diff --git a/doc/sources/admin/index_plugins.rst b/doc/sources/admin/index_plugins.rst index 5dbbcda8c..a7f5ebe84 100644 --- a/doc/sources/admin/index_plugins.rst +++ b/doc/sources/admin/index_plugins.rst @@ -30,3 +30,4 @@ Plugins restservices soapservices stayconnected + rememberauthchoice diff --git a/doc/sources/admin/rememberauthchoice.rst b/doc/sources/admin/rememberauthchoice.rst new file mode 100644 index 000000000..19cffb295 --- /dev/null +++ b/doc/sources/admin/rememberauthchoice.rst @@ -0,0 +1,27 @@ +Remember auth choice plugin +=========================== + +This plugin enables automatic authentication, based upon the last user authentication choice. + +For this plugin to work, you have to configure a set of :doc:`authentication modules`. + +If you have multiple SAML, OIDC or CAS issuers, you should define a dedicated choice for each of these issuers, and set the corresponding URL to ``/?idp=youridp``. + +Configuration +------------- + +Once enabled (section "General Parameters > Plugins"), you can set these parameters. + +- **Parameters**: + + - **Activation**: Rule to enable/disable this plugin + - **Cookie name**: Name of the cookie storing the authentication choice + - **Cookie lifetime**: Duration of the cookie (seconds) storing the authentication choice + - **Check by default**: Is the checkbox "Remember my choice" checked by default? + - **Timer before automatic authentication**: Timer before automatic authentication happens, if user has previously authorized the storage of authentication choice in a cookie + +.. tip:: + + For instance, you may allow users from 192.168.0.0/16 private network to have the "Remember authentication choice" checkbox: + + - Rule: ``$env->{REMOTE_ADDR} =~ /^192\.168\./`` diff --git a/doc/sources/admin/start.rst b/doc/sources/admin/start.rst index 61af6fe3e..1cd974e47 100644 --- a/doc/sources/admin/start.rst +++ b/doc/sources/admin/start.rst @@ -305,6 +305,7 @@ Name Description :doc:`REST services` |new| REST server for :doc:`Proxy` :doc:`SOAP services` |deprecated| SOAP server for :doc:`Proxy` :doc:`Stay connected` |new| Enable persistent connection on same browser +:doc:`Remember auth choice` |new| Remember user last authentication choice Upgrade session |new| This plugin explains to an already authenticated user that a higher authentication level is required to access the URL instead of reject him ==================================================================== ============================================================================================================================================ diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm index ca70bed8c..0f8be4ad7 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm @@ -31,7 +31,7 @@ use constant DEFAULTCONFBACKENDOPTIONS => ( ); our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|ScopeRule|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/; our $arrayParameters = qr/^mySessionAuthorizedRWKeys$/; -our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|t(?:ayConnectedBypassFG|orePassword)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:sS(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|ptcha_(?:register|login|mail)_enabled)|heck(?:DevOps(?:D(?:isplayNormalizedHeaders|ownload)|CheckSessionAttributes)?|State|User|XSS)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|E(?:rrorOn(?:ExpiredSession|MailNotFound)|nablePasswordDisplay)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxy(?:AuthServiceImpersonation|UseSoap))|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|n(?:o(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|ewLocationWarning)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|to(?:tp2f(?:UserCanRemoveKey|EncryptSecret)|kenUseGlobalStorage)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|w(?:ebauthn2fUserCanRemoveKey|sdlServer)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|findUser)$/; +our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|t(?:ayConnectedBypassFG|orePassword)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:sS(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|ptcha_(?:register|login|mail)_enabled)|heck(?:DevOps(?:D(?:isplayNormalizedHeaders|ownload)|CheckSessionAttributes)?|State|User|XSS)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|E(?:rrorOn(?:ExpiredSession|MailNotFound)|nablePasswordDisplay)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxy(?:AuthServiceImpersonation|UseSoap))|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|n(?:o(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|ewLocationWarning)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|memberDefaultChecked|freshSessions)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|to(?:tp2f(?:UserCanRemoveKey|EncryptSecret)|kenUseGlobalStorage)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|w(?:ebauthn2fUserCanRemoveKey|sdlServer)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|findUser)$/; our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' ); diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm index 709bd4824..4c9033e86 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm @@ -5,400 +5,384 @@ our $VERSION = '2.0.14'; sub defaultValues { return { - 'activeTimer' => 1, - 'ADPwdExpireWarning' => 0, - 'ADPwdMaxAge' => 0, - 'apacheAuthnLevel' => 3, - 'applicationList' => { - 'default' => { - 'catname' => 'Default category', - 'type' => 'category' - } - }, - 'authChoiceParam' => 'lmAuth', - 'authentication' => 'Demo', - 'available2F' => - 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', - 'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey', - 'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600', - 'bruteForceProtectionMaxAge' => 300, - 'bruteForceProtectionMaxFailed' => 3, - 'bruteForceProtectionMaxLockTime' => 900, - 'bruteForceProtectionTempo' => 30, - 'captcha_mail_enabled' => 1, - 'captcha_register_enabled' => 1, - 'captcha_size' => 6, - 'casAccessControlPolicy' => 'none', - 'casAuthnLevel' => 1, - 'casTicketExpiration' => 0, - 'certificateResetByMailCeaAttribute' => 'description', - 'certificateResetByMailCertificateAttribute' => - 'userCertificate;binary', - 'certificateResetByMailURL' => - 'http://auth.example.com/certificateReset', - 'certificateResetByMailValidityDelay' => 0, - 'checkDevOpsCheckSessionAttributes' => 1, - 'checkDevOpsDisplayNormalizedHeaders' => 1, - 'checkDevOpsDownload' => 1, - 'checkTime' => 600, - 'checkUserDisplayComputedSession' => 1, - 'checkUserDisplayEmptyHeaders' => 0, - 'checkUserDisplayEmptyValues' => 0, - 'checkUserDisplayHiddenAttributes' => 0, - 'checkUserDisplayHistory' => 0, - 'checkUserDisplayNormalizedHeaders' => 0, - 'checkUserDisplayPersistentInfo' => 0, - 'checkUserHiddenAttributes' => '_loginHistory, _session_id, hGroups', - 'checkUserIdRule' => 1, - 'checkXSS' => 1, - 'confirmFormMethod' => 'post', - 'contextSwitchingIdRule' => 1, - 'contextSwitchingPrefix' => 'switching', - 'contextSwitchingRule' => 0, - 'contextSwitchingStopWithLogout' => 1, - 'cookieName' => 'lemonldap', - 'corsAllow_Credentials' => 'true', - 'corsAllow_Headers' => '*', - 'corsAllow_Methods' => 'POST,GET', - 'corsAllow_Origin' => '*', - 'corsEnabled' => 1, - 'corsExpose_Headers' => '*', - 'corsMax_Age' => '86400', - 'crowdsecAction' => 'reject', - 'cspConnect' => '\'self\'', - 'cspDefault' => '\'self\'', - 'cspFont' => '\'self\'', - 'cspFormAction' => '*', - 'cspFrameAncestors' => '', - 'cspImg' => '\'self\' data:', - 'cspScript' => '\'self\'', - 'cspStyle' => '\'self\'', - 'dbiAuthnLevel' => 2, - 'dbiExportedVars' => {}, - 'decryptValueRule' => 0, - 'demoExportedVars' => { - 'cn' => 'cn', - 'mail' => 'mail', - 'uid' => 'uid' - }, - 'displaySessionId' => 1, - 'domain' => 'example.com', - 'exportedVars' => { - 'UA' => 'HTTP_USER_AGENT' - }, - 'ext2fActivation' => 0, - 'ext2fCodeActivation' => '\\d{6}', - 'facebookAuthnLevel' => 1, - 'facebookExportedVars' => {}, - 'facebookUserField' => 'id', - 'failedLoginNumber' => 5, - 'findUserControl' => '^[*\\w]+$', - 'findUserWildcard' => '*', - 'formTimeout' => 120, - 'githubAuthnLevel' => 1, - 'githubScope' => 'user:email', - 'githubUserField' => 'login', - 'globalLogoutRule' => 0, - 'globalLogoutTimer' => 1, - 'globalStorage' => 'Apache::Session::File', - 'globalStorageOptions' => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', - 'generateModule' => - 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', - 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' - }, - 'gpgAuthnLevel' => 5, - 'gpgDb' => '', - 'grantSessionRules' => {}, - 'groups' => {}, - 'handlerInternalCache' => 15, - 'handlerServiceTokenTTL' => 30, - 'hiddenAttributes' => '_password, _2fDevices', - 'httpOnly' => 1, - 'https' => -1, - 'impersonationHiddenAttributes' => '_2fDevices, _loginHistory', - 'impersonationIdRule' => 1, - 'impersonationMergeSSOgroups' => 0, - 'impersonationPrefix' => 'real_', - 'impersonationRule' => 0, - 'impersonationSkipEmptyValues' => 1, - 'infoFormMethod' => 'get', - 'issuerDBCASPath' => '^/cas/', - 'issuerDBCASRule' => 1, - 'issuerDBGetParameters' => {}, - 'issuerDBGetPath' => '^/get/', - 'issuerDBGetRule' => 1, - 'issuerDBOpenIDConnectPath' => '^/oauth2/', - 'issuerDBOpenIDConnectRule' => 1, - 'issuerDBOpenIDPath' => '^/openidserver/', - 'issuerDBOpenIDRule' => 1, - 'issuerDBSAMLPath' => '^/saml/', - 'issuerDBSAMLRule' => 1, - 'issuersTimeout' => 120, - 'jsRedirect' => 0, - 'krbAuthnLevel' => 3, - 'krbRemoveDomain' => 1, - 'ldapAuthnLevel' => 2, - 'ldapBase' => 'dc=example,dc=com', - 'ldapExportedVars' => { - 'cn' => 'cn', - 'mail' => 'mail', - 'uid' => 'uid' - }, - 'ldapGroupAttributeName' => 'member', - 'ldapGroupAttributeNameGroup' => 'dn', - 'ldapGroupAttributeNameSearch' => 'cn', - 'ldapGroupAttributeNameUser' => 'dn', - 'ldapGroupObjectClass' => 'groupOfNames', - 'ldapIOTimeout' => 10, - 'ldapPasswordResetAttribute' => 'pwdReset', - 'ldapPasswordResetAttributeValue' => 'TRUE', - 'ldapPwdEnc' => 'utf-8', - 'ldapSearchDeref' => 'find', - 'ldapServer' => 'ldap://localhost', - 'ldapTimeout' => 10, - 'ldapUsePasswordResetAttribute' => 1, - 'ldapVerify' => 'require', - 'ldapVersion' => 3, - 'linkedInAuthnLevel' => 1, - 'linkedInFields' => 'id,first-name,last-name,email-address', - 'linkedInScope' => 'r_liteprofile r_emailaddress', - 'linkedInUserField' => 'emailAddress', - 'localSessionStorage' => 'Cache::FileCache', - 'localSessionStorageOptions' => { - 'cache_depth' => 3, - 'cache_root' => '/var/cache/lemonldap-ng', - 'default_expires_in' => 600, - 'directory_umask' => '007', - 'namespace' => 'lemonldap-ng-sessions' - }, - 'locationRules' => { - 'default' => 'deny' - }, - 'logoutServices' => {}, - 'macros' => {}, - 'mail2fActivation' => 0, - 'mail2fCodeRegex' => '\\d{6}', - 'mailCharset' => 'utf-8', - 'mailFrom' => 'noreply@example.com', - 'mailSessionKey' => 'mail', - 'mailTimeout' => 0, - 'mailUrl' => 'http://auth.example.com/resetpwd', - 'managerDn' => '', - 'managerPassword' => '', - 'max2FDevices' => 10, - 'max2FDevicesNameLength' => 20, - 'multiValuesSeparator' => '; ', - 'mySessionAuthorizedRWKeys' => - [ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ], - 'newLocationWarningLocationAttribute' => 'ipAddr', - 'newLocationWarningLocationDisplayAttribute' => '', - 'newLocationWarningMaxValues' => '0', - 'notificationDefaultCond' => '', - 'notificationServerPOST' => 1, - 'notificationServerSentAttributes' => - 'uid reference date title subtitle text check', - 'notificationsMaxRetrieve' => 3, - 'notificationStorage' => 'File', - 'notificationStorageOptions' => { - 'dirName' => '/var/lib/lemonldap-ng/notifications' - }, - 'notificationWildcard' => 'allusers', - 'notifyDeleted' => 1, - 'nullAuthnLevel' => 0, - 'oidcAuthnLevel' => 1, - 'oidcRPCallbackGetParam' => 'openidconnectcallback', - 'oidcRPStateTimeout' => 600, - 'oidcServiceAccessTokenExpiration' => 3600, - 'oidcServiceAllowAuthorizationCodeFlow' => 1, - 'oidcServiceAuthorizationCodeExpiration' => 60, - 'oidcServiceIDTokenExpiration' => 3600, - 'oidcServiceMetaDataAuthnContext' => { - 'loa-1' => 1, - 'loa-2' => 2, - 'loa-3' => 3, - 'loa-4' => 4, - 'loa-5' => 5 - }, - 'oidcServiceMetaDataAuthorizeURI' => 'authorize', - 'oidcServiceMetaDataBackChannelURI' => 'blogout', - 'oidcServiceMetaDataCheckSessionURI' => 'checksession.html', - 'oidcServiceMetaDataEndSessionURI' => 'logout', - 'oidcServiceMetaDataFrontChannelURI' => 'flogout', - 'oidcServiceMetaDataIntrospectionURI' => 'introspect', - 'oidcServiceMetaDataJWKSURI' => 'jwks', - 'oidcServiceMetaDataRegistrationURI' => 'register', - 'oidcServiceMetaDataTokenURI' => 'token', - 'oidcServiceMetaDataUserInfoURI' => 'userinfo', - 'oidcServiceOfflineSessionExpiration' => 2592000, - 'openIdAuthnLevel' => 1, - 'openIdExportedVars' => {}, - 'openIdIDPList' => '0;', - 'openIdSPList' => '0;', - 'openIdSreg_email' => 'mail', - 'openIdSreg_fullname' => 'cn', - 'openIdSreg_nickname' => 'uid', - 'openIdSreg_timezone' => '_timezone', - 'pamAuthnLevel' => 2, - 'pamService' => 'login', - 'passwordDB' => 'Demo', - 'passwordPolicyActivation' => 1, - 'passwordPolicyMinDigit' => 0, - 'passwordPolicyMinLower' => 0, - 'passwordPolicyMinSize' => 0, - 'passwordPolicyMinSpeChar' => 0, - 'passwordPolicyMinUpper' => 0, - 'passwordPolicySpecialChar' => '__ALL__', - 'passwordResetAllowedRetries' => 3, - 'persistentSessionAttributes' => - '_loginHistory _2fDevices notification_', - 'port' => -1, - 'portal' => 'http://auth.example.com/', - 'portalAntiFrame' => 1, - 'portalCheckLogins' => 1, - 'portalDisplayAppslist' => 1, - 'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/', - 'portalDisplayGeneratePassword' => 1, - 'portalDisplayLoginHistory' => 1, - 'portalDisplayLogout' => 1, - 'portalDisplayOidcConsents' => - '$_oidcConsents && $_oidcConsents =~ /\\w+/', - 'portalDisplayRefreshMyRights' => 1, - 'portalDisplayRegister' => 1, - 'portalErrorOnExpiredSession' => 1, - 'portalForceAuthnInterval' => 5, - 'portalMainLogo' => 'common/logos/logo_llng_400px.png', - 'portalPingInterval' => 60000, - 'portalRequireOldPassword' => 1, - 'portalSkin' => 'bootstrap', - 'portalUserAttr' => '_user', - 'proxyAuthnLevel' => 2, - 'proxyAuthServiceChoiceParam' => 'lmAuth', - 'radius2fActivation' => 0, - 'radius2fTimeout' => 20, - 'radiusAuthnLevel' => 3, - 'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}', - 'redirectFormMethod' => 'get', - 'registerDB' => 'Null', - 'registerTimeout' => 0, - 'registerUrl' => 'http://auth.example.com/register', - 'reloadTimeout' => 5, - 'remoteGlobalStorage' => 'Lemonldap::NG::Common::Apache::Session::SOAP', - 'remoteGlobalStorageOptions' => { - 'ns' => - 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', - 'proxy' => 'http://auth.example.com/sessions' - }, - 'requireToken' => 1, - 'rest2fActivation' => 0, - 'restAuthnLevel' => 2, - 'restClockTolerance' => 15, - 'sameSite' => '', - 'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => - 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;', - 'samlAuthnContextMapKerberos' => 4, - 'samlAuthnContextMapPassword' => 2, - 'samlAuthnContextMapPasswordProtectedTransport' => 3, - 'samlAuthnContextMapTLSClient' => 5, - 'samlEntityID' => '#PORTAL#/saml/metadata', - 'samlIDPSSODescriptorArtifactResolutionServiceArtifact' => -'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', - 'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', - 'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', - 'samlIDPSSODescriptorSingleLogoutServiceSOAP' => -'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;', - 'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;', - 'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;', - 'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;', - 'samlIDPSSODescriptorWantAuthnRequestsSigned' => 1, - 'samlMetadataForceUTF8' => 1, - 'samlNameIDFormatMapEmail' => 'mail', - 'samlNameIDFormatMapKerberos' => 'uid', - 'samlNameIDFormatMapWindows' => 'uid', - 'samlNameIDFormatMapX509' => 'mail', - 'samlOrganizationDisplayName' => 'Example', - 'samlOrganizationName' => 'Example', - 'samlOrganizationURL' => 'http://www.example.com', - 'samlOverrideIDPEntityID' => '', - 'samlRelayStateTimeout' => 600, - 'samlServiceSignatureMethod' => 'RSA_SHA256', - 'samlSPSSODescriptorArtifactResolutionServiceArtifact' => -'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', - 'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' => -'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact', - 'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => -'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost', - 'samlSPSSODescriptorAuthnRequestsSigned' => 1, - 'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', - 'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', - 'samlSPSSODescriptorSingleLogoutServiceSOAP' => -'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;', - 'samlSPSSODescriptorWantAssertionsSigned' => 1, - 'securedCookie' => 0, - 'sfEngine' => '::2F::Engines::Default', - 'sfManagerRule' => 1, - 'sfRemovedMsgRule' => 0, - 'sfRemovedNotifMsg' => -'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', - 'sfRemovedNotifRef' => 'RemoveSF', - 'sfRemovedNotifTitle' => 'Second factor notification', - 'sfRequired' => 0, - 'showLanguages' => 1, - 'singleIP' => 0, - 'singleSession' => 0, - 'singleUserByIP' => 0, - 'slaveAuthnLevel' => 2, - 'slaveExportedVars' => {}, - 'SMTPServer' => '', - 'SMTPTLS' => '', - 'soapProxyUrn' => 'urn:Lemonldap/NG/Common/PSGI/SOAPService', - 'SSLAuthnLevel' => 5, - 'SSLVar' => 'SSL_CLIENT_S_DN_Email', - 'SSLVarIf' => {}, - 'stayConnected' => 0, - 'stayConnectedCookieName' => 'llngconnection', - 'stayConnectedTimeout' => 2592000, - 'successLoginNumber' => 5, - 'timeout' => 72000, - 'timeoutActivity' => 0, - 'timeoutActivityInterval' => 60, - 'totp2fActivation' => 0, - 'totp2fDigits' => 6, - 'totp2fInterval' => 30, - 'totp2fRange' => 1, - 'totp2fSelfRegistration' => 0, - 'totp2fUserCanRemoveKey' => 1, - 'twitterAuthnLevel' => 1, - 'twitterUserField' => 'screen_name', - 'u2fActivation' => 0, - 'u2fSelfRegistration' => 0, - 'u2fUserCanRemoveKey' => 1, - 'upgradeSession' => 1, - 'userControl' => '^[\\w\\.\\-@]+$', - 'userDB' => 'Same', - 'useRedirectOnError' => 1, - 'useSafeJail' => 1, - 'utotp2fActivation' => 0, - 'viewerHiddenKeys' => 'samlIDPMetaDataNodes, samlSPMetaDataNodes', - 'webauthn2fActivation' => 0, - 'webauthn2fSelfRegistration' => 0, - 'webauthn2fUserCanRemoveKey' => 1, - 'webauthn2fUserVerification' => 'preferred', - 'webIDAuthnLevel' => 1, - 'webIDExportedVars' => {}, - 'whatToTrace' => 'uid', - 'yubikey2fActivation' => 0, - 'yubikey2fPublicIDSize' => 12, - 'yubikey2fSelfRegistration' => 0, - 'yubikey2fUserCanRemoveKey' => 1 - }; + 'activeTimer' => 1, + 'ADPwdExpireWarning' => 0, + 'ADPwdMaxAge' => 0, + 'apacheAuthnLevel' => 3, + 'applicationList' => { + 'default' => { + 'catname' => 'Default category', + 'type' => 'category' + } + }, + 'authChoiceParam' => 'lmAuth', + 'authentication' => 'Demo', + 'available2F' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', + 'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey', + 'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600', + 'bruteForceProtectionMaxAge' => 300, + 'bruteForceProtectionMaxFailed' => 3, + 'bruteForceProtectionMaxLockTime' => 900, + 'bruteForceProtectionTempo' => 30, + 'captcha_mail_enabled' => 1, + 'captcha_register_enabled' => 1, + 'captcha_size' => 6, + 'casAccessControlPolicy' => 'none', + 'casAuthnLevel' => 1, + 'casTicketExpiration' => 0, + 'certificateResetByMailCeaAttribute' => 'description', + 'certificateResetByMailCertificateAttribute' => 'userCertificate;binary', + 'certificateResetByMailURL' => 'http://auth.example.com/certificateReset', + 'certificateResetByMailValidityDelay' => 0, + 'checkDevOpsCheckSessionAttributes' => 1, + 'checkDevOpsDisplayNormalizedHeaders' => 1, + 'checkDevOpsDownload' => 1, + 'checkTime' => 600, + 'checkUserDisplayComputedSession' => 1, + 'checkUserDisplayEmptyHeaders' => 0, + 'checkUserDisplayEmptyValues' => 0, + 'checkUserDisplayHiddenAttributes' => 0, + 'checkUserDisplayHistory' => 0, + 'checkUserDisplayNormalizedHeaders' => 0, + 'checkUserDisplayPersistentInfo' => 0, + 'checkUserHiddenAttributes' => '_loginHistory, _session_id, hGroups', + 'checkUserIdRule' => 1, + 'checkXSS' => 1, + 'confirmFormMethod' => 'post', + 'contextSwitchingIdRule' => 1, + 'contextSwitchingPrefix' => 'switching', + 'contextSwitchingRule' => 0, + 'contextSwitchingStopWithLogout' => 1, + 'cookieName' => 'lemonldap', + 'corsAllow_Credentials' => 'true', + 'corsAllow_Headers' => '*', + 'corsAllow_Methods' => 'POST,GET', + 'corsAllow_Origin' => '*', + 'corsEnabled' => 1, + 'corsExpose_Headers' => '*', + 'corsMax_Age' => '86400', + 'crowdsecAction' => 'reject', + 'cspConnect' => '\'self\'', + 'cspDefault' => '\'self\'', + 'cspFont' => '\'self\'', + 'cspFormAction' => '*', + 'cspFrameAncestors' => '', + 'cspImg' => '\'self\' data:', + 'cspScript' => '\'self\'', + 'cspStyle' => '\'self\'', + 'dbiAuthnLevel' => 2, + 'dbiExportedVars' => {}, + 'decryptValueRule' => 0, + 'demoExportedVars' => { + 'cn' => 'cn', + 'mail' => 'mail', + 'uid' => 'uid' + }, + 'displaySessionId' => 1, + 'domain' => 'example.com', + 'exportedVars' => { + 'UA' => 'HTTP_USER_AGENT' + }, + 'ext2fActivation' => 0, + 'ext2fCodeActivation' => '\\d{6}', + 'facebookAuthnLevel' => 1, + 'facebookExportedVars' => {}, + 'facebookUserField' => 'id', + 'failedLoginNumber' => 5, + 'findUserControl' => '^[*\\w]+$', + 'findUserWildcard' => '*', + 'formTimeout' => 120, + 'githubAuthnLevel' => 1, + 'githubScope' => 'user:email', + 'githubUserField' => 'login', + 'globalLogoutRule' => 0, + 'globalLogoutTimer' => 1, + 'globalStorage' => 'Apache::Session::File', + 'globalStorageOptions' => { + 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', + 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' + }, + 'gpgAuthnLevel' => 5, + 'gpgDb' => '', + 'grantSessionRules' => {}, + 'groups' => {}, + 'handlerInternalCache' => 15, + 'handlerServiceTokenTTL' => 30, + 'hiddenAttributes' => '_password, _2fDevices', + 'httpOnly' => 1, + 'https' => -1, + 'impersonationHiddenAttributes' => '_2fDevices, _loginHistory', + 'impersonationIdRule' => 1, + 'impersonationMergeSSOgroups' => 0, + 'impersonationPrefix' => 'real_', + 'impersonationRule' => 0, + 'impersonationSkipEmptyValues' => 1, + 'infoFormMethod' => 'get', + 'issuerDBCASPath' => '^/cas/', + 'issuerDBCASRule' => 1, + 'issuerDBGetParameters' => {}, + 'issuerDBGetPath' => '^/get/', + 'issuerDBGetRule' => 1, + 'issuerDBOpenIDConnectPath' => '^/oauth2/', + 'issuerDBOpenIDConnectRule' => 1, + 'issuerDBOpenIDPath' => '^/openidserver/', + 'issuerDBOpenIDRule' => 1, + 'issuerDBSAMLPath' => '^/saml/', + 'issuerDBSAMLRule' => 1, + 'issuersTimeout' => 120, + 'jsRedirect' => 0, + 'krbAuthnLevel' => 3, + 'krbRemoveDomain' => 1, + 'ldapAuthnLevel' => 2, + 'ldapBase' => 'dc=example,dc=com', + 'ldapExportedVars' => { + 'cn' => 'cn', + 'mail' => 'mail', + 'uid' => 'uid' + }, + 'ldapGroupAttributeName' => 'member', + 'ldapGroupAttributeNameGroup' => 'dn', + 'ldapGroupAttributeNameSearch' => 'cn', + 'ldapGroupAttributeNameUser' => 'dn', + 'ldapGroupObjectClass' => 'groupOfNames', + 'ldapIOTimeout' => 10, + 'ldapPasswordResetAttribute' => 'pwdReset', + 'ldapPasswordResetAttributeValue' => 'TRUE', + 'ldapPwdEnc' => 'utf-8', + 'ldapSearchDeref' => 'find', + 'ldapServer' => 'ldap://localhost', + 'ldapTimeout' => 10, + 'ldapUsePasswordResetAttribute' => 1, + 'ldapVerify' => 'require', + 'ldapVersion' => 3, + 'linkedInAuthnLevel' => 1, + 'linkedInFields' => 'id,first-name,last-name,email-address', + 'linkedInScope' => 'r_liteprofile r_emailaddress', + 'linkedInUserField' => 'emailAddress', + 'localSessionStorage' => 'Cache::FileCache', + 'localSessionStorageOptions' => { + 'cache_depth' => 3, + 'cache_root' => '/var/cache/lemonldap-ng', + 'default_expires_in' => 600, + 'directory_umask' => '007', + 'namespace' => 'lemonldap-ng-sessions' + }, + 'locationRules' => { + 'default' => 'deny' + }, + 'logoutServices' => {}, + 'macros' => {}, + 'mail2fActivation' => 0, + 'mail2fCodeRegex' => '\\d{6}', + 'mailCharset' => 'utf-8', + 'mailFrom' => 'noreply@example.com', + 'mailSessionKey' => 'mail', + 'mailTimeout' => 0, + 'mailUrl' => 'http://auth.example.com/resetpwd', + 'managerDn' => '', + 'managerPassword' => '', + 'max2FDevices' => 10, + 'max2FDevicesNameLength' => 20, + 'multiValuesSeparator' => '; ', + 'mySessionAuthorizedRWKeys' => [ + '_appsListOrder', + '_oidcConnectedRP', + '_oidcConsents' + ], + 'newLocationWarningLocationAttribute' => 'ipAddr', + 'newLocationWarningLocationDisplayAttribute' => '', + 'newLocationWarningMaxValues' => '0', + 'notificationDefaultCond' => '', + 'notificationServerPOST' => 1, + 'notificationServerSentAttributes' => 'uid reference date title subtitle text check', + 'notificationsMaxRetrieve' => 3, + 'notificationStorage' => 'File', + 'notificationStorageOptions' => { + 'dirName' => '/var/lib/lemonldap-ng/notifications' + }, + 'notificationWildcard' => 'allusers', + 'notifyDeleted' => 1, + 'nullAuthnLevel' => 0, + 'oidcAuthnLevel' => 1, + 'oidcRPCallbackGetParam' => 'openidconnectcallback', + 'oidcRPStateTimeout' => 600, + 'oidcServiceAccessTokenExpiration' => 3600, + 'oidcServiceAllowAuthorizationCodeFlow' => 1, + 'oidcServiceAuthorizationCodeExpiration' => 60, + 'oidcServiceIDTokenExpiration' => 3600, + 'oidcServiceMetaDataAuthnContext' => { + 'loa-1' => 1, + 'loa-2' => 2, + 'loa-3' => 3, + 'loa-4' => 4, + 'loa-5' => 5 + }, + 'oidcServiceMetaDataAuthorizeURI' => 'authorize', + 'oidcServiceMetaDataBackChannelURI' => 'blogout', + 'oidcServiceMetaDataCheckSessionURI' => 'checksession.html', + 'oidcServiceMetaDataEndSessionURI' => 'logout', + 'oidcServiceMetaDataFrontChannelURI' => 'flogout', + 'oidcServiceMetaDataIntrospectionURI' => 'introspect', + 'oidcServiceMetaDataJWKSURI' => 'jwks', + 'oidcServiceMetaDataRegistrationURI' => 'register', + 'oidcServiceMetaDataTokenURI' => 'token', + 'oidcServiceMetaDataUserInfoURI' => 'userinfo', + 'oidcServiceOfflineSessionExpiration' => 2592000, + 'openIdAuthnLevel' => 1, + 'openIdExportedVars' => {}, + 'openIdIDPList' => '0;', + 'openIdSPList' => '0;', + 'openIdSreg_email' => 'mail', + 'openIdSreg_fullname' => 'cn', + 'openIdSreg_nickname' => 'uid', + 'openIdSreg_timezone' => '_timezone', + 'pamAuthnLevel' => 2, + 'pamService' => 'login', + 'passwordDB' => 'Demo', + 'passwordPolicyActivation' => 1, + 'passwordPolicyMinDigit' => 0, + 'passwordPolicyMinLower' => 0, + 'passwordPolicyMinSize' => 0, + 'passwordPolicyMinSpeChar' => 0, + 'passwordPolicyMinUpper' => 0, + 'passwordPolicySpecialChar' => '__ALL__', + 'passwordResetAllowedRetries' => 3, + 'persistentSessionAttributes' => '_loginHistory _2fDevices notification_', + 'port' => -1, + 'portal' => 'http://auth.example.com/', + 'portalAntiFrame' => 1, + 'portalCheckLogins' => 1, + 'portalDisplayAppslist' => 1, + 'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/', + 'portalDisplayGeneratePassword' => 1, + 'portalDisplayLoginHistory' => 1, + 'portalDisplayLogout' => 1, + 'portalDisplayOidcConsents' => '$_oidcConsents && $_oidcConsents =~ /\\w+/', + 'portalDisplayRefreshMyRights' => 1, + 'portalDisplayRegister' => 1, + 'portalErrorOnExpiredSession' => 1, + 'portalForceAuthnInterval' => 5, + 'portalMainLogo' => 'common/logos/logo_llng_400px.png', + 'portalPingInterval' => 60000, + 'portalRequireOldPassword' => 1, + 'portalSkin' => 'bootstrap', + 'portalUserAttr' => '_user', + 'proxyAuthnLevel' => 2, + 'proxyAuthServiceChoiceParam' => 'lmAuth', + 'radius2fActivation' => 0, + 'radius2fTimeout' => 20, + 'radiusAuthnLevel' => 3, + 'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}', + 'redirectFormMethod' => 'get', + 'registerDB' => 'Null', + 'registerTimeout' => 0, + 'registerUrl' => 'http://auth.example.com/register', + 'reloadTimeout' => 5, + 'rememberAuthChoiceRule' => 0, + 'rememberCookieName' => 'llngrememberauthchoice', + 'rememberCookieTimeout' => 31536000, + 'rememberTimer' => 5, + 'remoteGlobalStorage' => 'Lemonldap::NG::Common::Apache::Session::SOAP', + 'remoteGlobalStorageOptions' => { + 'ns' => 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', + 'proxy' => 'http://auth.example.com/sessions' + }, + 'requireToken' => 1, + 'rest2fActivation' => 0, + 'restAuthnLevel' => 2, + 'restClockTolerance' => 15, + 'sameSite' => '', + 'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;', + 'samlAuthnContextMapKerberos' => 4, + 'samlAuthnContextMapPassword' => 2, + 'samlAuthnContextMapPasswordProtectedTransport' => 3, + 'samlAuthnContextMapTLSClient' => 5, + 'samlEntityID' => '#PORTAL#/saml/metadata', + 'samlIDPSSODescriptorArtifactResolutionServiceArtifact' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', + 'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', + 'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', + 'samlIDPSSODescriptorSingleLogoutServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;', + 'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;', + 'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;', + 'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;', + 'samlIDPSSODescriptorWantAuthnRequestsSigned' => 1, + 'samlMetadataForceUTF8' => 1, + 'samlNameIDFormatMapEmail' => 'mail', + 'samlNameIDFormatMapKerberos' => 'uid', + 'samlNameIDFormatMapWindows' => 'uid', + 'samlNameIDFormatMapX509' => 'mail', + 'samlOrganizationDisplayName' => 'Example', + 'samlOrganizationName' => 'Example', + 'samlOrganizationURL' => 'http://www.example.com', + 'samlOverrideIDPEntityID' => '', + 'samlRelayStateTimeout' => 600, + 'samlServiceSignatureMethod' => 'RSA_SHA256', + 'samlSPSSODescriptorArtifactResolutionServiceArtifact' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', + 'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' => '0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact', + 'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost', + 'samlSPSSODescriptorAuthnRequestsSigned' => 1, + 'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', + 'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', + 'samlSPSSODescriptorSingleLogoutServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;', + 'samlSPSSODescriptorWantAssertionsSigned' => 1, + 'securedCookie' => 0, + 'sfEngine' => '::2F::Engines::Default', + 'sfManagerRule' => 1, + 'sfRemovedMsgRule' => 0, + 'sfRemovedNotifMsg' => '_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', + 'sfRemovedNotifRef' => 'RemoveSF', + 'sfRemovedNotifTitle' => 'Second factor notification', + 'sfRequired' => 0, + 'showLanguages' => 1, + 'singleIP' => 0, + 'singleSession' => 0, + 'singleUserByIP' => 0, + 'slaveAuthnLevel' => 2, + 'slaveExportedVars' => {}, + 'SMTPServer' => '', + 'SMTPTLS' => '', + 'soapProxyUrn' => 'urn:Lemonldap/NG/Common/PSGI/SOAPService', + 'SSLAuthnLevel' => 5, + 'SSLVar' => 'SSL_CLIENT_S_DN_Email', + 'SSLVarIf' => {}, + 'stayConnected' => 0, + 'stayConnectedCookieName' => 'llngconnection', + 'stayConnectedTimeout' => 2592000, + 'successLoginNumber' => 5, + 'timeout' => 72000, + 'timeoutActivity' => 0, + 'timeoutActivityInterval' => 60, + 'totp2fActivation' => 0, + 'totp2fDigits' => 6, + 'totp2fInterval' => 30, + 'totp2fRange' => 1, + 'totp2fSelfRegistration' => 0, + 'totp2fUserCanRemoveKey' => 1, + 'twitterAuthnLevel' => 1, + 'twitterUserField' => 'screen_name', + 'u2fActivation' => 0, + 'u2fSelfRegistration' => 0, + 'u2fUserCanRemoveKey' => 1, + 'upgradeSession' => 1, + 'userControl' => '^[\\w\\.\\-@]+$', + 'userDB' => 'Same', + 'useRedirectOnError' => 1, + 'useSafeJail' => 1, + 'utotp2fActivation' => 0, + 'viewerHiddenKeys' => 'samlIDPMetaDataNodes, samlSPMetaDataNodes', + 'webauthn2fActivation' => 0, + 'webauthn2fSelfRegistration' => 0, + 'webauthn2fUserCanRemoveKey' => 1, + 'webauthn2fUserVerification' => 'preferred', + 'webIDAuthnLevel' => 1, + 'webIDExportedVars' => {}, + 'whatToTrace' => 'uid', + 'yubikey2fActivation' => 0, + 'yubikey2fPublicIDSize' => 12, + 'yubikey2fSelfRegistration' => 0, + 'yubikey2fUserCanRemoveKey' => 1 + }; } 1; diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm index 0b968c009..ff61f081d 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm @@ -8,115 +8,115 @@ our $VERSION = '2.0.14'; sub portalConsts { return { - '-1' => 'PE_DONE', - '-2' => 'PE_REDIRECT', - '-3' => 'PE_INFO', - '-4' => 'PE_SENDRESPONSE', - '-5' => 'PE_IDPCHOICE', - '0' => 'PE_OK', - '1' => 'PE_SESSIONEXPIRED', - '10' => 'PE_BADCERTIFICATE', - '100' => 'PE_PP_NOT_ALLOWED_CHARACTER', - '101' => 'PE_PP_NOT_ALLOWED_CHARACTERS', - '102' => 'PE_UPGRADESESSION', - '103' => 'PE_NO_SECOND_FACTORS', - '104' => 'PE_BAD_DEVOPS_FILE', - '105' => 'PE_FILENOTFOUND', - '106' => 'PE_OIDC_AUTH_ERROR', - '2' => 'PE_FORMEMPTY', - '20' => 'PE_NO_PASSWORD_BE', - '21' => 'PE_PP_ACCOUNT_LOCKED', - '22' => 'PE_PP_PASSWORD_EXPIRED', - '23' => 'PE_CERTIFICATEREQUIRED', - '24' => 'PE_ERROR', - '25' => 'PE_PP_CHANGE_AFTER_RESET', - '26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', - '27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', - '28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', - '29' => 'PE_PP_PASSWORD_TOO_SHORT', - '3' => 'PE_WRONGMANAGERACCOUNT', - '30' => 'PE_PP_PASSWORD_TOO_YOUNG', - '31' => 'PE_PP_PASSWORD_IN_HISTORY', - '32' => 'PE_PP_GRACE', - '33' => 'PE_PP_EXP_WARNING', - '34' => 'PE_PASSWORD_MISMATCH', - '35' => 'PE_PASSWORD_OK', - '36' => 'PE_NOTIFICATION', - '37' => 'PE_BADURL', - '38' => 'PE_NOSCHEME', - '39' => 'PE_BADOLDPASSWORD', - '4' => 'PE_USERNOTFOUND', - '40' => 'PE_MALFORMEDUSER', - '41' => 'PE_SESSIONNOTGRANTED', - '42' => 'PE_CONFIRM', - '43' => 'PE_MAILFORMEMPTY', - '44' => 'PE_BADMAILTOKEN', - '45' => 'PE_MAILERROR', - '46' => 'PE_MAILOK', - '47' => 'PE_LOGOUT_OK', - '48' => 'PE_SAML_ERROR', - '49' => 'PE_SAML_LOAD_SERVICE_ERROR', - '5' => 'PE_BADCREDENTIALS', - '50' => 'PE_SAML_LOAD_IDP_ERROR', - '51' => 'PE_SAML_SSO_ERROR', - '52' => 'PE_SAML_UNKNOWN_ENTITY', - '53' => 'PE_SAML_DESTINATION_ERROR', - '54' => 'PE_SAML_CONDITIONS_ERROR', - '55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', - '56' => 'PE_SAML_SLO_ERROR', - '57' => 'PE_SAML_SIGNATURE_ERROR', - '58' => 'PE_SAML_ART_ERROR', - '59' => 'PE_SAML_SESSION_ERROR', - '6' => 'PE_LDAPCONNECTFAILED', - '60' => 'PE_SAML_LOAD_SP_ERROR', - '61' => 'PE_SAML_ATTR_ERROR', - '62' => 'PE_OPENID_EMPTY', - '63' => 'PE_OPENID_BADID', - '64' => 'PE_MISSINGREQATTR', - '65' => 'PE_BADPARTNER', - '66' => 'PE_MAILCONFIRMATION_ALREADY_SENT', - '67' => 'PE_PASSWORDFORMEMPTY', - '68' => 'PE_CAS_SERVICE_NOT_ALLOWED', - '69' => 'PE_MAILFIRSTACCESS', - '7' => 'PE_LDAPERROR', - '70' => 'PE_MAILNOTFOUND', - '71' => 'PE_PASSWORDFIRSTACCESS', - '72' => 'PE_MAILCONFIRMOK', - '73' => 'PE_RADIUSCONNECTFAILED', - '74' => 'PE_MUST_SUPPLY_OLD_PASSWORD', - '75' => 'PE_FORBIDDENIP', - '76' => 'PE_CAPTCHAERROR', - '77' => 'PE_CAPTCHAEMPTY', - '78' => 'PE_REGISTERFIRSTACCESS', - '79' => 'PE_REGISTERFORMEMPTY', - '8' => 'PE_APACHESESSIONERROR', - '80' => 'PE_REGISTERALREADYEXISTS', - '81' => 'PE_NOTOKEN', - '82' => 'PE_TOKENEXPIRED', - '83' => 'PE_U2FFAILED', - '84' => 'PE_UNAUTHORIZEDPARTNER', - '85' => 'PE_RENEWSESSION', - '86' => 'PE_WAIT', - '87' => 'PE_MUSTAUTHN', - '88' => 'PE_MUSTHAVEMAIL', - '89' => 'PE_SAML_SERVICE_NOT_ALLOWED', - '9' => 'PE_FIRSTACCESS', - '90' => 'PE_OIDC_SERVICE_NOT_ALLOWED', - '91' => 'PE_OID_SERVICE_NOT_ALLOWED', - '92' => 'PE_GET_SERVICE_NOT_ALLOWED', - '93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', - '94' => 'PE_ISSUERMISSINGREQATTR', - '95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', - '96' => 'PE_BADOTP', - '97' => 'PE_RESETCERTIFICATE_INVALID', - '98' => 'PE_RESETCERTIFICATE_FORMEMPTY', - '99' => 'PE_RESETCERTIFICATE_FIRSTACCESS' - }; + '-1' => 'PE_DONE', + '-2' => 'PE_REDIRECT', + '-3' => 'PE_INFO', + '-4' => 'PE_SENDRESPONSE', + '-5' => 'PE_IDPCHOICE', + '0' => 'PE_OK', + '1' => 'PE_SESSIONEXPIRED', + '10' => 'PE_BADCERTIFICATE', + '100' => 'PE_PP_NOT_ALLOWED_CHARACTER', + '101' => 'PE_PP_NOT_ALLOWED_CHARACTERS', + '102' => 'PE_UPGRADESESSION', + '103' => 'PE_NO_SECOND_FACTORS', + '104' => 'PE_BAD_DEVOPS_FILE', + '105' => 'PE_FILENOTFOUND', + '106' => 'PE_OIDC_AUTH_ERROR', + '2' => 'PE_FORMEMPTY', + '20' => 'PE_NO_PASSWORD_BE', + '21' => 'PE_PP_ACCOUNT_LOCKED', + '22' => 'PE_PP_PASSWORD_EXPIRED', + '23' => 'PE_CERTIFICATEREQUIRED', + '24' => 'PE_ERROR', + '25' => 'PE_PP_CHANGE_AFTER_RESET', + '26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', + '27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', + '28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', + '29' => 'PE_PP_PASSWORD_TOO_SHORT', + '3' => 'PE_WRONGMANAGERACCOUNT', + '30' => 'PE_PP_PASSWORD_TOO_YOUNG', + '31' => 'PE_PP_PASSWORD_IN_HISTORY', + '32' => 'PE_PP_GRACE', + '33' => 'PE_PP_EXP_WARNING', + '34' => 'PE_PASSWORD_MISMATCH', + '35' => 'PE_PASSWORD_OK', + '36' => 'PE_NOTIFICATION', + '37' => 'PE_BADURL', + '38' => 'PE_NOSCHEME', + '39' => 'PE_BADOLDPASSWORD', + '4' => 'PE_USERNOTFOUND', + '40' => 'PE_MALFORMEDUSER', + '41' => 'PE_SESSIONNOTGRANTED', + '42' => 'PE_CONFIRM', + '43' => 'PE_MAILFORMEMPTY', + '44' => 'PE_BADMAILTOKEN', + '45' => 'PE_MAILERROR', + '46' => 'PE_MAILOK', + '47' => 'PE_LOGOUT_OK', + '48' => 'PE_SAML_ERROR', + '49' => 'PE_SAML_LOAD_SERVICE_ERROR', + '5' => 'PE_BADCREDENTIALS', + '50' => 'PE_SAML_LOAD_IDP_ERROR', + '51' => 'PE_SAML_SSO_ERROR', + '52' => 'PE_SAML_UNKNOWN_ENTITY', + '53' => 'PE_SAML_DESTINATION_ERROR', + '54' => 'PE_SAML_CONDITIONS_ERROR', + '55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', + '56' => 'PE_SAML_SLO_ERROR', + '57' => 'PE_SAML_SIGNATURE_ERROR', + '58' => 'PE_SAML_ART_ERROR', + '59' => 'PE_SAML_SESSION_ERROR', + '6' => 'PE_LDAPCONNECTFAILED', + '60' => 'PE_SAML_LOAD_SP_ERROR', + '61' => 'PE_SAML_ATTR_ERROR', + '62' => 'PE_OPENID_EMPTY', + '63' => 'PE_OPENID_BADID', + '64' => 'PE_MISSINGREQATTR', + '65' => 'PE_BADPARTNER', + '66' => 'PE_MAILCONFIRMATION_ALREADY_SENT', + '67' => 'PE_PASSWORDFORMEMPTY', + '68' => 'PE_CAS_SERVICE_NOT_ALLOWED', + '69' => 'PE_MAILFIRSTACCESS', + '7' => 'PE_LDAPERROR', + '70' => 'PE_MAILNOTFOUND', + '71' => 'PE_PASSWORDFIRSTACCESS', + '72' => 'PE_MAILCONFIRMOK', + '73' => 'PE_RADIUSCONNECTFAILED', + '74' => 'PE_MUST_SUPPLY_OLD_PASSWORD', + '75' => 'PE_FORBIDDENIP', + '76' => 'PE_CAPTCHAERROR', + '77' => 'PE_CAPTCHAEMPTY', + '78' => 'PE_REGISTERFIRSTACCESS', + '79' => 'PE_REGISTERFORMEMPTY', + '8' => 'PE_APACHESESSIONERROR', + '80' => 'PE_REGISTERALREADYEXISTS', + '81' => 'PE_NOTOKEN', + '82' => 'PE_TOKENEXPIRED', + '83' => 'PE_U2FFAILED', + '84' => 'PE_UNAUTHORIZEDPARTNER', + '85' => 'PE_RENEWSESSION', + '86' => 'PE_WAIT', + '87' => 'PE_MUSTAUTHN', + '88' => 'PE_MUSTHAVEMAIL', + '89' => 'PE_SAML_SERVICE_NOT_ALLOWED', + '9' => 'PE_FIRSTACCESS', + '90' => 'PE_OIDC_SERVICE_NOT_ALLOWED', + '91' => 'PE_OID_SERVICE_NOT_ALLOWED', + '92' => 'PE_GET_SERVICE_NOT_ALLOWED', + '93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', + '94' => 'PE_ISSUERMISSINGREQATTR', + '95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', + '96' => 'PE_BADOTP', + '97' => 'PE_RESETCERTIFICATE_INVALID', + '98' => 'PE_RESETCERTIFICATE_FORMEMPTY', + '99' => 'PE_RESETCERTIFICATE_FIRSTACCESS' + }; } # EXPORTER PARAMETERS -our @EXPORT_OK = ('portalConsts'); +our @EXPORT_OK = ( 'portalConsts' ); our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], ); 1; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 0786cd0f0..fdd62de2c 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -4,4606 +4,4603 @@ package Lemonldap::NG::Manager::Attributes; our $VERSION = '2.0.14'; sub perlExpr { - my ( $val, $conf ) = @_; - my $cpt = 'Safe'->new; - $cpt->share_from( 'MIME::Base64', ['&encode_base64'] ); - $cpt->share_from( - 'Lemonldap::NG::Handler::Main::Jail', - [ - '&encrypt', '&token', - @Lemonldap::NG::Handler::Main::Jail::builtCustomFunctions - ] - ); - $cpt->share_from( 'Lemonldap::NG::Common::Safelib', - $Lemonldap::NG::Common::Safelib::functions ); - $cpt->reval("BEGIN { 'warnings'->unimport; } $val"); - my $err = join( - '', - grep( { $_ =~ /(?:Undefined subroutine|Devel::StackTrace)/ ? () : $_; } - split( /\n/, $@, 0 ) ) - ); - return -1, "__badExpression__: $err" if $err and $conf->{'useSafeJail'}; - return $val =~ qr/(?<=[^=\|\?])=(?![>=~])/ - && $conf->{'avoidAssignment'} ? ( 1, '__badExpressionAssignment__' ) : 1; -} + my($val, $conf) = @_; + my $cpt = 'Safe'->new; + $cpt->share_from('MIME::Base64', ['&encode_base64']); + $cpt->share_from('Lemonldap::NG::Handler::Main::Jail', ['&encrypt', '&token', @Lemonldap::NG::Handler::Main::Jail::builtCustomFunctions]); + $cpt->share_from('Lemonldap::NG::Common::Safelib', $Lemonldap::NG::Common::Safelib::functions); + $cpt->reval("BEGIN { 'warnings'->unimport; } $val"); + my $err = join('', grep({$_ =~ /(?:Undefined subroutine|Devel::StackTrace)/ ? () : $_;} split(/\n/, $@, 0))); + return -1, "__badExpression__: $err" if $err and $conf->{'useSafeJail'}; + return $val =~ qr/(?<=[^=\|\?])=(?![>=~])/ && $conf->{'avoidAssignment'} ? (1, '__badExpressionAssignment__') : 1; + }; + sub types { return { - 'array' => { - 'test' => sub { - 1; - } - }, - 'authParamsText' => { - 'test' => sub { - 1; - } - }, - 'blackWhiteList' => { - 'test' => sub { - 1; - } - }, - 'bool' => { - 'msgFail' => '__notABoolean__', - 'test' => qr/^[01]$/ - }, - 'boolOrExpr' => { - 'msgFail' => '__notAValidPerlExpression__', - 'test' => sub { - return perlExpr(@_); - } - }, - 'catAndAppList' => { - 'test' => sub { - 1; - } - }, - 'file' => { - 'test' => sub { - 1; - } - }, - 'hostname' => { - 'form' => 'text', - 'msgFail' => '__badHostname__', - 'test' => -qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/ - }, - 'int' => { - 'msgFail' => '__notAnInteger__', - 'test' => qr/^\-?\d+$/ - }, - 'keyText' => { - 'keyTest' => qr/^[a-zA-Z0-9_]+$/, - 'msgFail' => '__badValue__', - 'test' => qr/^.*$/ - }, - 'keyTextContainer' => { - 'keyMsgFail' => '__badKeyName__', - 'keyTest' => qr/^\w[\w\.\-]*$/, - 'msgFail' => '__emptyValueNotAllowed__', - 'test' => qr/./ - }, - 'lmAttrOrMacro' => { - 'form' => 'text', - 'test' => sub { - my ( $val, $conf ) = @_; - return 1 if defined $conf->{'macros'}{$val} or $val =~ /^_/; - foreach $_ ( keys %$conf ) { - return 1 - if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val}; - } - return 1, "__unknownAttrOrMacro__: $val"; - } - }, - 'longtext' => { - 'test' => sub { - 1; - } - }, - 'menuApp' => { - 'test' => sub { - 1; - } - }, - 'menuCat' => { - 'test' => sub { - 1; - } - }, - 'oidcAttribute' => { - 'test' => sub { - 1; - } - }, - 'oidcmetadatajson' => { - 'test' => sub { - 1; - } - }, - 'oidcmetadatajwks' => { - 'test' => sub { - 1; - } - }, - 'oidcOPMetaDataNode' => { - 'test' => sub { - 1; - } - }, - 'oidcRPMetaDataNode' => { - 'test' => sub { - 1; - } - }, - 'password' => { - 'msgFail' => '__malformedValue__', - 'test' => sub { - 1; - } - }, - 'pcre' => { - 'form' => 'text', - 'test' => sub { - eval { - do { - qr/$_[0]/; - } - }; - return $@ ? ( 0, "__badRegexp__: $@" ) : 1; - } - }, - 'PerlModule' => { - 'form' => 'text', - 'msgFail' => '__badPerlPackageName__', - 'test' => qr/^(?:[a-zA-Z][a-zA-Z0-9]*)*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/ - }, - 'portalskin' => { - 'test' => sub { - 1; - } - }, - 'portalskinbackground' => { - 'test' => sub { - 1; - } - }, - 'post' => { - 'test' => sub { - 1; - } - }, - 'RSAPrivateKey' => { - 'test' => sub { - return $_[0] =~ -m[^(?:(?:\-+\s*BEGIN\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s - ? 1 - : ( 1, '__badPemEncoding__' ); - } - }, - 'RSAPublicKey' => { - 'test' => sub { - return $_[0] =~ -m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s - ? 1 - : ( 1, '__badPemEncoding__' ); - } - }, - 'RSAPublicKeyOrCertificate' => { - 'test' => sub { - return $_[0] =~ -m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s - ? 1 - : ( 1, '__badPemEncoding__' ); - } - }, - 'rule' => { - 'test' => sub { - 1; - } - }, - 'samlAssertion' => { - 'test' => sub { - 1; - } - }, - 'samlAttribute' => { - 'test' => sub { - 1; - } - }, - 'samlIDPMetaDataNode' => { - 'test' => sub { - 1; - } - }, - 'samlService' => { - 'test' => sub { - 1; - } - }, - 'samlSPMetaDataNode' => { - 'test' => sub { - 1; - } - }, - 'select' => { - 'test' => sub { - return 0, 'Value is not a scalar' if ref $_[0]; - my $test = grep( { $_ eq $_[0]; } - map( { $_->{'k'}; } @{ $_[2]{'select'}; } ) ); - return $test - ? 1 - : ( 1, "Invalid value '$_[0]' for this select" ); - } - }, - 'subContainer' => { - 'keyTest' => qr/\w/, - 'test' => sub { - 1; - } - }, - 'text' => { - 'msgFail' => '__malformedValue__', - 'test' => sub { - 1; - } - }, - 'trool' => { - 'msgFail' => '__authorizedValues__: -1, 0, 1', - 'test' => qr/^(?:-1|0|1)$/ - }, - 'url' => { - 'form' => 'text', - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:^$|(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?))/ - } - }; + 'array' => { + 'test' => sub { + 1; + } + }, + 'authParamsText' => { + 'test' => sub { + 1; + } + }, + 'blackWhiteList' => { + 'test' => sub { + 1; + } + }, + 'bool' => { + 'msgFail' => '__notABoolean__', + 'test' => qr/^[01]$/ + }, + 'boolOrExpr' => { + 'msgFail' => '__notAValidPerlExpression__', + 'test' => sub { + return perlExpr(@_); + } + }, + 'catAndAppList' => { + 'test' => sub { + 1; + } + }, + 'file' => { + 'test' => sub { + 1; + } + }, + 'hostname' => { + 'form' => 'text', + 'msgFail' => '__badHostname__', + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/ + }, + 'int' => { + 'msgFail' => '__notAnInteger__', + 'test' => qr/^\-?\d+$/ + }, + 'keyText' => { + 'keyTest' => qr/^[a-zA-Z0-9_]+$/, + 'msgFail' => '__badValue__', + 'test' => qr/^.*$/ + }, + 'keyTextContainer' => { + 'keyMsgFail' => '__badKeyName__', + 'keyTest' => qr/^\w[\w\.\-]*$/, + 'msgFail' => '__emptyValueNotAllowed__', + 'test' => qr/./ + }, + 'lmAttrOrMacro' => { + 'form' => 'text', + 'test' => sub { + my($val, $conf) = @_; + return 1 if defined $conf->{'macros'}{$val} or $val =~ /^_/; + foreach $_ (keys %$conf) { + return 1 if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val}; + } + return 1, "__unknownAttrOrMacro__: $val"; + } + }, + 'longtext' => { + 'test' => sub { + 1; + } + }, + 'menuApp' => { + 'test' => sub { + 1; + } + }, + 'menuCat' => { + 'test' => sub { + 1; + } + }, + 'oidcAttribute' => { + 'test' => sub { + 1; + } + }, + 'oidcmetadatajson' => { + 'test' => sub { + 1; + } + }, + 'oidcmetadatajwks' => { + 'test' => sub { + 1; + } + }, + 'oidcOPMetaDataNode' => { + 'test' => sub { + 1; + } + }, + 'oidcRPMetaDataNode' => { + 'test' => sub { + 1; + } + }, + 'password' => { + 'msgFail' => '__malformedValue__', + 'test' => sub { + 1; + } + }, + 'pcre' => { + 'form' => 'text', + 'test' => sub { + eval { + do { + qr/$_[0]/ + } + }; + return $@ ? (0, "__badRegexp__: $@") : 1; + } + }, + 'PerlModule' => { + 'form' => 'text', + 'msgFail' => '__badPerlPackageName__', + 'test' => qr/^(?:[a-zA-Z][a-zA-Z0-9]*)*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/ + }, + 'portalskin' => { + 'test' => sub { + 1; + } + }, + 'portalskinbackground' => { + 'test' => sub { + 1; + } + }, + 'post' => { + 'test' => sub { + 1; + } + }, + 'RSAPrivateKey' => { + 'test' => sub { + return $_[0] =~ m[^(?:(?:\-+\s*BEGIN\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s ? 1 : (1, '__badPemEncoding__'); + } + }, + 'RSAPublicKey' => { + 'test' => sub { + return $_[0] =~ m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s ? 1 : (1, '__badPemEncoding__'); + } + }, + 'RSAPublicKeyOrCertificate' => { + 'test' => sub { + return $_[0] =~ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s ? 1 : (1, '__badPemEncoding__'); + } + }, + 'rule' => { + 'test' => sub { + 1; + } + }, + 'samlAssertion' => { + 'test' => sub { + 1; + } + }, + 'samlAttribute' => { + 'test' => sub { + 1; + } + }, + 'samlIDPMetaDataNode' => { + 'test' => sub { + 1; + } + }, + 'samlService' => { + 'test' => sub { + 1; + } + }, + 'samlSPMetaDataNode' => { + 'test' => sub { + 1; + } + }, + 'select' => { + 'test' => sub { + return 0, 'Value is not a scalar' if ref $_[0]; + my $test = grep({$_ eq $_[0];} map({$_->{'k'};} @{$_[2]{'select'};})); + return $test ? 1 : (1, "Invalid value '$_[0]' for this select"); + } + }, + 'subContainer' => { + 'keyTest' => qr/\w/, + 'test' => sub { + 1; + } + }, + 'text' => { + 'msgFail' => '__malformedValue__', + 'test' => sub { + 1; + } + }, + 'trool' => { + 'msgFail' => '__authorizedValues__: -1, 0, 1', + 'test' => qr/^(?:-1|0|1)$/ + }, + 'url' => { + 'form' => 'text', + 'msgFail' => '__badUrl__', + 'test' => qr/(?:^$|(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?))/ + } + }; } sub attributes { return { - 'activeTimer' => { - 'default' => 1, - 'type' => 'bool' - }, - 'adaptativeAuthenticationLevelRules' => { - 'keyMsgFail' => '__badRegexp__', - 'keyTest' => sub { - eval { - do { - qr/$_[0]/; - } - }; - return $@ ? 0 : 1; - }, - 'type' => 'keyTextContainer' - }, - 'ADPwdExpireWarning' => { - 'default' => 0, - 'type' => 'int' - }, - 'ADPwdMaxAge' => { - 'default' => 0, - 'type' => 'int' - }, - 'apacheAuthnLevel' => { - 'default' => 3, - 'type' => 'int' - }, - 'applicationList' => { - 'default' => { - 'default' => { - 'catname' => 'Default category', - 'type' => 'category' - } - }, - 'keyTest' => qr/\w/, - 'type' => 'catAndAppList' - }, - 'authChoiceAuthBasic' => { - 'type' => 'text' - }, - 'authChoiceFindUser' => { - 'type' => 'text' - }, - 'authChoiceModules' => { - 'keyMsgFail' => '__badChoiceKey__', - 'keyTest' => qr/^(\d*)?[a-zA-Z0-9_]+$/, - 'select' => [ [ { - 'k' => 'Apache', - 'v' => 'Apache' + 'activeTimer' => { + 'default' => 1, + 'type' => 'bool' + }, + 'adaptativeAuthenticationLevelRules' => { + 'keyMsgFail' => '__badRegexp__', + 'keyTest' => sub { + eval { + do { + qr/$_[0]/ + } + }; + return $@ ? 0 : 1; + }, + 'type' => 'keyTextContainer' + }, + 'ADPwdExpireWarning' => { + 'default' => 0, + 'type' => 'int' + }, + 'ADPwdMaxAge' => { + 'default' => 0, + 'type' => 'int' + }, + 'apacheAuthnLevel' => { + 'default' => 3, + 'type' => 'int' + }, + 'applicationList' => { + 'default' => { + 'default' => { + 'catname' => 'Default category', + 'type' => 'category' + } + }, + 'keyTest' => qr/\w/, + 'type' => 'catAndAppList' + }, + 'authChoiceAuthBasic' => { + 'type' => 'text' + }, + 'authChoiceFindUser' => { + 'type' => 'text' + }, + 'authChoiceModules' => { + 'keyMsgFail' => '__badChoiceKey__', + 'keyTest' => qr/^(\d*)?[a-zA-Z0-9_]+$/, + 'select' => [ + [ + { + 'k' => 'Apache', + 'v' => 'Apache' + }, + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'CAS', + 'v' => 'Central Authentication Service (CAS)' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'Demo', + 'v' => 'Demo' + }, + { + 'k' => 'Facebook', + 'v' => 'Facebook' + }, + { + 'k' => 'GitHub', + 'v' => 'GitHub' + }, + { + 'k' => 'GPG', + 'v' => 'GPG' + }, + { + 'k' => 'Kerberos', + 'v' => 'Kerberos' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'LinkedIn', + 'v' => 'LinkedIn' + }, + { + 'k' => 'PAM', + 'v' => 'PAM' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'OpenID', + 'v' => 'OpenID' + }, + { + 'k' => 'OpenIDConnect', + 'v' => 'OpenID Connect' + }, + { + 'k' => 'Proxy', + 'v' => 'Proxy' + }, + { + 'k' => 'Radius', + 'v' => 'Radius' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'Remote', + 'v' => 'Remote' + }, + { + 'k' => 'SAML', + 'v' => 'SAML v2' + }, + { + 'k' => 'Slave', + 'v' => 'Slave' + }, + { + 'k' => 'SSL', + 'v' => 'SSL' + }, + { + 'k' => 'Twitter', + 'v' => 'Twitter' + }, + { + 'k' => 'WebID', + 'v' => 'WebID' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + [ + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'CAS', + 'v' => 'Central Authentication Service (CAS)' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'Demo', + 'v' => 'Demo' + }, + { + 'k' => 'Facebook', + 'v' => 'Facebook' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'OpenID', + 'v' => 'OpenID' + }, + { + 'k' => 'OpenIDConnect', + 'v' => 'OpenID Connect' + }, + { + 'k' => 'Proxy', + 'v' => 'Proxy' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'Remote', + 'v' => 'Remote' + }, + { + 'k' => 'SAML', + 'v' => 'SAML v2' + }, + { + 'k' => 'Slave', + 'v' => 'Slave' + }, + { + 'k' => 'WebID', + 'v' => 'WebID' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + [ + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'Demo', + 'v' => 'Demo' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ] + ], + 'test' => sub { + 1; + }, + 'type' => 'authChoiceContainer' + }, + 'authChoiceParam' => { + 'default' => 'lmAuth', + 'type' => 'text' + }, + 'authentication' => { + 'default' => 'Demo', + 'select' => [ + { + 'k' => 'Apache', + 'v' => 'Apache' + }, + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'Facebook', + 'v' => 'Facebook' + }, + { + 'k' => 'GitHub', + 'v' => 'GitHub' + }, + { + 'k' => 'GPG', + 'v' => 'GPG' + }, + { + 'k' => 'Kerberos', + 'v' => 'Kerberos' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'LinkedIn', + 'v' => 'LinkedIn' + }, + { + 'k' => 'PAM', + 'v' => 'PAM' + }, + { + 'k' => 'Radius', + 'v' => 'Radius' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'SSL', + 'v' => 'SSL' + }, + { + 'k' => 'Twitter', + 'v' => 'Twitter' + }, + { + 'k' => 'WebID', + 'v' => 'WebID' + }, + { + 'k' => 'Demo', + 'v' => 'Demonstration' + }, + { + 'k' => 'Choice', + 'v' => 'authChoice' + }, + { + 'k' => 'Combination', + 'v' => 'combineMods' + }, + { + 'k' => 'CAS', + 'v' => 'Central Authentication Service (CAS)' + }, + { + 'k' => 'OpenID', + 'v' => 'OpenID' + }, + { + 'k' => 'OpenIDConnect', + 'v' => 'OpenID Connect' + }, + { + 'k' => 'SAML', + 'v' => 'SAML v2' + }, + { + 'k' => 'Proxy', + 'v' => 'Proxy' + }, + { + 'k' => 'Remote', + 'v' => 'Remote' + }, + { + 'k' => 'Slave', + 'v' => 'Slave' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + 'type' => 'select' + }, + 'AuthLDAPFilter' => { + 'type' => 'text' + }, + 'autoSigninRules' => { + 'type' => 'keyTextContainer' + }, + 'available2F' => { + 'default' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', + 'type' => 'text' + }, + 'available2FSelfRegistration' => { + 'default' => 'TOTP,U2F,WebAuthn,Yubikey', + 'type' => 'text' + }, + 'avoidAssignment' => { + 'default' => 0, + 'type' => 'bool' + }, + 'browsersDontStorePassword' => { + 'default' => 0, + 'type' => 'bool' + }, + 'bruteForceProtection' => { + 'default' => 0, + 'type' => 'bool' + }, + 'bruteForceProtectionIncrementalTempo' => { + 'default' => 0, + 'type' => 'bool' + }, + 'bruteForceProtectionLockTimes' => { + 'default' => '15, 30, 60, 300, 600', + 'type' => 'text' + }, + 'bruteForceProtectionMaxAge' => { + 'default' => 300, + 'type' => 'int' + }, + 'bruteForceProtectionMaxFailed' => { + 'default' => 3, + 'type' => 'int' + }, + 'bruteForceProtectionMaxLockTime' => { + 'default' => 900, + 'type' => 'int' + }, + 'bruteForceProtectionTempo' => { + 'default' => 30, + 'type' => 'int' + }, + 'captcha_login_enabled' => { + 'default' => 0, + 'type' => 'bool' + }, + 'captcha_mail_enabled' => { + 'default' => 1, + 'type' => 'bool' + }, + 'captcha_register_enabled' => { + 'default' => 1, + 'type' => 'bool' + }, + 'captcha_size' => { + 'default' => 6, + 'type' => 'int' + }, + 'casAccessControlPolicy' => { + 'default' => 'none', + 'select' => [ + { + 'k' => 'none', + 'v' => 'None' + }, + { + 'k' => 'error', + 'v' => 'Display error on portal' + }, + { + 'k' => 'faketicket', + 'v' => 'Send a fake service ticket' + } + ], + 'type' => 'select' + }, + 'casAppMetaDataExportedVars' => { + 'default' => { + 'cn' => 'cn', + 'mail' => 'mail', + 'uid' => 'uid' + }, + 'type' => 'keyTextContainer' + }, + 'casAppMetaDataMacros' => { + 'default' => {}, + 'test' => { + 'keyMsgFail' => '__badMacroName__', + 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, + 'casAppMetaDataNodes' => { + 'type' => 'casAppMetaDataNodeContainer' + }, + 'casAppMetaDataOptions' => { + 'type' => 'subContainer' + }, + 'casAppMetaDataOptionsAuthnLevel' => { + 'type' => 'int' + }, + 'casAppMetaDataOptionsRule' => { + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'casAppMetaDataOptionsService' => { + 'type' => 'text' + }, + 'casAppMetaDataOptionsUserAttribute' => { + 'type' => 'text' + }, + 'casAttr' => { + 'type' => 'text' + }, + 'casAttributes' => { + 'type' => 'keyTextContainer' + }, + 'casAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'casSrvMetaDataExportedVars' => { + 'default' => { + 'cn' => 'cn', + 'mail' => 'mail', + 'uid' => 'uid' + }, + 'type' => 'keyTextContainer' + }, + 'casSrvMetaDataNodes' => { + 'type' => 'casSrvMetaDataNodeContainer' + }, + 'casSrvMetaDataOptions' => { + 'type' => 'subContainer' + }, + 'casSrvMetaDataOptionsDisplayName' => { + 'type' => 'text' + }, + 'casSrvMetaDataOptionsGateway' => { + 'default' => 0, + 'type' => 'bool' + }, + 'casSrvMetaDataOptionsIcon' => { + 'type' => 'text' + }, + 'casSrvMetaDataOptionsProxiedServices' => { + 'keyMsgFail' => '__badCasProxyId__', + 'keyTest' => qr/^\w/, + 'type' => 'keyTextContainer' + }, + 'casSrvMetaDataOptionsRenew' => { + 'default' => 0, + 'type' => 'bool' + }, + 'casSrvMetaDataOptionsSortNumber' => { + 'type' => 'int' + }, + 'casSrvMetaDataOptionsUrl' => { + 'msgFail' => '__badUrl__', + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, + 'type' => 'text' + }, + 'casStorage' => { + 'type' => 'PerlModule' + }, + 'casStorageOptions' => { + 'type' => 'keyTextContainer' + }, + 'casStrictMatching' => { + 'default' => 0, + 'type' => 'bool' + }, + 'casTicketExpiration' => { + 'default' => 0, + 'type' => 'int' + }, + 'cda' => { + 'default' => 0, + 'type' => 'bool' + }, + 'certificateResetByMailCeaAttribute' => { + 'default' => 'description', + 'type' => 'text' + }, + 'certificateResetByMailCertificateAttribute' => { + 'default' => 'userCertificate;binary', + 'type' => 'text' + }, + 'certificateResetByMailStep1Body' => { + 'type' => 'longtext' + }, + 'certificateResetByMailStep1Subject' => { + 'type' => 'text' + }, + 'certificateResetByMailStep2Body' => { + 'type' => 'longtext' + }, + 'certificateResetByMailStep2Subject' => { + 'type' => 'text' + }, + 'certificateResetByMailURL' => { + 'default' => 'http://auth.example.com/certificateReset', + 'type' => 'url' + }, + 'certificateResetByMailValidityDelay' => { + 'default' => 0, + 'type' => 'int' + }, + 'cfgAuthor' => { + 'type' => 'text' + }, + 'cfgAuthorIP' => { + 'type' => 'text' + }, + 'cfgDate' => { + 'type' => 'int' + }, + 'cfgLog' => { + 'type' => 'longtext' + }, + 'cfgNum' => { + 'default' => 0, + 'type' => 'int' + }, + 'cfgVersion' => { + 'type' => 'text' + }, + 'checkDevOps' => { + 'default' => 0, + 'type' => 'bool' + }, + 'checkDevOpsCheckSessionAttributes' => { + 'default' => 1, + 'type' => 'bool' + }, + 'checkDevOpsDisplayNormalizedHeaders' => { + 'default' => 1, + 'type' => 'bool' + }, + 'checkDevOpsDownload' => { + 'default' => 1, + 'type' => 'bool' + }, + 'checkState' => { + 'default' => 0, + 'type' => 'bool' + }, + 'checkStateSecret' => { + 'type' => 'text' + }, + 'checkTime' => { + 'default' => 600, + 'type' => 'int' + }, + 'checkUser' => { + 'default' => 0, + 'type' => 'bool' + }, + 'checkUserDisplayComputedSession' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'checkUserDisplayEmptyHeaders' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'checkUserDisplayEmptyValues' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'checkUserDisplayHiddenAttributes' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'checkUserDisplayHistory' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'checkUserDisplayNormalizedHeaders' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'checkUserDisplayPersistentInfo' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'checkUserHiddenAttributes' => { + 'default' => '_loginHistory, _session_id, hGroups', + 'type' => 'text' + }, + 'checkUserHiddenHeaders' => { + 'keyMsgFail' => '__badHostname__', + 'keyTest' => qr/^\S+$/, + 'test' => { + 'keyMsgFail' => '__badHeaderName__', + 'keyTest' => qr/^(?=[^\-])[\w\-\s]+(?<=[^-])$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, + 'checkUserIdRule' => { + 'default' => 1, + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'checkUserSearchAttributes' => { + 'type' => 'text' + }, + 'checkUserUnrestrictedUsersRule' => { + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'checkXSS' => { + 'default' => 1, + 'type' => 'bool' + }, + 'combination' => { + 'type' => 'text' + }, + 'combModules' => { + 'keyTest' => qr/^\w+$/, + 'select' => [ + { + 'k' => 'Apache', + 'v' => 'Apache' + }, + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'Facebook', + 'v' => 'Facebook' + }, + { + 'k' => 'GitHub', + 'v' => 'GitHub' + }, + { + 'k' => 'GPG', + 'v' => 'GPG' + }, + { + 'k' => 'Kerberos', + 'v' => 'Kerberos' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'LinkedIn', + 'v' => 'LinkedIn' + }, + { + 'k' => 'PAM', + 'v' => 'PAM' + }, + { + 'k' => 'Radius', + 'v' => 'Radius' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'SSL', + 'v' => 'SSL' + }, + { + 'k' => 'Twitter', + 'v' => 'Twitter' + }, + { + 'k' => 'WebID', + 'v' => 'WebID' + }, + { + 'k' => 'Demo', + 'v' => 'Demonstration' + }, + { + 'k' => 'CAS', + 'v' => 'Central Authentication Service (CAS)' + }, + { + 'k' => 'OpenID', + 'v' => 'OpenID' + }, + { + 'k' => 'OpenIDConnect', + 'v' => 'OpenID Connect' + }, + { + 'k' => 'SAML', + 'v' => 'SAML v2' + }, + { + 'k' => 'Proxy', + 'v' => 'Proxy' + }, + { + 'k' => 'Remote', + 'v' => 'Remote' + }, + { + 'k' => 'Slave', + 'v' => 'Slave' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + 'test' => sub { + 1; + }, + 'type' => 'cmbModuleContainer' + }, + 'compactConf' => { + 'default' => 0, + 'type' => 'bool' + }, + 'configStorage' => { + 'type' => 'text' + }, + 'confirmFormMethod' => { + 'default' => 'post', + 'select' => [ + { + 'k' => 'get', + 'v' => 'GET' + }, + { + 'k' => 'post', + 'v' => 'POST' + } + ], + 'type' => 'select' + }, + 'contextSwitchingAllowed2fModifications' => { + 'default' => 0, + 'type' => 'bool' + }, + 'contextSwitchingIdRule' => { + 'default' => 1, + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'contextSwitchingPrefix' => { + 'default' => 'switching', + 'type' => 'text' + }, + 'contextSwitchingRule' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'contextSwitchingStopWithLogout' => { + 'default' => 1, + 'type' => 'bool' + }, + 'contextSwitchingUnrestrictedUsersRule' => { + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'cookieExpiration' => { + 'type' => 'int' + }, + 'cookieName' => { + 'default' => 'lemonldap', + 'msgFail' => '__badCookieName__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, + 'type' => 'text' + }, + 'corsAllow_Credentials' => { + 'default' => 'true', + 'type' => 'text' + }, + 'corsAllow_Headers' => { + 'default' => '*', + 'type' => 'text' + }, + 'corsAllow_Methods' => { + 'default' => 'POST,GET', + 'type' => 'text' + }, + 'corsAllow_Origin' => { + 'default' => '*', + 'type' => 'text' + }, + 'corsEnabled' => { + 'default' => 1, + 'type' => 'bool' + }, + 'corsExpose_Headers' => { + 'default' => '*', + 'type' => 'text' + }, + 'corsMax_Age' => { + 'default' => '86400', + 'type' => 'text' + }, + 'crowdsec' => { + 'type' => 'bool' + }, + 'crowdsecAction' => { + 'default' => 'reject', + 'select' => [ + { + 'k' => 'reject', + 'v' => 'Reject' + }, + { + 'k' => 'warn', + 'v' => 'Warn' + } + ], + 'type' => 'select' + }, + 'crowdsecKey' => { + 'type' => 'text' + }, + 'crowdsecUrl' => { + 'type' => 'url' + }, + 'cspConnect' => { + 'default' => '\'self\'', + 'type' => 'text' + }, + 'cspDefault' => { + 'default' => '\'self\'', + 'type' => 'text' + }, + 'cspFont' => { + 'default' => '\'self\'', + 'type' => 'text' + }, + 'cspFormAction' => { + 'default' => '*', + 'type' => 'text' + }, + 'cspFrameAncestors' => { + 'default' => '', + 'type' => 'text' + }, + 'cspImg' => { + 'default' => '\'self\' data:', + 'type' => 'text' + }, + 'cspScript' => { + 'default' => '\'self\'', + 'type' => 'text' + }, + 'cspStyle' => { + 'default' => '\'self\'', + 'type' => 'text' + }, + 'customAddParams' => { + 'type' => 'keyTextContainer' + }, + 'customAuth' => { + 'type' => 'text' + }, + 'customFunctions' => { + 'msgFail' => '__badCustomFuncName__', + 'test' => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/, + 'type' => 'text' + }, + 'customPassword' => { + 'type' => 'text' + }, + 'customPlugins' => { + 'type' => 'text' + }, + 'customPluginsParams' => { + 'type' => 'keyTextContainer' + }, + 'customRegister' => { + 'type' => 'text' + }, + 'customResetCertByMail' => { + 'type' => 'text' + }, + 'customToTrace' => { + 'type' => 'lmAttrOrMacro' + }, + 'customUserDB' => { + 'type' => 'text' + }, + 'dbiAuthChain' => { + 'type' => 'text' + }, + 'dbiAuthLoginCol' => { + 'type' => 'text' + }, + 'dbiAuthnLevel' => { + 'default' => 2, + 'type' => 'int' + }, + 'dbiAuthPassword' => { + 'type' => 'password' + }, + 'dbiAuthPasswordCol' => { + 'type' => 'text' + }, + 'dbiAuthPasswordHash' => { + 'type' => 'text' + }, + 'dbiAuthTable' => { + 'type' => 'text' + }, + 'dbiAuthUser' => { + 'type' => 'text' + }, + 'dbiDynamicHashEnabled' => { + 'type' => 'bool' + }, + 'dbiDynamicHashNewPasswordScheme' => { + 'type' => 'text' + }, + 'dbiDynamicHashValidSaltedSchemes' => { + 'type' => 'text' + }, + 'dbiDynamicHashValidSchemes' => { + 'type' => 'text' + }, + 'dbiExportedVars' => { + 'default' => {}, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'dbiPasswordMailCol' => { + 'type' => 'text' + }, + 'dbiUserChain' => { + 'type' => 'text' + }, + 'dbiUserPassword' => { + 'type' => 'password' + }, + 'dbiUserTable' => { + 'type' => 'text' + }, + 'dbiUserUser' => { + 'type' => 'text' + }, + 'decryptValueFunctions' => { + 'msgFail' => '__badCustomFuncName__', + 'test' => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/, + 'type' => 'text' + }, + 'decryptValueRule' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'demoExportedVars' => { + 'default' => { + 'cn' => 'cn', + 'mail' => 'mail', + 'uid' => 'uid' + }, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'disablePersistentStorage' => { + 'default' => 0, + 'type' => 'bool' + }, + 'displaySessionId' => { + 'default' => 1, + 'type' => 'bool' + }, + 'domain' => { + 'default' => 'example.com', + 'msgFail' => '__badDomainName__', + 'test' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, + 'type' => 'text' + }, + 'exportedAttr' => { + 'type' => 'text' + }, + 'exportedHeaders' => { + 'keyMsgFail' => '__badHostname__', + 'keyTest' => qr/^\S+$/, + 'test' => { + 'keyMsgFail' => '__badHeaderName__', + 'keyTest' => qr/^(?=[^\-])[\w\-]+(?<=[^-])$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, + 'exportedVars' => { + 'default' => { + 'UA' => 'HTTP_USER_AGENT' + }, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[_a-zA-Z][a-zA-Z0-9_]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[_a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'ext2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'ext2fAuthnLevel' => { + 'type' => 'int' + }, + 'ext2fCodeActivation' => { + 'default' => '\\d{6}', + 'type' => 'pcre' + }, + 'ext2fLabel' => { + 'type' => 'text' + }, + 'ext2fLogo' => { + 'type' => 'text' + }, + 'ext2FSendCommand' => { + 'type' => 'text' + }, + 'ext2FValidateCommand' => { + 'type' => 'text' + }, + 'facebookAppId' => { + 'type' => 'text' + }, + 'facebookAppSecret' => { + 'type' => 'text' + }, + 'facebookAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'facebookExportedVars' => { + 'default' => {}, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'facebookUserField' => { + 'default' => 'id', + 'type' => 'text' + }, + 'failedLoginNumber' => { + 'default' => 5, + 'type' => 'int' + }, + 'findUser' => { + 'default' => 0, + 'type' => 'bool' + }, + 'findUserControl' => { + 'default' => '^[*\\w]+$', + 'type' => 'pcre' + }, + 'findUserExcludingAttributes' => { + 'keyTest' => qr/^\S+$/, + 'type' => 'keyTextContainer' + }, + 'findUserSearchingAttributes' => { + 'keyTest' => qr/^\S+$/, + 'type' => 'keyTextContainer' + }, + 'findUserWildcard' => { + 'default' => '*', + 'type' => 'text' + }, + 'forceGlobalStorageIssuerOTT' => { + 'type' => 'bool' + }, + 'forceGlobalStorageUpgradeOTT' => { + 'type' => 'bool' + }, + 'formTimeout' => { + 'default' => 120, + 'type' => 'int' + }, + 'githubAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'githubClientID' => { + 'type' => 'text' + }, + 'githubClientSecret' => { + 'type' => 'password' + }, + 'githubScope' => { + 'default' => 'user:email', + 'type' => 'text' + }, + 'githubUserField' => { + 'default' => 'login', + 'type' => 'text' + }, + 'globalLogoutCustomParam' => { + 'type' => 'text' + }, + 'globalLogoutRule' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'globalLogoutTimer' => { + 'default' => 1, + 'type' => 'bool' + }, + 'globalStorage' => { + 'default' => 'Apache::Session::File', + 'type' => 'PerlModule' + }, + 'globalStorageOptions' => { + 'default' => { + 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', + 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' + }, + 'type' => 'keyTextContainer' + }, + 'gpgAuthnLevel' => { + 'default' => 5, + 'type' => 'int' + }, + 'gpgDb' => { + 'default' => '', + 'type' => 'text' + }, + 'grantSessionRules' => { + 'default' => {}, + 'keyTest' => sub { + return perlExpr(@_); + }, + 'test' => sub { + 1; + }, + 'type' => 'grantContainer' + }, + 'groups' => { + 'default' => {}, + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'keyTextContainer' + }, + 'groupsBeforeMacros' => { + 'default' => 0, + 'type' => 'bool' + }, + 'handlerInternalCache' => { + 'default' => 15, + 'type' => 'int' + }, + 'handlerServiceTokenTTL' => { + 'default' => 30, + 'type' => 'int' + }, + 'hiddenAttributes' => { + 'default' => '_password, _2fDevices', + 'type' => 'text' + }, + 'hideOldPassword' => { + 'default' => 0, + 'type' => 'bool' + }, + 'httpOnly' => { + 'default' => 1, + 'type' => 'bool' + }, + 'https' => { + 'default' => -1, + 'type' => 'trool' + }, + 'impersonationHiddenAttributes' => { + 'default' => '_2fDevices, _loginHistory', + 'type' => 'text' + }, + 'impersonationIdRule' => { + 'default' => 1, + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'impersonationMergeSSOgroups' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'impersonationPrefix' => { + 'default' => 'real_', + 'type' => 'text' + }, + 'impersonationRule' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'impersonationSkipEmptyValues' => { + 'default' => 1, + 'type' => 'bool' + }, + 'impersonationUnrestrictedUsersRule' => { + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'infoFormMethod' => { + 'default' => 'get', + 'select' => [ + { + 'k' => 'get', + 'v' => 'GET' + }, + { + 'k' => 'post', + 'v' => 'POST' + } + ], + 'type' => 'select' + }, + 'issuerDBCASActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'issuerDBCASPath' => { + 'default' => '^/cas/', + 'type' => 'pcre' + }, + 'issuerDBCASRule' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'issuerDBGetActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'issuerDBGetParameters' => { + 'default' => {}, + 'keyMsgFail' => '__badHostname__', + 'keyTest' => qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, + 'test' => { + 'keyMsgFail' => '__badKeyName__', + 'keyTest' => qr/^(?=[^\-])[\w\-]+(?<=[^-])$/, + 'test' => sub { + my($val, $conf) = @_; + return 1 if defined $conf->{'macros'}{$val} or $val eq '_timezone'; + foreach $_ (keys %$conf) { + return 1 if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val}; + } + return 1, "__unknownAttrOrMacro__: $val"; + } + }, + 'type' => 'doubleHash' + }, + 'issuerDBGetPath' => { + 'default' => '^/get/', + 'type' => 'text' + }, + 'issuerDBGetRule' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'issuerDBOpenIDActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'issuerDBOpenIDConnectActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'issuerDBOpenIDConnectPath' => { + 'default' => '^/oauth2/', + 'type' => 'text' + }, + 'issuerDBOpenIDConnectRule' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'issuerDBOpenIDPath' => { + 'default' => '^/openidserver/', + 'type' => 'pcre' + }, + 'issuerDBOpenIDRule' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'issuerDBSAMLActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'issuerDBSAMLPath' => { + 'default' => '^/saml/', + 'type' => 'pcre' + }, + 'issuerDBSAMLRule' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'issuersTimeout' => { + 'default' => 120, + 'type' => 'int' + }, + 'jsRedirect' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'key' => { + 'type' => 'password' + }, + 'krbAllowedDomains' => { + 'type' => 'text' + }, + 'krbAuthnLevel' => { + 'default' => 3, + 'type' => 'int' + }, + 'krbByJs' => { + 'default' => 0, + 'type' => 'bool' + }, + 'krbKeytab' => { + 'type' => 'text' + }, + 'krbRemoveDomain' => { + 'default' => 1, + 'type' => 'bool' + }, + 'ldapAllowResetExpiredPassword' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapAuthnLevel' => { + 'default' => 2, + 'type' => 'int' + }, + 'ldapBase' => { + 'default' => 'dc=example,dc=com', + 'msgFail' => '__badValue__', + 'test' => qr/^(?:\w+=.*|)$/, + 'type' => 'text' + }, + 'ldapCAFile' => { + 'type' => 'text' + }, + 'ldapCAPath' => { + 'type' => 'text' + }, + 'ldapChangePasswordAsUser' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapExportedVars' => { + 'default' => { + 'cn' => 'cn', + 'mail' => 'mail', + 'uid' => 'uid' + }, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'LDAPFilter' => { + 'type' => 'text' + }, + 'ldapGetUserBeforePasswordChange' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapGroupAttributeName' => { + 'default' => 'member', + 'type' => 'text' + }, + 'ldapGroupAttributeNameGroup' => { + 'default' => 'dn', + 'type' => 'text' + }, + 'ldapGroupAttributeNameSearch' => { + 'default' => 'cn', + 'type' => 'text' + }, + 'ldapGroupAttributeNameUser' => { + 'default' => 'dn', + 'type' => 'text' + }, + 'ldapGroupBase' => { + 'type' => 'text' + }, + 'ldapGroupDecodeSearchedValue' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapGroupObjectClass' => { + 'default' => 'groupOfNames', + 'type' => 'text' + }, + 'ldapGroupRecursive' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapIOTimeout' => { + 'default' => 10, + 'type' => 'int' + }, + 'ldapITDS' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapPasswordResetAttribute' => { + 'default' => 'pwdReset', + 'type' => 'text' + }, + 'ldapPasswordResetAttributeValue' => { + 'default' => 'TRUE', + 'type' => 'text' + }, + 'ldapPort' => { + 'type' => 'int' + }, + 'ldapPpolicyControl' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapPwdEnc' => { + 'default' => 'utf-8', + 'msgFail' => '__badEncoding__', + 'test' => qr/^[a-zA-Z0-9_][a-zA-Z0-9_\-]*[a-zA-Z0-9_]$/, + 'type' => 'text' + }, + 'ldapRaw' => { + 'type' => 'text' + }, + 'ldapSearchDeref' => { + 'default' => 'find', + 'select' => [ + { + 'k' => 'never', + 'v' => 'never' + }, + { + 'k' => 'search', + 'v' => 'search' + }, + { + 'k' => 'find', + 'v' => 'find' + }, + { + 'k' => 'always', + 'v' => 'always' + } + ], + 'type' => 'select' + }, + 'ldapServer' => { + 'default' => 'ldap://localhost', + 'test' => sub { + my $l = shift(); + my @s = split(/[\s,]+/, $l, 0); + foreach my $s (@s) { + return 0, qq[__badLdapUri__: "$s"] unless $s =~ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?::\d{1,5})?/?.*)$]o; + } + return 1; + }, + 'type' => 'text' + }, + 'ldapSetPassword' => { + 'default' => 0, + 'type' => 'bool' + }, + 'ldapTimeout' => { + 'default' => 10, + 'type' => 'int' + }, + 'ldapUsePasswordResetAttribute' => { + 'default' => 1, + 'type' => 'bool' + }, + 'ldapVerify' => { + 'default' => 'require', + 'select' => [ + { + 'k' => 'none', + 'v' => 'None' + }, + { + 'k' => 'optional', + 'v' => 'Optional' + }, + { + 'k' => 'require', + 'v' => 'Require' + } + ], + 'type' => 'select' + }, + 'ldapVersion' => { + 'default' => 3, + 'type' => 'int' + }, + 'linkedInAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'linkedInClientID' => { + 'type' => 'text' + }, + 'linkedInClientSecret' => { + 'type' => 'password' + }, + 'linkedInFields' => { + 'default' => 'id,first-name,last-name,email-address', + 'type' => 'text' + }, + 'linkedInScope' => { + 'default' => 'r_liteprofile r_emailaddress', + 'type' => 'text' + }, + 'linkedInUserField' => { + 'default' => 'emailAddress', + 'type' => 'text' + }, + 'localSessionStorage' => { + 'default' => 'Cache::FileCache', + 'type' => 'PerlModule' + }, + 'localSessionStorageOptions' => { + 'default' => { + 'cache_depth' => 3, + 'cache_root' => '/var/cache/lemonldap-ng', + 'default_expires_in' => 600, + 'directory_umask' => '007', + 'namespace' => 'lemonldap-ng-sessions' + }, + 'type' => 'keyTextContainer' + }, + 'localStorage' => { + 'type' => 'text' + }, + 'localStorageOptions' => { + 'type' => 'keyTextContainer' + }, + 'locationRules' => { + 'default' => { + 'default' => 'deny' + }, + 'keyMsgFail' => '__badHostname__', + 'keyTest' => qr/^\S+$/, + 'test' => { + 'keyMsgFail' => '__badRegexp__', + 'keyTest' => sub { + eval { + do { + qr/$_[0]/ + } + }; + return $@ ? 0 : 1; + }, + 'msgFail' => '__badExpression__', + 'test' => sub { + my($val, $conf) = @_; + my $s = $val; + if ($s =~ s/^logout(?:_(?:sso|app(?:_sso)?))?\s*//) { + return $s =~ m[^(?:https?://.*)?$] ? 1 : (0, '__badUrl__'); + } + $s =~ s/\b(accept|deny|unprotect|skip)\b/1/g; + return &perlExpr($s, $conf); + } + }, + 'type' => 'ruleContainer' + }, + 'log4perlConfFile' => { + 'type' => 'text' + }, + 'logger' => { + 'type' => 'text' + }, + 'loginHistoryEnabled' => { + 'default' => 0, + 'type' => 'bool' + }, + 'logLevel' => { + 'type' => 'text' + }, + 'logoutServices' => { + 'default' => {}, + 'type' => 'keyTextContainer' + }, + 'lwpOpts' => { + 'type' => 'keyTextContainer' + }, + 'lwpSslOpts' => { + 'type' => 'keyTextContainer' + }, + 'macros' => { + 'default' => {}, + 'keyMsgFail' => '__badMacroName__', + 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'keyTextContainer' + }, + 'mail2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'mail2fAuthnLevel' => { + 'type' => 'int' + }, + 'mail2fBody' => { + 'type' => 'longtext' + }, + 'mail2fCodeRegex' => { + 'default' => '\\d{6}', + 'type' => 'pcre' + }, + 'mail2fLabel' => { + 'type' => 'text' + }, + 'mail2fLogo' => { + 'type' => 'text' + }, + 'mail2fSessionKey' => { + 'type' => 'text' + }, + 'mail2fSubject' => { + 'type' => 'text' + }, + 'mail2fTimeout' => { + 'type' => 'int' + }, + 'mailBody' => { + 'type' => 'longtext' + }, + 'mailCharset' => { + 'default' => 'utf-8', + 'type' => 'text' + }, + 'mailConfirmBody' => { + 'type' => 'longtext' + }, + 'mailConfirmSubject' => { + 'type' => 'text' + }, + 'mailFrom' => { + 'default' => 'noreply@example.com', + 'type' => 'text' + }, + 'mailLDAPFilter' => { + 'type' => 'text' + }, + 'mailOnPasswordChange' => { + 'default' => 0, + 'type' => 'bool' + }, + 'mailReplyTo' => { + 'type' => 'text' + }, + 'mailSessionKey' => { + 'default' => 'mail', + 'type' => 'text' + }, + 'mailSubject' => { + 'type' => 'text' + }, + 'mailTimeout' => { + 'default' => 0, + 'type' => 'int' + }, + 'mailUrl' => { + 'default' => 'http://auth.example.com/resetpwd', + 'type' => 'url' + }, + 'maintenance' => { + 'default' => 0, + 'type' => 'bool' + }, + 'managerDn' => { + 'default' => '', + 'msgFail' => '__badValue__', + 'test' => qr/^.*$/, + 'type' => 'text' + }, + 'managerPassword' => { + 'default' => '', + 'msgFail' => '__badValue__', + 'test' => qr/^\S*$/, + 'type' => 'password' + }, + 'max2FDevices' => { + 'default' => 10, + 'type' => 'int' + }, + 'max2FDevicesNameLength' => { + 'default' => 20, + 'type' => 'int' + }, + 'multiValuesSeparator' => { + 'default' => '; ', + 'type' => 'authParamsText' + }, + 'mySessionAuthorizedRWKeys' => { + 'default' => [ + '_appsListOrder', + '_oidcConnectedRP', + '_oidcConsents' + ], + 'type' => 'array' + }, + 'newLocationWarning' => { + 'default' => 0, + 'type' => 'bool' + }, + 'newLocationWarningLocationAttribute' => { + 'default' => 'ipAddr', + 'type' => 'text' + }, + 'newLocationWarningLocationDisplayAttribute' => { + 'default' => '', + 'type' => 'text' + }, + 'newLocationWarningMailAttribute' => { + 'type' => 'text' + }, + 'newLocationWarningMailBody' => { + 'type' => 'longtext' + }, + 'newLocationWarningMailSubject' => { + 'type' => 'text' + }, + 'newLocationWarningMaxValues' => { + 'default' => '0', + 'type' => 'int' + }, + 'nginxCustomHandlers' => { + 'keyTest' => qr/^\w+$/, + 'msgFail' => '__badPerlPackageName__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/, + 'type' => 'keyTextContainer' + }, + 'noAjaxHook' => { + 'default' => 0, + 'type' => 'bool' + }, + 'notification' => { + 'default' => 0, + 'type' => 'bool' + }, + 'notificationDefaultCond' => { + 'default' => '', + 'type' => 'text' + }, + 'notificationServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'notificationServerDELETE' => { + 'default' => 0, + 'type' => 'bool' + }, + 'notificationServerGET' => { + 'default' => 0, + 'type' => 'bool' + }, + 'notificationServerPOST' => { + 'default' => 1, + 'type' => 'bool' + }, + 'notificationServerSentAttributes' => { + 'default' => 'uid reference date title subtitle text check', + 'type' => 'text' + }, + 'notificationsExplorer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'notificationsMaxRetrieve' => { + 'default' => 3, + 'type' => 'int' + }, + 'notificationStorage' => { + 'default' => 'File', + 'type' => 'PerlModule' + }, + 'notificationStorageOptions' => { + 'default' => { + 'dirName' => '/var/lib/lemonldap-ng/notifications' + }, + 'type' => 'keyTextContainer' + }, + 'notificationWildcard' => { + 'default' => 'allusers', + 'type' => 'text' + }, + 'notificationXSLTfile' => { + 'type' => 'text' + }, + 'notifyDeleted' => { + 'default' => 1, + 'type' => 'bool' + }, + 'notifyOther' => { + 'default' => 0, + 'type' => 'bool' + }, + 'nullAuthnLevel' => { + 'default' => 0, + 'type' => 'int' + }, + 'oidcAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'oidcOPMetaDataExportedVars' => { + 'default' => { + 'cn' => 'name', + 'mail' => 'email', + 'sn' => 'family_name', + 'uid' => 'sub' + }, + 'type' => 'keyTextContainer' + }, + 'oidcOPMetaDataJSON' => { + 'keyTest' => sub { + 1; + }, + 'type' => 'file' + }, + 'oidcOPMetaDataJWKS' => { + 'keyTest' => sub { + 1; + }, + 'type' => 'file' + }, + 'oidcOPMetaDataNodes' => { + 'type' => 'oidcOPMetaDataNodeContainer' + }, + 'oidcOPMetaDataOptions' => { + 'type' => 'subContainer' + }, + 'oidcOPMetaDataOptionsAcrValues' => { + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsCheckJWTSignature' => { + 'default' => 1, + 'type' => 'bool' + }, + 'oidcOPMetaDataOptionsClientID' => { + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsClientSecret' => { + 'type' => 'password' + }, + 'oidcOPMetaDataOptionsConfigurationURI' => { + 'type' => 'url' + }, + 'oidcOPMetaDataOptionsDisplay' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'page', + 'v' => 'page' + }, + { + 'k' => 'popup', + 'v' => 'popup' + }, + { + 'k' => 'touch', + 'v' => 'touch' + }, + { + 'k' => 'wap', + 'v' => 'wap' + } + ], + 'type' => 'select' + }, + 'oidcOPMetaDataOptionsDisplayName' => { + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsIcon' => { + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsIDTokenMaxAge' => { + 'default' => 30, + 'type' => 'int' + }, + 'oidcOPMetaDataOptionsJWKSTimeout' => { + 'default' => 0, + 'type' => 'int' + }, + 'oidcOPMetaDataOptionsMaxAge' => { + 'default' => 0, + 'type' => 'int' + }, + 'oidcOPMetaDataOptionsPrompt' => { + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsScope' => { + 'default' => 'openid profile', + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsSortNumber' => { + 'type' => 'int' + }, + 'oidcOPMetaDataOptionsStoreIDToken' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcOPMetaDataOptionsTokenEndpointAuthMethod' => { + 'default' => 'client_secret_post', + 'select' => [ + { + 'k' => 'client_secret_post', + 'v' => 'client_secret_post' + }, + { + 'k' => 'client_secret_basic', + 'v' => 'client_secret_basic' + } + ], + 'type' => 'select' + }, + 'oidcOPMetaDataOptionsUiLocales' => { + 'type' => 'text' + }, + 'oidcOPMetaDataOptionsUseNonce' => { + 'default' => 1, + 'type' => 'bool' + }, + 'oidcRPCallbackGetParam' => { + 'default' => 'openidconnectcallback', + 'type' => 'text' + }, + 'oidcRPMetaDataExportedVars' => { + 'default' => { + 'email' => 'mail', + 'family_name' => 'sn', + 'name' => 'cn' + }, + 'keyTest' => qr/\w/, + 'test' => qr/\w/, + 'type' => 'oidcAttributeContainer' + }, + 'oidcRPMetaDataMacros' => { + 'default' => {}, + 'test' => { + 'keyMsgFail' => '__badMacroName__', + 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, + 'oidcRPMetaDataNodes' => { + 'type' => 'oidcRPMetaDataNodeContainer' + }, + 'oidcRPMetaDataOptions' => { + 'type' => 'subContainer' + }, + 'oidcRPMetaDataOptionsAccessTokenClaims' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsAccessTokenExpiration' => { + 'type' => 'int' + }, + 'oidcRPMetaDataOptionsAccessTokenJWT' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsAccessTokenSignAlg' => { + 'default' => 'RS256', + 'select' => [ + { + 'k' => 'RS256', + 'v' => 'RS256' + }, + { + 'k' => 'RS384', + 'v' => 'RS384' + }, + { + 'k' => 'RS512', + 'v' => 'RS512' + } + ], + 'type' => 'select' + }, + 'oidcRPMetaDataOptionsAdditionalAudiences' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsAllowClientCredentialsGrant' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsAllowOffline' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsAllowPasswordGrant' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsAuthnLevel' => { + 'type' => 'int' + }, + 'oidcRPMetaDataOptionsAuthorizationCodeExpiration' => { + 'type' => 'int' + }, + 'oidcRPMetaDataOptionsBypassConsent' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsClientID' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsClientSecret' => { + 'type' => 'password' + }, + 'oidcRPMetaDataOptionsDisplayName' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsExtraClaims' => { + 'default' => {}, + 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, + 'type' => 'keyTextContainer' + }, + 'oidcRPMetaDataOptionsIcon' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsIDTokenExpiration' => { + 'type' => 'int' + }, + 'oidcRPMetaDataOptionsIDTokenForceClaims' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsIDTokenSignAlg' => { + 'default' => 'HS512', + 'select' => [ + { + 'k' => 'none', + 'v' => 'None' + }, + { + 'k' => 'HS256', + 'v' => 'HS256' + }, + { + 'k' => 'HS384', + 'v' => 'HS384' + }, + { + 'k' => 'HS512', + 'v' => 'HS512' + }, + { + 'k' => 'RS256', + 'v' => 'RS256' + }, + { + 'k' => 'RS384', + 'v' => 'RS384' + }, + { + 'k' => 'RS512', + 'v' => 'RS512' + } + ], + 'type' => 'select' + }, + 'oidcRPMetaDataOptionsLogoutSessionRequired' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsLogoutType' => { + 'default' => 'front', + 'select' => [ + { + 'k' => 'front', + 'v' => 'Front Channel' + } + ], + 'type' => 'select' + }, + 'oidcRPMetaDataOptionsLogoutUrl' => { + 'type' => 'url' + }, + 'oidcRPMetaDataOptionsOfflineSessionExpiration' => { + 'type' => 'int' + }, + 'oidcRPMetaDataOptionsPostLogoutRedirectUris' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsPublic' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsRedirectUris' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsRefreshToken' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsRequirePKCE' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcRPMetaDataOptionsRule' => { + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsUserIDAttr' => { + 'type' => 'text' + }, + 'oidcRPMetaDataOptionsUserInfoSignAlg' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => 'JSON' + }, + { + 'k' => 'none', + 'v' => 'JWT/None' + }, + { + 'k' => 'HS256', + 'v' => 'JWT/HS256' + }, + { + 'k' => 'HS384', + 'v' => 'JWT/HS384' + }, + { + 'k' => 'HS512', + 'v' => 'JWT/HS512' + }, + { + 'k' => 'RS256', + 'v' => 'JWT/RS256' + }, + { + 'k' => 'RS384', + 'v' => 'JWT/RS384' + }, + { + 'k' => 'RS512', + 'v' => 'JWT/RS512' + } + ], + 'type' => 'select' + }, + 'oidcRPMetaDataScopeRules' => { + 'default' => {}, + 'test' => { + 'keyMsgFail' => '__badMacroName__', + 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, + 'oidcRPStateTimeout' => { + 'default' => 600, + 'type' => 'int' + }, + 'oidcServiceAccessTokenExpiration' => { + 'default' => 3600, + 'type' => 'int' + }, + 'oidcServiceAllowAuthorizationCodeFlow' => { + 'default' => 1, + 'type' => 'bool' + }, + 'oidcServiceAllowDynamicRegistration' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcServiceAllowHybridFlow' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcServiceAllowImplicitFlow' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcServiceAllowOnlyDeclaredScopes' => { + 'default' => 0, + 'type' => 'bool' + }, + 'oidcServiceAuthorizationCodeExpiration' => { + 'default' => 60, + 'type' => 'int' + }, + 'oidcServiceDynamicRegistrationExportedVars' => { + 'type' => 'keyTextContainer' + }, + 'oidcServiceDynamicRegistrationExtraClaims' => { + 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, + 'type' => 'keyTextContainer' + }, + 'oidcServiceIDTokenExpiration' => { + 'default' => 3600, + 'type' => 'int' + }, + 'oidcServiceKeyIdSig' => { + 'type' => 'text' + }, + 'oidcServiceMetaDataAuthnContext' => { + 'default' => { + 'loa-1' => 1, + 'loa-2' => 2, + 'loa-3' => 3, + 'loa-4' => 4, + 'loa-5' => 5 + }, + 'keyTest' => qr/\w/, + 'type' => 'keyTextContainer' + }, + 'oidcServiceMetaDataAuthorizeURI' => { + 'default' => 'authorize', + 'type' => 'text' + }, + 'oidcServiceMetaDataBackChannelURI' => { + 'default' => 'blogout', + 'type' => 'text' + }, + 'oidcServiceMetaDataCheckSessionURI' => { + 'default' => 'checksession.html', + 'type' => 'text' + }, + 'oidcServiceMetaDataEndSessionURI' => { + 'default' => 'logout', + 'type' => 'text' + }, + 'oidcServiceMetaDataFrontChannelURI' => { + 'default' => 'flogout', + 'type' => 'text' + }, + 'oidcServiceMetaDataIntrospectionURI' => { + 'default' => 'introspect', + 'type' => 'text' + }, + 'oidcServiceMetaDataIssuer' => { + 'type' => 'text' + }, + 'oidcServiceMetaDataJWKSURI' => { + 'default' => 'jwks', + 'type' => 'text' + }, + 'oidcServiceMetaDataRegistrationURI' => { + 'default' => 'register', + 'type' => 'text' + }, + 'oidcServiceMetaDataTokenURI' => { + 'default' => 'token', + 'type' => 'text' + }, + 'oidcServiceMetaDataUserInfoURI' => { + 'default' => 'userinfo', + 'type' => 'text' + }, + 'oidcServiceOfflineSessionExpiration' => { + 'default' => 2592000, + 'type' => 'int' + }, + 'oidcServicePrivateKeySig' => { + 'type' => 'RSAPrivateKey' + }, + 'oidcServicePublicKeySig' => { + 'type' => 'RSAPublicKey' + }, + 'oidcStorage' => { + 'type' => 'PerlModule' + }, + 'oidcStorageOptions' => { + 'type' => 'keyTextContainer' + }, + 'oldNotifFormat' => { + 'default' => 0, + 'type' => 'bool' + }, + 'openIdAttr' => { + 'type' => 'text' + }, + 'openIdAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'openIdExportedVars' => { + 'default' => {}, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'openIdIDPList' => { + 'default' => '0;', + 'type' => 'blackWhiteList' + }, + 'openIdIssuerSecret' => { + 'type' => 'text' + }, + 'openIdSecret' => { + 'type' => 'text' + }, + 'openIdSPList' => { + 'default' => '0;', + 'type' => 'blackWhiteList' + }, + 'openIdSreg_country' => { + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_dob' => { + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_email' => { + 'default' => 'mail', + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_fullname' => { + 'default' => 'cn', + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_gender' => { + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_language' => { + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_nickname' => { + 'default' => 'uid', + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_postcode' => { + 'type' => 'lmAttrOrMacro' + }, + 'openIdSreg_timezone' => { + 'default' => '_timezone', + 'type' => 'lmAttrOrMacro' + }, + 'pamAuthnLevel' => { + 'default' => 2, + 'type' => 'int' + }, + 'pamService' => { + 'default' => 'login', + 'type' => 'text' + }, + 'passwordDB' => { + 'default' => 'Demo', + 'select' => [ + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'Choice', + 'v' => 'authChoice' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'Demo', + 'v' => 'Demonstration' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'Combination', + 'v' => 'combineMods' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + 'type' => 'select' + }, + 'passwordPolicyActivation' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'passwordPolicyMinDigit' => { + 'default' => 0, + 'type' => 'int' + }, + 'passwordPolicyMinLower' => { + 'default' => 0, + 'type' => 'int' + }, + 'passwordPolicyMinSize' => { + 'default' => 0, + 'type' => 'int' + }, + 'passwordPolicyMinSpeChar' => { + 'default' => 0, + 'type' => 'int' + }, + 'passwordPolicyMinUpper' => { + 'default' => 0, + 'type' => 'int' + }, + 'passwordPolicySpecialChar' => { + 'default' => '__ALL__', + 'test' => qr/^(?:__ALL__|[\S\W]*)$/, + 'type' => 'text' + }, + 'passwordResetAllowedRetries' => { + 'default' => 3, + 'type' => 'int' + }, + 'pdataDomain' => { + 'default' => '', + 'msgFail' => '__badDomainName__', + 'test' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, + 'type' => 'text' + }, + 'persistentSessionAttributes' => { + 'default' => '_loginHistory _2fDevices notification_', + 'type' => 'text' + }, + 'persistentStorage' => { + 'type' => 'PerlModule' + }, + 'persistentStorageOptions' => { + 'type' => 'keyTextContainer' + }, + 'port' => { + 'default' => -1, + 'type' => 'int' }, - { - 'k' => 'AD', - 'v' => 'Active Directory' + 'portal' => { + 'default' => 'http://auth.example.com/', + 'msgFail' => '__badUrl__', + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, + 'type' => 'url' + }, + 'portalAntiFrame' => { + 'default' => 1, + 'type' => 'bool' + }, + 'portalCheckLogins' => { + 'default' => 1, + 'type' => 'bool' + }, + 'portalCustomCss' => { + 'type' => 'text' + }, + 'portalDisplayAppslist' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'portalDisplayCertificateResetByMail' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalDisplayChangePassword' => { + 'default' => '$_auth =~ /^(LDAP|DBI|Demo)$/', + 'type' => 'boolOrExpr' + }, + 'portalDisplayGeneratePassword' => { + 'default' => 1, + 'type' => 'bool' + }, + 'portalDisplayLoginHistory' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'portalDisplayLogout' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'portalDisplayOidcConsents' => { + 'default' => '$_oidcConsents && $_oidcConsents =~ /\\w+/', + 'type' => 'boolOrExpr' + }, + 'portalDisplayPasswordPolicy' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalDisplayRefreshMyRights' => { + 'default' => 1, + 'type' => 'bool' + }, + 'portalDisplayRegister' => { + 'default' => 1, + 'type' => 'bool' + }, + 'portalDisplayResetPassword' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalEnablePasswordDisplay' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalErrorOnExpiredSession' => { + 'default' => 1, + 'type' => 'bool' + }, + 'portalErrorOnMailNotFound' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalForceAuthn' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalForceAuthnInterval' => { + 'default' => 5, + 'type' => 'int' + }, + 'portalMainLogo' => { + 'default' => 'common/logos/logo_llng_400px.png', + 'type' => 'text' + }, + 'portalOpenLinkInNewWindow' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalPingInterval' => { + 'default' => 60000, + 'type' => 'int' + }, + 'portalRequireOldPassword' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'portalSkin' => { + 'default' => 'bootstrap', + 'select' => [ + { + 'k' => 'bootstrap', + 'v' => 'Bootstrap' + } + ], + 'type' => 'portalskin' + }, + 'portalSkinBackground' => { + 'select' => [ + { + 'k' => '', + 'v' => 'None' + }, + { + 'k' => '1280px-Anse_Source_d\'Argent_2-La_Digue.jpg', + 'v' => 'Anse' + }, + { + 'k' => '1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg', + 'v' => 'Waterfall' + }, + { + 'k' => '1280px-BrockenSnowedTrees.jpg', + 'v' => 'Snowed Trees' + }, + { + 'k' => '1280px-Cedar_Breaks_National_Monument_partially.jpg', + 'v' => 'National Monument' + }, + { + 'k' => '1280px-Parry_Peak_from_Winter_Park.jpg', + 'v' => 'Winter' + }, + { + 'k' => 'Aletschgletscher_mit_Pinus_cembra1.jpg', + 'v' => 'Pinus' + } + ], + 'type' => 'portalskinbackground' + }, + 'portalSkinRules' => { + 'keyMsgFail' => '__badSkinRule__', + 'keyTest' => sub { + return perlExpr(@_); + }, + 'msgFail' => '__badValue__', + 'test' => qr/^\w+$/, + 'type' => 'keyTextContainer' + }, + 'portalStatus' => { + 'default' => 0, + 'type' => 'bool' + }, + 'portalUserAttr' => { + 'default' => '_user', + 'type' => 'text' + }, + 'post' => { + 'keyMsgFail' => '__badHostname__', + 'keyTest' => qr/^\S+$/, + 'test' => sub { + 1; + }, + 'type' => 'postContainer' }, - { - 'k' => 'CAS', - 'v' => 'Central Authentication Service (CAS)' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'Demo', - 'v' => 'Demo' - }, - { - 'k' => 'Facebook', - 'v' => 'Facebook' - }, - { - 'k' => 'GitHub', - 'v' => 'GitHub' - }, - { - 'k' => 'GPG', - 'v' => 'GPG' - }, - { - 'k' => 'Kerberos', - 'v' => 'Kerberos' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'LinkedIn', - 'v' => 'LinkedIn' - }, - { - 'k' => 'PAM', - 'v' => 'PAM' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'OpenID', - 'v' => 'OpenID' - }, - { - 'k' => 'OpenIDConnect', - 'v' => 'OpenID Connect' - }, - { - 'k' => 'Proxy', - 'v' => 'Proxy' - }, - { - 'k' => 'Radius', - 'v' => 'Radius' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'Remote', - 'v' => 'Remote' - }, - { - 'k' => 'SAML', - 'v' => 'SAML v2' - }, - { - 'k' => 'Slave', - 'v' => 'Slave' - }, - { - 'k' => 'SSL', - 'v' => 'SSL' - }, - { - 'k' => 'Twitter', - 'v' => 'Twitter' - }, - { - 'k' => 'WebID', - 'v' => 'WebID' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - [ { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'CAS', - 'v' => 'Central Authentication Service (CAS)' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'Demo', - 'v' => 'Demo' - }, - { - 'k' => 'Facebook', - 'v' => 'Facebook' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'OpenID', - 'v' => 'OpenID' - }, - { - 'k' => 'OpenIDConnect', - 'v' => 'OpenID Connect' - }, - { - 'k' => 'Proxy', - 'v' => 'Proxy' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'Remote', - 'v' => 'Remote' - }, - { - 'k' => 'SAML', - 'v' => 'SAML v2' - }, - { - 'k' => 'Slave', - 'v' => 'Slave' - }, - { - 'k' => 'WebID', - 'v' => 'WebID' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - [ { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'Demo', - 'v' => 'Demo' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ] - ], - 'test' => sub { - 1; - }, - 'type' => 'authChoiceContainer' - }, - 'authChoiceParam' => { - 'default' => 'lmAuth', - 'type' => 'text' - }, - 'authentication' => { - 'default' => 'Demo', - 'select' => [ { - 'k' => 'Apache', - 'v' => 'Apache' - }, - { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'Facebook', - 'v' => 'Facebook' - }, - { - 'k' => 'GitHub', - 'v' => 'GitHub' - }, - { - 'k' => 'GPG', - 'v' => 'GPG' - }, - { - 'k' => 'Kerberos', - 'v' => 'Kerberos' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'LinkedIn', - 'v' => 'LinkedIn' - }, - { - 'k' => 'PAM', - 'v' => 'PAM' - }, - { - 'k' => 'Radius', - 'v' => 'Radius' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'SSL', - 'v' => 'SSL' - }, - { - 'k' => 'Twitter', - 'v' => 'Twitter' - }, - { - 'k' => 'WebID', - 'v' => 'WebID' - }, - { - 'k' => 'Demo', - 'v' => 'Demonstration' - }, - { - 'k' => 'Choice', - 'v' => 'authChoice' - }, - { - 'k' => 'Combination', - 'v' => 'combineMods' - }, - { - 'k' => 'CAS', - 'v' => 'Central Authentication Service (CAS)' - }, - { - 'k' => 'OpenID', - 'v' => 'OpenID' - }, - { - 'k' => 'OpenIDConnect', - 'v' => 'OpenID Connect' - }, - { - 'k' => 'SAML', - 'v' => 'SAML v2' - }, - { - 'k' => 'Proxy', - 'v' => 'Proxy' - }, - { - 'k' => 'Remote', - 'v' => 'Remote' - }, - { - 'k' => 'Slave', - 'v' => 'Slave' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - 'type' => 'select' - }, - 'AuthLDAPFilter' => { - 'type' => 'text' - }, - 'autoSigninRules' => { - 'type' => 'keyTextContainer' - }, - 'available2F' => { - 'default' => - 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', - 'type' => 'text' - }, - 'available2FSelfRegistration' => { - 'default' => 'TOTP,U2F,WebAuthn,Yubikey', - 'type' => 'text' - }, - 'avoidAssignment' => { - 'default' => 0, - 'type' => 'bool' - }, - 'browsersDontStorePassword' => { - 'default' => 0, - 'type' => 'bool' - }, - 'bruteForceProtection' => { - 'default' => 0, - 'type' => 'bool' - }, - 'bruteForceProtectionIncrementalTempo' => { - 'default' => 0, - 'type' => 'bool' - }, - 'bruteForceProtectionLockTimes' => { - 'default' => '15, 30, 60, 300, 600', - 'type' => 'text' - }, - 'bruteForceProtectionMaxAge' => { - 'default' => 300, - 'type' => 'int' - }, - 'bruteForceProtectionMaxFailed' => { - 'default' => 3, - 'type' => 'int' - }, - 'bruteForceProtectionMaxLockTime' => { - 'default' => 900, - 'type' => 'int' - }, - 'bruteForceProtectionTempo' => { - 'default' => 30, - 'type' => 'int' - }, - 'captcha_login_enabled' => { - 'default' => 0, - 'type' => 'bool' - }, - 'captcha_mail_enabled' => { - 'default' => 1, - 'type' => 'bool' - }, - 'captcha_register_enabled' => { - 'default' => 1, - 'type' => 'bool' - }, - 'captcha_size' => { - 'default' => 6, - 'type' => 'int' - }, - 'casAccessControlPolicy' => { - 'default' => 'none', - 'select' => [ { - 'k' => 'none', - 'v' => 'None' - }, - { - 'k' => 'error', - 'v' => 'Display error on portal' - }, - { - 'k' => 'faketicket', - 'v' => 'Send a fake service ticket' - } - ], - 'type' => 'select' - }, - 'casAppMetaDataExportedVars' => { - 'default' => { - 'cn' => 'cn', - 'mail' => 'mail', - 'uid' => 'uid' - }, - 'type' => 'keyTextContainer' - }, - 'casAppMetaDataMacros' => { - 'default' => {}, - 'test' => { - 'keyMsgFail' => '__badMacroName__', - 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, - 'test' => sub { - return perlExpr(@_); - } - }, - 'type' => 'keyTextContainer' - }, - 'casAppMetaDataNodes' => { - 'type' => 'casAppMetaDataNodeContainer' - }, - 'casAppMetaDataOptions' => { - 'type' => 'subContainer' - }, - 'casAppMetaDataOptionsAuthnLevel' => { - 'type' => 'int' - }, - 'casAppMetaDataOptionsRule' => { - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'casAppMetaDataOptionsService' => { - 'type' => 'text' - }, - 'casAppMetaDataOptionsUserAttribute' => { - 'type' => 'text' - }, - 'casAttr' => { - 'type' => 'text' - }, - 'casAttributes' => { - 'type' => 'keyTextContainer' - }, - 'casAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'casSrvMetaDataExportedVars' => { - 'default' => { - 'cn' => 'cn', - 'mail' => 'mail', - 'uid' => 'uid' - }, - 'type' => 'keyTextContainer' - }, - 'casSrvMetaDataNodes' => { - 'type' => 'casSrvMetaDataNodeContainer' - }, - 'casSrvMetaDataOptions' => { - 'type' => 'subContainer' - }, - 'casSrvMetaDataOptionsDisplayName' => { - 'type' => 'text' - }, - 'casSrvMetaDataOptionsGateway' => { - 'default' => 0, - 'type' => 'bool' - }, - 'casSrvMetaDataOptionsIcon' => { - 'type' => 'text' - }, - 'casSrvMetaDataOptionsProxiedServices' => { - 'keyMsgFail' => '__badCasProxyId__', - 'keyTest' => qr/^\w/, - 'type' => 'keyTextContainer' - }, - 'casSrvMetaDataOptionsRenew' => { - 'default' => 0, - 'type' => 'bool' - }, - 'casSrvMetaDataOptionsSortNumber' => { - 'type' => 'int' - }, - 'casSrvMetaDataOptionsUrl' => { - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, - 'type' => 'text' - }, - 'casStorage' => { - 'type' => 'PerlModule' - }, - 'casStorageOptions' => { - 'type' => 'keyTextContainer' - }, - 'casStrictMatching' => { - 'default' => 0, - 'type' => 'bool' - }, - 'casTicketExpiration' => { - 'default' => 0, - 'type' => 'int' - }, - 'cda' => { - 'default' => 0, - 'type' => 'bool' - }, - 'certificateResetByMailCeaAttribute' => { - 'default' => 'description', - 'type' => 'text' - }, - 'certificateResetByMailCertificateAttribute' => { - 'default' => 'userCertificate;binary', - 'type' => 'text' - }, - 'certificateResetByMailStep1Body' => { - 'type' => 'longtext' - }, - 'certificateResetByMailStep1Subject' => { - 'type' => 'text' - }, - 'certificateResetByMailStep2Body' => { - 'type' => 'longtext' - }, - 'certificateResetByMailStep2Subject' => { - 'type' => 'text' - }, - 'certificateResetByMailURL' => { - 'default' => 'http://auth.example.com/certificateReset', - 'type' => 'url' - }, - 'certificateResetByMailValidityDelay' => { - 'default' => 0, - 'type' => 'int' - }, - 'cfgAuthor' => { - 'type' => 'text' - }, - 'cfgAuthorIP' => { - 'type' => 'text' - }, - 'cfgDate' => { - 'type' => 'int' - }, - 'cfgLog' => { - 'type' => 'longtext' - }, - 'cfgNum' => { - 'default' => 0, - 'type' => 'int' - }, - 'cfgVersion' => { - 'type' => 'text' - }, - 'checkDevOps' => { - 'default' => 0, - 'type' => 'bool' - }, - 'checkDevOpsCheckSessionAttributes' => { - 'default' => 1, - 'type' => 'bool' - }, - 'checkDevOpsDisplayNormalizedHeaders' => { - 'default' => 1, - 'type' => 'bool' - }, - 'checkDevOpsDownload' => { - 'default' => 1, - 'type' => 'bool' - }, - 'checkState' => { - 'default' => 0, - 'type' => 'bool' - }, - 'checkStateSecret' => { - 'type' => 'text' - }, - 'checkTime' => { - 'default' => 600, - 'type' => 'int' - }, - 'checkUser' => { - 'default' => 0, - 'type' => 'bool' - }, - 'checkUserDisplayComputedSession' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'checkUserDisplayEmptyHeaders' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'checkUserDisplayEmptyValues' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'checkUserDisplayHiddenAttributes' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'checkUserDisplayHistory' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'checkUserDisplayNormalizedHeaders' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'checkUserDisplayPersistentInfo' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'checkUserHiddenAttributes' => { - 'default' => '_loginHistory, _session_id, hGroups', - 'type' => 'text' - }, - 'checkUserHiddenHeaders' => { - 'keyMsgFail' => '__badHostname__', - 'keyTest' => qr/^\S+$/, - 'test' => { - 'keyMsgFail' => '__badHeaderName__', - 'keyTest' => qr/^(?=[^\-])[\w\-\s]+(?<=[^-])$/, - 'test' => sub { - return perlExpr(@_); - } - }, - 'type' => 'keyTextContainer' - }, - 'checkUserIdRule' => { - 'default' => 1, - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'checkUserSearchAttributes' => { - 'type' => 'text' - }, - 'checkUserUnrestrictedUsersRule' => { - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'checkXSS' => { - 'default' => 1, - 'type' => 'bool' - }, - 'combination' => { - 'type' => 'text' - }, - 'combModules' => { - 'keyTest' => qr/^\w+$/, - 'select' => [ { - 'k' => 'Apache', - 'v' => 'Apache' - }, - { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'Facebook', - 'v' => 'Facebook' - }, - { - 'k' => 'GitHub', - 'v' => 'GitHub' - }, - { - 'k' => 'GPG', - 'v' => 'GPG' - }, - { - 'k' => 'Kerberos', - 'v' => 'Kerberos' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'LinkedIn', - 'v' => 'LinkedIn' - }, - { - 'k' => 'PAM', - 'v' => 'PAM' - }, - { - 'k' => 'Radius', - 'v' => 'Radius' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'SSL', - 'v' => 'SSL' - }, - { - 'k' => 'Twitter', - 'v' => 'Twitter' - }, - { - 'k' => 'WebID', - 'v' => 'WebID' - }, - { - 'k' => 'Demo', - 'v' => 'Demonstration' - }, - { - 'k' => 'CAS', - 'v' => 'Central Authentication Service (CAS)' - }, - { - 'k' => 'OpenID', - 'v' => 'OpenID' - }, - { - 'k' => 'OpenIDConnect', - 'v' => 'OpenID Connect' - }, - { - 'k' => 'SAML', - 'v' => 'SAML v2' - }, - { - 'k' => 'Proxy', - 'v' => 'Proxy' - }, - { - 'k' => 'Remote', - 'v' => 'Remote' - }, - { - 'k' => 'Slave', - 'v' => 'Slave' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - 'test' => sub { - 1; - }, - 'type' => 'cmbModuleContainer' - }, - 'compactConf' => { - 'default' => 0, - 'type' => 'bool' - }, - 'configStorage' => { - 'type' => 'text' - }, - 'confirmFormMethod' => { - 'default' => 'post', - 'select' => [ { - 'k' => 'get', - 'v' => 'GET' - }, - { - 'k' => 'post', - 'v' => 'POST' - } - ], - 'type' => 'select' - }, - 'contextSwitchingAllowed2fModifications' => { - 'default' => 0, - 'type' => 'bool' - }, - 'contextSwitchingIdRule' => { - 'default' => 1, - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'contextSwitchingPrefix' => { - 'default' => 'switching', - 'type' => 'text' - }, - 'contextSwitchingRule' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'contextSwitchingStopWithLogout' => { - 'default' => 1, - 'type' => 'bool' - }, - 'contextSwitchingUnrestrictedUsersRule' => { - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'cookieExpiration' => { - 'type' => 'int' - }, - 'cookieName' => { - 'default' => 'lemonldap', - 'msgFail' => '__badCookieName__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, - 'type' => 'text' - }, - 'corsAllow_Credentials' => { - 'default' => 'true', - 'type' => 'text' - }, - 'corsAllow_Headers' => { - 'default' => '*', - 'type' => 'text' - }, - 'corsAllow_Methods' => { - 'default' => 'POST,GET', - 'type' => 'text' - }, - 'corsAllow_Origin' => { - 'default' => '*', - 'type' => 'text' - }, - 'corsEnabled' => { - 'default' => 1, - 'type' => 'bool' - }, - 'corsExpose_Headers' => { - 'default' => '*', - 'type' => 'text' - }, - 'corsMax_Age' => { - 'default' => '86400', - 'type' => 'text' - }, - 'crowdsec' => { - 'type' => 'bool' - }, - 'crowdsecAction' => { - 'default' => 'reject', - 'select' => [ { - 'k' => 'reject', - 'v' => 'Reject' - }, - { - 'k' => 'warn', - 'v' => 'Warn' - } - ], - 'type' => 'select' - }, - 'crowdsecKey' => { - 'type' => 'text' - }, - 'crowdsecUrl' => { - 'type' => 'url' - }, - 'cspConnect' => { - 'default' => '\'self\'', - 'type' => 'text' - }, - 'cspDefault' => { - 'default' => '\'self\'', - 'type' => 'text' - }, - 'cspFont' => { - 'default' => '\'self\'', - 'type' => 'text' - }, - 'cspFormAction' => { - 'default' => '*', - 'type' => 'text' - }, - 'cspFrameAncestors' => { - 'default' => '', - 'type' => 'text' - }, - 'cspImg' => { - 'default' => '\'self\' data:', - 'type' => 'text' - }, - 'cspScript' => { - 'default' => '\'self\'', - 'type' => 'text' - }, - 'cspStyle' => { - 'default' => '\'self\'', - 'type' => 'text' - }, - 'customAddParams' => { - 'type' => 'keyTextContainer' - }, - 'customAuth' => { - 'type' => 'text' - }, - 'customFunctions' => { - 'msgFail' => '__badCustomFuncName__', - 'test' => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/, - 'type' => 'text' - }, - 'customPassword' => { - 'type' => 'text' - }, - 'customPlugins' => { - 'type' => 'text' - }, - 'customPluginsParams' => { - 'type' => 'keyTextContainer' - }, - 'customRegister' => { - 'type' => 'text' - }, - 'customResetCertByMail' => { - 'type' => 'text' - }, - 'customToTrace' => { - 'type' => 'lmAttrOrMacro' - }, - 'customUserDB' => { - 'type' => 'text' - }, - 'dbiAuthChain' => { - 'type' => 'text' - }, - 'dbiAuthLoginCol' => { - 'type' => 'text' - }, - 'dbiAuthnLevel' => { - 'default' => 2, - 'type' => 'int' - }, - 'dbiAuthPassword' => { - 'type' => 'password' - }, - 'dbiAuthPasswordCol' => { - 'type' => 'text' - }, - 'dbiAuthPasswordHash' => { - 'type' => 'text' - }, - 'dbiAuthTable' => { - 'type' => 'text' - }, - 'dbiAuthUser' => { - 'type' => 'text' - }, - 'dbiDynamicHashEnabled' => { - 'type' => 'bool' - }, - 'dbiDynamicHashNewPasswordScheme' => { - 'type' => 'text' - }, - 'dbiDynamicHashValidSaltedSchemes' => { - 'type' => 'text' - }, - 'dbiDynamicHashValidSchemes' => { - 'type' => 'text' - }, - 'dbiExportedVars' => { - 'default' => {}, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'dbiPasswordMailCol' => { - 'type' => 'text' - }, - 'dbiUserChain' => { - 'type' => 'text' - }, - 'dbiUserPassword' => { - 'type' => 'password' - }, - 'dbiUserTable' => { - 'type' => 'text' - }, - 'dbiUserUser' => { - 'type' => 'text' - }, - 'decryptValueFunctions' => { - 'msgFail' => '__badCustomFuncName__', - 'test' => qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/, - 'type' => 'text' - }, - 'decryptValueRule' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'demoExportedVars' => { - 'default' => { - 'cn' => 'cn', - 'mail' => 'mail', - 'uid' => 'uid' - }, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'disablePersistentStorage' => { - 'default' => 0, - 'type' => 'bool' - }, - 'displaySessionId' => { - 'default' => 1, - 'type' => 'bool' - }, - 'domain' => { - 'default' => 'example.com', - 'msgFail' => '__badDomainName__', - 'test' => -qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, - 'type' => 'text' - }, - 'exportedAttr' => { - 'type' => 'text' - }, - 'exportedHeaders' => { - 'keyMsgFail' => '__badHostname__', - 'keyTest' => qr/^\S+$/, - 'test' => { - 'keyMsgFail' => '__badHeaderName__', - 'keyTest' => qr/^(?=[^\-])[\w\-]+(?<=[^-])$/, - 'test' => sub { - return perlExpr(@_); - } - }, - 'type' => 'keyTextContainer' - }, - 'exportedVars' => { - 'default' => { - 'UA' => 'HTTP_USER_AGENT' - }, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[_a-zA-Z][a-zA-Z0-9_]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[_a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'ext2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'ext2fAuthnLevel' => { - 'type' => 'int' - }, - 'ext2fCodeActivation' => { - 'default' => '\\d{6}', - 'type' => 'pcre' - }, - 'ext2fLabel' => { - 'type' => 'text' - }, - 'ext2fLogo' => { - 'type' => 'text' - }, - 'ext2FSendCommand' => { - 'type' => 'text' - }, - 'ext2FValidateCommand' => { - 'type' => 'text' - }, - 'facebookAppId' => { - 'type' => 'text' - }, - 'facebookAppSecret' => { - 'type' => 'text' - }, - 'facebookAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'facebookExportedVars' => { - 'default' => {}, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'facebookUserField' => { - 'default' => 'id', - 'type' => 'text' - }, - 'failedLoginNumber' => { - 'default' => 5, - 'type' => 'int' - }, - 'findUser' => { - 'default' => 0, - 'type' => 'bool' - }, - 'findUserControl' => { - 'default' => '^[*\\w]+$', - 'type' => 'pcre' - }, - 'findUserExcludingAttributes' => { - 'keyTest' => qr/^\S+$/, - 'type' => 'keyTextContainer' - }, - 'findUserSearchingAttributes' => { - 'keyTest' => qr/^\S+$/, - 'type' => 'keyTextContainer' - }, - 'findUserWildcard' => { - 'default' => '*', - 'type' => 'text' - }, - 'forceGlobalStorageIssuerOTT' => { - 'type' => 'bool' - }, - 'forceGlobalStorageUpgradeOTT' => { - 'type' => 'bool' - }, - 'formTimeout' => { - 'default' => 120, - 'type' => 'int' - }, - 'githubAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'githubClientID' => { - 'type' => 'text' - }, - 'githubClientSecret' => { - 'type' => 'password' - }, - 'githubScope' => { - 'default' => 'user:email', - 'type' => 'text' - }, - 'githubUserField' => { - 'default' => 'login', - 'type' => 'text' - }, - 'globalLogoutCustomParam' => { - 'type' => 'text' - }, - 'globalLogoutRule' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'globalLogoutTimer' => { - 'default' => 1, - 'type' => 'bool' - }, - 'globalStorage' => { - 'default' => 'Apache::Session::File', - 'type' => 'PerlModule' - }, - 'globalStorageOptions' => { - 'default' => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', - 'generateModule' => - 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', - 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' - }, - 'type' => 'keyTextContainer' - }, - 'gpgAuthnLevel' => { - 'default' => 5, - 'type' => 'int' - }, - 'gpgDb' => { - 'default' => '', - 'type' => 'text' - }, - 'grantSessionRules' => { - 'default' => {}, - 'keyTest' => sub { - return perlExpr(@_); - }, - 'test' => sub { - 1; - }, - 'type' => 'grantContainer' - }, - 'groups' => { - 'default' => {}, - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'keyTextContainer' - }, - 'groupsBeforeMacros' => { - 'default' => 0, - 'type' => 'bool' - }, - 'handlerInternalCache' => { - 'default' => 15, - 'type' => 'int' - }, - 'handlerServiceTokenTTL' => { - 'default' => 30, - 'type' => 'int' - }, - 'hiddenAttributes' => { - 'default' => '_password, _2fDevices', - 'type' => 'text' - }, - 'hideOldPassword' => { - 'default' => 0, - 'type' => 'bool' - }, - 'httpOnly' => { - 'default' => 1, - 'type' => 'bool' - }, - 'https' => { - 'default' => -1, - 'type' => 'trool' - }, - 'impersonationHiddenAttributes' => { - 'default' => '_2fDevices, _loginHistory', - 'type' => 'text' - }, - 'impersonationIdRule' => { - 'default' => 1, - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'impersonationMergeSSOgroups' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'impersonationPrefix' => { - 'default' => 'real_', - 'type' => 'text' - }, - 'impersonationRule' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'impersonationSkipEmptyValues' => { - 'default' => 1, - 'type' => 'bool' - }, - 'impersonationUnrestrictedUsersRule' => { - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'infoFormMethod' => { - 'default' => 'get', - 'select' => [ { - 'k' => 'get', - 'v' => 'GET' - }, - { - 'k' => 'post', - 'v' => 'POST' - } - ], - 'type' => 'select' - }, - 'issuerDBCASActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'issuerDBCASPath' => { - 'default' => '^/cas/', - 'type' => 'pcre' - }, - 'issuerDBCASRule' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'issuerDBGetActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'issuerDBGetParameters' => { - 'default' => {}, - 'keyMsgFail' => '__badHostname__', - 'keyTest' => -qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, - 'test' => { - 'keyMsgFail' => '__badKeyName__', - 'keyTest' => qr/^(?=[^\-])[\w\-]+(?<=[^-])$/, - 'test' => sub { - my ( $val, $conf ) = @_; - return 1 - if defined $conf->{'macros'}{$val} or $val eq '_timezone'; - foreach $_ ( keys %$conf ) { - return 1 - if $_ =~ /exportedvars$/i - and defined $conf->{$_}{$val}; - } - return 1, "__unknownAttrOrMacro__: $val"; - } - }, - 'type' => 'doubleHash' - }, - 'issuerDBGetPath' => { - 'default' => '^/get/', - 'type' => 'text' - }, - 'issuerDBGetRule' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'issuerDBOpenIDActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'issuerDBOpenIDConnectActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'issuerDBOpenIDConnectPath' => { - 'default' => '^/oauth2/', - 'type' => 'text' - }, - 'issuerDBOpenIDConnectRule' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'issuerDBOpenIDPath' => { - 'default' => '^/openidserver/', - 'type' => 'pcre' - }, - 'issuerDBOpenIDRule' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'issuerDBSAMLActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'issuerDBSAMLPath' => { - 'default' => '^/saml/', - 'type' => 'pcre' - }, - 'issuerDBSAMLRule' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'issuersTimeout' => { - 'default' => 120, - 'type' => 'int' - }, - 'jsRedirect' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'key' => { - 'type' => 'password' - }, - 'krbAllowedDomains' => { - 'type' => 'text' - }, - 'krbAuthnLevel' => { - 'default' => 3, - 'type' => 'int' - }, - 'krbByJs' => { - 'default' => 0, - 'type' => 'bool' - }, - 'krbKeytab' => { - 'type' => 'text' - }, - 'krbRemoveDomain' => { - 'default' => 1, - 'type' => 'bool' - }, - 'ldapAllowResetExpiredPassword' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapAuthnLevel' => { - 'default' => 2, - 'type' => 'int' - }, - 'ldapBase' => { - 'default' => 'dc=example,dc=com', - 'msgFail' => '__badValue__', - 'test' => qr/^(?:\w+=.*|)$/, - 'type' => 'text' - }, - 'ldapCAFile' => { - 'type' => 'text' - }, - 'ldapCAPath' => { - 'type' => 'text' - }, - 'ldapChangePasswordAsUser' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapExportedVars' => { - 'default' => { - 'cn' => 'cn', - 'mail' => 'mail', - 'uid' => 'uid' - }, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'LDAPFilter' => { - 'type' => 'text' - }, - 'ldapGetUserBeforePasswordChange' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapGroupAttributeName' => { - 'default' => 'member', - 'type' => 'text' - }, - 'ldapGroupAttributeNameGroup' => { - 'default' => 'dn', - 'type' => 'text' - }, - 'ldapGroupAttributeNameSearch' => { - 'default' => 'cn', - 'type' => 'text' - }, - 'ldapGroupAttributeNameUser' => { - 'default' => 'dn', - 'type' => 'text' - }, - 'ldapGroupBase' => { - 'type' => 'text' - }, - 'ldapGroupDecodeSearchedValue' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapGroupObjectClass' => { - 'default' => 'groupOfNames', - 'type' => 'text' - }, - 'ldapGroupRecursive' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapIOTimeout' => { - 'default' => 10, - 'type' => 'int' - }, - 'ldapITDS' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapPasswordResetAttribute' => { - 'default' => 'pwdReset', - 'type' => 'text' - }, - 'ldapPasswordResetAttributeValue' => { - 'default' => 'TRUE', - 'type' => 'text' - }, - 'ldapPort' => { - 'type' => 'int' - }, - 'ldapPpolicyControl' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapPwdEnc' => { - 'default' => 'utf-8', - 'msgFail' => '__badEncoding__', - 'test' => qr/^[a-zA-Z0-9_][a-zA-Z0-9_\-]*[a-zA-Z0-9_]$/, - 'type' => 'text' - }, - 'ldapRaw' => { - 'type' => 'text' - }, - 'ldapSearchDeref' => { - 'default' => 'find', - 'select' => [ { - 'k' => 'never', - 'v' => 'never' - }, - { - 'k' => 'search', - 'v' => 'search' - }, - { - 'k' => 'find', - 'v' => 'find' - }, - { - 'k' => 'always', - 'v' => 'always' - } - ], - 'type' => 'select' - }, - 'ldapServer' => { - 'default' => 'ldap://localhost', - 'test' => sub { - my $l = shift(); - my @s = split( /[\s,]+/, $l, 0 ); - foreach my $s (@s) { - return 0, qq[__badLdapUri__: "$s"] - unless $s =~ -m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?::\d{1,5})?/?.*)$]o; - } - return 1; - }, - 'type' => 'text' - }, - 'ldapSetPassword' => { - 'default' => 0, - 'type' => 'bool' - }, - 'ldapTimeout' => { - 'default' => 10, - 'type' => 'int' - }, - 'ldapUsePasswordResetAttribute' => { - 'default' => 1, - 'type' => 'bool' - }, - 'ldapVerify' => { - 'default' => 'require', - 'select' => [ { - 'k' => 'none', - 'v' => 'None' - }, - { - 'k' => 'optional', - 'v' => 'Optional' - }, - { - 'k' => 'require', - 'v' => 'Require' - } - ], - 'type' => 'select' - }, - 'ldapVersion' => { - 'default' => 3, - 'type' => 'int' - }, - 'linkedInAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'linkedInClientID' => { - 'type' => 'text' - }, - 'linkedInClientSecret' => { - 'type' => 'password' - }, - 'linkedInFields' => { - 'default' => 'id,first-name,last-name,email-address', - 'type' => 'text' - }, - 'linkedInScope' => { - 'default' => 'r_liteprofile r_emailaddress', - 'type' => 'text' - }, - 'linkedInUserField' => { - 'default' => 'emailAddress', - 'type' => 'text' - }, - 'localSessionStorage' => { - 'default' => 'Cache::FileCache', - 'type' => 'PerlModule' - }, - 'localSessionStorageOptions' => { - 'default' => { - 'cache_depth' => 3, - 'cache_root' => '/var/cache/lemonldap-ng', - 'default_expires_in' => 600, - 'directory_umask' => '007', - 'namespace' => 'lemonldap-ng-sessions' - }, - 'type' => 'keyTextContainer' - }, - 'localStorage' => { - 'type' => 'text' - }, - 'localStorageOptions' => { - 'type' => 'keyTextContainer' - }, - 'locationRules' => { - 'default' => { - 'default' => 'deny' - }, - 'keyMsgFail' => '__badHostname__', - 'keyTest' => qr/^\S+$/, - 'test' => { - 'keyMsgFail' => '__badRegexp__', - 'keyTest' => sub { - eval { - do { - qr/$_[0]/; - } - }; - return $@ ? 0 : 1; - }, - 'msgFail' => '__badExpression__', - 'test' => sub { - my ( $val, $conf ) = @_; - my $s = $val; - if ( $s =~ s/^logout(?:_(?:sso|app(?:_sso)?))?\s*// ) { - return $s =~ m[^(?:https?://.*)?$] - ? 1 - : ( 0, '__badUrl__' ); - } - $s =~ s/\b(accept|deny|unprotect|skip)\b/1/g; - return &perlExpr( $s, $conf ); - } - }, - 'type' => 'ruleContainer' - }, - 'log4perlConfFile' => { - 'type' => 'text' - }, - 'logger' => { - 'type' => 'text' - }, - 'loginHistoryEnabled' => { - 'default' => 0, - 'type' => 'bool' - }, - 'logLevel' => { - 'type' => 'text' - }, - 'logoutServices' => { - 'default' => {}, - 'type' => 'keyTextContainer' - }, - 'lwpOpts' => { - 'type' => 'keyTextContainer' - }, - 'lwpSslOpts' => { - 'type' => 'keyTextContainer' - }, - 'macros' => { - 'default' => {}, - 'keyMsgFail' => '__badMacroName__', - 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'keyTextContainer' - }, - 'mail2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'mail2fAuthnLevel' => { - 'type' => 'int' - }, - 'mail2fBody' => { - 'type' => 'longtext' - }, - 'mail2fCodeRegex' => { - 'default' => '\\d{6}', - 'type' => 'pcre' - }, - 'mail2fLabel' => { - 'type' => 'text' - }, - 'mail2fLogo' => { - 'type' => 'text' - }, - 'mail2fSessionKey' => { - 'type' => 'text' - }, - 'mail2fSubject' => { - 'type' => 'text' - }, - 'mail2fTimeout' => { - 'type' => 'int' - }, - 'mailBody' => { - 'type' => 'longtext' - }, - 'mailCharset' => { - 'default' => 'utf-8', - 'type' => 'text' - }, - 'mailConfirmBody' => { - 'type' => 'longtext' - }, - 'mailConfirmSubject' => { - 'type' => 'text' - }, - 'mailFrom' => { - 'default' => 'noreply@example.com', - 'type' => 'text' - }, - 'mailLDAPFilter' => { - 'type' => 'text' - }, - 'mailOnPasswordChange' => { - 'default' => 0, - 'type' => 'bool' - }, - 'mailReplyTo' => { - 'type' => 'text' - }, - 'mailSessionKey' => { - 'default' => 'mail', - 'type' => 'text' - }, - 'mailSubject' => { - 'type' => 'text' - }, - 'mailTimeout' => { - 'default' => 0, - 'type' => 'int' - }, - 'mailUrl' => { - 'default' => 'http://auth.example.com/resetpwd', - 'type' => 'url' - }, - 'maintenance' => { - 'default' => 0, - 'type' => 'bool' - }, - 'managerDn' => { - 'default' => '', - 'msgFail' => '__badValue__', - 'test' => qr/^.*$/, - 'type' => 'text' - }, - 'managerPassword' => { - 'default' => '', - 'msgFail' => '__badValue__', - 'test' => qr/^\S*$/, - 'type' => 'password' - }, - 'max2FDevices' => { - 'default' => 10, - 'type' => 'int' - }, - 'max2FDevicesNameLength' => { - 'default' => 20, - 'type' => 'int' - }, - 'multiValuesSeparator' => { - 'default' => '; ', - 'type' => 'authParamsText' - }, - 'mySessionAuthorizedRWKeys' => { - 'default' => - [ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ], - 'type' => 'array' - }, - 'newLocationWarning' => { - 'default' => 0, - 'type' => 'bool' - }, - 'newLocationWarningLocationAttribute' => { - 'default' => 'ipAddr', - 'type' => 'text' - }, - 'newLocationWarningLocationDisplayAttribute' => { - 'default' => '', - 'type' => 'text' - }, - 'newLocationWarningMailAttribute' => { - 'type' => 'text' - }, - 'newLocationWarningMailBody' => { - 'type' => 'longtext' - }, - 'newLocationWarningMailSubject' => { - 'type' => 'text' - }, - 'newLocationWarningMaxValues' => { - 'default' => '0', - 'type' => 'int' - }, - 'nginxCustomHandlers' => { - 'keyTest' => qr/^\w+$/, - 'msgFail' => '__badPerlPackageName__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/, - 'type' => 'keyTextContainer' - }, - 'noAjaxHook' => { - 'default' => 0, - 'type' => 'bool' - }, - 'notification' => { - 'default' => 0, - 'type' => 'bool' - }, - 'notificationDefaultCond' => { - 'default' => '', - 'type' => 'text' - }, - 'notificationServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'notificationServerDELETE' => { - 'default' => 0, - 'type' => 'bool' - }, - 'notificationServerGET' => { - 'default' => 0, - 'type' => 'bool' - }, - 'notificationServerPOST' => { - 'default' => 1, - 'type' => 'bool' - }, - 'notificationServerSentAttributes' => { - 'default' => 'uid reference date title subtitle text check', - 'type' => 'text' - }, - 'notificationsExplorer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'notificationsMaxRetrieve' => { - 'default' => 3, - 'type' => 'int' - }, - 'notificationStorage' => { - 'default' => 'File', - 'type' => 'PerlModule' - }, - 'notificationStorageOptions' => { - 'default' => { - 'dirName' => '/var/lib/lemonldap-ng/notifications' - }, - 'type' => 'keyTextContainer' - }, - 'notificationWildcard' => { - 'default' => 'allusers', - 'type' => 'text' - }, - 'notificationXSLTfile' => { - 'type' => 'text' - }, - 'notifyDeleted' => { - 'default' => 1, - 'type' => 'bool' - }, - 'notifyOther' => { - 'default' => 0, - 'type' => 'bool' - }, - 'nullAuthnLevel' => { - 'default' => 0, - 'type' => 'int' - }, - 'oidcAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'oidcOPMetaDataExportedVars' => { - 'default' => { - 'cn' => 'name', - 'mail' => 'email', - 'sn' => 'family_name', - 'uid' => 'sub' - }, - 'type' => 'keyTextContainer' - }, - 'oidcOPMetaDataJSON' => { - 'keyTest' => sub { - 1; - }, - 'type' => 'file' - }, - 'oidcOPMetaDataJWKS' => { - 'keyTest' => sub { - 1; - }, - 'type' => 'file' - }, - 'oidcOPMetaDataNodes' => { - 'type' => 'oidcOPMetaDataNodeContainer' - }, - 'oidcOPMetaDataOptions' => { - 'type' => 'subContainer' - }, - 'oidcOPMetaDataOptionsAcrValues' => { - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsCheckJWTSignature' => { - 'default' => 1, - 'type' => 'bool' - }, - 'oidcOPMetaDataOptionsClientID' => { - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsClientSecret' => { - 'type' => 'password' - }, - 'oidcOPMetaDataOptionsConfigurationURI' => { - 'type' => 'url' - }, - 'oidcOPMetaDataOptionsDisplay' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'page', - 'v' => 'page' - }, - { - 'k' => 'popup', - 'v' => 'popup' - }, - { - 'k' => 'touch', - 'v' => 'touch' - }, - { - 'k' => 'wap', - 'v' => 'wap' - } - ], - 'type' => 'select' - }, - 'oidcOPMetaDataOptionsDisplayName' => { - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsIcon' => { - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsIDTokenMaxAge' => { - 'default' => 30, - 'type' => 'int' - }, - 'oidcOPMetaDataOptionsJWKSTimeout' => { - 'default' => 0, - 'type' => 'int' - }, - 'oidcOPMetaDataOptionsMaxAge' => { - 'default' => 0, - 'type' => 'int' - }, - 'oidcOPMetaDataOptionsPrompt' => { - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsScope' => { - 'default' => 'openid profile', - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsSortNumber' => { - 'type' => 'int' - }, - 'oidcOPMetaDataOptionsStoreIDToken' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcOPMetaDataOptionsTokenEndpointAuthMethod' => { - 'default' => 'client_secret_post', - 'select' => [ { - 'k' => 'client_secret_post', - 'v' => 'client_secret_post' - }, - { - 'k' => 'client_secret_basic', - 'v' => 'client_secret_basic' - } - ], - 'type' => 'select' - }, - 'oidcOPMetaDataOptionsUiLocales' => { - 'type' => 'text' - }, - 'oidcOPMetaDataOptionsUseNonce' => { - 'default' => 1, - 'type' => 'bool' - }, - 'oidcRPCallbackGetParam' => { - 'default' => 'openidconnectcallback', - 'type' => 'text' - }, - 'oidcRPMetaDataExportedVars' => { - 'default' => { - 'email' => 'mail', - 'family_name' => 'sn', - 'name' => 'cn' - }, - 'keyTest' => qr/\w/, - 'test' => qr/\w/, - 'type' => 'oidcAttributeContainer' - }, - 'oidcRPMetaDataMacros' => { - 'default' => {}, - 'test' => { - 'keyMsgFail' => '__badMacroName__', - 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, - 'test' => sub { - return perlExpr(@_); - } - }, - 'type' => 'keyTextContainer' - }, - 'oidcRPMetaDataNodes' => { - 'type' => 'oidcRPMetaDataNodeContainer' - }, - 'oidcRPMetaDataOptions' => { - 'type' => 'subContainer' - }, - 'oidcRPMetaDataOptionsAccessTokenClaims' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsAccessTokenExpiration' => { - 'type' => 'int' - }, - 'oidcRPMetaDataOptionsAccessTokenJWT' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsAccessTokenSignAlg' => { - 'default' => 'RS256', - 'select' => [ { - 'k' => 'RS256', - 'v' => 'RS256' - }, - { - 'k' => 'RS384', - 'v' => 'RS384' - }, - { - 'k' => 'RS512', - 'v' => 'RS512' - } - ], - 'type' => 'select' - }, - 'oidcRPMetaDataOptionsAdditionalAudiences' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsAllowClientCredentialsGrant' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsAllowOffline' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsAllowPasswordGrant' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsAuthnLevel' => { - 'type' => 'int' - }, - 'oidcRPMetaDataOptionsAuthorizationCodeExpiration' => { - 'type' => 'int' - }, - 'oidcRPMetaDataOptionsBypassConsent' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsClientID' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsClientSecret' => { - 'type' => 'password' - }, - 'oidcRPMetaDataOptionsDisplayName' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsExtraClaims' => { - 'default' => {}, - 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, - 'type' => 'keyTextContainer' - }, - 'oidcRPMetaDataOptionsIcon' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsIDTokenExpiration' => { - 'type' => 'int' - }, - 'oidcRPMetaDataOptionsIDTokenForceClaims' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsIDTokenSignAlg' => { - 'default' => 'HS512', - 'select' => [ { - 'k' => 'none', - 'v' => 'None' - }, - { - 'k' => 'HS256', - 'v' => 'HS256' - }, - { - 'k' => 'HS384', - 'v' => 'HS384' - }, - { - 'k' => 'HS512', - 'v' => 'HS512' - }, - { - 'k' => 'RS256', - 'v' => 'RS256' - }, - { - 'k' => 'RS384', - 'v' => 'RS384' - }, - { - 'k' => 'RS512', - 'v' => 'RS512' - } - ], - 'type' => 'select' - }, - 'oidcRPMetaDataOptionsLogoutSessionRequired' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsLogoutType' => { - 'default' => 'front', - 'select' => [ { - 'k' => 'front', - 'v' => 'Front Channel' - } - ], - 'type' => 'select' - }, - 'oidcRPMetaDataOptionsLogoutUrl' => { - 'type' => 'url' - }, - 'oidcRPMetaDataOptionsOfflineSessionExpiration' => { - 'type' => 'int' - }, - 'oidcRPMetaDataOptionsPostLogoutRedirectUris' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsPublic' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsRedirectUris' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsRefreshToken' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsRequirePKCE' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcRPMetaDataOptionsRule' => { - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsUserIDAttr' => { - 'type' => 'text' - }, - 'oidcRPMetaDataOptionsUserInfoSignAlg' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => 'JSON' - }, - { - 'k' => 'none', - 'v' => 'JWT/None' - }, - { - 'k' => 'HS256', - 'v' => 'JWT/HS256' - }, - { - 'k' => 'HS384', - 'v' => 'JWT/HS384' - }, - { - 'k' => 'HS512', - 'v' => 'JWT/HS512' - }, - { - 'k' => 'RS256', - 'v' => 'JWT/RS256' - }, - { - 'k' => 'RS384', - 'v' => 'JWT/RS384' - }, - { - 'k' => 'RS512', - 'v' => 'JWT/RS512' - } - ], - 'type' => 'select' - }, - 'oidcRPMetaDataScopeRules' => { - 'default' => {}, - 'test' => { - 'keyMsgFail' => '__badMacroName__', - 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, - 'test' => sub { - return perlExpr(@_); - } - }, - 'type' => 'keyTextContainer' - }, - 'oidcRPStateTimeout' => { - 'default' => 600, - 'type' => 'int' - }, - 'oidcServiceAccessTokenExpiration' => { - 'default' => 3600, - 'type' => 'int' - }, - 'oidcServiceAllowAuthorizationCodeFlow' => { - 'default' => 1, - 'type' => 'bool' - }, - 'oidcServiceAllowDynamicRegistration' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcServiceAllowHybridFlow' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcServiceAllowImplicitFlow' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcServiceAllowOnlyDeclaredScopes' => { - 'default' => 0, - 'type' => 'bool' - }, - 'oidcServiceAuthorizationCodeExpiration' => { - 'default' => 60, - 'type' => 'int' - }, - 'oidcServiceDynamicRegistrationExportedVars' => { - 'type' => 'keyTextContainer' - }, - 'oidcServiceDynamicRegistrationExtraClaims' => { - 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, - 'type' => 'keyTextContainer' - }, - 'oidcServiceIDTokenExpiration' => { - 'default' => 3600, - 'type' => 'int' - }, - 'oidcServiceKeyIdSig' => { - 'type' => 'text' - }, - 'oidcServiceMetaDataAuthnContext' => { - 'default' => { - 'loa-1' => 1, - 'loa-2' => 2, - 'loa-3' => 3, - 'loa-4' => 4, - 'loa-5' => 5 - }, - 'keyTest' => qr/\w/, - 'type' => 'keyTextContainer' - }, - 'oidcServiceMetaDataAuthorizeURI' => { - 'default' => 'authorize', - 'type' => 'text' - }, - 'oidcServiceMetaDataBackChannelURI' => { - 'default' => 'blogout', - 'type' => 'text' - }, - 'oidcServiceMetaDataCheckSessionURI' => { - 'default' => 'checksession.html', - 'type' => 'text' - }, - 'oidcServiceMetaDataEndSessionURI' => { - 'default' => 'logout', - 'type' => 'text' - }, - 'oidcServiceMetaDataFrontChannelURI' => { - 'default' => 'flogout', - 'type' => 'text' - }, - 'oidcServiceMetaDataIntrospectionURI' => { - 'default' => 'introspect', - 'type' => 'text' - }, - 'oidcServiceMetaDataIssuer' => { - 'type' => 'text' - }, - 'oidcServiceMetaDataJWKSURI' => { - 'default' => 'jwks', - 'type' => 'text' - }, - 'oidcServiceMetaDataRegistrationURI' => { - 'default' => 'register', - 'type' => 'text' - }, - 'oidcServiceMetaDataTokenURI' => { - 'default' => 'token', - 'type' => 'text' - }, - 'oidcServiceMetaDataUserInfoURI' => { - 'default' => 'userinfo', - 'type' => 'text' - }, - 'oidcServiceOfflineSessionExpiration' => { - 'default' => 2592000, - 'type' => 'int' - }, - 'oidcServicePrivateKeySig' => { - 'type' => 'RSAPrivateKey' - }, - 'oidcServicePublicKeySig' => { - 'type' => 'RSAPublicKey' - }, - 'oidcStorage' => { - 'type' => 'PerlModule' - }, - 'oidcStorageOptions' => { - 'type' => 'keyTextContainer' - }, - 'oldNotifFormat' => { - 'default' => 0, - 'type' => 'bool' - }, - 'openIdAttr' => { - 'type' => 'text' - }, - 'openIdAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'openIdExportedVars' => { - 'default' => {}, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'openIdIDPList' => { - 'default' => '0;', - 'type' => 'blackWhiteList' - }, - 'openIdIssuerSecret' => { - 'type' => 'text' - }, - 'openIdSecret' => { - 'type' => 'text' - }, - 'openIdSPList' => { - 'default' => '0;', - 'type' => 'blackWhiteList' - }, - 'openIdSreg_country' => { - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_dob' => { - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_email' => { - 'default' => 'mail', - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_fullname' => { - 'default' => 'cn', - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_gender' => { - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_language' => { - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_nickname' => { - 'default' => 'uid', - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_postcode' => { - 'type' => 'lmAttrOrMacro' - }, - 'openIdSreg_timezone' => { - 'default' => '_timezone', - 'type' => 'lmAttrOrMacro' - }, - 'pamAuthnLevel' => { - 'default' => 2, - 'type' => 'int' - }, - 'pamService' => { - 'default' => 'login', - 'type' => 'text' - }, - 'passwordDB' => { - 'default' => 'Demo', - 'select' => [ { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'Choice', - 'v' => 'authChoice' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'Demo', - 'v' => 'Demonstration' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'Combination', - 'v' => 'combineMods' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - 'type' => 'select' - }, - 'passwordPolicyActivation' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'passwordPolicyMinDigit' => { - 'default' => 0, - 'type' => 'int' - }, - 'passwordPolicyMinLower' => { - 'default' => 0, - 'type' => 'int' - }, - 'passwordPolicyMinSize' => { - 'default' => 0, - 'type' => 'int' - }, - 'passwordPolicyMinSpeChar' => { - 'default' => 0, - 'type' => 'int' - }, - 'passwordPolicyMinUpper' => { - 'default' => 0, - 'type' => 'int' - }, - 'passwordPolicySpecialChar' => { - 'default' => '__ALL__', - 'test' => qr/^(?:__ALL__|[\S\W]*)$/, - 'type' => 'text' - }, - 'passwordResetAllowedRetries' => { - 'default' => 3, - 'type' => 'int' - }, - 'pdataDomain' => { - 'default' => '', - 'msgFail' => '__badDomainName__', - 'test' => -qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, - 'type' => 'text' - }, - 'persistentSessionAttributes' => { - 'default' => '_loginHistory _2fDevices notification_', - 'type' => 'text' - }, - 'persistentStorage' => { - 'type' => 'PerlModule' - }, - 'persistentStorageOptions' => { - 'type' => 'keyTextContainer' - }, - 'port' => { - 'default' => -1, - 'type' => 'int' - }, - 'portal' => { - 'default' => 'http://auth.example.com/', - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, - 'type' => 'url' - }, - 'portalAntiFrame' => { - 'default' => 1, - 'type' => 'bool' - }, - 'portalCheckLogins' => { - 'default' => 1, - 'type' => 'bool' - }, - 'portalCustomCss' => { - 'type' => 'text' - }, - 'portalDisplayAppslist' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'portalDisplayCertificateResetByMail' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalDisplayChangePassword' => { - 'default' => '$_auth =~ /^(LDAP|DBI|Demo)$/', - 'type' => 'boolOrExpr' - }, - 'portalDisplayGeneratePassword' => { - 'default' => 1, - 'type' => 'bool' - }, - 'portalDisplayLoginHistory' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'portalDisplayLogout' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'portalDisplayOidcConsents' => { - 'default' => '$_oidcConsents && $_oidcConsents =~ /\\w+/', - 'type' => 'boolOrExpr' - }, - 'portalDisplayPasswordPolicy' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalDisplayRefreshMyRights' => { - 'default' => 1, - 'type' => 'bool' - }, - 'portalDisplayRegister' => { - 'default' => 1, - 'type' => 'bool' - }, - 'portalDisplayResetPassword' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalEnablePasswordDisplay' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalErrorOnExpiredSession' => { - 'default' => 1, - 'type' => 'bool' - }, - 'portalErrorOnMailNotFound' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalForceAuthn' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalForceAuthnInterval' => { - 'default' => 5, - 'type' => 'int' - }, - 'portalMainLogo' => { - 'default' => 'common/logos/logo_llng_400px.png', - 'type' => 'text' - }, - 'portalOpenLinkInNewWindow' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalPingInterval' => { - 'default' => 60000, - 'type' => 'int' - }, - 'portalRequireOldPassword' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'portalSkin' => { - 'default' => 'bootstrap', - 'select' => [ { - 'k' => 'bootstrap', - 'v' => 'Bootstrap' - } - ], - 'type' => 'portalskin' - }, - 'portalSkinBackground' => { - 'select' => [ { - 'k' => '', - 'v' => 'None' - }, - { - 'k' => '1280px-Anse_Source_d\'Argent_2-La_Digue.jpg', - 'v' => 'Anse' - }, - { - 'k' => -'1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg', - 'v' => 'Waterfall' - }, - { - 'k' => '1280px-BrockenSnowedTrees.jpg', - 'v' => 'Snowed Trees' - }, - { - 'k' => - '1280px-Cedar_Breaks_National_Monument_partially.jpg', - 'v' => 'National Monument' - }, - { - 'k' => '1280px-Parry_Peak_from_Winter_Park.jpg', - 'v' => 'Winter' - }, - { - 'k' => 'Aletschgletscher_mit_Pinus_cembra1.jpg', - 'v' => 'Pinus' - } - ], - 'type' => 'portalskinbackground' - }, - 'portalSkinRules' => { - 'keyMsgFail' => '__badSkinRule__', - 'keyTest' => sub { - return perlExpr(@_); - }, - 'msgFail' => '__badValue__', - 'test' => qr/^\w+$/, - 'type' => 'keyTextContainer' - }, - 'portalStatus' => { - 'default' => 0, - 'type' => 'bool' - }, - 'portalUserAttr' => { - 'default' => '_user', - 'type' => 'text' - }, - 'post' => { - 'keyMsgFail' => '__badHostname__', - 'keyTest' => qr/^\S+$/, - 'test' => sub { - 1; - }, - 'type' => 'postContainer' - }, - 'protection' => { - 'msgFail' => '__authorizedValues__: none authenticate manager', - 'test' => qr/^(?:none|authenticate|manager|)$/, - 'type' => 'text' - }, - 'proxyAuthnLevel' => { - 'default' => 2, - 'type' => 'int' - }, - 'proxyAuthService' => { - 'type' => 'text' - }, - 'proxyAuthServiceChoiceParam' => { - 'default' => 'lmAuth', - 'type' => 'text' - }, - 'proxyAuthServiceChoiceValue' => { - 'type' => 'text' - }, - 'proxyAuthServiceImpersonation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'proxyCookieName' => { - 'msgFail' => '__badCookieName__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, - 'type' => 'text' - }, - 'proxySessionService' => { - 'type' => 'text' - }, - 'proxyUseSoap' => { - 'default' => 0, - 'type' => 'bool' - }, - 'radius2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'radius2fAuthnLevel' => { - 'type' => 'int' - }, - 'radius2fLabel' => { - 'type' => 'text' - }, - 'radius2fLogo' => { - 'type' => 'text' - }, - 'radius2fSecret' => { - 'type' => 'text' - }, - 'radius2fServer' => { - 'type' => 'text' - }, - 'radius2fTimeout' => { - 'default' => 20, - 'type' => 'int' - }, - 'radius2fUsernameSessionKey' => { - 'type' => 'text' - }, - 'radiusAuthnLevel' => { - 'default' => 3, - 'type' => 'int' - }, - 'radiusSecret' => { - 'type' => 'text' - }, - 'radiusServer' => { - 'type' => 'text' - }, - 'randomPasswordRegexp' => { - 'default' => '[A-Z]{3}[a-z]{5}.\\d{2}', - 'type' => 'pcre' - }, - 'redirectFormMethod' => { - 'default' => 'get', - 'select' => [ { - 'k' => 'get', - 'v' => 'GET' - }, - { - 'k' => 'post', - 'v' => 'POST' - } - ], - 'type' => 'select' - }, - 'refreshSessions' => { - 'type' => 'bool' - }, - 'registerConfirmBody' => { - 'type' => 'longtext' - }, - 'registerConfirmSubject' => { - 'type' => 'text' - }, - 'registerDB' => { - 'default' => 'Null', - 'select' => [ { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'Demo', - 'v' => 'Demonstration' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - 'type' => 'select' - }, - 'registerDoneBody' => { - 'type' => 'longtext' - }, - 'registerDoneSubject' => { - 'type' => 'text' - }, - 'registerTimeout' => { - 'default' => 0, - 'type' => 'int' - }, - 'registerUrl' => { - 'default' => 'http://auth.example.com/register', - 'type' => 'text' - }, - 'reloadTimeout' => { - 'default' => 5, - 'type' => 'int' - }, - 'reloadUrls' => { - 'keyTest' => -qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/, - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, - 'type' => 'keyTextContainer' - }, - 'remoteCookieName' => { - 'msgFail' => '__badCookieName__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, - 'type' => 'text' - }, - 'remoteGlobalStorage' => { - 'default' => 'Lemonldap::NG::Common::Apache::Session::SOAP', - 'type' => 'PerlModule' - }, - 'remoteGlobalStorageOptions' => { - 'default' => { - 'ns' => -'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', - 'proxy' => 'http://auth.example.com/sessions' - }, - 'type' => 'keyTextContainer' - }, - 'remotePortal' => { - 'type' => 'text' - }, - 'requireToken' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'rest2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'rest2fAuthnLevel' => { - 'type' => 'int' - }, - 'rest2fInitArgs' => { - 'keyMsgFail' => '__badKeyName__', - 'keyTest' => qr/^\w+$/, - 'msgFail' => '__badValue__', - 'test' => qr/^\w+$/, - 'type' => 'keyTextContainer' - }, - 'rest2fInitUrl' => { - 'type' => 'url' - }, - 'rest2fLabel' => { - 'type' => 'text' - }, - 'rest2fLogo' => { - 'type' => 'text' - }, - 'rest2fVerifyArgs' => { - 'type' => 'keyTextContainer' - }, - 'rest2fVerifyUrl' => { - 'keyMsgFail' => '__badKeyName__', - 'keyTest' => qr/^\w+$/, - 'msgFail' => '__badValue__', - 'test' => qr/^\w+$/, - 'type' => 'url' - }, - 'restAuthnLevel' => { - 'default' => 2, - 'type' => 'int' - }, - 'restAuthServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'restAuthUrl' => { - 'type' => 'url' - }, - 'restClockTolerance' => { - 'default' => 15, - 'type' => 'int' - }, - 'restConfigServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'restExportSecretKeys' => { - 'default' => 0, - 'type' => 'bool' - }, - 'restFindUserDBUrl' => { - 'type' => 'url' - }, - 'restPasswordServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'restPwdConfirmUrl' => { - 'type' => 'url' - }, - 'restPwdModifyUrl' => { - 'type' => 'url' - }, - 'restSessionServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'restUserDBUrl' => { - 'type' => 'url' - }, - 'sameSite' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'Strict', - 'v' => 'Strict' - }, - { - 'k' => 'Lax', - 'v' => 'Lax' - }, - { - 'k' => 'None', - 'v' => 'None' - } - ], - 'type' => 'select' - }, - 'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;', - 'type' => 'samlService' - }, - 'samlAuthnContextMapKerberos' => { - 'default' => 4, - 'type' => 'int' - }, - 'samlAuthnContextMapPassword' => { - 'default' => 2, - 'type' => 'int' - }, - 'samlAuthnContextMapPasswordProtectedTransport' => { - 'default' => 3, - 'type' => 'int' - }, - 'samlAuthnContextMapTLSClient' => { - 'default' => 5, - 'type' => 'int' - }, - 'samlCommonDomainCookieActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlCommonDomainCookieDomain' => { - 'msgFail' => '__badDomainName__', - 'test' => -qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, - 'type' => 'text' - }, - 'samlCommonDomainCookieReader' => { - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, - 'type' => 'text' - }, - 'samlCommonDomainCookieWriter' => { - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, - 'type' => 'text' - }, - 'samlDiscoveryProtocolActivation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlDiscoveryProtocolIsPassive' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlDiscoveryProtocolPolicy' => { - 'type' => 'text' - }, - 'samlDiscoveryProtocolURL' => { - 'msgFail' => '__badUrl__', - 'test' => -qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, - 'type' => 'text' - }, - 'samlEntityID' => { - 'default' => '#PORTAL#/saml/metadata', - 'type' => 'text' - }, - 'samlIDPMetaDataExportedAttributes' => { - 'default' => {}, - 'keyMsgFail' => '__badMetadataName__', - 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, - 'msgFail' => '__badValue__', - 'test' => qr/\w/, - 'type' => 'samlAttributeContainer' - }, - 'samlIDPMetaDataNodes' => { - 'type' => 'samlIDPMetaDataNodeContainer' - }, - 'samlIDPMetaDataOptions' => { - 'keyMsgFail' => '__badMetadataName__', - 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, - 'type' => 'keyTextContainer' - }, - 'samlIDPMetaDataOptionsAdaptSessionUtime' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsAllowLoginFromIDP' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsAllowProxiedAuthn' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsCheckAudience' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsCheckSLOMessageSignature' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsCheckSSOMessageSignature' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsCheckTime' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsDisplayName' => { - 'type' => 'text' - }, - 'samlIDPMetaDataOptionsEncryptionMode' => { - 'default' => 'none', - 'select' => [ { - 'k' => 'none', - 'v' => 'None' - }, - { - 'k' => 'nameid', - 'v' => 'Name ID' - }, - { - 'k' => 'assertion', - 'v' => 'Assertion' - } - ], - 'type' => 'select' - }, - 'samlIDPMetaDataOptionsForceAuthn' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsForceUTF8' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsIcon' => { - 'type' => 'text' - }, - 'samlIDPMetaDataOptionsIsPassive' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsNameIDFormat' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'unspecified', - 'v' => 'Unspecified' - }, - { - 'k' => 'email', - 'v' => 'Email' - }, - { - 'k' => 'x509', - 'v' => 'X509 certificate' - }, - { - 'k' => 'windows', - 'v' => 'Windows' - }, - { - 'k' => 'kerberos', - 'v' => 'Kerberos' - }, - { - 'k' => 'entity', - 'v' => 'Entity' - }, - { - 'k' => 'persistent', - 'v' => 'Persistent' - }, - { - 'k' => 'transient', - 'v' => 'Transient' - }, - { - 'k' => 'encrypted', - 'v' => 'Encrypted' - } - ], - 'type' => 'select' - }, - 'samlIDPMetaDataOptionsRelayStateURL' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsRequestedAuthnContext' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'kerberos', - 'v' => 'Kerberos' - }, - { - 'k' => 'password-protected-transport', - 'v' => 'Password protected transport' - }, - { - 'k' => 'password', - 'v' => 'Password' - }, - { - 'k' => 'tls-client', - 'v' => 'TLS client certificate' - } - ], - 'type' => 'select' - }, - 'samlIDPMetaDataOptionsResolutionRule' => { - 'default' => '', - 'type' => 'longtext' - }, - 'samlIDPMetaDataOptionsSignatureMethod' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => 'default' - }, - { - 'k' => 'RSA_SHA1', - 'v' => 'RSA SHA1' - }, - { - 'k' => 'RSA_SHA256', - 'v' => 'RSA SHA256' - }, - { - 'k' => 'RSA_SHA384', - 'v' => 'RSA SHA384' - }, - { - 'k' => 'RSA_SHA512', - 'v' => 'RSA SHA512' - } - ], - 'type' => 'select' - }, - 'samlIDPMetaDataOptionsSignSLOMessage' => { - 'default' => -1, - 'type' => 'trool' - }, - 'samlIDPMetaDataOptionsSignSSOMessage' => { - 'default' => -1, - 'type' => 'trool' - }, - 'samlIDPMetaDataOptionsSLOBinding' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'http-post', - 'v' => 'POST' - }, - { - 'k' => 'http-redirect', - 'v' => 'Redirect' - }, - { - 'k' => 'http-soap', - 'v' => 'SOAP' - } - ], - 'type' => 'select' - }, - 'samlIDPMetaDataOptionsSortNumber' => { - 'type' => 'int' - }, - 'samlIDPMetaDataOptionsSSOBinding' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'http-post', - 'v' => 'POST' - }, - { - 'k' => 'http-redirect', - 'v' => 'Redirect' - }, - { - 'k' => 'artifact-get', - 'v' => 'Artifact GET' - } - ], - 'type' => 'select' - }, - 'samlIDPMetaDataOptionsStoreSAMLToken' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlIDPMetaDataOptionsUserAttribute' => { - 'type' => 'text' - }, - 'samlIDPMetaDataXML' => { - 'test' => sub { - my $v = shift(); - return 1 unless $v and %$v; - my @msg; - my $res = 1; - my %entityIds; - foreach my $idpId ( keys %$v ) { - unless ( $v->{$idpId}{'samlIDPMetaDataXML'} =~ - /entityID="(.+?)"/is ) - { - push @msg, "$idpId SAML metadata has no EntityID"; - $res = 0; - next; - } - my $eid = $1; - if ( defined $entityIds{$eid} ) { - push @msg, -"$idpId and $entityIds{$eid} have the same SAML EntityID"; - $res = 0; - next; - } - $entityIds{$eid} = $idpId; - } - return $res, join( ', ', @msg ); - }, - 'type' => 'file' - }, - 'samlIDPSSODescriptorArtifactResolutionServiceArtifact' => { - 'default' => -'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', - 'type' => 'samlAssertion' - }, - 'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', - 'type' => 'samlService' - }, - 'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', - 'type' => 'samlService' - }, - 'samlIDPSSODescriptorSingleLogoutServiceSOAP' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;', - 'type' => 'samlService' - }, - 'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;', - 'type' => 'samlService' - }, - 'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;', - 'type' => 'samlService' - }, - 'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;', - 'type' => 'samlService' - }, - 'samlIDPSSODescriptorWantAuthnRequestsSigned' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlMetadataForceUTF8' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlNameIDFormatMapEmail' => { - 'default' => 'mail', - 'type' => 'text' - }, - 'samlNameIDFormatMapKerberos' => { - 'default' => 'uid', - 'type' => 'text' - }, - 'samlNameIDFormatMapWindows' => { - 'default' => 'uid', - 'type' => 'text' - }, - 'samlNameIDFormatMapX509' => { - 'default' => 'mail', - 'type' => 'text' - }, - 'samlOrganizationDisplayName' => { - 'default' => 'Example', - 'type' => 'text' - }, - 'samlOrganizationName' => { - 'default' => 'Example', - 'type' => 'text' - }, - 'samlOrganizationURL' => { - 'default' => 'http://www.example.com', - 'type' => 'text' - }, - 'samlOverrideIDPEntityID' => { - 'default' => '', - 'type' => 'text' - }, - 'samlRelayStateTimeout' => { - 'default' => 600, - 'type' => 'int' - }, - 'samlServicePrivateKeyEnc' => { - 'default' => '', - 'type' => 'RSAPrivateKey' - }, - 'samlServicePrivateKeyEncPwd' => { - 'type' => 'password' - }, - 'samlServicePrivateKeySig' => { - 'default' => '', - 'type' => 'RSAPrivateKey' - }, - 'samlServicePrivateKeySigPwd' => { - 'default' => '', - 'type' => 'password' - }, - 'samlServicePublicKeyEnc' => { - 'default' => '', - 'type' => 'RSAPublicKeyOrCertificate' - }, - 'samlServicePublicKeySig' => { - 'default' => '', - 'type' => 'RSAPublicKeyOrCertificate' - }, - 'samlServiceSignatureMethod' => { - 'default' => 'RSA_SHA256', - 'select' => [ { - 'k' => 'RSA_SHA1', - 'v' => 'RSA SHA1' - }, - { - 'k' => 'RSA_SHA256', - 'v' => 'RSA SHA256' - }, - { - 'k' => 'RSA_SHA384', - 'v' => 'RSA SHA384' - }, - { - 'k' => 'RSA_SHA512', - 'v' => 'RSA SHA512' - } - ], - 'type' => 'select' - }, - 'samlServiceUseCertificateInResponse' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlSPMetaDataExportedAttributes' => { - 'default' => {}, - 'keyMsgFail' => '__badMetadataName__', - 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, - 'msgFail' => '__badValue__', - 'test' => qr/\w/, - 'type' => 'samlAttributeContainer' - }, - 'samlSPMetaDataMacros' => { - 'default' => {}, - 'test' => { - 'keyMsgFail' => '__badMacroName__', - 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, - 'test' => sub { - return perlExpr(@_); - } - }, - 'type' => 'keyTextContainer' - }, - 'samlSPMetaDataNodes' => { - 'type' => 'samlSPMetaDataNodeContainer' - }, - 'samlSPMetaDataOptions' => { - 'keyMsgFail' => '__badMetadataName__', - 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, - 'type' => 'keyTextContainer' - }, - 'samlSPMetaDataOptionsAuthnLevel' => { - 'type' => 'int' - }, - 'samlSPMetaDataOptionsCheckSLOMessageSignature' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlSPMetaDataOptionsCheckSSOMessageSignature' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlSPMetaDataOptionsEnableIDPInitiatedURL' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlSPMetaDataOptionsEncryptionMode' => { - 'default' => 'none', - 'select' => [ { - 'k' => 'none', - 'v' => 'None' - }, - { - 'k' => 'nameid', - 'v' => 'Name ID' - }, - { - 'k' => 'assertion', - 'v' => 'Assertion' - } - ], - 'type' => 'select' - }, - 'samlSPMetaDataOptionsForceUTF8' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlSPMetaDataOptionsNameIDFormat' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => '' - }, - { - 'k' => 'unspecified', - 'v' => 'Unspecified' - }, - { - 'k' => 'email', - 'v' => 'Email' - }, - { - 'k' => 'x509', - 'v' => 'X509 certificate' - }, - { - 'k' => 'windows', - 'v' => 'Windows' - }, - { - 'k' => 'kerberos', - 'v' => 'Kerberos' - }, - { - 'k' => 'entity', - 'v' => 'Entity' - }, - { - 'k' => 'persistent', - 'v' => 'Persistent' - }, - { - 'k' => 'transient', - 'v' => 'Transient' - }, - { - 'k' => 'encrypted', - 'v' => 'Encrypted' - } - ], - 'type' => 'select' - }, - 'samlSPMetaDataOptionsNameIDSessionKey' => { - 'type' => 'text' - }, - 'samlSPMetaDataOptionsNotOnOrAfterTimeout' => { - 'default' => 72000, - 'type' => 'int' - }, - 'samlSPMetaDataOptionsOneTimeUse' => { - 'default' => 0, - 'type' => 'bool' - }, - 'samlSPMetaDataOptionsRule' => { - 'test' => sub { - return perlExpr(@_); - }, - 'type' => 'text' - }, - 'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => { - 'default' => 72000, - 'type' => 'int' - }, - 'samlSPMetaDataOptionsSignatureMethod' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => 'default' - }, - { - 'k' => 'RSA_SHA1', - 'v' => 'RSA SHA1' - }, - { - 'k' => 'RSA_SHA256', - 'v' => 'RSA SHA256' - }, - { - 'k' => 'RSA_SHA384', - 'v' => 'RSA SHA384' - }, - { - 'k' => 'RSA_SHA512', - 'v' => 'RSA SHA512' - } - ], - 'type' => 'select' - }, - 'samlSPMetaDataOptionsSignSLOMessage' => { - 'default' => -1, - 'type' => 'trool' - }, - 'samlSPMetaDataOptionsSignSSOMessage' => { - 'default' => -1, - 'type' => 'trool' - }, - 'samlSPMetaDataXML' => { - 'type' => 'file' - }, - 'samlSPSSODescriptorArtifactResolutionServiceArtifact' => { - 'default' => -'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', - 'type' => 'samlAssertion' - }, - 'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' => { - 'default' => -'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact', - 'type' => 'samlAssertion' - }, - 'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => { - 'default' => -'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost', - 'type' => 'samlAssertion' - }, - 'samlSPSSODescriptorAuthnRequestsSigned' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', - 'type' => 'samlService' - }, - 'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', - 'type' => 'samlService' - }, - 'samlSPSSODescriptorSingleLogoutServiceSOAP' => { - 'default' => -'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;', - 'type' => 'samlService' - }, - 'samlSPSSODescriptorWantAssertionsSigned' => { - 'default' => 1, - 'type' => 'bool' - }, - 'samlStorage' => { - 'type' => 'PerlModule' - }, - 'samlStorageOptions' => { - 'type' => 'keyTextContainer' - }, - 'samlUseQueryStringSpecific' => { - 'default' => 0, - 'type' => 'bool' - }, - 'securedCookie' => { - 'default' => 0, - 'select' => [ { - 'k' => '0', - 'v' => 'unsecuredCookie' - }, - { - 'k' => '1', - 'v' => 'securedCookie' - }, - { - 'k' => '2', - 'v' => 'doubleCookie' - }, - { - 'k' => '3', - 'v' => 'doubleCookieForSingleSession' - } - ], - 'type' => 'select' - }, - 'secureTokenAllowOnError' => { - 'type' => 'text' - }, - 'secureTokenAttribute' => { - 'type' => 'text' - }, - 'secureTokenExpiration' => { - 'type' => 'text' - }, - 'secureTokenHeader' => { - 'type' => 'text' - }, - 'secureTokenMemcachedServers' => { - 'type' => 'text' - }, - 'secureTokenUrls' => { - 'type' => 'text' - }, - 'sentryDsn' => { - 'type' => 'text' - }, - 'sessionDataToRemember' => { - 'keyMsgFail' => '__invalidSessionData__', - 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, - 'type' => 'keyTextContainer' - }, - 'sfEngine' => { - 'default' => '::2F::Engines::Default', - 'type' => 'text' - }, - 'sfExtra' => { - 'keyTest' => qr/^\w+$/, - 'select' => [ { - 'k' => 'Mail2F', - 'v' => 'E-Mail' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'Ext2F', - 'v' => 'External' - }, - { - 'k' => 'Radius', - 'v' => 'Radius' - } - ], - 'test' => sub { - 1; - }, - 'type' => 'sfExtraContainer' - }, - 'sfManagerRule' => { - 'default' => 1, - 'type' => 'boolOrExpr' - }, - 'sfOnlyUpgrade' => { - 'type' => 'bool' - }, - 'sfRegisterTimeout' => { - 'type' => 'int' - }, - 'sfRemovedMsgRule' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'sfRemovedNotifMsg' => { - 'default' => -'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', - 'type' => 'text' - }, - 'sfRemovedNotifRef' => { - 'default' => 'RemoveSF', - 'type' => 'text' - }, - 'sfRemovedNotifTitle' => { - 'default' => 'Second factor notification', - 'type' => 'text' - }, - 'sfRemovedUseNotif' => { - 'default' => 0, - 'type' => 'bool' - }, - 'sfRequired' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'showLanguages' => { - 'default' => 1, - 'type' => 'bool' - }, - 'singleIP' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'singleSession' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'singleUserByIP' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'skipRenewConfirmation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'skipUpgradeConfirmation' => { - 'default' => 0, - 'type' => 'bool' - }, - 'slaveAuthnLevel' => { - 'default' => 2, - 'type' => 'int' - }, - 'slaveDisplayLogo' => { - 'default' => 0, - 'type' => 'bool' - }, - 'slaveExportedVars' => { - 'default' => {}, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'slaveHeaderContent' => { - 'type' => 'text' - }, - 'slaveHeaderName' => { - 'type' => 'text' - }, - 'slaveMasterIP' => { - 'msgFail' => '__badIPv4Address__', - 'test' => qr/^((?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)\s*)*$/, - 'type' => 'text' - }, - 'slaveUserHeader' => { - 'type' => 'text' - }, - 'SMTPAuthPass' => { - 'type' => 'password' - }, - 'SMTPAuthUser' => { - 'type' => 'text' - }, - 'SMTPPort' => { - 'type' => 'int' - }, - 'SMTPServer' => { - 'default' => '', - 'test' => -qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/, - 'type' => 'text' - }, - 'SMTPTLS' => { - 'default' => '', - 'select' => [ { - 'k' => '', - 'v' => 'none' - }, - { - 'k' => 'starttls', - 'v' => 'SMTP + STARTTLS' - }, - { - 'k' => 'ssl', - 'v' => 'SMTPS' - } - ], - 'type' => 'select' - }, - 'SMTPTLSOpts' => { - 'type' => 'keyTextContainer' - }, - 'soapConfigServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'soapProxyUrn' => { - 'default' => 'urn:Lemonldap/NG/Common/PSGI/SOAPService', - 'type' => 'text' - }, - 'soapSessionServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'SSLAuthnLevel' => { - 'default' => 5, - 'type' => 'int' - }, - 'sslByAjax' => { - 'default' => 0, - 'type' => 'bool' - }, - 'sslHost' => { - 'type' => 'url' - }, - 'SSLVar' => { - 'default' => 'SSL_CLIENT_S_DN_Email', - 'type' => 'text' - }, - 'SSLVarIf' => { - 'default' => {}, - 'keyTest' => sub { - 1; - }, - 'type' => 'keyTextContainer' - }, - 'staticPrefix' => { - 'type' => 'text' - }, - 'status' => { - 'type' => 'bool' - }, - 'stayConnected' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'stayConnectedBypassFG' => { - 'default' => 0, - 'type' => 'bool' - }, - 'stayConnectedCookieName' => { - 'default' => 'llngconnection', - 'msgFail' => '__badCookieName__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, - 'type' => 'text' - }, - 'stayConnectedTimeout' => { - 'default' => 2592000, - 'type' => 'int' - }, - 'storePassword' => { - 'default' => 0, - 'type' => 'bool' - }, - 'successLoginNumber' => { - 'default' => 5, - 'type' => 'int' - }, - 'syslogFacility' => { - 'type' => 'text' - }, - 'timeout' => { - 'default' => 72000, - 'test' => sub { - $_[0] > 0; - }, - 'type' => 'int' - }, - 'timeoutActivity' => { - 'default' => 0, - 'test' => sub { - $_[0] >= 0; - }, - 'type' => 'int' - }, - 'timeoutActivityInterval' => { - 'default' => 60, - 'test' => sub { - $_[0] >= 0; - }, - 'type' => 'int' - }, - 'tokenUseGlobalStorage' => { - 'default' => 0, - 'type' => 'bool' - }, - 'totp2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'totp2fAuthnLevel' => { - 'type' => 'int' - }, - 'totp2fDigits' => { - 'default' => 6, - 'type' => 'int' - }, - 'totp2fEncryptSecret' => { - 'default' => 0, - 'type' => 'bool' - }, - 'totp2fInterval' => { - 'default' => 30, - 'type' => 'int' - }, - 'totp2fIssuer' => { - 'type' => 'text' - }, - 'totp2fLabel' => { - 'type' => 'text' - }, - 'totp2fLogo' => { - 'type' => 'text' - }, - 'totp2fRange' => { - 'default' => 1, - 'type' => 'int' - }, - 'totp2fSelfRegistration' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'totp2fTTL' => { - 'type' => 'int' - }, - 'totp2fUserCanRemoveKey' => { - 'default' => 1, - 'type' => 'bool' - }, - 'trustedDomains' => { - 'type' => 'text' - }, - 'twitterAppName' => { - 'type' => 'text' - }, - 'twitterAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'twitterKey' => { - 'type' => 'text' - }, - 'twitterSecret' => { - 'type' => 'text' - }, - 'twitterUserField' => { - 'default' => 'screen_name', - 'type' => 'text' - }, - 'u2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'u2fAuthnLevel' => { - 'type' => 'int' - }, - 'u2fLabel' => { - 'type' => 'text' - }, - 'u2fLogo' => { - 'type' => 'text' - }, - 'u2fSelfRegistration' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'u2fTTL' => { - 'type' => 'int' - }, - 'u2fUserCanRemoveKey' => { - 'default' => 1, - 'type' => 'bool' - }, - 'upgradeSession' => { - 'default' => 1, - 'type' => 'bool' - }, - 'userControl' => { - 'default' => '^[\\w\\.\\-@]+$', - 'type' => 'pcre' - }, - 'userDB' => { - 'default' => 'Same', - 'select' => [ { - 'k' => 'Same', - 'v' => 'Same' - }, - { - 'k' => 'AD', - 'v' => 'Active Directory' - }, - { - 'k' => 'DBI', - 'v' => 'Database (DBI)' - }, - { - 'k' => 'LDAP', - 'v' => 'LDAP' - }, - { - 'k' => 'REST', - 'v' => 'REST' - }, - { - 'k' => 'Null', - 'v' => 'None' - }, - { - 'k' => 'Custom', - 'v' => 'customModule' - } - ], - 'type' => 'select' - }, - 'useRedirectOnError' => { - 'default' => 1, - 'type' => 'bool' - }, - 'useRedirectOnForbidden' => { - 'default' => 0, - 'type' => 'bool' - }, - 'userLogger' => { - 'type' => 'text' - }, - 'userPivot' => { - 'type' => 'text' - }, - 'userSyslogFacility' => { - 'type' => 'text' - }, - 'useSafeJail' => { - 'default' => 1, - 'type' => 'bool' - }, - 'utotp2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'utotp2fAuthnLevel' => { - 'type' => 'int' - }, - 'utotp2fLabel' => { - 'type' => 'text' - }, - 'utotp2fLogo' => { - 'type' => 'text' - }, - 'vhostAccessToTrace' => { - 'default' => '', - 'type' => 'text' - }, - 'vhostAliases' => { - 'default' => '', - 'type' => 'text' - }, - 'vhostAuthnLevel' => { - 'type' => 'int' - }, - 'vhostDevOpsRulesUrl' => { - 'type' => 'url' - }, - 'vhostHttps' => { - 'default' => -1, - 'type' => 'trool' - }, - 'vhostMaintenance' => { - 'default' => 0, - 'type' => 'bool' - }, - 'vhostOptions' => { - 'type' => 'subContainer' - }, - 'vhostPort' => { - 'default' => -1, - 'type' => 'int' - }, - 'vhostServiceTokenTTL' => { - 'default' => -1, - 'type' => 'int' - }, - 'vhostType' => { - 'default' => 'Main', - 'select' => [ { - 'k' => 'AuthBasic', - 'v' => 'AuthBasic' - }, - { - 'k' => 'CDA', - 'v' => 'CDA' - }, - { - 'k' => 'DevOps', - 'v' => 'DevOps' - }, - { - 'k' => 'DevOpsST', - 'v' => 'DevOpsST' - }, - { - 'k' => 'Main', - 'v' => 'Main' - }, - { - 'k' => 'OAuth2', - 'v' => 'OAuth2' - }, - { - 'k' => 'SecureToken', - 'v' => 'SecureToken' - }, - { - 'k' => 'ServiceToken', - 'v' => 'ServiceToken' - }, - { - 'k' => 'ZimbraPreAuth', - 'v' => 'ZimbraPreAuth' - } - ], - 'type' => 'select' - }, - 'viewerAllowBrowser' => { - 'default' => 0, - 'type' => 'bool' - }, - 'viewerAllowDiff' => { - 'default' => 0, - 'type' => 'bool' - }, - 'viewerHiddenKeys' => { - 'default' => 'samlIDPMetaDataNodes, samlSPMetaDataNodes', - 'type' => 'text' - }, - 'virtualHosts' => { - 'type' => 'virtualHostContainer' - }, - 'webauthn2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'webauthn2fAuthnLevel' => { - 'type' => 'int' - }, - 'webauthn2fLabel' => { - 'type' => 'text' - }, - 'webauthn2fLogo' => { - 'type' => 'text' - }, - 'webauthn2fSelfRegistration' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'webauthn2fUserCanRemoveKey' => { - 'default' => 1, - 'type' => 'bool' - }, - 'webauthn2fUserVerification' => { - 'default' => 'preferred', - 'select' => [ { - 'k' => 'discouraged', - 'v' => 'Discouraged' - }, - { - 'k' => 'preferred', - 'v' => 'Preferred' - }, - { - 'k' => 'required', - 'v' => 'Required' - } - ], - 'type' => 'select' - }, - 'webauthnDisplayNameAttr' => { - 'type' => 'text' - }, - 'webauthnRpName' => { - 'type' => 'text' - }, - 'webIDAuthnLevel' => { - 'default' => 1, - 'type' => 'int' - }, - 'webIDExportedVars' => { - 'default' => {}, - 'keyMsgFail' => '__badVariableName__', - 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, - 'msgFail' => '__badValue__', - 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, - 'type' => 'keyTextContainer' - }, - 'webIDWhitelist' => { - 'type' => 'text' - }, - 'whatToTrace' => { - 'default' => 'uid', - 'type' => 'lmAttrOrMacro' - }, - 'wsdlServer' => { - 'default' => 0, - 'type' => 'bool' - }, - 'yubikey2fActivation' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'yubikey2fAuthnLevel' => { - 'type' => 'int' - }, - 'yubikey2fClientID' => { - 'type' => 'text' - }, - 'yubikey2fFromSessionAttribute' => { - 'type' => 'text' - }, - 'yubikey2fLabel' => { - 'type' => 'text' - }, - 'yubikey2fLogo' => { - 'type' => 'text' - }, - 'yubikey2fNonce' => { - 'type' => 'text' - }, - 'yubikey2fPublicIDSize' => { - 'default' => 12, - 'type' => 'int' - }, - 'yubikey2fSecretKey' => { - 'type' => 'text' - }, - 'yubikey2fSelfRegistration' => { - 'default' => 0, - 'type' => 'boolOrExpr' - }, - 'yubikey2fTTL' => { - 'type' => 'int' - }, - 'yubikey2fUrl' => { - 'type' => 'text' - }, - 'yubikey2fUserCanRemoveKey' => { - 'default' => 1, - 'type' => 'bool' - }, - 'zimbraAccountKey' => { - 'type' => 'text' - }, - 'zimbraBy' => { - 'type' => 'text' - }, - 'zimbraPreAuthKey' => { - 'type' => 'text' - }, - 'zimbraSsoUrl' => { - 'type' => 'text' - }, - 'zimbraUrl' => { - 'type' => 'text' - } - }; + 'protection' => { + 'msgFail' => '__authorizedValues__: none authenticate manager', + 'test' => qr/^(?:none|authenticate|manager|)$/, + 'type' => 'text' + }, + 'proxyAuthnLevel' => { + 'default' => 2, + 'type' => 'int' + }, + 'proxyAuthService' => { + 'type' => 'text' + }, + 'proxyAuthServiceChoiceParam' => { + 'default' => 'lmAuth', + 'type' => 'text' + }, + 'proxyAuthServiceChoiceValue' => { + 'type' => 'text' + }, + 'proxyAuthServiceImpersonation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'proxyCookieName' => { + 'msgFail' => '__badCookieName__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, + 'type' => 'text' + }, + 'proxySessionService' => { + 'type' => 'text' + }, + 'proxyUseSoap' => { + 'default' => 0, + 'type' => 'bool' + }, + 'radius2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'radius2fAuthnLevel' => { + 'type' => 'int' + }, + 'radius2fLabel' => { + 'type' => 'text' + }, + 'radius2fLogo' => { + 'type' => 'text' + }, + 'radius2fSecret' => { + 'type' => 'text' + }, + 'radius2fServer' => { + 'type' => 'text' + }, + 'radius2fTimeout' => { + 'default' => 20, + 'type' => 'int' + }, + 'radius2fUsernameSessionKey' => { + 'type' => 'text' + }, + 'radiusAuthnLevel' => { + 'default' => 3, + 'type' => 'int' + }, + 'radiusSecret' => { + 'type' => 'text' + }, + 'radiusServer' => { + 'type' => 'text' + }, + 'randomPasswordRegexp' => { + 'default' => '[A-Z]{3}[a-z]{5}.\\d{2}', + 'type' => 'pcre' + }, + 'redirectFormMethod' => { + 'default' => 'get', + 'select' => [ + { + 'k' => 'get', + 'v' => 'GET' + }, + { + 'k' => 'post', + 'v' => 'POST' + } + ], + 'type' => 'select' + }, + 'refreshSessions' => { + 'type' => 'bool' + }, + 'registerConfirmBody' => { + 'type' => 'longtext' + }, + 'registerConfirmSubject' => { + 'type' => 'text' + }, + 'registerDB' => { + 'default' => 'Null', + 'select' => [ + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'Demo', + 'v' => 'Demonstration' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + 'type' => 'select' + }, + 'registerDoneBody' => { + 'type' => 'longtext' + }, + 'registerDoneSubject' => { + 'type' => 'text' + }, + 'registerTimeout' => { + 'default' => 0, + 'type' => 'int' + }, + 'registerUrl' => { + 'default' => 'http://auth.example.com/register', + 'type' => 'text' + }, + 'reloadTimeout' => { + 'default' => 5, + 'type' => 'int' + }, + 'reloadUrls' => { + 'keyTest' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/, + 'msgFail' => '__badUrl__', + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, + 'type' => 'keyTextContainer' + }, + 'rememberAuthChoiceRule' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'rememberCookieName' => { + 'default' => 'llngrememberauthchoice', + 'msgFail' => '__badCookieName__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, + 'type' => 'text' + }, + 'rememberCookieTimeout' => { + 'default' => 31536000, + 'type' => 'int' + }, + 'rememberDefaultChecked' => { + 'default' => 0, + 'type' => 'bool' + }, + 'rememberTimer' => { + 'default' => 5, + 'type' => 'int' + }, + 'remoteCookieName' => { + 'msgFail' => '__badCookieName__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, + 'type' => 'text' + }, + 'remoteGlobalStorage' => { + 'default' => 'Lemonldap::NG::Common::Apache::Session::SOAP', + 'type' => 'PerlModule' + }, + 'remoteGlobalStorageOptions' => { + 'default' => { + 'ns' => 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', + 'proxy' => 'http://auth.example.com/sessions' + }, + 'type' => 'keyTextContainer' + }, + 'remotePortal' => { + 'type' => 'text' + }, + 'requireToken' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'rest2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'rest2fAuthnLevel' => { + 'type' => 'int' + }, + 'rest2fInitArgs' => { + 'keyMsgFail' => '__badKeyName__', + 'keyTest' => qr/^\w+$/, + 'msgFail' => '__badValue__', + 'test' => qr/^\w+$/, + 'type' => 'keyTextContainer' + }, + 'rest2fInitUrl' => { + 'type' => 'url' + }, + 'rest2fLabel' => { + 'type' => 'text' + }, + 'rest2fLogo' => { + 'type' => 'text' + }, + 'rest2fVerifyArgs' => { + 'type' => 'keyTextContainer' + }, + 'rest2fVerifyUrl' => { + 'keyMsgFail' => '__badKeyName__', + 'keyTest' => qr/^\w+$/, + 'msgFail' => '__badValue__', + 'test' => qr/^\w+$/, + 'type' => 'url' + }, + 'restAuthnLevel' => { + 'default' => 2, + 'type' => 'int' + }, + 'restAuthServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'restAuthUrl' => { + 'type' => 'url' + }, + 'restClockTolerance' => { + 'default' => 15, + 'type' => 'int' + }, + 'restConfigServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'restExportSecretKeys' => { + 'default' => 0, + 'type' => 'bool' + }, + 'restFindUserDBUrl' => { + 'type' => 'url' + }, + 'restPasswordServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'restPwdConfirmUrl' => { + 'type' => 'url' + }, + 'restPwdModifyUrl' => { + 'type' => 'url' + }, + 'restSessionServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'restUserDBUrl' => { + 'type' => 'url' + }, + 'sameSite' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'Strict', + 'v' => 'Strict' + }, + { + 'k' => 'Lax', + 'v' => 'Lax' + }, + { + 'k' => 'None', + 'v' => 'None' + } + ], + 'type' => 'select' + }, + 'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;', + 'type' => 'samlService' + }, + 'samlAuthnContextMapKerberos' => { + 'default' => 4, + 'type' => 'int' + }, + 'samlAuthnContextMapPassword' => { + 'default' => 2, + 'type' => 'int' + }, + 'samlAuthnContextMapPasswordProtectedTransport' => { + 'default' => 3, + 'type' => 'int' + }, + 'samlAuthnContextMapTLSClient' => { + 'default' => 5, + 'type' => 'int' + }, + 'samlCommonDomainCookieActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlCommonDomainCookieDomain' => { + 'msgFail' => '__badDomainName__', + 'test' => qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, + 'type' => 'text' + }, + 'samlCommonDomainCookieReader' => { + 'msgFail' => '__badUrl__', + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, + 'type' => 'text' + }, + 'samlCommonDomainCookieWriter' => { + 'msgFail' => '__badUrl__', + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, + 'type' => 'text' + }, + 'samlDiscoveryProtocolActivation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlDiscoveryProtocolIsPassive' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlDiscoveryProtocolPolicy' => { + 'type' => 'text' + }, + 'samlDiscoveryProtocolURL' => { + 'msgFail' => '__badUrl__', + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, + 'type' => 'text' + }, + 'samlEntityID' => { + 'default' => '#PORTAL#/saml/metadata', + 'type' => 'text' + }, + 'samlIDPMetaDataExportedAttributes' => { + 'default' => {}, + 'keyMsgFail' => '__badMetadataName__', + 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, + 'msgFail' => '__badValue__', + 'test' => qr/\w/, + 'type' => 'samlAttributeContainer' + }, + 'samlIDPMetaDataNodes' => { + 'type' => 'samlIDPMetaDataNodeContainer' + }, + 'samlIDPMetaDataOptions' => { + 'keyMsgFail' => '__badMetadataName__', + 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, + 'type' => 'keyTextContainer' + }, + 'samlIDPMetaDataOptionsAdaptSessionUtime' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsAllowLoginFromIDP' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsAllowProxiedAuthn' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsCheckAudience' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsCheckSLOMessageSignature' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsCheckSSOMessageSignature' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsCheckTime' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsDisplayName' => { + 'type' => 'text' + }, + 'samlIDPMetaDataOptionsEncryptionMode' => { + 'default' => 'none', + 'select' => [ + { + 'k' => 'none', + 'v' => 'None' + }, + { + 'k' => 'nameid', + 'v' => 'Name ID' + }, + { + 'k' => 'assertion', + 'v' => 'Assertion' + } + ], + 'type' => 'select' + }, + 'samlIDPMetaDataOptionsForceAuthn' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsForceUTF8' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsIcon' => { + 'type' => 'text' + }, + 'samlIDPMetaDataOptionsIsPassive' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsNameIDFormat' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'unspecified', + 'v' => 'Unspecified' + }, + { + 'k' => 'email', + 'v' => 'Email' + }, + { + 'k' => 'x509', + 'v' => 'X509 certificate' + }, + { + 'k' => 'windows', + 'v' => 'Windows' + }, + { + 'k' => 'kerberos', + 'v' => 'Kerberos' + }, + { + 'k' => 'entity', + 'v' => 'Entity' + }, + { + 'k' => 'persistent', + 'v' => 'Persistent' + }, + { + 'k' => 'transient', + 'v' => 'Transient' + }, + { + 'k' => 'encrypted', + 'v' => 'Encrypted' + } + ], + 'type' => 'select' + }, + 'samlIDPMetaDataOptionsRelayStateURL' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsRequestedAuthnContext' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'kerberos', + 'v' => 'Kerberos' + }, + { + 'k' => 'password-protected-transport', + 'v' => 'Password protected transport' + }, + { + 'k' => 'password', + 'v' => 'Password' + }, + { + 'k' => 'tls-client', + 'v' => 'TLS client certificate' + } + ], + 'type' => 'select' + }, + 'samlIDPMetaDataOptionsResolutionRule' => { + 'default' => '', + 'type' => 'longtext' + }, + 'samlIDPMetaDataOptionsSignatureMethod' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => 'default' + }, + { + 'k' => 'RSA_SHA1', + 'v' => 'RSA SHA1' + }, + { + 'k' => 'RSA_SHA256', + 'v' => 'RSA SHA256' + }, + { + 'k' => 'RSA_SHA384', + 'v' => 'RSA SHA384' + }, + { + 'k' => 'RSA_SHA512', + 'v' => 'RSA SHA512' + } + ], + 'type' => 'select' + }, + 'samlIDPMetaDataOptionsSignSLOMessage' => { + 'default' => -1, + 'type' => 'trool' + }, + 'samlIDPMetaDataOptionsSignSSOMessage' => { + 'default' => -1, + 'type' => 'trool' + }, + 'samlIDPMetaDataOptionsSLOBinding' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'http-post', + 'v' => 'POST' + }, + { + 'k' => 'http-redirect', + 'v' => 'Redirect' + }, + { + 'k' => 'http-soap', + 'v' => 'SOAP' + } + ], + 'type' => 'select' + }, + 'samlIDPMetaDataOptionsSortNumber' => { + 'type' => 'int' + }, + 'samlIDPMetaDataOptionsSSOBinding' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'http-post', + 'v' => 'POST' + }, + { + 'k' => 'http-redirect', + 'v' => 'Redirect' + }, + { + 'k' => 'artifact-get', + 'v' => 'Artifact GET' + } + ], + 'type' => 'select' + }, + 'samlIDPMetaDataOptionsStoreSAMLToken' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlIDPMetaDataOptionsUserAttribute' => { + 'type' => 'text' + }, + 'samlIDPMetaDataXML' => { + 'test' => sub { + my $v = shift(); + return 1 unless $v and %$v; + my @msg; + my $res = 1; + my %entityIds; + foreach my $idpId (keys %$v) { + unless ($v->{$idpId}{'samlIDPMetaDataXML'} =~ /entityID="(.+?)"/is) { + push @msg, "$idpId SAML metadata has no EntityID"; + $res = 0; + next; + } + my $eid = $1; + if (defined $entityIds{$eid}) { + push @msg, "$idpId and $entityIds{$eid} have the same SAML EntityID"; + $res = 0; + next; + } + $entityIds{$eid} = $idpId; + } + return $res, join(', ', @msg); + }, + 'type' => 'file' + }, + 'samlIDPSSODescriptorArtifactResolutionServiceArtifact' => { + 'default' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', + 'type' => 'samlAssertion' + }, + 'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', + 'type' => 'samlService' + }, + 'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn', + 'type' => 'samlService' + }, + 'samlIDPSSODescriptorSingleLogoutServiceSOAP' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;', + 'type' => 'samlService' + }, + 'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;', + 'type' => 'samlService' + }, + 'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;', + 'type' => 'samlService' + }, + 'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;', + 'type' => 'samlService' + }, + 'samlIDPSSODescriptorWantAuthnRequestsSigned' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlMetadataForceUTF8' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlNameIDFormatMapEmail' => { + 'default' => 'mail', + 'type' => 'text' + }, + 'samlNameIDFormatMapKerberos' => { + 'default' => 'uid', + 'type' => 'text' + }, + 'samlNameIDFormatMapWindows' => { + 'default' => 'uid', + 'type' => 'text' + }, + 'samlNameIDFormatMapX509' => { + 'default' => 'mail', + 'type' => 'text' + }, + 'samlOrganizationDisplayName' => { + 'default' => 'Example', + 'type' => 'text' + }, + 'samlOrganizationName' => { + 'default' => 'Example', + 'type' => 'text' + }, + 'samlOrganizationURL' => { + 'default' => 'http://www.example.com', + 'type' => 'text' + }, + 'samlOverrideIDPEntityID' => { + 'default' => '', + 'type' => 'text' + }, + 'samlRelayStateTimeout' => { + 'default' => 600, + 'type' => 'int' + }, + 'samlServicePrivateKeyEnc' => { + 'default' => '', + 'type' => 'RSAPrivateKey' + }, + 'samlServicePrivateKeyEncPwd' => { + 'type' => 'password' + }, + 'samlServicePrivateKeySig' => { + 'default' => '', + 'type' => 'RSAPrivateKey' + }, + 'samlServicePrivateKeySigPwd' => { + 'default' => '', + 'type' => 'password' + }, + 'samlServicePublicKeyEnc' => { + 'default' => '', + 'type' => 'RSAPublicKeyOrCertificate' + }, + 'samlServicePublicKeySig' => { + 'default' => '', + 'type' => 'RSAPublicKeyOrCertificate' + }, + 'samlServiceSignatureMethod' => { + 'default' => 'RSA_SHA256', + 'select' => [ + { + 'k' => 'RSA_SHA1', + 'v' => 'RSA SHA1' + }, + { + 'k' => 'RSA_SHA256', + 'v' => 'RSA SHA256' + }, + { + 'k' => 'RSA_SHA384', + 'v' => 'RSA SHA384' + }, + { + 'k' => 'RSA_SHA512', + 'v' => 'RSA SHA512' + } + ], + 'type' => 'select' + }, + 'samlServiceUseCertificateInResponse' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlSPMetaDataExportedAttributes' => { + 'default' => {}, + 'keyMsgFail' => '__badMetadataName__', + 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, + 'msgFail' => '__badValue__', + 'test' => qr/\w/, + 'type' => 'samlAttributeContainer' + }, + 'samlSPMetaDataMacros' => { + 'default' => {}, + 'test' => { + 'keyMsgFail' => '__badMacroName__', + 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, + 'samlSPMetaDataNodes' => { + 'type' => 'samlSPMetaDataNodeContainer' + }, + 'samlSPMetaDataOptions' => { + 'keyMsgFail' => '__badMetadataName__', + 'keyTest' => qr/^[a-zA-Z](?:[a-zA-Z0-9_\-\.]*\w)?$/, + 'type' => 'keyTextContainer' + }, + 'samlSPMetaDataOptionsAuthnLevel' => { + 'type' => 'int' + }, + 'samlSPMetaDataOptionsCheckSLOMessageSignature' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlSPMetaDataOptionsCheckSSOMessageSignature' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlSPMetaDataOptionsEnableIDPInitiatedURL' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlSPMetaDataOptionsEncryptionMode' => { + 'default' => 'none', + 'select' => [ + { + 'k' => 'none', + 'v' => 'None' + }, + { + 'k' => 'nameid', + 'v' => 'Name ID' + }, + { + 'k' => 'assertion', + 'v' => 'Assertion' + } + ], + 'type' => 'select' + }, + 'samlSPMetaDataOptionsForceUTF8' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlSPMetaDataOptionsNameIDFormat' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => '' + }, + { + 'k' => 'unspecified', + 'v' => 'Unspecified' + }, + { + 'k' => 'email', + 'v' => 'Email' + }, + { + 'k' => 'x509', + 'v' => 'X509 certificate' + }, + { + 'k' => 'windows', + 'v' => 'Windows' + }, + { + 'k' => 'kerberos', + 'v' => 'Kerberos' + }, + { + 'k' => 'entity', + 'v' => 'Entity' + }, + { + 'k' => 'persistent', + 'v' => 'Persistent' + }, + { + 'k' => 'transient', + 'v' => 'Transient' + }, + { + 'k' => 'encrypted', + 'v' => 'Encrypted' + } + ], + 'type' => 'select' + }, + 'samlSPMetaDataOptionsNameIDSessionKey' => { + 'type' => 'text' + }, + 'samlSPMetaDataOptionsNotOnOrAfterTimeout' => { + 'default' => 72000, + 'type' => 'int' + }, + 'samlSPMetaDataOptionsOneTimeUse' => { + 'default' => 0, + 'type' => 'bool' + }, + 'samlSPMetaDataOptionsRule' => { + 'test' => sub { + return perlExpr(@_); + }, + 'type' => 'text' + }, + 'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => { + 'default' => 72000, + 'type' => 'int' + }, + 'samlSPMetaDataOptionsSignatureMethod' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => 'default' + }, + { + 'k' => 'RSA_SHA1', + 'v' => 'RSA SHA1' + }, + { + 'k' => 'RSA_SHA256', + 'v' => 'RSA SHA256' + }, + { + 'k' => 'RSA_SHA384', + 'v' => 'RSA SHA384' + }, + { + 'k' => 'RSA_SHA512', + 'v' => 'RSA SHA512' + } + ], + 'type' => 'select' + }, + 'samlSPMetaDataOptionsSignSLOMessage' => { + 'default' => -1, + 'type' => 'trool' + }, + 'samlSPMetaDataOptionsSignSSOMessage' => { + 'default' => -1, + 'type' => 'trool' + }, + 'samlSPMetaDataXML' => { + 'type' => 'file' + }, + 'samlSPSSODescriptorArtifactResolutionServiceArtifact' => { + 'default' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact', + 'type' => 'samlAssertion' + }, + 'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' => { + 'default' => '0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact', + 'type' => 'samlAssertion' + }, + 'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => { + 'default' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost', + 'type' => 'samlAssertion' + }, + 'samlSPSSODescriptorAuthnRequestsSigned' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', + 'type' => 'samlService' + }, + 'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', + 'type' => 'samlService' + }, + 'samlSPSSODescriptorSingleLogoutServiceSOAP' => { + 'default' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;', + 'type' => 'samlService' + }, + 'samlSPSSODescriptorWantAssertionsSigned' => { + 'default' => 1, + 'type' => 'bool' + }, + 'samlStorage' => { + 'type' => 'PerlModule' + }, + 'samlStorageOptions' => { + 'type' => 'keyTextContainer' + }, + 'samlUseQueryStringSpecific' => { + 'default' => 0, + 'type' => 'bool' + }, + 'securedCookie' => { + 'default' => 0, + 'select' => [ + { + 'k' => '0', + 'v' => 'unsecuredCookie' + }, + { + 'k' => '1', + 'v' => 'securedCookie' + }, + { + 'k' => '2', + 'v' => 'doubleCookie' + }, + { + 'k' => '3', + 'v' => 'doubleCookieForSingleSession' + } + ], + 'type' => 'select' + }, + 'secureTokenAllowOnError' => { + 'type' => 'text' + }, + 'secureTokenAttribute' => { + 'type' => 'text' + }, + 'secureTokenExpiration' => { + 'type' => 'text' + }, + 'secureTokenHeader' => { + 'type' => 'text' + }, + 'secureTokenMemcachedServers' => { + 'type' => 'text' + }, + 'secureTokenUrls' => { + 'type' => 'text' + }, + 'sentryDsn' => { + 'type' => 'text' + }, + 'sessionDataToRemember' => { + 'keyMsgFail' => '__invalidSessionData__', + 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + 'type' => 'keyTextContainer' + }, + 'sfEngine' => { + 'default' => '::2F::Engines::Default', + 'type' => 'text' + }, + 'sfExtra' => { + 'keyTest' => qr/^\w+$/, + 'select' => [ + { + 'k' => 'Mail2F', + 'v' => 'E-Mail' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'Ext2F', + 'v' => 'External' + }, + { + 'k' => 'Radius', + 'v' => 'Radius' + } + ], + 'test' => sub { + 1; + }, + 'type' => 'sfExtraContainer' + }, + 'sfManagerRule' => { + 'default' => 1, + 'type' => 'boolOrExpr' + }, + 'sfOnlyUpgrade' => { + 'type' => 'bool' + }, + 'sfRegisterTimeout' => { + 'type' => 'int' + }, + 'sfRemovedMsgRule' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'sfRemovedNotifMsg' => { + 'default' => '_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', + 'type' => 'text' + }, + 'sfRemovedNotifRef' => { + 'default' => 'RemoveSF', + 'type' => 'text' + }, + 'sfRemovedNotifTitle' => { + 'default' => 'Second factor notification', + 'type' => 'text' + }, + 'sfRemovedUseNotif' => { + 'default' => 0, + 'type' => 'bool' + }, + 'sfRequired' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'showLanguages' => { + 'default' => 1, + 'type' => 'bool' + }, + 'singleIP' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'singleSession' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'singleUserByIP' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'skipRenewConfirmation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'skipUpgradeConfirmation' => { + 'default' => 0, + 'type' => 'bool' + }, + 'slaveAuthnLevel' => { + 'default' => 2, + 'type' => 'int' + }, + 'slaveDisplayLogo' => { + 'default' => 0, + 'type' => 'bool' + }, + 'slaveExportedVars' => { + 'default' => {}, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'slaveHeaderContent' => { + 'type' => 'text' + }, + 'slaveHeaderName' => { + 'type' => 'text' + }, + 'slaveMasterIP' => { + 'msgFail' => '__badIPv4Address__', + 'test' => qr/^((?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)\s*)*$/, + 'type' => 'text' + }, + 'slaveUserHeader' => { + 'type' => 'text' + }, + 'SMTPAuthPass' => { + 'type' => 'password' + }, + 'SMTPAuthUser' => { + 'type' => 'text' + }, + 'SMTPPort' => { + 'type' => 'int' + }, + 'SMTPServer' => { + 'default' => '', + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/, + 'type' => 'text' + }, + 'SMTPTLS' => { + 'default' => '', + 'select' => [ + { + 'k' => '', + 'v' => 'none' + }, + { + 'k' => 'starttls', + 'v' => 'SMTP + STARTTLS' + }, + { + 'k' => 'ssl', + 'v' => 'SMTPS' + } + ], + 'type' => 'select' + }, + 'SMTPTLSOpts' => { + 'type' => 'keyTextContainer' + }, + 'soapConfigServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'soapProxyUrn' => { + 'default' => 'urn:Lemonldap/NG/Common/PSGI/SOAPService', + 'type' => 'text' + }, + 'soapSessionServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'SSLAuthnLevel' => { + 'default' => 5, + 'type' => 'int' + }, + 'sslByAjax' => { + 'default' => 0, + 'type' => 'bool' + }, + 'sslHost' => { + 'type' => 'url' + }, + 'SSLVar' => { + 'default' => 'SSL_CLIENT_S_DN_Email', + 'type' => 'text' + }, + 'SSLVarIf' => { + 'default' => {}, + 'keyTest' => sub { + 1; + }, + 'type' => 'keyTextContainer' + }, + 'staticPrefix' => { + 'type' => 'text' + }, + 'status' => { + 'type' => 'bool' + }, + 'stayConnected' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'stayConnectedBypassFG' => { + 'default' => 0, + 'type' => 'bool' + }, + 'stayConnectedCookieName' => { + 'default' => 'llngconnection', + 'msgFail' => '__badCookieName__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, + 'type' => 'text' + }, + 'stayConnectedTimeout' => { + 'default' => 2592000, + 'type' => 'int' + }, + 'storePassword' => { + 'default' => 0, + 'type' => 'bool' + }, + 'successLoginNumber' => { + 'default' => 5, + 'type' => 'int' + }, + 'syslogFacility' => { + 'type' => 'text' + }, + 'timeout' => { + 'default' => 72000, + 'test' => sub { + $_[0] > 0; + }, + 'type' => 'int' + }, + 'timeoutActivity' => { + 'default' => 0, + 'test' => sub { + $_[0] >= 0; + }, + 'type' => 'int' + }, + 'timeoutActivityInterval' => { + 'default' => 60, + 'test' => sub { + $_[0] >= 0; + }, + 'type' => 'int' + }, + 'tokenUseGlobalStorage' => { + 'default' => 0, + 'type' => 'bool' + }, + 'totp2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'totp2fAuthnLevel' => { + 'type' => 'int' + }, + 'totp2fDigits' => { + 'default' => 6, + 'type' => 'int' + }, + 'totp2fEncryptSecret' => { + 'default' => 0, + 'type' => 'bool' + }, + 'totp2fInterval' => { + 'default' => 30, + 'type' => 'int' + }, + 'totp2fIssuer' => { + 'type' => 'text' + }, + 'totp2fLabel' => { + 'type' => 'text' + }, + 'totp2fLogo' => { + 'type' => 'text' + }, + 'totp2fRange' => { + 'default' => 1, + 'type' => 'int' + }, + 'totp2fSelfRegistration' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'totp2fTTL' => { + 'type' => 'int' + }, + 'totp2fUserCanRemoveKey' => { + 'default' => 1, + 'type' => 'bool' + }, + 'trustedDomains' => { + 'type' => 'text' + }, + 'twitterAppName' => { + 'type' => 'text' + }, + 'twitterAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'twitterKey' => { + 'type' => 'text' + }, + 'twitterSecret' => { + 'type' => 'text' + }, + 'twitterUserField' => { + 'default' => 'screen_name', + 'type' => 'text' + }, + 'u2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'u2fAuthnLevel' => { + 'type' => 'int' + }, + 'u2fLabel' => { + 'type' => 'text' + }, + 'u2fLogo' => { + 'type' => 'text' + }, + 'u2fSelfRegistration' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'u2fTTL' => { + 'type' => 'int' + }, + 'u2fUserCanRemoveKey' => { + 'default' => 1, + 'type' => 'bool' + }, + 'upgradeSession' => { + 'default' => 1, + 'type' => 'bool' + }, + 'userControl' => { + 'default' => '^[\\w\\.\\-@]+$', + 'type' => 'pcre' + }, + 'userDB' => { + 'default' => 'Same', + 'select' => [ + { + 'k' => 'Same', + 'v' => 'Same' + }, + { + 'k' => 'AD', + 'v' => 'Active Directory' + }, + { + 'k' => 'DBI', + 'v' => 'Database (DBI)' + }, + { + 'k' => 'LDAP', + 'v' => 'LDAP' + }, + { + 'k' => 'REST', + 'v' => 'REST' + }, + { + 'k' => 'Null', + 'v' => 'None' + }, + { + 'k' => 'Custom', + 'v' => 'customModule' + } + ], + 'type' => 'select' + }, + 'useRedirectOnError' => { + 'default' => 1, + 'type' => 'bool' + }, + 'useRedirectOnForbidden' => { + 'default' => 0, + 'type' => 'bool' + }, + 'userLogger' => { + 'type' => 'text' + }, + 'userPivot' => { + 'type' => 'text' + }, + 'userSyslogFacility' => { + 'type' => 'text' + }, + 'useSafeJail' => { + 'default' => 1, + 'type' => 'bool' + }, + 'utotp2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'utotp2fAuthnLevel' => { + 'type' => 'int' + }, + 'utotp2fLabel' => { + 'type' => 'text' + }, + 'utotp2fLogo' => { + 'type' => 'text' + }, + 'vhostAccessToTrace' => { + 'default' => '', + 'type' => 'text' + }, + 'vhostAliases' => { + 'default' => '', + 'type' => 'text' + }, + 'vhostAuthnLevel' => { + 'type' => 'int' + }, + 'vhostDevOpsRulesUrl' => { + 'type' => 'url' + }, + 'vhostHttps' => { + 'default' => -1, + 'type' => 'trool' + }, + 'vhostMaintenance' => { + 'default' => 0, + 'type' => 'bool' + }, + 'vhostOptions' => { + 'type' => 'subContainer' + }, + 'vhostPort' => { + 'default' => -1, + 'type' => 'int' + }, + 'vhostServiceTokenTTL' => { + 'default' => -1, + 'type' => 'int' + }, + 'vhostType' => { + 'default' => 'Main', + 'select' => [ + { + 'k' => 'AuthBasic', + 'v' => 'AuthBasic' + }, + { + 'k' => 'CDA', + 'v' => 'CDA' + }, + { + 'k' => 'DevOps', + 'v' => 'DevOps' + }, + { + 'k' => 'DevOpsST', + 'v' => 'DevOpsST' + }, + { + 'k' => 'Main', + 'v' => 'Main' + }, + { + 'k' => 'OAuth2', + 'v' => 'OAuth2' + }, + { + 'k' => 'SecureToken', + 'v' => 'SecureToken' + }, + { + 'k' => 'ServiceToken', + 'v' => 'ServiceToken' + }, + { + 'k' => 'ZimbraPreAuth', + 'v' => 'ZimbraPreAuth' + } + ], + 'type' => 'select' + }, + 'viewerAllowBrowser' => { + 'default' => 0, + 'type' => 'bool' + }, + 'viewerAllowDiff' => { + 'default' => 0, + 'type' => 'bool' + }, + 'viewerHiddenKeys' => { + 'default' => 'samlIDPMetaDataNodes, samlSPMetaDataNodes', + 'type' => 'text' + }, + 'virtualHosts' => { + 'type' => 'virtualHostContainer' + }, + 'webauthn2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'webauthn2fAuthnLevel' => { + 'type' => 'int' + }, + 'webauthn2fLabel' => { + 'type' => 'text' + }, + 'webauthn2fLogo' => { + 'type' => 'text' + }, + 'webauthn2fSelfRegistration' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'webauthn2fUserCanRemoveKey' => { + 'default' => 1, + 'type' => 'bool' + }, + 'webauthn2fUserVerification' => { + 'default' => 'preferred', + 'select' => [ + { + 'k' => 'discouraged', + 'v' => 'Discouraged' + }, + { + 'k' => 'preferred', + 'v' => 'Preferred' + }, + { + 'k' => 'required', + 'v' => 'Required' + } + ], + 'type' => 'select' + }, + 'webauthnDisplayNameAttr' => { + 'type' => 'text' + }, + 'webauthnRpName' => { + 'type' => 'text' + }, + 'webIDAuthnLevel' => { + 'default' => 1, + 'type' => 'int' + }, + 'webIDExportedVars' => { + 'default' => {}, + 'keyMsgFail' => '__badVariableName__', + 'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/, + 'msgFail' => '__badValue__', + 'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/, + 'type' => 'keyTextContainer' + }, + 'webIDWhitelist' => { + 'type' => 'text' + }, + 'whatToTrace' => { + 'default' => 'uid', + 'type' => 'lmAttrOrMacro' + }, + 'wsdlServer' => { + 'default' => 0, + 'type' => 'bool' + }, + 'yubikey2fActivation' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'yubikey2fAuthnLevel' => { + 'type' => 'int' + }, + 'yubikey2fClientID' => { + 'type' => 'text' + }, + 'yubikey2fFromSessionAttribute' => { + 'type' => 'text' + }, + 'yubikey2fLabel' => { + 'type' => 'text' + }, + 'yubikey2fLogo' => { + 'type' => 'text' + }, + 'yubikey2fNonce' => { + 'type' => 'text' + }, + 'yubikey2fPublicIDSize' => { + 'default' => 12, + 'type' => 'int' + }, + 'yubikey2fSecretKey' => { + 'type' => 'text' + }, + 'yubikey2fSelfRegistration' => { + 'default' => 0, + 'type' => 'boolOrExpr' + }, + 'yubikey2fTTL' => { + 'type' => 'int' + }, + 'yubikey2fUrl' => { + 'type' => 'text' + }, + 'yubikey2fUserCanRemoveKey' => { + 'default' => 1, + 'type' => 'bool' + }, + 'zimbraAccountKey' => { + 'type' => 'text' + }, + 'zimbraBy' => { + 'type' => 'text' + }, + 'zimbraPreAuthKey' => { + 'type' => 'text' + }, + 'zimbraSsoUrl' => { + 'type' => 'text' + }, + 'zimbraUrl' => { + 'type' => 'text' + } + }; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 76c4a82cb..354488dd5 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -435,6 +435,36 @@ sub attributes { documentation => 'Separator for multiple values', flags => 'hmp', }, + rememberAuthChoiceRule => { + type => 'boolOrExpr', + default => 0, + documentation => 'remember auth choice activation rule', + }, + rememberCookieName => { + type => 'text', + test => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/, + msgFail => '__badCookieName__', + default => 'llngrememberauthchoice', + documentation => 'Name of the remember auth choice cookie', + flags => 'p', + }, + rememberCookieTimeout => { + type => 'int', + default => 31536000, + documentation => 'lifetime of the remember auth choice cookie', + flags => 'm', + }, + rememberDefaultChecked => { + type => 'bool', + default => 0, + documentation => 'Is remember auth choice checkbox enabled by default?', + }, + rememberTimer => { + type => 'int', + default => 5, + documentation => 'timer before automatic authentication with the previous remembered authentication choice', + flags => 'm', + }, stayConnected => { type => 'boolOrExpr', default => 0, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm index 644e138a8..fd3781d97 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm @@ -863,6 +863,18 @@ sub tree { 'contextSwitchingStopWithLogout', ] }, + { + title => 'rememberAuthChoice', + help => 'rememberauthchoice.html', + form => 'simpleInputContainer', + nodes => [ + 'rememberAuthChoiceRule', + 'rememberCookieName', + 'rememberCookieTimeout', + 'rememberDefaultChecked', + 'rememberTimer', + ] + }, { title => 'decryptValue', help => 'decryptvalue.html', diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index 69bae7aa8..94c9db779 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -873,6 +873,12 @@ "reloadParams":"إعادة تحميل الإعدادات", "reloadTimeout":"Reload timeout", "reloadUrls":"Reload URLs", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"اسم ملف تعريف الارتباط", "remoteGlobalStorage":"وحدة الجلسات", "remoteGlobalStorageOptions":"خيارات وحدة الجلسات", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"خدمة أل يو أر ل", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", "zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول" -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index 384d58d53..362034d61 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -873,6 +873,12 @@ "reloadParams":"Configuration reload", "reloadTimeout":"Reload timeout", "reloadUrls":"Reload URLs", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Cookie name", "remoteGlobalStorage":"Sessions module", "remoteGlobalStorageOptions":"Sessions module options", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/es.json b/lemonldap-ng-manager/site/htdocs/static/languages/es.json index 5e653bef4..fec3bc387 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/es.json @@ -873,6 +873,12 @@ "reloadParams":"Recargar configuración", "reloadTimeout":"Reload timeout", "reloadUrls":"Recargar las URL", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Nombre de la cookie", "remoteGlobalStorage":"Módulo de sesiones", "remoteGlobalStorageOptions":"Opciones del módulo de sesiones", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"URL de servicio", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", "zeroConfExplanations":"Server has no configuration. Use template to save the first." -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index 246745136..2b42fe823 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -873,6 +873,12 @@ "reloadParams":"Mise à jour de la configuration", "reloadTimeout":"Délai de mise à jour", "reloadUrls":"URLs de mise à jour", +"rememberAuthChoice":"Se souvenir du choix d'authentification", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Nom du cookie", +"rememberCookieTimeout":"Durée de vie du cookie", +"rememberDefaultChecked":"Cocher par défaut", +"rememberTimer":"Délai avant authentication automatique", "remoteCookieName":"Nom du cookie", "remoteGlobalStorage":"Module des sessions", "remoteGlobalStorageOptions":"Options du module des sessions", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/he.json b/lemonldap-ng-manager/site/htdocs/static/languages/he.json index 7fe6a3b69..9d6679d22 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/he.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/he.json @@ -873,6 +873,12 @@ "reloadParams":"Configuration reload", "reloadTimeout":"Reload timeout", "reloadUrls":"רענון כתובות", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"שם עוגיה", "remoteGlobalStorage":"מודול הפעלות", "remoteGlobalStorageOptions":"אפשרויות מודול הפעלות", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"כתובת שירות", "yubikey2fUserCanRemoveKey":"לאפשר למשתמש להסיר Yubikey", "zeroConfExplanations":"Server has no configuration. Use template to save the first." -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 8638474f4..2daecb996 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -873,6 +873,12 @@ "reloadParams":"Ricarica di configurazione", "reloadTimeout":"Ricarica il timeout", "reloadUrls":"Ricarica gli URL", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Nome del cookie", "remoteGlobalStorage":"Modulo di sessioni", "remoteGlobalStorageOptions":"Opzioni del modulo Sessioni", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"URL del servizio", "yubikey2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la Yubikey", "zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo." -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json index edf9308da..0d38483d4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json @@ -873,6 +873,12 @@ "reloadParams":"Załaduj ponownie konfigurację", "reloadTimeout":"Limit czasu przeładowania", "reloadUrls":"Załaduj ponownie adresy URL", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Nazwa ciasteczka", "remoteGlobalStorage":"Moduł sesji", "remoteGlobalStorageOptions":"Opcje modułu sesji", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"URL usługi", "yubikey2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć Yubikey", "zeroConfExplanations":"Serwer nie ma konfiguracji. Użyj szablonu, aby zapisać pierwszy." -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json index a8171a970..d7eab6f99 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json @@ -873,6 +873,12 @@ "reloadParams":"Yapılandırma yeniden yüklendi", "reloadTimeout":"Yeniden yükleme zaman aşımı", "reloadUrls":"URL'leri yeniden yükle", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Çerez adı", "remoteGlobalStorage":"Oturumlar modülü", "remoteGlobalStorageOptions":"Oturumlar modülü seçenekleri", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"Servis URL'si", "yubikey2fUserCanRemoveKey":"Yubikey'i kaldırmak için kullanıcıya izin ver", "zeroConfExplanations":"Sunucunun yapılandırması yok. Şimdi bir tane kaydetmek için şablonu kullanın." -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 0f37a5e5e..2cb4d5806 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -873,6 +873,12 @@ "reloadParams":"Tải lại cấu hình", "reloadTimeout":"Reload timeout", "reloadUrls":"Reload URLs", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Tên cookie", "remoteGlobalStorage":"Mô-đun phiên", "remoteGlobalStorageOptions":"Tùy chọn mô-đun phiên", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"Dịch vụ URL", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", "zeroConfExplanations":"Máy chủ không có cấu hình. Sử dụng mẫu để lưu đầu tiên. " -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index 40ae8d1ea..a61badf02 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -873,6 +873,12 @@ "reloadParams":"設定重新載入", "reloadTimeout":"重新載入逾時", "reloadUrls":"重新載入 URL", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Cookie 名称", "remoteGlobalStorage":"工作階段模組", "remoteGlobalStorageOptions":"工作階段模組選項", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"服务 URL", "yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey", "zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。" -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json index 66ef31a3d..e4e3eb610 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json @@ -873,6 +873,12 @@ "reloadParams":"設定重新載入", "reloadTimeout":"重新載入逾時", "reloadUrls":"重新載入 URL", +"rememberAuthChoice":"Remember authentication choice", +"rememberAuthChoiceRule":"Activation", +"rememberCookieName":"Cookie name", +"rememberCookieTimeout":"cookie lifetime", +"rememberDefaultChecked":"Check by default", +"rememberTimer":"Timer before automatic authentication", "remoteCookieName":"Cookie 名稱", "remoteGlobalStorage":"工作階段模組", "remoteGlobalStorageOptions":"工作階段模組選項", @@ -1244,4 +1250,4 @@ "yubikey2fUrl":"服務 URL", "yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey", "zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。" -} \ No newline at end of file +} diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json index 9414ae2e9..b323dc10d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json +++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json @@ -1 +1 @@ -{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceFindUser":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","avoidAssignment":"generalParameters/advancedParams/security","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxAge":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxLockTime":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","casStrictMatching":"casServiceMetadata","casTicketExpiration":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkDevOps":"generalParameters/plugins/devOpsCheck","checkDevOpsCheckSessionAttributes":"generalParameters/plugins/devOpsCheck","checkDevOpsDisplayNormalizedHeaders":"generalParameters/plugins/devOpsCheck","checkDevOpsDownload":"generalParameters/plugins/devOpsCheck","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHiddenAttributes":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHistory":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayNormalizedHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserHiddenHeaders":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/reloadParams","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","crowdsec":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecAction":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecKey":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecUrl":"generalParameters/advancedParams/security/CrowdSecPlugin","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","displaySessionId":"generalParameters/sessionParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","findUser":"generalParameters/plugins/findUsers","findUserControl":"generalParameters/plugins/findUsers","findUserExcludingAttributes":"generalParameters/plugins/findUsers","findUserSearchingAttributes":"generalParameters/plugins/findUsers","findUserWildcard":"generalParameters/plugins/findUsers","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAllowedDomains":"generalParameters/authParams/kerberosParams","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGetUserBeforePasswordChange":"generalParameters/authParams/ldapParams/ldapPassword","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapIOTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSessionKey":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","newLocationWarning":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationDisplayAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailBody":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailSubject":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMaxValues":"generalParameters/advancedParams/security/newLocationWarnings","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowOnlyDeclaredScopes":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalEnablePasswordDisplay":"generalParameters/portalParams/portalCustomization/passwordManagement","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceParam":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceValue":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceImpersonation":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxyCookieName":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxySessionService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmBody":"generalParameters/plugins/register","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneBody":"generalParameters/plugins/register","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers/restServices","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers/restServices","restConfigServer":"generalParameters/plugins/portalServers/restServices","restExportSecretKeys":"generalParameters/plugins/portalServers/restServices","restFindUserDBUrl":"generalParameters/plugins/findUsers","restPasswordServer":"generalParameters/plugins/portalServers/restServices","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers/restServices","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfManagerRule":"generalParameters/secondFactors","sfOnlyUpgrade":"generalParameters/secondFactors","sfRegisterTimeout":"generalParameters/secondFactors","sfRemovedMsgRule":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfRemovedNotification","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers/soapServices","soapSessionServer":"generalParameters/plugins/portalServers/soapServices","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins/stayConnect","stayConnectedBypassFG":"generalParameters/plugins/stayConnect","stayConnectedCookieName":"generalParameters/plugins/stayConnect","stayConnectedTimeout":"generalParameters/plugins/stayConnect","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fEncryptSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fLabel":"generalParameters/secondFactors/u2f","u2fLogo":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","utotp2fLabel":"generalParameters/secondFactors/utotp2f","utotp2fLogo":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","webauthn2fActivation":"generalParameters/secondFactors/webauthn2f","webauthn2fAuthnLevel":"generalParameters/secondFactors/webauthn2f","webauthn2fLabel":"generalParameters/secondFactors/webauthn2f","webauthn2fLogo":"generalParameters/secondFactors/webauthn2f","webauthn2fSelfRegistration":"generalParameters/secondFactors/webauthn2f","webauthn2fUserCanRemoveKey":"generalParameters/secondFactors/webauthn2f","webauthn2fUserVerification":"generalParameters/secondFactors/webauthn2f","webauthnDisplayNameAttr":"generalParameters/secondFactors/webauthn2f","webauthnRpName":"generalParameters/secondFactors/webauthn2f","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers/soapServices","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"} \ No newline at end of file +{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceFindUser":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","avoidAssignment":"generalParameters/advancedParams/security","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxAge":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxLockTime":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","casStrictMatching":"casServiceMetadata","casTicketExpiration":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkDevOps":"generalParameters/plugins/devOpsCheck","checkDevOpsCheckSessionAttributes":"generalParameters/plugins/devOpsCheck","checkDevOpsDisplayNormalizedHeaders":"generalParameters/plugins/devOpsCheck","checkDevOpsDownload":"generalParameters/plugins/devOpsCheck","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHiddenAttributes":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHistory":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayNormalizedHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserHiddenHeaders":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/reloadParams","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","crowdsec":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecAction":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecKey":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecUrl":"generalParameters/advancedParams/security/CrowdSecPlugin","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","displaySessionId":"generalParameters/sessionParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","findUser":"generalParameters/plugins/findUsers","findUserControl":"generalParameters/plugins/findUsers","findUserExcludingAttributes":"generalParameters/plugins/findUsers","findUserSearchingAttributes":"generalParameters/plugins/findUsers","findUserWildcard":"generalParameters/plugins/findUsers","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAllowedDomains":"generalParameters/authParams/kerberosParams","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGetUserBeforePasswordChange":"generalParameters/authParams/ldapParams/ldapPassword","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapIOTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSessionKey":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","newLocationWarning":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationDisplayAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailBody":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailSubject":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMaxValues":"generalParameters/advancedParams/security/newLocationWarnings","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowOnlyDeclaredScopes":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalEnablePasswordDisplay":"generalParameters/portalParams/portalCustomization/passwordManagement","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceParam":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceValue":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceImpersonation":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxyCookieName":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxySessionService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmBody":"generalParameters/plugins/register","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneBody":"generalParameters/plugins/register","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","rememberAuthChoiceRule":"generalParameters/plugins/rememberAuthChoice","rememberCookieName":"generalParameters/plugins/rememberAuthChoice","rememberCookieTimeout":"generalParameters/plugins/rememberAuthChoice","rememberDefaultChecked":"generalParameters/plugins/rememberAuthChoice","rememberTimer":"generalParameters/plugins/rememberAuthChoice","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers/restServices","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers/restServices","restConfigServer":"generalParameters/plugins/portalServers/restServices","restExportSecretKeys":"generalParameters/plugins/portalServers/restServices","restFindUserDBUrl":"generalParameters/plugins/findUsers","restPasswordServer":"generalParameters/plugins/portalServers/restServices","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers/restServices","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfManagerRule":"generalParameters/secondFactors","sfOnlyUpgrade":"generalParameters/secondFactors","sfRegisterTimeout":"generalParameters/secondFactors","sfRemovedMsgRule":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfRemovedNotification","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers/soapServices","soapSessionServer":"generalParameters/plugins/portalServers/soapServices","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins/stayConnect","stayConnectedBypassFG":"generalParameters/plugins/stayConnect","stayConnectedCookieName":"generalParameters/plugins/stayConnect","stayConnectedTimeout":"generalParameters/plugins/stayConnect","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fEncryptSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fLabel":"generalParameters/secondFactors/u2f","u2fLogo":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","utotp2fLabel":"generalParameters/secondFactors/utotp2f","utotp2fLogo":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","webauthn2fActivation":"generalParameters/secondFactors/webauthn2f","webauthn2fAuthnLevel":"generalParameters/secondFactors/webauthn2f","webauthn2fLabel":"generalParameters/secondFactors/webauthn2f","webauthn2fLogo":"generalParameters/secondFactors/webauthn2f","webauthn2fSelfRegistration":"generalParameters/secondFactors/webauthn2f","webauthn2fUserCanRemoveKey":"generalParameters/secondFactors/webauthn2f","webauthn2fUserVerification":"generalParameters/secondFactors/webauthn2f","webauthnDisplayNameAttr":"generalParameters/secondFactors/webauthn2f","webauthnRpName":"generalParameters/secondFactors/webauthn2f","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers/soapServices","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json index c92d94f7c..1a12beb1f 100644 --- a/lemonldap-ng-manager/site/htdocs/static/struct.json +++ b/lemonldap-ng-manager/site/htdocs/static/struct.json @@ -1 +1 @@ -[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"id":"portalCustomCss","title":"portalCustomCss"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"},{"default":0,"id":"portalEnablePasswordDisplay","title":"portalEnablePasswordDisplay","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Combination","v":"combineMods"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"},{"id":"authChoiceFindUser","title":"authChoiceFindUser"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"},{"id":"krbAllowedDomains","title":"krbAllowedDomains"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":10,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":10,"id":"ldapIOTimeout","title":"ldapIOTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapGetUserBeforePasswordChange","title":"ldapGetUserBeforePasswordChange","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"default":"lmAuth","id":"proxyAuthServiceChoiceParam","title":"proxyAuthServiceChoiceParam"},{"id":"proxyAuthServiceChoiceValue","title":"proxyAuthServiceChoiceValue"},{"id":"proxyCookieName","title":"proxyCookieName"},{"default":0,"id":"proxyAuthServiceImpersonation","title":"proxyAuthServiceImpersonation","type":"bool"}],"id":"proxyInternalPortal","title":"proxyInternalPortal","type":"simpleInputContainer"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password, _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":1,"id":"displaySessionId","title":"displaySessionId","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"cnodes":"reloadUrls","help":"configlocation.html#configuration-reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"}],"help":"configlocation.html#configuration-reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"id":"refreshSessions","title":"refreshSessions","type":"bool"},{"cnodes":"adaptativeAuthenticationLevelRules","help":"adaptativeauthenticationlevel.html","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"boolOrExpr"},{"default":0,"id":"stayConnectedBypassFG","title":"stayConnectedBypassFG","type":"bool"},{"default":2592000,"id":"stayConnectedTimeout","title":"stayConnectedTimeout","type":"int"},{"default":"llngconnection","id":"stayConnectedCookieName","title":"stayConnectedCookieName"}],"help":"stayconnected.html","id":"stayConnect","title":"stayConnect","type":"simpleInputContainer"},{"_nodes":[{"id":"exportedAttr","title":"exportedAttr"},{"_nodes":[{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"}],"help":"portalservers.html#REST","id":"restServices","title":"restServices","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"}],"help":"portalservers.html#SOAP_(deprecated)","id":"soapServices","title":"soapServices","type":"simpleInputContainer"}],"help":"portalservers.html","id":"portalServers","title":"portalServers"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"certificateMailContent","title":"certificateMailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/certificateReset","id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetcertificate.html","id":"certificateResetByMailManagement","title":"certificateResetByMailManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerConfirmBody","title":"registerConfirmBody","type":"longtext"},{"id":"registerDoneSubject","title":"registerDoneSubject"},{"id":"registerDoneBody","title":"registerDoneBody","type":"longtext"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":"_loginHistory, _session_id, hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"cnodes":"checkUserHiddenHeaders","id":"checkUserHiddenHeaders","title":"checkUserHiddenHeaders","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayNormalizedHeaders","title":"checkUserDisplayNormalizedHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHiddenAttributes","title":"checkUserDisplayHiddenAttributes","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHistory","title":"checkUserDisplayHistory","type":"boolOrExpr"}],"help":"checkuser.html#configuration","id":"checkUserDisplay","title":"checkUserDisplay","type":"simpleInputContainer"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers"},{"_nodes":[{"default":0,"id":"checkDevOps","title":"checkDevOps","type":"bool"},{"default":1,"id":"checkDevOpsDownload","title":"checkDevOpsDownload","type":"bool"},{"default":1,"id":"checkDevOpsDisplayNormalizedHeaders","title":"checkDevOpsDisplayNormalizedHeaders","type":"bool"},{"default":1,"id":"checkDevOpsCheckSessionAttributes","title":"checkDevOpsCheckSessionAttributes","type":"bool"}],"help":"checkdevops.html","id":"devOpsCheck","title":"devOpsCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices, _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"findUser","title":"findUser","type":"bool"},{"default":"*","id":"findUserWildcard","title":"findUserWildcard"},{"default":"^[*\\w]+$","id":"findUserControl","title":"findUserControl"},{"id":"restFindUserDBUrl","title":"restFindUserDBUrl"},{"cnodes":"findUserSearchingAttributes","id":"findUserSearchingAttributes","title":"findUserSearchingAttributes","type":"keyTextContainer"},{"cnodes":"findUserExcludingAttributes","id":"findUserExcludingAttributes","title":"findUserExcludingAttributes","type":"keyTextContainer"}],"help":"finduser.html","id":"findUsers","title":"findUsers"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"id":"sfRegisterTimeout","title":"sfRegisterTimeout","type":"int"},{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"},{"id":"utotp2fLabel","title":"utotp2fLabel"},{"id":"utotp2fLogo","title":"utotp2fLogo"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fEncryptSecret","title":"totp2fEncryptSecret","type":"bool"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"id":"u2fLabel","title":"u2fLabel"},{"id":"u2fLogo","title":"u2fLogo"},{"id":"u2fTTL","title":"u2fTTL","type":"int"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fSessionKey","title":"mail2fSessionKey"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"int"},{"id":"radius2fLabel","title":"radius2fLabel"},{"id":"radius2fLogo","title":"radius2fLogo"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"webauthn2fActivation","title":"webauthn2fActivation","type":"boolOrExpr"},{"default":0,"id":"webauthn2fSelfRegistration","title":"webauthn2fSelfRegistration","type":"boolOrExpr"},{"default":"preferred","id":"webauthn2fUserVerification","select":[{"k":"discouraged","v":"Discouraged"},{"k":"preferred","v":"Preferred"},{"k":"required","v":"Required"}],"title":"webauthn2fUserVerification","type":"select"},{"default":1,"id":"webauthn2fUserCanRemoveKey","title":"webauthn2fUserCanRemoveKey","type":"bool"},{"id":"webauthnRpName","title":"webauthnRpName"},{"id":"webauthnDisplayNameAttr","title":"webauthnDisplayNameAttr"},{"id":"webauthn2fAuthnLevel","title":"webauthn2fAuthnLevel","type":"int"},{"id":"webauthn2fLabel","title":"webauthn2fLabel"},{"id":"webauthn2fLogo","title":"webauthn2fLogo"}],"help":"webauthn2f.html","id":"webauthn2f","title":"webauthn2f","type":"simpleInputContainer"},{"cnodes":"sfExtra","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":0,"help":"safejail.html","id":"avoidAssignment","title":"avoidAssignment","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"_nodes":[{"id":"crowdsec","title":"crowdsec","type":"bool"},{"default":"reject","id":"crowdsecAction","select":[{"k":"reject","v":"Reject"},{"k":"warn","v":"Warn"}],"title":"crowdsecAction","type":"select"},{"id":"crowdsecUrl","title":"crowdsecUrl"},{"id":"crowdsecKey","title":"crowdsecKey"}],"help":"crowdsec.html","id":"CrowdSecPlugin","title":"CrowdSecPlugin","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"newLocationWarning","title":"newLocationWarning","type":"bool"},{"default":"ipAddr","id":"newLocationWarningLocationAttribute","title":"newLocationWarningLocationAttribute"},{"default":"","id":"newLocationWarningLocationDisplayAttribute","title":"newLocationWarningLocationDisplayAttribute"},{"default":"0","id":"newLocationWarningMaxValues","title":"newLocationWarningMaxValues","type":"int"},{"id":"newLocationWarningMailAttribute","title":"newLocationWarningMailAttribute"},{"id":"newLocationWarningMailSubject","title":"newLocationWarningMailSubject"},{"id":"newLocationWarningMailBody","title":"newLocationWarningMailBody","type":"longtext"}],"help":"newlocationwarning.html","id":"newLocationWarnings","title":"newLocationWarnings","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"15, 30, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"},{"default":900,"id":"bruteForceProtectionMaxLockTime","title":"bruteForceProtectionMaxLockTime","type":"int"},{"default":300,"id":"bruteForceProtectionMaxAge","title":"bruteForceProtectionMaxAge","type":"int"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"id":"oidcServiceDynamicRegistration","title":"oidcServiceDynamicRegistration"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig","oidcServiceKeyIdSig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowOnlyDeclaredScopes","title":"oidcServiceAllowOnlyDeclaredScopes","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"id":"oidcServiceMetaDataTimeouts","title":"oidcServiceMetaDataTimeouts"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"default":0,"id":"casStrictMatching","title":"casStrictMatching","type":"bool"},{"default":0,"id":"casTicketExpiration","title":"casTicketExpiration","type":"int"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}] \ No newline at end of file +[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"id":"portalCustomCss","title":"portalCustomCss"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"},{"default":0,"id":"portalEnablePasswordDisplay","title":"portalEnablePasswordDisplay","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Combination","v":"combineMods"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"},{"id":"authChoiceFindUser","title":"authChoiceFindUser"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"},{"id":"krbAllowedDomains","title":"krbAllowedDomains"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":10,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":10,"id":"ldapIOTimeout","title":"ldapIOTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapGetUserBeforePasswordChange","title":"ldapGetUserBeforePasswordChange","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"default":"lmAuth","id":"proxyAuthServiceChoiceParam","title":"proxyAuthServiceChoiceParam"},{"id":"proxyAuthServiceChoiceValue","title":"proxyAuthServiceChoiceValue"},{"id":"proxyCookieName","title":"proxyCookieName"},{"default":0,"id":"proxyAuthServiceImpersonation","title":"proxyAuthServiceImpersonation","type":"bool"}],"id":"proxyInternalPortal","title":"proxyInternalPortal","type":"simpleInputContainer"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password, _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":1,"id":"displaySessionId","title":"displaySessionId","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"cnodes":"reloadUrls","help":"configlocation.html#configuration-reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"}],"help":"configlocation.html#configuration-reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"id":"refreshSessions","title":"refreshSessions","type":"bool"},{"cnodes":"adaptativeAuthenticationLevelRules","help":"adaptativeauthenticationlevel.html","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"boolOrExpr"},{"default":0,"id":"stayConnectedBypassFG","title":"stayConnectedBypassFG","type":"bool"},{"default":2592000,"id":"stayConnectedTimeout","title":"stayConnectedTimeout","type":"int"},{"default":"llngconnection","id":"stayConnectedCookieName","title":"stayConnectedCookieName"}],"help":"stayconnected.html","id":"stayConnect","title":"stayConnect","type":"simpleInputContainer"},{"_nodes":[{"id":"exportedAttr","title":"exportedAttr"},{"_nodes":[{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"}],"help":"portalservers.html#REST","id":"restServices","title":"restServices","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"}],"help":"portalservers.html#SOAP_(deprecated)","id":"soapServices","title":"soapServices","type":"simpleInputContainer"}],"help":"portalservers.html","id":"portalServers","title":"portalServers"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"certificateMailContent","title":"certificateMailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/certificateReset","id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetcertificate.html","id":"certificateResetByMailManagement","title":"certificateResetByMailManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerConfirmBody","title":"registerConfirmBody","type":"longtext"},{"id":"registerDoneSubject","title":"registerDoneSubject"},{"id":"registerDoneBody","title":"registerDoneBody","type":"longtext"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":"_loginHistory, _session_id, hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"cnodes":"checkUserHiddenHeaders","id":"checkUserHiddenHeaders","title":"checkUserHiddenHeaders","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayNormalizedHeaders","title":"checkUserDisplayNormalizedHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHiddenAttributes","title":"checkUserDisplayHiddenAttributes","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHistory","title":"checkUserDisplayHistory","type":"boolOrExpr"}],"help":"checkuser.html#configuration","id":"checkUserDisplay","title":"checkUserDisplay","type":"simpleInputContainer"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers"},{"_nodes":[{"default":0,"id":"checkDevOps","title":"checkDevOps","type":"bool"},{"default":1,"id":"checkDevOpsDownload","title":"checkDevOpsDownload","type":"bool"},{"default":1,"id":"checkDevOpsDisplayNormalizedHeaders","title":"checkDevOpsDisplayNormalizedHeaders","type":"bool"},{"default":1,"id":"checkDevOpsCheckSessionAttributes","title":"checkDevOpsCheckSessionAttributes","type":"bool"}],"help":"checkdevops.html","id":"devOpsCheck","title":"devOpsCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices, _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"findUser","title":"findUser","type":"bool"},{"default":"*","id":"findUserWildcard","title":"findUserWildcard"},{"default":"^[*\\w]+$","id":"findUserControl","title":"findUserControl"},{"id":"restFindUserDBUrl","title":"restFindUserDBUrl"},{"cnodes":"findUserSearchingAttributes","id":"findUserSearchingAttributes","title":"findUserSearchingAttributes","type":"keyTextContainer"},{"cnodes":"findUserExcludingAttributes","id":"findUserExcludingAttributes","title":"findUserExcludingAttributes","type":"keyTextContainer"}],"help":"finduser.html","id":"findUsers","title":"findUsers"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rememberAuthChoiceRule","title":"rememberAuthChoiceRule","type":"boolOrExpr"},{"default":"llngrememberauthchoice","id":"rememberCookieName","title":"rememberCookieName"},{"default":31536000,"id":"rememberCookieTimeout","title":"rememberCookieTimeout","type":"int"},{"default":0,"id":"rememberDefaultChecked","title":"rememberDefaultChecked","type":"bool"},{"default":5,"id":"rememberTimer","title":"rememberTimer","type":"int"}],"help":"rememberauthchoice.html","id":"rememberAuthChoice","title":"rememberAuthChoice","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"id":"sfRegisterTimeout","title":"sfRegisterTimeout","type":"int"},{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"},{"id":"utotp2fLabel","title":"utotp2fLabel"},{"id":"utotp2fLogo","title":"utotp2fLogo"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fEncryptSecret","title":"totp2fEncryptSecret","type":"bool"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"id":"u2fLabel","title":"u2fLabel"},{"id":"u2fLogo","title":"u2fLogo"},{"id":"u2fTTL","title":"u2fTTL","type":"int"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fSessionKey","title":"mail2fSessionKey"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"int"},{"id":"radius2fLabel","title":"radius2fLabel"},{"id":"radius2fLogo","title":"radius2fLogo"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"webauthn2fActivation","title":"webauthn2fActivation","type":"boolOrExpr"},{"default":0,"id":"webauthn2fSelfRegistration","title":"webauthn2fSelfRegistration","type":"boolOrExpr"},{"default":"preferred","id":"webauthn2fUserVerification","select":[{"k":"discouraged","v":"Discouraged"},{"k":"preferred","v":"Preferred"},{"k":"required","v":"Required"}],"title":"webauthn2fUserVerification","type":"select"},{"default":1,"id":"webauthn2fUserCanRemoveKey","title":"webauthn2fUserCanRemoveKey","type":"bool"},{"id":"webauthnRpName","title":"webauthnRpName"},{"id":"webauthnDisplayNameAttr","title":"webauthnDisplayNameAttr"},{"id":"webauthn2fAuthnLevel","title":"webauthn2fAuthnLevel","type":"int"},{"id":"webauthn2fLabel","title":"webauthn2fLabel"},{"id":"webauthn2fLogo","title":"webauthn2fLogo"}],"help":"webauthn2f.html","id":"webauthn2f","title":"webauthn2f","type":"simpleInputContainer"},{"cnodes":"sfExtra","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":0,"help":"safejail.html","id":"avoidAssignment","title":"avoidAssignment","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"_nodes":[{"id":"crowdsec","title":"crowdsec","type":"bool"},{"default":"reject","id":"crowdsecAction","select":[{"k":"reject","v":"Reject"},{"k":"warn","v":"Warn"}],"title":"crowdsecAction","type":"select"},{"id":"crowdsecUrl","title":"crowdsecUrl"},{"id":"crowdsecKey","title":"crowdsecKey"}],"help":"crowdsec.html","id":"CrowdSecPlugin","title":"CrowdSecPlugin","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"newLocationWarning","title":"newLocationWarning","type":"bool"},{"default":"ipAddr","id":"newLocationWarningLocationAttribute","title":"newLocationWarningLocationAttribute"},{"default":"","id":"newLocationWarningLocationDisplayAttribute","title":"newLocationWarningLocationDisplayAttribute"},{"default":"0","id":"newLocationWarningMaxValues","title":"newLocationWarningMaxValues","type":"int"},{"id":"newLocationWarningMailAttribute","title":"newLocationWarningMailAttribute"},{"id":"newLocationWarningMailSubject","title":"newLocationWarningMailSubject"},{"id":"newLocationWarningMailBody","title":"newLocationWarningMailBody","type":"longtext"}],"help":"newlocationwarning.html","id":"newLocationWarnings","title":"newLocationWarnings","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"15, 30, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"},{"default":900,"id":"bruteForceProtectionMaxLockTime","title":"bruteForceProtectionMaxLockTime","type":"int"},{"default":300,"id":"bruteForceProtectionMaxAge","title":"bruteForceProtectionMaxAge","type":"int"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"id":"oidcServiceDynamicRegistration","title":"oidcServiceDynamicRegistration"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig","oidcServiceKeyIdSig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowOnlyDeclaredScopes","title":"oidcServiceAllowOnlyDeclaredScopes","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"id":"oidcServiceMetaDataTimeouts","title":"oidcServiceMetaDataTimeouts"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"default":0,"id":"casStrictMatching","title":"casStrictMatching","type":"bool"},{"default":0,"id":"casTicketExpiration","title":"casTicketExpiration","type":"int"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}] \ No newline at end of file diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm index ec58c6a4e..83c915946 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm @@ -7,332 +7,224 @@ use Exporter 'import'; our $VERSION = '2.0.14'; use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main'; -use constant URIRE => -qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)}; +use constant URIRE => qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)}; use constant { - PE_IDPCHOICE => -5, - PE_SENDRESPONSE => -4, - PE_INFO => -3, - PE_REDIRECT => -2, - PE_DONE => -1, - PE_OK => 0, - PE_SESSIONEXPIRED => 1, - PE_FORMEMPTY => 2, - PE_WRONGMANAGERACCOUNT => 3, - PE_USERNOTFOUND => 4, - PE_BADCREDENTIALS => 5, - PE_LDAPCONNECTFAILED => 6, - PE_LDAPERROR => 7, - PE_APACHESESSIONERROR => 8, - PE_FIRSTACCESS => 9, - PE_BADCERTIFICATE => 10, - PE_NO_PASSWORD_BE => 20, - PE_PP_ACCOUNT_LOCKED => 21, - PE_PP_PASSWORD_EXPIRED => 22, - PE_CERTIFICATEREQUIRED => 23, - PE_ERROR => 24, - PE_PP_CHANGE_AFTER_RESET => 25, - PE_PP_PASSWORD_MOD_NOT_ALLOWED => 26, - PE_PP_MUST_SUPPLY_OLD_PASSWORD => 27, - PE_PP_INSUFFICIENT_PASSWORD_QUALITY => 28, - PE_PP_PASSWORD_TOO_SHORT => 29, - PE_PP_PASSWORD_TOO_YOUNG => 30, - PE_PP_PASSWORD_IN_HISTORY => 31, - PE_PP_GRACE => 32, - PE_PP_EXP_WARNING => 33, - PE_PASSWORD_MISMATCH => 34, - PE_PASSWORD_OK => 35, - PE_NOTIFICATION => 36, - PE_BADURL => 37, - PE_NOSCHEME => 38, - PE_BADOLDPASSWORD => 39, - PE_MALFORMEDUSER => 40, - PE_SESSIONNOTGRANTED => 41, - PE_CONFIRM => 42, - PE_MAILFORMEMPTY => 43, - PE_BADMAILTOKEN => 44, - PE_MAILERROR => 45, - PE_MAILOK => 46, - PE_LOGOUT_OK => 47, - PE_SAML_ERROR => 48, - PE_SAML_LOAD_SERVICE_ERROR => 49, - PE_SAML_LOAD_IDP_ERROR => 50, - PE_SAML_SSO_ERROR => 51, - PE_SAML_UNKNOWN_ENTITY => 52, - PE_SAML_DESTINATION_ERROR => 53, - PE_SAML_CONDITIONS_ERROR => 54, - PE_SAML_IDPSSOINITIATED_NOTALLOWED => 55, - PE_SAML_SLO_ERROR => 56, - PE_SAML_SIGNATURE_ERROR => 57, - PE_SAML_ART_ERROR => 58, - PE_SAML_SESSION_ERROR => 59, - PE_SAML_LOAD_SP_ERROR => 60, - PE_SAML_ATTR_ERROR => 61, - PE_OPENID_EMPTY => 62, - PE_OPENID_BADID => 63, - PE_MISSINGREQATTR => 64, - PE_BADPARTNER => 65, - PE_MAILCONFIRMATION_ALREADY_SENT => 66, - PE_PASSWORDFORMEMPTY => 67, - PE_CAS_SERVICE_NOT_ALLOWED => 68, - PE_MAILFIRSTACCESS => 69, - PE_MAILNOTFOUND => 70, - PE_PASSWORDFIRSTACCESS => 71, - PE_MAILCONFIRMOK => 72, - PE_RADIUSCONNECTFAILED => 73, - PE_MUST_SUPPLY_OLD_PASSWORD => 74, - PE_FORBIDDENIP => 75, - PE_CAPTCHAERROR => 76, - PE_CAPTCHAEMPTY => 77, - PE_REGISTERFIRSTACCESS => 78, - PE_REGISTERFORMEMPTY => 79, - PE_REGISTERALREADYEXISTS => 80, - PE_NOTOKEN => 81, - PE_TOKENEXPIRED => 82, - PE_U2FFAILED => 83, - PE_UNAUTHORIZEDPARTNER => 84, - PE_RENEWSESSION => 85, - PE_WAIT => 86, - PE_MUSTAUTHN => 87, - PE_MUSTHAVEMAIL => 88, - PE_SAML_SERVICE_NOT_ALLOWED => 89, - PE_OIDC_SERVICE_NOT_ALLOWED => 90, - PE_OID_SERVICE_NOT_ALLOWED => 91, - PE_GET_SERVICE_NOT_ALLOWED => 92, + PE_IDPCHOICE => -5, + PE_SENDRESPONSE => -4, + PE_INFO => -3, + PE_REDIRECT => -2, + PE_DONE => -1, + PE_OK => 0, + PE_SESSIONEXPIRED => 1, + PE_FORMEMPTY => 2, + PE_WRONGMANAGERACCOUNT => 3, + PE_USERNOTFOUND => 4, + PE_BADCREDENTIALS => 5, + PE_LDAPCONNECTFAILED => 6, + PE_LDAPERROR => 7, + PE_APACHESESSIONERROR => 8, + PE_FIRSTACCESS => 9, + PE_BADCERTIFICATE => 10, + PE_NO_PASSWORD_BE => 20, + PE_PP_ACCOUNT_LOCKED => 21, + PE_PP_PASSWORD_EXPIRED => 22, + PE_CERTIFICATEREQUIRED => 23, + PE_ERROR => 24, + PE_PP_CHANGE_AFTER_RESET => 25, + PE_PP_PASSWORD_MOD_NOT_ALLOWED => 26, + PE_PP_MUST_SUPPLY_OLD_PASSWORD => 27, + PE_PP_INSUFFICIENT_PASSWORD_QUALITY => 28, + PE_PP_PASSWORD_TOO_SHORT => 29, + PE_PP_PASSWORD_TOO_YOUNG => 30, + PE_PP_PASSWORD_IN_HISTORY => 31, + PE_PP_GRACE => 32, + PE_PP_EXP_WARNING => 33, + PE_PASSWORD_MISMATCH => 34, + PE_PASSWORD_OK => 35, + PE_NOTIFICATION => 36, + PE_BADURL => 37, + PE_NOSCHEME => 38, + PE_BADOLDPASSWORD => 39, + PE_MALFORMEDUSER => 40, + PE_SESSIONNOTGRANTED => 41, + PE_CONFIRM => 42, + PE_MAILFORMEMPTY => 43, + PE_BADMAILTOKEN => 44, + PE_MAILERROR => 45, + PE_MAILOK => 46, + PE_LOGOUT_OK => 47, + PE_SAML_ERROR => 48, + PE_SAML_LOAD_SERVICE_ERROR => 49, + PE_SAML_LOAD_IDP_ERROR => 50, + PE_SAML_SSO_ERROR => 51, + PE_SAML_UNKNOWN_ENTITY => 52, + PE_SAML_DESTINATION_ERROR => 53, + PE_SAML_CONDITIONS_ERROR => 54, + PE_SAML_IDPSSOINITIATED_NOTALLOWED => 55, + PE_SAML_SLO_ERROR => 56, + PE_SAML_SIGNATURE_ERROR => 57, + PE_SAML_ART_ERROR => 58, + PE_SAML_SESSION_ERROR => 59, + PE_SAML_LOAD_SP_ERROR => 60, + PE_SAML_ATTR_ERROR => 61, + PE_OPENID_EMPTY => 62, + PE_OPENID_BADID => 63, + PE_MISSINGREQATTR => 64, + PE_BADPARTNER => 65, + PE_MAILCONFIRMATION_ALREADY_SENT => 66, + PE_PASSWORDFORMEMPTY => 67, + PE_CAS_SERVICE_NOT_ALLOWED => 68, + PE_MAILFIRSTACCESS => 69, + PE_MAILNOTFOUND => 70, + PE_PASSWORDFIRSTACCESS => 71, + PE_MAILCONFIRMOK => 72, + PE_RADIUSCONNECTFAILED => 73, + PE_MUST_SUPPLY_OLD_PASSWORD => 74, + PE_FORBIDDENIP => 75, + PE_CAPTCHAERROR => 76, + PE_CAPTCHAEMPTY => 77, + PE_REGISTERFIRSTACCESS => 78, + PE_REGISTERFORMEMPTY => 79, + PE_REGISTERALREADYEXISTS => 80, + PE_NOTOKEN => 81, + PE_TOKENEXPIRED => 82, + PE_U2FFAILED => 83, + PE_UNAUTHORIZEDPARTNER => 84, + PE_RENEWSESSION => 85, + PE_WAIT => 86, + PE_MUSTAUTHN => 87, + PE_MUSTHAVEMAIL => 88, + PE_SAML_SERVICE_NOT_ALLOWED => 89, + PE_OIDC_SERVICE_NOT_ALLOWED => 90, + PE_OID_SERVICE_NOT_ALLOWED => 91, + PE_GET_SERVICE_NOT_ALLOWED => 92, PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93, - PE_ISSUERMISSINGREQATTR => 94, - PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED => 95, - PE_BADOTP => 96, - PE_RESETCERTIFICATE_INVALID => 97, - PE_RESETCERTIFICATE_FORMEMPTY => 98, - PE_RESETCERTIFICATE_FIRSTACCESS => 99, - PE_PP_NOT_ALLOWED_CHARACTER => 100, - PE_PP_NOT_ALLOWED_CHARACTERS => 101, - PE_UPGRADESESSION => 102, - PE_NO_SECOND_FACTORS => 103, - PE_BAD_DEVOPS_FILE => 104, - PE_FILENOTFOUND => 105, - PE_OIDC_AUTH_ERROR => 106, + PE_ISSUERMISSINGREQATTR => 94, + PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED => 95, + PE_BADOTP => 96, + PE_RESETCERTIFICATE_INVALID => 97, + PE_RESETCERTIFICATE_FORMEMPTY => 98, + PE_RESETCERTIFICATE_FIRSTACCESS => 99, + PE_PP_NOT_ALLOWED_CHARACTER => 100, + PE_PP_NOT_ALLOWED_CHARACTERS => 101, + PE_UPGRADESESSION => 102, + PE_NO_SECOND_FACTORS => 103, + PE_BAD_DEVOPS_FILE => 104, + PE_FILENOTFOUND => 105, + PE_OIDC_AUTH_ERROR => 106, }; sub portalConsts { return { - '-1' => 'PE_DONE', - '-2' => 'PE_REDIRECT', - '-3' => 'PE_INFO', - '-4' => 'PE_SENDRESPONSE', - '-5' => 'PE_IDPCHOICE', - '0' => 'PE_OK', - '1' => 'PE_SESSIONEXPIRED', - '10' => 'PE_BADCERTIFICATE', - '100' => 'PE_PP_NOT_ALLOWED_CHARACTER', - '101' => 'PE_PP_NOT_ALLOWED_CHARACTERS', - '102' => 'PE_UPGRADESESSION', - '103' => 'PE_NO_SECOND_FACTORS', - '104' => 'PE_BAD_DEVOPS_FILE', - '105' => 'PE_FILENOTFOUND', - '106' => 'PE_OIDC_AUTH_ERROR', - '2' => 'PE_FORMEMPTY', - '20' => 'PE_NO_PASSWORD_BE', - '21' => 'PE_PP_ACCOUNT_LOCKED', - '22' => 'PE_PP_PASSWORD_EXPIRED', - '23' => 'PE_CERTIFICATEREQUIRED', - '24' => 'PE_ERROR', - '25' => 'PE_PP_CHANGE_AFTER_RESET', - '26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', - '27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', - '28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', - '29' => 'PE_PP_PASSWORD_TOO_SHORT', - '3' => 'PE_WRONGMANAGERACCOUNT', - '30' => 'PE_PP_PASSWORD_TOO_YOUNG', - '31' => 'PE_PP_PASSWORD_IN_HISTORY', - '32' => 'PE_PP_GRACE', - '33' => 'PE_PP_EXP_WARNING', - '34' => 'PE_PASSWORD_MISMATCH', - '35' => 'PE_PASSWORD_OK', - '36' => 'PE_NOTIFICATION', - '37' => 'PE_BADURL', - '38' => 'PE_NOSCHEME', - '39' => 'PE_BADOLDPASSWORD', - '4' => 'PE_USERNOTFOUND', - '40' => 'PE_MALFORMEDUSER', - '41' => 'PE_SESSIONNOTGRANTED', - '42' => 'PE_CONFIRM', - '43' => 'PE_MAILFORMEMPTY', - '44' => 'PE_BADMAILTOKEN', - '45' => 'PE_MAILERROR', - '46' => 'PE_MAILOK', - '47' => 'PE_LOGOUT_OK', - '48' => 'PE_SAML_ERROR', - '49' => 'PE_SAML_LOAD_SERVICE_ERROR', - '5' => 'PE_BADCREDENTIALS', - '50' => 'PE_SAML_LOAD_IDP_ERROR', - '51' => 'PE_SAML_SSO_ERROR', - '52' => 'PE_SAML_UNKNOWN_ENTITY', - '53' => 'PE_SAML_DESTINATION_ERROR', - '54' => 'PE_SAML_CONDITIONS_ERROR', - '55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', - '56' => 'PE_SAML_SLO_ERROR', - '57' => 'PE_SAML_SIGNATURE_ERROR', - '58' => 'PE_SAML_ART_ERROR', - '59' => 'PE_SAML_SESSION_ERROR', - '6' => 'PE_LDAPCONNECTFAILED', - '60' => 'PE_SAML_LOAD_SP_ERROR', - '61' => 'PE_SAML_ATTR_ERROR', - '62' => 'PE_OPENID_EMPTY', - '63' => 'PE_OPENID_BADID', - '64' => 'PE_MISSINGREQATTR', - '65' => 'PE_BADPARTNER', - '66' => 'PE_MAILCONFIRMATION_ALREADY_SENT', - '67' => 'PE_PASSWORDFORMEMPTY', - '68' => 'PE_CAS_SERVICE_NOT_ALLOWED', - '69' => 'PE_MAILFIRSTACCESS', - '7' => 'PE_LDAPERROR', - '70' => 'PE_MAILNOTFOUND', - '71' => 'PE_PASSWORDFIRSTACCESS', - '72' => 'PE_MAILCONFIRMOK', - '73' => 'PE_RADIUSCONNECTFAILED', - '74' => 'PE_MUST_SUPPLY_OLD_PASSWORD', - '75' => 'PE_FORBIDDENIP', - '76' => 'PE_CAPTCHAERROR', - '77' => 'PE_CAPTCHAEMPTY', - '78' => 'PE_REGISTERFIRSTACCESS', - '79' => 'PE_REGISTERFORMEMPTY', - '8' => 'PE_APACHESESSIONERROR', - '80' => 'PE_REGISTERALREADYEXISTS', - '81' => 'PE_NOTOKEN', - '82' => 'PE_TOKENEXPIRED', - '83' => 'PE_U2FFAILED', - '84' => 'PE_UNAUTHORIZEDPARTNER', - '85' => 'PE_RENEWSESSION', - '86' => 'PE_WAIT', - '87' => 'PE_MUSTAUTHN', - '88' => 'PE_MUSTHAVEMAIL', - '89' => 'PE_SAML_SERVICE_NOT_ALLOWED', - '9' => 'PE_FIRSTACCESS', - '90' => 'PE_OIDC_SERVICE_NOT_ALLOWED', - '91' => 'PE_OID_SERVICE_NOT_ALLOWED', - '92' => 'PE_GET_SERVICE_NOT_ALLOWED', - '93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', - '94' => 'PE_ISSUERMISSINGREQATTR', - '95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', - '96' => 'PE_BADOTP', - '97' => 'PE_RESETCERTIFICATE_INVALID', - '98' => 'PE_RESETCERTIFICATE_FORMEMPTY', - '99' => 'PE_RESETCERTIFICATE_FIRSTACCESS' - }; + '-1' => 'PE_DONE', + '-2' => 'PE_REDIRECT', + '-3' => 'PE_INFO', + '-4' => 'PE_SENDRESPONSE', + '-5' => 'PE_IDPCHOICE', + '0' => 'PE_OK', + '1' => 'PE_SESSIONEXPIRED', + '10' => 'PE_BADCERTIFICATE', + '100' => 'PE_PP_NOT_ALLOWED_CHARACTER', + '101' => 'PE_PP_NOT_ALLOWED_CHARACTERS', + '102' => 'PE_UPGRADESESSION', + '103' => 'PE_NO_SECOND_FACTORS', + '104' => 'PE_BAD_DEVOPS_FILE', + '105' => 'PE_FILENOTFOUND', + '106' => 'PE_OIDC_AUTH_ERROR', + '2' => 'PE_FORMEMPTY', + '20' => 'PE_NO_PASSWORD_BE', + '21' => 'PE_PP_ACCOUNT_LOCKED', + '22' => 'PE_PP_PASSWORD_EXPIRED', + '23' => 'PE_CERTIFICATEREQUIRED', + '24' => 'PE_ERROR', + '25' => 'PE_PP_CHANGE_AFTER_RESET', + '26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', + '27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', + '28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', + '29' => 'PE_PP_PASSWORD_TOO_SHORT', + '3' => 'PE_WRONGMANAGERACCOUNT', + '30' => 'PE_PP_PASSWORD_TOO_YOUNG', + '31' => 'PE_PP_PASSWORD_IN_HISTORY', + '32' => 'PE_PP_GRACE', + '33' => 'PE_PP_EXP_WARNING', + '34' => 'PE_PASSWORD_MISMATCH', + '35' => 'PE_PASSWORD_OK', + '36' => 'PE_NOTIFICATION', + '37' => 'PE_BADURL', + '38' => 'PE_NOSCHEME', + '39' => 'PE_BADOLDPASSWORD', + '4' => 'PE_USERNOTFOUND', + '40' => 'PE_MALFORMEDUSER', + '41' => 'PE_SESSIONNOTGRANTED', + '42' => 'PE_CONFIRM', + '43' => 'PE_MAILFORMEMPTY', + '44' => 'PE_BADMAILTOKEN', + '45' => 'PE_MAILERROR', + '46' => 'PE_MAILOK', + '47' => 'PE_LOGOUT_OK', + '48' => 'PE_SAML_ERROR', + '49' => 'PE_SAML_LOAD_SERVICE_ERROR', + '5' => 'PE_BADCREDENTIALS', + '50' => 'PE_SAML_LOAD_IDP_ERROR', + '51' => 'PE_SAML_SSO_ERROR', + '52' => 'PE_SAML_UNKNOWN_ENTITY', + '53' => 'PE_SAML_DESTINATION_ERROR', + '54' => 'PE_SAML_CONDITIONS_ERROR', + '55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', + '56' => 'PE_SAML_SLO_ERROR', + '57' => 'PE_SAML_SIGNATURE_ERROR', + '58' => 'PE_SAML_ART_ERROR', + '59' => 'PE_SAML_SESSION_ERROR', + '6' => 'PE_LDAPCONNECTFAILED', + '60' => 'PE_SAML_LOAD_SP_ERROR', + '61' => 'PE_SAML_ATTR_ERROR', + '62' => 'PE_OPENID_EMPTY', + '63' => 'PE_OPENID_BADID', + '64' => 'PE_MISSINGREQATTR', + '65' => 'PE_BADPARTNER', + '66' => 'PE_MAILCONFIRMATION_ALREADY_SENT', + '67' => 'PE_PASSWORDFORMEMPTY', + '68' => 'PE_CAS_SERVICE_NOT_ALLOWED', + '69' => 'PE_MAILFIRSTACCESS', + '7' => 'PE_LDAPERROR', + '70' => 'PE_MAILNOTFOUND', + '71' => 'PE_PASSWORDFIRSTACCESS', + '72' => 'PE_MAILCONFIRMOK', + '73' => 'PE_RADIUSCONNECTFAILED', + '74' => 'PE_MUST_SUPPLY_OLD_PASSWORD', + '75' => 'PE_FORBIDDENIP', + '76' => 'PE_CAPTCHAERROR', + '77' => 'PE_CAPTCHAEMPTY', + '78' => 'PE_REGISTERFIRSTACCESS', + '79' => 'PE_REGISTERFORMEMPTY', + '8' => 'PE_APACHESESSIONERROR', + '80' => 'PE_REGISTERALREADYEXISTS', + '81' => 'PE_NOTOKEN', + '82' => 'PE_TOKENEXPIRED', + '83' => 'PE_U2FFAILED', + '84' => 'PE_UNAUTHORIZEDPARTNER', + '85' => 'PE_RENEWSESSION', + '86' => 'PE_WAIT', + '87' => 'PE_MUSTAUTHN', + '88' => 'PE_MUSTHAVEMAIL', + '89' => 'PE_SAML_SERVICE_NOT_ALLOWED', + '9' => 'PE_FIRSTACCESS', + '90' => 'PE_OIDC_SERVICE_NOT_ALLOWED', + '91' => 'PE_OID_SERVICE_NOT_ALLOWED', + '92' => 'PE_GET_SERVICE_NOT_ALLOWED', + '93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', + '94' => 'PE_ISSUERMISSINGREQATTR', + '95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', + '96' => 'PE_BADOTP', + '97' => 'PE_RESETCERTIFICATE_INVALID', + '98' => 'PE_RESETCERTIFICATE_FORMEMPTY', + '99' => 'PE_RESETCERTIFICATE_FIRSTACCESS' + }; } # EXPORTER PARAMETERS -our @EXPORT_OK = ( - 'portalConsts', - 'HANDLER', - 'URIRE', - 'PE_IDPCHOICE', - 'PE_SENDRESPONSE', - 'PE_INFO', - 'PE_REDIRECT', - 'PE_DONE', - 'PE_OK', - 'PE_SESSIONEXPIRED', - 'PE_FORMEMPTY', - 'PE_WRONGMANAGERACCOUNT', - 'PE_USERNOTFOUND', - 'PE_BADCREDENTIALS', - 'PE_LDAPCONNECTFAILED', - 'PE_LDAPERROR', - 'PE_APACHESESSIONERROR', - 'PE_FIRSTACCESS', - 'PE_BADCERTIFICATE', - 'PE_NO_PASSWORD_BE', - 'PE_PP_ACCOUNT_LOCKED', - 'PE_PP_PASSWORD_EXPIRED', - 'PE_CERTIFICATEREQUIRED', - 'PE_ERROR', - 'PE_PP_CHANGE_AFTER_RESET', - 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', - 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', - 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', - 'PE_PP_PASSWORD_TOO_SHORT', - 'PE_PP_PASSWORD_TOO_YOUNG', - 'PE_PP_PASSWORD_IN_HISTORY', - 'PE_PP_GRACE', - 'PE_PP_EXP_WARNING', - 'PE_PASSWORD_MISMATCH', - 'PE_PASSWORD_OK', - 'PE_NOTIFICATION', - 'PE_BADURL', - 'PE_NOSCHEME', - 'PE_BADOLDPASSWORD', - 'PE_MALFORMEDUSER', - 'PE_SESSIONNOTGRANTED', - 'PE_CONFIRM', - 'PE_MAILFORMEMPTY', - 'PE_BADMAILTOKEN', - 'PE_MAILERROR', - 'PE_MAILOK', - 'PE_LOGOUT_OK', - 'PE_SAML_ERROR', - 'PE_SAML_LOAD_SERVICE_ERROR', - 'PE_SAML_LOAD_IDP_ERROR', - 'PE_SAML_SSO_ERROR', - 'PE_SAML_UNKNOWN_ENTITY', - 'PE_SAML_DESTINATION_ERROR', - 'PE_SAML_CONDITIONS_ERROR', - 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', - 'PE_SAML_SLO_ERROR', - 'PE_SAML_SIGNATURE_ERROR', - 'PE_SAML_ART_ERROR', - 'PE_SAML_SESSION_ERROR', - 'PE_SAML_LOAD_SP_ERROR', - 'PE_SAML_ATTR_ERROR', - 'PE_OPENID_EMPTY', - 'PE_OPENID_BADID', - 'PE_MISSINGREQATTR', - 'PE_BADPARTNER', - 'PE_MAILCONFIRMATION_ALREADY_SENT', - 'PE_PASSWORDFORMEMPTY', - 'PE_CAS_SERVICE_NOT_ALLOWED', - 'PE_MAILFIRSTACCESS', - 'PE_MAILNOTFOUND', - 'PE_PASSWORDFIRSTACCESS', - 'PE_MAILCONFIRMOK', - 'PE_RADIUSCONNECTFAILED', - 'PE_MUST_SUPPLY_OLD_PASSWORD', - 'PE_FORBIDDENIP', - 'PE_CAPTCHAERROR', - 'PE_CAPTCHAEMPTY', - 'PE_REGISTERFIRSTACCESS', - 'PE_REGISTERFORMEMPTY', - 'PE_REGISTERALREADYEXISTS', - 'PE_NOTOKEN', - 'PE_TOKENEXPIRED', - 'PE_U2FFAILED', - 'PE_UNAUTHORIZEDPARTNER', - 'PE_RENEWSESSION', - 'PE_WAIT', - 'PE_MUSTAUTHN', - 'PE_MUSTHAVEMAIL', - 'PE_SAML_SERVICE_NOT_ALLOWED', - 'PE_OIDC_SERVICE_NOT_ALLOWED', - 'PE_OID_SERVICE_NOT_ALLOWED', - 'PE_GET_SERVICE_NOT_ALLOWED', - 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', - 'PE_ISSUERMISSINGREQATTR', - 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', - 'PE_BADOTP', - 'PE_RESETCERTIFICATE_INVALID', - 'PE_RESETCERTIFICATE_FORMEMPTY', - 'PE_RESETCERTIFICATE_FIRSTACCESS', - 'PE_PP_NOT_ALLOWED_CHARACTER', - 'PE_PP_NOT_ALLOWED_CHARACTERS', - 'PE_UPGRADESESSION', - 'PE_NO_SECOND_FACTORS', - 'PE_BAD_DEVOPS_FILE', - 'PE_FILENOTFOUND', - 'PE_OIDC_AUTH_ERROR' -); +our @EXPORT_OK = ( 'portalConsts', 'HANDLER', 'URIRE', 'PE_IDPCHOICE', 'PE_SENDRESPONSE', 'PE_INFO', 'PE_REDIRECT', 'PE_DONE', 'PE_OK', 'PE_SESSIONEXPIRED', 'PE_FORMEMPTY', 'PE_WRONGMANAGERACCOUNT', 'PE_USERNOTFOUND', 'PE_BADCREDENTIALS', 'PE_LDAPCONNECTFAILED', 'PE_LDAPERROR', 'PE_APACHESESSIONERROR', 'PE_FIRSTACCESS', 'PE_BADCERTIFICATE', 'PE_NO_PASSWORD_BE', 'PE_PP_ACCOUNT_LOCKED', 'PE_PP_PASSWORD_EXPIRED', 'PE_CERTIFICATEREQUIRED', 'PE_ERROR', 'PE_PP_CHANGE_AFTER_RESET', 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', 'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_PASSWORD_TOO_YOUNG', 'PE_PP_PASSWORD_IN_HISTORY', 'PE_PP_GRACE', 'PE_PP_EXP_WARNING', 'PE_PASSWORD_MISMATCH', 'PE_PASSWORD_OK', 'PE_NOTIFICATION', 'PE_BADURL', 'PE_NOSCHEME', 'PE_BADOLDPASSWORD', 'PE_MALFORMEDUSER', 'PE_SESSIONNOTGRANTED', 'PE_CONFIRM', 'PE_MAILFORMEMPTY', 'PE_BADMAILTOKEN', 'PE_MAILERROR', 'PE_MAILOK', 'PE_LOGOUT_OK', 'PE_SAML_ERROR', 'PE_SAML_LOAD_SERVICE_ERROR', 'PE_SAML_LOAD_IDP_ERROR', 'PE_SAML_SSO_ERROR', 'PE_SAML_UNKNOWN_ENTITY', 'PE_SAML_DESTINATION_ERROR', 'PE_SAML_CONDITIONS_ERROR', 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', 'PE_SAML_SLO_ERROR', 'PE_SAML_SIGNATURE_ERROR', 'PE_SAML_ART_ERROR', 'PE_SAML_SESSION_ERROR', 'PE_SAML_LOAD_SP_ERROR', 'PE_SAML_ATTR_ERROR', 'PE_OPENID_EMPTY', 'PE_OPENID_BADID', 'PE_MISSINGREQATTR', 'PE_BADPARTNER', 'PE_MAILCONFIRMATION_ALREADY_SENT', 'PE_PASSWORDFORMEMPTY', 'PE_CAS_SERVICE_NOT_ALLOWED', 'PE_MAILFIRSTACCESS', 'PE_MAILNOTFOUND', 'PE_PASSWORDFIRSTACCESS', 'PE_MAILCONFIRMOK', 'PE_RADIUSCONNECTFAILED', 'PE_MUST_SUPPLY_OLD_PASSWORD', 'PE_FORBIDDENIP', 'PE_CAPTCHAERROR', 'PE_CAPTCHAEMPTY', 'PE_REGISTERFIRSTACCESS', 'PE_REGISTERFORMEMPTY', 'PE_REGISTERALREADYEXISTS', 'PE_NOTOKEN', 'PE_TOKENEXPIRED', 'PE_U2FFAILED', 'PE_UNAUTHORIZEDPARTNER', 'PE_RENEWSESSION', 'PE_WAIT', 'PE_MUSTAUTHN', 'PE_MUSTHAVEMAIL', 'PE_SAML_SERVICE_NOT_ALLOWED', 'PE_OIDC_SERVICE_NOT_ALLOWED', 'PE_OID_SERVICE_NOT_ALLOWED', 'PE_GET_SERVICE_NOT_ALLOWED', 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', 'PE_ISSUERMISSINGREQATTR', 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', 'PE_BADOTP', 'PE_RESETCERTIFICATE_INVALID', 'PE_RESETCERTIFICATE_FORMEMPTY', 'PE_RESETCERTIFICATE_FIRSTACCESS', 'PE_PP_NOT_ALLOWED_CHARACTER', 'PE_PP_NOT_ALLOWED_CHARACTERS', 'PE_UPGRADESESSION', 'PE_NO_SECOND_FACTORS', 'PE_BAD_DEVOPS_FILE', 'PE_FILENOTFOUND', 'PE_OIDC_AUTH_ERROR' ); our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], ); our @EXPORT = qw(import PE_OK); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm index 91807576c..9ca44c4ad 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm @@ -15,6 +15,7 @@ has speChars => ( is => 'rw' ); has skinRules => ( is => 'rw' ); has stayConnected => ( is => 'rw', default => sub { 0 } ); has requireOldPwd => ( is => 'rw', default => sub { 1 } ); +has rememberAuthChoice => ( is => 'rw', default => sub { 0 } ); sub displayInit { my ($self) = @_; @@ -49,6 +50,14 @@ sub displayInit { } $self->stayConnected($rule); + $rule = + HANDLER->buildSub( HANDLER->substitute( $self->conf->{rememberAuthChoiceRule} ) ); + unless ($rule) { + my $error = HANDLER->tsv->{jail}->error || 'Unable to compile rule'; + $self->logger->error("Bad rememberAuthChoiceRule rule: $error"); + } + $self->rememberAuthChoice($rule); + my $speChars = $self->conf->{passwordPolicySpecialChar} eq '__ALL__' ? '' @@ -412,6 +421,14 @@ sub display { ? ( STAYCONNECTED => 1 ) : () ), + ( + $self->rememberAuthChoice->( $req, $req->sessionInfo ) + ? ( REMEMBERAUTHCHOICE => 1 ) + : () + ), + REMEMBERAUTHCHOICEDEFAULTCHECKED => $self->conf->{rememberDefaultChecked} || 0, + REMEMBERAUTHCHOICECOOKIENAME => $self->conf->{rememberCookieName} || 'llngrememberauthchoice', + REMEMBERAUTHCHOICETIMER => $self->conf->{rememberTimer} || 5, ( $req->data->{customScript} ? ( CUSTOM_SCRIPT => $req->data->{customScript} ) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm index 18d957e3c..20d339e97 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm @@ -19,6 +19,7 @@ our @pList = ( portalStatus => '::Plugins::Status', cda => '::Plugins::CDA', notification => '::Plugins::Notifications', + rememberAuthChoiceRule => '::Plugins::RememberAuthChoice', stayConnected => '::Plugins::StayConnected', portalCheckLogins => '::Plugins::History', bruteForceProtection => '::Plugins::BruteForceProtection', diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RememberAuthChoice.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RememberAuthChoice.pm new file mode 100644 index 000000000..3bac45d80 --- /dev/null +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RememberAuthChoice.pm @@ -0,0 +1,146 @@ +# Plugin to remember which authentication method has been chosen, +# and laun it automatically + +package Lemonldap::NG::Portal::Plugins::RememberAuthChoice; + +use strict; +use Mouse; +use Lemonldap::NG::Portal::Main::Constants qw( + PE_OK + PE_SENDRESPONSE +); + +our $VERSION = '2.0.15'; + +extends 'Lemonldap::NG::Portal::Main::Plugin'; + +# INTERFACE + +use constant endAuth => 'storeRememberedAuthChoice'; +use constant beforeAuth => 'checkRememberedAuthChoice'; + +has rule => ( is => 'rw', default => sub { 0 } ); + +has rememberDefaultChecked => ( + is => 'rw', + lazy => 1, + default => sub { + $_[0]->conf->{rememberDefaultChecked} || 0; + } +); + +has rememberTimer => ( + is => 'rw', + lazy => 1, + default => sub { + $_[0]->conf->{rememberTimer} || 5; + } +); + +has rememberCookieName => ( + is => 'rw', + lazy => 1, + default => sub { + $_[0]->conf->{rememberCookieName} || 'llngrememberauthchoice'; + } +); + +# Default timeout: 1 year +has rememberCookieTimeout => ( + is => 'rw', + lazy => 1, + default => sub { + $_[0]->conf->{rememberCookieTimeout} || 31536000; + } +); + + +sub init +{ + my ($self) = @_; + + # Parse activation rule + $self->rule( + $self->p->buildRule( $self->conf->{rememberAuthChoiceRule}, 'rememberAuthChoiceRule' ) ); + return 0 unless $self->rule; + + return 1; +} + + +sub storeRememberedAuthChoice +{ + my ( $self, $req ) = @_; + + # Get directly authentication choice from sessionInfo + my $lmAuth = $req->sessionInfo->{_choice}; + # Get rememberauthchoice tick from corresponding hash + # * req->pdata for Issuer auth modules (SAML, OIDC,...) + # * req->data for direct auth modules (LDAP) + my $rememberauthchoice = $req->pdata->{rememberauthchoice} || + $req->data->{rememberauthchoice} || + ""; + + if( $lmAuth ) + { + + # Store cookie to remember the authentication choice + if( $rememberauthchoice eq "true" ) + { + $self->logger->warn("RememberAuthChoice: set cookie " . + $self->rememberCookieName . + " with authentication choice lmAuth=" . + $lmAuth + ); + $req->addCookie( + $self->p->cookie( + name => $self->rememberCookieName, + value => $lmAuth, + max_age => $self->rememberCookieTimeout, + secure => $self->conf->{securedCookie}, + HttpOnly => 0, # required for cookie to be read by js + ) + ); + } + # Remove cookie to forget previous authentication choice + else + { + + $self->logger->warn("RememberAuthChoice: Remove cookie " . + $self->rememberCookieName ); + + $req->addCookie( + $self->p->cookie( + name => $self->rememberCookieName, + value => 0, + expires => 'Wed, 21 Oct 2015 00:00:00 GMT', + secure => $self->conf->{securedCookie}, + ) + ); + } + } + + return PE_OK; +} + +sub checkRememberedAuthChoice +{ + my ( $self, $req ) = @_; + + # Check if form has been sent with a rememberauthchoice tick + my $lmAuth = $req->param('lmAuth') || "" ; + my $rememberauthchoice = $req->param('rememberauthchoice') || "" ; + + # If so, store rememberauthchoice tick for the endAuth endpoint + if( $lmAuth ) + { + # For authentication method occurring in the same request + $req->data->{rememberauthchoice} = $rememberauthchoice; + # For authentication method occurring in a different request + $req->pdata->{rememberauthchoice} = $rememberauthchoice; + } + + return PE_OK; +} + +1; diff --git a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css index 9e50e75a1..ac725f904 100644 --- a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css +++ b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css @@ -216,3 +216,9 @@ div.input-group > p.form-control > label { user-select: none; cursor: pointer; } + +/* Hide "remember my authentication choice" timer */ +div#remembertimer { + display: none; +} + diff --git a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css index a3708651c..e26723f2d 100644 --- a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css +++ b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css @@ -1 +1 @@ -html,body{height:100%;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}#wrap{min-height:100%;height:auto;margin:0 auto -80px;padding:20px 0 80px}#footer{height:80px;background-color:#fff;background-color:rgba(255,255,255,0.9);text-align:center;padding-top:10px;overflow:hidden}#header img{background-color:#fff;background-color:rgba(255,255,255,0.8);margin-bottom:20px}.card,.navbar-light{background-color:#fff;background-color:rgba(255,255,255,0.9);background-image:none}.login,.password{text-align:center;padding:20px}div.form{margin:0 auto;max-width:330px}div.actions{margin:10px 0 0 0}div.actions a{margin-top:10px}div.actions button{margin-top:10px}.buttons{text-align:center;margin:10px 0 0 0;cursor:pointer}.btn{white-space:normal}.btn span.fa{padding-right:8px}li.ui-state-active{background-color:#fafafa;background-color:rgba(250,250,250,0.9)}#appslist,#password,#loginHistory,#logout,#oidcConsents{margin-top:20px}div.category{margin:10px 0;cursor:grab}div.application{margin:5px 0;overflow:hidden}div.application a,div.application a:hover{text-decoration:none}p.notifCheck label{margin-left:5px;margin-top:3px;display:inline-block}.notif div.form{margin 0 auto;max-width:1024px}.notif .h2,h2{font-size:1.6rem;font-weght:bold;text-align:center}.notif .h3,h3{margin-top:30px;margin-bottom:30px;font-size:1.2rem}.notif .card-title{font-size:1.7rem}img.langicon{cursor:pointer}button.idploop{max-width:300px}button.idploop img{max-height:30px}div.oidc_consent_message>ul{text-align:left;list-style:circle}@media(min-width:768px){div.application{height:80px}div.application h4.appname{margin:0}#wrap{margin:0 auto -60px}#footer{height:60px}}.hiddenFrame{border:0;display:hidden;margin:0}.noborder{border:0}.max{width:100%}.link{cursor:pointer}.nodecor:hover,.nodecor:active,.nodecor:focus{text-decoration:none}.fa.icon-blue{color:blue}.progress-bar-animated{width:100%}input.key{font-family:'password';width:100px}@font-face{font-family:'password';src:url(/static/common/fonts/password.ttf)}.info.table caption{color:black;text-align:center;caption-side:bottom}div.input-group>p.form-control{height:auto}div.input-group>p.form-control>label{display:revert;user-select:none;cursor:pointer} \ No newline at end of file +html,body{height:100%;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}#wrap{min-height:100%;height:auto;margin:0 auto -80px;padding:20px 0 80px}#footer{height:80px;background-color:#fff;background-color:rgba(255,255,255,0.9);text-align:center;padding-top:10px;overflow:hidden}#header img{background-color:#fff;background-color:rgba(255,255,255,0.8);margin-bottom:20px}.card,.navbar-light{background-color:#fff;background-color:rgba(255,255,255,0.9);background-image:none}.login,.password{text-align:center;padding:20px}div.form{margin:0 auto;max-width:330px}div.actions{margin:10px 0 0 0}div.actions a{margin-top:10px}div.actions button{margin-top:10px}.buttons{text-align:center;margin:10px 0 0 0;cursor:pointer}.btn{white-space:normal}.btn span.fa{padding-right:8px}li.ui-state-active{background-color:#fafafa;background-color:rgba(250,250,250,0.9)}#appslist,#password,#loginHistory,#logout,#oidcConsents{margin-top:20px}div.category{margin:10px 0;cursor:grab}div.application{margin:5px 0;overflow:hidden}div.application a,div.application a:hover{text-decoration:none}p.notifCheck label{margin-left:5px;margin-top:3px;display:inline-block}.notif div.form{margin 0 auto;max-width:1024px}.notif .h2,h2{font-size:1.6rem;font-weght:bold;text-align:center}.notif .h3,h3{margin-top:30px;margin-bottom:30px;font-size:1.2rem}.notif .card-title{font-size:1.7rem}img.langicon{cursor:pointer}button.idploop{max-width:300px}button.idploop img{max-height:30px}div.oidc_consent_message>ul{text-align:left;list-style:circle}@media(min-width:768px){div.application{height:80px}div.application h4.appname{margin:0}#wrap{margin:0 auto -60px}#footer{height:60px}}.hiddenFrame{border:0;display:hidden;margin:0}.noborder{border:0}.max{width:100%}.link{cursor:pointer}.nodecor:hover,.nodecor:active,.nodecor:focus{text-decoration:none}.fa.icon-blue{color:blue}.progress-bar-animated{width:100%}input.key{font-family:'password';width:100px}@font-face{font-family:'password';src:url(/static/common/fonts/password.ttf)}.info.table caption{color:black;text-align:center;caption-side:bottom}div.input-group>p.form-control{height:auto}div.input-group>p.form-control>label{display:revert;user-select:none;cursor:pointer}div#remembertimer{display: none;} diff --git a/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.js b/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.js index eaa600b8a..30af0d4f7 100644 --- a/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.js +++ b/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.js @@ -47,5 +47,78 @@ $(window).on("load", function() { $('.nav-item').attr( "tabIndex", 0 ); }); + // tick all checkboxes remembering the authentication choice + // when global checkbox is clicked + $("#globalrememberauthchoice").change(function() { + var checked = this.checked; + $( 'input[name="rememberauthchoice"]' ).each(function() { + $( this ).val(checked); + }); + }); + + // if rememberStopped button has been clicked, stop the timer + // from lauching the previously remembered authentication + $("#buttonRememberStopped").click(function() { + var curval = $( "input#rememberStopped" ).val(); + var newval; + if( curval != "stopped" ) + { + newval = "stopped"; + } + else + { + newval = "running"; + window.setTimeout( launchAuthenticationChoice, 1000 ); + } + // store the new value + $( "input#rememberStopped" ).val(newval); + }); + + // function running the previously remembered authentication choice + // when the timer is over + function launchAuthenticationChoice() + { + + var timer = $( "div#remembertimer p span" ).text(); + var isStopped = $( "input#rememberStopped" ).val(); + + if ( isStopped != "stopped" ) + { + if ( timer > 0 ) + { + timer--; + // display decremented timer in the appropriate html element + $( "div#remembertimer p span" ).text(timer); + // wait for another 1s + window.setTimeout( launchAuthenticationChoice, 1000 ); + } + else + { + // launch authentication choice defined in cookie + var choiceform = "#" + $.cookie(rememberCookieName) + " form"; + $( choiceform ).submit(); + } + } + + }; + + + // Check rememberauthchoice cookie + var rememberCookieName = $( "#rememberCookieName" ).val(); + var errorCode = $( "#errormsg div span" ).attr("trmsg"); + // if this is first access + if( errorCode == 9 ) + { + // if there is a rememberauthchoice cookie + if ( ! ( typeof rememberCookieName === 'undefined' ) && + ! ( typeof $.cookie(rememberCookieName) === 'undefined' ) + ) + { + // show timer + $( "div#remembertimer" ).show(); + // launch remembered authentication choice when timer reaches 0 + window.setTimeout( launchAuthenticationChoice, 1000 ); + } + } }); diff --git a/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.min.js b/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.min.js index 74d4495ef..478ac8c51 100644 --- a/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.min.js +++ b/lemonldap-ng-portal/site/htdocs/static/bootstrap/js/skin.min.js @@ -1 +1 @@ -$(window).on("load",function(){$("div.message-positive").addClass("alert-success"),$("div.message-warning").addClass("alert-warning"),$("div.message-negative").addClass("alert-danger"),$("table.info").addClass("table"),$(".notifCheck").addClass("checkbox"),$('.collapse li[class!="dropdown"]').on("click",function(){$(".navbar-toggler").hasClass("collapsed")||$(".navbar-toggler").trigger("click")}),$("#authMenu .nav-link").on("click",function(a){window.datas.choicetab=a.target.hash.substr(1)}),$("#remove2fModal").on("show.bs.modal",function(a){var t=$(a.relatedTarget),e=t.attr("device"),n=t.attr("epoch"),i=$(this);i.find(".remove2f").attr("device",e),i.find(".remove2f").attr("epoch",n)}),$(".nav-item").click(function(){$(".nav-item").attr("tabIndex",0)}),$(".nav-item").focusin(function(){$(".nav-item").attr("tabIndex",0)}),$(".nav-item").focusout(function(){$(".nav-item").attr("tabIndex",0)})}); \ No newline at end of file +$(window).on("load",function(){function t(){var e=$("div#remembertimer p span").text();"stopped"!=$("input#rememberStopped").val()&&(0 + + + + true" /> + + @@ -92,6 +98,11 @@ + + + true" /> + + @@ -104,6 +115,30 @@ + + +
+

+ + + + +

+
+ +
+
+
+ checked /> + "> +
+
+

+ +

+
+ + diff --git a/lemonldap-ng-portal/t/28-AuthChoice-Slave-rememberAuthChoice.t b/lemonldap-ng-portal/t/28-AuthChoice-Slave-rememberAuthChoice.t new file mode 100644 index 000000000..bedd2040f --- /dev/null +++ b/lemonldap-ng-portal/t/28-AuthChoice-Slave-rememberAuthChoice.t @@ -0,0 +1,74 @@ +use Test::More; +use strict; +use IO::String; + +require 't/test-lib.pm'; + +my $res; +my $maintests = 7; + +my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + authentication => 'Choice', + userDB => 'Same', + passwordDB => 'Choice', + + authChoiceParam => 'lmAuth', + authChoiceModules => { + slavechoice => 'Slave;Demo;Demo', + }, + + slaveUserHeader => 'userid', + slaveDisplayLogo => 1, + + rememberAuthChoiceRule => 1, + rememberCookieName => "llngrememberauthchoice", + rememberCookieTimeout => 31536000, + rememberDefaultChecked => 0, + rememberTimer => 10, + } + } +); + + +# Check web form +ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get authentication portal' ); +my @form = ( $res->[2]->[0] =~ m##sg ); +ok( @form == 1, 'Display 1 choice' ) or explain( scalar(@form), 1 ); +expectForm( [ $res->[0], $res->[1], [ $form[0] ] ], undef, undef, 'lmAuth' ); +ok( $form[0] =~ /input type="hidden" id="rememberauthchoice"/ ); + +# authentication with rememberauthchoice enabled +ok( + $res = $client->_get( '/', + 'accept' => 'text/html', + 'query' => 'lmAuth=slavechoice&rememberauthchoice=true', + 'custom' => { 'HTTP_USERID' => 'dwho' } + ), + 'Auth query with rememberauthchoice enabled' +); +my $id = expectCookie( $res ); +my $remember = expectCookie( $res, "llngrememberauthchoice" ); +ok( $remember eq "slavechoice", 'Get cookie with authentication' ); + +$client->logout($id); + +# authentication with rememberauthchoice disabled +ok( + $res = $client->_get( '/', + 'accept' => 'text/html', + 'query' => 'lmAuth=slavechoice&rememberauthchoice=false', + 'custom' => { 'HTTP_USERID' => 'dwho' } + ), + 'Auth query with rememberauthchoice disabled' +); +$id = expectCookie( $res ); +$remember = expectCookie( $res, "llngrememberauthchoice" ); +ok( $remember eq "0", 'Get cookie removal' ); + +$client->logout($id); + +count($maintests); +clean_sessions(); +done_testing( count() );