dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,562 Commits 3 Branches 0 Tags 75 MiB
3831981423
Commit Graph

668 Commits

Author SHA1 Message Date
Thomas CHEMINEAU
f60e65166d adding Lemonldap::NG::Handler::UpdateCookie.pm and associated files 2010-05-05 16:49:26 +00:00
Xavier Guimard
810505b1cb (Closes: #46) 2010-05-05 16:42:22 +00:00
Clément Oudot
bec0831f2d Zimbra preAuth is now an independent Handler (#12) 2010-05-05 08:13:44 +00:00
Clément Oudot
a04ff6e964 SAML: 
* OneTimeUse is no more used in SP (#50)
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
 2010-05-05 07:10:13 +00:00
Thomas CHEMINEAU
c935584300 informations is correctly stored into session but not well displayed by manager (add _utime, remove useless code) 2010-05-04 15:55:48 +00:00
Clément Oudot
5eb7895dac SAML: manage SP conf key 2010-05-04 10:10:34 +00:00
Clément Oudot
1b81ccd96f SAML: use get_signature_status from Lasso::Profile 2010-05-03 21:12:14 +00:00
Thomas CHEMINEAU
c4ea39fae4 UserDB* modules should store user in sessionInfo 2010-05-03 17:42:42 +00:00
Thomas CHEMINEAU
a963e83dc2 add optional session identifier to update existing session with a valid user via SOAP 2010-05-03 16:49:57 +00:00
Clément Oudot
cbf1401f1e Declare Zimbra preauth in other grant subroutines 2010-05-03 14:18:40 +00:00
Xavier Guimard
408365bc5f strftime is defined in POSIX 2010-05-02 17:40:21 +00:00
Xavier Guimard
5ceb94e612 Correct errors 2010-05-02 13:41:12 +00:00
Xavier Guimard
c53bdf0edc Little error 2010-05-02 13:30:04 +00:00
Xavier Guimard
cf0ece9aa2 Reformating 2010-05-02 11:37:25 +00:00
Xavier Guimard
5d2b50e905 Modif for XSS: for logout URL, we test now Referer field 2010-05-01 13:12:28 +00:00
Clément Oudot
2523fc5cf5 SAML: check IDP value from IDP cookie (LEMONLDAP-44) 2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd SAML: 
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
 2010-04-30 14:55:40 +00:00
Xavier Guimard
c37033b81a $self->{id} was not well managed in portal 2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22 SAML: change error name to PE_IMG_OK and PE_IMG_NOK 2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b SAML: 
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
 2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865 New session explorer (not finished but useable) + some little tips 2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6 SAML: work in progress to manage asynchronous SOAP logout requests 2010-04-28 17:16:38 +00:00
Clément Oudot
a1d41fbdda SAML: 
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
 2010-04-28 16:29:27 +00:00
Clément Oudot
37afeeaeb5 SAML: force attribute values in UTF-8 (JIRA #21) 2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45 SAML: manage SOAP logout request send by IDP to SP 2010-04-28 14:29:52 +00:00
Thomas CHEMINEAU
d9db773996 SAML: now use get_first_http_method when sending logout request on SP 2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
54afc28e75 SAML: manage logout initiate by IDP 2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
873aa0c32e SAML: generalizing and moving some functions to _SAML.pm 2010-04-26 17:06:49 +00:00
Clément Oudot
844a8807b0 SAML: set sessionIndex in assertion, to be compliant with simpleSAMLphp logout 2010-04-26 15:47:09 +00:00
Thomas CHEMINEAU
6ef67cc5ea SAML: manage internationalization 2010-04-26 15:39:38 +00:00
Clément Oudot
975a585a51 SAML: create NameIdentifier only if it does not already exists 2010-04-26 14:30:54 +00:00
Thomas CHEMINEAU
a0378cd572 SAML: hide submit button when SLO info page is displayed 2010-04-26 13:10:04 +00:00
Clément Oudot
3441a05d2b perltidy + better nameIdentifier construction in SSO phase (bug with latest Lasso verion and simpleSAMLphp) 2010-04-26 10:02:26 +00:00
Thomas CHEMINEAU
9c99b920f0 SAML: perform HTTP redirection in SAML context, when information is displayed to the user, to fix some problem during SAML logout response 2010-04-23 16:57:25 +00:00
Thomas CHEMINEAU
aac04dabdc SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post 2010-04-23 16:26:23 +00:00
Thomas CHEMINEAU
c2b642f172 SAML: continue work on sending logout request for all SP when an SP initiate a logout request 2010-04-23 15:18:08 +00:00
Thomas CHEMINEAU
cd8b59998b SAML: first work on dispatching logout requests to SP during IDP SLO process 2010-04-22 17:01:37 +00:00
Thomas CHEMINEAU
c387e47e4f SAML: retrieve session to be deleted then during a SLO initiate by a SP (maj lasso) 2010-04-22 13:00:32 +00:00
Thomas CHEMINEAU
8e08663576 SAML: no need to search for a valid session, when we are into issuerForAuthUser, we already have a valid one 2010-04-21 16:54:05 +00:00
Thomas CHEMINEAU
0eba588385 SAML: now delete session when logout request for authenticated user is correct 2010-04-20 15:49:48 +00:00
Thomas CHEMINEAU
6bfdad2d0b SAML: manage logout into issuerForAuthUser 2010-04-20 15:31:21 +00:00
Thomas CHEMINEAU
005037df8c SAML: first implementation of SLO initiated by a SP 2010-04-20 10:04:34 +00:00
Clément Oudot
70a214b9e0 SAML: 
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
 2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe SAML: add methods to disable signature verification (tests in progress) 2010-04-16 10:13:20 +00:00
Clément Oudot
a9cfdb9a64 SAML: mandatory attributes are now set in authentication response attribute statement 2010-04-16 08:55:56 +00:00
Clément Oudot
99b4c7fb72 SAML: attributes in authn response (work in progress) 2010-04-15 15:40:07 +00:00
Clément Oudot
4379adc014 SAML: reformate SP list to use EntityID as primary key 2010-04-15 14:42:17 +00:00
Clément Oudot
fbe50de653 * Better log of what is registered in session 
* Control whatToTrace parameter before logging into Apache
 2010-04-15 13:46:45 +00:00
Clément Oudot
d9c4b44c4b Add multiValuesSeparator configuration parameter 2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28 SAML: SSL authentication context is TLSClient and not X509 2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7 SAML: map authenticationLevel and authn context 2010-04-14 16:22:55 +00:00
Xavier Guimard
799b643949 $ENV not taken in acount in macros 2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452 * make tidy 
* Manage authenticationLevel in all authentication backends
 2010-04-14 15:37:57 +00:00
Clément Oudot
756ca82484 SAML: NameID generation (work in progress) 2010-04-14 11:14:24 +00:00
Clément Oudot
bc21f58b46 SAML: correct a bug when trying to update a newly created session (cookie not already set) 2010-04-12 15:42:38 +00:00
Clément Oudot
2406d832e9 SAML: manage Lasso session in artifacts 2010-04-12 15:03:54 +00:00
Clément Oudot
ea24dc314e Portal: updateSession can now take session id as parameter 2010-04-12 13:50:42 +00:00
Clément Oudot
ae66b57881 SAML: load and store Lasso Identity and Session 2010-04-12 13:23:22 +00:00
Clément Oudot
91e1419f57 SAML: artifact resolution response in SP and IDP 2010-04-12 09:09:53 +00:00
Clément Oudot
ce1e5840fb SAML: artifact response is now working 2010-04-12 08:26:18 +00:00
Clément Oudot
0ae2585a97 SAML: manage artifact (work in progess) 2010-04-09 16:42:50 +00:00
Clément Oudot
7fef157210 SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage) 2010-04-09 13:27:54 +00:00
Clément Oudot
46808d3f78 SAML: manage artifact (work in progess) 2010-04-08 16:28:10 +00:00
Clément Oudot
9bb7adb3c3 SAML: catch artefact resolution URL 2010-04-08 11:03:53 +00:00
Clément Oudot
e34c8409b1 SAML: escape URL strings in regexp 2010-04-08 10:16:13 +00:00
Clément Oudot
fb9f964515 SAML: move use POSIX from AuthSAML to _SAML 2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5 SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP 2010-04-08 09:39:53 +00:00
Clément Oudot
89bf4a6630 SAML: build assertion 2010-04-07 16:37:23 +00:00
Clément Oudot
ecf5612e4f SAML: 
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
 2010-04-07 15:14:17 +00:00
Clément Oudot
f9e8ce7092 SAML: validate request message 2010-04-07 12:27:50 +00:00
Clément Oudot
7859ba292a SAML: trust hidden fields when they are present 2010-04-07 10:11:21 +00:00
Thomas CHEMINEAU
341f9f944f SAML: first work on issuerForAuthUser into IssuerDBSAML.pm 2010-04-02 16:19:10 +00:00
Thomas CHEMINEAU
0974c128ec SAML: fix a little bug 2010-04-02 15:34:44 +00:00
Thomas CHEMINEAU
7202a6651f SAML: manage hidden values for SAML authentication request 2010-04-02 15:28:29 +00:00
Clément Oudot
119386dca7 SAML: use checkMessage in AuthSAML 2010-04-02 14:47:17 +00:00
Clément Oudot
e21b4c936a SAML: intercept artefact resolution URL in SP 2010-04-02 11:41:44 +00:00
Thomas CHEMINEAU
fa039d2114 Store hidden informations in forms 
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
  * Simple: add functions to manage hidden values for forms
 2010-04-02 09:17:02 +00:00
Clément Oudot
f87d6b9b3d SAML: IDP requestedAuthnContext option 2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f SAML: IDP isPassive option 2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4 SAML: work on SSO/SLO signature options 2010-04-01 14:18:37 +00:00
Clément Oudot
6d505c9468 SAML: IDP option to validate SSO response signature -not working now 2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681 SAML: IDP option to sign SSO requests 2010-04-01 09:55:33 +00:00
Clément Oudot
7f91ef3c83 SAML: was set too late 2010-03-26 16:47:17 +00:00
Thomas CHEMINEAU
ba6bb76549 SAML: 
- Move part of the code into _SAML.pm so that it could be reused;
- Create the method checkMessage that check SAML requests and responses.
 2010-03-26 16:02:27 +00:00
Thomas CHEMINEAU
e7103c56c5 SAML: implementing issuerForUnAuthUser 2010-03-26 13:56:37 +00:00
Clément Oudot
07c528d6fd SAML: update POD 2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068 SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT) 2010-03-25 16:43:34 +00:00
Thomas CHEMINEAU
b67654d42d SAML: code to load SP metadata 2010-03-25 14:44:38 +00:00
Thomas CHEMINEAU
dec9d562d8 SAML: work in progress in IssuerDBSAML 2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc SAML: move code that load SAML services and IDPs into _SAML 2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c SAML: option to adapt session _utime with SessionNotOnOrAfter 2010-03-25 10:02:53 +00:00
Clément Oudot
bc7df7b3bc SAML: correct NAME POD section to prevent lintian warning 2010-03-25 08:55:42 +00:00
Clément Oudot
44f5d27b7a Prepare for 1.0rc1: 
* Update modules main version
* make tidy
* make manifest
* make documentation
 2010-03-24 22:06:43 +00:00
Clément Oudot
bd9c9d13dc LDAP: change test for Net::LDAP minimal version for ppolicy feature 2010-03-24 15:53:55 +00:00
Clément Oudot
953806ed93 SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet 2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a SAML: add AllowLoginFromIDP option 2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27 SAML: proxy restriction was not working, now it is set in authn request conditions 2010-03-24 12:33:45 +00:00
Clément Oudot
bac76b680d LDAP: option to change the password as user (and not as managerDn) 2010-03-24 10:00:52 +00:00
Clément Oudot
fa05c16e02 OpenID: warning message for IssuerDBOpenID use 2010-03-15 10:57:17 +00:00
Clément Oudot
7692cefd95 Portal: all is ready for AuthOpenID 2010-03-15 09:53:56 +00:00
Clément Oudot
099c846d42 perltidy + manager bug with node created from special parent nodes 2010-03-13 17:39:50 +00:00
Clément Oudot
5a61c04a2d SAML: use correct IDP name in confirmation message 2010-03-13 16:49:33 +00:00
Clément Oudot
f80620fae4 SAML: No need to force default nameIDFormat value 2010-03-12 16:19:41 +00:00
Clément Oudot
44aeddbc5c Bug with samlIDPMetaDataOptions upload and use make tidy 2010-03-11 15:00:59 +00:00
Clément Oudot
ce8d8ee84e SAML: correct a bug if no NameIDFormat were given 2010-03-11 12:00:25 +00:00
Xavier Guimard
d439cab42e * Little CSS for abort() 
* Comments for lemonldap-ng.ini
* lemonldap-ng.ini was not well read in Manager
* New target 'unprotect' in rules
* Status update
 2010-03-09 21:42:31 +00:00
Clément Oudot
058ab93a15 SAML: manage HTTP method choice for SLO 2010-03-05 17:11:40 +00:00
Clément Oudot
ae4ff763df SAML: manage HTTP method choice for SSO 2010-03-05 16:57:11 +00:00
Clément Oudot
8564389fa7 SAML: manage IDP resolution rules 2010-03-05 15:37:16 +00:00
Clément Oudot
8d1793b7bc SAML: check OneTimeUse and Issuer (for proxy test) 2010-03-05 15:23:49 +00:00
Clément Oudot
c2b7c07dc1 SAML: use NameIDFormat option 2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28 SAML: use ForceAuthn option 2010-03-05 08:54:01 +00:00
Clément Oudot
71283e3596 SAML: attribute request in UserDBSAML 2010-03-03 16:54:23 +00:00
Xavier Guimard
40d2c70604 New target 'tidy' in Makefile 2010-03-01 20:32:28 +00:00
Clément Oudot
b5e2407728 SAML: get mandatory attributes - work in progress 2010-03-01 17:16:42 +00:00
Clément Oudot
13769b69f2 SAML: stop timer when choosing an IDP 2010-03-01 16:14:13 +00:00
Xavier Guimard
a746a440e6 perltidy 2010-03-01 10:45:04 +00:00
Clément Oudot
923e509226 SAML: split conditions validation between time and auience 2010-03-01 09:42:25 +00:00
Clément Oudot
1cecbe512d SAML: Manage logout redirection URL trough RelayState in SLO 2010-03-01 09:19:28 +00:00
Clément Oudot
2c584cf7f7 SAML: 
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
 2010-02-28 19:07:02 +00:00
Xavier Guimard
4634d58f36 AuthTwitter works now 2010-02-27 22:37:59 +00:00
Xavier Guimard
ec35e6c397 Skeleton for AuthTwitter 2010-02-27 16:20:11 +00:00
Xavier Guimard
226a40d5f6 AuthOpenID is ready ! 2010-02-27 14:10:23 +00:00
Xavier Guimard
58c28c5732 * Inheritance instead of @EXPORT 
* Purge CGI::Session dependency (LA)
 2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f SAML: manage SOAP 2010-02-26 09:12:18 +00:00
Clément Oudot
9c228f7022 SAML: Manage relayState trough session backend 2010-02-25 11:39:55 +00:00
Clément Oudot
cc79d3cfe9 SAML: use the last configuration format for IDP metadata 2010-02-24 17:48:20 +00:00
Clément Oudot
9937568f97 SAML: manage SSO response trough Artifact 2010-02-24 15:24:54 +00:00
Clément Oudot
f0c29c779a SAML: 
* Manage SSO message like SLO message
* Send SLO request trough REDIRECT and POST
* Reponse to SSO request trough REDIRECT, POST and SOAP
* Reponse to SLO request trough REDIRECT, POST and SOAP
 2010-02-24 10:11:01 +00:00
Clément Oudot
38060929fb SAML: 
* Use new configuration keys
* sum up replay protection code
 2010-02-22 17:12:16 +00:00
Clément Oudot
fc542fa6b1 Portal: method to auto submit data through POST 2010-02-22 11:07:48 +00:00
Clément Oudot
7444d9802c Portal: set content-type to application/xml for SOAP response 2010-02-22 10:08:14 +00:00
Xavier Guimard
d0cd16172c IssuerOpenID skeleton 2010-02-21 20:17:13 +00:00
Xavier Guimard
fd40d830c8 AuthOpenID in progress 2010-02-21 14:47:16 +00:00
Xavier Guimard
6a2270b73d OpenID authentication skeleton 2010-02-21 14:00:53 +00:00
Clément Oudot
3eac5ce288 Portal: display logout status to user 2010-02-20 11:44:05 +00:00
Clément Oudot
9766b8457a SAML: SP SLO response trough HTTP-REDIRECT and SOAP 2010-02-19 11:33:34 +00:00
Clément Oudot
2238075912 SAML: SP SLO validate request 2010-02-18 17:42:31 +00:00
Clément Oudot
bd2c92f207 SAML: SP SLO in progress 2010-02-18 17:22:04 +00:00
Clément Oudot
a6d7f7a3a3 SAML: 
* Send correct logout request
* Use getMetaDataURL to get URL from metadata configuration keys
 2010-02-18 09:58:59 +00:00
Clément Oudot
46764465b2 SAML: SP SLO in progress 2010-02-17 17:37:38 +00:00
Clément Oudot
4c5d286196 SAML: rename keys of samlIDMetaData hash 2010-02-17 15:34:19 +00:00
Clément Oudot
5b34644e10 SAML: SLO initiated by SP (not achieved) 2010-02-17 15:13:00 +00:00
Clément Oudot
b9a6eb6743 SAML: replay protection was buggy 2010-02-17 12:02:11 +00:00
Clément Oudot
3da1b1ed19 SAML: conditions validations corrected in Lasso 2010-02-17 11:51:01 +00:00
Clément Oudot
d5d56f7649 SAML: conditions validation 2010-02-15 17:03:07 +00:00
Clément Oudot
88b81bf2aa SAML: assertion replay protection 2010-02-15 13:44:06 +00:00
Clément Oudot
12668e7cc2 SAML: register attributes from SAML authn statement in session 2010-02-12 14:26:45 +00:00
Clément Oudot
71f142316f SAML: 
* IDP metadata are in metadata key
* Use IDP internal ID instead of entityID to keep choosen IDP information
* Use base64 encoding for RelayState value
 2010-02-12 10:53:43 +00:00
Clément Oudot
cb7f7f8bd1 SAML: first complete SP cinematic implementation 2010-02-11 12:39:42 +00:00
Xavier Guimard
27769948f3 * abort instead of log when apps.list is deprecated 
* lmMigrateConfFiles2ini does not quit if storage.conf is missing so it can be launched more than one time
 2010-02-11 08:44:57 +00:00
Clément Oudot
e323fe1cf5 SAML: customize authentication request 2010-02-10 17:18:46 +00:00
Clément Oudot
be4198a31e SAML: Lasso can now use ; in query string 2010-02-10 10:59:20 +00:00
Clément Oudot
f265cbce57 SAML: NameID management 2010-02-09 20:49:23 +00:00
Clément Oudot
e891c13ad3 SAML: use query_string and get name identifier 2010-02-09 09:02:39 +00:00
Clément Oudot
040aea4dfb SAML: 
* Redirect user to IDP SSO URL
* Catch IDP response for HTTP-REDIRECT binding
 2010-02-08 17:24:45 +00:00
Xavier Guimard
788f688d78 little thing 2010-02-08 10:21:34 +00:00
Xavier Guimard
be93f8dc47 Somes fixes 2010-02-08 10:16:28 +00:00
Xavier Guimard
fad774f41b Fix some little bugs 2010-02-08 10:06:21 +00:00
Clément Oudot
434f8ea286 SAML: better organization name management 2010-02-05 17:18:09 +00:00
Clément Oudot
9b0c8ef9c1 SAML: use serviceToXML 2010-02-05 16:14:05 +00:00
Clément Oudot
3606362946 LDAP: 
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
 2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be Portal: force authentication is now working 2010-02-05 10:21:48 +00:00
Clément Oudot
a1976436b6 SAML: build authentication request 2010-02-04 16:02:02 +00:00
Clément Oudot
3a3ec647e9 SAML: IDP choice 2010-02-04 12:30:18 +00:00
Clément Oudot
a15fdcaaae SAML: 
* Lasso error can be a string or a Lasso::Error object
* Use private key to create Lasso::Server
* Perl binding bug resolution waiting: some method arguments should accept NULL values
 2010-02-03 10:59:53 +00:00
Clément Oudot
79075b8e5c SAML: do not force optional parameters in add_provider_from_buffer 2010-02-02 22:16:29 +00:00
Clément Oudot
8b883bc147 SAML: typo in Lasso method 2010-02-02 21:55:25 +00:00
Clément Oudot
718e4fa136 SAML: add IDP in Lasso::Server 2010-02-01 17:07:40 +00:00
Clément Oudot
bcfdac9dd1 SAML: catch Glib messages 2010-02-01 15:24:56 +00:00
Clément Oudot
8abef3a99b SAML: 
* perltidy
* use XML::Simple instead of XML::LibXML to parse XML
* Add initializeFromConfHash method to use directly configuration hash object
* Create Lasso server with metadata in buffers rather than XML files
 2010-02-01 14:01:28 +00:00
Xavier Guimard
01785de792 * "SKIP" in SAML tests 
* "= splice @_" instead of "= @_" avoid memory duplication
 2010-01-31 08:25:05 +00:00
Clément Oudot
ccbb52c13c SAML: create Lasso Server 2010-01-29 17:33:35 +00:00
Clément Oudot
5dd981fa85 SAML: load Lasso method 2010-01-29 10:44:56 +00:00
Clément Oudot
90a08dbbde Portal/Multi: 
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
 2010-01-28 14:47:51 +00:00
Clément Oudot
760f62e534 Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user 2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd Portal: portalForceAuthn option was unusable with Menu password change 2010-01-27 14:04:41 +00:00
Clément Oudot
1f243e0a20 Portal: possibility to force reauthentication (set portalForceAuthn = 1) 2010-01-25 17:40:46 +00:00
Clément Oudot
5aa74c08d6 Portal: allow passwordDBNull in Menu.pm 2010-01-25 14:32:22 +00:00
Clément Oudot
86b18ea609 Portal: Null modules for authentication and passwordDB 2010-01-25 14:20:51 +00:00
Clément Oudot
95e29fd733 Portal: change _password value in session when user changes its password 2010-01-22 21:54:58 +00:00
Clément Oudot
3222021897 Portal: 
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}
 2010-01-22 11:25:37 +00:00
Clément Oudot
f6c250207c Portal - new feature: token to reset password by mail: 
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid
 2010-01-21 17:38:55 +00:00
Clément Oudot
81f510a6e5 Menu: 
* XML conf is now deprecated, applicationList configuration parameter is used
* Remove all XML related code
* filter applications under applications
* Hide empty categories
 2010-01-20 17:17:21 +00:00
Clément Oudot
15e77c7d88 Portal SOAP: 
* perltidy
* Add process stages in getCookies
* Move _buildSoapHash in private methods parts
* Create getXmlMenu method in /config
* Update buildPortalWSDL script
 2010-01-19 16:50:38 +00:00
Thomas CHEMINEAU
bb7881bcec add a WSDL tag to isAuthorizedURI SOAP method 2010-01-18 15:39:01 +00:00
Clément Oudot
5af1db1c3e Portal: move ppolicy warnings from menu to information page 2010-01-15 22:01:04 +00:00
Clément Oudot
9477aa69af Portal: confirm template amelioration 2010-01-12 11:19:13 +00:00
Xavier Guimard
e642a1d270 PE_CONFIRM stop _Multi::try() 2010-01-12 11:19:12 +00:00
Xavier Guimard
bdbeda9494 i18n update 2010-01-12 11:12:46 +00:00
Clément Oudot
bea600dff4 Portal: info template amelioration 2010-01-12 11:07:31 +00:00
Xavier Guimard
7d98447f5e PE_CONFIRM target 2010-01-12 11:05:01 +00:00
Xavier Guimard
271c4767a8 Link to delete other sessions 2010-01-12 10:36:04 +00:00
Xavier Guimard
effa0b9fa6 Notify existing sessions and deleted sessions if wanted 2010-01-12 09:53:49 +00:00
Clément Oudot
dc2556386d Portal: little corrections 2010-01-11 16:58:57 +00:00
Xavier Guimard
d181da867b * perltidy 
* new feature : info can be displayed by portal => used to notify deleted sessions
 * notifyDeleted in the manager
 2010-01-11 16:04:36 +00:00
Clément Oudot
dc3d9558fe Portal: create a grantSession stage in process() 2010-01-11 14:02:43 +00:00
Clément Oudot
cad747f629 Menu: use configuration instead of XML file - work in progress 2010-01-08 11:51:04 +00:00
Thomas CHEMINEAU
72e0247f03 fixes #314372 - introduce isAuthorizedURI SOAP function 2010-01-07 11:07:48 +00:00
Xavier Guimard
8102f72d50 POD updates : 
* spelling errors found by Lintian
 * encoding utf8
 2010-01-03 08:09:59 +00:00
Clément Oudot
ee62c967b9 Reset password by mail for DBI backend 2009-12-30 19:42:17 +00:00
Xavier Guimard
23ee91c414 Modify _DBI::checkPassword to make it reuseable by another module than AuthDBI 2009-12-22 08:46:54 +00:00
Clément Oudot
0a618cda34 Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm 2009-12-21 22:28:38 +00:00
Xavier Guimard
4d47d92749 * Debian upgrade for jquery management 
* SQL injection protection for DBI
 * Regexp to control user field
 * Missing parameters in _Struct.pm
 * Bad errors management in Uploader
 2009-12-19 08:57:59 +00:00
Clément Oudot
a8601a0e5f portalOpenLinkInNewWindow parameter 2009-12-17 14:10:39 +00:00
Clément Oudot
5b82343808 Reorganize issuer methods in process() 2009-12-16 15:53:49 +00:00
Clément Oudot
578d0a0d59 Add in li classes to enable CSS icon customization in IE 6 2009-12-15 17:21:37 +00:00
Xavier Guimard
dcd4905342 * Update Perl and Debian dependencies, and debian/rules for the new manager 
* Add pod skeleton for Manager.pm
 * correct pod for IssuerDB*
 2009-12-13 15:40:33 +00:00
Xavier Guimard
5b2363b959 perltidy 2009-12-11 21:17:06 +00:00
Xavier Guimard
b301a5b5c8 New manager 2009-12-11 18:17:00 +00:00
Xavier Guimard
04ed7be634 exported vars are now asked to the LDAP server (instead of *) 2009-12-10 21:48:43 +00:00
Clément Oudot
5499a042ab Replace SAML* methods by IssuerDB* methods, allowing use of other IssuerDB modules 2009-12-10 17:03:57 +00:00
Clément Oudot
1f0b9ed10c First implementation of Auth/UserDB/PasswordDB DBI 2009-12-10 11:30:43 +00:00
Clément Oudot
3faa932908 New userDB module: UserDBEnv, allows to collect environment variable as session elements, very usefull with AuthSSL 2009-12-04 17:01:30 +00:00
Clément Oudot
65387caebe Do not use allowempty flag in Config::IniFiles (close bug #314539) 2009-12-04 09:44:37 +00:00
Clément Oudot
9d7e1a85c1 Move default values in setDefaultValues 2009-12-03 13:51:55 +00:00
Clément Oudot
36e8868e31 Add parameter cookieExpiration (close feature request #314368) 2009-12-03 11:47:50 +00:00
Xavier Guimard
061994cfcc Debian tests 2009-12-03 10:08:33 +00:00
Clément Oudot
0ea44c2389 Merge storage.conf and localconf.ini in lemonldap-ng.ini 2009-12-02 15:08:35 +00:00
Clément Oudot
70522969f3 Add possibility to use a local configuration file (localconf.ini) to override configuration parameters 2009-11-30 16:46:14 +00:00
Xavier Guimard
7d4a491af3 * Remove class variable in handler (to do later) 
* little bug in _LDAP
* new parameter singleUserByIp + removeOther() try to purge local cache
 2009-11-25 12:38:22 +00:00
Clément Oudot
b972c10a20 Use configuration parameters for portal customization 2009-11-25 08:44:12 +00:00
Clément Oudot
7d255abdef Move AuthCAS loading in authInit 2009-11-17 15:43:05 +00:00
Xavier Guimard
5f73c30706 Bug if trustedDomains contains more than 1 domain 2009-11-09 15:32:27 +00:00
Xavier Guimard
83e33a90ad perltidy and licence update 2009-11-07 13:05:50 +00:00
Thomas CHEMINEAU
e2d47ce982 fixe #314458 - add url parameter in URL of CAS portal redirection 2009-11-05 14:25:55 +00:00
Xavier Guimard
95424e487a * New manager in progress 
* Strange problem with Net::LDAP in mpm-worker environment (not fixed)
 * Clean lock files when using Apache::Session::File
 2009-10-30 17:27:36 +00:00
Xavier Guimard
7a04829a08 New portal parameters : singleIP and singleSession 2009-10-21 12:43:13 +00:00
Xavier Guimard
ec15f539b2 Perl warning 2009-10-18 08:52:12 +00:00
Xavier Guimard
655fd9e526 * perltidy 
* LDAP: loadPP() is called now directly in ldap() to avoid to call it in authInit()
 2009-10-12 16:55:35 +00:00
Xavier Guimard
bf488752b4 Documentation update 2009-10-12 15:03:29 +00:00
Xavier Guimard
def1d50780 Closes #314192 2009-10-11 11:28:25 +00:00
Xavier Guimard
041fcbe05a Closes #314369 2009-10-11 11:21:52 +00:00
Xavier Guimard
bf6230c5ac VERSION 0.9.4.1 2009-10-11 08:13:50 +00:00
Xavier Guimard
49cc593005 '*' for trustedDomains 2009-10-02 16:10:23 +00:00
Xavier Guimard
a8c75750cd Bug in _Multi.pm : eval { require $mod } means "search the file named $mod", but since $mod is a module name, we have to write eval "require $mod" 2009-09-30 10:59:02 +00:00
Xavier Guimard
112cf4c1e6 Rename "Relay" auth mechanism to "Proxy" and add test 2009-09-27 07:54:05 +00:00
Xavier Guimard
947ee7f7c6 Relay in progress... 2009-09-23 13:35:19 +00:00
Xavier Guimard
48ac5bd591 * New authentication scheme : Relay (queries by SOAP another portal) 
* syslog facility was not taken in account
* Missing HTTP::Headers dependency
* lmConfigEditor must not display reVHosts and cipher which are calculated by Conf.pm
* bad Apache security in Debian configuration files
 2009-09-23 12:42:34 +00:00
Xavier Guimard
444e093004 Bugs : 
* Crypto was usable only with 16xn characters
 * Menu was not able to filter embedded <application>
Google page speed :
 * optimize images
 * set size
 2009-08-20 14:19:40 +00:00
Xavier Guimard
bfebb497a1 Closes: #314163 : testUri() unusable 2009-08-20 14:15:16 +00:00
Xavier Guimard
771bf46a5f HTTP code 302 has to be replaced by 303 2009-08-18 13:33:36 +00:00
Clément Oudot
0a1c2c95b8 Bug CAS: redirect function was not valid 2009-07-21 13:52:10 +00:00
Xavier Guimard
6c7558cffd * Better performances for Menu : XML was parsed 2 times 
* Doc for SympaAutoLogin
* Version update
 2009-07-05 11:11:33 +00:00
Xavier Guimard
8965bd6119 * Menu update : application can contains application 
* update trunk from branch
 2009-07-01 08:52:14 +00:00
Clément Oudot
7bd70aec9e Do not use , as separator as it breaks DN 2009-06-25 07:51:39 +00:00
Xavier Guimard
affdc1f5bc SOAP configuration access : 
* Missing SOAP fonction for config access in Portal/_SOAP.pm (lastCfg)
* Common/Conf/SOAP.pm now reports SOAP errors
* Common/Conf.pm reports an error when lastCfg returns 0
* SOAP namespace error in Common/Conf/SOAP.pm

Other :
* error in logout_sso default value (Handler/Simple.pm)
* bad returned value when configuration was missing in Handler/SharedConf.pm
 2009-06-23 20:36:44 +00:00
Clément Oudot
f3536d4634 Bug in Webform: tests always returned PE_FORMEMPTY 2009-06-22 14:04:24 +00:00
Clément Oudot
198bcf70bc Get the timezone of the user and correct checkLogonHours function 2009-06-22 10:01:58 +00:00
Xavier Guimard
36c9aa2409 Change CDA parameter to cda. 2009-06-15 14:13:09 +00:00