Clément Oudot
5444a9d3b4
SAML:
...
* Grab NameID from attribute request and find corresponding session (#2 )
* create a getSamlSession subroutine
2010-06-02 09:04:07 +00:00
Clément Oudot
e8c514f794
SAML: set NameID in attribute query ( #2 )
2010-06-01 14:43:49 +00:00
Clément Oudot
b678ab454f
SAML: test SessionNotOnOrAfter before converting it ( #77 )
2010-05-31 13:50:26 +00:00
Clément Oudot
c0edd943db
SAML: add an IDP option to force attribute value in UTF-8 ( #72 )
2010-05-28 15:31:20 +00:00
Clément Oudot
6964b09eb2
SAML: use HTTP method string in debug messages
2010-05-28 12:17:05 +00:00
Clément Oudot
82ff667d57
SAML: add POST binding to SAML services ( #75 )
2010-05-28 10:35:24 +00:00
Clément Oudot
b8c3f5e6ff
SAML: transport url parameter in IDP choice screens ( closes #73 )
2010-05-28 08:03:13 +00:00
Clément Oudot
d1b4541a4d
SAML: check Destination attribute ( closes #33 )
2010-05-21 13:44:16 +00:00
Clément Oudot
df4198399f
* Add a new process step (authFinish) run after session store
...
* Create SAML session linked to real session to store NameID and SessionIndex, in order to use searchOn on them (will not force globalStorage to be compatible with searchOn)
* Control SessionIndex sent by IDP on a SLO request is now managed in SP to get the correct local session
* This solves issue #51
2010-05-17 16:02:21 +00:00
Clément Oudot
be742cfac6
SAML: use encrypt/decrypt to match session_index and session_id ( #51 )
2010-05-12 15:56:27 +00:00
Clément Oudot
c6dd158903
SAML: map SAML authentication context and authentication level ( #47 )
2010-05-12 15:14:07 +00:00
Xavier Guimard
3844ba4192
"make tidy"
2010-05-12 04:04:10 +00:00
Clément Oudot
a04ff6e964
SAML:
...
* OneTimeUse is no more used in SP (#50 )
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
2010-05-05 07:10:13 +00:00
Clément Oudot
1b81ccd96f
SAML: use get_signature_status from Lasso::Profile
2010-05-03 21:12:14 +00:00
Xavier Guimard
5ceb94e612
Correct errors
2010-05-02 13:41:12 +00:00
Xavier Guimard
cf0ece9aa2
Reformating
2010-05-02 11:37:25 +00:00
Clément Oudot
2523fc5cf5
SAML: check IDP value from IDP cookie (LEMONLDAP-44)
2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd
SAML:
...
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
2010-04-30 14:55:40 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Clément Oudot
a1d41fbdda
SAML:
...
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
2010-04-28 16:29:27 +00:00
Clément Oudot
70a214b9e0
SAML:
...
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe
SAML: add methods to disable signature verification (tests in progress)
2010-04-16 10:13:20 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
91e1419f57
SAML: artifact resolution response in SP and IDP
2010-04-12 09:09:53 +00:00
Clément Oudot
7fef157210
SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage)
2010-04-09 13:27:54 +00:00
Clément Oudot
e34c8409b1
SAML: escape URL strings in regexp
2010-04-08 10:16:13 +00:00
Clément Oudot
fb9f964515
SAML: move use POSIX from AuthSAML to _SAML
2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5
SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP
2010-04-08 09:39:53 +00:00
Clément Oudot
ecf5612e4f
SAML:
...
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
2010-04-07 15:14:17 +00:00
Clément Oudot
119386dca7
SAML: use checkMessage in AuthSAML
2010-04-02 14:47:17 +00:00
Clément Oudot
e21b4c936a
SAML: intercept artefact resolution URL in SP
2010-04-02 11:41:44 +00:00
Clément Oudot
f87d6b9b3d
SAML: IDP requestedAuthnContext option
2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f
SAML: IDP isPassive option
2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4
SAML: work on SSO/SLO signature options
2010-04-01 14:18:37 +00:00
Clément Oudot
6d505c9468
SAML: IDP option to validate SSO response signature -not working now
2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681
SAML: IDP option to sign SSO requests
2010-04-01 09:55:33 +00:00
Thomas CHEMINEAU
a3a80947bc
SAML: move code that load SAML services and IDPs into _SAML
2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c
SAML: option to adapt session _utime with SessionNotOnOrAfter
2010-03-25 10:02:53 +00:00
Clément Oudot
953806ed93
SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet
2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a
SAML: add AllowLoginFromIDP option
2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27
SAML: proxy restriction was not working, now it is set in authn request conditions
2010-03-24 12:33:45 +00:00
Clément Oudot
099c846d42
perltidy + manager bug with node created from special parent nodes
2010-03-13 17:39:50 +00:00
Clément Oudot
5a61c04a2d
SAML: use correct IDP name in confirmation message
2010-03-13 16:49:33 +00:00
Clément Oudot
f80620fae4
SAML: No need to force default nameIDFormat value
2010-03-12 16:19:41 +00:00
Clément Oudot
44aeddbc5c
Bug with samlIDPMetaDataOptions upload and use make tidy
2010-03-11 15:00:59 +00:00
Clément Oudot
ce8d8ee84e
SAML: correct a bug if no NameIDFormat were given
2010-03-11 12:00:25 +00:00
Clément Oudot
058ab93a15
SAML: manage HTTP method choice for SLO
2010-03-05 17:11:40 +00:00
Clément Oudot
ae4ff763df
SAML: manage HTTP method choice for SSO
2010-03-05 16:57:11 +00:00
Clément Oudot
8564389fa7
SAML: manage IDP resolution rules
2010-03-05 15:37:16 +00:00
Clément Oudot
8d1793b7bc
SAML: check OneTimeUse and Issuer (for proxy test)
2010-03-05 15:23:49 +00:00