dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,323 Commits 3 Branches 0 Tags 75 MiB
3b6e0567ee
Commit Graph

1160 Commits

Author SHA1 Message Date
Clément Oudot
0ae986296a Clean all UserDBEnv related files 2010-05-08 15:55:27 +00:00
Clément Oudot
2d88be8222 Portal: catch ENV exportedVars for all UserDB modules (#58) 2010-05-07 21:33:57 +00:00
Clément Oudot
f7fc51100c Zimbra Handler: 
* Parameters are now read from main configuration
* Zimbra parameters in Manager
* Add zimbraSsoUrl to catch the local SSO URL (Apache configuration is now very easy)
 2010-05-07 10:42:38 +00:00
Thomas CHEMINEAU
d262a95744 fix little bug in Manager::Help.pm 2010-05-07 10:13:13 +00:00
Thomas CHEMINEAU
adf7e8158a Add activity timeout on SSO sessions 2010-05-07 10:00:55 +00:00
Thomas CHEMINEAU
f60e65166d adding Lemonldap::NG::Handler::UpdateCookie.pm and associated files 2010-05-05 16:49:26 +00:00
Xavier Guimard
810505b1cb (Closes: #46) 2010-05-05 16:42:22 +00:00
Xavier Guimard
1b1cb88f14 Local macros (Closes: #57) 2010-05-05 16:40:23 +00:00
Clément Oudot
2007ac3814 Typo in Zimbra doc 2010-05-05 13:11:26 +00:00
Clément Oudot
bec0831f2d Zimbra preAuth is now an independent Handler (#12) 2010-05-05 08:13:44 +00:00
Xavier Guimard
cdad662b0e Warning for classes properties 2010-05-05 07:33:20 +00:00
Clément Oudot
a04ff6e964 SAML: 
* OneTimeUse is no more used in SP (#50)
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
 2010-05-05 07:10:13 +00:00
Thomas CHEMINEAU
c935584300 informations is correctly stored into session but not well displayed by manager (add _utime, remove useless code) 2010-05-04 15:55:48 +00:00
Clément Oudot
5eb7895dac SAML: manage SP conf key 2010-05-04 10:10:34 +00:00
Clément Oudot
1b81ccd96f SAML: use get_signature_status from Lasso::Profile 2010-05-03 21:12:14 +00:00
Thomas CHEMINEAU
c4ea39fae4 UserDB* modules should store user in sessionInfo 2010-05-03 17:42:42 +00:00
Thomas CHEMINEAU
a963e83dc2 add optional session identifier to update existing session with a valid user via SOAP 2010-05-03 16:49:57 +00:00
Thomas CHEMINEAU
1ba9f9ecf1 cleaning wsdl file, fix little bug in a wrong function name 2010-05-03 15:45:59 +00:00
Clément Oudot
cbf1401f1e Declare Zimbra preauth in other grant subroutines 2010-05-03 14:18:40 +00:00
Clément Oudot
4bd444d427 Handler: first implementation of Zimbra preauth 2010-05-03 12:48:39 +00:00
Clément Oudot
9a5512bdf2 Bad test rule for logout_app_sso, correct #45 2010-05-03 08:59:22 +00:00
Clément Oudot
9832b9fdab Sessions explorer: active sessions button in interface 2010-05-03 07:54:49 +00:00
Xavier Guimard
408365bc5f strftime is defined in POSIX 2010-05-02 17:40:21 +00:00
Xavier Guimard
5ceb94e612 Correct errors 2010-05-02 13:41:12 +00:00
Xavier Guimard
c53bdf0edc Little error 2010-05-02 13:30:04 +00:00
Xavier Guimard
cf0ece9aa2 Reformating 2010-05-02 11:37:25 +00:00
Xavier Guimard
5d2b50e905 Modif for XSS: for logout URL, we test now Referer field 2010-05-01 13:12:28 +00:00
Clément Oudot
2523fc5cf5 SAML: check IDP value from IDP cookie (LEMONLDAP-44) 2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd SAML: 
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
 2010-04-30 14:55:40 +00:00
Clément Oudot
b182e74247 Sessions explorer: set default skin, and do not converted already converted & 2010-04-30 08:02:27 +00:00
Xavier Guimard
c37033b81a $self->{id} was not well managed in portal 2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22 SAML: change error name to PE_IMG_OK and PE_IMG_NOK 2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b SAML: 
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
 2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865 New session explorer (not finished but useable) + some little tips 2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6 SAML: work in progress to manage asynchronous SOAP logout requests 2010-04-28 17:16:38 +00:00
Clément Oudot
a1d41fbdda SAML: 
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
 2010-04-28 16:29:27 +00:00
Clément Oudot
37afeeaeb5 SAML: force attribute values in UTF-8 (JIRA #21) 2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45 SAML: manage SOAP logout request send by IDP to SP 2010-04-28 14:29:52 +00:00
Clément Oudot
6aac834de7 Sessions explorer: & was remplaced too much times in htmlquote() 2010-04-28 13:56:45 +00:00
Thomas CHEMINEAU
d9db773996 SAML: now use get_first_http_method when sending logout request on SP 2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
54afc28e75 SAML: manage logout initiate by IDP 2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
873aa0c32e SAML: generalizing and moving some functions to _SAML.pm 2010-04-26 17:06:49 +00:00
Clément Oudot
844a8807b0 SAML: set sessionIndex in assertion, to be compliant with simpleSAMLphp logout 2010-04-26 15:47:09 +00:00
Thomas CHEMINEAU
6ef67cc5ea SAML: manage internationalization 2010-04-26 15:39:38 +00:00
Clément Oudot
975a585a51 SAML: create NameIdentifier only if it does not already exists 2010-04-26 14:30:54 +00:00
Thomas CHEMINEAU
a0378cd572 SAML: hide submit button when SLO info page is displayed 2010-04-26 13:10:04 +00:00
Clément Oudot
3441a05d2b perltidy + better nameIdentifier construction in SSO phase (bug with latest Lasso verion and simpleSAMLphp) 2010-04-26 10:02:26 +00:00
Thomas CHEMINEAU
9c99b920f0 SAML: perform HTTP redirection in SAML context, when information is displayed to the user, to fix some problem during SAML logout response 2010-04-23 16:57:25 +00:00
Thomas CHEMINEAU
aac04dabdc SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post 2010-04-23 16:26:23 +00:00
Thomas CHEMINEAU
c2b642f172 SAML: continue work on sending logout request for all SP when an SP initiate a logout request 2010-04-23 15:18:08 +00:00
Thomas CHEMINEAU
cd8b59998b SAML: first work on dispatching logout requests to SP during IDP SLO process 2010-04-22 17:01:37 +00:00
Thomas CHEMINEAU
c387e47e4f SAML: retrieve session to be deleted then during a SLO initiate by a SP (maj lasso) 2010-04-22 13:00:32 +00:00
Thomas CHEMINEAU
8e08663576 SAML: no need to search for a valid session, when we are into issuerForAuthUser, we already have a valid one 2010-04-21 16:54:05 +00:00
Thomas CHEMINEAU
0eba588385 SAML: now delete session when logout request for authenticated user is correct 2010-04-20 15:49:48 +00:00
Thomas CHEMINEAU
6bfdad2d0b SAML: manage logout into issuerForAuthUser 2010-04-20 15:31:21 +00:00
Thomas CHEMINEAU
005037df8c SAML: first implementation of SLO initiated by a SP 2010-04-20 10:04:34 +00:00
Clément Oudot
70a214b9e0 SAML: 
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
 2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe SAML: add methods to disable signature verification (tests in progress) 2010-04-16 10:13:20 +00:00
Clément Oudot
a9cfdb9a64 SAML: mandatory attributes are now set in authentication response attribute statement 2010-04-16 08:55:56 +00:00
Clément Oudot
99b4c7fb72 SAML: attributes in authn response (work in progress) 2010-04-15 15:40:07 +00:00
Clément Oudot
4379adc014 SAML: reformate SP list to use EntityID as primary key 2010-04-15 14:42:17 +00:00
Clément Oudot
fbe50de653 * Better log of what is registered in session 
* Control whatToTrace parameter before logging into Apache
 2010-04-15 13:46:45 +00:00
Clément Oudot
656a1d7ff9 Use multiValuesSeparator in sessions explorer 2010-04-15 11:20:42 +00:00
Clément Oudot
d9c4b44c4b Add multiValuesSeparator configuration parameter 2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28 SAML: SSL authentication context is TLSClient and not X509 2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7 SAML: map authenticationLevel and authn context 2010-04-14 16:22:55 +00:00
Xavier Guimard
799b643949 $ENV not taken in acount in macros 2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452 * make tidy 
* Manage authenticationLevel in all authentication backends
 2010-04-14 15:37:57 +00:00
Clément Oudot
756ca82484 SAML: NameID generation (work in progress) 2010-04-14 11:14:24 +00:00
Thomas CHEMINEAU
19256b0aaa support JSON version 1 and 2 for Red Hat EL and Debian compatibilities 2010-04-13 16:43:32 +00:00
Clément Oudot
bc21f58b46 SAML: correct a bug when trying to update a newly created session (cookie not already set) 2010-04-12 15:42:38 +00:00
Clément Oudot
2406d832e9 SAML: manage Lasso session in artifacts 2010-04-12 15:03:54 +00:00
Clément Oudot
ea24dc314e Portal: updateSession can now take session id as parameter 2010-04-12 13:50:42 +00:00
Clément Oudot
ae66b57881 SAML: load and store Lasso Identity and Session 2010-04-12 13:23:22 +00:00
Clément Oudot
91e1419f57 SAML: artifact resolution response in SP and IDP 2010-04-12 09:09:53 +00:00
Clément Oudot
ce1e5840fb SAML: artifact response is now working 2010-04-12 08:26:18 +00:00
Clément Oudot
0ae2585a97 SAML: manage artifact (work in progess) 2010-04-09 16:42:50 +00:00
Clément Oudot
aa986aa337 purgeCentralCache: 
* Add debug option and debug message
* Manage SAML storage backend
* Read local configuration file
 2010-04-09 15:43:21 +00:00
Clément Oudot
7fef157210 SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage) 2010-04-09 13:27:54 +00:00
Clément Oudot
46808d3f78 SAML: manage artifact (work in progess) 2010-04-08 16:28:10 +00:00
Clément Oudot
9bb7adb3c3 SAML: catch artefact resolution URL 2010-04-08 11:03:53 +00:00
Clément Oudot
e34c8409b1 SAML: escape URL strings in regexp 2010-04-08 10:16:13 +00:00
Clément Oudot
fb9f964515 SAML: move use POSIX from AuthSAML to _SAML 2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5 SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP 2010-04-08 09:39:53 +00:00
Clément Oudot
89bf4a6630 SAML: build assertion 2010-04-07 16:37:23 +00:00
Clément Oudot
ecf5612e4f SAML: 
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
 2010-04-07 15:14:17 +00:00
Clément Oudot
f9e8ce7092 SAML: validate request message 2010-04-07 12:27:50 +00:00
Clément Oudot
7859ba292a SAML: trust hidden fields when they are present 2010-04-07 10:11:21 +00:00
Thomas CHEMINEAU
341f9f944f SAML: first work on issuerForAuthUser into IssuerDBSAML.pm 2010-04-02 16:19:10 +00:00
Thomas CHEMINEAU
0974c128ec SAML: fix a little bug 2010-04-02 15:34:44 +00:00
Thomas CHEMINEAU
7202a6651f SAML: manage hidden values for SAML authentication request 2010-04-02 15:28:29 +00:00
Clément Oudot
119386dca7 SAML: use checkMessage in AuthSAML 2010-04-02 14:47:17 +00:00
Thomas CHEMINEAU
16a5230e2e SAML: check if parameters are present or not when assigning values 2010-04-02 12:04:18 +00:00
Clément Oudot
e21b4c936a SAML: intercept artefact resolution URL in SP 2010-04-02 11:41:44 +00:00
Thomas CHEMINEAU
fa039d2114 Store hidden informations in forms 
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
  * Simple: add functions to manage hidden values for forms
 2010-04-02 09:17:02 +00:00
Clément Oudot
62330e2d44 SAML: add ArtifactResolutionService in SP Metadata 2010-04-02 08:40:35 +00:00
Clément Oudot
83880118b3 SAML: change SP option 2010-04-02 08:12:59 +00:00
Clément Oudot
f87d6b9b3d SAML: IDP requestedAuthnContext option 2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f SAML: IDP isPassive option 2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4 SAML: work on SSO/SLO signature options 2010-04-01 14:18:37 +00:00
Clément Oudot
3ff16331f3 Manager: display configuration datas on page load 2010-04-01 13:10:14 +00:00
Clément Oudot
6d505c9468 SAML: IDP option to validate SSO response signature -not working now 2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681 SAML: IDP option to sign SSO requests 2010-04-01 09:55:33 +00:00
Clément Oudot
7f91ef3c83 SAML: was set too late 2010-03-26 16:47:17 +00:00
Thomas CHEMINEAU
ba6bb76549 SAML: 
- Move part of the code into _SAML.pm so that it could be reused;
- Create the method checkMessage that check SAML requests and responses.
 2010-03-26 16:02:27 +00:00
Clément Oudot
408fe2a82d Manager: display config datas after success upload 2010-03-26 15:32:24 +00:00
Thomas CHEMINEAU
e7103c56c5 SAML: implementing issuerForUnAuthUser 2010-03-26 13:56:37 +00:00
Clément Oudot
48857dc62b SAML: encode metadata in UTF8 after XML export 2010-03-26 11:19:07 +00:00
Clément Oudot
07c528d6fd SAML: update POD 2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068 SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT) 2010-03-25 16:43:34 +00:00
Clément Oudot
a7bd4b0f78 Manager: little corrections 2010-03-25 16:36:30 +00:00
Clément Oudot
401ba8a857 Manager: 
* Correct IDP and SP delete functions
* Add select for NameIDFormat and Bindings
 2010-03-25 16:19:10 +00:00
Clément Oudot
9f68350124 Manager: add issuerDB parameter 2010-03-25 15:00:48 +00:00
Thomas CHEMINEAU
b67654d42d SAML: code to load SP metadata 2010-03-25 14:44:38 +00:00
Clément Oudot
3cd3050e9e SAML: add Service Providers node 2010-03-25 14:38:54 +00:00
Thomas CHEMINEAU
dec9d562d8 SAML: work in progress in IssuerDBSAML 2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc SAML: move code that load SAML services and IDPs into _SAML 2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c SAML: option to adapt session _utime with SessionNotOnOrAfter 2010-03-25 10:02:53 +00:00
Clément Oudot
bc7df7b3bc SAML: correct NAME POD section to prevent lintian warning 2010-03-25 08:55:42 +00:00
Clément Oudot
44f5d27b7a Prepare for 1.0rc1: 
* Update modules main version
* make tidy
* make manifest
* make documentation
 2010-03-24 22:06:43 +00:00
Thomas CHEMINEAU
3510863964 manager: little css enhancement on sessions manager 2010-03-24 17:28:06 +00:00
Thomas CHEMINEAU
969b905221 skin: continue to fix mail and notification templates in impact skin 2010-03-24 17:05:10 +00:00
Clément Oudot
bd9c9d13dc LDAP: change test for Net::LDAP minimal version for ppolicy feature 2010-03-24 15:53:55 +00:00
Clément Oudot
67124c6bff Manager: nice skin change feature 2010-03-24 14:56:38 +00:00
Clément Oudot
953806ed93 SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet 2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a SAML: add AllowLoginFromIDP option 2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27 SAML: proxy restriction was not working, now it is set in authn request conditions 2010-03-24 12:33:45 +00:00
Clément Oudot
bac76b680d LDAP: option to change the password as user (and not as managerDn) 2010-03-24 10:00:52 +00:00
Clément Oudot
857d421b1e Handler: correct Proxy bugs 2010-03-23 15:26:33 +00:00
Thomas CHEMINEAU
f4a724b0b9 make manifest on portal 2010-03-22 18:02:16 +00:00
Thomas CHEMINEAU
d434d9f2ec SAML: cleaning/hidding some unused parameters (bindings, index, protocol) 2010-03-22 17:47:59 +00:00
Clément Oudot
a99b604f1a Skin impact: add notification template 2010-03-22 17:02:59 +00:00
Clément Oudot
d3bea6dd47 Skin impact: add mail reset template 2010-03-22 16:59:10 +00:00
Clément Oudot
3c1db04316 Skin impact: logout was not working 2010-03-22 16:47:13 +00:00
Clément Oudot
8c655fe281 Skin impact: correct tab problem 2010-03-22 16:39:25 +00:00
Thomas CHEMINEAU
a09e94a76e skin: update impact portal skin (work in progress) 2010-03-22 16:22:58 +00:00
Thomas CHEMINEAU
42e11743db skin: update impact portal skin (work in progress) 2010-03-22 16:22:31 +00:00
Clément Oudot
4de567dddc Manager: apply configuration on upload success 2010-03-22 16:09:07 +00:00
Clément Oudot
3bb119108d Manager: better integration of sessions explorer 2010-03-22 11:32:28 +00:00
Thomas CHEMINEAU
a00a20eb60 skin: add confirm.tpl into impact portal skin 2010-03-22 10:50:28 +00:00
Thomas CHEMINEAU
b1575b552c Manager: fix CSS style into the HTML header of the sessions manager 2010-03-22 10:42:17 +00:00
Clément Oudot
3d7e43df5e Manager: help messages correction 2010-03-22 10:38:37 +00:00
Thomas CHEMINEAU
37773df261 add the html header into sessions manager 2010-03-22 10:08:39 +00:00
Thomas CHEMINEAU
067c96502f skins: update impact skin (missing confirm.tpl due to bad manipulation during upgrade from trunk) 2010-03-22 09:56:13 +00:00
Clément Oudot
1e6dc91fdb Manager: update some help messages 2010-03-21 12:00:04 +00:00
Xavier Guimard
9001e5f028 Just a "make tidy" 2010-03-20 17:14:28 +00:00
Clément Oudot
273abab2bb Manager: CSS on form elements 2010-03-19 10:01:23 +00:00
Clément Oudot
39809cae6e Manager: add DBI params 2010-03-18 21:46:38 +00:00
Thomas CHEMINEAU
713914c81b sessions manager: add header to switch between managers 2010-03-18 17:44:19 +00:00
Thomas CHEMINEAU
d9afdee0eb MANAGER: update some icons 2010-03-18 16:51:26 +00:00