Clément Oudot
1b81ccd96f
SAML: use get_signature_status from Lasso::Profile
2010-05-03 21:12:14 +00:00
Thomas CHEMINEAU
c4ea39fae4
UserDB* modules should store user in sessionInfo
2010-05-03 17:42:42 +00:00
Thomas CHEMINEAU
a963e83dc2
add optional session identifier to update existing session with a valid user via SOAP
2010-05-03 16:49:57 +00:00
Clément Oudot
cbf1401f1e
Declare Zimbra preauth in other grant subroutines
2010-05-03 14:18:40 +00:00
Xavier Guimard
408365bc5f
strftime is defined in POSIX
2010-05-02 17:40:21 +00:00
Xavier Guimard
5ceb94e612
Correct errors
2010-05-02 13:41:12 +00:00
Xavier Guimard
c53bdf0edc
Little error
2010-05-02 13:30:04 +00:00
Xavier Guimard
cf0ece9aa2
Reformating
2010-05-02 11:37:25 +00:00
Xavier Guimard
5d2b50e905
Modif for XSS: for logout URL, we test now Referer field
2010-05-01 13:12:28 +00:00
Clément Oudot
2523fc5cf5
SAML: check IDP value from IDP cookie (LEMONLDAP-44)
2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd
SAML:
...
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
2010-04-30 14:55:40 +00:00
Xavier Guimard
c37033b81a
$self->{id} was not well managed in portal
2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22
SAML: change error name to PE_IMG_OK and PE_IMG_NOK
2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b
SAML:
...
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6
SAML: work in progress to manage asynchronous SOAP logout requests
2010-04-28 17:16:38 +00:00
Clément Oudot
a1d41fbdda
SAML:
...
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
2010-04-28 16:29:27 +00:00
Clément Oudot
37afeeaeb5
SAML: force attribute values in UTF-8 (JIRA #21 )
2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45
SAML: manage SOAP logout request send by IDP to SP
2010-04-28 14:29:52 +00:00
Thomas CHEMINEAU
d9db773996
SAML: now use get_first_http_method when sending logout request on SP
2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
54afc28e75
SAML: manage logout initiate by IDP
2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
873aa0c32e
SAML: generalizing and moving some functions to _SAML.pm
2010-04-26 17:06:49 +00:00
Clément Oudot
844a8807b0
SAML: set sessionIndex in assertion, to be compliant with simpleSAMLphp logout
2010-04-26 15:47:09 +00:00
Thomas CHEMINEAU
6ef67cc5ea
SAML: manage internationalization
2010-04-26 15:39:38 +00:00
Clément Oudot
975a585a51
SAML: create NameIdentifier only if it does not already exists
2010-04-26 14:30:54 +00:00
Thomas CHEMINEAU
a0378cd572
SAML: hide submit button when SLO info page is displayed
2010-04-26 13:10:04 +00:00
Clément Oudot
3441a05d2b
perltidy + better nameIdentifier construction in SSO phase (bug with latest Lasso verion and simpleSAMLphp)
2010-04-26 10:02:26 +00:00
Thomas CHEMINEAU
9c99b920f0
SAML: perform HTTP redirection in SAML context, when information is displayed to the user, to fix some problem during SAML logout response
2010-04-23 16:57:25 +00:00
Thomas CHEMINEAU
aac04dabdc
SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post
2010-04-23 16:26:23 +00:00
Thomas CHEMINEAU
c2b642f172
SAML: continue work on sending logout request for all SP when an SP initiate a logout request
2010-04-23 15:18:08 +00:00
Thomas CHEMINEAU
cd8b59998b
SAML: first work on dispatching logout requests to SP during IDP SLO process
2010-04-22 17:01:37 +00:00
Thomas CHEMINEAU
c387e47e4f
SAML: retrieve session to be deleted then during a SLO initiate by a SP (maj lasso)
2010-04-22 13:00:32 +00:00
Thomas CHEMINEAU
8e08663576
SAML: no need to search for a valid session, when we are into issuerForAuthUser, we already have a valid one
2010-04-21 16:54:05 +00:00
Thomas CHEMINEAU
0eba588385
SAML: now delete session when logout request for authenticated user is correct
2010-04-20 15:49:48 +00:00
Thomas CHEMINEAU
6bfdad2d0b
SAML: manage logout into issuerForAuthUser
2010-04-20 15:31:21 +00:00
Thomas CHEMINEAU
005037df8c
SAML: first implementation of SLO initiated by a SP
2010-04-20 10:04:34 +00:00
Clément Oudot
70a214b9e0
SAML:
...
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe
SAML: add methods to disable signature verification (tests in progress)
2010-04-16 10:13:20 +00:00
Clément Oudot
a9cfdb9a64
SAML: mandatory attributes are now set in authentication response attribute statement
2010-04-16 08:55:56 +00:00
Clément Oudot
99b4c7fb72
SAML: attributes in authn response (work in progress)
2010-04-15 15:40:07 +00:00
Clément Oudot
4379adc014
SAML: reformate SP list to use EntityID as primary key
2010-04-15 14:42:17 +00:00
Clément Oudot
fbe50de653
* Better log of what is registered in session
...
* Control whatToTrace parameter before logging into Apache
2010-04-15 13:46:45 +00:00
Clément Oudot
d9c4b44c4b
Add multiValuesSeparator configuration parameter
2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28
SAML: SSL authentication context is TLSClient and not X509
2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7
SAML: map authenticationLevel and authn context
2010-04-14 16:22:55 +00:00
Xavier Guimard
799b643949
$ENV not taken in acount in macros
2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
756ca82484
SAML: NameID generation (work in progress)
2010-04-14 11:14:24 +00:00
Clément Oudot
bc21f58b46
SAML: correct a bug when trying to update a newly created session (cookie not already set)
2010-04-12 15:42:38 +00:00
Clément Oudot
2406d832e9
SAML: manage Lasso session in artifacts
2010-04-12 15:03:54 +00:00