dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SAML: private and public keys are now displayed by the filearea form into the manager

Browse Source
This commit is contained in:
Thomas CHEMINEAU 2010-03-15 17:05:30 +00:00
parent bcd6bb6d3a
commit 95a6d98627
1 changed files with 15 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
View File

@ -98,7 +98,7 @@ sub struct {
###################### ######################
generalParameters => { generalParameters => {
_nodes => [ _nodes => [
qw(n:portalParams n:authParams n:logParams n:cookieParams n:sessionParams n:advancedParams) qw(portalParams n:authParams logParams cookieParams sessionParams n:advancedParams)
], ],
_help => 'default', _help => 'default',
@ -146,27 +146,14 @@ sub struct {
|| $self->defaultConf()->{authentication}; || $self->defaultConf()->{authentication};
my $udb = $self->conf->{userDB} my $udb = $self->conf->{userDB}
|| $self->defaultConf()->{userDB}; || $self->defaultConf()->{userDB};
my $pdb = $self->conf->{passwordDB}
|| $self->defaultConf()->{passwordDB};
$auth = lc($auth); $auth = lc($auth);
$udb = lc($udb); $udb = lc($udb);
$pdb = lc($pdb);
my %res; my %res;
foreach my $mod ( ( $auth, ( $auth ne $udb ? $udb : () ) ) )
foreach my $mod (
(
$auth,
( $udb ne ( $auth or $pdb ) ? $udb : () ),
( $pdb ne ( $auth or $udb ) ? $pdb : () )
)
)
{ {
my $tmp = { my $tmp = {
ldap => ['ldapParams'], ldap => ['ldapParams'],
ssl => [qw(ldapParams sslParams)], ssl => [qw(ldapParams SSLRequired)],
cas => ['casParams'],
remote => ['remoteParams'],
proxy => ['proxyParams'],
openid => ['openIdParams'], openid => ['openIdParams'],
twitter => ['twitterParams'], twitter => ['twitterParams'],
}->{$mod}; }->{$mod};
@ -176,8 +163,7 @@ sub struct {
} }
my @u = keys %res; my @u = keys %res;
# Add authentication, userDB and passwordDB nodes at the beginning # Add authentication and userDB nodes at the beginning
unshift( @u, "passwordDB" );
unshift( @u, "userDB" ); unshift( @u, "userDB" );
unshift( @u, "authentication" ); unshift( @u, "authentication" );
@ -189,7 +175,6 @@ sub struct {
authentication => 'text:/authentication:authParams:authParams', authentication => 'text:/authentication:authParams:authParams',
userDB => 'text:/userDB:authParams:authParams', userDB => 'text:/userDB:authParams:authParams',
passwordDB => 'text:/passwordDB:authParams:authParams',
# LDAP # LDAP
ldapParams => { ldapParams => {
@ -243,44 +228,7 @@ sub struct {
}, },
# SSL # SSL
sslParams => { SSLRequired => 'bool:/SSLRequired',
_nodes => [qw(SSLVar SSLLDAPField SSLRequire)],
SSLVar => 'text:/SSLVar',
SSLLDAPField => 'text:/SSLLDAPField',
SSLRequire => 'bool:/SSLRequire',
},
# CAS
casParams => {
_nodes =>
[qw(CAS_url CAS_loginUrl CAS_validationUrl CAS_CAFile)],
CAS_url => 'text:/CAS_url',
CAS_loginUrl => 'text:/CAS_loginUrl',
CAS_validationUrl => 'text:/CAS_validationUrl',
CAS_CAFile => 'text:/CAS_CAFile',
},
# Remote
remoteParams => {
_nodes => [
qw(remotePortal remoteGlobalStorage remoteGlobalStorageOptions)
],
remotePortal => 'text:/remotePortal',
remoteGlobalStorage => 'text:/remoteGlobalStorage',
remoteGlobalStorageOptions => {
_nodes => ['hash:/remoteGlobalStorageOptions'],
_js => 'hashRoot'
},
},
# Proxy
proxyParams => {
_nodes =>
[qw(soapAuthService remoteCookieName soapSessionService)],
soapAuthService => 'text:/soapAuthService',
remoteCookieName => 'text:/remoteCookieName',
soapSessionService => 'text:/soapSessionService',
},
# OpenID # OpenID
openIdParams => { openIdParams => {
@ -321,14 +269,9 @@ sub struct {
# SESSIONS PARAMETERS # SESSIONS PARAMETERS
sessionParams => { sessionParams => {
_nodes => [ _nodes => [
qw(grantSessionRule storePassword timeout n:sessionStorage n:multipleSessions) qw(sessionStorage grantSessionRule singleSession singleIP singleUserByIP notifyDeleted notifyOther timeout storePassword)
], ],
_help => 'storage', _help => 'storage',
grantSessionRule => 'textarea:/grantSessionRule',
storePassword => 'bool:/storePassword',
timeout => 'text:/timeout:timeout:text',
sessionStorage => { sessionStorage => {
_nodes => [qw(globalStorage globalStorageOptions)], _nodes => [qw(globalStorage globalStorageOptions)],
globalStorage => 'text:/globalStorage', globalStorage => 'text:/globalStorage',
@ -337,17 +280,14 @@ sub struct {
_js => 'hashRoot' _js => 'hashRoot'
}, },
}, },
multipleSessions => {
_nodes => [
qw(singleSession singleIP singleUserByIP notifyDeleted notifyOther)
],
singleSession => 'bool:/singleSession', singleSession => 'bool:/singleSession',
singleIP => 'bool:/singleIP', singleIP => 'bool:/singleIP',
singleUserByIP => 'bool:/singleUserByIP', singleUserByIP => 'bool:/singleUserByIP',
notifyDeleted => 'bool:/notifyDeleted', notifyDeleted => 'bool:/notifyDeleted',
notifyOther => 'bool:/notifyOther', notifyOther => 'bool:/notifyOther',
}, storePassword => 'bool:/storePassword',
timeout => 'text:/timeout:timeout:text',
grantSessionRule => 'text:/grantSessionRule',
}, },
# OTHER PARAMETERS # OTHER PARAMETERS
@ -378,8 +318,9 @@ sub struct {
passwordManagement => { passwordManagement => {
_nodes => [ _nodes => [
qw(SMTPServer mailUrl mailFrom mailSubject mailBody mailConfirmSubject mailConfirmBody randomPasswordRegexp) qw(passwordDB SMTPServer mailUrl mailFrom mailSubject mailBody mailConfirmSubject mailConfirmBody randomPasswordRegexp)
], ],
passwordDB => 'text:/passwordDB',
SMTPServer => 'text:/SMTPServer', SMTPServer => 'text:/SMTPServer',
mailUrl => 'text:/mailUrl', mailUrl => 'text:/mailUrl',
mailFrom => 'text:/mailFrom', mailFrom => 'text:/mailFrom',
@ -465,7 +406,7 @@ sub struct {
# GLOBAL INFORMATIONS # GLOBAL INFORMATIONS
samlEntityID => 'text:/samlEntityID', samlEntityID => 'text:/samlEntityID',
samlServicePrivateKey => samlServicePrivateKey =>
'textarea:/samlServicePrivateKey:samlServicePrivateKey:textarea', 'filearea:/samlServicePrivateKey:samlServicePrivateKey:filearea',
samlOrganization => { samlOrganization => {
_nodes => [ _nodes => [
qw(samlOrganizationDisplayName qw(samlOrganizationDisplayName
@ -496,7 +437,7 @@ sub struct {
samlSPSSODescriptorProtocolSupportEnumeration => samlSPSSODescriptorProtocolSupportEnumeration =>
'text:/samlSPSSODescriptorProtocolSupportEnumeration', 'text:/samlSPSSODescriptorProtocolSupportEnumeration',
samlSPSSODescriptorKeyDescriptorSigning => samlSPSSODescriptorKeyDescriptorSigning =>
'textarea:/samlSPSSODescriptorKeyDescriptorSigning', 'filearea:/samlSPSSODescriptorKeyDescriptorSigning',
samlSPSSODescriptorSingleLogoutService => { samlSPSSODescriptorSingleLogoutService => {
_nodes => [ _nodes => [
@ -560,7 +501,7 @@ sub struct {
samlIDPSSODescriptorProtocolSupportEnumeration => samlIDPSSODescriptorProtocolSupportEnumeration =>
'text:/samlIDPSSODescriptorProtocolSupportEnumeration', 'text:/samlIDPSSODescriptorProtocolSupportEnumeration',
samlIDPSSODescriptorKeyDescriptorSigning => samlIDPSSODescriptorKeyDescriptorSigning =>
'textarea:/samlIDPSSODescriptorKeyDescriptorSigning', 'filearea:/samlIDPSSODescriptorKeyDescriptorSigning',
samlIDPSSODescriptorSingleSignOnService => { samlIDPSSODescriptorSingleSignOnService => {
_nodes => [ _nodes => [
@ -847,6 +788,7 @@ sub testStruct {
singleIP => $boolean, singleIP => $boolean,
singleUserByIP => $boolean, singleUserByIP => $boolean,
Soap => $boolean, Soap => $boolean,
SSLRequired => $boolean,
storePassword => $boolean, storePassword => $boolean,
syslog => { syslog => {
test => qw/^(?:auth|authpriv|daemon|local\d|user)?$/, test => qw/^(?:auth|authpriv|daemon|local\d|user)?$/,
@ -932,33 +874,6 @@ sub testStruct {
samlIDPSSODescriptorManageNameIDServiceHTTP => $testNotDefined, samlIDPSSODescriptorManageNameIDServiceHTTP => $testNotDefined,
samlIDPSSODescriptorManageNameIDServiceSOAP => $testNotDefined, samlIDPSSODescriptorManageNameIDServiceSOAP => $testNotDefined,
# SSL
SSLVar => $testNotDefined,
SSLLDAPField => $testNotDefined,
SSLRequire => $boolean,
# CAS
CAS_url => $testNotDefined,
CAS_loginUrl => $testNotDefined,
CAS_validationUrl => $testNotDefined,
CAS_CAFile => $testNotDefined,
# Remote
remotePortal => $testNotDefined,
remoteGlobalStorage => {
test => qr/^[\w:]+$/,
msgFail => 'Bad module name',
},
remoteGlobalStorageOptions => {
keyTest => qr/^\w+$/,
keyMsgFail => 'Bad parameter',
},
# Proxy
soapAuthService => $testNotDefined,
remoteCookieName => $testNotDefined,
soapSessionService => $testNotDefined,
# OpenID # OpenID
openIdSecret => $testNotDefined, openIdSecret => $testNotDefined,
@ -1001,7 +916,6 @@ sub defaultConf {
portalSkin => 'pastel', portalSkin => 'pastel',
portalUserAttr => '_user', portalUserAttr => '_user',
protection => 'none', protection => 'none',
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
securedCookie => '0', securedCookie => '0',
singleSession => '0', singleSession => '0',
singleIP => '0', singleIP => '0',
@ -1096,10 +1010,6 @@ sub subDefaultConf {
return { return {
locationRules => { default => 'deny' }, locationRules => { default => 'deny' },
exportedHeaders => { 'Auth-User' => '$uid' }, exportedHeaders => { 'Auth-User' => '$uid' },
remoteGlobalStorageOptions => {
'proxy' => 'https://remote/index.pl/sessions',
'ns' => 'https://remote/Lemonldap/NG/Common/CGI/SOAPService',
},
samlIDPMetaDataXML => { {} }, samlIDPMetaDataXML => { {} },
samlIDPMetaDataExportedAttributes => { 'uid' => '0;uid;;' }, samlIDPMetaDataExportedAttributes => { 'uid' => '0;uid;;' },
samlIDPMetaDataOptions => { samlIDPMetaDataOptions => {