dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

LEMONLDAP::NG : bug in manager javascript

This commit is contained in:
Xavier Guimard 2007-06-18 20:36:46 +00:00
parent 5ffac30027
commit d0f545b666
11 changed files with 389 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
build/lemonldap-ng/debian/changelog
View File

@ -1,9 +1,17 @@
lemonldap-ng (0.8.2.4) unstable; urgency=low
* Bug in manager javascript.
-- Xavier Guimard <x.guimard@free.fr> Mon, 18 Jun 2007 22:28:53 +0200
lemonldap-ng (0.8.2.3) unstable; urgency=low
* Change configuration storage format (Storable bug).
Closes: #307173/objectweb.org
* CDA little bug correction
* Documentation update
-- Xavier Guimard <x.guimard@free.fr> Wed, 13 Jun 2007 13:49:27 +0200
-- Xavier Guimard <x.guimard@free.fr> Wed, 13 Jun 2007 15:33:56 +0200
lemonldap-ng (0.8.2.2) unstable; urgency=low

6
build/lemonldap-ng/debian/control
View File

@ -24,7 +24,7 @@ Description: Lemonldap::NG Web-SSO system documentation
Package: liblemonldap-ng-handler-perl
Architecture: all
Depends: libapache-session-perl, libwww-perl, libcache-cache-perl, liblemonldap-ng-conf-perl
Depends: libapache-session-perl, libwww-perl, libcache-cache-perl, liblemonldap-ng-conf-perl (>=0.8.2.3)
Description: Lemonldap::NG apache module part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application apache servers.
@ -45,7 +45,7 @@ Description: Lemonldap::NG apache administration interface part
Package: liblemonldap-ng-manager-perl
Architecture: all
Depends: libxml-simple-perl, liblemonldap-ng-conf-perl
Depends: libxml-simple-perl, liblemonldap-ng-conf-perl (>=0.8.2.3)
Recommends: libcache-cache-perl, libapache-session-perl, libsoap-lite-perl
Description: Lemonldap::NG apache manager part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
@ -55,7 +55,7 @@ Description: Lemonldap::NG apache manager part
Package: liblemonldap-ng-portal-perl
Architecture: all
Depends: libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl
Depends: libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (>=0.8.2.3)
Recommends: liblasso-perl
Description: Lemonldap::NG apache authentication portal part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies

191
build/lemonldap-ng/doc/faq-fr.html
View File

@ -93,6 +93,66 @@
changer le mode d'authentification ?</a></li>
</ul>
</li>
<li>
<a href="#HMessagesd27erreuretdedC3A9boguage">Messages d'erreur et de
d&eacute;boguage</a>
<ul>
<li><a href="#H22IncorrectXML22">"Incorrect XML"</a></li>
<li><a href=
"#H22Byteorderisnotcompatible22ou22Magicnumbercheckingonstorablestringfailed22">
"Byte order is not compatible" ou "Magic number checking on storable
string failed"</a></li>
<li><a href=
"#H22Configurationisinoldformat2Cyou27vetomigrate2122">"Configuration
is in old format, you've to migrate !"</a></li>
<li><a href="#H22My3A3APackage3Agetconfiguration122">"My::Package:
get configuration 1"</a></li>
<li><a href="#H22My3A3APackage3Astoreconfiguration122">"My::Package:
store configuration 1"</a></li>
<li><a href="#H22My3A3APackage3ANocookiefound22">"My::Package: No
cookie found"</a></li>
<li><a href=
"#H22Redirect26lt3Bxxxx26gt3Btoportal28urlwas2F2922">"Redirect
&lt;x.x.x.x&gt; to portal (url was /)"</a></li>
<li><a href="#H22FoundaCDAidRedirecting22">"Found a CDA id.
Redirecting"</a></li>
<li><a href="#H22Usersomeonewasauthorizatedtoaccessto2F22">"User
someone was authorizated to access to /"</a></li>
<li><a href="#H22My3A3APackage3Aremovingcookie22">"My::Package:
removing cookie"</a></li>
<li><a href=
"#H22ErrorwhilereadingconfigurationwithglobalStorageOptionskey3A22">"Error
while reading configuration with globalStorageOptions key:"</a></li>
<li><a href=
"#H22UserrejectedbecauseVirtualHosttestexamplecomhasnoconfiguration22">
"User rejected because VirtualHost test.example.com has no
configuration"</a></li>
<li><a href=
"#H22Thecookiexxxxisn27tyetavailable3AObjectdoesnotexistinthedatastoreat2Fusr2Fshare2Fperl52FApache2FSession2FStore2FFilepmline905Cn22">
"The cookie xxxx isn't yet available: Object does not exist in the
data store at /usr/share/perl5/Apache/Session/Store/File.pm line
90.n"</a></li>
<li><a href=
"#H22Thecookiexxxxisn27tyetavailable3A7E7E26lt3BerreurdumoduleApache3A3ASession26gt3B7E7E">
"The cookie xxxx isn't yet available: <i class="italic">&lt;erreur
du module Apache::Session&gt;</i></a></li>
</ul>
</li>
</ul>
<h3 class="heading-1-1"><span id=
@ -465,6 +525,137 @@ my $portal = Lemonldap::NG::Portal::SharedConf-&gt;new(
n&eacute;gociation Kerberos est n&eacute;cessaire pour toute la
session.</li>
</ul>
<h3 class="heading-1-1"><span id=
"HMessagesd27erreuretdedC3A9boguage">Messages d'erreur et de
d&eacute;boguage</span></h3>
<p class="paragraph"></p>Lemonldap::NG produit des messages de
d&eacute;boguage et d'erreur enregistr&eacute;s dans le journal d'Apache
(error.log par d&eacute;faut). Vous pouvez modifier le niveau d'affichage
en adaptant le param&egrave;tre LogLevel d'Apache.
<h4 class="heading-1-1-1"><span id="H22IncorrectXML22">"Incorrect
XML"</span></h4>
<p class="paragraph"></p>Ce message appara&icirc;t au chargement du
Manager lorsque celui-ci n'arrive pas &agrave; charger la configuration.
Dans ce cas, consultez les journaux d'Apache&nbsp;: la v&eacute;ritable
erreur y sera enregistr&eacute;e.
<h4 class="heading-1-1-1"><span id=
"H22Byteorderisnotcompatible22ou22Magicnumbercheckingonstorablestringfailed22">
"Byte order is not compatible" ou "Magic number checking on storable
string failed"</span></h4>
<p class="paragraph"></p>Ce message appara&icirc;t lorsque la
configuration stock&eacute;e est malform&eacute;e ou sur les versions
ant&eacute;rieures &agrave; la version 0.8.2.3 lorsqu'on utilise
Lemonldap::NG sur des serveurs de type diff&eacute;rents (32 et 64 bits en
particulier). Dans ce dernier cas, il suffit d'installer une version au
moins &eacute;gale &agrave; la version 0.8.2.3.
<h4 class="heading-1-1-1"><span id=
"H22Configurationisinoldformat2Cyou27vetomigrate2122">"Configuration is in
old format, you've to migrate !"</span></h4>
<p class="paragraph"></p>Ce message d'avertissement appara&icirc;t
lorsqu'une configuration g&eacute;n&eacute;r&eacute;e &agrave; partir
d'une version ant&eacute;rieure &agrave; la 0.8.2.3 est lue par une
version plus r&eacute;cente. Un simple r&eacute;engistrement de la
configuration par le manager fait dispara&icirc;tre cet avertissement.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3Agetconfiguration122">"My::Package: get configuration
1"</span></h4>
<p class="paragraph"></p>Ce message de d&eacute;boguage montre qu'un des
processus fils d'Apache charge la configuration.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3Astoreconfiguration122">"My::Package: store
configuration 1"</span></h4>
<p class="paragraph"></p>Ce message de d&eacute;boguage montre qu'un des
processus fils d'Apache enregistre la derni&egrave;re version de la
configuration dans le cache local. Elle sera lue par les autres fils
d'Apache dans les 10 minutes qui suivent.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3ANocookiefound22">"My::Package: No cookie
found"</span></h4>
<p class="paragraph"></p>Ce message indique qu'un utilisateur non
authentifi&eacute; se pr&eacute;sente sur l'application.
<h4 class="heading-1-1-1"><span id=
"H22Redirect26lt3Bxxxx26gt3Btoportal28urlwas2F2922">"Redirect
&lt;x.x.x.x&gt; to portal (url was /)"</span></h4>
<p class="paragraph"></p>Message de d&eacute;boguage indiquant que le
client correspondant &agrave; l'adresse IP est redirig&eacute; vers le
portail d'authentification.
<h4 class="heading-1-1-1"><span id="H22FoundaCDAidRedirecting22">"Found a
CDA id. Redirecting"</span></h4>
<p class="paragraph"></p>Message de d&eacute;boguage indiquant que le
client a &eacute;t&eacute; authentifi&eacute; dans un autre domaine
(m&eacute;canisme CDA). L'agent g&eacute;n&egrave;re alors le cookie dans
le nouveau domaine.
<h4 class="heading-1-1-1"><span id=
"H22Usersomeonewasauthorizatedtoaccessto2F22">"User someone was
authorizated to access to /"</span></h4>
<p class="paragraph"></p>Message de d&eacute;boguage indiquant que le
client est autoris&eacute; &agrave; acc&eacute;der &agrave; cette URL.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3Aremovingcookie22">"My::Package: removing
cookie"</span></h4>
<p class="paragraph"></p>Message de d&eacute;boguage indiquant que l'agent
retire le cookie apr&egrave;s l'avoir exploit&eacute;&nbsp;: les
applications n'ont pas &agrave; conna&icirc;tre ce cookie mais ne se fient
qu'aux en-t&ecirc;tes.
<h4 class="heading-1-1-1"><span id=
"H22ErrorwhilereadingconfigurationwithglobalStorageOptionskey3A22">"Error
while reading configuration with globalStorageOptions key:"</span></h4>
<p class="paragraph"></p>Une erreur a &eacute;t&eacute; relev&eacute;e
dans la configuration.
<h4 class="heading-1-1-1"><span id=
"H22UserrejectedbecauseVirtualHosttestexamplecomhasnoconfiguration22">"User
rejected because VirtualHost test.example.com has no
configuration"</span></h4>
<p class="paragraph"></p>Lorsqu'un VirtualHost est prot&eacute;g&eacute;
mais pas configur&eacute;, Lemonldap::NG le bloque. Inscrivez alors ce
VirtualHost dans la configuration de Lemonldap::NG.
<h4 class="heading-1-1-1"><span id=
"H22Thecookiexxxxisn27tyetavailable3AObjectdoesnotexistinthedatastoreat2Fusr2Fshare2Fperl52FApache2FSession2FStore2FFilepmline9026231103B22">
"The cookie xxxx isn't yet available: Object does not exist in the data
store at /usr/share/perl5/Apache/Session/Store/File.pm line
90.n"</span></h4>
<p class="paragraph"></p>Ce message appara&icirc;t lorsqu'un utilisateur
pr&eacute;sente un cookie qui n'existe pas ou plus dans la base des
sessions. Il est alors pri&eacute; de se r&eacute;-authentifier.
<h4 class="heading-1-1-1"><span id=
"H22Thecookiexxxxisn27tyetavailable3A7E7E26lt3BerreurdumoduleApache3A3ASession26gt3B7E7E">
"The cookie xxxx isn't yet available: <i class="italic">&lt;erreur du
module Apache::Session&gt;</i></span></h4>
<p class="paragraph"></p>Ce message appara&icirc;t lorsque l'agent
n'arrive pas &agrave; atteindre la base des sessions. La v&eacute;ritable
erreur est report&eacute;e.
<p class="paragraph"></p>
</div>
</body>
</html>

176
build/lemonldap-ng/doc/faq.html
View File

@ -86,6 +86,65 @@
authentication scheme ?</a></li>
</ul>
</li>
<li>
<a href="#HErroranddebugmessages">Error and debug messages</a>
<ul>
<li><a href="#H22IncorrectXML22">"Incorrect XML"</a></li>
<li><a href=
"#H22Byteorderisnotcompatible22ou22Magicnumbercheckingonstorablestringfailed22">
"Byte order is not compatible" ou "Magic number checking on storable
string failed"</a></li>
<li><a href=
"#H22Configurationisinoldformat2Cyou27vetomigrate2122">"Configuration
is in old format, you've to migrate !"</a></li>
<li><a href="#H22My3A3APackage3Agetconfiguration122">"My::Package:
get configuration 1"</a></li>
<li><a href="#H22My3A3APackage3Astoreconfiguration122">"My::Package:
store configuration 1"</a></li>
<li><a href="#H22My3A3APackage3ANocookiefound22">"My::Package: No
cookie found"</a></li>
<li><a href=
"#H22Redirect26lt3Bxxxx26gt3Btoportal28urlwas2F2922">"Redirect
&lt;x.x.x.x&gt; to portal (url was /)"</a></li>
<li><a href="#H22FoundaCDAidRedirecting22">"Found a CDA id.
Redirecting"</a></li>
<li><a href="#H22Usersomeonewasauthorizatedtoaccessto2F22">"User
someone was authorizated to access to /"</a></li>
<li><a href="#H22My3A3APackage3Aremovingcookie22">"My::Package:
removing cookie"</a></li>
<li><a href=
"#H22ErrorwhilereadingconfigurationwithglobalStorageOptionskey3A22">"Error
while reading configuration with globalStorageOptions key:"</a></li>
<li><a href=
"#H22UserrejectedbecauseVirtualHosttestexamplecomhasnoconfiguration22">
"User rejected because VirtualHost test.example.com has no
configuration"</a></li>
<li><a href=
"#H22Thecookiexxxxisn27tyetavailable3AObjectdoesnotexistinthedatastoreat2Fusr2Fshare2Fperl52FApache2FSession2FStore2FFilepmline905Cn22">
"The cookie xxxx isn't yet available: Object does not exist in the
data store at /usr/share/perl5/Apache/Session/Store/File.pm line
90.n"</a></li>
<li><a href=
"#H22Thecookiexxxxisn27tyetavailable3A7E7E26lt3BApache3A3ASessionerrormessage26gt3B7E7E">
"The cookie xxxx isn't yet available: <i class=
"italic">&lt;Apache::Session error message&gt;</i></a></li>
</ul>
</li>
</ul>
<h3 class="heading-1-1"><span id="HGeneralquestions">General
@ -397,6 +456,123 @@ my $portal = Lemonldap::NG::Portal::SharedConf-&gt;new(
because only one Kerberos negociation has to be done for all protected
applications.</li>
</ul>
<h3 class="heading-1-1"><span id="HErroranddebugmessages">Error and debug
messages</span></h3>
<p class="paragraph"></p>Lemonldap::NG produces error and debug messages
logged by Apache (in error.log by default). You can adapt debug level by
setting LogLevel parameter in Apache configuration file.
<h4 class="heading-1-1-1"><span id="H22IncorrectXML22">"Incorrect
XML"</span></h4>
<p class="paragraph"></p>This messages appears when the manager cannot
load configuration. The real error can be found in Apache logs.
<h4 class="heading-1-1-1"><span id=
"H22Byteorderisnotcompatible22ou22Magicnumbercheckingonstorablestringfailed22">
"Byte order is not compatible" ou "Magic number checking on storable
string failed"</span></h4>
<p class="paragraph"></p>This error message apprears when stored
configuration is corrupted or on versions earlier than 0.8.2.3 when you're
using Lemonldap::NG with different server types (32 and 64 bits for
example). In this case, you've to upgrade your Lemonldap::NG to at least
0.8.2.3.
<h4 class="heading-1-1-1"><span id=
"H22Configurationisinoldformat2Cyou27vetomigrate2122">"Configuration is in
old format, you've to migrate !"</span></h4>
<p class="paragraph"></p>This warning message means that you are using a
configuration generated by an earlier version than 0.8.2.3 with a more
up-to-date Lemonldap::NG component. You just have to re-save configuration
with a recent manager to avoid this warning.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3Agetconfiguration122">"My::Package: get configuration
1"</span></h4>
<p class="paragraph"></p>Information message: an Apache child process load
configuration.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3Astoreconfiguration122">"My::Package: store
configuration 1"</span></h4>
<p class="paragraph"></p>Information message: an Apache child process
stores the last configuration in the local cache. It will be read by other
Apache childs before 10 minutes.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3ANocookiefound22">"My::Package: No cookie
found"</span></h4>
<p class="paragraph"></p>Information message: one non-authenticated user
tries to connect to the protected application.
<h4 class="heading-1-1-1"><span id=
"H22Redirect26lt3Bxxxx26gt3Btoportal28urlwas2F2922">"Redirect
&lt;x.x.x.x&gt; to portal (url was /)"</span></h4>
<p class="paragraph"></p>Debug message: the client x.x.x.x is redirected
to the authentication portal.
<h4 class="heading-1-1-1"><span id="H22FoundaCDAidRedirecting22">"Found a
CDA id. Redirecting"</span></h4>
<p class="paragraph"></p>Debug message: the client has been authenticated
in another domain (CDA mechanism). The handler generates the cookie in the
new domain.
<h4 class="heading-1-1-1"><span id=
"H22Usersomeonewasauthorizatedtoaccessto2F22">"User someone was
authorizated to access to /"</span></h4>
<p class="paragraph"></p>Debug message: the user "someone" has been
authorizated to access to this URL.
<h4 class="heading-1-1-1"><span id=
"H22My3A3APackage3Aremovingcookie22">"My::Package: removing
cookie"</span></h4>
<p class="paragraph"></p>Debug message: after grant, the handler removes
hides the cookie. Protected application needs only headers.
<h4 class="heading-1-1-1"><span id=
"H22ErrorwhilereadingconfigurationwithglobalStorageOptionskey3A22">"Error
while reading configuration with globalStorageOptions key:"</span></h4>
<p class="paragraph"></p>Configuration is corrupted. See the following
error.
<h4 class="heading-1-1-1"><span id=
"H22UserrejectedbecauseVirtualHosttestexamplecomhasnoconfiguration22">"User
rejected because VirtualHost test.example.com has no
configuration"</span></h4>
<p class="paragraph"></p>When a virtual host is protected but not
configured, Lemonldap::NG block it. Update your configuration to add this
new virtual host, save and apply it.
<h4 class="heading-1-1-1"><span id=
"H22Thecookiexxxxisn27tyetavailable3AObjectdoesnotexistinthedatastoreat2Fusr2Fshare2Fperl52FApache2FSession2FStore2FFilepmline9026231103B22">
"The cookie xxxx isn't yet available: Object does not exist in the data
store at /usr/share/perl5/Apache/Session/Store/File.pm line
90.n"</span></h4>
<p class="paragraph"></p>This message appears when a user use an old
cookie that has been deleted from session database. He has to
re-authenticated itself.
<h4 class="heading-1-1-1"><span id=
"H22Thecookiexxxxisn27tyetavailable3A7E7E26lt3BApache3A3ASessionerrormessage26gt3B7E7E">
"The cookie xxxx isn't yet available: <i class=
"italic">&lt;Apache::Session error message&gt;</i></span></h4>
<p class="paragraph"></p>This message appears when an handler can not
access to session database. The real error is reported.
</div>
</body>
</html>

3
modules/lemonldap-ng-manager/Changes
View File

@ -1,5 +1,8 @@
Revision history for Perl extension Lemonldap::NG::Manager.
0.71 Mon jun 18 22:24:33 2007
- Bug in javascript : a 'z' is added in regexp
0.7 Tue jun 12 22:20:54 2007
- Changing storage format due to a bug in Storable module

2
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
View File

@ -16,7 +16,7 @@ use MIME::Base64;
our @ISA = qw(Lemonldap::NG::Manager::Base);
our $VERSION = '0.7';
our $VERSION = '0.71';
sub new {
my ( $class, $args ) = @_;

2
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm
View File

@ -85,9 +85,9 @@ sub getConf {
else {
my $data;
$v =~ s/^\$([_a-zA-Z][_a-zA-Z0-9]*) *=/\$data =/;
$v =~ s/&39;/'/g;
eval $v;
print STDERR "Lemonldap::NG : Error while reading configuration with $k key: $@\n" if($@);
$data =~ s/&39;/'/g;
$conf->{$k} = $data;
}
}

4
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_HTML.pm
View File

@ -8,7 +8,7 @@ use AutoLoader qw(AUTOLOAD);
require Lemonldap::NG::Manager::_i18n;
use Lemonldap::NG::Manager::Conf::Constants;
our $VERSION = '0.28';
our $VERSION = '0.29';
# TODO: Delete buttons in headers and rules if 'read-only'
@ -131,7 +131,7 @@ function onNodeSelect(nodeId) {
v='<input value="'+nodeId+'" onChange="var tmp=this.value.replace(/^([^a-z])/i,\\'z\$1\\');tmp=tmp.replace(/^([a-zA-Z0-9_\\.\\-]*).*\$/,\\'\$1\\');tree.setItemText('+"'"+nodeId+"'"+',tmp);tree.changeItemId('+"'"+nodeId+"'"+',tmp);this.value=tmp">';
break;
case 'both':
k='<input value="'+tree.getItemText(nodeId)+'" onChange="tree.setItemText('+"'"+nodeId+"'"+',this.value.replace(/^([^a-z])/i,\\'z\$1\\'))">';
k='<input value="'+tree.getItemText(nodeId)+'" onChange="tree.setItemText('+"'"+nodeId+"'"+',this.value)">';
v='<textarea cols=40 rows=2 onChange="tree.setUserData('+"'"+nodeId+"'"+','+"'"+'value'+"'"+',this.value)">'+tree.getUserData(nodeId,'value')+'</textarea>';
//v='<input size=80 name="value" value="'+tree.getUserData(nodeId,'value')+'" onChange="tree.setUserData('+"'"+nodeId+"'"+','+"'"+'value'+"'"+',this.value)">';
break;

2
modules/lemonldap-ng-manager/scripts/lmConfig_File2MySQL
View File

@ -101,7 +101,7 @@ Xavier Guimard, E<lt>x.guimard@free.frE<gt>
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2007 by LCL Guimard
Copyright (C) 2007 by Xavier Guimard
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.8 or,

1
modules/lemonldap-ng-portal/Changes
View File

@ -2,6 +2,7 @@ Revision history for Perl extension Lemonldap::NG::Portal.
0.74 Mon May 14 7:04:48 2007
- Multiple ldap servers can be used
- CDA optimization
0.73 Fri Apr 20 8:48:06 2007
- Bug fix in test (AuthCAS failed)

2
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDA.pm
View File

@ -28,7 +28,7 @@ sub autoRedirect {
my $self = shift;
my $tmp = $self->{domain};
$self->{urldc} .= "?" . $self->{cookieName} . "=" . $self->{id}
if ( $self->{urldc} and $self->{urldc} !~ /$tmp$/oi );
if ( $self->{urldc} and $self->{urldc} !~ m#https?://[^/]*$tmp/#oi );
return $self->SUPER::autoRedirect(@_);
}