SAML: private and public keys are now displayed by the filearea form into the manager
This commit is contained in:
parent
bcd6bb6d3a
commit
95a6d98627
|
@ -98,7 +98,7 @@ sub struct {
|
||||||
######################
|
######################
|
||||||
generalParameters => {
|
generalParameters => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(n:portalParams n:authParams n:logParams n:cookieParams n:sessionParams n:advancedParams)
|
qw(portalParams n:authParams logParams cookieParams sessionParams n:advancedParams)
|
||||||
],
|
],
|
||||||
_help => 'default',
|
_help => 'default',
|
||||||
|
|
||||||
|
@ -146,27 +146,14 @@ sub struct {
|
||||||
|| $self->defaultConf()->{authentication};
|
|| $self->defaultConf()->{authentication};
|
||||||
my $udb = $self->conf->{userDB}
|
my $udb = $self->conf->{userDB}
|
||||||
|| $self->defaultConf()->{userDB};
|
|| $self->defaultConf()->{userDB};
|
||||||
my $pdb = $self->conf->{passwordDB}
|
|
||||||
|| $self->defaultConf()->{passwordDB};
|
|
||||||
$auth = lc($auth);
|
$auth = lc($auth);
|
||||||
$udb = lc($udb);
|
$udb = lc($udb);
|
||||||
$pdb = lc($pdb);
|
|
||||||
my %res;
|
my %res;
|
||||||
|
foreach my $mod ( ( $auth, ( $auth ne $udb ? $udb : () ) ) )
|
||||||
foreach my $mod (
|
|
||||||
(
|
|
||||||
$auth,
|
|
||||||
( $udb ne ( $auth or $pdb ) ? $udb : () ),
|
|
||||||
( $pdb ne ( $auth or $udb ) ? $pdb : () )
|
|
||||||
)
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
my $tmp = {
|
my $tmp = {
|
||||||
ldap => ['ldapParams'],
|
ldap => ['ldapParams'],
|
||||||
ssl => [qw(ldapParams sslParams)],
|
ssl => [qw(ldapParams SSLRequired)],
|
||||||
cas => ['casParams'],
|
|
||||||
remote => ['remoteParams'],
|
|
||||||
proxy => ['proxyParams'],
|
|
||||||
openid => ['openIdParams'],
|
openid => ['openIdParams'],
|
||||||
twitter => ['twitterParams'],
|
twitter => ['twitterParams'],
|
||||||
}->{$mod};
|
}->{$mod};
|
||||||
|
@ -176,8 +163,7 @@ sub struct {
|
||||||
}
|
}
|
||||||
my @u = keys %res;
|
my @u = keys %res;
|
||||||
|
|
||||||
# Add authentication, userDB and passwordDB nodes at the beginning
|
# Add authentication and userDB nodes at the beginning
|
||||||
unshift( @u, "passwordDB" );
|
|
||||||
unshift( @u, "userDB" );
|
unshift( @u, "userDB" );
|
||||||
unshift( @u, "authentication" );
|
unshift( @u, "authentication" );
|
||||||
|
|
||||||
|
@ -189,7 +175,6 @@ sub struct {
|
||||||
|
|
||||||
authentication => 'text:/authentication:authParams:authParams',
|
authentication => 'text:/authentication:authParams:authParams',
|
||||||
userDB => 'text:/userDB:authParams:authParams',
|
userDB => 'text:/userDB:authParams:authParams',
|
||||||
passwordDB => 'text:/passwordDB:authParams:authParams',
|
|
||||||
|
|
||||||
# LDAP
|
# LDAP
|
||||||
ldapParams => {
|
ldapParams => {
|
||||||
|
@ -243,44 +228,7 @@ sub struct {
|
||||||
},
|
},
|
||||||
|
|
||||||
# SSL
|
# SSL
|
||||||
sslParams => {
|
SSLRequired => 'bool:/SSLRequired',
|
||||||
_nodes => [qw(SSLVar SSLLDAPField SSLRequire)],
|
|
||||||
SSLVar => 'text:/SSLVar',
|
|
||||||
SSLLDAPField => 'text:/SSLLDAPField',
|
|
||||||
SSLRequire => 'bool:/SSLRequire',
|
|
||||||
},
|
|
||||||
|
|
||||||
# CAS
|
|
||||||
casParams => {
|
|
||||||
_nodes =>
|
|
||||||
[qw(CAS_url CAS_loginUrl CAS_validationUrl CAS_CAFile)],
|
|
||||||
CAS_url => 'text:/CAS_url',
|
|
||||||
CAS_loginUrl => 'text:/CAS_loginUrl',
|
|
||||||
CAS_validationUrl => 'text:/CAS_validationUrl',
|
|
||||||
CAS_CAFile => 'text:/CAS_CAFile',
|
|
||||||
},
|
|
||||||
|
|
||||||
# Remote
|
|
||||||
remoteParams => {
|
|
||||||
_nodes => [
|
|
||||||
qw(remotePortal remoteGlobalStorage remoteGlobalStorageOptions)
|
|
||||||
],
|
|
||||||
remotePortal => 'text:/remotePortal',
|
|
||||||
remoteGlobalStorage => 'text:/remoteGlobalStorage',
|
|
||||||
remoteGlobalStorageOptions => {
|
|
||||||
_nodes => ['hash:/remoteGlobalStorageOptions'],
|
|
||||||
_js => 'hashRoot'
|
|
||||||
},
|
|
||||||
},
|
|
||||||
|
|
||||||
# Proxy
|
|
||||||
proxyParams => {
|
|
||||||
_nodes =>
|
|
||||||
[qw(soapAuthService remoteCookieName soapSessionService)],
|
|
||||||
soapAuthService => 'text:/soapAuthService',
|
|
||||||
remoteCookieName => 'text:/remoteCookieName',
|
|
||||||
soapSessionService => 'text:/soapSessionService',
|
|
||||||
},
|
|
||||||
|
|
||||||
# OpenID
|
# OpenID
|
||||||
openIdParams => {
|
openIdParams => {
|
||||||
|
@ -321,14 +269,9 @@ sub struct {
|
||||||
# SESSIONS PARAMETERS
|
# SESSIONS PARAMETERS
|
||||||
sessionParams => {
|
sessionParams => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(grantSessionRule storePassword timeout n:sessionStorage n:multipleSessions)
|
qw(sessionStorage grantSessionRule singleSession singleIP singleUserByIP notifyDeleted notifyOther timeout storePassword)
|
||||||
],
|
],
|
||||||
_help => 'storage',
|
_help => 'storage',
|
||||||
|
|
||||||
grantSessionRule => 'textarea:/grantSessionRule',
|
|
||||||
storePassword => 'bool:/storePassword',
|
|
||||||
timeout => 'text:/timeout:timeout:text',
|
|
||||||
|
|
||||||
sessionStorage => {
|
sessionStorage => {
|
||||||
_nodes => [qw(globalStorage globalStorageOptions)],
|
_nodes => [qw(globalStorage globalStorageOptions)],
|
||||||
globalStorage => 'text:/globalStorage',
|
globalStorage => 'text:/globalStorage',
|
||||||
|
@ -337,17 +280,14 @@ sub struct {
|
||||||
_js => 'hashRoot'
|
_js => 'hashRoot'
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
||||||
multipleSessions => {
|
|
||||||
_nodes => [
|
|
||||||
qw(singleSession singleIP singleUserByIP notifyDeleted notifyOther)
|
|
||||||
],
|
|
||||||
singleSession => 'bool:/singleSession',
|
singleSession => 'bool:/singleSession',
|
||||||
singleIP => 'bool:/singleIP',
|
singleIP => 'bool:/singleIP',
|
||||||
singleUserByIP => 'bool:/singleUserByIP',
|
singleUserByIP => 'bool:/singleUserByIP',
|
||||||
notifyDeleted => 'bool:/notifyDeleted',
|
notifyDeleted => 'bool:/notifyDeleted',
|
||||||
notifyOther => 'bool:/notifyOther',
|
notifyOther => 'bool:/notifyOther',
|
||||||
},
|
storePassword => 'bool:/storePassword',
|
||||||
|
timeout => 'text:/timeout:timeout:text',
|
||||||
|
grantSessionRule => 'text:/grantSessionRule',
|
||||||
},
|
},
|
||||||
|
|
||||||
# OTHER PARAMETERS
|
# OTHER PARAMETERS
|
||||||
|
@ -378,8 +318,9 @@ sub struct {
|
||||||
|
|
||||||
passwordManagement => {
|
passwordManagement => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(SMTPServer mailUrl mailFrom mailSubject mailBody mailConfirmSubject mailConfirmBody randomPasswordRegexp)
|
qw(passwordDB SMTPServer mailUrl mailFrom mailSubject mailBody mailConfirmSubject mailConfirmBody randomPasswordRegexp)
|
||||||
],
|
],
|
||||||
|
passwordDB => 'text:/passwordDB',
|
||||||
SMTPServer => 'text:/SMTPServer',
|
SMTPServer => 'text:/SMTPServer',
|
||||||
mailUrl => 'text:/mailUrl',
|
mailUrl => 'text:/mailUrl',
|
||||||
mailFrom => 'text:/mailFrom',
|
mailFrom => 'text:/mailFrom',
|
||||||
|
@ -465,7 +406,7 @@ sub struct {
|
||||||
# GLOBAL INFORMATIONS
|
# GLOBAL INFORMATIONS
|
||||||
samlEntityID => 'text:/samlEntityID',
|
samlEntityID => 'text:/samlEntityID',
|
||||||
samlServicePrivateKey =>
|
samlServicePrivateKey =>
|
||||||
'textarea:/samlServicePrivateKey:samlServicePrivateKey:textarea',
|
'filearea:/samlServicePrivateKey:samlServicePrivateKey:filearea',
|
||||||
samlOrganization => {
|
samlOrganization => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(samlOrganizationDisplayName
|
qw(samlOrganizationDisplayName
|
||||||
|
@ -496,7 +437,7 @@ sub struct {
|
||||||
samlSPSSODescriptorProtocolSupportEnumeration =>
|
samlSPSSODescriptorProtocolSupportEnumeration =>
|
||||||
'text:/samlSPSSODescriptorProtocolSupportEnumeration',
|
'text:/samlSPSSODescriptorProtocolSupportEnumeration',
|
||||||
samlSPSSODescriptorKeyDescriptorSigning =>
|
samlSPSSODescriptorKeyDescriptorSigning =>
|
||||||
'textarea:/samlSPSSODescriptorKeyDescriptorSigning',
|
'filearea:/samlSPSSODescriptorKeyDescriptorSigning',
|
||||||
|
|
||||||
samlSPSSODescriptorSingleLogoutService => {
|
samlSPSSODescriptorSingleLogoutService => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
|
@ -560,7 +501,7 @@ sub struct {
|
||||||
samlIDPSSODescriptorProtocolSupportEnumeration =>
|
samlIDPSSODescriptorProtocolSupportEnumeration =>
|
||||||
'text:/samlIDPSSODescriptorProtocolSupportEnumeration',
|
'text:/samlIDPSSODescriptorProtocolSupportEnumeration',
|
||||||
samlIDPSSODescriptorKeyDescriptorSigning =>
|
samlIDPSSODescriptorKeyDescriptorSigning =>
|
||||||
'textarea:/samlIDPSSODescriptorKeyDescriptorSigning',
|
'filearea:/samlIDPSSODescriptorKeyDescriptorSigning',
|
||||||
|
|
||||||
samlIDPSSODescriptorSingleSignOnService => {
|
samlIDPSSODescriptorSingleSignOnService => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
|
@ -847,6 +788,7 @@ sub testStruct {
|
||||||
singleIP => $boolean,
|
singleIP => $boolean,
|
||||||
singleUserByIP => $boolean,
|
singleUserByIP => $boolean,
|
||||||
Soap => $boolean,
|
Soap => $boolean,
|
||||||
|
SSLRequired => $boolean,
|
||||||
storePassword => $boolean,
|
storePassword => $boolean,
|
||||||
syslog => {
|
syslog => {
|
||||||
test => qw/^(?:auth|authpriv|daemon|local\d|user)?$/,
|
test => qw/^(?:auth|authpriv|daemon|local\d|user)?$/,
|
||||||
|
@ -932,33 +874,6 @@ sub testStruct {
|
||||||
samlIDPSSODescriptorManageNameIDServiceHTTP => $testNotDefined,
|
samlIDPSSODescriptorManageNameIDServiceHTTP => $testNotDefined,
|
||||||
samlIDPSSODescriptorManageNameIDServiceSOAP => $testNotDefined,
|
samlIDPSSODescriptorManageNameIDServiceSOAP => $testNotDefined,
|
||||||
|
|
||||||
# SSL
|
|
||||||
SSLVar => $testNotDefined,
|
|
||||||
SSLLDAPField => $testNotDefined,
|
|
||||||
SSLRequire => $boolean,
|
|
||||||
|
|
||||||
# CAS
|
|
||||||
CAS_url => $testNotDefined,
|
|
||||||
CAS_loginUrl => $testNotDefined,
|
|
||||||
CAS_validationUrl => $testNotDefined,
|
|
||||||
CAS_CAFile => $testNotDefined,
|
|
||||||
|
|
||||||
# Remote
|
|
||||||
remotePortal => $testNotDefined,
|
|
||||||
remoteGlobalStorage => {
|
|
||||||
test => qr/^[\w:]+$/,
|
|
||||||
msgFail => 'Bad module name',
|
|
||||||
},
|
|
||||||
remoteGlobalStorageOptions => {
|
|
||||||
keyTest => qr/^\w+$/,
|
|
||||||
keyMsgFail => 'Bad parameter',
|
|
||||||
},
|
|
||||||
|
|
||||||
# Proxy
|
|
||||||
soapAuthService => $testNotDefined,
|
|
||||||
remoteCookieName => $testNotDefined,
|
|
||||||
soapSessionService => $testNotDefined,
|
|
||||||
|
|
||||||
# OpenID
|
# OpenID
|
||||||
openIdSecret => $testNotDefined,
|
openIdSecret => $testNotDefined,
|
||||||
|
|
||||||
|
@ -1001,7 +916,6 @@ sub defaultConf {
|
||||||
portalSkin => 'pastel',
|
portalSkin => 'pastel',
|
||||||
portalUserAttr => '_user',
|
portalUserAttr => '_user',
|
||||||
protection => 'none',
|
protection => 'none',
|
||||||
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
|
||||||
securedCookie => '0',
|
securedCookie => '0',
|
||||||
singleSession => '0',
|
singleSession => '0',
|
||||||
singleIP => '0',
|
singleIP => '0',
|
||||||
|
@ -1096,10 +1010,6 @@ sub subDefaultConf {
|
||||||
return {
|
return {
|
||||||
locationRules => { default => 'deny' },
|
locationRules => { default => 'deny' },
|
||||||
exportedHeaders => { 'Auth-User' => '$uid' },
|
exportedHeaders => { 'Auth-User' => '$uid' },
|
||||||
remoteGlobalStorageOptions => {
|
|
||||||
'proxy' => 'https://remote/index.pl/sessions',
|
|
||||||
'ns' => 'https://remote/Lemonldap/NG/Common/CGI/SOAPService',
|
|
||||||
},
|
|
||||||
samlIDPMetaDataXML => { {} },
|
samlIDPMetaDataXML => { {} },
|
||||||
samlIDPMetaDataExportedAttributes => { 'uid' => '0;uid;;' },
|
samlIDPMetaDataExportedAttributes => { 'uid' => '0;uid;;' },
|
||||||
samlIDPMetaDataOptions => {
|
samlIDPMetaDataOptions => {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user