Add samlUseQueryStringSpecific parameter in Manager (#677, #LEMONLDAP-681)
This commit is contained in:
parent
25454d4ba1
commit
bed5f37b7e
|
@ -624,6 +624,8 @@ This is not the case of <a href="../../documentation/1.4/memcachedsessionbackend
|
||||||
<ul>
|
<ul>
|
||||||
<li class="level1"><div class="li"> <strong>RelayState session timeout</strong>: timeout for RelayState sessions. By default, the RelayState session is deleted when it is read. This timeout allows to purge sessions of lost RelayState.</div>
|
<li class="level1"><div class="li"> <strong>RelayState session timeout</strong>: timeout for RelayState sessions. By default, the RelayState session is deleted when it is read. This timeout allows to purge sessions of lost RelayState.</div>
|
||||||
</li>
|
</li>
|
||||||
|
<li class="level1"><div class="li"> <strong>Use specific query_string method</strong>: the <acronym title="Common Gateway Interface">CGI</acronym> query_string method may break invalid <acronym title="Uniform Resource Locator">URL</acronym> encoded signatures (issued for example by ADFS). This option allows to use a specific method to extract query string, that should be compliant with non standard <acronym title="Uniform Resource Locator">URL</acronym> encoded parameters.</div>
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -1321,7 +1321,7 @@ sub struct {
|
||||||
# ADVANCED SAML PARAMETERS
|
# ADVANCED SAML PARAMETERS
|
||||||
samlAdvanced => {
|
samlAdvanced => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(samlIdPResolveCookie samlMetadataForceUTF8 samlStorage cn:samlStorageOptions samlRelayStateTimeout n:samlCommonDomainCookie)
|
qw(samlIdPResolveCookie samlMetadataForceUTF8 samlStorage cn:samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific n:samlCommonDomainCookie)
|
||||||
],
|
],
|
||||||
_help => 'samlServiceAdvanced',
|
_help => 'samlServiceAdvanced',
|
||||||
|
|
||||||
|
@ -1334,7 +1334,9 @@ sub struct {
|
||||||
_js => 'hashRoot',
|
_js => 'hashRoot',
|
||||||
_help => 'samlServiceAdvanced',
|
_help => 'samlServiceAdvanced',
|
||||||
},
|
},
|
||||||
samlRelayStateTimeout => 'int:/samlRelayStateTimeout',
|
samlRelayStateTimeout => 'int:/samlRelayStateTimeout',
|
||||||
|
samlUseQueryStringSpecific =>
|
||||||
|
'bool:/samlUseQueryStringSpecific',
|
||||||
samlCommonDomainCookie => {
|
samlCommonDomainCookie => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter)
|
qw(samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter)
|
||||||
|
@ -1840,7 +1842,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
||||||
test => Lemonldap::NG::Common::Regexp::HTTP_URI(),
|
test => Lemonldap::NG::Common::Regexp::HTTP_URI(),
|
||||||
msgFail => 'Bad URI',
|
msgFail => 'Bad URI',
|
||||||
},
|
},
|
||||||
samlRelayStateTimeout => $integer,
|
samlRelayStateTimeout => $integer,
|
||||||
|
samlUseQueryStringSpecific => $boolean,
|
||||||
|
|
||||||
# SSL
|
# SSL
|
||||||
SSLAuthnLevel => $integer,
|
SSLAuthnLevel => $integer,
|
||||||
|
@ -2219,6 +2222,7 @@ sub defaultConf {
|
||||||
samlAuthnContextMapKerberos => 4,
|
samlAuthnContextMapKerberos => 4,
|
||||||
samlCommonDomainCookieActivation => 0,
|
samlCommonDomainCookieActivation => 0,
|
||||||
samlRelayStateTimeout => 600,
|
samlRelayStateTimeout => 600,
|
||||||
|
samlUseQueryStringSpecific => 0,
|
||||||
|
|
||||||
# Authentication levels
|
# Authentication levels
|
||||||
ldapAuthnLevel => 2,
|
ldapAuthnLevel => 2,
|
||||||
|
|
|
@ -520,6 +520,7 @@ sub en {
|
||||||
samlCommonDomainCookieReader => 'Reader URL',
|
samlCommonDomainCookieReader => 'Reader URL',
|
||||||
samlCommonDomainCookieWriter => 'Writer URL',
|
samlCommonDomainCookieWriter => 'Writer URL',
|
||||||
samlRelayStateTimeout => 'RelayState session timeout',
|
samlRelayStateTimeout => 'RelayState session timeout',
|
||||||
|
samlUseQueryStringSpecific => 'Use specific query_string method',
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1016,6 +1017,8 @@ sub fr {
|
||||||
samlCommonDomainCookieReader => 'URL de lecture',
|
samlCommonDomainCookieReader => 'URL de lecture',
|
||||||
samlCommonDomainCookieWriter => 'URL d\'écriture',
|
samlCommonDomainCookieWriter => 'URL d\'écriture',
|
||||||
samlRelayStateTimeout => 'Durée de vie d\'une session RelayState',
|
samlRelayStateTimeout => 'Durée de vie d\'une session RelayState',
|
||||||
|
samlUseQueryStringSpecific =>
|
||||||
|
"Utilisation d'une fonction spécifique pour query_string",
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user