documentation/latest/start.html#sessions_database',
|
||||
|
|
|
@ -850,7 +850,8 @@ sub struct {
|
|||
},
|
||||
|
||||
specialHandlers => {
|
||||
_nodes => [qw(zimbraHandler sympaHandler)],
|
||||
_nodes =>
|
||||
[qw(zimbraHandler sympaHandler secureTokenHandler)],
|
||||
|
||||
# Zimbra
|
||||
zimbraHandler => {
|
||||
|
@ -872,6 +873,20 @@ sub struct {
|
|||
sympaSecret => 'text:/sympaSecret',
|
||||
sympaMailKey => 'text:/sympaMailKey',
|
||||
},
|
||||
|
||||
# Secure Token
|
||||
secureTokenHandler => {
|
||||
_nodes => [
|
||||
qw(secureTokenMemcachedServers secureTokenExpiration secureTokenAttribute secureTokenUrls secureTokenHeader)
|
||||
],
|
||||
_help => 'securetoken',
|
||||
secureTokenMemcachedServers =>
|
||||
'text:/secureTokenMemcachedServers',
|
||||
secureTokenExpiration => 'int:/secureTokenExpiration',
|
||||
secureTokenAttribute => 'text:secureTokenAttribute',
|
||||
secureTokenUrls => 'text:/secureTokenUrls',
|
||||
secureTokenHeader => 'text:/secureTokenHeader',
|
||||
},
|
||||
},
|
||||
|
||||
logoutServices => {
|
||||
|
@ -1773,6 +1788,13 @@ sub testStruct {
|
|||
yubikeyClientID => $testNotDefined,
|
||||
yubikeySecretKey => $testNotDefined,
|
||||
yubikeyPublicIDSize => $integer,
|
||||
|
||||
# Secure Token
|
||||
secureTokenMemcachedServers => $testNotDefined,
|
||||
secureTokenExpiration => $integer,
|
||||
secureTokenAttribute => $testNotDefined,
|
||||
secureTokenUrls => $testNotDefined,
|
||||
secureTokenHeader => $testNotDefined,
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -1836,26 +1858,31 @@ sub defaultConf {
|
|||
protection => 'none',
|
||||
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
||||
securedCookie => '0',
|
||||
singleSession => '0',
|
||||
singleIP => '0',
|
||||
singleUserByIP => '0',
|
||||
Soap => '1',
|
||||
SSLRequired => '0',
|
||||
storePassword => '0',
|
||||
syslog => '',
|
||||
timeout => '72000',
|
||||
timeoutActivity => '0',
|
||||
userControl => '^[\w\.\-@]+$',
|
||||
userDB => 'LDAP',
|
||||
passwordDB => 'LDAP',
|
||||
useRedirectOnError => '1',
|
||||
useRedirectOnForbidden => '0',
|
||||
useSafeJail => '1',
|
||||
useXForwardedForIP => '0',
|
||||
vhostPort => '-1',
|
||||
vhostHttps => '-1',
|
||||
whatToTrace => '$_whatToTrace',
|
||||
yubikeyPublicIDSize => '12',
|
||||
secureTokenMemcachedServers => '127.0.0.1:11211',
|
||||
secureTokenExpiration => '60',
|
||||
secureTokenAttribute => 'uid',
|
||||
secureTokenUrls => '.*',
|
||||
secureTokenHeader => 'Auth-Token',
|
||||
singleSession => '0',
|
||||
singleIP => '0',
|
||||
singleUserByIP => '0',
|
||||
Soap => '1',
|
||||
SSLRequired => '0',
|
||||
storePassword => '0',
|
||||
syslog => '',
|
||||
timeout => '72000',
|
||||
timeoutActivity => '0',
|
||||
userControl => '^[\w\.\-@]+$',
|
||||
userDB => 'LDAP',
|
||||
passwordDB => 'LDAP',
|
||||
useRedirectOnError => '1',
|
||||
useRedirectOnForbidden => '0',
|
||||
useSafeJail => '1',
|
||||
useXForwardedForIP => '0',
|
||||
vhostPort => '-1',
|
||||
vhostHttps => '-1',
|
||||
whatToTrace => '$_whatToTrace',
|
||||
yubikeyPublicIDSize => '12',
|
||||
########
|
||||
# SAML #
|
||||
########
|
||||
|
|
|
@ -274,6 +274,12 @@ sub en {
|
|||
remotePortal => 'Portal URL',
|
||||
rules => 'Rules',
|
||||
securedCookie => 'Secured Cookie (SSL)',
|
||||
secureTokenAttribute => 'Attribute to store',
|
||||
secureTokenExpiration => 'Token expiration',
|
||||
secureTokenHandler => 'Secure Token',
|
||||
secureTokenHeader => 'Header name',
|
||||
secureTokenMemcachedServers => 'Memcached servers',
|
||||
secureTokenUrls => 'Protected URLs',
|
||||
security => 'Security',
|
||||
session => 'session',
|
||||
sessions => 'sessions',
|
||||
|
@ -693,42 +699,48 @@ sub fr {
|
|||
purgeNotification => 'Supprimer définitivement la notification',
|
||||
randomPasswordRegexp =>
|
||||
'Expression regulière pour la génération des mots de passe',
|
||||
redirection => 'Redirections du Handler',
|
||||
remoteCookieName => 'Nom du cookie',
|
||||
remoteGlobalStorage => 'Module des sessions',
|
||||
remoteGlobalStorageOptions => 'Options du module des sessions',
|
||||
remoteParams => 'Paramètres Remote',
|
||||
remotePortal => 'URL du portail',
|
||||
rules => 'Règles',
|
||||
securedCookie => 'Cookie sécurisé (SSL)',
|
||||
security => 'Sécurité',
|
||||
session => 'session',
|
||||
sessions => 'sessions',
|
||||
sessionDeleted => 'La session a été supprimée',
|
||||
sessionParams => 'Sessions',
|
||||
sessionStartedAt => 'Session démarrée le ',
|
||||
sessionStorage => 'Stockage des sessions',
|
||||
sessionTitle => 'Contenu de la session',
|
||||
singleIP => 'Une seule IP par utilisateur',
|
||||
singleSession => 'Une seule session par utilisateur',
|
||||
singleUserByIP => 'Une seule adresse IP par utilisateur',
|
||||
slaveAuthnLevel => 'Niveau d\'authentification',
|
||||
slaveParams => 'Paramètres Slave',
|
||||
slaveUserHeader => "En-tête identifiant l'utilisateur",
|
||||
SMTPAuthPass => 'Mot de passe SMTP',
|
||||
SMTPAuthUser => 'Utilisateur SMTP',
|
||||
SMTPServer => 'Serveur SMTP',
|
||||
soap => 'SOAP',
|
||||
Soap => 'Activation',
|
||||
soapAuthService => 'URL du portail',
|
||||
soapSessionService => 'Point d\'accès SOAP des sessions',
|
||||
specialHandlers => 'Handlers spéciaux',
|
||||
SSLAuthnLevel => 'Niveau d\'authentification',
|
||||
SSLLDAPField => 'Attribut LDAP pour le filtre',
|
||||
sslParams => 'Paramètres SSL',
|
||||
SSLRequire => 'SSL Requis',
|
||||
SSLVar => 'Champ extrait du certificat',
|
||||
startTime => 'Date de création',
|
||||
redirection => 'Redirections du Handler',
|
||||
remoteCookieName => 'Nom du cookie',
|
||||
remoteGlobalStorage => 'Module des sessions',
|
||||
remoteGlobalStorageOptions => 'Options du module des sessions',
|
||||
remoteParams => 'Paramètres Remote',
|
||||
remotePortal => 'URL du portail',
|
||||
rules => 'Règles',
|
||||
securedCookie => 'Cookie sécurisé (SSL)',
|
||||
secureTokenAttribute => 'Attribut à stocker',
|
||||
secureTokenExpiration => 'Expiration du jeton',
|
||||
secureTokenHandler => 'Jeton sécurisé',
|
||||
secureTokenHeader => "Nom de l'en-tête HTTP",
|
||||
secureTokenMemcachedServers => 'Serveurs Memcached',
|
||||
secureTokenUrls => 'URLs protégées',
|
||||
security => 'Sécurité',
|
||||
session => 'session',
|
||||
sessions => 'sessions',
|
||||
sessionDeleted => 'La session a été supprimée',
|
||||
sessionParams => 'Sessions',
|
||||
sessionStartedAt => 'Session démarrée le ',
|
||||
sessionStorage => 'Stockage des sessions',
|
||||
sessionTitle => 'Contenu de la session',
|
||||
singleIP => 'Une seule IP par utilisateur',
|
||||
singleSession => 'Une seule session par utilisateur',
|
||||
singleUserByIP => 'Une seule adresse IP par utilisateur',
|
||||
slaveAuthnLevel => 'Niveau d\'authentification',
|
||||
slaveParams => 'Paramètres Slave',
|
||||
slaveUserHeader => "En-tête identifiant l'utilisateur",
|
||||
SMTPAuthPass => 'Mot de passe SMTP',
|
||||
SMTPAuthUser => 'Utilisateur SMTP',
|
||||
SMTPServer => 'Serveur SMTP',
|
||||
soap => 'SOAP',
|
||||
Soap => 'Activation',
|
||||
soapAuthService => 'URL du portail',
|
||||
soapSessionService => 'Point d\'accès SOAP des sessions',
|
||||
specialHandlers => 'Handlers spéciaux',
|
||||
SSLAuthnLevel => 'Niveau d\'authentification',
|
||||
SSLLDAPField => 'Attribut LDAP pour le filtre',
|
||||
sslParams => 'Paramètres SSL',
|
||||
SSLRequire => 'SSL Requis',
|
||||
SSLVar => 'Champ extrait du certificat',
|
||||
startTime => 'Date de création',
|
||||
storePassword => "Stocke le mot de passe de l'utilisateur en session",
|
||||
sympaHandler => 'Sympa',
|
||||
sympaMailKey => 'Clé de session pour le mail',
|
||||
|
|
Loading…
Reference in New Issue
Block a user