Clément Oudot
3606362946
LDAP:
...
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be
Portal: force authentication is now working
2010-02-05 10:21:48 +00:00
Clément Oudot
a1976436b6
SAML: build authentication request
2010-02-04 16:02:02 +00:00
Clément Oudot
3a3ec647e9
SAML: IDP choice
2010-02-04 12:30:18 +00:00
Clément Oudot
a15fdcaaae
SAML:
...
* Lasso error can be a string or a Lasso::Error object
* Use private key to create Lasso::Server
* Perl binding bug resolution waiting: some method arguments should accept NULL values
2010-02-03 10:59:53 +00:00
Clément Oudot
79075b8e5c
SAML: do not force optional parameters in add_provider_from_buffer
2010-02-02 22:16:29 +00:00
Clément Oudot
8b883bc147
SAML: typo in Lasso method
2010-02-02 21:55:25 +00:00
Clément Oudot
718e4fa136
SAML: add IDP in Lasso::Server
2010-02-01 17:07:40 +00:00
Clément Oudot
bcfdac9dd1
SAML: catch Glib messages
2010-02-01 15:24:56 +00:00
Clément Oudot
8abef3a99b
SAML:
...
* perltidy
* use XML::Simple instead of XML::LibXML to parse XML
* Add initializeFromConfHash method to use directly configuration hash object
* Create Lasso server with metadata in buffers rather than XML files
2010-02-01 14:01:28 +00:00
Xavier Guimard
01785de792
* "SKIP" in SAML tests
...
* "= splice @_" instead of "= @_" avoid memory duplication
2010-01-31 08:25:05 +00:00
Clément Oudot
ccbb52c13c
SAML: create Lasso Server
2010-01-29 17:33:35 +00:00
Clément Oudot
5dd981fa85
SAML: load Lasso method
2010-01-29 10:44:56 +00:00
Clément Oudot
90a08dbbde
Portal/Multi:
...
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
2010-01-28 14:47:51 +00:00
Clément Oudot
760f62e534
Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user
2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd
Portal: portalForceAuthn option was unusable with Menu password change
2010-01-27 14:04:41 +00:00
Clément Oudot
1f243e0a20
Portal: possibility to force reauthentication (set portalForceAuthn = 1)
2010-01-25 17:40:46 +00:00
Clément Oudot
5aa74c08d6
Portal: allow passwordDBNull in Menu.pm
2010-01-25 14:32:22 +00:00
Clément Oudot
86b18ea609
Portal: Null modules for authentication and passwordDB
2010-01-25 14:20:51 +00:00
Clément Oudot
95e29fd733
Portal: change _password value in session when user changes its password
2010-01-22 21:54:58 +00:00
Clément Oudot
3222021897
Portal:
...
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}
2010-01-22 11:25:37 +00:00
Clément Oudot
f6c250207c
Portal - new feature: token to reset password by mail:
...
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid
2010-01-21 17:38:55 +00:00
Clément Oudot
81f510a6e5
Menu:
...
* XML conf is now deprecated, applicationList configuration parameter is used
* Remove all XML related code
* filter applications under applications
* Hide empty categories
2010-01-20 17:17:21 +00:00
Clément Oudot
15e77c7d88
Portal SOAP:
...
* perltidy
* Add process stages in getCookies
* Move _buildSoapHash in private methods parts
* Create getXmlMenu method in /config
* Update buildPortalWSDL script
2010-01-19 16:50:38 +00:00
Thomas CHEMINEAU
bb7881bcec
add a WSDL tag to isAuthorizedURI SOAP method
2010-01-18 15:39:01 +00:00
Clément Oudot
5af1db1c3e
Portal: move ppolicy warnings from menu to information page
2010-01-15 22:01:04 +00:00
Clément Oudot
9477aa69af
Portal: confirm template amelioration
2010-01-12 11:19:13 +00:00
Xavier Guimard
e642a1d270
PE_CONFIRM stop _Multi::try()
2010-01-12 11:19:12 +00:00
Xavier Guimard
bdbeda9494
i18n update
2010-01-12 11:12:46 +00:00
Clément Oudot
bea600dff4
Portal: info template amelioration
2010-01-12 11:07:31 +00:00
Xavier Guimard
7d98447f5e
PE_CONFIRM target
2010-01-12 11:05:01 +00:00
Xavier Guimard
271c4767a8
Link to delete other sessions
2010-01-12 10:36:04 +00:00
Xavier Guimard
effa0b9fa6
Notify existing sessions and deleted sessions if wanted
2010-01-12 09:53:49 +00:00
Clément Oudot
dc2556386d
Portal: little corrections
2010-01-11 16:58:57 +00:00
Xavier Guimard
d181da867b
* perltidy
...
* new feature : info can be displayed by portal => used to notify deleted sessions
* notifyDeleted in the manager
2010-01-11 16:04:36 +00:00
Clément Oudot
dc3d9558fe
Portal: create a grantSession stage in process()
2010-01-11 14:02:43 +00:00
Clément Oudot
cad747f629
Menu: use configuration instead of XML file - work in progress
2010-01-08 11:51:04 +00:00
Thomas CHEMINEAU
72e0247f03
fixes #314372 - introduce isAuthorizedURI SOAP function
2010-01-07 11:07:48 +00:00
Xavier Guimard
8102f72d50
POD updates :
...
* spelling errors found by Lintian
* encoding utf8
2010-01-03 08:09:59 +00:00
Clément Oudot
ee62c967b9
Reset password by mail for DBI backend
2009-12-30 19:42:17 +00:00
Xavier Guimard
23ee91c414
Modify _DBI::checkPassword to make it reuseable by another module than AuthDBI
2009-12-22 08:46:54 +00:00
Clément Oudot
0a618cda34
Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm
2009-12-21 22:28:38 +00:00
Xavier Guimard
4d47d92749
* Debian upgrade for jquery management
...
* SQL injection protection for DBI
* Regexp to control user field
* Missing parameters in _Struct.pm
* Bad errors management in Uploader
2009-12-19 08:57:59 +00:00
Clément Oudot
a8601a0e5f
portalOpenLinkInNewWindow parameter
2009-12-17 14:10:39 +00:00
Clément Oudot
5b82343808
Reorganize issuer methods in process()
2009-12-16 15:53:49 +00:00
Clément Oudot
578d0a0d59
Add in li classes to enable CSS icon customization in IE 6
2009-12-15 17:21:37 +00:00
Xavier Guimard
dcd4905342
* Update Perl and Debian dependencies, and debian/rules for the new manager
...
* Add pod skeleton for Manager.pm
* correct pod for IssuerDB*
2009-12-13 15:40:33 +00:00
Xavier Guimard
5b2363b959
perltidy
2009-12-11 21:17:06 +00:00
Xavier Guimard
b301a5b5c8
New manager
2009-12-11 18:17:00 +00:00
Xavier Guimard
04ed7be634
exported vars are now asked to the LDAP server (instead of *)
2009-12-10 21:48:43 +00:00
Clément Oudot
5499a042ab
Replace SAML* methods by IssuerDB* methods, allowing use of other IssuerDB modules
2009-12-10 17:03:57 +00:00
Clément Oudot
1f0b9ed10c
First implementation of Auth/UserDB/PasswordDB DBI
2009-12-10 11:30:43 +00:00
Clément Oudot
3faa932908
New userDB module: UserDBEnv, allows to collect environment variable as session elements, very usefull with AuthSSL
2009-12-04 17:01:30 +00:00
Clément Oudot
65387caebe
Do not use allowempty flag in Config::IniFiles (close bug #314539 )
2009-12-04 09:44:37 +00:00
Clément Oudot
9d7e1a85c1
Move default values in setDefaultValues
2009-12-03 13:51:55 +00:00
Clément Oudot
36e8868e31
Add parameter cookieExpiration (close feature request #314368 )
2009-12-03 11:47:50 +00:00
Xavier Guimard
061994cfcc
Debian tests
2009-12-03 10:08:33 +00:00
Clément Oudot
0ea44c2389
Merge storage.conf and localconf.ini in lemonldap-ng.ini
2009-12-02 15:08:35 +00:00
Clément Oudot
70522969f3
Add possibility to use a local configuration file (localconf.ini) to override configuration parameters
2009-11-30 16:46:14 +00:00
Xavier Guimard
7d4a491af3
* Remove class variable in handler (to do later)
...
* little bug in _LDAP
* new parameter singleUserByIp + removeOther() try to purge local cache
2009-11-25 12:38:22 +00:00
Clément Oudot
b972c10a20
Use configuration parameters for portal customization
2009-11-25 08:44:12 +00:00
Clément Oudot
7d255abdef
Move AuthCAS loading in authInit
2009-11-17 15:43:05 +00:00
Xavier Guimard
5f73c30706
Bug if trustedDomains contains more than 1 domain
2009-11-09 15:32:27 +00:00
Xavier Guimard
83e33a90ad
perltidy and licence update
2009-11-07 13:05:50 +00:00
Thomas CHEMINEAU
e2d47ce982
fixe #314458 - add url parameter in URL of CAS portal redirection
2009-11-05 14:25:55 +00:00
Xavier Guimard
95424e487a
* New manager in progress
...
* Strange problem with Net::LDAP in mpm-worker environment (not fixed)
* Clean lock files when using Apache::Session::File
2009-10-30 17:27:36 +00:00
Xavier Guimard
7a04829a08
New portal parameters : singleIP and singleSession
2009-10-21 12:43:13 +00:00
Xavier Guimard
ec15f539b2
Perl warning
2009-10-18 08:52:12 +00:00
Xavier Guimard
655fd9e526
* perltidy
...
* LDAP: loadPP() is called now directly in ldap() to avoid to call it in authInit()
2009-10-12 16:55:35 +00:00
Xavier Guimard
bf488752b4
Documentation update
2009-10-12 15:03:29 +00:00
Xavier Guimard
041fcbe05a
Closes #314369
2009-10-11 11:21:52 +00:00
Xavier Guimard
bf6230c5ac
VERSION 0.9.4.1
2009-10-11 08:13:50 +00:00
Xavier Guimard
49cc593005
'*' for trustedDomains
2009-10-02 16:10:23 +00:00
Xavier Guimard
a8c75750cd
Bug in _Multi.pm : eval { require $mod } means "search the file named $mod", but since $mod is a module name, we have to write eval "require $mod"
2009-09-30 10:59:02 +00:00
Xavier Guimard
112cf4c1e6
Rename "Relay" auth mechanism to "Proxy" and add test
2009-09-27 07:54:05 +00:00
Xavier Guimard
947ee7f7c6
Relay in progress...
2009-09-23 13:35:19 +00:00
Xavier Guimard
48ac5bd591
* New authentication scheme : Relay (queries by SOAP another portal)
...
* syslog facility was not taken in account
* Missing HTTP::Headers dependency
* lmConfigEditor must not display reVHosts and cipher which are calculated by Conf.pm
* bad Apache security in Debian configuration files
2009-09-23 12:42:34 +00:00
Xavier Guimard
444e093004
Bugs :
...
* Crypto was usable only with 16xn characters
* Menu was not able to filter embedded <application>
Google page speed :
* optimize images
* set size
2009-08-20 14:19:40 +00:00
Xavier Guimard
bfebb497a1
Closes : #314163 : testUri() unusable
2009-08-20 14:15:16 +00:00
Xavier Guimard
771bf46a5f
HTTP code 302 has to be replaced by 303
2009-08-18 13:33:36 +00:00
Clément Oudot
0a1c2c95b8
Bug CAS: redirect function was not valid
2009-07-21 13:52:10 +00:00
Xavier Guimard
6c7558cffd
* Better performances for Menu : XML was parsed 2 times
...
* Doc for SympaAutoLogin
* Version update
2009-07-05 11:11:33 +00:00
Xavier Guimard
8965bd6119
* Menu update : application can contains application
...
* update trunk from branch
2009-07-01 08:52:14 +00:00
Clément Oudot
7bd70aec9e
Do not use , as separator as it breaks DN
2009-06-25 07:51:39 +00:00
Xavier Guimard
affdc1f5bc
SOAP configuration access :
...
* Missing SOAP fonction for config access in Portal/_SOAP.pm (lastCfg)
* Common/Conf/SOAP.pm now reports SOAP errors
* Common/Conf.pm reports an error when lastCfg returns 0
* SOAP namespace error in Common/Conf/SOAP.pm
Other :
* error in logout_sso default value (Handler/Simple.pm)
* bad returned value when configuration was missing in Handler/SharedConf.pm
2009-06-23 20:36:44 +00:00
Clément Oudot
f3536d4634
Bug in Webform: tests always returned PE_FORMEMPTY
2009-06-22 14:04:24 +00:00
Clément Oudot
198bcf70bc
Get the timezone of the user and correct checkLogonHours function
2009-06-22 10:01:58 +00:00
Xavier Guimard
36c9aa2409
Change CDA parameter to cda.
2009-06-15 14:13:09 +00:00
Xavier Guimard
0ac63904e7
* New parameter for XSS protection : trustedDomains
...
* parameters test to avoid warnings
* debian/control : missing dependencies
* perltidy
* tests update
2009-06-14 16:43:02 +00:00
Xavier Guimard
e55a4868d3
Beginning 0.9.4 publication works : version update
2009-06-08 16:29:13 +00:00
Clément Oudot
81950e0b52
Remove local groups from UserDBLDAP
2009-06-04 15:37:36 +00:00
Thomas CHEMINEAU
0df6ea67fa
adding extended groups functionality
2009-06-04 15:33:53 +00:00
Clément Oudot
f52b609d0e
Correct errors seen in make test
2009-06-04 14:27:36 +00:00
Clément Oudot
8f423fd276
Move setGroups in UserDB
2009-06-04 09:13:03 +00:00
Clément Oudot
84c02a1c17
Mail customization (plain text only) with parameter mailBody
2009-06-03 16:40:41 +00:00
Clément Oudot
50e88a68a7
Manage X-FORWARDED-FOR with multiple IP
2009-06-03 14:52:22 +00:00
Clément Oudot
9d87ad8532
Use PasswordDBLDAP in Menu
2009-06-02 15:34:13 +00:00
Clément Oudot
15dadc06d0
LEMONLDAP::NG: bugs found with make test
2009-05-29 09:53:07 +00:00
Clément Oudot
75c1f0feae
LEMONLDAP::NG : Reset password by mail (new functionnality)
2009-05-28 16:31:39 +00:00
Clément Oudot
68975eaa40
LEMONLDAP::NG : correct some little bugs seen in 'make test'
2009-05-26 12:24:03 +00:00
Clément Oudot
a38bd3e6c7
LEMONLDAP::NG :
...
* Create UserDBNull to use only Auth module
* Store submitted login (user field) in AuthSessionInfos
* Store password if needed in AuthRemote
2009-05-25 12:59:57 +00:00
Clément Oudot
43988469c7
LEMONLDAP::NG : Manage X-FORWARDED-FOR header for IP (close bug #312340 )
2009-05-20 09:29:52 +00:00
Clément Oudot
0d9eaed6fc
LEMONLDAP::NG :
...
* Correct XSS on user field
* Add "XSS attack detected" log messages
2009-05-19 08:52:27 +00:00
Clément Oudot
565ba83c05
LEMONLDAP::NG :
...
* Verify old password before modify
* Add the "PE_BADOLDPASSWORD" error
* Minor changes in pastel skin
* Erase old default skins
* Move icons to skins/common
2009-05-18 13:53:51 +00:00
Clément Oudot
cae5e6ed98
LemonLDAP::NG :
...
* Create PasswordDBLDAP
* Force password modification when password is reset with ppolicy
* new parameter ldapSetPassword: set to 1 if you want to use the LDAP extended operation rather than LDAP modify
* TODO: update HTML templates
2009-05-14 16:19:49 +00:00
Xavier Guimard
cb494c36d5
Logs as PerlLogHandler in handler and little things
2009-05-06 05:38:20 +00:00
Clément Oudot
eebac0ee3e
LEMONLDAP::NG : checkLogonHours and checkDate in Safelib, and correct bug #313624
2009-04-21 13:24:38 +00:00
Xavier Guimard
051f61b288
Since CGI stores now parameters at the root of the object, param is now redefined in Common/CGI.pm to secure those parameters
2009-04-11 11:16:44 +00:00
Xavier Guimard
294e35cbeb
Error with PPolicy + CleanupHandler not launched
2009-04-11 06:13:28 +00:00
Xavier Guimard
c40c13734e
SAML skeleton in progress...
2009-04-08 16:31:13 +00:00
Xavier Guimard
3ad76f30b2
PPolicy management is now in _LDAP.pm instead of AuthLDAP to be reused by Menu.pm
2009-04-08 10:32:33 +00:00
Xavier Guimard
a98e3ac8bb
SAML skeleton
2009-04-07 20:38:24 +00:00
Xavier Guimard
e15d136398
LDAP_PP_CHANGE_AFTER_RESET was not intercepted with OpenLDAP since bind() is granted in this case.
2009-04-07 08:26:12 +00:00
Xavier Guimard
740ad09f9f
Safelib + LDAPFilter parameter
2009-04-05 08:12:16 +00:00
Xavier Guimard
73fa979c65
'CustomSOAPServices' target in portal
2009-04-04 07:36:42 +00:00
Xavier Guimard
8bc0d20afa
* Portal can now been used as 'proxy' for SOAP session storage.
...
* Session explorer works now with SOAP session storage (very low performances)
2009-04-03 16:17:57 +00:00
Xavier Guimard
b0b971b241
Double session mechanism : 2 cookies are generated, 1 secured, the other not.
...
Handlers detects automatically the cookie to choose.
2009-03-31 10:52:43 +00:00
Xavier Guimard
e5e80709e6
Use Net::LDAP high availability system
...
%ENV was not shared
2009-03-08 17:37:31 +00:00
Xavier Guimard
231f54ddf0
* New authentication and userDB module : 'Multi' to chain authentication modules.
...
* Compilation for ModPerl::Registry by default
2009-03-08 08:50:58 +00:00
Xavier Guimard
6bf8377104
More methods for notification mechanism (to be used by batch that control done notifications)
2009-03-04 08:37:08 +00:00
Xavier Guimard
a4dbbf2ccd
POD
2009-03-03 06:21:52 +00:00
Xavier Guimard
859be3923f
* Doxygen doc update
...
* More tests
* perltidy on tests
2009-02-25 18:10:07 +00:00
Xavier Guimard
6307a00750
Lot of work on Portal SOAP services. Now 5 functions are exported:
...
* getAttributes(cookieValue)
* getConfig()
* getCookies(user,password)
* error(code,language)
* newNotification(xml)
WSDL is up to date but getConfig is not documented since it's a Lemonldap::NG internal service.
2009-02-24 17:53:59 +00:00
Xavier Guimard
20764ad812
New authentication and userDB backend : "Remote" can be used to check authentication from a remote Lemonldap::NG portal using CDA
2009-02-23 17:35:38 +00:00
Xavier Guimard
018bee1fc6
CDA now included in main portal
2009-02-17 15:39:14 +00:00
Xavier Guimard
553058998f
Doxygen comments update
2009-02-17 15:22:42 +00:00
Xavier Guimard
ffb5ee8e33
Doxygen filter modification to show authentication process methods
2009-02-17 14:56:38 +00:00
Xavier Guimard
5803952784
* delete log() method from the portal :
...
* user actions are logged by userNotice() and userError()
* other access are logged by HTTP server
* create authenticate() method in Simple.pm used to launch userNotice() for
all authentication method
2009-02-15 17:58:38 +00:00
Xavier Guimard
b6cdee5d2a
Now userNotice and userError are customizable like subs called by _subProcess
2009-02-15 11:30:25 +00:00
Xavier Guimard
415d23b6e4
User actions are now registered with 3 functions :
...
* log : normal access to the portal
* userNotice : authentications, logout,...
* userError : bad password,...
A new parameter 'syslog => "auth"' can be set to log userNotice and userError via syslog
2009-02-15 08:53:44 +00:00
Xavier Guimard
f1dd28c821
LEMONLDAP::NG : more error reporting
2009-02-14 15:21:58 +00:00
Xavier Guimard
0c18700f65
* cleaning code :
...
* session have not to be recover in Menu since it's done before bu the portal
* accounting in CGIs (ModPerl::Registry context only) :
* used by portal to inform Apache
2009-02-14 08:55:19 +00:00
Xavier Guimard
15e4a17bd8
* Typo in debian/control
...
* Notification/DBI.pm is now running
2009-02-13 09:26:02 +00:00
Xavier Guimard
19e59af4cd
log & debug method lmLog() for CGIs
2009-02-12 19:48:53 +00:00
Clément Oudot
ed55803c04
LEMONLDAP::NG : Abort redirection if ppolicy warnings are present
2009-02-12 17:09:33 +00:00
Xavier Guimard
f8169c1909
Notification system in progress :
...
* File storage is running
* DBI storage has not yet been tested
Documentation update
2009-02-11 16:18:38 +00:00
Xavier Guimard
7c1ff1d938
Versions update
2009-02-10 17:28:27 +00:00
Thomas CHEMINEAU
6b821a21dd
LEMONLDAP::NG : Fixe a bug in libertySignOn function, to retrieve correct providerID
2009-02-09 16:06:41 +00:00
Xavier Guimard
c5a5ba909f
Typo in pod
2009-02-08 19:12:08 +00:00
Xavier Guimard
fbdb9ccb22
LEMONLDAP::NG : * Version is missing in SOAPServer.pm
...
* perltidy on Portal/Simple.pm
2009-02-08 07:59:46 +00:00
Xavier Guimard
6494326e1e
LEMONLDAP::NG : typo
2009-02-06 17:41:23 +00:00
Xavier Guimard
2f9e6da6c1
LEMONLDAP::NG : problem with UTF8 in Notification.pm
2009-02-06 17:32:44 +00:00
Xavier Guimard
1800497815
LEMONLDAP::NG : propagation of 0.9.3.4 changes
2009-02-05 17:05:18 +00:00
Xavier Guimard
a25e10b040
LEMONLDAP::NG : * documentation modification
...
* SOAP service to update notification database
2009-02-03 09:36:13 +00:00
Xavier Guimard
1b6f56699a
LEMONLDAP::NG : Missing file Portal/Notification.pm
2009-02-02 08:53:51 +00:00
Xavier Guimard
85d765a002
LEMONLDAP::NG : WSDL for portal + dependency of Crypt::Rijndael in Debian
2009-02-01 15:38:06 +00:00
Xavier Guimard
21f5808cdf
LEMONLDAP::NG : Notification system is running now (for file storage only). TODO: Soapservice to accept notifications
2009-01-30 15:26:34 +00:00
Xavier Guimard
2540bb36f0
LEMONLDAP::NG : * new feature in devel : notification system
...
* now, there is a shared key that can be use to crypt datas
(used in notification to hide cookie value)
2009-01-28 17:37:10 +00:00
Xavier Guimard
ecb8ccbf96
LEMONLDAP::NG : bug with ldap+tls ( Closes : #312418 )
2009-01-17 19:45:21 +00:00
Xavier Guimard
f143719429
LEMONLDAP::NG : Typo
2009-01-03 08:54:49 +00:00
Xavier Guimard
bfab1a6e3b
LEMONLDAP::NG Doxygen in progress
2008-12-31 15:10:02 +00:00
Xavier Guimard
62b02d49fd
LEMONLDAP::NG : Doxygen documentation in progress
2008-12-30 09:37:56 +00:00
Xavier Guimard
41fe04e8b8
LEMONLDAP::NG : Doxygen documentation in progress...
2008-12-29 10:28:31 +00:00
Xavier Guimard
2e5911ac4e
LEMONLDAP::NG : Doxygen in progress.
2008-12-28 08:36:52 +00:00
Clément Oudot
985bdc2509
LEMONLDAP::NG : don't test url if direct access to portal
2008-12-27 11:00:45 +00:00
Xavier Guimard
228288d43c
LEMONLDAP::NG : Doxygen in progress
2008-12-26 19:18:23 +00:00
Xavier Guimard
13a5a1daab
LEMONLDAP::NG : Doxygen documentation in progress
2008-12-26 17:58:48 +00:00
Xavier Guimard
5483c4451a
LEMONLDAP::NG : * Romanian translation update
...
* perltidy
* test for menu
2008-12-25 14:14:15 +00:00
Xavier Guimard
0d8ab5ea2b
LEMONLDAP::NG : Perl module versions update for CPAN export
2008-12-25 08:04:33 +00:00
Xavier Guimard
78852ac337
LEMONLDAP::NG perltidy
2008-12-24 14:57:23 +00:00
Xavier Guimard
13cdc9b8ec
LEMONLDAP::NG : XSS patch not compatible with logout system
2008-12-24 14:55:44 +00:00
Xavier Guimard
2449e92c2d
LEMONLDAP::NG : A site in the protected domain is accepted in $portal->{urldc} even if the site is not declared in the manager
2008-12-24 09:12:53 +00:00
Xavier Guimard
cc07eae107
LEMONLDAP::NG : customFunctions are now shared in macros, groups, headers and rules
2008-12-11 17:02:02 +00:00
Xavier Guimard
a77e385730
LEMONLDAP::NG : little bug in SOAP error()
2008-12-08 10:56:19 +00:00
Xavier Guimard
16a29be9fa
LEMONLDAP::NG : error display in SOAP
2008-12-07 20:07:52 +00:00
Xavier Guimard
b9ba2337e4
LEMONLDAP::NG : now the portal can be called by browser or by SOAP
2008-12-07 14:12:36 +00:00
Xavier Guimard
68d447b422
LEMONLDAP::NG : typo
2008-12-07 12:15:40 +00:00
Xavier Guimard
53dc4bbbf4
LEMONLDAP::NG : * To avoid XSS, 3 controls :
...
1) url must be base64 encoded
2) urldc is serialized on 1 line ("s/[\r\n]//sg")
3) urldc must not contains '"`\0<
* Common/CGI can now intercept SOAP requests
2008-12-07 09:02:44 +00:00
Xavier Guimard
8b4f38e58c
LEMONLDAP::NG : XSS prevention
2008-12-06 10:26:24 +00:00
Xavier Guimard
66c60cc416
LEMONLDAP::NG : * branche 0.9.2 is missing
...
* ' and " are now filtered in url in Portal.pm
2008-12-06 07:27:35 +00:00
Xavier Guimard
5bbe35cedc
LEMONLDAP::NG : To help Doxygen, we have to use "use base" instead of @ISA when possible
2008-12-04 13:53:05 +00:00
Xavier Guimard
5f552f4085
LEMONLDAP::NG : minnor things
2008-12-03 18:30:57 +00:00
Xavier Guimard
b8905b4247
LEMONLDAP::NG : * bug correction : AuthLDAP can now be used without UserDBLDAP
2008-12-03 16:43:31 +00:00
Clément Oudot
35df5dddb8
LEMONLDAP::NG : Enforce XSS protection by deleting bad urls
2008-12-03 16:41:30 +00:00
Xavier Guimard
24a14caeda
LEMONLDAP::NG : * Security fix : redirections in portal must be in protected sites
...
* perltidy in Manager/Sessions.pm
* Doxygen in progress...
2008-12-03 16:05:27 +00:00
Xavier Guimard
1af1632c72
LEMONLDAP::NG : minor security fix : PE_USERNOTFOUND has not to be used
2008-12-03 13:30:37 +00:00
Xavier Guimard
fbc8b7bfd2
LEMONLDAP::NG : * security fix => XSS
...
* Begin Doxygen documentation
2008-12-03 13:27:30 +00:00
Xavier Guimard
de7edc7387
LEMONLDAP::NG : better manner to delete cookie
2008-12-01 13:39:52 +00:00
Xavier Guimard
d7bbb44924
LEMONLDAP::NG : * change default value for existing sessions : now, it's PE_DONE
...
* after POST and logout, Portal generates a redirection to itself unless an url is given. This help MSIE to relog after logout
2008-12-01 09:36:02 +00:00
Xavier Guimard
96e625a29d
LEMONLDAP::NG : binmod(STDOUT,'utf8') has to be called at each request
2008-11-26 11:20:36 +00:00
Xavier Guimard
ccbb0a12e0
LEMONLDAP::NG : * eval+abort in XML parsing (to avoid die include in XML::LibXML)
...
* Correct use of UTF8 : a apps-list.xml UTF8 encoded was not displayed correctly
2008-11-26 11:11:03 +00:00
Xavier Guimard
d99ef1ba3f
LEMONLDAP::NG : web form in a distinct file
2008-11-24 14:06:54 +00:00
Xavier Guimard
a72eebdd81
LEMONLDAP::NG : Notification system skeleton
2008-11-24 06:57:18 +00:00
Xavier Guimard
2725f06fd3
LEMONLDAP::NG : * Handler/SharedConf.pm is more simple now since it use the new Conf.pm capabilities
...
* CGIs now use abort() instead of die
* debug system in COnf.pm (set "LogLevel debug" in Apache)
2008-11-21 17:51:52 +00:00
Xavier Guimard
63f196078b
LEMONLDAP::NG : die replaced by $self->abort in CGIs
2008-11-21 07:27:08 +00:00
Xavier Guimard
ac87a4b49e
LEMONLDAP::NG : removing old feature : LDAP filter in groups
2008-11-20 18:13:27 +00:00
Xavier Guimard
b5c2abb2a0
LEMONLDAP::NG : customFunctions called "package::function" where not correctly interpreted
2008-11-19 11:19:06 +00:00
Clément Oudot
19b5fa1190
LEMONLDAP::NG : fix bug #311849
2008-11-18 12:47:30 +00:00
Xavier Guimard
cae4cbade0
LEMONLDAP::NG : New module Lemonldap::NG::Common. It contains Conf.pm and Cie
2008-11-17 16:59:56 +00:00
Xavier Guimard
dd0c815795
LEMONLDAP::NG : one more bug...
2008-11-17 15:12:17 +00:00
Xavier Guimard
e42c8b263f
LEMONLDAP::NG : little bugs in customFunctions
2008-11-17 15:06:58 +00:00
Xavier Guimard
d88ae29227
LEMONLDAP::NG : new customFunctions feature (+ perltidy everywhere)
2008-11-17 14:02:50 +00:00
Xavier Guimard
f399324f18
LEMONLDAP::NG : little hook in Menu.pm
2008-11-14 07:16:26 +00:00
Xavier Guimard
7d6989a4a6
LEMONLDAP::NG : * uri in Menu.pm can now contains user datas
...
* protection documentation in Sessions.pm example file
2008-11-12 16:09:35 +00:00
Clément Oudot
5c7468b6e5
LEMONLDAP::NG : correct bug on anonymous manager authentication and no ppolicy authentication
2008-11-05 21:26:37 +00:00
Xavier Guimard
a75e882741
LEMONLDAP::NG : New module Sessions.pm to manage sessions
2008-11-04 16:35:16 +00:00
Clément Oudot
9e2a494da5
LEMONLDAP::NG : password can now be stored in session
2008-10-16 07:35:42 +00:00
Clément Oudot
73f531fb43
LEMONLDAP::NG : minor bugs in _LDAP.pm
2008-10-08 09:40:24 +00:00
Xavier Guimard
c007a2382c
LEMONLDAP::NG : _LDAP inherits now from Net::LDAP
2008-10-08 08:45:15 +00:00
Xavier Guimard
26c944caa7
LEMONLDAP::NG : UserDB system updated + general perltidy
2008-10-07 20:15:48 +00:00
Xavier Guimard
edb22bc8f8
LEMONLDAP::NG : little mistake
2008-10-05 18:43:47 +00:00
Xavier Guimard
80f199fbc7
LEMONLDAP::NG : LDAP User database module
2008-10-05 18:42:50 +00:00
Clément Oudot
b9b39143db
LEMONLDAP::NG : New Portal::Error module and test page
2008-09-28 17:05:17 +00:00
Clément Oudot
6623c149f6
LEMONLDAP::NG : corrections on enhanced menu
2008-09-26 07:36:30 +00:00
Xavier Guimard
7fdab965d5
LEMONLDAP::NG : grant system in Menu.pm (not yet tested)
2008-09-21 09:50:32 +00:00
Clément Oudot
b14983208c
LemonLDAP::NG : W3C standards compliance and password modification module
2008-09-19 15:28:00 +00:00
Clément Oudot
1c15139a3a
LemonLDAP::NG : pre-release of new Portal::Menu module
2008-09-18 08:34:17 +00:00
Xavier Guimard
7c9bb1621d
LEMONLDAP::NG : bug in doc
2008-09-10 10:40:01 +00:00
Xavier Guimard
4e90f24172
LEMONLDAP::NG : perltidy + template language detection regexp
2008-09-04 06:05:24 +00:00
Clément Oudot
b264d0f8c7
LemonLDAP::NG : HTML::Template translation filter
2008-09-03 16:11:16 +00:00
Xavier Guimard
8364a0e78d
LEMONLDAP::NG : CPAN versions update and little doc update
2008-08-25 19:54:24 +00:00
Xavier Guimard
d0c5306e91
LEMONLDAP::NG : translation for password policy
2008-08-11 07:26:55 +00:00
Xavier Guimard
7c3a6f3cfc
LEMONLDAP::NG : complete integration of Password Policy (i18n not done)
2008-08-08 16:19:16 +00:00
Clément Oudot
a53c327ad1
Resolve Ppolicy constant bug #310433
2008-07-18 13:52:11 +00:00
Clément Oudot
84d0ba4e61
Resolve bug #310434
2008-06-27 08:49:20 +00:00
Xavier Guimard
e1b8027ccd
LEMONLDAP::NG : pod update
2008-06-11 06:00:26 +00:00
Xavier Guimard
c05be52335
LEMONLDAP::NG : little bugs
2008-06-09 14:27:37 +00:00
Thomas CHEMINEAU
31d19b3969
LEMONLDAP::NG : patch on CDA portal, v0.03
2008-06-08 14:34:33 +00:00
Xavier Guimard
8c073cc030
LEMONLDAP::NG : little corrections issued from CPAN test
2008-06-06 12:59:36 +00:00
Xavier Guimard
6966d20959
LEMONLDAP::NG : missing file
2008-06-06 12:42:35 +00:00
Xavier Guimard
7bac798370
LEMONLDAP::NG : * new auth architecture
...
* environment variables can now be used in exportedVars (usefull to access to SSL variables)
* UTF-8 in examples
* Romanian translation of portal
2008-06-06 03:51:39 +00:00
Xavier Guimard
9b523a3534
LEMONLDAP::NG : revert to revision 310 : new auth architecture is not usable in some case
2008-06-01 06:25:09 +00:00
Xavier Guimard
2962eb2699
LEMONLDAP::NG : now, new auth architecture is running...
2008-05-31 13:33:34 +00:00
Xavier Guimard
fccf1bd214
LEMONLDAP::NG : bug in AuthLA due to new auth architecture
2008-05-31 13:21:47 +00:00
Xavier Guimard
8dba034b7e
LEMONLDAP::NG : little corrections after new authentication skeleton
2008-05-31 10:58:45 +00:00
Xavier Guimard
772a9ad1e8
LEMONLDAP::NG : new sub "authInit" called by new() to initialize authentication module
2008-05-30 06:07:37 +00:00
Xavier Guimard
aca6815c1b
LEMONLDAP::NG : New auth architecture in Portal
2008-05-30 04:47:32 +00:00
Xavier Guimard
83ec000c5f
LEMONLDAP::NG : new constant : PE_CERTIFICATEREQUIRED
2008-05-25 13:17:16 +00:00
Xavier Guimard
dc8d0a4334
LEMONLDAP::NG : new functionality in Poratl/AuthSSL.pm : the parameter SSLRequire can be set to 0 to authenticate users both by certificate or login/password
2008-05-25 12:54:45 +00:00
Xavier Guimard
f52755060e
LEMONLDAP::NG : Debian default portal is now issued from index_skin.pl
...
Update versions
2008-05-24 19:12:28 +00:00
Clément Oudot
241c22ec44
Translate all french comments to english
2008-05-24 13:18:54 +00:00
Xavier Guimard
3b89370d8c
LEMONLDAP::NG : the script purgeCentralCache was not correct on Debian
...
UNIVERSAL::can is now compiled with Perl 5.10
2008-05-23 07:52:35 +00:00
Xavier Guimard
b3b53c1ddb
LEMONLDAP::NG : adding pod test => 2 bugs found
2008-05-12 13:36:36 +00:00
Xavier Guimard
87d1f521e1
LEMONLDAP::NG : now, status page displays portal activity if an handler exists
2008-05-11 19:21:39 +00:00
Clément Oudot
3a8e138a88
Add perldoc for Password Policy
2008-05-10 09:31:43 +00:00
Xavier Guimard
5bac01a55f
Lemonldap::NG : little documentation for Lemonldap::NG::Handler::Status and perltidy
2008-05-09 20:50:27 +00:00
Xavier Guimard
59ff84d7a9
LEMONLDAP::NG : old logout method replaced in example
2008-04-11 14:32:12 +00:00
Xavier Guimard
e2f40e466d
LEMONLDAP::NG : stupid bug + perltidy
2008-04-10 09:40:16 +00:00
Xavier Guimard
65ae8948b9
LEMONLDAP::NG : little patch for the portal to be able to use configuration cached by handlers to increase performance in DBI or SOAP configuration storage: else, the portal download the configuration for each authentication.
2008-04-10 09:34:21 +00:00
Thomas CHEMINEAU
4e9cf25fe8
Add CGI::Session support in AuthLA module + fixe some bugs
2008-04-07 16:40:09 +00:00
Xavier Guimard
edfb4aa305
LEMONLDAP::NG : update module versions and changelogs
2008-04-07 13:04:14 +00:00
Xavier Guimard
23ae454e60
LEMONLDAP::NG : When Net::LDAP::Control::PasswordPolicy isn't available, constants LDAP_CONTROL_PASSWORDPOLICY LDAP_PP_ACCOUNT_LOCKED LDAP_PP_PASSWORD_EXPIRED are not available. So I added a "no strict 'subs'" else, compilation failed whith earlier Net::LDAP packages.
2008-04-03 09:09:43 +00:00
Xavier Guimard
1e46733d63
LEMONLDAP::NG : Constants LDAP_CONTROL_PASSWORDPOLICY LDAP_PP_ACCOUNT_LOCKED LDAP_PP_PASSWORD_EXPIRED are not exported if Net::LDAP::Control::PasswordPolicy is missing, so we have to add an "eval"
2008-04-03 08:55:11 +00:00
Clément Oudot
0a11a048e7
Add support for LDAP Password Policy
2008-03-31 14:25:14 +00:00
Xavier Guimard
14a92f1d77
LEMONLDAP::NG : UTF8 in AuthLA.pm must be specified in pod
2008-03-07 13:17:46 +00:00
Xavier Guimard
6b797bc707
LEMONLDAP::NG : corrections issued from http://lintian.debian.org/reports/full/x.guimard@free.fr.html
2008-03-05 11:26:15 +00:00
Xavier Guimard
9312ebf80b
LEMONLDAP::NG : changelog and versions update
2008-02-08 16:56:42 +00:00
Xavier Guimard
85e7acadfe
LEMONLDAP::NG : some stupid bugs...
2008-02-08 15:33:32 +00:00
Clément Oudot
29cb9c722e
remove local logout from code and add a 'and' test in the process
2008-01-24 10:17:30 +00:00
Clément Oudot
45423aca5a
Add local logout possibility
2008-01-24 09:34:02 +00:00