Global:
- Modules for authentication, userdb and passworddb are now displayed in a select box; - Multi authentication modules could be completed with options. SAML: - Default URL are now prebuild with portal URL.
This commit is contained in:
Thomas CHEMINEAU
parent
0558b4b202
commit
8521c6e9f6
|
|
@ -303,7 +303,65 @@ function samlIdpRoot(id){
|
||||||
}
|
}
|
||||||
function authParams(id) {
|
function authParams(id) {
|
||||||
currentId=id;
|
currentId=id;
|
||||||
$('#authText').attr('value',lmdata(id));
|
var t=lmdata(id).split(' ');
|
||||||
|
if(t.length>1){
|
||||||
|
$('#authOptions').attr('value',t[1]);
|
||||||
|
$('#authOptions').show();
|
||||||
|
}else{
|
||||||
|
$('#authOptions').hide();
|
||||||
|
}
|
||||||
|
$('#authText').unbind('change');
|
||||||
|
$('#authText').change(function(){
|
||||||
|
var isMulti=false;
|
||||||
|
$('#content_authParams option:selected').each(function(){
|
||||||
|
if($(this).attr('value')=='Multi'){isMulti=true;}
|
||||||
|
});
|
||||||
|
if(isMulti){
|
||||||
|
$('#authOptions').show();
|
||||||
|
}else{
|
||||||
|
$('#authOptions').hide();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
formateSelect('authText',[
|
||||||
|
'Apache',
|
||||||
|
'CAS',
|
||||||
|
'DBI',
|
||||||
|
'LA',
|
||||||
|
'LDAP',
|
||||||
|
'Multi',
|
||||||
|
'Null',
|
||||||
|
'OpenID',
|
||||||
|
'Proxy',
|
||||||
|
'Remote',
|
||||||
|
'SAML',
|
||||||
|
'SSL',
|
||||||
|
'Twitter'
|
||||||
|
],t[0]);
|
||||||
|
display('authParams',lmtext(id));
|
||||||
|
}
|
||||||
|
function userdbParams(id) {
|
||||||
|
currentId=id;
|
||||||
|
$('#authOptions').hide();
|
||||||
|
formateSelect('authText',[
|
||||||
|
'DBI',
|
||||||
|
'Env',
|
||||||
|
'LDAP',
|
||||||
|
'Multi',
|
||||||
|
'Null',
|
||||||
|
'Proxy',
|
||||||
|
'Remote',
|
||||||
|
'SAML'
|
||||||
|
],lmdata(id));
|
||||||
|
display('authParams',lmtext(id));
|
||||||
|
}
|
||||||
|
function passworddbParams(id) {
|
||||||
|
currentId=id;
|
||||||
|
$('#authOptions').hide();
|
||||||
|
formateSelect('authText',[
|
||||||
|
'DBI',
|
||||||
|
'LDAP',
|
||||||
|
'Null'
|
||||||
|
],lmdata(id));
|
||||||
display('authParams',lmtext(id));
|
display('authParams',lmtext(id));
|
||||||
}
|
}
|
||||||
function btext(id) {
|
function btext(id) {
|
||||||
|
|
@ -442,7 +500,11 @@ function samlMetaDataRoot(id){
|
||||||
$('#newsamlmetadatab').show();
|
$('#newsamlmetadatab').show();
|
||||||
}
|
}
|
||||||
function reloadAuthParams() {
|
function reloadAuthParams() {
|
||||||
setlmdata(currentId,$('#authText').attr('value'));
|
var value=$('#authText').attr('value');
|
||||||
|
if($('#authOptions').is(':visible')==true){
|
||||||
|
value+=' '+$('#authOptions').attr('value');
|
||||||
|
}
|
||||||
|
setlmdata(currentId,value);
|
||||||
$.ajax({
|
$.ajax({
|
||||||
type:"POST",
|
type:"POST",
|
||||||
url:scriptname,
|
url:scriptname,
|
||||||
|
|
|
||||||
|
|
@ -244,8 +244,10 @@
|
||||||
|
|
||||||
<!-- authParams -->
|
<!-- authParams -->
|
||||||
<div id="content_authParams" class="hidden">
|
<div id="content_authParams" class="hidden">
|
||||||
<input type="text" id="authText" />
|
<select id="authText"></select>
|
||||||
<br />
|
<br/>
|
||||||
|
<input type="text" id="authOptions" class="hidden" />
|
||||||
|
<br/>
|
||||||
<button onclick="reloadAuthParams();return false;" class="ui-state-default ui-corner-all">
|
<button onclick="reloadAuthParams();return false;" class="ui-state-default ui-corner-all">
|
||||||
<lang en="Apply" fr="Appliquer" />
|
<lang en="Apply" fr="Appliquer" />
|
||||||
</button>
|
</button>
|
||||||
|
|
|
||||||
|
|
@ -188,8 +188,8 @@ sub struct {
|
||||||
_help => 'authParams',
|
_help => 'authParams',
|
||||||
|
|
||||||
authentication => 'text:/authentication:authParams:authParams',
|
authentication => 'text:/authentication:authParams:authParams',
|
||||||
userDB => 'text:/userDB:authParams:authParams',
|
userDB => 'text:/userDB:authParams:userdbParams',
|
||||||
passwordDB => 'text:/passwordDB:authParams:authParams',
|
passwordDB => 'text:/passwordDB:authParams:passworddbParams',
|
||||||
|
|
||||||
# LDAP
|
# LDAP
|
||||||
ldapParams => {
|
ldapParams => {
|
||||||
|
|
@ -672,7 +672,7 @@ sub testStruct {
|
||||||
mailConfirmSubject => $testNotDefined,
|
mailConfirmSubject => $testNotDefined,
|
||||||
mailConfirmBody => $testNotDefined,
|
mailConfirmBody => $testNotDefined,
|
||||||
authentication => {
|
authentication => {
|
||||||
test => qr/^[a-zA-Z][\w\:]*$/,
|
test => qr/^[a-zA-Z]+(?:\s[\w\s:;]+)?$/,
|
||||||
msgFail => 'Bad module name',
|
msgFail => 'Bad module name',
|
||||||
},
|
},
|
||||||
cda => $boolean,
|
cda => $boolean,
|
||||||
|
|
@ -982,6 +982,9 @@ sub testStruct {
|
||||||
## @method protected hashref defaultConf()
|
## @method protected hashref defaultConf()
|
||||||
#@return Hashref of default values
|
#@return Hashref of default values
|
||||||
sub defaultConf {
|
sub defaultConf {
|
||||||
|
my $self = shift;
|
||||||
|
my $portal = defined $self->{portal} ? $self->{portal} : 'http://auth.example.com';
|
||||||
|
$portal =~ s/\/$//;
|
||||||
return {
|
return {
|
||||||
authentication => 'LDAP',
|
authentication => 'LDAP',
|
||||||
cda => '0',
|
cda => '0',
|
||||||
|
|
@ -1007,7 +1010,7 @@ sub defaultConf {
|
||||||
{ dirName => '/var/lib/lemonldap-ng/notifications', },
|
{ dirName => '/var/lib/lemonldap-ng/notifications', },
|
||||||
notifyDeleted => '1',
|
notifyDeleted => '1',
|
||||||
notifyOther => '1',
|
notifyOther => '1',
|
||||||
portal => 'http://auth.example.com/',
|
portal => $portal,
|
||||||
portalSkin => 'pastel',
|
portalSkin => 'pastel',
|
||||||
portalUserAttr => '_user',
|
portalUserAttr => '_user',
|
||||||
protection => 'none',
|
protection => 'none',
|
||||||
|
|
@ -1023,6 +1026,7 @@ sub defaultConf {
|
||||||
timeout => '7200',
|
timeout => '7200',
|
||||||
userControl => '^[\w\.\-@]+$',
|
userControl => '^[\w\.\-@]+$',
|
||||||
userDB => 'LDAP',
|
userDB => 'LDAP',
|
||||||
|
passwordDB => 'Null',
|
||||||
useXForwardedForIP => '0',
|
useXForwardedForIP => '0',
|
||||||
whatToTrace => '$uid',
|
whatToTrace => '$uid',
|
||||||
########
|
########
|
||||||
|
|
@ -1042,7 +1046,7 @@ sub defaultConf {
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
samlServicePrivateKey => '',
|
samlServicePrivateKey => '',
|
||||||
samlEntityID => 'http://auth.example.com/saml/metadata',
|
samlEntityID => $portal . '/saml/metadata',
|
||||||
samlOrganizationDisplayName => 'Example',
|
samlOrganizationDisplayName => 'Example',
|
||||||
samlOrganizationName => 'Example',
|
samlOrganizationName => 'Example',
|
||||||
samlOrganizationURL => 'http://www.example.com',
|
samlOrganizationURL => 'http://www.example.com',
|
||||||
|
|
@ -1052,20 +1056,20 @@ sub defaultConf {
|
||||||
samlSPSSODescriptorKeyDescriptorSigning => '',
|
samlSPSSODescriptorKeyDescriptorSigning => '',
|
||||||
samlSPSSODescriptorSingleLogoutServiceHTTP =>
|
samlSPSSODescriptorSingleLogoutServiceHTTP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
||||||
. 'http://auth.example.com/saml/proxySingleLogout;'
|
. $portal . '/saml/proxySingleLogout;'
|
||||||
. 'http://auth.example.com/saml/proxySingleLogoutReturn',
|
. $portal . '/saml/proxySingleLogoutReturn',
|
||||||
samlSPSSODescriptorSingleLogoutServiceSOAP =>
|
samlSPSSODescriptorSingleLogoutServiceSOAP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
||||||
. 'http://auth.example.com/saml/proxySingleLogoutSOAP;',
|
. $portal . '/saml/proxySingleLogoutSOAP;',
|
||||||
samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact =>
|
samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact =>
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;'
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;'
|
||||||
. 'http://auth.example.com/saml/proxySingleSignOnArtifact',
|
. $portal . '/saml/proxySingleSignOnArtifact',
|
||||||
samlSPSSODescriptorAssertionConsumerServiceHTTPPost =>
|
samlSPSSODescriptorAssertionConsumerServiceHTTPPost =>
|
||||||
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;'
|
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;'
|
||||||
. 'http://auth.example.com/saml/proxySingleSignOnPost',
|
. $portal . '/saml/proxySingleSignOnPost',
|
||||||
samlSPSSODescriptorAssertionConsumerServiceHTTPRedirect =>
|
samlSPSSODescriptorAssertionConsumerServiceHTTPRedirect =>
|
||||||
'0;2;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
'0;2;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
||||||
. 'http://auth.example.com/saml/proxySingleSignOnRedirect',
|
. $portal . '/saml/proxySingleSignOnRedirect',
|
||||||
samlSPSSODescriptorNameIDFormatX509SubjectName => '0',
|
samlSPSSODescriptorNameIDFormatX509SubjectName => '0',
|
||||||
samlSPSSODescriptorNameIDFormatPersistent => '1',
|
samlSPSSODescriptorNameIDFormatPersistent => '1',
|
||||||
samlSPSSODescriptorNameIDFormatTransient => '0',
|
samlSPSSODescriptorNameIDFormatTransient => '0',
|
||||||
|
|
@ -1075,27 +1079,27 @@ sub defaultConf {
|
||||||
samlIDPSSODescriptorKeyDescriptorSigning => '',
|
samlIDPSSODescriptorKeyDescriptorSigning => '',
|
||||||
samlIDPSSODescriptorSingleSignOnServiceHTTP =>
|
samlIDPSSODescriptorSingleSignOnServiceHTTP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
||||||
. 'http://auth.example.com/saml/singleSignOn;',
|
. $portal . '/saml/singleSignOn;',
|
||||||
samlIDPSSODescriptorSingleSignOnServiceSOAP =>
|
samlIDPSSODescriptorSingleSignOnServiceSOAP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
||||||
. 'http://auth.example.com/saml/singleSignOnSOAP;',
|
. $portal . '/saml/singleSignOnSOAP;',
|
||||||
samlIDPSSODescriptorSingleLogoutServiceHTTP =>
|
samlIDPSSODescriptorSingleLogoutServiceHTTP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
||||||
. 'http://auth.example.com/saml/singleLogout;'
|
. $portal . '/saml/singleLogout;'
|
||||||
. 'http://auth.example.com/saml/singleLogoutReturn',
|
. $portal . '/saml/singleLogoutReturn',
|
||||||
samlIDPSSODescriptorSingleLogoutServiceSOAP =>
|
samlIDPSSODescriptorSingleLogoutServiceSOAP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
||||||
. 'http://auth.example.com/saml/singleLogoutSOAP;',
|
. $portal . '/saml/singleLogoutSOAP;',
|
||||||
samlIDPSSODescriptorArtifactResolutionServiceArtifact =>
|
samlIDPSSODescriptorArtifactResolutionServiceArtifact =>
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
||||||
. 'http://auth.example.com/saml/artifact',
|
. $portal . '/saml/artifact',
|
||||||
samlIDPSSODescriptorManageNameIDServiceHTTP =>
|
samlIDPSSODescriptorManageNameIDServiceHTTP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;'
|
||||||
. 'http://auth.example.com/saml/manageNameId;'
|
. $portal . '/saml/manageNameId;'
|
||||||
. 'http://auth.example.com/saml/manageNameIdReturn',
|
. $portal . '/saml/manageNameIdReturn',
|
||||||
samlIDPSSODescriptorManageNameIDServiceSOAP =>
|
samlIDPSSODescriptorManageNameIDServiceSOAP =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;'
|
||||||
. 'http://auth.example.com/saml/manageNameIdSOAP;',
|
. $portal . '/saml/manageNameIdSOAP;',
|
||||||
samlIDPSSODescriptorNameIDFormatX509SubjectName => '0',
|
samlIDPSSODescriptorNameIDFormatX509SubjectName => '0',
|
||||||
samlIDPSSODescriptorNameIDFormatPersistent => '1',
|
samlIDPSSODescriptorNameIDFormatPersistent => '1',
|
||||||
samlIDPSSODescriptorNameIDFormatTransient => '0',
|
samlIDPSSODescriptorNameIDFormatTransient => '0',
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user