dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
917 Commits 3 Branches 0 Tags 75 MiB
3107f0e44b
Commit Graph

441 Commits

Author SHA1 Message Date
Clément Oudot
9ac349e458 Update to jQuery 1.3.2 (Closes: #314394) 2009-11-17 22:37:38 +00:00
Clément Oudot
7d255abdef Move AuthCAS loading in authInit 2009-11-17 15:43:05 +00:00
Xavier Guimard
5f73c30706 Bug if trustedDomains contains more than 1 domain 2009-11-09 15:32:27 +00:00
Xavier Guimard
6757b945ae svn:executable property 2009-11-08 18:47:09 +00:00
Xavier Guimard
83e33a90ad perltidy and licence update 2009-11-07 13:05:50 +00:00
Thomas CHEMINEAU
e2d47ce982 fixe #314458 - add url parameter in URL of CAS portal redirection 2009-11-05 14:25:55 +00:00
Xavier Guimard
95424e487a * New manager in progress 
* Strange problem with Net::LDAP in mpm-worker environment (not fixed)
 * Clean lock files when using Apache::Session::File
 2009-10-30 17:27:36 +00:00
Xavier Guimard
7a04829a08 New portal parameters : singleIP and singleSession 2009-10-21 12:43:13 +00:00
Xavier Guimard
ec15f539b2 Perl warning 2009-10-18 08:52:12 +00:00
Xavier Guimard
6f56bea189 Perl Author update 2009-10-17 08:16:14 +00:00
Xavier Guimard
b5dc7730f2 Perl dependencies update 2009-10-17 08:06:41 +00:00
Xavier Guimard
655fd9e526 * perltidy 
* LDAP: loadPP() is called now directly in ldap() to avoid to call it in authInit()
 2009-10-12 16:55:35 +00:00
Xavier Guimard
bf488752b4 Documentation update 2009-10-12 15:03:29 +00:00
Xavier Guimard
def1d50780 Closes #314192 2009-10-11 11:28:25 +00:00
Xavier Guimard
041fcbe05a Closes #314369 2009-10-11 11:21:52 +00:00
Xavier Guimard
bf6230c5ac VERSION 0.9.4.1 2009-10-11 08:13:50 +00:00
Xavier Guimard
49cc593005 '*' for trustedDomains 2009-10-02 16:10:23 +00:00
Xavier Guimard
a3341bab71 DISPLAY_RESETPASSWORD was not used 2009-10-01 12:49:42 +00:00
Xavier Guimard
a8c75750cd Bug in _Multi.pm : eval { require $mod } means "search the file named $mod", but since $mod is a module name, we have to write eval "require $mod" 2009-09-30 10:59:02 +00:00
Xavier Guimard
112cf4c1e6 Rename "Relay" auth mechanism to "Proxy" and add test 2009-09-27 07:54:05 +00:00
Xavier Guimard
947ee7f7c6 Relay in progress... 2009-09-23 13:35:19 +00:00
Xavier Guimard
48ac5bd591 * New authentication scheme : Relay (queries by SOAP another portal) 
* syslog facility was not taken in account
* Missing HTTP::Headers dependency
* lmConfigEditor must not display reVHosts and cipher which are calculated by Conf.pm
* bad Apache security in Debian configuration files
 2009-09-23 12:42:34 +00:00
Xavier Guimard
38d5fabc90 Update changelog + remove bad test for cpan tester 2009-09-15 14:12:03 +00:00
Xavier Guimard
444e093004 Bugs : 
* Crypto was usable only with 16xn characters
 * Menu was not able to filter embedded <application>
Google page speed :
 * optimize images
 * set size
 2009-08-20 14:19:40 +00:00
Xavier Guimard
bfebb497a1 Closes: #314163 : testUri() unusable 2009-08-20 14:15:16 +00:00
Xavier Guimard
771bf46a5f HTTP code 302 has to be replaced by 303 2009-08-18 13:33:36 +00:00
Clément Oudot
0a1c2c95b8 Bug CAS: redirect function was not valid 2009-07-21 13:52:10 +00:00
Clément Oudot
3fef4041bf Add , to avoid syntax errors when removing comments 2009-07-20 15:18:12 +00:00
Xavier Guimard
6c7558cffd * Better performances for Menu : XML was parsed 2 times 
* Doc for SympaAutoLogin
* Version update
 2009-07-05 11:11:33 +00:00
Xavier Guimard
8965bd6119 * Menu update : application can contains application 
* update trunk from branch
 2009-07-01 08:52:14 +00:00
Clément Oudot
2537e92fe0 Use confFile instead of File in configStorage examples 2009-06-29 11:29:52 +00:00
Xavier Guimard
e5f83c5ba0 * Perl documentation update 
* Makefiles update
 2009-06-29 10:12:29 +00:00
Xavier Guimard
bfed9a789c Documentation update 2009-06-29 09:42:44 +00:00
Clément Oudot
c113f7440e Force skin parameter for error template 2009-06-25 15:43:14 +00:00
Clément Oudot
7bd70aec9e Do not use , as separator as it breaks DN 2009-06-25 07:51:39 +00:00
Xavier Guimard
affdc1f5bc SOAP configuration access : 
* Missing SOAP fonction for config access in Portal/_SOAP.pm (lastCfg)
* Common/Conf/SOAP.pm now reports SOAP errors
* Common/Conf.pm reports an error when lastCfg returns 0
* SOAP namespace error in Common/Conf/SOAP.pm

Other :
* error in logout_sso default value (Handler/Simple.pm)
* bad returned value when configuration was missing in Handler/SharedConf.pm
 2009-06-23 20:36:44 +00:00
Clément Oudot
f3536d4634 Bug in Webform: tests always returned PE_FORMEMPTY 2009-06-22 14:04:24 +00:00
Clément Oudot
198bcf70bc Get the timezone of the user and correct checkLogonHours function 2009-06-22 10:01:58 +00:00
Xavier Guimard
36c9aa2409 Change CDA parameter to cda. 2009-06-15 14:13:09 +00:00
Xavier Guimard
7ab3ffa447 Documentation update 2009-06-14 20:58:42 +00:00
Xavier Guimard
0ac63904e7 * New parameter for XSS protection : trustedDomains 
* parameters test to avoid warnings
* debian/control : missing dependencies
* perltidy
* tests update
 2009-06-14 16:43:02 +00:00
Xavier Guimard
e55a4868d3 Beginning 0.9.4 publication works : version update 2009-06-08 16:29:13 +00:00
Clément Oudot
81950e0b52 Remove local groups from UserDBLDAP 2009-06-04 15:37:36 +00:00
Thomas CHEMINEAU
0df6ea67fa adding extended groups functionality 2009-06-04 15:33:53 +00:00
Clément Oudot
9a129352e8 Add HTML::Template to dependencies 2009-06-04 15:19:14 +00:00
Clément Oudot
f52b609d0e Correct errors seen in make test 2009-06-04 14:27:36 +00:00
Clément Oudot
8f423fd276 Move setGroups in UserDB 2009-06-04 09:13:03 +00:00
Clément Oudot
84c02a1c17 Mail customization (plain text only) with parameter mailBody 2009-06-03 16:40:41 +00:00
Clément Oudot
50e88a68a7 Manage X-FORWARDED-FOR with multiple IP 2009-06-03 14:52:22 +00:00
Xavier Guimard
5698b101db Missing files 2009-06-02 16:39:51 +00:00
Clément Oudot
aa2d48027f Use _user instead of uid for connected user 2009-06-02 15:46:26 +00:00
Clément Oudot
9d87ad8532 Use PasswordDBLDAP in Menu 2009-06-02 15:34:13 +00:00
Clément Oudot
56f7f8639a LEMONLDAP::NG : add dependencies 2009-05-29 10:18:38 +00:00
Clément Oudot
15dadc06d0 LEMONLDAP::NG: bugs found with make test 2009-05-29 09:53:07 +00:00
Clément Oudot
75c1f0feae LEMONLDAP::NG : Reset password by mail (new functionnality) 2009-05-28 16:31:39 +00:00
Clément Oudot
68975eaa40 LEMONLDAP::NG : correct some little bugs seen in 'make test' 2009-05-26 12:24:03 +00:00
Clément Oudot
d2edd78c44 LEMONLDAP::NG : reimport FederID theme 2009-05-26 11:04:56 +00:00
Clément Oudot
a38bd3e6c7 LEMONLDAP::NG : 
* Create UserDBNull to use only Auth module
* Store submitted login (user field) in AuthSessionInfos
* Store password if needed in AuthRemote
 2009-05-25 12:59:57 +00:00
Xavier Guimard
db4982564b Update portal manifest 2009-05-21 11:52:57 +00:00
Clément Oudot
43988469c7 LEMONLDAP::NG : Manage X-FORWARDED-FOR header for IP (close bug #312340) 2009-05-20 09:29:52 +00:00
Clément Oudot
0d9eaed6fc LEMONLDAP::NG : 
* Correct XSS on user field
* Add "XSS attack detected" log messages
 2009-05-19 08:52:27 +00:00
Clément Oudot
565ba83c05 LEMONLDAP::NG : 
* Verify old password before modify
* Add the "PE_BADOLDPASSWORD" error
* Minor changes in pastel skin
* Erase old default skins
* Move icons to skins/common
 2009-05-18 13:53:51 +00:00
Xavier Guimard
9ee1775253 Missing file in MANIFEST 2009-05-16 10:17:19 +00:00
Clément Oudot
cae5e6ed98 LemonLDAP::NG : 
* Create PasswordDBLDAP
* Force password modification when password is reset with ppolicy
* new parameter ldapSetPassword: set to 1 if you want to use the LDAP extended operation rather than LDAP modify
* TODO: update HTML templates
 2009-05-14 16:19:49 +00:00
Clément Oudot
0b43906ff4 LEMONLDAP::NG : 
* Add AUTH_USER Template parameter
* Document ldapGroupBase in portal constructor
* Correct error call when testing password policy
 2009-05-14 08:46:18 +00:00
Xavier Guimard
cb494c36d5 Logs as PerlLogHandler in handler and little things 2009-05-06 05:38:20 +00:00
Clément Oudot
eebac0ee3e LEMONLDAP::NG : checkLogonHours and checkDate in Safelib, and correct bug #313624 2009-04-21 13:24:38 +00:00
Xavier Guimard
7ac6d25eaf * NoCache option for getConf() 
* sort problem + perltidy in Conf/LDAP
 2009-04-18 07:04:07 +00:00
Xavier Guimard
051f61b288 Since CGI stores now parameters at the root of the object, param is now redefined in Common/CGI.pm to secure those parameters 2009-04-11 11:16:44 +00:00
Xavier Guimard
294e35cbeb Error with PPolicy + CleanupHandler not launched 2009-04-11 06:13:28 +00:00
Xavier Guimard
c40c13734e SAML skeleton in progress... 2009-04-08 16:31:13 +00:00
Xavier Guimard
3ad76f30b2 PPolicy management is now in _LDAP.pm instead of AuthLDAP to be reused by Menu.pm 2009-04-08 10:32:33 +00:00
Xavier Guimard
a98e3ac8bb SAML skeleton 2009-04-07 20:38:24 +00:00
Xavier Guimard
c35ea2d689 Password management 2009-04-07 09:27:23 +00:00
Xavier Guimard
e15d136398 LDAP_PP_CHANGE_AFTER_RESET was not intercepted with OpenLDAP since bind() is granted in this case. 2009-04-07 08:26:12 +00:00
Xavier Guimard
740ad09f9f Safelib + LDAPFilter parameter 2009-04-05 08:12:16 +00:00
Xavier Guimard
2f5af7de52 Documentation update 2009-04-04 15:29:38 +00:00
Xavier Guimard
73fa979c65 'CustomSOAPServices' target in portal 2009-04-04 07:36:42 +00:00
Xavier Guimard
8bc0d20afa * Portal can now been used as 'proxy' for SOAP session storage. 
* Session explorer works now with SOAP session storage (very low performances)
 2009-04-03 16:17:57 +00:00
Xavier Guimard
b0b971b241 Double session mechanism : 2 cookies are generated, 1 secured, the other not. 
Handlers detects automatically the cookie to choose.
 2009-03-31 10:52:43 +00:00
Xavier Guimard
e5e80709e6 Use Net::LDAP high availability system 
%ENV was not shared
 2009-03-08 17:37:31 +00:00
Xavier Guimard
2b6a1d94a5 Test for Multi module 2009-03-08 16:41:43 +00:00
Xavier Guimard
231f54ddf0 * New authentication and userDB module : 'Multi' to chain authentication modules. 
* Compilation for ModPerl::Registry by default
 2009-03-08 08:50:58 +00:00
Xavier Guimard
6bf8377104 More methods for notification mechanism (to be used by batch that control done notifications) 2009-03-04 08:37:08 +00:00
Xavier Guimard
a4dbbf2ccd POD 2009-03-03 06:21:52 +00:00
Xavier Guimard
859be3923f * Doxygen doc update 
* More tests
* perltidy on tests
 2009-02-25 18:10:07 +00:00
Xavier Guimard
6307a00750 Lot of work on Portal SOAP services. Now 5 functions are exported: 
* getAttributes(cookieValue)
 * getConfig()
 * getCookies(user,password)
 * error(code,language)
 * newNotification(xml)

WSDL is up to date but getConfig is not documented since it's a Lemonldap::NG internal service.
 2009-02-24 17:53:59 +00:00
Xavier Guimard
2a77ab4066 More tests 2009-02-24 08:03:37 +00:00
Xavier Guimard
20764ad812 New authentication and userDB backend : "Remote" can be used to check authentication from a remote Lemonldap::NG portal using CDA 2009-02-23 17:35:38 +00:00
Xavier Guimard
ace1f67cb6 Error in WSDL 2009-02-20 15:49:03 +00:00
Xavier Guimard
9fdea7384f make cpan updates META.yml 2009-02-19 08:26:22 +00:00
Xavier Guimard
30d2bd4dd4 More tests 2009-02-19 08:06:59 +00:00
Xavier Guimard
6dd414cb76 XSS tests 2009-02-17 19:37:06 +00:00
Xavier Guimard
018bee1fc6 CDA now included in main portal 2009-02-17 15:39:14 +00:00
Xavier Guimard
553058998f Doxygen comments update 2009-02-17 15:22:42 +00:00
Xavier Guimard
ffb5ee8e33 Doxygen filter modification to show authentication process methods 2009-02-17 14:56:38 +00:00
Xavier Guimard
dc637c297b Test more clean 2009-02-16 11:19:05 +00:00
Xavier Guimard
5803952784 * delete log() method from the portal : 
* user actions are logged by userNotice() and userError()
  * other access are logged by HTTP server
* create authenticate() method in Simple.pm used to launch userNotice() for
  all authentication method
 2009-02-15 17:58:38 +00:00
Xavier Guimard
b6cdee5d2a Now userNotice and userError are customizable like subs called by _subProcess 2009-02-15 11:30:25 +00:00
Xavier Guimard
415d23b6e4 User actions are now registered with 3 functions : 
* log        : normal access to the portal
 * userNotice : authentications, logout,...
 * userError  : bad password,...

A new parameter 'syslog => "auth"' can be set to log userNotice and userError via syslog
 2009-02-15 08:53:44 +00:00
Xavier Guimard
f1dd28c821 LEMONLDAP::NG : more error reporting 2009-02-14 15:21:58 +00:00
Xavier Guimard
0c18700f65 * cleaning code : 
* session have not to be recover in Menu since it's done before bu the portal
* accounting in CGIs (ModPerl::Registry context only) :
  * used by portal to inform Apache
 2009-02-14 08:55:19 +00:00
Xavier Guimard
15e4a17bd8 * Typo in debian/control 
* Notification/DBI.pm is now running
 2009-02-13 09:26:02 +00:00
Xavier Guimard
19e59af4cd log & debug method lmLog() for CGIs 2009-02-12 19:48:53 +00:00
Clément Oudot
ed55803c04 LEMONLDAP::NG : Abort redirection if ppolicy warnings are present 2009-02-12 17:09:33 +00:00
Xavier Guimard
f8169c1909 Notification system in progress : 
* File storage is running
 * DBI storage has not yet been tested
Documentation update
 2009-02-11 16:18:38 +00:00
Xavier Guimard
7c1ff1d938 Versions update 2009-02-10 17:28:27 +00:00
Clément Oudot
33d43ffd75 LEMONLDAP::NG : Apply patch for cronjob (issue #312315) 2009-02-10 16:32:56 +00:00
Xavier Guimard
ab1b201e71 * AuthBasic now use SOAP request to create the new session 
* perltidy
 2009-02-10 11:10:12 +00:00
Thomas CHEMINEAU
6b821a21dd LEMONLDAP::NG : Fixe a bug in libertySignOn function, to retrieve correct providerID 2009-02-09 16:06:41 +00:00
Xavier Guimard
c5a5ba909f Typo in pod 2009-02-08 19:12:08 +00:00
Xavier Guimard
b275ee2ac8 LEMONLDAP::NG : WSDL is now clean 2009-02-08 17:12:42 +00:00
Xavier Guimard
fbdb9ccb22 LEMONLDAP::NG : * Version is missing in SOAPServer.pm 
* perltidy on Portal/Simple.pm
 2009-02-08 07:59:46 +00:00
Xavier Guimard
6494326e1e LEMONLDAP::NG : typo 2009-02-06 17:41:23 +00:00
Xavier Guimard
2f9e6da6c1 LEMONLDAP::NG : problem with UTF8 in Notification.pm 2009-02-06 17:32:44 +00:00
Xavier Guimard
1800497815 LEMONLDAP::NG : propagation of 0.9.3.4 changes 2009-02-05 17:05:18 +00:00
Xavier Guimard
a25e10b040 LEMONLDAP::NG : * documentation modification 
* SOAP service to update notification database
 2009-02-03 09:36:13 +00:00
Xavier Guimard
1b6f56699a LEMONLDAP::NG : Missing file Portal/Notification.pm 2009-02-02 08:53:51 +00:00
Xavier Guimard
85d765a002 LEMONLDAP::NG : WSDL for portal + dependency of Crypt::Rijndael in Debian 2009-02-01 15:38:06 +00:00
Xavier Guimard
21f5808cdf LEMONLDAP::NG : Notification system is running now (for file storage only). TODO: Soapservice to accept notifications 2009-01-30 15:26:34 +00:00
Xavier Guimard
2540bb36f0 LEMONLDAP::NG : * new feature in devel : notification system 
* now, there is a shared key that can be use to crypt datas
                  (used in notification to hide cookie value)
 2009-01-28 17:37:10 +00:00
Xavier Guimard
ecb8ccbf96 LEMONLDAP::NG : bug with ldap+tls (Closes: #312418) 2009-01-17 19:45:21 +00:00
Xavier Guimard
f143719429 LEMONLDAP::NG : Typo 2009-01-03 08:54:49 +00:00
Xavier Guimard
bfab1a6e3b LEMONLDAP::NG Doxygen in progress 2008-12-31 15:10:02 +00:00
Xavier Guimard
62b02d49fd LEMONLDAP::NG : Doxygen documentation in progress 2008-12-30 09:37:56 +00:00
Clément Oudot
cef50ff78f LEMONLDAP::NG : autofocus in login page 2008-12-29 15:58:17 +00:00
Xavier Guimard
41fe04e8b8 LEMONLDAP::NG : Doxygen documentation in progress... 2008-12-29 10:28:31 +00:00
Xavier Guimard
2e5911ac4e LEMONLDAP::NG : Doxygen in progress. 2008-12-28 08:36:52 +00:00
Clément Oudot
985bdc2509 LEMONLDAP::NG : don't test url if direct access to portal 2008-12-27 11:00:45 +00:00
Xavier Guimard
228288d43c LEMONLDAP::NG : Doxygen in progress 2008-12-26 19:18:23 +00:00
Xavier Guimard
13a5a1daab LEMONLDAP::NG : Doxygen documentation in progress 2008-12-26 17:58:48 +00:00
Xavier Guimard
52e22cd675 LEMONLDAP::NG : little more documentation 2008-12-25 20:06:23 +00:00
Xavier Guimard
5483c4451a LEMONLDAP::NG : * Romanian translation update 
* perltidy
                * test for menu
 2008-12-25 14:14:15 +00:00
Xavier Guimard
e4a7734f23 LEMONLDAP::NG : dependencies 2008-12-25 08:21:30 +00:00
Xavier Guimard
0d8ab5ea2b LEMONLDAP::NG : Perl module versions update for CPAN export 2008-12-25 08:04:33 +00:00
Xavier Guimard
78852ac337 LEMONLDAP::NG perltidy 2008-12-24 14:57:23 +00:00
Xavier Guimard
13cdc9b8ec LEMONLDAP::NG : XSS patch not compatible with logout system 2008-12-24 14:55:44 +00:00
Xavier Guimard
2449e92c2d LEMONLDAP::NG : A site in the protected domain is accepted in $portal->{urldc} even if the site is not declared in the manager 2008-12-24 09:12:53 +00:00
Xavier Guimard
8e6c8de591 LEMONLDAP::NG : I think version 0.9.3 is ready... 2008-12-24 08:32:11 +00:00
Xavier Guimard
5ba1178057 LEMONLDAP::NG : New Makefile in progress. Debian install is broken for now. 2008-12-22 17:49:36 +00:00
Clément Oudot
d28f3036e3 LEMONLDAP::NG : Add icons in input fields 2008-12-18 16:08:03 +00:00
Xavier Guimard
cc07eae107 LEMONLDAP::NG : customFunctions are now shared in macros, groups, headers and rules 2008-12-11 17:02:02 +00:00
Xavier Guimard
a77e385730 LEMONLDAP::NG : little bug in SOAP error() 2008-12-08 10:56:19 +00:00
Xavier Guimard
16a29be9fa LEMONLDAP::NG : error display in SOAP 2008-12-07 20:07:52 +00:00
Xavier Guimard
b9ba2337e4 LEMONLDAP::NG : now the portal can be called by browser or by SOAP 2008-12-07 14:12:36 +00:00
Xavier Guimard
68d447b422 LEMONLDAP::NG : typo 2008-12-07 12:15:40 +00:00
Xavier Guimard
53dc4bbbf4 LEMONLDAP::NG : * To avoid XSS, 3 controls : 
1) url must be base64 encoded
                  2) urldc is serialized on 1 line ("s/[\r\n]//sg")
                  3) urldc must not contains '"`\0<
                * Common/CGI can now intercept SOAP requests
 2008-12-07 09:02:44 +00:00
Xavier Guimard
8b4f38e58c LEMONLDAP::NG : XSS prevention 2008-12-06 10:26:24 +00:00
Xavier Guimard
66c60cc416 LEMONLDAP::NG : * branche 0.9.2 is missing 
* ' and " are now filtered in url in Portal.pm
 2008-12-06 07:27:35 +00:00
Xavier Guimard
5bbe35cedc LEMONLDAP::NG : To help Doxygen, we have to use "use base" instead of @ISA when possible 2008-12-04 13:53:05 +00:00