Add samlUseQueryStringSpecific parameter in Manager (#677, #LEMONLDAP-681)

This commit is contained in:
Clément Oudot 2014-02-10 10:35:08 +00:00
parent 25454d4ba1
commit bed5f37b7e
3 changed files with 12 additions and 3 deletions

View File

@ -624,6 +624,8 @@ This is not the case of <a href="../../documentation/1.4/memcachedsessionbackend
<ul> <ul>
<li class="level1"><div class="li"> <strong>RelayState session timeout</strong>: timeout for RelayState sessions. By default, the RelayState session is deleted when it is read. This timeout allows to purge sessions of lost RelayState.</div> <li class="level1"><div class="li"> <strong>RelayState session timeout</strong>: timeout for RelayState sessions. By default, the RelayState session is deleted when it is read. This timeout allows to purge sessions of lost RelayState.</div>
</li> </li>
<li class="level1"><div class="li"> <strong>Use specific query_string method</strong>: the <acronym title="Common Gateway Interface">CGI</acronym> query_string method may break invalid <acronym title="Uniform Resource Locator">URL</acronym> encoded signatures (issued for example by ADFS). This option allows to use a specific method to extract query string, that should be compliant with non standard <acronym title="Uniform Resource Locator">URL</acronym> encoded parameters.</div>
</li>
</ul> </ul>
</div> </div>

View File

@ -1321,7 +1321,7 @@ sub struct {
# ADVANCED SAML PARAMETERS # ADVANCED SAML PARAMETERS
samlAdvanced => { samlAdvanced => {
_nodes => [ _nodes => [
qw(samlIdPResolveCookie samlMetadataForceUTF8 samlStorage cn:samlStorageOptions samlRelayStateTimeout n:samlCommonDomainCookie) qw(samlIdPResolveCookie samlMetadataForceUTF8 samlStorage cn:samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific n:samlCommonDomainCookie)
], ],
_help => 'samlServiceAdvanced', _help => 'samlServiceAdvanced',
@ -1334,7 +1334,9 @@ sub struct {
_js => 'hashRoot', _js => 'hashRoot',
_help => 'samlServiceAdvanced', _help => 'samlServiceAdvanced',
}, },
samlRelayStateTimeout => 'int:/samlRelayStateTimeout', samlRelayStateTimeout => 'int:/samlRelayStateTimeout',
samlUseQueryStringSpecific =>
'bool:/samlUseQueryStringSpecific',
samlCommonDomainCookie => { samlCommonDomainCookie => {
_nodes => [ _nodes => [
qw(samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter) qw(samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter)
@ -1840,7 +1842,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
test => Lemonldap::NG::Common::Regexp::HTTP_URI(), test => Lemonldap::NG::Common::Regexp::HTTP_URI(),
msgFail => 'Bad URI', msgFail => 'Bad URI',
}, },
samlRelayStateTimeout => $integer, samlRelayStateTimeout => $integer,
samlUseQueryStringSpecific => $boolean,
# SSL # SSL
SSLAuthnLevel => $integer, SSLAuthnLevel => $integer,
@ -2219,6 +2222,7 @@ sub defaultConf {
samlAuthnContextMapKerberos => 4, samlAuthnContextMapKerberos => 4,
samlCommonDomainCookieActivation => 0, samlCommonDomainCookieActivation => 0,
samlRelayStateTimeout => 600, samlRelayStateTimeout => 600,
samlUseQueryStringSpecific => 0,
# Authentication levels # Authentication levels
ldapAuthnLevel => 2, ldapAuthnLevel => 2,

View File

@ -520,6 +520,7 @@ sub en {
samlCommonDomainCookieReader => 'Reader URL', samlCommonDomainCookieReader => 'Reader URL',
samlCommonDomainCookieWriter => 'Writer URL', samlCommonDomainCookieWriter => 'Writer URL',
samlRelayStateTimeout => 'RelayState session timeout', samlRelayStateTimeout => 'RelayState session timeout',
samlUseQueryStringSpecific => 'Use specific query_string method',
}; };
} }
@ -1016,6 +1017,8 @@ sub fr {
samlCommonDomainCookieReader => 'URL de lecture', samlCommonDomainCookieReader => 'URL de lecture',
samlCommonDomainCookieWriter => 'URL d\'écriture', samlCommonDomainCookieWriter => 'URL d\'écriture',
samlRelayStateTimeout => 'Durée de vie d\'une session RelayState', samlRelayStateTimeout => 'Durée de vie d\'une session RelayState',
samlUseQueryStringSpecific =>
"Utilisation d'une fonction spécifique pour query_string",
}; };
} }