dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,999 Commits 3 Branches 0 Tags 75 MiB
6b1dd48896
Commit Graph

304 Commits

Author SHA1 Message Date
Clément Oudot
d7fb73b2e2 Rewrite Menu module, to integrate it in Portal (#29) 2010-09-16 15:10:00 +00:00
Clément Oudot
dda83a3e67 Store authChoice in session, and load it for existing sessions 2010-09-13 15:14:19 +00:00
Clément Oudot
c004e6363d Load correct authentication module on issuer logout process 2010-09-10 20:27:14 +00:00
Clément Oudot
17b3c15466 Code authentication choice like multiple authentication (#19) 2010-09-10 19:52:44 +00:00
Clément Oudot
61a73e59dd Work on authentication choice (#19) 2010-09-08 20:16:32 +00:00
Clément Oudot
d2549c2fbe Always display authentication choices if any (#19) 2010-09-06 09:35:05 +00:00
Xavier Guimard
c8a2b8c5e0 "_safe" instead of "safe" in Menu 2010-09-06 09:23:23 +00:00
Clément Oudot
09b06fecbf Add SSL and Apache in authentication choices (#19) 2010-09-03 16:02:10 +00:00
Clément Oudot
82b4ea080e Load correct authentication module for authLogout (#LEMONDLAP-19) 2010-09-03 15:23:08 +00:00
Clément Oudot
41151228ff Typo in checkXSSAttack call 2010-09-03 14:23:54 +00:00
Clément Oudot
ec8eb57b1f * Common XSS attack check method 
* Check XSS attack on authChoice parameter
 2010-09-03 14:15:44 +00:00
Clément Oudot
c10f1a96db Authentication choice in progress (#19) 2010-09-03 13:21:03 +00:00
Clément Oudot
0f4212abc2 URL param to choose authentication module (#LEMONLDAP19) 2010-09-02 15:32:40 +00:00
Clément Oudot
9992c56f43 Configure mapping between SAML authentication contexts and authentication levels (#152) 2010-09-02 09:09:10 +00:00
Clément Oudot
8d6899c2b2 Configuration keys for authentication levels (#152) 2010-09-01 16:06:01 +00:00
Xavier Guimard
06beaa6ff4 « make tidy » 2010-09-01 12:56:15 +00:00
Xavier Guimard
f6f09f635c IssuerOpenID in progress 2010-08-31 15:36:32 +00:00
Clément Oudot
0d5faacc0a Manage // in path when checking IssuerDB path 2010-08-31 15:14:44 +00:00
Clément Oudot
35935c5b7f Little bug in controlExistingSession 2010-08-31 12:23:11 +00:00
Clément Oudot
1e1f9bf5ea Modify binmode to bytes for SOAP responses (closes #144) 2010-08-31 10:34:28 +00:00
Clément Oudot
92352246ee Support from logout services: they are deconnected with a GET request after portal logout (#121) 2010-08-30 15:46:26 +00:00
Clément Oudot
611d252ebc AuthCAS: renew and gateway flags can now been configured 2010-08-30 13:41:45 +00:00
Clément Oudot
e3010de6e5 CAS Issuer (#101): 
* Manage gateway parameter (refused unauthenticated user)
* Display CAS logout URL message
* Do not check base64 encoded URL for CAS (mandatory for logout URL management)
 2010-08-27 16:07:19 +00:00
Xavier Guimard
cd00bf3b62 OpenID server in progress 2010-08-27 15:34:03 +00:00
Clément Oudot
832f7050eb Add activation parameter for each IssuerDB module (#147) 2010-08-27 13:01:54 +00:00
Clément Oudot
a6acf86f4e Generate CAS Service Ticket (#101) 2010-08-25 14:23:45 +00:00
Clément Oudot
5877fa95d6 CAS IssuerDB skeleton (#101) 2010-08-23 15:47:53 +00:00
Clément Oudot
240c2b56eb SAML: 
* Use request path to choose IssuerDB module to load
* Store all used IssuerDB module in user session
* Launch issuerLogout method for all used IssuerDB module
* References #102
 2010-08-23 13:27:16 +00:00
Clément Oudot
4fa2f6318e Build removeOther link with javascript, to get the final redirection URL and method (#125) 2010-08-20 15:07:55 +00:00
Clément Oudot
a9a2106e89 Add a back URL in removeOther link (#125) 2010-08-20 13:48:09 +00:00
Clément Oudot
a85958f90f Always clear previous hidden form value when PE_INFO is returned by autoRedirect and autoPost (#125) 2010-08-20 10:52:52 +00:00
Clément Oudot
5e6efebab1 Manage info form hidden fields for autoRedirect and autoPost (#125) 2010-08-20 10:31:20 +00:00
Clément Oudot
ead9413dd8 Possibility to control form method of info and confirm screen (references #125) 2010-08-19 16:19:30 +00:00
Clément Oudot
e29a65e92b Disable timer on IDP list (#141) 2010-08-18 15:10:30 +00:00
Clément Oudot
33403f3396 Display a link to go back to SP on IDP login page (#140) 2010-08-18 13:39:15 +00:00
Clément Oudot
a32502b8f7 Do use st when browsing backends (authentication, userDB, ...) to prevent from a bug in Perl-LDAP 0.40 (#128) 2010-07-21 12:13:12 +00:00
Clément Oudot
15cb8f6e29 SAML error codes for IDP and UserDBSAML (#40) 2010-07-05 15:58:03 +00:00
Clément Oudot
abfc445f38 SAML Error codes for SP (#40) 2010-07-05 15:38:02 +00:00
Clément Oudot
3ed02a09b8 * Set noInfo flag when updating session 
* Get sessionIndex from SLO request before validating the request
* Use NameID dump in debug message
 2010-07-05 09:36:52 +00:00
Clément Oudot
0dac2f1374 * authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode 
* do not 'return' sendSLOErrorMessage
 2010-07-02 15:42:22 +00:00
Clément Oudot
b635d87761 * authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode 
* do not 'return' sendSLOErrorMessage
 2010-07-02 15:14:54 +00:00
Clément Oudot
3ee1e9b393 Add an option to encode Metadata in UTF-8 (#119) 2010-06-28 09:11:59 +00:00
Xavier Guimard
0e082b1d8f Closes: #114 : Bad usage of Apache::Session::searchOn() on portal 2010-06-22 16:30:38 +00:00
Xavier Guimard
aa190c7f35 make tidy 2010-06-21 15:29:59 +00:00
Xavier Guimard
11dd597a41 Some Lintian tips 2010-06-08 10:39:34 +00:00
Xavier Guimard
208a4f34d2 Closes #82 : CDA always use secured cookie even if requested site is a http one 2010-06-04 08:43:42 +00:00
Clément Oudot
5ded22db86 Do not return errors in POST or SOAP response process, just quit if something is wrong 2010-06-02 09:12:35 +00:00
Clément Oudot
d7cee9a4f9 Use redirection message in page title (#80) 2010-06-01 10:11:35 +00:00
Clément Oudot
bb9c7435cc POST fields are now hidden (#80) 2010-06-01 09:59:37 +00:00
Clément Oudot
58bec95435 SAML: map NameID formats to local session keys (closes #67) 2010-05-21 09:03:29 +00:00
Clément Oudot
4d0a5a651d SAML: IssuerDB Activation Rule (#52) 2010-05-19 14:59:43 +00:00
Clément Oudot
df4198399f * Add a new process step (authFinish) run after session store 
* Create SAML session linked to real session to store NameID and SessionIndex, in order to use searchOn on them (will not force globalStorage to be compatible with searchOn)
* Control SessionIndex sent by IDP on a SLO request is now managed in SP to get the correct local session
* This solves issue #51
 2010-05-17 16:02:21 +00:00
Clément Oudot
2d88be8222 Portal: catch ENV exportedVars for all UserDB modules (#58) 2010-05-07 21:33:57 +00:00
Thomas CHEMINEAU
f60e65166d adding Lemonldap::NG::Handler::UpdateCookie.pm and associated files 2010-05-05 16:49:26 +00:00
Xavier Guimard
810505b1cb (Closes: #46) 2010-05-05 16:42:22 +00:00
Thomas CHEMINEAU
c935584300 informations is correctly stored into session but not well displayed by manager (add _utime, remove useless code) 2010-05-04 15:55:48 +00:00
Xavier Guimard
5d2b50e905 Modif for XSS: for logout URL, we test now Referer field 2010-05-01 13:12:28 +00:00
Xavier Guimard
c37033b81a $self->{id} was not well managed in portal 2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22 SAML: change error name to PE_IMG_OK and PE_IMG_NOK 2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b SAML: 
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
 2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865 New session explorer (not finished but useable) + some little tips 2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
54afc28e75 SAML: manage logout initiate by IDP 2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
6ef67cc5ea SAML: manage internationalization 2010-04-26 15:39:38 +00:00
Thomas CHEMINEAU
aac04dabdc SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post 2010-04-23 16:26:23 +00:00
Clément Oudot
fbe50de653 * Better log of what is registered in session 
* Control whatToTrace parameter before logging into Apache
 2010-04-15 13:46:45 +00:00
Clément Oudot
d9c4b44c4b Add multiValuesSeparator configuration parameter 2010-04-15 11:15:36 +00:00
Xavier Guimard
799b643949 $ENV not taken in acount in macros 2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452 * make tidy 
* Manage authenticationLevel in all authentication backends
 2010-04-14 15:37:57 +00:00
Clément Oudot
ea24dc314e Portal: updateSession can now take session id as parameter 2010-04-12 13:50:42 +00:00
Clément Oudot
7fef157210 SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage) 2010-04-09 13:27:54 +00:00
Thomas CHEMINEAU
7202a6651f SAML: manage hidden values for SAML authentication request 2010-04-02 15:28:29 +00:00
Thomas CHEMINEAU
fa039d2114 Store hidden informations in forms 
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
  * Simple: add functions to manage hidden values for forms
 2010-04-02 09:17:02 +00:00
Clément Oudot
953806ed93 SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet 2010-03-24 13:44:24 +00:00
Clément Oudot
7692cefd95 Portal: all is ready for AuthOpenID 2010-03-15 09:53:56 +00:00
Xavier Guimard
40d2c70604 New target 'tidy' in Makefile 2010-03-01 20:32:28 +00:00
Clément Oudot
2c584cf7f7 SAML: 
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
 2010-02-28 19:07:02 +00:00
Xavier Guimard
58c28c5732 * Inheritance instead of @EXPORT 
* Purge CGI::Session dependency (LA)
 2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f SAML: manage SOAP 2010-02-26 09:12:18 +00:00
Clément Oudot
f0c29c779a SAML: 
* Manage SSO message like SLO message
* Send SLO request trough REDIRECT and POST
* Reponse to SSO request trough REDIRECT, POST and SOAP
* Reponse to SLO request trough REDIRECT, POST and SOAP
 2010-02-24 10:11:01 +00:00
Clément Oudot
fc542fa6b1 Portal: method to auto submit data through POST 2010-02-22 11:07:48 +00:00
Clément Oudot
7444d9802c Portal: set content-type to application/xml for SOAP response 2010-02-22 10:08:14 +00:00
Clément Oudot
3eac5ce288 Portal: display logout status to user 2010-02-20 11:44:05 +00:00
Clément Oudot
9766b8457a SAML: SP SLO response trough HTTP-REDIRECT and SOAP 2010-02-19 11:33:34 +00:00
Clément Oudot
bd2c92f207 SAML: SP SLO in progress 2010-02-18 17:22:04 +00:00
Clément Oudot
46764465b2 SAML: SP SLO in progress 2010-02-17 17:37:38 +00:00
Clément Oudot
3606362946 LDAP: 
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
 2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be Portal: force authentication is now working 2010-02-05 10:21:48 +00:00
Clément Oudot
3a3ec647e9 SAML: IDP choice 2010-02-04 12:30:18 +00:00
Clément Oudot
90a08dbbde Portal/Multi: 
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
 2010-01-28 14:47:51 +00:00
Clément Oudot
760f62e534 Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user 2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd Portal: portalForceAuthn option was unusable with Menu password change 2010-01-27 14:04:41 +00:00
Clément Oudot
1f243e0a20 Portal: possibility to force reauthentication (set portalForceAuthn = 1) 2010-01-25 17:40:46 +00:00
Clément Oudot
3222021897 Portal: 
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}
 2010-01-22 11:25:37 +00:00
Clément Oudot
f6c250207c Portal - new feature: token to reset password by mail: 
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid
 2010-01-21 17:38:55 +00:00
Clément Oudot
5af1db1c3e Portal: move ppolicy warnings from menu to information page 2010-01-15 22:01:04 +00:00
Clément Oudot
9477aa69af Portal: confirm template amelioration 2010-01-12 11:19:13 +00:00
Clément Oudot
bea600dff4 Portal: info template amelioration 2010-01-12 11:07:31 +00:00
Xavier Guimard
7d98447f5e PE_CONFIRM target 2010-01-12 11:05:01 +00:00
Xavier Guimard
271c4767a8 Link to delete other sessions 2010-01-12 10:36:04 +00:00
Xavier Guimard
effa0b9fa6 Notify existing sessions and deleted sessions if wanted 2010-01-12 09:53:49 +00:00