Increase lock time after each failed login attempt (#2088)
This commit is contained in:
parent
4ae628bfcd
commit
e89c017ff6
|
@ -22,6 +22,7 @@ sub defaultValues {
|
||||||
'bruteForceProtectionLockTimes' => '5 15 60 300 600',
|
'bruteForceProtectionLockTimes' => '5 15 60 300 600',
|
||||||
'bruteForceProtectionMaxAge' => 300,
|
'bruteForceProtectionMaxAge' => 300,
|
||||||
'bruteForceProtectionMaxFailed' => 3,
|
'bruteForceProtectionMaxFailed' => 3,
|
||||||
|
'bruteForceProtectionMaxLockTime' => 900,
|
||||||
'bruteForceProtectionTempo' => 30,
|
'bruteForceProtectionTempo' => 30,
|
||||||
'captcha_mail_enabled' => 1,
|
'captcha_mail_enabled' => 1,
|
||||||
'captcha_register_enabled' => 1,
|
'captcha_register_enabled' => 1,
|
||||||
|
|
|
@ -637,6 +637,10 @@ sub attributes {
|
||||||
'default' => 3,
|
'default' => 3,
|
||||||
'type' => 'int'
|
'type' => 'int'
|
||||||
},
|
},
|
||||||
|
'bruteForceProtectionMaxLockTime' => {
|
||||||
|
'default' => 900,
|
||||||
|
'type' => 'int'
|
||||||
|
},
|
||||||
'bruteForceProtectionTempo' => {
|
'bruteForceProtectionTempo' => {
|
||||||
'default' => 30,
|
'default' => 30,
|
||||||
'type' => 'int'
|
'type' => 'int'
|
||||||
|
|
|
@ -272,8 +272,6 @@ sub display {
|
||||||
and $req->{error} != PE_FIRSTACCESS
|
and $req->{error} != PE_FIRSTACCESS
|
||||||
and $req->{error} != PE_BADCREDENTIALS
|
and $req->{error} != PE_BADCREDENTIALS
|
||||||
and $req->{error} != PE_PP_PASSWORD_EXPIRED )
|
and $req->{error} != PE_PP_PASSWORD_EXPIRED )
|
||||||
|
|
||||||
# and ( $req->{error} == PE_TOKENEXPIRED or $req->{error} == PE_NOTOKEN )
|
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
$skinfile = 'error';
|
$skinfile = 'error';
|
||||||
|
@ -282,6 +280,7 @@ sub display {
|
||||||
LANGS => $self->conf->{showLanguages},
|
LANGS => $self->conf->{showLanguages},
|
||||||
AUTH_ERROR => $req->error,
|
AUTH_ERROR => $req->error,
|
||||||
AUTH_ERROR_TYPE => $req->error_type,
|
AUTH_ERROR_TYPE => $req->error_type,
|
||||||
|
LOCKTIME => $req->lockTime(),
|
||||||
(
|
(
|
||||||
$req->data->{customScript}
|
$req->data->{customScript}
|
||||||
? ( CUSTOM_SCRIPT => $req->data->{customScript} )
|
? ( CUSTOM_SCRIPT => $req->data->{customScript} )
|
||||||
|
@ -382,6 +381,7 @@ sub display {
|
||||||
|
|
||||||
# Disable all forms on:
|
# Disable all forms on:
|
||||||
# * Logout message
|
# * Logout message
|
||||||
|
# * Account lock
|
||||||
# * Bad URL error
|
# * Bad URL error
|
||||||
elsif ($req->{error} == PE_LOGOUT_OK
|
elsif ($req->{error} == PE_LOGOUT_OK
|
||||||
or $req->{error} == PE_WAIT
|
or $req->{error} == PE_WAIT
|
||||||
|
|
|
@ -69,6 +69,9 @@ has frame => ( is => 'rw' );
|
||||||
# Refresh flag to avoid double cookies sessions to be renewed
|
# Refresh flag to avoid double cookies sessions to be renewed
|
||||||
has refresh => ( is => 'rw' );
|
has refresh => ( is => 'rw' );
|
||||||
|
|
||||||
|
# Scalar to display lock time
|
||||||
|
has lockTime => ( is => 'rw' );
|
||||||
|
|
||||||
# Security
|
# Security
|
||||||
#
|
#
|
||||||
# Captcha
|
# Captcha
|
||||||
|
|
|
@ -17,7 +17,11 @@ use constant beforeAuth => 'check';
|
||||||
|
|
||||||
# INITIALIZATION
|
# INITIALIZATION
|
||||||
|
|
||||||
has rules => ( is => 'rw', default => sub { [] } );
|
has rules => (
|
||||||
|
is => 'rw',
|
||||||
|
isa => 'ArrayRef',
|
||||||
|
default => sub { [] }
|
||||||
|
);
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
|
|
|
@ -12,6 +12,17 @@ extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||||
|
|
||||||
use constant afterData => 'run';
|
use constant afterData => 'run';
|
||||||
|
|
||||||
|
has lockTimes => (
|
||||||
|
is => 'rw',
|
||||||
|
isa => 'ArrayRef',
|
||||||
|
default => sub { [] }
|
||||||
|
);
|
||||||
|
|
||||||
|
has maxAge => (
|
||||||
|
is => 'rw',
|
||||||
|
isa => 'Int'
|
||||||
|
);
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
if ( $self->conf->{disablePersistentStorage} ) {
|
if ( $self->conf->{disablePersistentStorage} ) {
|
||||||
|
@ -35,6 +46,28 @@ sub init {
|
||||||
. ')' );
|
. ')' );
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
if ( $self->conf->{bruteForceProtectionIncrementalTempo} ) {
|
||||||
|
my $lockTimes = @{ $self->lockTimes } =
|
||||||
|
sort { $a <=> $b }
|
||||||
|
map { $_ < $self->conf->{bruteForceProtectionMaxLockTime} ? $_ : () }
|
||||||
|
grep { /\d+/ }
|
||||||
|
split /\s+/, $self->conf->{bruteForceProtectionLockTimes};
|
||||||
|
|
||||||
|
@{ $self->lockTimes } = ( 5, 15, 60, 300, 600 )
|
||||||
|
unless $lockTimes;
|
||||||
|
$self->logger->warn( 'Number of incremental lock time values ('
|
||||||
|
. "$lockTimes) is higher than failed logins history ("
|
||||||
|
. $self->conf->{failedLoginNumber}
|
||||||
|
. ')' )
|
||||||
|
if ( $lockTimes > $self->conf->{failedLoginNumber} );
|
||||||
|
|
||||||
|
my $sum = 0;
|
||||||
|
$sum += $_ foreach @{ $self->lockTimes };
|
||||||
|
$self->maxAge($sum);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$self->maxAge( $self->conf->{bruteForceProtectionMaxAge} );
|
||||||
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -42,38 +75,26 @@ sub init {
|
||||||
sub run {
|
sub run {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
my $now = time;
|
my $now = time;
|
||||||
my @failedLogins = grep {
|
my $countFailed = my @failedLogins =
|
||||||
( $now - $_->{_utime} ) < $self->conf->{bruteForceProtectionMaxAge}
|
map { ( $now - $_->{_utime} ) < $self->maxAge ? $_ : () }
|
||||||
? $_
|
@{ $req->sessionInfo->{_loginHistory}->{failedLogin} };
|
||||||
: ()
|
$self->logger->debug( ' Failed login maxAge = ' . $self->maxAge );
|
||||||
} @{ $req->sessionInfo->{_loginHistory}->{failedLogin} };
|
|
||||||
my $countFailed = @failedLogins;
|
|
||||||
$self->logger->debug(
|
|
||||||
" Failed login maxAge = $self->{conf}->{bruteForceProtectionMaxAge}");
|
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
" Number of failed login(s) to take into account = $countFailed");
|
" Number of failed login(s) to take into account = $countFailed");
|
||||||
|
|
||||||
if ( $self->conf->{bruteForceProtectionIncrementalTempo} ) {
|
if ( $self->conf->{bruteForceProtectionIncrementalTempo} ) {
|
||||||
my @incrementalTempo = split /\s+/,
|
|
||||||
$self->conf->{bruteForceProtectionLockTimes}
|
|
||||||
|| ( 5, 15, 60, 300, 600 );
|
|
||||||
$self->logger->warn( 'Number of incremental lock time values ('
|
|
||||||
. scalar @incrementalTempo
|
|
||||||
. ') is higher than failed logins history ('
|
|
||||||
. $self->conf->{failedLoginNumber}
|
|
||||||
. ')' )
|
|
||||||
if ( scalar @incrementalTempo > $self->conf->{failedLoginNumber} );
|
|
||||||
my $lastFailedLoginEpoch = $failedLogins[0]->{_utime} || undef;
|
my $lastFailedLoginEpoch = $failedLogins[0]->{_utime} || undef;
|
||||||
|
|
||||||
return PE_OK unless $lastFailedLoginEpoch;
|
return PE_OK unless $lastFailedLoginEpoch;
|
||||||
|
|
||||||
my $delta = $now - $lastFailedLoginEpoch;
|
my $delta = $now - $lastFailedLoginEpoch;
|
||||||
$self->logger->debug(" -> Delta = $delta");
|
$self->logger->debug(" -> Delta = $delta");
|
||||||
my $waitingTime = $incrementalTempo[ $countFailed - 1 ]
|
my $waitingTime = $self->lockTimes->[ $countFailed - 1 ]
|
||||||
|| $self->conf->{bruteForceProtectionMaxLockTime};
|
|| $self->conf->{bruteForceProtectionMaxLockTime};
|
||||||
$self->logger->debug(" -> Waiting time = $waitingTime");
|
$self->logger->debug(" -> Waiting time = $waitingTime");
|
||||||
unless ( $delta > $waitingTime ) {
|
unless ( $delta > $waitingTime ) {
|
||||||
$self->logger->debug("BruteForceProtection enabled");
|
$self->logger->debug("BruteForceProtection enabled");
|
||||||
|
$req->lockTime($waitingTime);
|
||||||
return PE_WAIT;
|
return PE_WAIT;
|
||||||
}
|
}
|
||||||
return PE_OK;
|
return PE_OK;
|
||||||
|
@ -83,7 +104,7 @@ sub run {
|
||||||
if ( $countFailed <= $self->conf->{bruteForceProtectionMaxFailed} );
|
if ( $countFailed <= $self->conf->{bruteForceProtectionMaxFailed} );
|
||||||
|
|
||||||
my @lastFailedLoginEpoch = ();
|
my @lastFailedLoginEpoch = ();
|
||||||
my $MaxAge = $self->conf->{bruteForceProtectionMaxAge} + 1;
|
my $MaxAge = $self->maxAge + 1;
|
||||||
|
|
||||||
# Auth_N-2 failed login epoch
|
# Auth_N-2 failed login epoch
|
||||||
foreach ( 0 .. $self->conf->{bruteForceProtectionMaxFailed} - 1 ) {
|
foreach ( 0 .. $self->conf->{bruteForceProtectionMaxFailed} - 1 ) {
|
||||||
|
@ -100,7 +121,7 @@ sub run {
|
||||||
$self->logger->debug(" -> MaxAge = $MaxAge");
|
$self->logger->debug(" -> MaxAge = $MaxAge");
|
||||||
|
|
||||||
return PE_OK
|
return PE_OK
|
||||||
if ( $MaxAge > $self->conf->{bruteForceProtectionMaxAge} );
|
if ( $MaxAge > $self->maxAge );
|
||||||
|
|
||||||
# Delta between the two last failed logins -> Auth_N - Auth_N-1
|
# Delta between the two last failed logins -> Auth_N - Auth_N-1
|
||||||
my $delta =
|
my $delta =
|
||||||
|
@ -113,6 +134,7 @@ sub run {
|
||||||
|
|
||||||
# Account locked
|
# Account locked
|
||||||
$self->logger->debug("BruteForceProtection enabled");
|
$self->logger->debug("BruteForceProtection enabled");
|
||||||
|
$req->lockTime( $self->conf->{bruteForceProtectionTempo} );
|
||||||
return PE_WAIT;
|
return PE_WAIT;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"فشل التحقق من U2F. أعد محاولة الاتصال بالمشرف أو اتصل به",
|
"PE83":"فشل التحقق من U2F. أعد محاولة الاتصال بالمشرف أو اتصل به",
|
||||||
"PE84":"أنت غير مخول بالدخول إلى هذا الخادم",
|
"PE84":"أنت غير مخول بالدخول إلى هذا الخادم",
|
||||||
"PE85":" الموقع البعيد يطلب جلسة جديدة (ولم يتم تحميل برنامج ترقية الجلسة).\nسجل الخروج و أعد المحاولة",
|
"PE85":" الموقع البعيد يطلب جلسة جديدة (ولم يتم تحميل برنامج ترقية الجلسة).\nسجل الخروج و أعد المحاولة",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Access not granted on SAML service",
|
"PE89":"Access not granted on SAML service",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":" إعادة تحميل الحقوق تحتاج إلى تسجيل الخروج وتسجيل الدخول مرة أخرى",
|
"rightsReloadNeedsLogout":" إعادة تحميل الحقوق تحتاج إلى تسجيل الخروج وتسجيل الدخول مرة أخرى",
|
||||||
"scope":"نطاق",
|
"scope":"نطاق",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"اختر موفر الهوية الخاص بك",
|
"selectIdP":"اختر موفر الهوية الخاص بك",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F-Überprüfung fehlgeschlagen. Versuchen Sie es erneut oder wenden Sie sich an Ihren Administrator",
|
"PE83":"U2F-Überprüfung fehlgeschlagen. Versuchen Sie es erneut oder wenden Sie sich an Ihren Administrator",
|
||||||
"PE84":"Sie sind nicht berechtigt, auf diesen Host zuzugreifen",
|
"PE84":"Sie sind nicht berechtigt, auf diesen Host zuzugreifen",
|
||||||
"PE85":"Die Gegenseite fragt nach einer neueren Sitzung (und das UpgradeSession-Plugin wurde nicht geladen). Abmelden und erneut versuchen",
|
"PE85":"Die Gegenseite fragt nach einer neueren Sitzung (und das UpgradeSession-Plugin wurde nicht geladen). Abmelden und erneut versuchen",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Zugang zum SAML-Service nicht genehmigt",
|
"PE89":"Zugang zum SAML-Service nicht genehmigt",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Zum Neuladen der Rechte musst du dich ab- und wieder anmelden",
|
"rightsReloadNeedsLogout":"Zum Neuladen der Rechte musst du dich ab- und wieder anmelden",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Wähle deinen Identitätsanbieter aus",
|
"selectIdP":"Wähle deinen Identitätsanbieter aus",
|
||||||
"service":"Dienst",
|
"service":"Dienst",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F verification failed. Retry or contact your administrator",
|
"PE83":"U2F verification failed. Retry or contact your administrator",
|
||||||
"PE84":"You're not authorized to access to this host",
|
"PE84":"You're not authorized to access to this host",
|
||||||
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Access not granted on SAML service",
|
"PE89":"Access not granted on SAML service",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout": "Rights reloads need to logout and login again",
|
"rightsReloadNeedsLogout": "Rights reloads need to logout and login again",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Select your Identity Provider",
|
"selectIdP":"Select your Identity Provider",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"La verificación U2F ha fallado. Reintente o póngase en contacto con su administrador",
|
"PE83":"La verificación U2F ha fallado. Reintente o póngase en contacto con su administrador",
|
||||||
"PE84":"Usted no está autorizado a acceder a este servidor",
|
"PE84":"Usted no está autorizado a acceder a este servidor",
|
||||||
"PE85":"El sitio remoto pide una nueva sesión (y el plugin UpgradeSession no está cargado). Desconéctese y reintente",
|
"PE85":"El sitio remoto pide una nueva sesión (y el plugin UpgradeSession no está cargado). Desconéctese y reintente",
|
||||||
"PE86":"Su cuenta está bloqueada. Espere 30s antes de autenticarse de nuevo",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"Debe autenticarse de nuevo para acceder al Portal",
|
"PE87":"Debe autenticarse de nuevo para acceder al Portal",
|
||||||
"PE88":"Su cuenta debe contar con una dirección de e-mail para poder utilizar la autenticación de dos factores",
|
"PE88":"Su cuenta debe contar con una dirección de e-mail para poder utilizar la autenticación de dos factores",
|
||||||
"PE89":"Acceso no autorizado al servicio SAML",
|
"PE89":"Acceso no autorizado al servicio SAML",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"La recarga de derechos necesita desconectarse y conectarse de nuevo",
|
"rightsReloadNeedsLogout":"La recarga de derechos necesita desconectarse y conectarse de nuevo",
|
||||||
"scope":"Alcance",
|
"scope":"Alcance",
|
||||||
"search":"Buscar",
|
"search":"Buscar",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Seleccione su proveedor de identidad",
|
"selectIdP":"Seleccione su proveedor de identidad",
|
||||||
"service":"Servicio",
|
"service":"Servicio",
|
||||||
"sendPwd":"Enviarme un enlace",
|
"sendPwd":"Enviarme un enlace",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F verification failed. Retry or contact your administrator",
|
"PE83":"U2F verification failed. Retry or contact your administrator",
|
||||||
"PE84":"You're not authorized to access to this host",
|
"PE84":"You're not authorized to access to this host",
|
||||||
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Access not granted on SAML service",
|
"PE89":"Access not granted on SAML service",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Select your Identity Provider",
|
"selectIdP":"Select your Identity Provider",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"La vérification U2F a échoué. Réessayez ou contactez votre administrateur",
|
"PE83":"La vérification U2F a échoué. Réessayez ou contactez votre administrateur",
|
||||||
"PE84":"Vous n'êtes pas autorisé à accéder à ce site",
|
"PE84":"Vous n'êtes pas autorisé à accéder à ce site",
|
||||||
"PE85":"Le site souhaite une authentification plus récente (et le plugin UpgradeSession n'est pas chargé). Déconnectez-vous et réessayez",
|
"PE85":"Le site souhaite une authentification plus récente (et le plugin UpgradeSession n'est pas chargé). Déconnectez-vous et réessayez",
|
||||||
"PE86":"Votre compte est verrouillé. Vous devez attendre 30s avant de vous ré-authentifier.",
|
"PE86":"Votre compte est verrouillé. Avant de pouvoir vous ré-authentifier, vous devez patienter",
|
||||||
"PE87":"Vous devez vous ré-authentifier pour pouvoir accéder au Portail",
|
"PE87":"Vous devez vous ré-authentifier pour pouvoir accéder au Portail",
|
||||||
"PE88":"Une adresse email doit être renseignée pour pouvoir utiliser l'authentification à double facteurs.",
|
"PE88":"Une adresse email doit être renseignée pour pouvoir utiliser l'authentification à double facteurs.",
|
||||||
"PE89":"Accès non autorisé au service SAML",
|
"PE89":"Accès non autorisé au service SAML",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout": "Le rechargement des droits nécessite une déconnexion",
|
"rightsReloadNeedsLogout": "Le rechargement des droits nécessite une déconnexion",
|
||||||
"scope": "Informations",
|
"scope": "Informations",
|
||||||
"search":"Chercher",
|
"search":"Chercher",
|
||||||
|
"seconds":"secondes",
|
||||||
"selectIdP":"Choisissez votre fournisseur d'identité",
|
"selectIdP":"Choisissez votre fournisseur d'identité",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Envoyez-moi un lien",
|
"sendPwd":"Envoyez-moi un lien",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"Verifica U2F fallita. Riprovare o contattare l'amministratore",
|
"PE83":"Verifica U2F fallita. Riprovare o contattare l'amministratore",
|
||||||
"PE84":"Non sei autorizzato ad accedere a questo host",
|
"PE84":"Non sei autorizzato ad accedere a questo host",
|
||||||
"PE85":"Il sito remoto richiede una sessione più recente (e il plug-in di UpgradeSession non viene caricato). Disconnetti e riprova",
|
"PE85":"Il sito remoto richiede una sessione più recente (e il plug-in di UpgradeSession non viene caricato). Disconnetti e riprova",
|
||||||
"PE86":"Il tuo account è bloccato. Devi attendere 30 secondi prima di autenticarti di nuovo",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"È necessario eseguire nuovamente l'autenticazione per accedere al Portale",
|
"PE87":"È necessario eseguire nuovamente l'autenticazione per accedere al Portale",
|
||||||
"PE88":"Il tuo account deve avere un indirizzo e-mail per poter utilizzare l'autenticazione a doppio fattore",
|
"PE88":"Il tuo account deve avere un indirizzo e-mail per poter utilizzare l'autenticazione a doppio fattore",
|
||||||
"PE89":"Accesso non concesso sul servizio SAML",
|
"PE89":"Accesso non concesso sul servizio SAML",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Le ricariche dei diritti necessitano di disconnettersi e di riconnettersi",
|
"rightsReloadNeedsLogout":"Le ricariche dei diritti necessitano di disconnettersi e di riconnettersi",
|
||||||
"scope":"Ambito",
|
"scope":"Ambito",
|
||||||
"search":"Ricerca",
|
"search":"Ricerca",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Seleziona il tuo provider di identità",
|
"selectIdP":"Seleziona il tuo provider di identità",
|
||||||
"service":"Servizio",
|
"service":"Servizio",
|
||||||
"sendPwd":"Inviami il link",
|
"sendPwd":"Inviami il link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F verification failed. Retry or contact your administrator",
|
"PE83":"U2F verification failed. Retry or contact your administrator",
|
||||||
"PE84":"You're not authorized to access to this host",
|
"PE84":"You're not authorized to access to this host",
|
||||||
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Onbevoegde toegang tot de SAML-service",
|
"PE89":"Onbevoegde toegang tot de SAML-service",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Select your Identity Provider",
|
"selectIdP":"Select your Identity Provider",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F verification failed. Retry or contact your administrator",
|
"PE83":"U2F verification failed. Retry or contact your administrator",
|
||||||
"PE84":"You're not authorized to access to this host",
|
"PE84":"You're not authorized to access to this host",
|
||||||
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Acesso não autorizado ao serviço SAML",
|
"PE89":"Acesso não autorizado ao serviço SAML",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Select your Identity Provider",
|
"selectIdP":"Select your Identity Provider",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F verification failed. Retry or contact your administrator",
|
"PE83":"U2F verification failed. Retry or contact your administrator",
|
||||||
"PE84":"You're not authorized to access to this host",
|
"PE84":"You're not authorized to access to this host",
|
||||||
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Access not granted on SAML service",
|
"PE89":"Access not granted on SAML service",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
"rightsReloadNeedsLogout":"Rights reloads need to logout and login again",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Select your Identity Provider",
|
"selectIdP":"Select your Identity Provider",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F doğrulaması başarısız oldu. Tekrar deneyin veya yöneticinize başvurun",
|
"PE83":"U2F doğrulaması başarısız oldu. Tekrar deneyin veya yöneticinize başvurun",
|
||||||
"PE84":"Bu ana makineye erişmek için yetkili değilsiniz",
|
"PE84":"Bu ana makineye erişmek için yetkili değilsiniz",
|
||||||
"PE85":"Uzak site daha yeni bir oturum istedi (ve UpgradeSession eklentisi yüklenmedi). Çıkış yap ve tekrar dene",
|
"PE85":"Uzak site daha yeni bir oturum istedi (ve UpgradeSession eklentisi yüklenmedi). Çıkış yap ve tekrar dene",
|
||||||
"PE86":"Hesabınız kilitlendi. Tekrar denemeden önce 30 saniye beklemelisiniz",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"Portala erişmek için kimliğinizi yeniden doğrulamalısınız",
|
"PE87":"Portala erişmek için kimliğinizi yeniden doğrulamalısınız",
|
||||||
"PE88":"İki adımlı kimlik doğrulamayı kullanabilmeniz için hesabınıza ait bir e-posta adresi olmalıdır",
|
"PE88":"İki adımlı kimlik doğrulamayı kullanabilmeniz için hesabınıza ait bir e-posta adresi olmalıdır",
|
||||||
"PE89":"SAML servisine erişime izin verilmedi",
|
"PE89":"SAML servisine erişime izin verilmedi",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Yetkiler yeniden yüklendiğinde çıkış yapıp tekrar giriş yapmanız gerekir",
|
"rightsReloadNeedsLogout":"Yetkiler yeniden yüklendiğinde çıkış yapıp tekrar giriş yapmanız gerekir",
|
||||||
"scope":"Kapsam",
|
"scope":"Kapsam",
|
||||||
"search":"Ara",
|
"search":"Ara",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Kimlik Sağlayıcısını seç",
|
"selectIdP":"Kimlik Sağlayıcısını seç",
|
||||||
"service":"Servis",
|
"service":"Servis",
|
||||||
"sendPwd":"Bana bir bağlantı gönder",
|
"sendPwd":"Bana bir bağlantı gönder",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"Xác minh U2F không thành công",
|
"PE83":"Xác minh U2F không thành công",
|
||||||
"PE84":"Bạn không được phép truy cập vào máy chủ lưu trữ này",
|
"PE84":"Bạn không được phép truy cập vào máy chủ lưu trữ này",
|
||||||
"PE85":"Trang web từ xa yêu cầu một phiên mới (và plugin UpgradeSession không được tải). Đăng xuất và thử lại ",
|
"PE85":"Trang web từ xa yêu cầu một phiên mới (và plugin UpgradeSession không được tải). Đăng xuất và thử lại ",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Truy cập không được cấp trên dịch vụ SAML",
|
"PE89":"Truy cập không được cấp trên dịch vụ SAML",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"Tải lại quyền cần đăng xuất và đăng nhập lại",
|
"rightsReloadNeedsLogout":"Tải lại quyền cần đăng xuất và đăng nhập lại",
|
||||||
"scope":"Phạm vi",
|
"scope":"Phạm vi",
|
||||||
"search":"Search",
|
"search":"Search",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Chọn bộ cung cấp danh tính của bạn",
|
"selectIdP":"Chọn bộ cung cấp danh tính của bạn",
|
||||||
"service":"Service",
|
"service":"Service",
|
||||||
"sendPwd":"Send me a link",
|
"sendPwd":"Send me a link",
|
||||||
|
|
|
@ -75,7 +75,7 @@
|
||||||
"PE83":"U2F verification failed. Retry or contact your administrator",
|
"PE83":"U2F verification failed. Retry or contact your administrator",
|
||||||
"PE84":"您没有授权访问该主机",
|
"PE84":"您没有授权访问该主机",
|
||||||
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
|
||||||
"PE86":"Your account is locked. You must wait 30s before authenticate again",
|
"PE86":"Your account is locked. You have to wait",
|
||||||
"PE87":"You must authenticate again to access to Portal",
|
"PE87":"You must authenticate again to access to Portal",
|
||||||
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
|
||||||
"PE89":"Access not granted on SAML service",
|
"PE89":"Access not granted on SAML service",
|
||||||
|
@ -252,6 +252,7 @@
|
||||||
"rightsReloadNeedsLogout":"重新加载权限需要登出并且再次登录",
|
"rightsReloadNeedsLogout":"重新加载权限需要登出并且再次登录",
|
||||||
"scope":"Scope",
|
"scope":"Scope",
|
||||||
"search":"搜索",
|
"search":"搜索",
|
||||||
|
"seconds":"seconds",
|
||||||
"selectIdP":"Select your Identity Provider",
|
"selectIdP":"Select your Identity Provider",
|
||||||
"service":"服务",
|
"service":"服务",
|
||||||
"sendPwd":"发给我一个链接",
|
"sendPwd":"发给我一个链接",
|
||||||
|
|
|
@ -2,7 +2,11 @@
|
||||||
|
|
||||||
<div id="errorcontent" class="container">
|
<div id="errorcontent" class="container">
|
||||||
<TMPL_IF AUTH_ERROR>
|
<TMPL_IF AUTH_ERROR>
|
||||||
<div class="message message-<TMPL_VAR NAME="AUTH_ERROR_TYPE"> alert"><span trmsg="<TMPL_VAR NAME="AUTH_ERROR">"></span></div>
|
<div class="message message-<TMPL_VAR NAME="AUTH_ERROR_TYPE"> alert"><span trmsg="<TMPL_VAR NAME="AUTH_ERROR">"></span>
|
||||||
|
<TMPL_IF LOCKTIME>
|
||||||
|
<TMPL_VAR NAME="LOCKTIME"> <span trspan="seconds">seconds</span>.
|
||||||
|
</TMPL_IF>
|
||||||
|
</div>
|
||||||
</TMPL_IF>
|
</TMPL_IF>
|
||||||
<TMPL_IF RAW_ERROR>
|
<TMPL_IF RAW_ERROR>
|
||||||
<div class="message message-<TMPL_VAR NAME="AUTH_ERROR_TYPE"> alert"><span trspan="<TMPL_VAR NAME="RAW_ERROR">"></span></div>
|
<div class="message message-<TMPL_VAR NAME="AUTH_ERROR_TYPE"> alert"><span trspan="<TMPL_VAR NAME="RAW_ERROR">"></span></div>
|
||||||
|
|
|
@ -109,7 +109,7 @@ ok(
|
||||||
);
|
);
|
||||||
ok(
|
ok(
|
||||||
$res->[2]->[0] =~
|
$res->[2]->[0] =~
|
||||||
m%<div class="message message-negative alert"><span trmsg="82"></span></div>%,
|
m%<div class="message message-negative alert"><span trmsg="82"></span>%,
|
||||||
'Found "<span trmsg="82">"'
|
'Found "<span trmsg="82">"'
|
||||||
) or explain( $res->[2]->[0], '<span trmsg="82">' );
|
) or explain( $res->[2]->[0], '<span trmsg="82">' );
|
||||||
count(3);
|
count(3);
|
||||||
|
|
|
@ -112,7 +112,7 @@ ok(
|
||||||
);
|
);
|
||||||
ok(
|
ok(
|
||||||
$res->[2]->[0] =~
|
$res->[2]->[0] =~
|
||||||
m%<div class="message message-negative alert"><span trmsg="93"></span></div>%,
|
m%<div class="message message-negative alert"><span trmsg="93"></span>%,
|
||||||
' PE93 found'
|
' PE93 found'
|
||||||
) or explain( $res->[2]->[0], "PE93 - Impersonation service not allowed" );
|
) or explain( $res->[2]->[0], "PE93 - Impersonation service not allowed" );
|
||||||
count(2);
|
count(2);
|
||||||
|
|
|
@ -111,7 +111,7 @@ ok(
|
||||||
);
|
);
|
||||||
ok(
|
ok(
|
||||||
$res->[2]->[0] =~
|
$res->[2]->[0] =~
|
||||||
m%<div class="message message-negative alert"><span trmsg="93"></span></div>%,
|
m%<div class="message message-negative alert"><span trmsg="93"></span>%,
|
||||||
' PE93 found'
|
' PE93 found'
|
||||||
) or explain( $res->[2]->[0], "PE93 - Impersonation service not allowed" );
|
) or explain( $res->[2]->[0], "PE93 - Impersonation service not allowed" );
|
||||||
count(2);
|
count(2);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user