Clément Oudot
be742cfac6
SAML: use encrypt/decrypt to match session_index and session_id ( #51 )
2010-05-12 15:56:27 +00:00
Clément Oudot
c6dd158903
SAML: map SAML authentication context and authentication level ( #47 )
2010-05-12 15:14:07 +00:00
Clément Oudot
7f427610fe
SAML: typo in #53 correction
2010-05-12 12:56:16 +00:00
Clément Oudot
01f928504d
SAML: correct date to timestamp conversion ( #62 ) and add unit test
2010-05-12 12:46:47 +00:00
Thomas CHEMINEAU
14c23cea6d
fix #53 - use sendLogoutResponseToServiceProvider in IssuerDBSAML
2010-05-12 09:41:54 +00:00
Xavier Guimard
3844ba4192
"make tidy"
2010-05-12 04:04:10 +00:00
Clément Oudot
0ae986296a
Clean all UserDBEnv related files
2010-05-08 15:55:27 +00:00
Clément Oudot
2d88be8222
Portal: catch ENV exportedVars for all UserDB modules ( #58 )
2010-05-07 21:33:57 +00:00
Thomas CHEMINEAU
adf7e8158a
Add activity timeout on SSO sessions
2010-05-07 10:00:55 +00:00
Thomas CHEMINEAU
f60e65166d
adding Lemonldap::NG::Handler::UpdateCookie.pm and associated files
2010-05-05 16:49:26 +00:00
Xavier Guimard
810505b1cb
( Closes : #46 )
2010-05-05 16:42:22 +00:00
Clément Oudot
bec0831f2d
Zimbra preAuth is now an independent Handler ( #12 )
2010-05-05 08:13:44 +00:00
Clément Oudot
a04ff6e964
SAML:
...
* OneTimeUse is no more used in SP (#50 )
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
2010-05-05 07:10:13 +00:00
Thomas CHEMINEAU
c935584300
informations is correctly stored into session but not well displayed by manager (add _utime, remove useless code)
2010-05-04 15:55:48 +00:00
Clément Oudot
5eb7895dac
SAML: manage SP conf key
2010-05-04 10:10:34 +00:00
Clément Oudot
1b81ccd96f
SAML: use get_signature_status from Lasso::Profile
2010-05-03 21:12:14 +00:00
Thomas CHEMINEAU
c4ea39fae4
UserDB* modules should store user in sessionInfo
2010-05-03 17:42:42 +00:00
Thomas CHEMINEAU
a963e83dc2
add optional session identifier to update existing session with a valid user via SOAP
2010-05-03 16:49:57 +00:00
Thomas CHEMINEAU
1ba9f9ecf1
cleaning wsdl file, fix little bug in a wrong function name
2010-05-03 15:45:59 +00:00
Clément Oudot
cbf1401f1e
Declare Zimbra preauth in other grant subroutines
2010-05-03 14:18:40 +00:00
Xavier Guimard
408365bc5f
strftime is defined in POSIX
2010-05-02 17:40:21 +00:00
Xavier Guimard
5ceb94e612
Correct errors
2010-05-02 13:41:12 +00:00
Xavier Guimard
c53bdf0edc
Little error
2010-05-02 13:30:04 +00:00
Xavier Guimard
cf0ece9aa2
Reformating
2010-05-02 11:37:25 +00:00
Xavier Guimard
5d2b50e905
Modif for XSS: for logout URL, we test now Referer field
2010-05-01 13:12:28 +00:00
Clément Oudot
2523fc5cf5
SAML: check IDP value from IDP cookie (LEMONLDAP-44)
2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd
SAML:
...
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
2010-04-30 14:55:40 +00:00
Xavier Guimard
c37033b81a
$self->{id} was not well managed in portal
2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22
SAML: change error name to PE_IMG_OK and PE_IMG_NOK
2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b
SAML:
...
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6
SAML: work in progress to manage asynchronous SOAP logout requests
2010-04-28 17:16:38 +00:00
Clément Oudot
a1d41fbdda
SAML:
...
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
2010-04-28 16:29:27 +00:00
Clément Oudot
37afeeaeb5
SAML: force attribute values in UTF-8 (JIRA #21 )
2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45
SAML: manage SOAP logout request send by IDP to SP
2010-04-28 14:29:52 +00:00
Thomas CHEMINEAU
d9db773996
SAML: now use get_first_http_method when sending logout request on SP
2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
54afc28e75
SAML: manage logout initiate by IDP
2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
873aa0c32e
SAML: generalizing and moving some functions to _SAML.pm
2010-04-26 17:06:49 +00:00
Clément Oudot
844a8807b0
SAML: set sessionIndex in assertion, to be compliant with simpleSAMLphp logout
2010-04-26 15:47:09 +00:00
Thomas CHEMINEAU
6ef67cc5ea
SAML: manage internationalization
2010-04-26 15:39:38 +00:00
Clément Oudot
975a585a51
SAML: create NameIdentifier only if it does not already exists
2010-04-26 14:30:54 +00:00
Thomas CHEMINEAU
a0378cd572
SAML: hide submit button when SLO info page is displayed
2010-04-26 13:10:04 +00:00
Clément Oudot
3441a05d2b
perltidy + better nameIdentifier construction in SSO phase (bug with latest Lasso verion and simpleSAMLphp)
2010-04-26 10:02:26 +00:00
Thomas CHEMINEAU
9c99b920f0
SAML: perform HTTP redirection in SAML context, when information is displayed to the user, to fix some problem during SAML logout response
2010-04-23 16:57:25 +00:00
Thomas CHEMINEAU
aac04dabdc
SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post
2010-04-23 16:26:23 +00:00
Thomas CHEMINEAU
c2b642f172
SAML: continue work on sending logout request for all SP when an SP initiate a logout request
2010-04-23 15:18:08 +00:00
Thomas CHEMINEAU
cd8b59998b
SAML: first work on dispatching logout requests to SP during IDP SLO process
2010-04-22 17:01:37 +00:00
Thomas CHEMINEAU
c387e47e4f
SAML: retrieve session to be deleted then during a SLO initiate by a SP (maj lasso)
2010-04-22 13:00:32 +00:00
Thomas CHEMINEAU
8e08663576
SAML: no need to search for a valid session, when we are into issuerForAuthUser, we already have a valid one
2010-04-21 16:54:05 +00:00
Thomas CHEMINEAU
0eba588385
SAML: now delete session when logout request for authenticated user is correct
2010-04-20 15:49:48 +00:00
Thomas CHEMINEAU
6bfdad2d0b
SAML: manage logout into issuerForAuthUser
2010-04-20 15:31:21 +00:00
Thomas CHEMINEAU
005037df8c
SAML: first implementation of SLO initiated by a SP
2010-04-20 10:04:34 +00:00
Clément Oudot
70a214b9e0
SAML:
...
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe
SAML: add methods to disable signature verification (tests in progress)
2010-04-16 10:13:20 +00:00
Clément Oudot
a9cfdb9a64
SAML: mandatory attributes are now set in authentication response attribute statement
2010-04-16 08:55:56 +00:00
Clément Oudot
99b4c7fb72
SAML: attributes in authn response (work in progress)
2010-04-15 15:40:07 +00:00
Clément Oudot
4379adc014
SAML: reformate SP list to use EntityID as primary key
2010-04-15 14:42:17 +00:00
Clément Oudot
fbe50de653
* Better log of what is registered in session
...
* Control whatToTrace parameter before logging into Apache
2010-04-15 13:46:45 +00:00
Clément Oudot
d9c4b44c4b
Add multiValuesSeparator configuration parameter
2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28
SAML: SSL authentication context is TLSClient and not X509
2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7
SAML: map authenticationLevel and authn context
2010-04-14 16:22:55 +00:00
Xavier Guimard
799b643949
$ENV not taken in acount in macros
2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
756ca82484
SAML: NameID generation (work in progress)
2010-04-14 11:14:24 +00:00
Clément Oudot
bc21f58b46
SAML: correct a bug when trying to update a newly created session (cookie not already set)
2010-04-12 15:42:38 +00:00
Clément Oudot
2406d832e9
SAML: manage Lasso session in artifacts
2010-04-12 15:03:54 +00:00
Clément Oudot
ea24dc314e
Portal: updateSession can now take session id as parameter
2010-04-12 13:50:42 +00:00
Clément Oudot
ae66b57881
SAML: load and store Lasso Identity and Session
2010-04-12 13:23:22 +00:00
Clément Oudot
91e1419f57
SAML: artifact resolution response in SP and IDP
2010-04-12 09:09:53 +00:00
Clément Oudot
ce1e5840fb
SAML: artifact response is now working
2010-04-12 08:26:18 +00:00
Clément Oudot
0ae2585a97
SAML: manage artifact (work in progess)
2010-04-09 16:42:50 +00:00
Clément Oudot
aa986aa337
purgeCentralCache:
...
* Add debug option and debug message
* Manage SAML storage backend
* Read local configuration file
2010-04-09 15:43:21 +00:00
Clément Oudot
7fef157210
SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage)
2010-04-09 13:27:54 +00:00
Clément Oudot
46808d3f78
SAML: manage artifact (work in progess)
2010-04-08 16:28:10 +00:00
Clément Oudot
9bb7adb3c3
SAML: catch artefact resolution URL
2010-04-08 11:03:53 +00:00
Clément Oudot
e34c8409b1
SAML: escape URL strings in regexp
2010-04-08 10:16:13 +00:00
Clément Oudot
fb9f964515
SAML: move use POSIX from AuthSAML to _SAML
2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5
SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP
2010-04-08 09:39:53 +00:00
Clément Oudot
89bf4a6630
SAML: build assertion
2010-04-07 16:37:23 +00:00
Clément Oudot
ecf5612e4f
SAML:
...
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
2010-04-07 15:14:17 +00:00
Clément Oudot
f9e8ce7092
SAML: validate request message
2010-04-07 12:27:50 +00:00
Clément Oudot
7859ba292a
SAML: trust hidden fields when they are present
2010-04-07 10:11:21 +00:00
Thomas CHEMINEAU
341f9f944f
SAML: first work on issuerForAuthUser into IssuerDBSAML.pm
2010-04-02 16:19:10 +00:00
Thomas CHEMINEAU
0974c128ec
SAML: fix a little bug
2010-04-02 15:34:44 +00:00
Thomas CHEMINEAU
7202a6651f
SAML: manage hidden values for SAML authentication request
2010-04-02 15:28:29 +00:00
Clément Oudot
119386dca7
SAML: use checkMessage in AuthSAML
2010-04-02 14:47:17 +00:00
Clément Oudot
e21b4c936a
SAML: intercept artefact resolution URL in SP
2010-04-02 11:41:44 +00:00
Thomas CHEMINEAU
fa039d2114
Store hidden informations in forms
...
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
* Simple: add functions to manage hidden values for forms
2010-04-02 09:17:02 +00:00
Clément Oudot
62330e2d44
SAML: add ArtifactResolutionService in SP Metadata
2010-04-02 08:40:35 +00:00
Clément Oudot
f87d6b9b3d
SAML: IDP requestedAuthnContext option
2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f
SAML: IDP isPassive option
2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4
SAML: work on SSO/SLO signature options
2010-04-01 14:18:37 +00:00
Clément Oudot
6d505c9468
SAML: IDP option to validate SSO response signature -not working now
2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681
SAML: IDP option to sign SSO requests
2010-04-01 09:55:33 +00:00
Clément Oudot
7f91ef3c83
SAML: was set too late
2010-03-26 16:47:17 +00:00
Thomas CHEMINEAU
ba6bb76549
SAML:
...
- Move part of the code into _SAML.pm so that it could be reused;
- Create the method checkMessage that check SAML requests and responses.
2010-03-26 16:02:27 +00:00
Thomas CHEMINEAU
e7103c56c5
SAML: implementing issuerForUnAuthUser
2010-03-26 13:56:37 +00:00
Clément Oudot
07c528d6fd
SAML: update POD
2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068
SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT)
2010-03-25 16:43:34 +00:00
Thomas CHEMINEAU
b67654d42d
SAML: code to load SP metadata
2010-03-25 14:44:38 +00:00
Thomas CHEMINEAU
dec9d562d8
SAML: work in progress in IssuerDBSAML
2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc
SAML: move code that load SAML services and IDPs into _SAML
2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c
SAML: option to adapt session _utime with SessionNotOnOrAfter
2010-03-25 10:02:53 +00:00
Clément Oudot
bc7df7b3bc
SAML: correct NAME POD section to prevent lintian warning
2010-03-25 08:55:42 +00:00
Clément Oudot
44f5d27b7a
Prepare for 1.0rc1:
...
* Update modules main version
* make tidy
* make manifest
* make documentation
2010-03-24 22:06:43 +00:00
Thomas CHEMINEAU
969b905221
skin: continue to fix mail and notification templates in impact skin
2010-03-24 17:05:10 +00:00
Clément Oudot
bd9c9d13dc
LDAP: change test for Net::LDAP minimal version for ppolicy feature
2010-03-24 15:53:55 +00:00
Clément Oudot
953806ed93
SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet
2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a
SAML: add AllowLoginFromIDP option
2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27
SAML: proxy restriction was not working, now it is set in authn request conditions
2010-03-24 12:33:45 +00:00
Clément Oudot
bac76b680d
LDAP: option to change the password as user (and not as managerDn)
2010-03-24 10:00:52 +00:00
Thomas CHEMINEAU
f4a724b0b9
make manifest on portal
2010-03-22 18:02:16 +00:00
Clément Oudot
a99b604f1a
Skin impact: add notification template
2010-03-22 17:02:59 +00:00
Clément Oudot
d3bea6dd47
Skin impact: add mail reset template
2010-03-22 16:59:10 +00:00
Clément Oudot
3c1db04316
Skin impact: logout was not working
2010-03-22 16:47:13 +00:00
Clément Oudot
8c655fe281
Skin impact: correct tab problem
2010-03-22 16:39:25 +00:00
Thomas CHEMINEAU
a09e94a76e
skin: update impact portal skin (work in progress)
2010-03-22 16:22:58 +00:00
Thomas CHEMINEAU
42e11743db
skin: update impact portal skin (work in progress)
2010-03-22 16:22:31 +00:00
Thomas CHEMINEAU
a00a20eb60
skin: add confirm.tpl into impact portal skin
2010-03-22 10:50:28 +00:00
Thomas CHEMINEAU
067c96502f
skins: update impact skin (missing confirm.tpl due to bad manipulation during upgrade from trunk)
2010-03-22 09:56:13 +00:00
Xavier Guimard
9001e5f028
Just a "make tidy"
2010-03-20 17:14:28 +00:00
Thomas CHEMINEAU
428c8072d5
skins: update on impact portal skin
2010-03-17 10:46:20 +00:00
Thomas CHEMINEAU
f5d947e47f
update portal MANIFEST
2010-03-17 09:48:34 +00:00
Thomas CHEMINEAU
53f83771a9
skins: make impact portal skin functionnal
2010-03-17 09:40:10 +00:00
Thomas CHEMINEAU
85054c3638
skins: add applications list into menu of impact portal skin
2010-03-15 18:26:32 +00:00
Thomas CHEMINEAU
07d64f8c82
skins: add menu.tpl in impact portal skin
2010-03-15 12:54:48 +00:00
Clément Oudot
fa05c16e02
OpenID: warning message for IssuerDBOpenID use
2010-03-15 10:57:17 +00:00
Clément Oudot
df64e375c2
OpenID: do not show form after logout
2010-03-15 10:44:16 +00:00
Clément Oudot
7692cefd95
Portal: all is ready for AuthOpenID
2010-03-15 09:53:56 +00:00
Thomas CHEMINEAU
4e79246c37
skins (impact): fix CSS bugs in login.tpl
2010-03-15 09:51:50 +00:00
Clément Oudot
099c846d42
perltidy + manager bug with node created from special parent nodes
2010-03-13 17:39:50 +00:00
Clément Oudot
5a61c04a2d
SAML: use correct IDP name in confirmation message
2010-03-13 16:49:33 +00:00
Clément Oudot
f80620fae4
SAML: No need to force default nameIDFormat value
2010-03-12 16:19:41 +00:00
Clément Oudot
f7cb80321f
SAML: no \r \n in metadata text content
2010-03-12 14:31:42 +00:00
Clément Oudot
44aeddbc5c
Bug with samlIDPMetaDataOptions upload and use make tidy
2010-03-11 15:00:59 +00:00
Clément Oudot
ce8d8ee84e
SAML: correct a bug if no NameIDFormat were given
2010-03-11 12:00:25 +00:00
Xavier Guimard
d439cab42e
* Little CSS for abort()
...
* Comments for lemonldap-ng.ini
* lemonldap-ng.ini was not well read in Manager
* New target 'unprotect' in rules
* Status update
2010-03-09 21:42:31 +00:00
Thomas CHEMINEAU
5b77fa66b4
update information template into impact portal skin
2010-03-08 19:23:38 +00:00
Thomas CHEMINEAU
08e423a38d
add info.tpl into impact portal skin
2010-03-08 18:57:49 +00:00
Thomas CHEMINEAU
0a943ba5ff
update manifest for impact portal skin
2010-03-07 23:41:39 +00:00
Thomas CHEMINEAU
35899de76c
add icons into impact portal skin
2010-03-07 23:01:28 +00:00
Thomas CHEMINEAU
0262a3da23
add impact skin in MANIFEST
2010-03-07 21:55:27 +00:00
Thomas CHEMINEAU
5ce35adc2d
portal skin: first work on impact skin
2010-03-07 21:54:02 +00:00
Clément Oudot
058ab93a15
SAML: manage HTTP method choice for SLO
2010-03-05 17:11:40 +00:00
Clément Oudot
ae4ff763df
SAML: manage HTTP method choice for SSO
2010-03-05 16:57:11 +00:00
Clément Oudot
8564389fa7
SAML: manage IDP resolution rules
2010-03-05 15:37:16 +00:00
Clément Oudot
8d1793b7bc
SAML: check OneTimeUse and Issuer (for proxy test)
2010-03-05 15:23:49 +00:00
Clément Oudot
c2b7c07dc1
SAML: use NameIDFormat option
2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28
SAML: use ForceAuthn option
2010-03-05 08:54:01 +00:00
Clément Oudot
71283e3596
SAML: attribute request in UserDBSAML
2010-03-03 16:54:23 +00:00
Xavier Guimard
40d2c70604
New target 'tidy' in Makefile
2010-03-01 20:32:28 +00:00
Clément Oudot
b5e2407728
SAML: get mandatory attributes - work in progress
2010-03-01 17:16:42 +00:00
Clément Oudot
13769b69f2
SAML: stop timer when choosing an IDP
2010-03-01 16:14:13 +00:00
Xavier Guimard
a746a440e6
perltidy
2010-03-01 10:45:04 +00:00
Clément Oudot
923e509226
SAML: split conditions validation between time and auience
2010-03-01 09:42:25 +00:00
Clément Oudot
1cecbe512d
SAML: Manage logout redirection URL trough RelayState in SLO
2010-03-01 09:19:28 +00:00
Clément Oudot
2c584cf7f7
SAML:
...
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
2010-02-28 19:07:02 +00:00
Xavier Guimard
4634d58f36
AuthTwitter works now
2010-02-27 22:37:59 +00:00
Xavier Guimard
ec35e6c397
Skeleton for AuthTwitter
2010-02-27 16:20:11 +00:00
Xavier Guimard
226a40d5f6
AuthOpenID is ready !
2010-02-27 14:10:23 +00:00
Xavier Guimard
1043c1fb68
Unused test
2010-02-26 11:10:29 +00:00
Xavier Guimard
58c28c5732
* Inheritance instead of @EXPORT
...
* Purge CGI::Session dependency (LA)
2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f
SAML: manage SOAP
2010-02-26 09:12:18 +00:00
Clément Oudot
9c228f7022
SAML: Manage relayState trough session backend
2010-02-25 11:39:55 +00:00
Clément Oudot
cc79d3cfe9
SAML: use the last configuration format for IDP metadata
2010-02-24 17:48:20 +00:00
Clément Oudot
9937568f97
SAML: manage SSO response trough Artifact
2010-02-24 15:24:54 +00:00
Clément Oudot
f0c29c779a
SAML:
...
* Manage SSO message like SLO message
* Send SLO request trough REDIRECT and POST
* Reponse to SSO request trough REDIRECT, POST and SOAP
* Reponse to SLO request trough REDIRECT, POST and SOAP
2010-02-24 10:11:01 +00:00
Clément Oudot
38060929fb
SAML:
...
* Use new configuration keys
* sum up replay protection code
2010-02-22 17:12:16 +00:00
Clément Oudot
fc542fa6b1
Portal: method to auto submit data through POST
2010-02-22 11:07:48 +00:00
Clément Oudot
7444d9802c
Portal: set content-type to application/xml for SOAP response
2010-02-22 10:08:14 +00:00
Xavier Guimard
d0cd16172c
IssuerOpenID skeleton
2010-02-21 20:17:13 +00:00
Xavier Guimard
fd40d830c8
AuthOpenID in progress
2010-02-21 14:47:16 +00:00
Xavier Guimard
6a2270b73d
OpenID authentication skeleton
2010-02-21 14:00:53 +00:00
Clément Oudot
3eac5ce288
Portal: display logout status to user
2010-02-20 11:44:05 +00:00
Clément Oudot
9766b8457a
SAML: SP SLO response trough HTTP-REDIRECT and SOAP
2010-02-19 11:33:34 +00:00
Clément Oudot
2238075912
SAML: SP SLO validate request
2010-02-18 17:42:31 +00:00
Clément Oudot
bd2c92f207
SAML: SP SLO in progress
2010-02-18 17:22:04 +00:00
Clément Oudot
a6d7f7a3a3
SAML:
...
* Send correct logout request
* Use getMetaDataURL to get URL from metadata configuration keys
2010-02-18 09:58:59 +00:00
Clément Oudot
98aa9cdfcf
Portal: correct image path
2010-02-18 09:58:05 +00:00
Clément Oudot
46764465b2
SAML: SP SLO in progress
2010-02-17 17:37:38 +00:00
Clément Oudot
4c5d286196
SAML: rename keys of samlIDMetaData hash
2010-02-17 15:34:19 +00:00
Clément Oudot
5b34644e10
SAML: SLO initiated by SP (not achieved)
2010-02-17 15:13:00 +00:00
Clément Oudot
b9a6eb6743
SAML: replay protection was buggy
2010-02-17 12:02:11 +00:00
Clément Oudot
3da1b1ed19
SAML: conditions validations corrected in Lasso
2010-02-17 11:51:01 +00:00
Clément Oudot
5411891ff6
Portal: template parameters were not well defined
2010-02-17 11:04:28 +00:00
Clément Oudot
d5d56f7649
SAML: conditions validation
2010-02-15 17:03:07 +00:00
Clément Oudot
88b81bf2aa
SAML: assertion replay protection
2010-02-15 13:44:06 +00:00
Clément Oudot
12668e7cc2
SAML: register attributes from SAML authn statement in session
2010-02-12 14:26:45 +00:00
Clément Oudot
71f142316f
SAML:
...
* IDP metadata are in metadata key
* Use IDP internal ID instead of entityID to keep choosen IDP information
* Use base64 encoding for RelayState value
2010-02-12 10:53:43 +00:00
Clément Oudot
cb7f7f8bd1
SAML: first complete SP cinematic implementation
2010-02-11 12:39:42 +00:00
Xavier Guimard
27769948f3
* abort instead of log when apps.list is deprecated
...
* lmMigrateConfFiles2ini does not quit if storage.conf is missing so it can be launched more than one time
2010-02-11 08:44:57 +00:00
Xavier Guimard
6cc13b1c36
Missing '/'
2010-02-11 08:31:23 +00:00
Clément Oudot
e323fe1cf5
SAML: customize authentication request
2010-02-10 17:18:46 +00:00
Clément Oudot
be4198a31e
SAML: Lasso can now use ; in query string
2010-02-10 10:59:20 +00:00
Clément Oudot
f265cbce57
SAML: NameID management
2010-02-09 20:49:23 +00:00
Clément Oudot
e891c13ad3
SAML: use query_string and get name identifier
2010-02-09 09:02:39 +00:00
Clément Oudot
040aea4dfb
SAML:
...
* Redirect user to IDP SSO URL
* Catch IDP response for HTTP-REDIRECT binding
2010-02-08 17:24:45 +00:00
Clément Oudot
a7b9076708
Portal: use non relative path for CSS and images in order to call index.pl with different urls trough apache mod_rewrite rules (ex: RewriteRule ^/saml/.* /index.pl)
2010-02-08 17:23:43 +00:00
Clément Oudot
5a34979fb7
SAML Metadata:
...
* Do not publish private key in metadata!
* perltidy
* typo on EntityID template param
2010-02-08 15:27:20 +00:00
Xavier Guimard
788f688d78
little thing
2010-02-08 10:21:34 +00:00
Xavier Guimard
be93f8dc47
Somes fixes
2010-02-08 10:16:28 +00:00
Xavier Guimard
fad774f41b
Fix some little bugs
2010-02-08 10:06:21 +00:00
Clément Oudot
434f8ea286
SAML: better organization name management
2010-02-05 17:18:09 +00:00
Clément Oudot
9b0c8ef9c1
SAML: use serviceToXML
2010-02-05 16:14:05 +00:00
Thomas CHEMINEAU
6f46631f81
add files needed by Metadata.pm to export metadata from conf to XML
2010-02-05 15:49:52 +00:00
Thomas CHEMINEAU
a8e43eddd6
add method to export metadata from conf to XML, in SAML2 format
2010-02-05 15:48:53 +00:00
Clément Oudot
3606362946
LDAP:
...
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be
Portal: force authentication is now working
2010-02-05 10:21:48 +00:00
Clément Oudot
a1976436b6
SAML: build authentication request
2010-02-04 16:02:02 +00:00
Clément Oudot
3a3ec647e9
SAML: IDP choice
2010-02-04 12:30:18 +00:00
Clément Oudot
a15fdcaaae
SAML:
...
* Lasso error can be a string or a Lasso::Error object
* Use private key to create Lasso::Server
* Perl binding bug resolution waiting: some method arguments should accept NULL values
2010-02-03 10:59:53 +00:00
Clément Oudot
79075b8e5c
SAML: do not force optional parameters in add_provider_from_buffer
2010-02-02 22:16:29 +00:00
Clément Oudot
8b883bc147
SAML: typo in Lasso method
2010-02-02 21:55:25 +00:00
Clément Oudot
718e4fa136
SAML: add IDP in Lasso::Server
2010-02-01 17:07:40 +00:00
Clément Oudot
bcfdac9dd1
SAML: catch Glib messages
2010-02-01 15:24:56 +00:00
Clément Oudot
8abef3a99b
SAML:
...
* perltidy
* use XML::Simple instead of XML::LibXML to parse XML
* Add initializeFromConfHash method to use directly configuration hash object
* Create Lasso server with metadata in buffers rather than XML files
2010-02-01 14:01:28 +00:00
Xavier Guimard
01785de792
* "SKIP" in SAML tests
...
* "= splice @_" instead of "= @_" avoid memory duplication
2010-01-31 08:25:05 +00:00
Clément Oudot
ccbb52c13c
SAML: create Lasso Server
2010-01-29 17:33:35 +00:00
Clément Oudot
5dd981fa85
SAML: load Lasso method
2010-01-29 10:44:56 +00:00
Clément Oudot
cb71f77f4d
Portal: move configuration documentation from script to ini file
2010-01-28 17:39:34 +00:00
Clément Oudot
90a08dbbde
Portal/Multi:
...
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
2010-01-28 14:47:51 +00:00
Clément Oudot
48b97ed4d2
Portal: update MANIFEST
2010-01-28 10:39:58 +00:00
Clément Oudot
760f62e534
Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user
2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd
Portal: portalForceAuthn option was unusable with Menu password change
2010-01-27 14:04:41 +00:00
Clément Oudot
1f243e0a20
Portal: possibility to force reauthentication (set portalForceAuthn = 1)
2010-01-25 17:40:46 +00:00
Clément Oudot
5aa74c08d6
Portal: allow passwordDBNull in Menu.pm
2010-01-25 14:32:22 +00:00
Clément Oudot
86b18ea609
Portal: Null modules for authentication and passwordDB
2010-01-25 14:20:51 +00:00
Xavier Guimard
b87c0a520b
MANIFEST update + Makefile target
2010-01-23 12:48:18 +00:00
Clément Oudot
95e29fd733
Portal: change _password value in session when user changes its password
2010-01-22 21:54:58 +00:00
Clément Oudot
dc1a90d356
Portal: use button instead anchor to harmonize CSS styles
2010-01-22 21:41:45 +00:00
Clément Oudot
3fa08adfff
Manager: add portal configuration parameters
2010-01-22 16:04:15 +00:00
Clément Oudot
3222021897
Portal:
...
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}
2010-01-22 11:25:37 +00:00
Clément Oudot
f6c250207c
Portal - new feature: token to reset password by mail:
...
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid
2010-01-21 17:38:55 +00:00
Clément Oudot
4179148476
Portal:
...
* Resolve a bug: when applications have sub applications, description div of parent application was not shown when leaving sub application menu element
* Move jQuery code in common/portal.js
2010-01-21 09:51:13 +00:00
Clément Oudot
81f510a6e5
Menu:
...
* XML conf is now deprecated, applicationList configuration parameter is used
* Remove all XML related code
* filter applications under applications
* Hide empty categories
2010-01-20 17:17:21 +00:00
Clément Oudot
15e77c7d88
Portal SOAP:
...
* perltidy
* Add process stages in getCookies
* Move _buildSoapHash in private methods parts
* Create getXmlMenu method in /config
* Update buildPortalWSDL script
2010-01-19 16:50:38 +00:00
Thomas CHEMINEAU
bb7881bcec
add a WSDL tag to isAuthorizedURI SOAP method
2010-01-18 15:39:01 +00:00
Thomas CHEMINEAU
03efa3fe99
update buildPortalWSDL to add isAuthorizedURI new method
2010-01-18 15:32:10 +00:00
Clément Oudot
5af1db1c3e
Portal: move ppolicy warnings from menu to information page
2010-01-15 22:01:04 +00:00
Xavier Guimard
40be40dbd9
More comments
2010-01-13 12:46:19 +00:00
Xavier Guimard
0d0d6b5609
Rewrite index.pl
2010-01-13 12:19:55 +00:00
Clément Oudot
9477aa69af
Portal: confirm template amelioration
2010-01-12 11:19:13 +00:00
Xavier Guimard
e642a1d270
PE_CONFIRM stop _Multi::try()
2010-01-12 11:19:12 +00:00
Xavier Guimard
bdbeda9494
i18n update
2010-01-12 11:12:46 +00:00
Clément Oudot
bea600dff4
Portal: info template amelioration
2010-01-12 11:07:31 +00:00
Xavier Guimard
7d98447f5e
PE_CONFIRM target
2010-01-12 11:05:01 +00:00
Xavier Guimard
271c4767a8
Link to delete other sessions
2010-01-12 10:36:04 +00:00
Xavier Guimard
effa0b9fa6
Notify existing sessions and deleted sessions if wanted
2010-01-12 09:53:49 +00:00
Clément Oudot
dc2556386d
Portal: little corrections
2010-01-11 16:58:57 +00:00
Xavier Guimard
d181da867b
* perltidy
...
* new feature : info can be displayed by portal => used to notify deleted sessions
* notifyDeleted in the manager
2010-01-11 16:04:36 +00:00
Clément Oudot
dc3d9558fe
Portal: create a grantSession stage in process()
2010-01-11 14:02:43 +00:00
Clément Oudot
cad747f629
Menu: use configuration instead of XML file - work in progress
2010-01-08 11:51:04 +00:00
Thomas CHEMINEAU
72e0247f03
fixes #314372 - introduce isAuthorizedURI SOAP function
2010-01-07 11:07:48 +00:00
Xavier Guimard
8102f72d50
POD updates :
...
* spelling errors found by Lintian
* encoding utf8
2010-01-03 08:09:59 +00:00
Xavier Guimard
5a5d3872fd
Update changelog
2009-12-31 13:35:34 +00:00
Clément Oudot
ee62c967b9
Reset password by mail for DBI backend
2009-12-30 19:42:17 +00:00
Xavier Guimard
11ed0e260f
Little bug: deconnection was made on a new window
2009-12-28 17:01:21 +00:00
Xavier Guimard
23ee91c414
Modify _DBI::checkPassword to make it reuseable by another module than AuthDBI
2009-12-22 08:46:54 +00:00
Clément Oudot
0a618cda34
Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm
2009-12-21 22:28:38 +00:00
Xavier Guimard
4d47d92749
* Debian upgrade for jquery management
...
* SQL injection protection for DBI
* Regexp to control user field
* Missing parameters in _Struct.pm
* Bad errors management in Uploader
2009-12-19 08:57:59 +00:00
Clément Oudot
a8601a0e5f
portalOpenLinkInNewWindow parameter
2009-12-17 14:10:39 +00:00
Clément Oudot
c667608dac
Portal::Error no more exists
2009-12-17 11:41:15 +00:00
Clément Oudot
5b82343808
Reorganize issuer methods in process()
2009-12-16 15:53:49 +00:00
Clément Oudot
578d0a0d59
Add in li classes to enable CSS icon customization in IE 6
2009-12-15 17:21:37 +00:00
Xavier Guimard
dcd4905342
* Update Perl and Debian dependencies, and debian/rules for the new manager
...
* Add pod skeleton for Manager.pm
* correct pod for IssuerDB*
2009-12-13 15:40:33 +00:00
Xavier Guimard
5b2363b959
perltidy
2009-12-11 21:17:06 +00:00
Xavier Guimard
b301a5b5c8
New manager
2009-12-11 18:17:00 +00:00
Xavier Guimard
04ed7be634
exported vars are now asked to the LDAP server (instead of *)
2009-12-10 21:48:43 +00:00
Clément Oudot
5499a042ab
Replace SAML* methods by IssuerDB* methods, allowing use of other IssuerDB modules
2009-12-10 17:03:57 +00:00
Clément Oudot
1f0b9ed10c
First implementation of Auth/UserDB/PasswordDB DBI
2009-12-10 11:30:43 +00:00
Clément Oudot
ad1af9b081
Add test script for UserDBEnv
2009-12-07 11:36:03 +00:00
Clément Oudot
3faa932908
New userDB module: UserDBEnv, allows to collect environment variable as session elements, very usefull with AuthSSL
2009-12-04 17:01:30 +00:00
Clément Oudot
e6425fc7eb
Do not display login form if there is an external authentication error
2009-12-04 15:12:40 +00:00
Clément Oudot
0cf5c8eec6
Apply patch for tabindex (close patch #314520 )
2009-12-04 10:13:59 +00:00
Clément Oudot
f55416d58d
Correct conf values in example files
2009-12-04 09:59:21 +00:00
Clément Oudot
65387caebe
Do not use allowempty flag in Config::IniFiles (close bug #314539 )
2009-12-04 09:44:37 +00:00
Clément Oudot
6a24eebcc7
Correct a bug if status is configured without localStorage, add a specific ErrorDocument for code 500
2009-12-03 15:45:13 +00:00
Clément Oudot
9d7e1a85c1
Move default values in setDefaultValues
2009-12-03 13:51:55 +00:00
Clément Oudot
36e8868e31
Add parameter cookieExpiration (close feature request #314368 )
2009-12-03 11:47:50 +00:00
Xavier Guimard
061994cfcc
Debian tests
2009-12-03 10:08:33 +00:00
Clément Oudot
0ea44c2389
Merge storage.conf and localconf.ini in lemonldap-ng.ini
2009-12-02 15:08:35 +00:00
Clément Oudot
70522969f3
Add possibility to use a local configuration file (localconf.ini) to override configuration parameters
2009-11-30 16:46:14 +00:00
Clément Oudot
ca905f3477
Update portal MANIFEST
2009-11-27 17:12:43 +00:00
Xavier Guimard
7d4a491af3
* Remove class variable in handler (to do later)
...
* little bug in _LDAP
* new parameter singleUserByIp + removeOther() try to purge local cache
2009-11-25 12:38:22 +00:00
Clément Oudot
b972c10a20
Use configuration parameters for portal customization
2009-11-25 08:44:12 +00:00
Clément Oudot
9ac349e458
Update to jQuery 1.3.2 ( Closes : #314394 )
2009-11-17 22:37:38 +00:00
Clément Oudot
7d255abdef
Move AuthCAS loading in authInit
2009-11-17 15:43:05 +00:00
Xavier Guimard
5f73c30706
Bug if trustedDomains contains more than 1 domain
2009-11-09 15:32:27 +00:00
Xavier Guimard
6757b945ae
svn:executable property
2009-11-08 18:47:09 +00:00
Xavier Guimard
83e33a90ad
perltidy and licence update
2009-11-07 13:05:50 +00:00
Thomas CHEMINEAU
e2d47ce982
fixe #314458 - add url parameter in URL of CAS portal redirection
2009-11-05 14:25:55 +00:00
Xavier Guimard
95424e487a
* New manager in progress
...
* Strange problem with Net::LDAP in mpm-worker environment (not fixed)
* Clean lock files when using Apache::Session::File
2009-10-30 17:27:36 +00:00
Xavier Guimard
7a04829a08
New portal parameters : singleIP and singleSession
2009-10-21 12:43:13 +00:00
Xavier Guimard
ec15f539b2
Perl warning
2009-10-18 08:52:12 +00:00
Xavier Guimard
6f56bea189
Perl Author update
2009-10-17 08:16:14 +00:00
Xavier Guimard
b5dc7730f2
Perl dependencies update
2009-10-17 08:06:41 +00:00
Xavier Guimard
655fd9e526
* perltidy
...
* LDAP: loadPP() is called now directly in ldap() to avoid to call it in authInit()
2009-10-12 16:55:35 +00:00
Xavier Guimard
bf488752b4
Documentation update
2009-10-12 15:03:29 +00:00
Xavier Guimard
def1d50780
Closes #314192
2009-10-11 11:28:25 +00:00
Xavier Guimard
041fcbe05a
Closes #314369
2009-10-11 11:21:52 +00:00
Xavier Guimard
bf6230c5ac
VERSION 0.9.4.1
2009-10-11 08:13:50 +00:00
Xavier Guimard
49cc593005
'*' for trustedDomains
2009-10-02 16:10:23 +00:00
Xavier Guimard
a3341bab71
DISPLAY_RESETPASSWORD was not used
2009-10-01 12:49:42 +00:00
Xavier Guimard
a8c75750cd
Bug in _Multi.pm : eval { require $mod } means "search the file named $mod", but since $mod is a module name, we have to write eval "require $mod"
2009-09-30 10:59:02 +00:00
Xavier Guimard
112cf4c1e6
Rename "Relay" auth mechanism to "Proxy" and add test
2009-09-27 07:54:05 +00:00
Xavier Guimard
947ee7f7c6
Relay in progress...
2009-09-23 13:35:19 +00:00
Xavier Guimard
48ac5bd591
* New authentication scheme : Relay (queries by SOAP another portal)
...
* syslog facility was not taken in account
* Missing HTTP::Headers dependency
* lmConfigEditor must not display reVHosts and cipher which are calculated by Conf.pm
* bad Apache security in Debian configuration files
2009-09-23 12:42:34 +00:00
Xavier Guimard
38d5fabc90
Update changelog + remove bad test for cpan tester
2009-09-15 14:12:03 +00:00
Xavier Guimard
444e093004
Bugs :
...
* Crypto was usable only with 16xn characters
* Menu was not able to filter embedded <application>
Google page speed :
* optimize images
* set size
2009-08-20 14:19:40 +00:00
Xavier Guimard
bfebb497a1
Closes : #314163 : testUri() unusable
2009-08-20 14:15:16 +00:00
Xavier Guimard
771bf46a5f
HTTP code 302 has to be replaced by 303
2009-08-18 13:33:36 +00:00
Clément Oudot
0a1c2c95b8
Bug CAS: redirect function was not valid
2009-07-21 13:52:10 +00:00
Clément Oudot
3fef4041bf
Add , to avoid syntax errors when removing comments
2009-07-20 15:18:12 +00:00
Xavier Guimard
6c7558cffd
* Better performances for Menu : XML was parsed 2 times
...
* Doc for SympaAutoLogin
* Version update
2009-07-05 11:11:33 +00:00
Xavier Guimard
8965bd6119
* Menu update : application can contains application
...
* update trunk from branch
2009-07-01 08:52:14 +00:00
Clément Oudot
2537e92fe0
Use confFile instead of File in configStorage examples
2009-06-29 11:29:52 +00:00
Xavier Guimard
e5f83c5ba0
* Perl documentation update
...
* Makefiles update
2009-06-29 10:12:29 +00:00
Xavier Guimard
bfed9a789c
Documentation update
2009-06-29 09:42:44 +00:00
Clément Oudot
c113f7440e
Force skin parameter for error template
2009-06-25 15:43:14 +00:00
Clément Oudot
7bd70aec9e
Do not use , as separator as it breaks DN
2009-06-25 07:51:39 +00:00
Xavier Guimard
affdc1f5bc
SOAP configuration access :
...
* Missing SOAP fonction for config access in Portal/_SOAP.pm (lastCfg)
* Common/Conf/SOAP.pm now reports SOAP errors
* Common/Conf.pm reports an error when lastCfg returns 0
* SOAP namespace error in Common/Conf/SOAP.pm
Other :
* error in logout_sso default value (Handler/Simple.pm)
* bad returned value when configuration was missing in Handler/SharedConf.pm
2009-06-23 20:36:44 +00:00
Clément Oudot
f3536d4634
Bug in Webform: tests always returned PE_FORMEMPTY
2009-06-22 14:04:24 +00:00
Clément Oudot
198bcf70bc
Get the timezone of the user and correct checkLogonHours function
2009-06-22 10:01:58 +00:00
Xavier Guimard
36c9aa2409
Change CDA parameter to cda.
2009-06-15 14:13:09 +00:00
Xavier Guimard
7ab3ffa447
Documentation update
2009-06-14 20:58:42 +00:00
Xavier Guimard
0ac63904e7
* New parameter for XSS protection : trustedDomains
...
* parameters test to avoid warnings
* debian/control : missing dependencies
* perltidy
* tests update
2009-06-14 16:43:02 +00:00
Xavier Guimard
e55a4868d3
Beginning 0.9.4 publication works : version update
2009-06-08 16:29:13 +00:00
Clément Oudot
81950e0b52
Remove local groups from UserDBLDAP
2009-06-04 15:37:36 +00:00
Thomas CHEMINEAU
0df6ea67fa
adding extended groups functionality
2009-06-04 15:33:53 +00:00
Clément Oudot
9a129352e8
Add HTML::Template to dependencies
2009-06-04 15:19:14 +00:00
Clément Oudot
f52b609d0e
Correct errors seen in make test
2009-06-04 14:27:36 +00:00
Clément Oudot
8f423fd276
Move setGroups in UserDB
2009-06-04 09:13:03 +00:00
Clément Oudot
84c02a1c17
Mail customization (plain text only) with parameter mailBody
2009-06-03 16:40:41 +00:00
Clément Oudot
50e88a68a7
Manage X-FORWARDED-FOR with multiple IP
2009-06-03 14:52:22 +00:00
Xavier Guimard
5698b101db
Missing files
2009-06-02 16:39:51 +00:00
Clément Oudot
aa2d48027f
Use _user instead of uid for connected user
2009-06-02 15:46:26 +00:00
Clément Oudot
9d87ad8532
Use PasswordDBLDAP in Menu
2009-06-02 15:34:13 +00:00
Clément Oudot
56f7f8639a
LEMONLDAP::NG : add dependencies
2009-05-29 10:18:38 +00:00
Clément Oudot
15dadc06d0
LEMONLDAP::NG: bugs found with make test
2009-05-29 09:53:07 +00:00
Clément Oudot
75c1f0feae
LEMONLDAP::NG : Reset password by mail (new functionnality)
2009-05-28 16:31:39 +00:00
Clément Oudot
68975eaa40
LEMONLDAP::NG : correct some little bugs seen in 'make test'
2009-05-26 12:24:03 +00:00
Clément Oudot
d2edd78c44
LEMONLDAP::NG : reimport FederID theme
2009-05-26 11:04:56 +00:00
Clément Oudot
a38bd3e6c7
LEMONLDAP::NG :
...
* Create UserDBNull to use only Auth module
* Store submitted login (user field) in AuthSessionInfos
* Store password if needed in AuthRemote
2009-05-25 12:59:57 +00:00
Xavier Guimard
db4982564b
Update portal manifest
2009-05-21 11:52:57 +00:00
Clément Oudot
43988469c7
LEMONLDAP::NG : Manage X-FORWARDED-FOR header for IP (close bug #312340 )
2009-05-20 09:29:52 +00:00
Clément Oudot
0d9eaed6fc
LEMONLDAP::NG :
...
* Correct XSS on user field
* Add "XSS attack detected" log messages
2009-05-19 08:52:27 +00:00
Clément Oudot
565ba83c05
LEMONLDAP::NG :
...
* Verify old password before modify
* Add the "PE_BADOLDPASSWORD" error
* Minor changes in pastel skin
* Erase old default skins
* Move icons to skins/common
2009-05-18 13:53:51 +00:00
Xavier Guimard
9ee1775253
Missing file in MANIFEST
2009-05-16 10:17:19 +00:00
Clément Oudot
cae5e6ed98
LemonLDAP::NG :
...
* Create PasswordDBLDAP
* Force password modification when password is reset with ppolicy
* new parameter ldapSetPassword: set to 1 if you want to use the LDAP extended operation rather than LDAP modify
* TODO: update HTML templates
2009-05-14 16:19:49 +00:00
Clément Oudot
0b43906ff4
LEMONLDAP::NG :
...
* Add AUTH_USER Template parameter
* Document ldapGroupBase in portal constructor
* Correct error call when testing password policy
2009-05-14 08:46:18 +00:00
Xavier Guimard
cb494c36d5
Logs as PerlLogHandler in handler and little things
2009-05-06 05:38:20 +00:00
Clément Oudot
eebac0ee3e
LEMONLDAP::NG : checkLogonHours and checkDate in Safelib, and correct bug #313624
2009-04-21 13:24:38 +00:00
Xavier Guimard
7ac6d25eaf
* NoCache option for getConf()
...
* sort problem + perltidy in Conf/LDAP
2009-04-18 07:04:07 +00:00
Xavier Guimard
051f61b288
Since CGI stores now parameters at the root of the object, param is now redefined in Common/CGI.pm to secure those parameters
2009-04-11 11:16:44 +00:00
Xavier Guimard
294e35cbeb
Error with PPolicy + CleanupHandler not launched
2009-04-11 06:13:28 +00:00
Xavier Guimard
c40c13734e
SAML skeleton in progress...
2009-04-08 16:31:13 +00:00
Xavier Guimard
3ad76f30b2
PPolicy management is now in _LDAP.pm instead of AuthLDAP to be reused by Menu.pm
2009-04-08 10:32:33 +00:00
Xavier Guimard
a98e3ac8bb
SAML skeleton
2009-04-07 20:38:24 +00:00
Xavier Guimard
c35ea2d689
Password management
2009-04-07 09:27:23 +00:00
Xavier Guimard
e15d136398
LDAP_PP_CHANGE_AFTER_RESET was not intercepted with OpenLDAP since bind() is granted in this case.
2009-04-07 08:26:12 +00:00
Xavier Guimard
740ad09f9f
Safelib + LDAPFilter parameter
2009-04-05 08:12:16 +00:00
Xavier Guimard
2f5af7de52
Documentation update
2009-04-04 15:29:38 +00:00
Xavier Guimard
73fa979c65
'CustomSOAPServices' target in portal
2009-04-04 07:36:42 +00:00
Xavier Guimard
8bc0d20afa
* Portal can now been used as 'proxy' for SOAP session storage.
...
* Session explorer works now with SOAP session storage (very low performances)
2009-04-03 16:17:57 +00:00
Xavier Guimard
b0b971b241
Double session mechanism : 2 cookies are generated, 1 secured, the other not.
...
Handlers detects automatically the cookie to choose.
2009-03-31 10:52:43 +00:00
Xavier Guimard
e5e80709e6
Use Net::LDAP high availability system
...
%ENV was not shared
2009-03-08 17:37:31 +00:00
Xavier Guimard
2b6a1d94a5
Test for Multi module
2009-03-08 16:41:43 +00:00
Xavier Guimard
231f54ddf0
* New authentication and userDB module : 'Multi' to chain authentication modules.
...
* Compilation for ModPerl::Registry by default
2009-03-08 08:50:58 +00:00
Xavier Guimard
6bf8377104
More methods for notification mechanism (to be used by batch that control done notifications)
2009-03-04 08:37:08 +00:00
Xavier Guimard
a4dbbf2ccd
POD
2009-03-03 06:21:52 +00:00
Xavier Guimard
859be3923f
* Doxygen doc update
...
* More tests
* perltidy on tests
2009-02-25 18:10:07 +00:00
Xavier Guimard
6307a00750
Lot of work on Portal SOAP services. Now 5 functions are exported:
...
* getAttributes(cookieValue)
* getConfig()
* getCookies(user,password)
* error(code,language)
* newNotification(xml)
WSDL is up to date but getConfig is not documented since it's a Lemonldap::NG internal service.
2009-02-24 17:53:59 +00:00
Xavier Guimard
2a77ab4066
More tests
2009-02-24 08:03:37 +00:00
Xavier Guimard
20764ad812
New authentication and userDB backend : "Remote" can be used to check authentication from a remote Lemonldap::NG portal using CDA
2009-02-23 17:35:38 +00:00
Xavier Guimard
ace1f67cb6
Error in WSDL
2009-02-20 15:49:03 +00:00
Xavier Guimard
9fdea7384f
make cpan updates META.yml
2009-02-19 08:26:22 +00:00
Xavier Guimard
30d2bd4dd4
More tests
2009-02-19 08:06:59 +00:00
Xavier Guimard
6dd414cb76
XSS tests
2009-02-17 19:37:06 +00:00
Xavier Guimard
018bee1fc6
CDA now included in main portal
2009-02-17 15:39:14 +00:00
Xavier Guimard
553058998f
Doxygen comments update
2009-02-17 15:22:42 +00:00
Xavier Guimard
ffb5ee8e33
Doxygen filter modification to show authentication process methods
2009-02-17 14:56:38 +00:00
Xavier Guimard
dc637c297b
Test more clean
2009-02-16 11:19:05 +00:00
Xavier Guimard
5803952784
* delete log() method from the portal :
...
* user actions are logged by userNotice() and userError()
* other access are logged by HTTP server
* create authenticate() method in Simple.pm used to launch userNotice() for
all authentication method
2009-02-15 17:58:38 +00:00
Xavier Guimard
b6cdee5d2a
Now userNotice and userError are customizable like subs called by _subProcess
2009-02-15 11:30:25 +00:00
Xavier Guimard
415d23b6e4
User actions are now registered with 3 functions :
...
* log : normal access to the portal
* userNotice : authentications, logout,...
* userError : bad password,...
A new parameter 'syslog => "auth"' can be set to log userNotice and userError via syslog
2009-02-15 08:53:44 +00:00
Xavier Guimard
f1dd28c821
LEMONLDAP::NG : more error reporting
2009-02-14 15:21:58 +00:00
Xavier Guimard
0c18700f65
* cleaning code :
...
* session have not to be recover in Menu since it's done before bu the portal
* accounting in CGIs (ModPerl::Registry context only) :
* used by portal to inform Apache
2009-02-14 08:55:19 +00:00
Xavier Guimard
15e4a17bd8
* Typo in debian/control
...
* Notification/DBI.pm is now running
2009-02-13 09:26:02 +00:00
Xavier Guimard
19e59af4cd
log & debug method lmLog() for CGIs
2009-02-12 19:48:53 +00:00
Clément Oudot
ed55803c04
LEMONLDAP::NG : Abort redirection if ppolicy warnings are present
2009-02-12 17:09:33 +00:00
Xavier Guimard
f8169c1909
Notification system in progress :
...
* File storage is running
* DBI storage has not yet been tested
Documentation update
2009-02-11 16:18:38 +00:00
Xavier Guimard
7c1ff1d938
Versions update
2009-02-10 17:28:27 +00:00
Clément Oudot
33d43ffd75
LEMONLDAP::NG : Apply patch for cronjob (issue #312315 )
2009-02-10 16:32:56 +00:00
Xavier Guimard
ab1b201e71
* AuthBasic now use SOAP request to create the new session
...
* perltidy
2009-02-10 11:10:12 +00:00
Thomas CHEMINEAU
6b821a21dd
LEMONLDAP::NG : Fixe a bug in libertySignOn function, to retrieve correct providerID
2009-02-09 16:06:41 +00:00
Xavier Guimard
c5a5ba909f
Typo in pod
2009-02-08 19:12:08 +00:00
Xavier Guimard
b275ee2ac8
LEMONLDAP::NG : WSDL is now clean
2009-02-08 17:12:42 +00:00
Xavier Guimard
fbdb9ccb22
LEMONLDAP::NG : * Version is missing in SOAPServer.pm
...
* perltidy on Portal/Simple.pm
2009-02-08 07:59:46 +00:00
Xavier Guimard
6494326e1e
LEMONLDAP::NG : typo
2009-02-06 17:41:23 +00:00
Xavier Guimard
2f9e6da6c1
LEMONLDAP::NG : problem with UTF8 in Notification.pm
2009-02-06 17:32:44 +00:00