Clément Oudot
dd615d0678
SAML:
...
* Check values of requested attributes (#85 )
* Refactor some code in _SAML (createAttribute and createAttributeValue)
2010-06-04 14:23:41 +00:00
Clément Oudot
cc1eb344a7
SAML: get attributes in attribute response
2010-06-02 15:21:39 +00:00
Clément Oudot
e928b770f7
SAML: browse SP authorized attributes and build attribute response ( #2 )
2010-06-02 13:45:37 +00:00
Clément Oudot
5444a9d3b4
SAML:
...
* Grab NameID from attribute request and find corresponding session (#2 )
* create a getSamlSession subroutine
2010-06-02 09:04:07 +00:00
Clément Oudot
a27464e277
SAML: process and validate attribute request ( #2 )
2010-06-02 08:09:59 +00:00
Clément Oudot
67e3e0ee6b
was not set
2010-06-01 15:42:35 +00:00
Clément Oudot
8fe3e749a3
SAML: catch attribute service URL ( #2 )
2010-06-01 15:34:08 +00:00
Clément Oudot
e8c514f794
SAML: set NameID in attribute query ( #2 )
2010-06-01 14:43:49 +00:00
Clément Oudot
00a952a372
SAML: create a new Lasso::Server object to manage attribute queries ( #2 )
2010-06-01 12:23:11 +00:00
Clément Oudot
ffeb9e3134
SAML: adjust HTTP-POST artifact binding ( #75 )
2010-05-31 15:46:41 +00:00
Clément Oudot
ec8892ef7f
SAML:
...
* Identity is no more required in attribute query
* Mandatory attributes are requested if not defined in SSO assertion (#79 )
2010-05-31 14:54:24 +00:00
Clément Oudot
b678ab454f
SAML: test SessionNotOnOrAfter before converting it ( #77 )
2010-05-31 13:50:26 +00:00
Clément Oudot
c0edd943db
SAML: add an IDP option to force attribute value in UTF-8 ( #72 )
2010-05-28 15:31:20 +00:00
Clément Oudot
6964b09eb2
SAML: use HTTP method string in debug messages
2010-05-28 12:17:05 +00:00
Clément Oudot
cfec37d111
SAML:
...
* Error message when no artifact resolution URL in profile
* Manage XML boolean values in metadata
2010-05-27 12:39:32 +00:00
Clément Oudot
8789b5d131
SAML: do not throw error if no SP or no IDP configured ( closes #70 )
2010-05-26 15:32:09 +00:00
Clément Oudot
a2cd83aea9
* - in domain ( closes #69 )
...
* securedCookie select box
* bad abort arguments number
* manager/index.pl comments
2010-05-26 15:17:51 +00:00
Clément Oudot
d1b4541a4d
SAML: check Destination attribute ( closes #33 )
2010-05-21 13:44:16 +00:00
Clément Oudot
f187851ba6
SAML: signatures on SSO/SLO messages issued from IDP ( #66 )
2010-05-20 13:08:07 +00:00
Clément Oudot
c6dd158903
SAML: map SAML authentication context and authentication level ( #47 )
2010-05-12 15:14:07 +00:00
Clément Oudot
01f928504d
SAML: correct date to timestamp conversion ( #62 ) and add unit test
2010-05-12 12:46:47 +00:00
Xavier Guimard
3844ba4192
"make tidy"
2010-05-12 04:04:10 +00:00
Clément Oudot
a04ff6e964
SAML:
...
* OneTimeUse is no more used in SP (#50 )
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
2010-05-05 07:10:13 +00:00
Clément Oudot
5eb7895dac
SAML: manage SP conf key
2010-05-04 10:10:34 +00:00
Clément Oudot
1b81ccd96f
SAML: use get_signature_status from Lasso::Profile
2010-05-03 21:12:14 +00:00
Xavier Guimard
408365bc5f
strftime is defined in POSIX
2010-05-02 17:40:21 +00:00
Xavier Guimard
5ceb94e612
Correct errors
2010-05-02 13:41:12 +00:00
Xavier Guimard
c53bdf0edc
Little error
2010-05-02 13:30:04 +00:00
Xavier Guimard
cf0ece9aa2
Reformating
2010-05-02 11:37:25 +00:00
Clément Oudot
a9c5d000fd
SAML:
...
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
2010-04-30 14:55:40 +00:00
Thomas CHEMINEAU
423541455b
SAML:
...
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6
SAML: work in progress to manage asynchronous SOAP logout requests
2010-04-28 17:16:38 +00:00
Clément Oudot
37afeeaeb5
SAML: force attribute values in UTF-8 (JIRA #21 )
2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45
SAML: manage SOAP logout request send by IDP to SP
2010-04-28 14:29:52 +00:00
Thomas CHEMINEAU
d9db773996
SAML: now use get_first_http_method when sending logout request on SP
2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
873aa0c32e
SAML: generalizing and moving some functions to _SAML.pm
2010-04-26 17:06:49 +00:00
Thomas CHEMINEAU
cd8b59998b
SAML: first work on dispatching logout requests to SP during IDP SLO process
2010-04-22 17:01:37 +00:00
Clément Oudot
70a214b9e0
SAML:
...
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe
SAML: add methods to disable signature verification (tests in progress)
2010-04-16 10:13:20 +00:00
Clément Oudot
4379adc014
SAML: reformate SP list to use EntityID as primary key
2010-04-15 14:42:17 +00:00
Clément Oudot
d9c4b44c4b
Add multiValuesSeparator configuration parameter
2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28
SAML: SSL authentication context is TLSClient and not X509
2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7
SAML: map authenticationLevel and authn context
2010-04-14 16:22:55 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
2406d832e9
SAML: manage Lasso session in artifacts
2010-04-12 15:03:54 +00:00
Clément Oudot
ae66b57881
SAML: load and store Lasso Identity and Session
2010-04-12 13:23:22 +00:00
Clément Oudot
91e1419f57
SAML: artifact resolution response in SP and IDP
2010-04-12 09:09:53 +00:00
Clément Oudot
7fef157210
SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage)
2010-04-09 13:27:54 +00:00
Clément Oudot
46808d3f78
SAML: manage artifact (work in progess)
2010-04-08 16:28:10 +00:00
Clément Oudot
fb9f964515
SAML: move use POSIX from AuthSAML to _SAML
2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5
SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP
2010-04-08 09:39:53 +00:00
Clément Oudot
89bf4a6630
SAML: build assertion
2010-04-07 16:37:23 +00:00
Clément Oudot
ecf5612e4f
SAML:
...
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
2010-04-07 15:14:17 +00:00
Clément Oudot
f9e8ce7092
SAML: validate request message
2010-04-07 12:27:50 +00:00
Clément Oudot
7859ba292a
SAML: trust hidden fields when they are present
2010-04-07 10:11:21 +00:00
Thomas CHEMINEAU
0974c128ec
SAML: fix a little bug
2010-04-02 15:34:44 +00:00
Thomas CHEMINEAU
7202a6651f
SAML: manage hidden values for SAML authentication request
2010-04-02 15:28:29 +00:00
Clément Oudot
119386dca7
SAML: use checkMessage in AuthSAML
2010-04-02 14:47:17 +00:00
Clément Oudot
f87d6b9b3d
SAML: IDP requestedAuthnContext option
2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f
SAML: IDP isPassive option
2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4
SAML: work on SSO/SLO signature options
2010-04-01 14:18:37 +00:00
Clément Oudot
6d505c9468
SAML: IDP option to validate SSO response signature -not working now
2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681
SAML: IDP option to sign SSO requests
2010-04-01 09:55:33 +00:00
Thomas CHEMINEAU
ba6bb76549
SAML:
...
- Move part of the code into _SAML.pm so that it could be reused;
- Create the method checkMessage that check SAML requests and responses.
2010-03-26 16:02:27 +00:00
Thomas CHEMINEAU
e7103c56c5
SAML: implementing issuerForUnAuthUser
2010-03-26 13:56:37 +00:00
Clément Oudot
07c528d6fd
SAML: update POD
2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068
SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT)
2010-03-25 16:43:34 +00:00
Thomas CHEMINEAU
b67654d42d
SAML: code to load SP metadata
2010-03-25 14:44:38 +00:00
Thomas CHEMINEAU
dec9d562d8
SAML: work in progress in IssuerDBSAML
2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc
SAML: move code that load SAML services and IDPs into _SAML
2010-03-25 11:01:32 +00:00
Clément Oudot
bc7df7b3bc
SAML: correct NAME POD section to prevent lintian warning
2010-03-25 08:55:42 +00:00
Clément Oudot
5c26f07d27
SAML: proxy restriction was not working, now it is set in authn request conditions
2010-03-24 12:33:45 +00:00
Clément Oudot
ae4ff763df
SAML: manage HTTP method choice for SSO
2010-03-05 16:57:11 +00:00
Clément Oudot
c2b7c07dc1
SAML: use NameIDFormat option
2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28
SAML: use ForceAuthn option
2010-03-05 08:54:01 +00:00
Clément Oudot
71283e3596
SAML: attribute request in UserDBSAML
2010-03-03 16:54:23 +00:00
Clément Oudot
923e509226
SAML: split conditions validation between time and auience
2010-03-01 09:42:25 +00:00
Clément Oudot
1cecbe512d
SAML: Manage logout redirection URL trough RelayState in SLO
2010-03-01 09:19:28 +00:00
Clément Oudot
2c584cf7f7
SAML:
...
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
2010-02-28 19:07:02 +00:00
Xavier Guimard
58c28c5732
* Inheritance instead of @EXPORT
...
* Purge CGI::Session dependency (LA)
2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f
SAML: manage SOAP
2010-02-26 09:12:18 +00:00
Clément Oudot
9c228f7022
SAML: Manage relayState trough session backend
2010-02-25 11:39:55 +00:00
Clément Oudot
9937568f97
SAML: manage SSO response trough Artifact
2010-02-24 15:24:54 +00:00
Clément Oudot
38060929fb
SAML:
...
* Use new configuration keys
* sum up replay protection code
2010-02-22 17:12:16 +00:00
Clément Oudot
9766b8457a
SAML: SP SLO response trough HTTP-REDIRECT and SOAP
2010-02-19 11:33:34 +00:00
Clément Oudot
2238075912
SAML: SP SLO validate request
2010-02-18 17:42:31 +00:00
Clément Oudot
bd2c92f207
SAML: SP SLO in progress
2010-02-18 17:22:04 +00:00
Clément Oudot
a6d7f7a3a3
SAML:
...
* Send correct logout request
* Use getMetaDataURL to get URL from metadata configuration keys
2010-02-18 09:58:59 +00:00
Clément Oudot
46764465b2
SAML: SP SLO in progress
2010-02-17 17:37:38 +00:00
Clément Oudot
5b34644e10
SAML: SLO initiated by SP (not achieved)
2010-02-17 15:13:00 +00:00
Clément Oudot
3da1b1ed19
SAML: conditions validations corrected in Lasso
2010-02-17 11:51:01 +00:00
Clément Oudot
d5d56f7649
SAML: conditions validation
2010-02-15 17:03:07 +00:00
Clément Oudot
12668e7cc2
SAML: register attributes from SAML authn statement in session
2010-02-12 14:26:45 +00:00
Clément Oudot
71f142316f
SAML:
...
* IDP metadata are in metadata key
* Use IDP internal ID instead of entityID to keep choosen IDP information
* Use base64 encoding for RelayState value
2010-02-12 10:53:43 +00:00
Clément Oudot
cb7f7f8bd1
SAML: first complete SP cinematic implementation
2010-02-11 12:39:42 +00:00
Clément Oudot
e323fe1cf5
SAML: customize authentication request
2010-02-10 17:18:46 +00:00
Clément Oudot
f265cbce57
SAML: NameID management
2010-02-09 20:49:23 +00:00
Clément Oudot
e891c13ad3
SAML: use query_string and get name identifier
2010-02-09 09:02:39 +00:00
Clément Oudot
040aea4dfb
SAML:
...
* Redirect user to IDP SSO URL
* Catch IDP response for HTTP-REDIRECT binding
2010-02-08 17:24:45 +00:00