Change default values for SAML security parameters (#1079)

2016-09-06 09:49:45 +00:00 · 2016-09-06 09:49:45 +00:00 · cfff6103a7
commit cfff6103a7
parent 194d5e3404
5 changed files with 21 additions and 21 deletions
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@ -244,9 +244,9 @@ sub defaultValues {
        'samlIDPMetaDataOptionsAdaptSessionUtime' => 0,
        'samlIDPMetaDataOptionsAllowLoginFromIDP' => 0,
        'samlIDPMetaDataOptionsAllowProxiedAuthn' => 0,
-        'samlIDPMetaDataOptionsCheckConditions'   => 0,
+        'samlIDPMetaDataOptionsCheckConditions'   => 1,
-        'samlIDPMetaDataOptionsCheckSLOMessageSignature' => 0,
+        'samlIDPMetaDataOptionsCheckSLOMessageSignature' => 1,
-        'samlIDPMetaDataOptionsCheckSSOMessageSignature' => 0,
+        'samlIDPMetaDataOptionsCheckSSOMessageSignature' => 1,
        'samlIDPMetaDataOptionsEncryptionMode'           => 'none',
        'samlIDPMetaDataOptionsForceAuthn'               => 0,
        'samlIDPMetaDataOptionsForceUTF8'                => 0,
@ -292,8 +292,8 @@ sub defaultValues {
        'samlServicePublicKeySig'             => '',
        'samlServiceUseCertificateInResponse' => 0,
        'samlSPMetaDataExportedAttributes'    => {},
-        'samlSPMetaDataOptionsCheckSLOMessageSignature'   => 0,
+        'samlSPMetaDataOptionsCheckSLOMessageSignature'   => 1,
-        'samlSPMetaDataOptionsCheckSSOMessageSignature'   => 0,
+        'samlSPMetaDataOptionsCheckSSOMessageSignature'   => 1,
        'samlSPMetaDataOptionsEnableIDPInitiatedURL'      => 0,
        'samlSPMetaDataOptionsEncryptionMode'             => 'none',
        'samlSPMetaDataOptionsForceUTF8'                  => 1,
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@ -2091,15 +2091,15 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
            'type'    => 'bool'
        },
        'samlIDPMetaDataOptionsCheckConditions' => {
-            'default' => 0,
+            'default' => 1,
            'type'    => 'bool'
        },
        'samlIDPMetaDataOptionsCheckSLOMessageSignature' => {
-            'default' => 0,
+            'default' => 1,
            'type'    => 'bool'
        },
        'samlIDPMetaDataOptionsCheckSSOMessageSignature' => {
-            'default' => 0,
+            'default' => 1,
            'type'    => 'bool'
        },
        'samlIDPMetaDataOptionsEncryptionMode' => {
@ -2407,11 +2407,11 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
            'type'       => 'keyTextContainer'
        },
        'samlSPMetaDataOptionsCheckSLOMessageSignature' => {
-            'default' => 0,
+            'default' => 1,
            'type'    => 'bool'
        },
        'samlSPMetaDataOptionsCheckSSOMessageSignature' => {
-            'default' => 0,
+            'default' => 1,
            'type'    => 'bool'
        },
        'samlSPMetaDataOptionsEnableIDPInitiatedURL' => {
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@ -1465,7 +1465,7 @@ sub attributes {
        },
        samlIDPMetaDataOptionsCheckSSOMessageSignature => {
            type    => 'bool',
-            default => 0,
+            default => 1,
        },
        samlIDPMetaDataOptionsSignSLOMessage => {
            type    => 'trool',
@ -1473,7 +1473,7 @@ sub attributes {
        },
        samlIDPMetaDataOptionsCheckSLOMessageSignature => {
            type    => 'bool',
-            default => 0,
+            default => 1,
        },
        samlIDPMetaDataOptionsSSOBinding => {
            type   => 'select',
@ -1510,7 +1510,7 @@ sub attributes {
        },
        samlIDPMetaDataOptionsCheckConditions => {
            type    => 'bool',
-            default => 0,
+            default => 1,
        },
        samlSPMetaDataOptionsForceUTF8 => {
            type    => 'bool',
@ -1625,7 +1625,7 @@ sub attributes {
        },
        samlSPMetaDataOptionsCheckSSOMessageSignature => {
            type    => 'bool',
-            default => 0,
+            default => 1,
        },
        samlSPMetaDataOptionsSignSLOMessage => {
            type    => 'trool',
@ -1633,7 +1633,7 @@ sub attributes {
        },
        samlSPMetaDataOptionsCheckSLOMessageSignature => {
            type    => 'bool',
-            default => 0,
+            default => 1,
        },
        samlSPMetaDataOptionsEncryptionMode => {
            type   => 'select',
--- a/lemonldap-ng-manager/site/static/js/conftree.js
+++ b/lemonldap-ng-manager/site/static/js/conftree.js
@ -517,7 +517,7 @@ function templates(tpl,key) {
            "type" : "trool"
         },
         {
-            "default" : 0,
+            "default" : 1,
            "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",
            "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",
            "title" : "samlIDPMetaDataOptionsCheckSSOMessageSignature",
@ -531,7 +531,7 @@ function templates(tpl,key) {
            "type" : "trool"
         },
         {
-            "default" : 0,
+            "default" : 1,
            "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",
            "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",
            "title" : "samlIDPMetaDataOptionsCheckSLOMessageSignature",
@ -639,7 +639,7 @@ function templates(tpl,key) {
            "type" : "select"
         },
         {
-            "default" : 0,
+            "default" : 1,
            "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckConditions",
            "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckConditions",
            "title" : "samlIDPMetaDataOptionsCheckConditions",
@ -769,7 +769,7 @@ function templates(tpl,key) {
                  "type" : "trool"
               },
               {
-                  "default" : 0,
+                  "default" : 1,
                  "get" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",
                  "id" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",
                  "title" : "samlSPMetaDataOptionsCheckSSOMessageSignature",
@ -783,7 +783,7 @@ function templates(tpl,key) {
                  "type" : "trool"
               },
               {
-                  "default" : 0,
+                  "default" : 1,
                  "get" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",
                  "id" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",
                  "title" : "samlSPMetaDataOptionsCheckSLOMessageSignature",
--- a/lemonldap-ng-manager/site/static/js/conftree.min.js
+++ b/lemonldap-ng-manager/site/static/js/conftree.min.js