diff --git a/debian/liblemonldap-ng-handler-perl.cron.d b/debian/liblemonldap-ng-handler-perl.cron.d
index 9200dc4e3..e7d664bd7 100644
--- a/debian/liblemonldap-ng-handler-perl.cron.d
+++ b/debian/liblemonldap-ng-handler-perl.cron.d
@@ -1,4 +1,4 @@
 #
 # Regular cron jobs for LemonLDAP::NG Handler
 #
-17-59/30 *	* * *	www-data	[ -x /usr/share/lemonldap-ng/bin/purgeLocalCache ] && /usr/share/lemonldap-ng/bin/purgeLocalCache
+1 *	* * *	www-data	[ -x /usr/share/lemonldap-ng/bin/purgeLocalCache ] && /usr/share/lemonldap-ng/bin/purgeLocalCache
diff --git a/fastcgi-server/man/llng-fastcgi-server.1p b/fastcgi-server/man/llng-fastcgi-server.1p
index aeb423e3e..dea827ce1 100644
--- a/fastcgi-server/man/llng-fastcgi-server.1p
+++ b/fastcgi-server/man/llng-fastcgi-server.1p
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "llng-fastcgi-server 1"
-.TH llng-fastcgi-server 1 "2019-06-06" "perl v5.28.1" "User Contributed Perl Documentation"
+.TH llng-fastcgi-server 1 "2019-06-13" "perl v5.28.1" "User Contributed Perl Documentation"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
index bbff057d3..9833f7ca6 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
@@ -24,7 +24,7 @@ use constant MANAGERSECTION  => "manager";
 use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
 use constant APPLYSECTION            => "apply";
 our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions)|A(?:ppMetaData(?:(?:ExportedVar|Option)s|Node)|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
-our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|howLanguages|slByAjax)|o(?:idc(?:ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|RPMetaDataOptions(?:LogoutSessionRequired|BypassConsent|RequirePKCE|Public)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:ErrorOn(?:ExpiredSession|MailNotFound)|DisplayRe(?:setPassword|gister)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl)|oginHistoryEnabled)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|orsEnabled|da)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|no(?:tif(?:ication(?:Server)?|y(?:Deleted|Other))|AjaxHook)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|(?:(?:rest(?:Session|Config)|wsdl)Serv|activeTim)er|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|dbiDynamicHashEnabled|bruteForceProtection)$/;
+our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|howLanguages|slByAjax)|o(?:idc(?:ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|RPMetaDataOptions(?:LogoutSessionRequired|BypassConsent|RequirePKCE|Public)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:ErrorOn(?:ExpiredSession|MailNotFound)|DisplayRe(?:setPassword|gister)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl)|oginHistoryEnabled)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|orsEnabled|da)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|no(?:tif(?:ication(?:Server)?|y(?:Deleted|Other))|AjaxHook)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|rest(?:(?:Session|Config)Server|ExportSecretKeys)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs)|dbiDynamicHashEnabled|bruteForceProtection)$/;
 
 our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
 
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index ff7f732da..a8160a353 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -279,6 +279,7 @@ sub defaultValues {
         'samlSPSSODescriptorWantAssertionsSigned' => 1,
         'securedCookie'                           => 0,
         'sfEngine'                                => '::2F::Engines::Default',
+        'sfRemovedMsg'                            => 0,
         'sfRequired'                              => 0,
         'showLanguages'                           => 1,
         'slaveAuthnLevel'                         => 2,
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm
index 09da30596..c9c5456d2 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm
@@ -201,8 +201,8 @@ sub delete2F {
     return $self->sendJSONresponse( $req, { result => 1 } );
 }
 
-sub session {
-    my ( $self, $req, $id, $skey ) = @_;
+sub _session {
+    my ( $self, $raw, $req, $id, $skey ) = @_;
     my ( %h, $res );
     return $self->sendError( $req, 'Bad request', 400 ) unless ($id);
     my $mod = $self->getMod($req)
@@ -214,11 +214,13 @@ sub session {
 
     my %session = %{ $apacheSession->data };
 
-    foreach my $k ( keys %session ) {
-        $session{$k} = '**********'
-          if ( $self->hAttr =~ /\b$k\b/ );
-        $session{$k} = [ split /$self->separator/o, $session{$k} ]
-          if ( $session{$k} =~ /$self->separator/o );
+    unless ($raw) {
+        foreach my $k ( keys %session ) {
+            $session{$k} = '**********'
+              if ( $self->hAttr =~ /\b$k\b/ );
+            $session{$k} = [ split /$self->separator/o, $session{$k} ]
+              if ( $session{$k} =~ /$self->separator/o );
+        }
     }
 
     if ($skey) {
@@ -237,6 +239,16 @@ sub session {
     # TODO: check for utf-8 problems
 }
 
+sub session {
+    my $self = shift;
+    return $self->_session( 0, @_ );
+}
+
+sub rawSession {
+    my $self = shift;
+    return $self->_session( 1, @_ );
+}
+
 sub getApacheSession {
     my ( $self, $mod, $id, $info, $force ) = @_;
     my $apacheSession = Lemonldap::NG::Common::Session->new( {
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
index bd0259b44..fbea9d30a 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
@@ -24,7 +24,7 @@ sub fetchId {
     @vhosts = grep {
         if (/^([\w\-]+)=(.+)$/) {
             $serviceHeaders{$1} = $2;
-            $class->logger->debug( "Found service header: $1 => $2");
+            $class->logger->debug("Found service header: $1 => $2");
             0;
         }
         else { 1 }
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index fc4bbd7d9..7f9ffe3ec 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -2523,6 +2523,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => 0,
             'type'    => 'bool'
         },
+        'restExportSecretKeys' => {
+            'default' => 0,
+            'type'    => 'bool'
+        },
         'restPwdConfirmUrl' => {
             'type' => 'url'
         },
@@ -3193,6 +3197,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => '::2F::Engines::Default',
             'type'    => 'text'
         },
+        'sfRemovedMsg' => {
+            'default' => 0,
+            'type'    => 'boolOrExpr'
+        },
         'sfRequired' => {
             'default' => 0,
             'type'    => 'boolOrExpr'
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
index f7c68b6f5..427e157e0 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
@@ -370,7 +370,8 @@ EOF
         } keys(%$attributes)
     };
     $managerAttr = mydump( $managerAttr, 'attributes' );
-    my $managerSub = Dumper( \&Lemonldap::NG::Manager::Build::Attributes::perlExpr );
+    my $managerSub =
+      Dumper( \&Lemonldap::NG::Manager::Build::Attributes::perlExpr );
     $managerSub =~ s/\$VAR1 = sub/sub perlExpr/s;
     $managerSub =~ s/^\s*(?:use strict;|package .*?;|)\n//gm;
     my $managerTypes =
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index 59e639053..7c7eafff8 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -22,7 +22,7 @@ sub perlExpr {
     my $err = join( '',
         grep { $_ =~ /Undefined subroutine/ ? () : $_ } split( /\n/, $@ ) );
     return $err ? ( 1, "__badExpression__: $err" ) : (1);
-};
+}
 
 my $url = $RE{URI}{HTTP}{ -scheme => "https?" };
 $url =~ s/(?<=[^\\])\$/\\\$/g;
@@ -1640,6 +1640,12 @@ sub attributes {
             type          => 'bool',
             documentation => 'Enable REST session server',
         },
+        restExportSecretKeys => {
+            default => 0,
+            type    => 'bool',
+            documentation =>
+              'Allow to export secret keys in REST session server',
+        },
         restConfigServer => {
             default       => 0,
             type          => 'bool',
@@ -2581,6 +2587,12 @@ sub attributes {
             help          => 'secondfactor.html',
             documentation => 'Second factor required',
         },
+        sfRemovedMsg => {
+            type          => 'boolOrExpr',
+            default       => 0,
+            help          => 'secondfactor.html',
+            documentation => 'Display a message if at leat one expired SF has been removed',
+        },
         available2F => {
             type          => 'text',
             default       => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
index 91abab33e..fc76305ac 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@@ -576,9 +576,10 @@ sub tree {
                             help  => 'portalservers.html',
                             form  => 'simpleInputContainer',
                             nodes => [
-                                'wsdlServer',       'restSessionServer',
-                                'restConfigServer', 'soapSessionServer',
-                                'soapConfigServer', 'exportedAttr',
+                                'wsdlServer',           'restSessionServer',
+                                'restExportSecretKeys', 'restConfigServer',
+                                'soapSessionServer',    'soapConfigServer',
+                                'exportedAttr',
                             ]
                         },
                         {
@@ -762,7 +763,7 @@ sub tree {
                                 'yubikey2fTTL',
                             ],
                         },
-                        'sfRequired',
+                        'sfRequired', 'sfRemovedMsg',
                     ]
                 },
                 {
@@ -825,9 +826,12 @@ sub tree {
                                     help  => 'security.html#portal',
                                     form  => 'simpleInputContainer',
                                     nodes => [
-                                        'corsEnabled', 'corsAllow_Credentials', 
-                                        'corsAllow_Headers',  'corsAllow_Methods',
-                                        'corsAllow_Origin',    'corsExpose_Headers',
+                                        'corsEnabled',
+                                        'corsAllow_Credentials',
+                                        'corsAllow_Headers',
+                                        'corsAllow_Methods',
+                                        'corsAllow_Origin',
+                                        'corsExpose_Headers',
                                         'corsMax_Age',
                                     ]
                                 },
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm
index 9c3aad10f..0071c1275 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm
@@ -70,7 +70,7 @@ has confChanged => (
 );
 
 # Properties required during build
-has refConf => ( is => 'ro', isa => 'HashRef', required => 1 );
+has refConf => ( is => 'ro', isa      => 'HashRef', required => 1 );
 has req     => ( is => 'ro', required => 1 );
 has newConf => ( is => 'rw', isa      => 'HashRef' );
 has tree    => ( is => 'rw', isa      => 'ArrayRef' );
@@ -160,7 +160,7 @@ sub _scanNodes {
         hdebug("Looking to $name");
 
         # subnode
-        my $subNodes     = $leaf->{nodes}      // $leaf->{_nodes};
+        my $subNodes     = $leaf->{nodes} // $leaf->{_nodes};
         my $subNodesCond = $leaf->{nodes_cond} // $leaf->{_nodes_cond};
 
         ##################################
@@ -1101,14 +1101,14 @@ sub _unitTest {
                 or $attr->{type} =~ /Container$/ )
             {
                 my $keyMsg = $attr->{keyMsgFail} // $type->{keyMsgFail};
-                my $msg    = $attr->{msgFail}    // $type->{msgFail};
+                my $msg    = $attr->{msgFail} // $type->{msgFail};
                 $res = 0
                   unless (
                     $self->_execTest( {
-                            keyTest => $attr->{keyTest} // $type->{keyTest},
+                            keyTest    => $attr->{keyTest} // $type->{keyTest},
                             keyMsgFail => $attr->{keyMsgFail}
                               // $type->{keyMsgFail},
-                            test    => $attr->{test}    // $type->{test},
+                            test    => $attr->{test} // $type->{test},
                             msgFail => $attr->{msgFail} // $type->{msgFail},
                         },
                         $conf->{$key},
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
index 6b5f34aad..918538903 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@@ -207,6 +207,7 @@
 "dbiAuthPassword":"كلمة المرور",
 "dbiAuthPasswordCol":"اسم حقل كلمة المرور",
 "dbiAuthPasswordHash":"هاش المخطط",
+"dbiAuthPasswordHash":"Hash scheme",
 "dbiDynamicHash":"dynamic hashing",
 "dbiDynamicHashEnabled":"dynamic hash activation",
 "dbiDynamicHashValidSchemes":"Supported non-salted schemes",
@@ -622,8 +623,8 @@
 "portalCheckLogins":"تحقق من آخر تسجيلات دخول",
 "portalCustomization":"التخصيص",
 "portalDisplayAppslist":"قائمة التطبيقات",
-"portalDisplayChangePassword":"تغيير كلمة المرور",
 "portalDisplayFavApps":"Activation rule",
+"portalDisplayChangePassword":"تغيير كلمة المرور",
 "portalDisplayLoginHistory":"سجل تسجيل الدخول",
 "portalDisplayLogout":"تسجيل الخروج",
 "portalDisplayOidcConsents":"OIDC Consents",
@@ -701,6 +702,7 @@
 "rest2fLogo":"شعار",
 "rest2fVerifyArgs":"Verify Arguments",
 "rest2fVerifyUrl":"Verify URL",
+"restExportSecretKeys":"Export secret attributes in REST",
 "restParams":"معايير ريست",
 "restPwdConfirmUrl":"عنوان اليو آر إل لتأكيد كلمة المرور",
 "restPwdModifyUrl":"عنوان اليو آر إل لتغيير كلمة المرور",
@@ -732,6 +734,7 @@
 "sessionTitle":"محتوى الجلسة",
 "sfaTitle":"Second Factors Authentication",
 "sfRequired":"Require 2FA",
+"sfRemovedMsg":"Display a message if an expired SF is removed",
 "show":"عرض",
 "showHelp":"عرض المساعدة",
 "showLanguages":"Show languages choice",
@@ -1006,4 +1009,4 @@
 "samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ",
 "samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
\ No newline at end of file
+}
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
index 31dbddc55..26b088e5d 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
@@ -622,8 +622,8 @@
 "portalCheckLogins":"Check last logins",
 "portalCustomization":"Customization",
 "portalDisplayAppslist":"Applications list",
-"portalDisplayChangePassword":"Password change",
 "portalDisplayFavApps":"Activation rule",
+"portalDisplayChangePassword":"Password change",
 "portalDisplayLoginHistory":"Login History",
 "portalDisplayLogout":"Logout",
 "portalDisplayOidcConsents":"OIDC Consents",
@@ -701,6 +701,7 @@
 "rest2fLogo":"Logo",
 "rest2fVerifyArgs":"Verify Arguments",
 "rest2fVerifyUrl":"Verify URL",
+"restExportSecretKeys":"Export secret attributes in REST",
 "restParams":"REST parameters",
 "restPwdConfirmUrl":"Password confirmation URL",
 "restPwdModifyUrl":"Password change URL",
@@ -732,6 +733,7 @@
 "sessionTitle":"Session content",
 "sfaTitle":"Second Factors Authentication",
 "sfRequired":"Require 2FA",
+"sfRemovedMsg":"Display a message if an expired SF is removed",
 "show":"Show",
 "showHelp":"Show help",
 "showLanguages":"Show languages choice",
@@ -1006,4 +1008,4 @@
 "samlRelayStateTimeout":"RelayState session timeout",
 "samlUseQueryStringSpecific":"Use specific query_string method",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
\ No newline at end of file
+}
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
index 366b53c35..13b61926c 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@@ -701,6 +701,7 @@
 "rest2fLogo":"Logo",
 "rest2fVerifyArgs":"Verify Arguments",
 "rest2fVerifyUrl":"Verify URL",
+"restExportSecretKeys":"Export secret attributes in REST",
 "restParams":"REST parameters",
 "restPwdConfirmUrl":"Password confirmation URL",
 "restPwdModifyUrl":"Password change URL",
@@ -732,6 +733,7 @@
 "sessionTitle":"Session content",
 "sfaTitle":"Second Factors Authentication",
 "sfRequired":"Require 2FA",
+"sfRemovedMsg":"Display a message if an expired SF is removed",
 "show":"Show",
 "showHelp":"Show help",
 "showLanguages":"Show languages choice",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
index 2b40330c8..12c095fc4 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@@ -701,6 +701,7 @@
 "rest2fLogo":"Logo",
 "rest2fVerifyArgs":"Arguments de vérification",
 "rest2fVerifyUrl":"URL de vérification",
+"restExportSecretKeys":"Exporter les attributs secrets en REST",
 "restParams":"Paramètres REST",
 "restPwdConfirmUrl":"URL de confirmation de mot-de-passe",
 "restPwdModifyUrl":"URL de modification de mot-de-passe",
@@ -732,6 +733,7 @@
 "sessionTitle":"Contenu de la session",
 "sfaTitle":"Seconds Facteurs d'Authentification",
 "sfRequired":"Exiger 2FA",
+"sfRemovedMsg":"Afficher un message si un SF expiré est supprimé",
 "show":"Montrer",
 "showHelp":"Montrer l'aide",
 "showLanguages":"Afficher le choix des langues",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
index c39736e0f..4fc9a9f0a 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@@ -701,6 +701,7 @@
 "rest2fLogo":"Logo",
 "rest2fVerifyArgs":"Verifica Argomenti",
 "rest2fVerifyUrl":"Verifica UR",
+"restExportSecretKeys":"Export secret attributes in REST",
 "restParams":"Parametri REST",
 "restPwdConfirmUrl":"URL di conferma password",
 "restPwdModifyUrl":"URL di modifica password",
@@ -732,6 +733,7 @@
 "sessionTitle":"Contenuto della sessione",
 "sfaTitle":"Autenticazione a due fattori",
 "sfRequired":"Richiedi 2FA",
+"sfRemovedMsg":"Display a message if an expired SF is removed",
 "show":"Mostra",
 "showHelp":"Mostra aiuto",
 "showLanguages":"Mostra la scelta delle lingue",
@@ -1006,4 +1008,4 @@
 "samlRelayStateTimeout":"Timeout di sessione di RelayState",
 "samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string",
 "samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP"
-}
\ No newline at end of file
+}
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
index 289c94927..ef8ec265f 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@@ -58,7 +58,6 @@
 "authChoiceParam":"Tham số URL",
 "authentication":"Mô đun xác thực",
 "authenticationNeeded":"Xác thực cần thiết",
-"portalDisplayFavApps":"Activation rule",
 "authenticationLevel":"Mức xác thực",
 "authenticationTitle":"Xác thực",
 "AuthLDAPFilter":"Bộ lọc xác thực",
@@ -623,6 +622,7 @@
 "portalCheckLogins":"Kiểm tra đăng nhập lần cuối",
 "portalCustomization":"Tùy chỉnh",
 "portalDisplayAppslist":"Danh sách ứng dụng",
+"portalDisplayFavApps":"Activation rule",
 "portalDisplayChangePassword":"Thay đổi mật khẩu",
 "portalDisplayLoginHistory":"Lịch sử đăng nhập",
 "portalDisplayLogout":"Đăng xuất",
@@ -701,6 +701,7 @@
 "rest2fLogo":"Logo",
 "rest2fVerifyArgs":"Verify Arguments",
 "rest2fVerifyUrl":"Verify URL",
+"restExportSecretKeys":"Export secret attributes in REST",
 "restParams":"Tham số REST",
 "restPwdConfirmUrl":"URL xác nhận mật khẩu",
 "restPwdModifyUrl":"URL thay đổi mật khẩu",
@@ -732,6 +733,7 @@
 "sessionTitle":"Nội dung phiên",
 "sfaTitle":"Second Factors Authentication",
 "sfRequired":"Require 2FA",
+"sfRemovedMsg":"Display a message if an expired SF is removed",
 "show":"Hiển thị",
 "showHelp":"Hiển thị trợ giúp",
 "showLanguages":"Show languages choice",
@@ -1006,4 +1008,4 @@
 "samlRelayStateTimeout":"Thời gian hết hạn phiên RelayState ",
 "samlUseQueryStringSpecific":"Sử dụng phương pháp query_string cụ thể",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
\ No newline at end of file
+}
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
index 8944e71a0..26fdb0af7 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
@@ -701,6 +701,7 @@
 "rest2fLogo":"Logo",
 "rest2fVerifyArgs":"Verify Arguments",
 "rest2fVerifyUrl":"Verify URL",
+"restExportSecretKeys":"Export secret attributes in REST",
 "restParams":"REST parameters",
 "restPwdConfirmUrl":"Password confirmation URL",
 "restPwdModifyUrl":"Password change URL",
@@ -732,6 +733,7 @@
 "sessionTitle":"Session content",
 "sfaTitle":"Second Factors Authentication",
 "sfRequired":"Require 2FA",
+"sfRemovedMsg":"Display a message if an expired SF is removed",
 "show":"Show",
 "showHelp":"Show help",
 "showLanguages":"Show languages choice",
@@ -1006,4 +1008,4 @@
 "samlRelayStateTimeout":"RelayState session timeout",
 "samlUseQueryStringSpecific":"Use specific query_string method",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
\ No newline at end of file
+}
diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
index c798934b4..a2e5b2648 100644
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
@@ -1 +1 @@
-{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","bruteForceProtection":"generalParameters/advancedParams/security","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","combinationForms":"generalParameters/authParams/combinationParams","confirmFormMethod":"generalParameters/advancedParams/forms","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customRegister":"generalParameters/authParams/customParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","demoExportedVars":"generalParameters/authParams/demoParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/external2f","ext2FValidateCommand":"generalParameters/secondFactors/external2f","ext2fActivation":"generalParameters/secondFactors/external2f","ext2fAuthnLevel":"generalParameters/secondFactors/external2f","ext2fCodeActivation":"generalParameters/secondFactors/external2f","ext2fLogo":"generalParameters/secondFactors/external2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","favAppsMaxNumber":"generalParameters/portalParams/portalMenu/portalModules/favApps","formTimeout":"generalParameters/advancedParams/security","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationPrefix":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationServer":"generalParameters/plugins/notifications","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayFavApps":"generalParameters/portalParams/portalMenu/portalModules/favApps","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restConfigServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlIdPResolveCookie":"samlServiceMetaData/samlAdvanced","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleSessionUserByIP":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp","totp2fAuthnLevel":"generalParameters/secondFactors/totp","totp2fDigits":"generalParameters/secondFactors/totp","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp","totp2fInterval":"generalParameters/secondFactors/totp","totp2fIssuer":"generalParameters/secondFactors/totp","totp2fRange":"generalParameters/secondFactors/totp","totp2fSelfRegistration":"generalParameters/secondFactors/totp","totp2fTTL":"generalParameters/secondFactors/totp","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
+{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","bruteForceProtection":"generalParameters/advancedParams/security","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","combinationForms":"generalParameters/authParams/combinationParams","confirmFormMethod":"generalParameters/advancedParams/forms","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customRegister":"generalParameters/authParams/customParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","demoExportedVars":"generalParameters/authParams/demoParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/external2f","ext2FValidateCommand":"generalParameters/secondFactors/external2f","ext2fActivation":"generalParameters/secondFactors/external2f","ext2fAuthnLevel":"generalParameters/secondFactors/external2f","ext2fCodeActivation":"generalParameters/secondFactors/external2f","ext2fLogo":"generalParameters/secondFactors/external2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","favAppsMaxNumber":"generalParameters/portalParams/portalMenu/portalModules/favApps","formTimeout":"generalParameters/advancedParams/security","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationPrefix":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationServer":"generalParameters/plugins/notifications","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayFavApps":"generalParameters/portalParams/portalMenu/portalModules/favApps","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restConfigServer":"generalParameters/plugins/portalServers","restExportSecretKeys":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlIdPResolveCookie":"samlServiceMetaData/samlAdvanced","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfRemovedMsg":"generalParameters/secondFactors","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleSessionUserByIP":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp","totp2fAuthnLevel":"generalParameters/secondFactors/totp","totp2fDigits":"generalParameters/secondFactors/totp","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp","totp2fInterval":"generalParameters/secondFactors/totp","totp2fIssuer":"generalParameters/secondFactors/totp","totp2fRange":"generalParameters/secondFactors/totp","totp2fSelfRegistration":"generalParameters/secondFactors/totp","totp2fTTL":"generalParameters/secondFactors/totp","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json
index 0da8b050c..3caa0f639 100644
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
@@ -1 +1 @@
-[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"},{"_nodes":[{"default":1,"id":"portalDisplayFavApps","title":"portalDisplayFavApps","type":"boolOrExpr"},{"default":3,"id":"favAppsMaxNumber","title":"favAppsMaxNumber","type":"int"}],"help":"favapps.html","id":"favApps","title":"favApps","type":"simpleInputContainer"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"},{"id":"combinationForms","title":"combinationForms"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"default":"_2fDevices _loginHistory hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"bool"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"bool"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"default":"real_","id":"impersonationPrefix","title":"impersonationPrefix"},{"default":"_2fDevices _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fTTL","title":"u2fTTL","type":"int"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
+[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConnectedRP","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"},{"_nodes":[{"default":1,"id":"portalDisplayFavApps","title":"portalDisplayFavApps","type":"boolOrExpr"},{"default":3,"id":"favAppsMaxNumber","title":"favAppsMaxNumber","type":"int"}],"help":"favapps.html","id":"favApps","title":"favApps","type":"simpleInputContainer"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories_and_applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"bool"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password_management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"}],"help":"portalcustom.html#other_parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":4,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"default":389,"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_basicprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"},{"id":"combinationForms","title":"combinationForms"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication_users_and_password_databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling_cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"}],"help":"start.html#identity_provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"default":"_password","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/tmp","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions_database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"bool"},{"default":0,"id":"singleIP","title":"singleIP","type":"bool"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"bool"},{"default":0,"id":"singleSessionUserByIP","title":"singleSessionUserByIP","type":"bool"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"cnodes":"reloadUrls","help":"configlocation.html#configuration_reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"}],"help":"configlocation.html#configuration_reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"default":"_2fDevices _loginHistory hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"bool"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"bool"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"default":"real_","id":"impersonationPrefix","title":"impersonationPrefix"},{"default":"_2fDevices _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"}],"help":"totp2f.html","id":"totp","title":"totp","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fTTL","title":"u2fTTL","type":"int"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"external2f","title":"external2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRemovedMsg","title":"sfRemovedMsg","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"'self'","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure_security_settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"}],"help":"redirections.html#portal_redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced_features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend_variables_using_macros_and_groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security_parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid_formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication_contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service_provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity_provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute_authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":"lemonldapidp","id":"samlIdPResolveCookie","title":"samlIdPResolveCookie"},{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"default":"http://auth.example.com","id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service_configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare_the_openid_connect_provider_in_llng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration_of_relying_party_in_llng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring_the_cas_service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring_cas_applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
diff --git a/lemonldap-ng-manager/t/80-attributes.t b/lemonldap-ng-manager/t/80-attributes.t
index 81ca0437d..b584ba732 100644
--- a/lemonldap-ng-manager/t/80-attributes.t
+++ b/lemonldap-ng-manager/t/80-attributes.t
@@ -54,7 +54,8 @@ my @notManagedAttributes = (
     # Other ini-only prms
     'configStorage', 'status', 'localStorageOptions', 'localStorage',
     'max2FDevices',              'max2FDevicesNameLength', 'checkTime',
-    'mySessionAuthorizedRWKeys', 'handlerInternalCache', 'handlerServiceTokenTTL'
+    'mySessionAuthorizedRWKeys', 'handlerInternalCache',
+    'handlerServiceTokenTTL'
 );
 
 # Words used either as attribute name and node title
diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST
index 97057d3a7..f644dbb14 100644
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@@ -416,6 +416,7 @@ t/01-CSP-and-CORS-headers.t
 t/01-pdata.t
 t/02-Password-Demo.t
 t/03-XSS-protection.t
+t/04-language-selection.t
 t/19-Auth-Null.t
 t/20-Auth-and-password-DBI-dynamic-hash.t
 t/20-Auth-and-password-DBI.t
@@ -478,11 +479,13 @@ t/34-Auth-Proxy-and-REST-Server.t
 t/34-Auth-Proxy-and-SOAP-Server.t
 t/35-My-session.t
 t/35-REST-config-backend.t
+t/35-REST-export-password.t
 t/35-REST-sessions-with-AuthBasic-handler.t
 t/35-REST-sessions-with-REST-server.t
 t/35-SOAP-config-backend.t
 t/35-SOAP-sessions-with-SOAP-server.t
 t/36-Combination-Kerberos-or-Demo.t
+t/36-Combination-with-Choice.t
 t/36-Combination-with-over.t
 t/36-Combination-with-token.t
 t/36-Combination.t
@@ -549,8 +552,11 @@ t/68-Impersonation.t
 t/69-FavApps.t
 t/70-2F-TOTP-8.t
 t/70-2F-TOTP-with-History.t
+t/70-2F-TOTP-with-TTL-and-msg.t
 t/70-2F-TOTP-with-TTL.t
 t/71-2F-U2F-with-History.t
+t/71-2F-U2F-with-TTL-and-msg.t
+t/71-2F-U2F-with-TTL.t
 t/71-2F-U2F.t
 t/72-2F-REST-with-History.t
 t/73-2F-UTOTP-TOTP-and-U2F-with-History.t
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
index a4c112933..89ed68261 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
@@ -18,6 +18,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_OK
   PE_SENDRESPONSE
   PE_TOKENEXPIRED
+  PE_INFO
 );
 
 our $VERSION = '2.1.0';
@@ -26,11 +27,10 @@ extends 'Lemonldap::NG::Portal::Main::Plugin';
 
 # INITIALIZATION
 
-has sfModules => ( is => 'rw', default => sub { [] } );
-
+has sfModules  => ( is => 'rw', default => sub { [] } );
 has sfRModules => ( is => 'rw', default => sub { [] } );
-
-has sfReq => ( is => 'rw' );
+has sfReq      => ( is => 'rw' );
+has sfMsg      => ( is => 'rw' );
 
 has ott => (
     is      => 'rw',
@@ -106,6 +106,19 @@ sub init {
         return 0;
     }
 
+    unless (
+        $self->sfMsg(
+            $self->p->HANDLER->buildSub(
+                $self->p->HANDLER->substitute( $self->conf->{sfRemovedMsg} )
+            )
+        )
+      )
+    {
+        $self->error( 'Error in sfRemovedMsg rule'
+              . $self->p->HANDLER->tsv->{jail}->error );
+        return 0;
+    }
+
     # Enable REST request only if more than 1 2F module is enabled
     if ( @{ $self->{sfModules} } > 1 ) {
         $self->addUnauthRoute( '2fchoice' => '_choice',   ['POST'] );
@@ -155,49 +168,54 @@ sub run {
             $self->logger->error("Bad encoding in _2fDevices: $@");
             return PE_ERROR;
         }
+
         $self->logger->debug(" -> 2F Device(s) found");
-
-        # Initialize 2FDevices TTL
-        my $u2fTTL = $self->conf->{u2fTTL}
-          && $self->conf->{u2fTTL} > 0 ? $self->conf->{u2fTTL} : 0;
-        my $totpTTL = $self->conf->{totp2fTTL}
-          && $self->conf->{totp2fTTL} > 0 ? $self->conf->{totp2fTTL} : 0;
-        my $ubkTTL = $self->conf->{yubikey2fTTL}
-          && $self->conf->{yubikey2fTTL} > 0 ? $self->conf->{yubikey2fTTL} : 0;
-
-        # Processing if at least one TTL is set
-        if ( $u2fTTL || $totpTTL || $ubkTTL ) {
-            my $now     = time();
-            my $removed = 0;
-            $self->logger->debug("Looking for expired 2F device(s)...");
-            foreach my $device (@$_2fDevices) {
-                foreach my $type (qw(TOTP U2F UBK)) {
-                    if ( $device->{type} eq $type ) {
-                        if ( eval( '$' . lc($type) . 'TTL' )
-                            && $now - $device->{epoch} >
-                            eval( '$' . lc($type) . 'TTL' ) )
-                        {
-                            $self->logger->debug(
-"Remove $type -> $device->{name} / $device->{epoch}"
-                            );
-                            $self->userLogger->info("Remove expired $type");
-                            $device->{type} = 'EXPIRED';
-                            $removed++;
-                            last;
-                        }
-                    }
-                }
-            }
-            if ($removed) {
+        my $now     = time();
+        my $removed = 0;
+        $self->logger->debug("Looking for expired 2F device(s)...");
+        foreach my $device (@$_2fDevices) {
+            my $type = lc( $device->{type} );
+            $type =~ s/2f$//i;
+            $type = 'yubikey' if $type eq 'ubk';
+            my $ttl = $self->conf->{ $type . '2fTTL' };
+            if ( $ttl and $ttl > 0 and $now - $device->{epoch} > $ttl ) {
                 $self->logger->debug(
-"Found $removed EXPIRED 2F device(s) => Update persistent session"
+"Remove $device->{type} -> $device->{name} / $device->{epoch}"
                 );
-                $self->userLogger->notice(
-                    " -> $removed EXPIRED 2F device(s) removed");
-                @$_2fDevices =
-                  map { $_->{type} =~ /\bEXPIRED\b/ ? () : $_ } @$_2fDevices;
-                $self->p->updatePersistentSession( $req,
-                    { _2fDevices => to_json($_2fDevices) } );
+                $self->userLogger->info("Remove expired $device->{type}");
+                $device->{type} = 'EXPIRED';
+                $removed++;
+            }
+        }
+
+        if ($removed) {
+            $self->logger->debug(
+"Found $removed EXPIRED 2F device(s) => Update persistent session"
+            );
+            $self->userLogger->notice(
+                " -> $removed EXPIRED 2F device(s) removed");
+            @$_2fDevices =
+              map { $_->{type} =~ /\bEXPIRED\b/ ? () : $_ } @$_2fDevices;
+            $self->p->updatePersistentSession( $req,
+                { _2fDevices => to_json($_2fDevices) } );
+
+            # Display message if required
+            if ( $self->sfMsg->( $req, $req->sessionInfo ) ) {
+                $req->info(
+                    $self->loadTemplate(
+                        'simpleInfo',
+                        (
+                            $removed > 1
+                            ? (
+                                params => {
+                                    trspan => "expired2Fremoved, $removed"
+                                }
+                              )
+                            : ( params => { trspan => "oneExpired2Fremoved" } )
+                        )
+                    )
+                );
+                return PE_INFO;
             }
         }
     }
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
index d8d50638d..38ad22b3e 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
@@ -1009,6 +1009,11 @@ sub token {
     # Get code session
     my $code = $req->param('code');
 
+    unless ($code) {
+        $self->logger->error("No code found on token endpoint");
+        return $self->p->sendError( $req, 'invalid_request', 400 );
+    }
+
     $self->logger->debug("OpenID Connect Code: $code");
 
     my $codeSession = $self->getOpenIDConnectSession($code);
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm
index 655317d8d..0a64a88e0 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm
@@ -230,8 +230,10 @@ sub getForm {
 
                 # Get displayType for this module
                 no strict 'refs';
-                my $displayType = "Lemonldap::NG::Portal::Auth::${auth}"
-                  ->can('getForm')->( $self, $req );
+                my $displayType = eval {
+                    "Lemonldap::NG::Portal::Auth::${auth}"
+                      ->can('getForm')->( $self, $req );
+                } || 'logo';
 
                 $self->logger->debug( 'Display type '
                       . ( ref $displayType ? '[ref]' : $displayType )
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
index 18e5909c5..2321e3900 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
@@ -12,7 +12,7 @@ use Data::Dumper;
 
 use constant CommonPrms => {
     MAIN_LOGO => 'portalMainLogo',
-    LANGS => 'showLanguages',
+    LANGS     => 'showLanguages',
 };
 
 has skinRules => ( is => 'rw' );
@@ -40,7 +40,8 @@ sub displayInit {
     $self->logger->debug(
         "FavApps activation rule -> " . $self->conf->{portalDisplayFavApps} );
     my $rule =
-      HANDLER->buildSub( HANDLER->substitute( $self->conf->{portalDisplayFavApps} ) );
+      HANDLER->buildSub(
+        HANDLER->substitute( $self->conf->{portalDisplayFavApps} ) );
     unless ($rule) {
         $self->error(
             "Bad FavApps activation rule -> " . HANDLER->tsv->{jail}->error );
@@ -317,9 +318,10 @@ sub display {
             $filter->{LOGIN_FORM} = $form;
         }
     }
+
     # Common parameters
-    foreach (keys %{CommonPrms()}){
-        $templateParams{$_} = $self->conf->{CommonPrms->{$_}};
+    foreach ( keys %{ CommonPrms() } ) {
+        $templateParams{$_} = $self->conf->{ CommonPrms->{$_} };
     }
 
     $self->logger->debug("Calling sendHtml with template $skinfile");
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Menu.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Menu.pm
index 6907aee46..073e92b9e 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Menu.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Menu.pm
@@ -244,7 +244,8 @@ sub _buildCategoryHash {
     if ( scalar keys %$apphash > 0 ) {
         foreach my $appkey (
             sort {
-                ($apphash->{$a}->{order} || 0) <=> ($apphash->{$b}->{order} || 0)
+                ( $apphash->{$a}->{order} || 0 )
+                  <=> ( $apphash->{$b}->{order} || 0 )
                   or $a cmp $b
             }
             keys %$apphash
@@ -258,7 +259,8 @@ sub _buildCategoryHash {
     # Display subcategories
     foreach my $catkey (
         sort {
-                ($cathash->{$a}->{order} || 0) <=> ($cathash->{$b}->{order} || 0)
+            ( $cathash->{$a}->{order} || 0 )
+              <=> ( $cathash->{$b}->{order} || 0 )
               or $a cmp $b
         }
         grep { not /^(?:catname|type|options|order)$/ } keys %$cathash
@@ -312,7 +314,8 @@ sub _buildApplicationHash {
     if ( scalar keys %$subapphash > 0 ) {
         foreach my $appkey (
             sort {
-                ($subapphash->{$a}->{order} || 0)  <=> ( $subapphash->{$b}->{order} || 0 )
+                ( $subapphash->{$a}->{order} || 0 )
+                  <=> ( $subapphash->{$b}->{order} || 0 )
                   or $a cmp $b
             }
             keys %$subapphash
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
index e6fae5d98..6c54b68e0 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -794,7 +794,7 @@ sub sendHtml {
     if ( $self->conf->{corsEnabled} ) {
         push @{ $res->[1] }, @cors;
         $self->logger->debug(
-            "Apply following CORS policy : " . Data::Dumper::Dumper(\@cors) );
+            "Apply following CORS policy : " . Data::Dumper::Dumper( \@cors ) );
     }
 
     # Set authorized URL for POST
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
index bd2f064ca..e154bc091 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
@@ -125,7 +125,7 @@ sub run {
     }
 
     # Merging SSO Groups and hGroups & dedup
-    $spoofSession->{groups} ||= '';
+    $spoofSession->{groups}  ||= '';
     $spoofSession->{hGroups} ||= {};
     if ( $self->{conf}->{impersonationMergeSSOgroups} ) {
         $self->userLogger->warn("MERGING SSO groups and hGroups...");
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm
index f704c4763..970033b01 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm
@@ -134,7 +134,13 @@ sub init {
 
         # Methods inherited from Lemonldap::NG::Common::Session::REST
         $self->addUnauthRoute(
-            sessions => { ':sessionType' => 'session' },
+            sessions => {
+                ':sessionType' => (
+                    $self->conf->{restExportSecretKeys}
+                    ? 'rawSession'
+                    : 'session'
+                )
+            },
             ['GET']
         );
         $self->addUnauthRoute(
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm
index 5216affcb..89cd2dbe9 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm
@@ -384,7 +384,7 @@ sub deleteSession {
     my ( $self, $req, $id ) = @_;
     die('id parameter is required') unless ($id);
 
-    my $session = $self->p->getApacheSession($id, kind => '');
+    my $session = $self->p->getApacheSession( $id, kind => '' );
 
     return 0 unless ($session);
 
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Custom.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Custom.pm
index 7380fdd13..aa8fd3aff 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Custom.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Custom.pm
@@ -1,6 +1,7 @@
 package Lemonldap::NG::Portal::Register::Custom;
 
 use strict;
+use Mouse;
 
 extends 'Lemonldap::NG::Portal::Register::Base';
 
diff --git a/lemonldap-ng-portal/site/cron/purgeCentralCache.cron.d b/lemonldap-ng-portal/site/cron/purgeCentralCache.cron.d
index 55900362d..ac9f31b53 100644
--- a/lemonldap-ng-portal/site/cron/purgeCentralCache.cron.d
+++ b/lemonldap-ng-portal/site/cron/purgeCentralCache.cron.d
@@ -1,4 +1,4 @@
 #
 # Regular cron jobs for LemonLDAP::NG Portal
 #
-*/10 *	* * *	__APACHEUSER__	[ -x __BINDIR__/purgeCentralCache ] && __BINDIR__/purgeCentralCache
+7 *	* * *	__APACHEUSER__	[ -x __BINDIR__/purgeCentralCache ] && __BINDIR__/purgeCentralCache
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
index ec0467a20..41e487724 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"يرجى استخدام يوبي كي الخاص بك",
 "errorMsg":"رسالة خاطئة",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"الاسم الاول",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"التطبيق ٪s هل ترغب في معرفة:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"هل توافق على تقديم الإعدادات التالية؟",
 "openIdExample":"فمثلا:http://myopenid.org/toto",
 "openidExchange":"هل تريد مصادقة نفسك على٪ s؟",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"إزالة الجلسات الأخرى",
 "resendConfirmMail":"هل تريد إعادة إرسال رسالة التأكيد؟",
 "resentConfirm":"هل تريد إعادة إرسال رسالة التأكيد؟",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"إعادة تعيين كلمة المرور الخاصة بي",
 "rightsReloadNeedsLogout":" إعادة تحميل الحقوق تحتاج إلى تسجيل الخروج وتسجيل الدخول مرة أخرى",
 "scope":"نطاق",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
index 5c24f7409..53f83a7c7 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Gebe den TOTP Code ein",
 "enterYubikey":"Benutze bitte deinen Yubikey",
 "errorMsg":"Fehlermeldung",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fülle das Formular aus",
 "firstName":"Vorname",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"Die Anwendung %s möchte wissen:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Stimmst du folgenden Parametern zu ?",
 "openIdExample":"zum Beispiel: http://myopenid.org/toto",
 "openidExchange":"Willst du dich bei %s authentifizieren ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Andere Sitzungen löschen",
 "resendConfirmMail":"Bestätigungsmail erneuert senden ?",
 "resentConfirm":"Möchtest du, dass die Bestätigungsmail erneut gesendet wird ?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Mein Passwort zurücksetzen",
 "rightsReloadNeedsLogout":"Zum Neuladen der Rechte musst du dich ab- und wieder anmelden",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index 6e646fd2c..ac118d2a9 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Please use your Yubikey",
 "errorMsg":"Error Message",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents": "OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Do you agree to provide the following parameters?",
 "openIdExample":"for example:http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
index 9a3f77e9a..c010d1b5f 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Please use your Yubikey",
 "errorMsg":"Error Message",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Do you agree to provide the following parameters?",
 "openIdExample":"for example:http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Remove other sessions",
 "resendConfirmMail":"Resend confirmation mail?",
 "resentConfirm":"Do you want the confirmation mail to be resent?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Reset my password",
 "rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fi.json b/lemonldap-ng-portal/site/htdocs/static/languages/fi.json
index c01658801..adaa991c2 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fi.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fi.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Please use your Yubikey",
 "errorMsg":"Virhe viesti",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"Etunimi",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Do you agree to provide the following parameters?",
 "openIdExample":"for example:http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Remove other sessions",
 "resendConfirmMail":"Uudelleen lähetä vahvistus sähköposti?",
 "resentConfirm":"Do you want the confirmation mail to be resent?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Palauta salasanani?",
 "rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index 620e15c54..61d5f132e 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Entrez le code TOTP",
 "enterYubikey":"Utilisez votre Yubikey",
 "errorMsg":"Message d'erreur",
-"yourFavApps":"Applications favorites",
+"expired2Fremoved":"%s seconds facteurs expirés ont été supprimés !",
 "fillTheForm":"Remplissez le formulaire",
 "forbidden":"Accès INTERDIT",
 "firstName":"Prénom",
@@ -175,6 +175,7 @@
 "oidcConsent":"L'application %s voudrait connaître :",
 "oidcConsents": "Accords OIDC",
 "oidcConsentsFull":"Accords OpenID Connect",
+"oneExpired2Fremoved":"Un second facteur expiré a été supprimé !",
 "openidAp":"Consentez-vous à communiquer les paramètres suivants ?",
 "openIdExample":"par exemple : http://myopenid.org/toto",
 "openidExchange":"Souhaitez-vous vous identifier sur le site %s ?",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
index 8d5dfe186..e98854508 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Inserisci il codice TOTP",
 "enterYubikey":"Utilizza il tuo Yubikey",
 "errorMsg":"Messaggio di errore",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Compila il modulo",
 "firstName":"Nome",
 "forbidden":"Accesso VIETATO",
@@ -175,6 +175,7 @@
 "oidcConsent":"L'applicazione %s vorrebbe sapere:",
 "oidcConsents":"Consensi OIDC",
 "oidcConsentsFull":"Consensi OpenID Connect",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Accetti di fornire i seguenti parametri?",
 "openIdExample":"per esempio:http://myopenid.org/toto",
 "openidExchange":"Vuoi autenticarti su% s?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Rimuovere altre sessioni",
 "resendConfirmMail":"Inviare nuovamente mail di conferma?",
 "resentConfirm":"Vuoi inviare di nuovo la mail di conferma?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Reimpostare la password",
 "rightsReloadNeedsLogout":"Le ricariche dei diritti necessitano di disconnettersi e di riconnettersi",
 "scope":"Ambito",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
index 318cd1899..8affeda40 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Please use your Yubikey",
 "errorMsg":"Error Message",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Do you agree to provide the following parameters?",
 "openIdExample":"for example:http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Remove other sessions",
 "resendConfirmMail":"Resend confirmation mail?",
 "resentConfirm":"Do you want the confirmation mail to be resent?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Reset my password",
 "rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
index 50ca2ca56..1e942b001 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Please use your Yubikey",
 "errorMsg":"Error Message",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Do you agree to provide the following parameters?",
 "openIdExample":"for example:http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Remove other sessions",
 "resendConfirmMail":"Resend confirmation mail?",
 "resentConfirm":"Do you want the confirmation mail to be resent?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Reset my password",
 "rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
index 70793b1b8..cb211bdbb 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Please use your Yubikey",
 "errorMsg":"Error Message",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"First name",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Do you agree to provide the following parameters?",
 "openIdExample":"for example:http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Remove other sessions",
 "resendConfirmMail":"Resend confirmation mail?",
 "resentConfirm":"Do you want the confirmation mail to be resent?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Reset my password",
 "rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
index c3f2b2915..6e098d3bf 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"Vui lòng sử dụng Yubikey của bạn",
 "errorMsg":"Thông báo lỗi",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"Tên",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"Ứng dụng %s muốn biết:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"Bạn đồng ý cung cấp các thông số sau?",
 "openIdExample":"ví dụ: http: //myopenid.org/toto",
 "openidExchange":"Bạn có muốn chứng thực mình trên%s không?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"Xóa các phiên khác",
 "resendConfirmMail":"Gửi lại thư xác nhận?",
 "resentConfirm":"Bạn có muốn gửi lại thư xác nhận không?",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"Đặt lại mật khẩu của tôi",
 "rightsReloadNeedsLogout":"Tải lại quyền cần đăng xuất và đăng nhập lại",
 "scope":"Phạm vi",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
index 506171b98..6cca90a7a 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json
@@ -131,7 +131,7 @@
 "enterTotpCode":"Enter TOTP code",
 "enterYubikey":"请使用您的Yubikey",
 "errorMsg":"错误消息",
-"yourFavApps":"Favorite applications",
+"expired2Fremoved":"%s expired 2F devices have been removed!",
 "fillTheForm":"Fill the form",
 "firstName":"名",
 "forbidden":"Access FORBIDDEN",
@@ -175,6 +175,7 @@
 "oidcConsent":"The application %s would like to know:",
 "oidcConsents":"OIDC consents",
 "oidcConsentsFull":"OpenID Connect consents",
+"oneExpired2Fremoved":"An expired 2F device has been removed!",
 "openidAp":"您是否同意提供以下参数?",
 "openIdExample":"例如：http://myopenid.org/toto",
 "openidExchange":"Do you want to authenticate yourself on %s ?",
@@ -202,7 +203,6 @@
 "removeOtherSessions":"移除其他会话",
 "resendConfirmMail":"重新发送确认邮件？",
 "resentConfirm":"您想确认邮件被重新发送吗？",
-"resetFavApps":"Reset my favorite Apps.",
 "resetPwd":"重置我的密码",
 "rightsReloadNeedsLogout":"重新加载权限需要登出并且再次登录",
 "scope":"Scope",
diff --git a/lemonldap-ng-portal/t/04-language-selection.t b/lemonldap-ng-portal/t/04-language-selection.t
index b697daccf..cf64b66c0 100644
--- a/lemonldap-ng-portal/t/04-language-selection.t
+++ b/lemonldap-ng-portal/t/04-language-selection.t
@@ -8,8 +8,11 @@ BEGIN {
 
 my ( $client, $res, $id );
 
-$client = LLNG::Manager::Test->new(
-    { ini => { logLevel => 'error', restSessionServer => 1, useSafeJail => 1 }, } );
+$client = LLNG::Manager::Test->new( {
+        ini =>
+          { logLevel => 'error', restSessionServer => 1, useSafeJail => 1 },
+    }
+);
 
 # Try to authenticate
 # -------------------
@@ -24,12 +27,12 @@ ok(
 count(1);
 expectOK($res);
 $id = expectCookie($res);
-    
+
 ok( $res = $client->_get("/sessions/global/$id"), 'Get session' );
 count(1);
 expectOK($res);
 ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
-    or print STDERR $@;
+  or print STDERR $@;
 count(1);
 ok( $res->{_language} eq 'en', 'Default value for _language' );
 count(1);
@@ -49,17 +52,16 @@ ok(
 count(1);
 expectOK($res);
 $id = expectCookie($res);
-    
+
 ok( $res = $client->_get("/sessions/global/$id"), 'Get session' );
 count(1);
 expectOK($res);
 ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
-    or print STDERR $@;
+  or print STDERR $@;
 count(1);
 ok( $res->{_language} eq 'fr', 'Correct value for _language' );
 count(1);
 
-
 # Test logout
 $client->logout($id);
 
diff --git a/lemonldap-ng-portal/t/28-AuthChoice-and-password.t b/lemonldap-ng-portal/t/28-AuthChoice-and-password.t
index 835167bdb..20afe55d3 100644
--- a/lemonldap-ng-portal/t/28-AuthChoice-and-password.t
+++ b/lemonldap-ng-portal/t/28-AuthChoice-and-password.t
@@ -31,8 +31,9 @@ SKIP: {
 
                 authChoiceParam   => 'test',
                 authChoiceModules => {
-                    ldap => 'LDAP;LDAP;LDAP',
-                    sql  => 'DBI;DBI;DBI',
+                    ldap  => 'LDAP;LDAP;LDAP',
+                    sql   => 'DBI;DBI;DBI',
+                    slave => 'Slave;LDAP;LDAP',
                 },
 
                 dbiAuthChain        => 'dbi:SQLite:dbname=t/userdb.db',
@@ -47,6 +48,11 @@ SKIP: {
                 ldapBase        => 'ou=users,dc=example,dc=com',
                 managerDn       => 'cn=admin,dc=example,dc=com',
                 managerPassword => 'admin',
+
+                slaveUserHeader   => 'My-Test',
+                slaveExportedVars => {
+                    name => 'Name',
+                }
             }
         }
     );
diff --git a/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t b/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t
index 6af4aba01..4ca0bb350 100644
--- a/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t
+++ b/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t
@@ -205,7 +205,7 @@ SKIP: {
         ),
         'Post SAML response to SP'
     );
-    ok($res->[2]->[0] =~ /trmsg="56"/, 'Found SLO error');
+    ok( $res->[2]->[0] =~ /trmsg="56"/, 'Found SLO error' );
 }
 
 count($maintests);
diff --git a/lemonldap-ng-portal/t/35-REST-export-password.t b/lemonldap-ng-portal/t/35-REST-export-password.t
new file mode 100644
index 000000000..110700341
--- /dev/null
+++ b/lemonldap-ng-portal/t/35-REST-export-password.t
@@ -0,0 +1,163 @@
+use lib 'inc';
+use Test::More;
+use strict;
+use IO::String;
+use LWP::UserAgent;
+use LWP::Protocol::PSGI;
+
+BEGIN {
+    require 't/test-lib.pm';
+}
+
+my $debug = 'error';
+my ( $issuer, $sp, $res, $spId );
+my %handlerOR = ( issuer => [], sp => [] );
+
+# Redefine LWP methods for tests
+LWP::Protocol::PSGI->register(
+    sub {
+        my $req = Plack::Request->new(@_);
+        ok(
+            $req->uri =~ m#http://auth.idp.com(.*?)(?:\?(.*))?$#,
+            ' @ REST request (' . $req->method . " $1)"
+        );
+        count(1);
+        my $url   = $1;
+        my $query = $2;
+        my $res;
+        if ( $req->method =~ /^(post|put)$/i ) {
+            my $mth = '_' . lc($1);
+            my $s   = $req->content;
+            ok(
+                $res = $issuer->$mth(
+                    $url,
+                    IO::String->new($s),
+                    length => length($s),
+                    type   => $req->header('Content-Type'),
+                ),
+                ' Post request'
+            );
+            count(1);
+            expectOK($res);
+        }
+        elsif ( $req->method =~ /^(get|delete)$/i ) {
+            my $mth = '_' . lc($1);
+            ok(
+                $res = $issuer->$mth(
+                    $url,
+                    accept => $req->header('Accept'),
+                    cookie => $req->header('Cookie'),
+                    query  => $query,
+                ),
+                ' Execute request'
+            );
+            ok( ( $res->[0] == 200 or $res->[0] == 400 ),
+                ' Response is 200 or 400' )
+              or explain( $res->[0], '200 or 400' );
+            count(2);
+        }
+        pass(' @ END OF REST REQUEST');
+        count(1);
+        return $res;
+    }
+);
+
+ok( $issuer = issuer(), 'Issuer portal' );
+$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
+switch ('sp');
+&Lemonldap::NG::Handler::Main::cfgNum( 0, 0 );
+
+ok( $sp = sp(), 'SP portal' );
+$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;
+count(2);
+
+# Simple SP access
+ok(
+    $res = $sp->_get(
+        '/', accept => 'text/html',
+    ),
+    'Unauth SP request'
+);
+expectOK($res);
+
+# Try to auth
+ok(
+    $res = $sp->_post(
+        '/', IO::String->new('user=french&password=french'),
+        length => 27,
+        accept => 'text/html'
+    ),
+    'Post user/password'
+);
+count(2);
+expectRedirection( $res, 'http://auth.sp.com' );
+$spId = expectCookie($res);
+
+# Test auth
+ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId" ), 'Auth test' );
+count(1);
+expectOK($res);
+
+# Test other REST queries
+switch ('issuer');
+
+# Session key
+ok( $res = $issuer->_get("/sessions/global/$spId/[_session_id,_password]"),
+    'Some session keys' );
+expectOK($res);
+ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
+  or print STDERR $@;
+ok( $res->{_session_id} eq $spId, ' Good ID' )
+  or explain( $res, "_session_id => $spId" );
+ok( $res->{_password} eq 'french', ' Password is exported' )
+  or explain( $res, '_password => french' );
+count(4);
+
+clean_sessions();
+done_testing( count() );
+
+sub switch {
+    my $type = shift;
+    @Lemonldap::NG::Handler::Main::_onReload = @{
+        $handlerOR{$type};
+    };
+}
+
+sub issuer {
+    return LLNG::Manager::Test->new( {
+            ini => {
+                logLevel             => $debug,
+                templatesDir         => 'site/htdocs/static',
+                domain               => 'idp.com',
+                portal               => 'http://auth.idp.com',
+                authentication       => 'Demo',
+                userDB               => 'Same',
+                restSessionServer    => 1,
+                restExportSecretKeys => 1,
+            }
+        }
+    );
+}
+
+sub sp {
+    return LLNG::Manager::Test->new( {
+            ini => {
+                logLevel       => $debug,
+                domain         => 'sp.com',
+                portal         => 'http://auth.sp.com',
+                authentication => 'Demo',
+                userDB         => 'Same',
+                globalStorage => 'Lemonldap::NG::Common::Apache::Session::REST',
+                globalStorageOptions => {
+                    baseUrl => 'http://auth.idp.com/sessions/global/'
+                },
+                persistentStorage =>
+                  'Lemonldap::NG::Common::Apache::Session::REST',
+                persistentStorageOptions => {
+                    baseUrl => 'http://auth.idp.com/sessions/persistent/'
+                },
+                storePassword => 1,
+            },
+        }
+    );
+}
diff --git a/lemonldap-ng-portal/t/36-Combination-with-Choice.t b/lemonldap-ng-portal/t/36-Combination-with-Choice.t
new file mode 100644
index 000000000..ac279be17
--- /dev/null
+++ b/lemonldap-ng-portal/t/36-Combination-with-Choice.t
@@ -0,0 +1,118 @@
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+
+my $res;
+my $maintests = 0;
+my $client;
+
+eval { unlink 't/userdb.db' };
+
+SKIP: {
+    eval { require DBI; require DBD::SQLite; };
+    if ($@) {
+        skip 'DBD::SQLite not found', $maintests;
+    }
+    my $dbh = DBI->connect("dbi:SQLite:dbname=t/userdb.db");
+    $dbh->do('CREATE TABLE users (user text,password text,name text)');
+    $dbh->do("INSERT INTO users VALUES ('dvador','dvador','Test user 1')");
+    $dbh->do("INSERT INTO users VALUES ('rtyler','rtyler','Test user 1')");
+
+    $client = iniCmb('[Dm] or [Ch]');
+    expectCookie( try('dwho') );
+    expectCookie( try( 'dvador', 'sql' ) );
+
+    $client = iniCmb('[Dm] and [Ch]');
+    expectCookie( try( 'rtyler', 'sql' ) );
+    expectCookie( try( 'dwho',   'demo' ) );
+    expectReject( try( 'dwho',   'sql' ) );
+
+    $client = iniCmb('if($env->{HTTP_X} eq "dwho") then [Dm] else [Ch]');
+    expectCookie( try('dwho') );
+    expectCookie( try( 'dvador', 'sql' ) );
+
+    $client = iniCmb(
+'if($env->{HTTP_X} eq "rtyler") then [Dm] and [Ch] else if($env->{HTTP_X} eq "dvador") then [Ch] else [Ch]'
+    );
+    expectCookie( try( 'rtyler', 'sql' ) );
+    expectCookie( try( 'dvador', 'sql' ) );
+    expectCookie( try( 'dwho',   'demo' ) );
+    expectReject( try( 'dwho',   'sql' ) );
+}
+count($maintests);
+clean_sessions();
+eval { unlink 't/userdb.db' };
+done_testing( count() );
+
+sub try {
+    my $user = shift;
+    my $s    = "user=$user&password=$user";
+    $s .= "&test=$_[0]" if (@_);
+    my $res;
+    ok(
+        $res = $client->_post(
+            '/', IO::String->new($s),
+            length => length($s),
+            custom => { HTTP_X => $user }
+        ),
+        " Try to connect with login $user"
+    );
+    count(1);
+    return $res;
+}
+
+sub iniCmb {
+    my $expr = shift;
+    &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 );
+    if (
+        my $res = LLNG::Manager::Test->new( {
+                ini => {
+                    logLevel       => 'error',
+                    useSafeJail    => 1,
+                    authentication => 'Combination',
+                    userDB         => 'Same',
+
+                    combination => $expr,
+                    combModules => {
+                        Dm => {
+                            for  => 0,
+                            type => 'Demo',
+                        },
+                        Ch => {
+                            for  => 0,
+                            type => 'Choice',
+                        },
+                    },
+
+                    dbiAuthChain        => 'dbi:SQLite:dbname=t/userdb.db',
+                    dbiAuthUser         => '',
+                    dbiAuthPassword     => '',
+                    dbiAuthTable        => 'users',
+                    dbiAuthLoginCol     => 'user',
+                    dbiAuthPasswordCol  => 'password',
+                    dbiAuthPasswordHash => '',
+                    dbiExportedVars     => {},
+                    demoExportedVars    => {},
+
+                    authChoiceParam   => 'test',
+                    authChoiceModules => {
+                        sql   => 'DBI;DBI;DBI',
+                        slave => 'Slave;DBI;DBI',
+                        demo  => 'Demo;Demo;Demo',
+                    },
+                    slaveUserHeader   => 'My-Test',
+                    slaveExportedVars => {
+                        name => 'Name',
+                    }
+                }
+            }
+        )
+      )
+    {
+        pass(qq'Expression loaded: "$expr"');
+        count(1);
+        return $res;
+    }
+}
diff --git a/lemonldap-ng-portal/t/59-Double-cookies-Refresh-and-Logout.t b/lemonldap-ng-portal/t/59-Double-cookies-Refresh-and-Logout.t
index 486266d6a..e5a1d0379 100644
--- a/lemonldap-ng-portal/t/59-Double-cookies-Refresh-and-Logout.t
+++ b/lemonldap-ng-portal/t/59-Double-cookies-Refresh-and-Logout.t
@@ -189,7 +189,8 @@ ok( $attributes2{'_updateTime'} =~ /^\d{14}$/, 'Timestamp found' )
   or print STDERR Dumper( \%attributes2 );
 count(3);
 
-ok( $attributes2{_updateTime} - $attributes{_updateTime} >= 3, '_updateTime has been updated' )
+ok( $attributes2{_updateTime} - $attributes{_updateTime} >= 3,
+    '_updateTime has been updated' )
   or print STDERR Dumper( \%attributes2 );
 count(1);
 
diff --git a/lemonldap-ng-portal/t/59-Secured-cookie-Refresh-and-Logout.t b/lemonldap-ng-portal/t/59-Secured-cookie-Refresh-and-Logout.t
index 237fd6b98..0c350f3f8 100644
--- a/lemonldap-ng-portal/t/59-Secured-cookie-Refresh-and-Logout.t
+++ b/lemonldap-ng-portal/t/59-Secured-cookie-Refresh-and-Logout.t
@@ -68,11 +68,9 @@ ok(
 );
 count(1);
 expectOK($res);
-ok(
-    $res->[2]->[0] =~
-m%<span trspan="connectedAs">Connected as</span> dwho%,
-    'Connected as Dwho'
-) or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%<span trspan="connectedAs">Connected as</span> dwho%,
+    'Connected as Dwho' )
+  or print STDERR Dumper( $res->[2]->[0] );
 count(1);
 
 # Refresh rights
@@ -101,11 +99,9 @@ ok(
 count(1);
 expectOK($res);
 
-ok(
-    $res->[2]->[0] =~
-m%<span trspan="connectedAs">Connected as</span> dwho%,
-    'Connected as Dwho'
-) or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%<span trspan="connectedAs">Connected as</span> dwho%,
+    'Connected as Dwho' )
+  or print STDERR Dumper( $res->[2]->[0] );
 count(1);
 
 # Log out request
diff --git a/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t b/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t
index 18d3b5366..be4bf0d55 100644
--- a/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t
+++ b/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t
@@ -105,7 +105,8 @@ count(1);
 
 ( $host, $url, $query ) =
   expectForm( $res, undef, '/checkuser', 'user', 'url', 'token' );
-ok( $res->[2]->[0] =~ m%<span trspan="checkUserComputeSession">%, 'Found trspan="checkUserComputeSession"' )
+ok( $res->[2]->[0] =~ m%<span trspan="checkUserComputeSession">%,
+    'Found trspan="checkUserComputeSession"' )
   or explain( $res->[2]->[0], 'trspan="checkUserComputeSession"' );
 ok(
     $res->[2]->[0] =~
diff --git a/lemonldap-ng-portal/t/67-CheckUser-with-token.t b/lemonldap-ng-portal/t/67-CheckUser-with-token.t
index caeaf0e05..6d5788841 100644
--- a/lemonldap-ng-portal/t/67-CheckUser-with-token.t
+++ b/lemonldap-ng-portal/t/67-CheckUser-with-token.t
@@ -105,10 +105,9 @@ count(1);
 
 ( $host, $url, $query ) =
   expectForm( $res, undef, '/checkuser', 'user', 'url', 'token' );
-ok(
-    $res->[2]->[0] =~ m%<span trspan="checkUserComputeSession">%,
-    'Found trspan="checkUserComputeSession"'
-) or explain( $res->[2]->[0], 'trspan="checkUserComputeSession"' );
+ok( $res->[2]->[0] =~ m%<span trspan="checkUserComputeSession">%,
+    'Found trspan="checkUserComputeSession"' )
+  or explain( $res->[2]->[0], 'trspan="checkUserComputeSession"' );
 ok(
     $res->[2]->[0] =~
 m%<div class="alert alert-success"><b><span trspan="allowed"></span></b></div>%,
diff --git a/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t b/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t
index ba21b8e9c..b592b49ae 100644
--- a/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t
@@ -39,6 +39,7 @@ SKIP: {
 
     $query =~ s/user=/user=rtyler/;
     $query =~ s/password=/password=rtyler/;
+
     #$query =~ s/spoofId=/spoofId=/;
     ok(
         $res = $client->_post(
diff --git a/lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t b/lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t
index 7056cca88..ab83228b0 100644
--- a/lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t
@@ -329,7 +329,8 @@ ok( scalar keys %attributes == 33, 'Found 33 attributes' )
   or print STDERR ( keys %attributes < 33 )
   ? "Missing attributes -> " . scalar keys %attributes
   : "Too much attributes -> " . scalar keys %attributes;
-ok( $attributes{'_auth'} eq 'Demo', '_auth' ) or print STDERR Dumper( \%attributes );
+ok( $attributes{'_auth'} eq 'Demo', '_auth' )
+  or print STDERR Dumper( \%attributes );
 ok( $attributes{'_httpSession'}, '_httpSession' )
   or print STDERR Dumper( \%attributes );
 ok( $attributes{'uid'}, 'uid' ) or print STDERR Dumper( \%attributes );
diff --git a/lemonldap-ng-portal/t/68-Impersonation-with-filtered-merge.t b/lemonldap-ng-portal/t/68-Impersonation-with-filtered-merge.t
index c0588c2bd..27f184fe9 100644
--- a/lemonldap-ng-portal/t/68-Impersonation-with-filtered-merge.t
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-filtered-merge.t
@@ -61,11 +61,9 @@ ok(
 );
 count(1);
 expectOK($res);
-ok(
-    $res->[2]->[0] =~
-m%<span trspan="connectedAs">Connected as</span> dwho%,
-    'Connected as dwho'
-) or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%<span trspan="connectedAs">Connected as</span> dwho%,
+    'Connected as dwho' )
+  or print STDERR Dumper( $res->[2]->[0] );
 expectAuthenticatedAs( $res, 'dwho' );
 count(1);
 
@@ -103,8 +101,7 @@ count(1);
 
 ( $host, $url, $query ) =
   expectForm( $res, undef, '/checkuser', 'user', 'url' );
-ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%,
-    'Found trspan="checkUser"' )
+ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
   or explain( $res->[2]->[0], 'trspan="checkUser"' );
 ok(
     $res->[2]->[0] =~
@@ -130,11 +127,14 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%, 'Found dwho' )
   or explain( $res->[2]->[0], 'Header Value: dwho' );
 ok( $res->[2]->[0] =~ m%<td class="align-middle">su</td>%, 'Found su' )
   or explain( $res->[2]->[0], 'SSO Groups: su' );
-ok( $res->[2]->[0] =~ m%<td class="align-middle">su_test</td>%, 'Found su_test' )
+ok( $res->[2]->[0] =~ m%<td class="align-middle">su_test</td>%,
+    'Found su_test' )
   or explain( $res->[2]->[0], 'SSO Groups: su_test' );
-ok( $res->[2]->[0] !~ m%<td class="align-middle">_test_</td>%, 'NOT found _test_' )
+ok( $res->[2]->[0] !~ m%<td class="align-middle">_test_</td>%,
+    'NOT found _test_' )
   or explain( $res->[2]->[0], 'SSO Groups: _test_' );
-ok( $res->[2]->[0] !~ m%<td class="align-middle">test_su</td>%, 'NOT found test_su' )
+ok( $res->[2]->[0] !~ m%<td class="align-middle">test_su</td>%,
+    'NOT found test_su' )
   or explain( $res->[2]->[0], 'SSO Groups: test_su' );
 ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
     'Found _whatToTrace' )
diff --git a/lemonldap-ng-portal/t/68-Impersonation-with-merge.t b/lemonldap-ng-portal/t/68-Impersonation-with-merge.t
index 32a3db364..87d015052 100644
--- a/lemonldap-ng-portal/t/68-Impersonation-with-merge.t
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-merge.t
@@ -61,11 +61,9 @@ ok(
 );
 count(1);
 expectOK($res);
-ok(
-    $res->[2]->[0] =~
-m%<span trspan="connectedAs">Connected as</span> dwho%,
-    'Connected as dwho'
-) or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%<span trspan="connectedAs">Connected as</span> dwho%,
+    'Connected as dwho' )
+  or print STDERR Dumper( $res->[2]->[0] );
 expectAuthenticatedAs( $res, 'dwho' );
 count(1);
 
@@ -139,11 +137,14 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%, 'Found dwho' )
   or explain( $res->[2]->[0], 'Header Value: dwho' );
 ok( $res->[2]->[0] =~ m%<td class="align-middle">su</td>%, 'Found su' )
   or explain( $res->[2]->[0], 'SSO Groups: su' );
-ok( $res->[2]->[0] =~ m%<td class="align-middle">su_test</td>%, 'Found su_test' )
+ok( $res->[2]->[0] =~ m%<td class="align-middle">su_test</td>%,
+    'Found su_test' )
   or explain( $res->[2]->[0], 'SSO Groups: su_test' );
-ok( $res->[2]->[0] !~ m%<td class="align-middle">_test_</td>%, 'NOT found _test_' )
+ok( $res->[2]->[0] !~ m%<td class="align-middle">_test_</td>%,
+    'NOT found _test_' )
   or explain( $res->[2]->[0], 'SSO Groups: _test_' );
-ok( $res->[2]->[0] =~ m%<td class="align-middle">test_su</td>%, 'Found test_su' )
+ok( $res->[2]->[0] =~ m%<td class="align-middle">test_su</td>%,
+    'Found test_su' )
   or explain( $res->[2]->[0], 'SSO Groups: test_su' );
 ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
     'Found _whatToTrace' )
diff --git a/lemonldap-ng-portal/t/68-Impersonation.t b/lemonldap-ng-portal/t/68-Impersonation.t
index 0625264a7..e5d78a671 100644
--- a/lemonldap-ng-portal/t/68-Impersonation.t
+++ b/lemonldap-ng-portal/t/68-Impersonation.t
@@ -325,8 +325,9 @@ count(16);
 my %attributes = map /<td class="text-left">(.+)?<\/td>/g, $res->[2]->[0];
 ok( keys %attributes == 31, 'Found 31 attributes' )
   or print STDERR "Missing attributes -> " . scalar %attributes;
-ok( $attributes{'_auth'} eq 'Demo', '_auth' ) or print STDERR Dumper( \%attributes );
-ok( $attributes{'uid'},  'uid' )   or print STDERR Dumper( \%attributes );
+ok( $attributes{'_auth'} eq 'Demo', '_auth' )
+  or print STDERR Dumper( \%attributes );
+ok( $attributes{'uid'}, 'uid' ) or print STDERR Dumper( \%attributes );
 ok( $attributes{'testPrefix__auth'}, 'testPrefix__auth' )
   or print STDERR Dumper( \%attributes );
 ok( $attributes{'testPrefix_uid'} eq 'rtyler', 'testPrefix_uid' )
diff --git a/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL-and-msg.t b/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL-and-msg.t
new file mode 100644
index 000000000..f25683934
--- /dev/null
+++ b/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL-and-msg.t
@@ -0,0 +1,154 @@
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+my $maintests = 20;
+
+SKIP: {
+    eval { require Convert::Base32 };
+    if ($@) {
+        skip 'Convert::Base32 is missing', $maintests;
+    }
+    require Lemonldap::NG::Common::TOTP;
+
+    my $client = LLNG::Manager::Test->new( {
+            ini => {
+                logLevel               => 'error',
+                totp2fSelfRegistration => 1,
+                totp2fActivation       => 1,
+                totp2fTTL              => 2,
+                sfRemovedMsg           => '$uid eq "dwho"',
+                portalMainLogo         => 'common/logos/logo_llng_old.png',
+            }
+        }
+    );
+    my $res;
+
+    # Try to authenticate
+    # -------------------
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23
+        ),
+        'Auth query'
+    );
+    my $id = expectCookie($res);
+
+    # TOTP form
+    ok(
+        $res = $client->_get(
+            '/2fregisters',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    expectRedirection( $res, qr#/2fregisters/totp$# );
+    ok(
+        $res = $client->_get(
+            '/2fregisters/totp',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /totpregistration\.(?:min\.)?js/, 'Found TOTP js' );
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # JS query
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/getkey', IO::String->new(''),
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get new key'
+    );
+    eval { $res = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), 'Content is JSON' )
+      or explain( $res->[2]->[0], 'JSON content' );
+    my ( $key, $token );
+    ok( $key   = $res->{secret}, 'Found secret' );
+    ok( $token = $res->{token},  'Found token' );
+    $key = Convert::Base32::decode_base32($key);
+
+    # Post code
+    my $code;
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
+        'Code' );
+    ok( $code =~ /^\d{6}$/, 'Code contains 6 digits' );
+    my $s = "code=$code&token=$token&TOTPName=myTOTP";
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/verify',
+            IO::String->new($s),
+            length => length($s),
+            cookie => "lemonldap=$id",
+        ),
+        'Post code'
+    );
+    eval { $res = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), 'Content is JSON' )
+      or explain( $res->[2]->[0], 'JSON content' );
+    ok( $res->{result} == 1, 'Key is registered' );
+
+    # Try to sign-in
+    $client->logout($id);
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/totp2fcheck', 'token' );
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
+        'Code' );
+    $query =~ s/code=/code=$code/;
+    ok(
+        $res = $client->_post(
+            '/totp2fcheck', IO::String->new($query),
+            length => length($query),
+        ),
+        'Post code'
+    );
+    $id = expectCookie($res);
+    $client->logout($id);
+
+    diag 'Waiting';
+    sleep 3;
+
+    # Try to sign-in
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    expectOK($res);
+    ok(
+        $res->[2]->[0] =~
+          qr%<h3 trspan="oneExpired2Fremoved">oneExpired2Fremoved</h3>%,
+        'Found expired 2F message'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+    my $c = getCookies($res);
+    ok( not(%$c), 'No cookie' );
+}
+count($maintests);
+
+clean_sessions();
+
+done_testing( count() );
+
diff --git a/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t b/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t
index 6b689e69a..2a745040a 100644
--- a/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t
+++ b/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t
@@ -3,7 +3,7 @@ use strict;
 use IO::String;
 
 require 't/test-lib.pm';
-my $maintests = 17;
+my $maintests = 18;
 
 SKIP: {
     eval { require Convert::Base32 };
@@ -59,7 +59,6 @@ SKIP: {
         $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
         'Found custom Main Logo'
     ) or print STDERR Dumper( $res->[2]->[0] );
-    count(1);
 
     # JS query
     ok(
@@ -139,6 +138,7 @@ SKIP: {
     );
     $id = expectCookie($res);
     expectRedirection( $res, 'http://auth.example.com/' );
+    $client->logout($id);
 }
 count($maintests);
 
diff --git a/lemonldap-ng-portal/t/71-2F-U2F-with-TTL-and-msg.t b/lemonldap-ng-portal/t/71-2F-U2F-with-TTL-and-msg.t
new file mode 100644
index 000000000..e3e801b24
--- /dev/null
+++ b/lemonldap-ng-portal/t/71-2F-U2F-with-TTL-and-msg.t
@@ -0,0 +1,233 @@
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+my $maintests = 21;
+
+SKIP: {
+    eval { require Crypt::U2F::Server; require Authen::U2F::Tester };
+    if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) {
+        skip 'Missing libraries', $maintests;
+    }
+    use_ok('Lemonldap::NG::Common::FormEncode');
+
+    my $client = LLNG::Manager::Test->new( {
+            ini => {
+                logLevel            => 'error',
+                u2fSelfRegistration => 1,
+                u2fActivation       => 1,
+                portalMainLogo      => 'common/logos/logo_llng_old.png',
+                totp2fTTL           => 2,
+                u2fTTL              => 2,
+                sfRemovedMsg        => 1,
+            }
+        }
+    );
+    my $res;
+
+    # Try to authenticate
+    # -------------------
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23
+        ),
+        'Auth query'
+    );
+    my $id = expectCookie($res);
+
+    # U2F form
+    ok(
+        $res = $client->_get(
+            '/2fregisters',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    expectRedirection( $res, qr#/2fregisters/u$# );
+
+    ok(
+        $res = $client->_get(
+            '/2fregisters/u',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /u2fregistration\.(?:min\.)?js/, 'Found U2F js' );
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # Ajax registration request
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/register', IO::String->new(''),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get registration challenge'
+    );
+    expectOK($res);
+    my $data;
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( ( $data->{challenge} and $data->{appId} ), ' Get challenge and appId' )
+      or explain( $data, 'challenge and appId' );
+
+    # Build U2F tester
+    my $tester = Authen::U2F::Tester->new(
+        certificate => Crypt::OpenSSL::X509->new_from_string(
+            '-----BEGIN CERTIFICATE-----
+MIIB6DCCAY6gAwIBAgIJAJKuutkN2sAfMAoGCCqGSM49BAMCME8xCzAJBgNVBAYT
+AlVTMQ4wDAYDVQQIDAVUZXhhczEaMBgGA1UECgwRVW50cnVzdGVkIFUyRiBPcmcx
+FDASBgNVBAMMC3ZpcnR1YWwtdTJmMB4XDTE4MDMyODIwMTc1OVoXDTI3MTIyNjIw
+MTc1OVowTzELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRowGAYDVQQKDBFV
+bnRydXN0ZWQgVTJGIE9yZzEUMBIGA1UEAwwLdmlydHVhbC11MmYwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQTij+9mI1FJdvKNHLeSQcOW4ob3prvIXuEGJMrQeJF
+6OYcgwxrVqsmNMl5w45L7zx8ryovVOti/mtqkh2pQjtpo1MwUTAdBgNVHQ4EFgQU
+QXKKf+rrZwA4WXDCU/Vebe4gYXEwHwYDVR0jBBgwFoAUQXKKf+rrZwA4WXDCU/Ve
+be4gYXEwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAiCdOEmw5
+hknzHR1FoyFZKRrcJu17a1PGcqTFMJHTC70CIHeCZ8KVuuMIPjoofQd1l1E221rv
+RJY1Oz1fUNbrIPsL
+-----END CERTIFICATE-----', Crypt::OpenSSL::X509::FORMAT_PEM()
+        ),
+        key => Crypt::PK::ECC->new(
+            \'-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOdbZw1swQIL+RZoDQ9zwjWY5UjA1NO81WWjwbmznUbgoAoGCCqGSM49
+AwEHoUQDQgAEE4o/vZiNRSXbyjRy3kkHDluKG96a7yF7hBiTK0HiRejmHIMMa1ar
+JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
+-----END EC PRIVATE KEY-----'
+        ),
+    );
+    my $r = $tester->register( $data->{appId}, $data->{challenge} );
+    ok( $r->is_success, ' Good challenge value' )
+      or diag( $r->error_message );
+
+    my $registrationData = JSON::to_json( {
+            clientData       => $r->client_data,
+            errorCode        => 0,
+            registrationData => $r->registration_data,
+            version          => "U2F_V2"
+        }
+    );
+    my ( $host, $url, $query );
+    $query = Lemonldap::NG::Common::FormEncode::build_urlencoded(
+        registration => $registrationData,
+        challenge    => $res->[2]->[0],
+    );
+
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/registration', IO::String->new($query),
+            length => length($query),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+        ),
+        'Push registration data'
+    );
+    expectOK($res);
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( $data->{result} == 1, 'Key is registered' )
+      or explain( $data, '"result":1' );
+
+    # Try to sign-in
+    $client->logout($id);
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    ( $host, $url, $query ) = expectForm( $res, undef, '/u2fcheck', 'token' );
+
+    # Get challenge
+    ok( $res->[2]->[0] =~ /^.*"keyHandle".*$/m, ' get keyHandle' );
+    $data = $&;
+    eval { $data = JSON::from_json($data) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $data ], 'JSON content' );
+
+    # Build U2F signature
+    $r =
+      $tester->sign( $data->{appId}, $data->{challenge},
+        $data->{registeredKeys}->[0]->{keyHandle} );
+    ok( $r->is_success, ' Good challenge value' )
+      or diag( $r->error_message );
+    my $sign = JSON::to_json( {
+            errorCode     => 0,
+            signatureData => $r->signature_data,
+            clientData    => $r->client_data,
+            keyHandle     => $data->{registeredKeys}->[0]->{keyHandle},
+        }
+    );
+    $sign =
+      Lemonldap::NG::Common::FormEncode::build_urlencoded( signature => $sign );
+    $query =~ s/signature=/$sign/e;
+    $query =~ s/challenge=/challenge=$data->{challenge}/;
+
+    # POST result
+    ok(
+        $res = $client->_post(
+            '/u2fcheck',
+            IO::String->new($query),
+            length => length($query),
+        ),
+        'Push U2F signature'
+    );
+
+    # See https://github.com/mschout/perl-authen-u2f-tester/issues/2
+    if ( $Authen::U2F::Tester::VERSION >= 0.03 ) {
+        $id = expectCookie($res);
+        $client->logout($id);
+    }
+    else {
+        count(1);
+        pass(
+'Authen::2F::Tester-0.02 signatures are not recognized by Yubico library'
+        );
+    }
+
+    diag 'Waiting';
+    sleep 3;
+
+    # Try to sign-in
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+
+    expectOK($res);
+    ok(
+        $res->[2]->[0] =~
+          qr%<h3 trspan="oneExpired2Fremoved">oneExpired2Fremoved</h3>%,
+        'Found expired 2F message'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+    my $c = getCookies($res);
+    ok( not(%$c), 'No cookie' );
+
+    # $id = expectCookie($res);
+    # expectRedirection( $res, 'http://auth.example.com/' );
+    # $client->logout($id);
+}
+count($maintests);
+
+clean_sessions();
+
+done_testing( count() );
diff --git a/lemonldap-ng-portal/t/71-2F-U2F-with-TTL.t b/lemonldap-ng-portal/t/71-2F-U2F-with-TTL.t
new file mode 100644
index 000000000..304d7158e
--- /dev/null
+++ b/lemonldap-ng-portal/t/71-2F-U2F-with-TTL.t
@@ -0,0 +1,222 @@
+use Test::More;
+use strict;
+use IO::String;
+
+require 't/test-lib.pm';
+my $maintests = 19;
+
+SKIP: {
+    eval { require Crypt::U2F::Server; require Authen::U2F::Tester };
+    if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) {
+        skip 'Missing libraries', $maintests;
+    }
+    use_ok('Lemonldap::NG::Common::FormEncode');
+
+    my $client = LLNG::Manager::Test->new( {
+            ini => {
+                logLevel            => 'error',
+                u2fSelfRegistration => 1,
+                u2fActivation       => 1,
+                portalMainLogo      => 'common/logos/logo_llng_old.png',
+                totp2fTTL           => 2,
+                u2fTTL              => 2,
+            }
+        }
+    );
+    my $res;
+
+    # Try to authenticate
+    # -------------------
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23
+        ),
+        'Auth query'
+    );
+    my $id = expectCookie($res);
+
+    # U2F form
+    ok(
+        $res = $client->_get(
+            '/2fregisters',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    expectRedirection( $res, qr#/2fregisters/u$# );
+
+    ok(
+        $res = $client->_get(
+            '/2fregisters/u',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /u2fregistration\.(?:min\.)?js/, 'Found U2F js' );
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # Ajax registration request
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/register', IO::String->new(''),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get registration challenge'
+    );
+    expectOK($res);
+    my $data;
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( ( $data->{challenge} and $data->{appId} ), ' Get challenge and appId' )
+      or explain( $data, 'challenge and appId' );
+
+    # Build U2F tester
+    my $tester = Authen::U2F::Tester->new(
+        certificate => Crypt::OpenSSL::X509->new_from_string(
+            '-----BEGIN CERTIFICATE-----
+MIIB6DCCAY6gAwIBAgIJAJKuutkN2sAfMAoGCCqGSM49BAMCME8xCzAJBgNVBAYT
+AlVTMQ4wDAYDVQQIDAVUZXhhczEaMBgGA1UECgwRVW50cnVzdGVkIFUyRiBPcmcx
+FDASBgNVBAMMC3ZpcnR1YWwtdTJmMB4XDTE4MDMyODIwMTc1OVoXDTI3MTIyNjIw
+MTc1OVowTzELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRowGAYDVQQKDBFV
+bnRydXN0ZWQgVTJGIE9yZzEUMBIGA1UEAwwLdmlydHVhbC11MmYwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQTij+9mI1FJdvKNHLeSQcOW4ob3prvIXuEGJMrQeJF
+6OYcgwxrVqsmNMl5w45L7zx8ryovVOti/mtqkh2pQjtpo1MwUTAdBgNVHQ4EFgQU
+QXKKf+rrZwA4WXDCU/Vebe4gYXEwHwYDVR0jBBgwFoAUQXKKf+rrZwA4WXDCU/Ve
+be4gYXEwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAiCdOEmw5
+hknzHR1FoyFZKRrcJu17a1PGcqTFMJHTC70CIHeCZ8KVuuMIPjoofQd1l1E221rv
+RJY1Oz1fUNbrIPsL
+-----END CERTIFICATE-----', Crypt::OpenSSL::X509::FORMAT_PEM()
+        ),
+        key => Crypt::PK::ECC->new(
+            \'-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOdbZw1swQIL+RZoDQ9zwjWY5UjA1NO81WWjwbmznUbgoAoGCCqGSM49
+AwEHoUQDQgAEE4o/vZiNRSXbyjRy3kkHDluKG96a7yF7hBiTK0HiRejmHIMMa1ar
+JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
+-----END EC PRIVATE KEY-----'
+        ),
+    );
+    my $r = $tester->register( $data->{appId}, $data->{challenge} );
+    ok( $r->is_success, ' Good challenge value' )
+      or diag( $r->error_message );
+
+    my $registrationData = JSON::to_json( {
+            clientData       => $r->client_data,
+            errorCode        => 0,
+            registrationData => $r->registration_data,
+            version          => "U2F_V2"
+        }
+    );
+    my ( $host, $url, $query );
+    $query = Lemonldap::NG::Common::FormEncode::build_urlencoded(
+        registration => $registrationData,
+        challenge    => $res->[2]->[0],
+    );
+
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/registration', IO::String->new($query),
+            length => length($query),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+        ),
+        'Push registration data'
+    );
+    expectOK($res);
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( $data->{result} == 1, 'Key is registered' )
+      or explain( $data, '"result":1' );
+
+    # Try to sign-in
+    $client->logout($id);
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    ( $host, $url, $query ) = expectForm( $res, undef, '/u2fcheck', 'token' );
+
+    # Get challenge
+    ok( $res->[2]->[0] =~ /^.*"keyHandle".*$/m, ' get keyHandle' );
+    $data = $&;
+    eval { $data = JSON::from_json($data) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $data ], 'JSON content' );
+
+    # Build U2F signature
+    $r =
+      $tester->sign( $data->{appId}, $data->{challenge},
+        $data->{registeredKeys}->[0]->{keyHandle} );
+    ok( $r->is_success, ' Good challenge value' )
+      or diag( $r->error_message );
+    my $sign = JSON::to_json( {
+            errorCode     => 0,
+            signatureData => $r->signature_data,
+            clientData    => $r->client_data,
+            keyHandle     => $data->{registeredKeys}->[0]->{keyHandle},
+        }
+    );
+    $sign =
+      Lemonldap::NG::Common::FormEncode::build_urlencoded( signature => $sign );
+    $query =~ s/signature=/$sign/e;
+    $query =~ s/challenge=/challenge=$data->{challenge}/;
+
+    # POST result
+    ok(
+        $res = $client->_post(
+            '/u2fcheck',
+            IO::String->new($query),
+            length => length($query),
+        ),
+        'Push U2F signature'
+    );
+
+    # See https://github.com/mschout/perl-authen-u2f-tester/issues/2
+    if ( $Authen::U2F::Tester::VERSION >= 0.03 ) {
+        $id = expectCookie($res);
+        $client->logout($id);
+    }
+    else {
+        count(1);
+        pass(
+'Authen::2F::Tester-0.02 signatures are not recognized by Yubico library'
+        );
+    }
+
+    diag 'Waiting';
+    sleep 3;
+
+    # Try to sign-in
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    $id = expectCookie($res);
+    expectRedirection( $res, 'http://auth.example.com/' );
+    $client->logout($id);
+}
+count($maintests);
+
+clean_sessions();
+
+done_testing( count() );
diff --git a/lemonldap-ng-portal/t/71-2F-U2F.t b/lemonldap-ng-portal/t/71-2F-U2F.t
index 4ec55fd6a..6521b3973 100644
--- a/lemonldap-ng-portal/t/71-2F-U2F.t
+++ b/lemonldap-ng-portal/t/71-2F-U2F.t
@@ -187,7 +187,8 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
 
     # See https://github.com/mschout/perl-authen-u2f-tester/issues/2
     if ( $Authen::U2F::Tester::VERSION >= 0.03 ) {
-        expectCookie($res);
+        $id = expectCookie($res);
+        $client->logout($id);
     }
     else {
         count(1);