dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
438 Commits 3 Branches 0 Tags 75 MiB
78852ac337
Commit Graph

83 Commits

Author SHA1 Message Date
Xavier Guimard
78852ac337 LEMONLDAP::NG perltidy 2008-12-24 14:57:23 +00:00
Xavier Guimard
13cdc9b8ec LEMONLDAP::NG : XSS patch not compatible with logout system 2008-12-24 14:55:44 +00:00
Xavier Guimard
2449e92c2d LEMONLDAP::NG : A site in the protected domain is accepted in $portal->{urldc} even if the site is not declared in the manager 2008-12-24 09:12:53 +00:00
Xavier Guimard
cc07eae107 LEMONLDAP::NG : customFunctions are now shared in macros, groups, headers and rules 2008-12-11 17:02:02 +00:00
Xavier Guimard
a77e385730 LEMONLDAP::NG : little bug in SOAP error() 2008-12-08 10:56:19 +00:00
Xavier Guimard
16a29be9fa LEMONLDAP::NG : error display in SOAP 2008-12-07 20:07:52 +00:00
Xavier Guimard
b9ba2337e4 LEMONLDAP::NG : now the portal can be called by browser or by SOAP 2008-12-07 14:12:36 +00:00
Xavier Guimard
68d447b422 LEMONLDAP::NG : typo 2008-12-07 12:15:40 +00:00
Xavier Guimard
53dc4bbbf4 LEMONLDAP::NG : * To avoid XSS, 3 controls : 
1) url must be base64 encoded
                  2) urldc is serialized on 1 line ("s/[\r\n]//sg")
                  3) urldc must not contains '"`\0<
                * Common/CGI can now intercept SOAP requests
 2008-12-07 09:02:44 +00:00
Xavier Guimard
8b4f38e58c LEMONLDAP::NG : XSS prevention 2008-12-06 10:26:24 +00:00
Xavier Guimard
66c60cc416 LEMONLDAP::NG : * branche 0.9.2 is missing 
* ' and " are now filtered in url in Portal.pm
 2008-12-06 07:27:35 +00:00
Xavier Guimard
5f552f4085 LEMONLDAP::NG : minnor things 2008-12-03 18:30:57 +00:00
Clément Oudot
35df5dddb8 LEMONLDAP::NG : Enforce XSS protection by deleting bad urls 2008-12-03 16:41:30 +00:00
Xavier Guimard
24a14caeda LEMONLDAP::NG : * Security fix : redirections in portal must be in protected sites 
* perltidy in Manager/Sessions.pm
                * Doxygen in progress...
 2008-12-03 16:05:27 +00:00
Xavier Guimard
fbc8b7bfd2 LEMONLDAP::NG : * security fix => XSS 
* Begin Doxygen documentation
 2008-12-03 13:27:30 +00:00
Xavier Guimard
de7edc7387 LEMONLDAP::NG : better manner to delete cookie 2008-12-01 13:39:52 +00:00
Xavier Guimard
d7bbb44924 LEMONLDAP::NG : * change default value for existing sessions : now, it's PE_DONE 
* after POST and logout, Portal generates a redirection to itself unless an url is given. This help MSIE to relog after logout
 2008-12-01 09:36:02 +00:00
Xavier Guimard
96e625a29d LEMONLDAP::NG : binmod(STDOUT,'utf8') has to be called at each request 2008-11-26 11:20:36 +00:00
Xavier Guimard
ccbb0a12e0 LEMONLDAP::NG : * eval+abort in XML parsing (to avoid die include in XML::LibXML) 
* Correct use of UTF8 : a apps-list.xml UTF8 encoded was not displayed correctly
 2008-11-26 11:11:03 +00:00
Xavier Guimard
a72eebdd81 LEMONLDAP::NG : Notification system skeleton 2008-11-24 06:57:18 +00:00
Xavier Guimard
2725f06fd3 LEMONLDAP::NG : * Handler/SharedConf.pm is more simple now since it use the new Conf.pm capabilities 
* CGIs now use abort() instead of die
                * debug system in COnf.pm (set "LogLevel debug" in Apache)
 2008-11-21 17:51:52 +00:00
Xavier Guimard
63f196078b LEMONLDAP::NG : die replaced by $self->abort in CGIs 2008-11-21 07:27:08 +00:00
Xavier Guimard
ac87a4b49e LEMONLDAP::NG : removing old feature : LDAP filter in groups 2008-11-20 18:13:27 +00:00
Xavier Guimard
a75e882741 LEMONLDAP::NG : New module Sessions.pm to manage sessions 2008-11-04 16:35:16 +00:00
Clément Oudot
9e2a494da5 LEMONLDAP::NG : password can now be stored in session 2008-10-16 07:35:42 +00:00
Xavier Guimard
26c944caa7 LEMONLDAP::NG : UserDB system updated + general perltidy 2008-10-07 20:15:48 +00:00
Xavier Guimard
80f199fbc7 LEMONLDAP::NG : LDAP User database module 2008-10-05 18:42:50 +00:00
Clément Oudot
6623c149f6 LEMONLDAP::NG : corrections on enhanced menu 2008-09-26 07:36:30 +00:00
Clément Oudot
b14983208c LemonLDAP::NG : W3C standards compliance and password modification module 2008-09-19 15:28:00 +00:00
Clément Oudot
1c15139a3a LemonLDAP::NG : pre-release of new Portal::Menu module 2008-09-18 08:34:17 +00:00
Xavier Guimard
7c9bb1621d LEMONLDAP::NG : bug in doc 2008-09-10 10:40:01 +00:00
Xavier Guimard
4e90f24172 LEMONLDAP::NG : perltidy + template language detection regexp 2008-09-04 06:05:24 +00:00
Clément Oudot
b264d0f8c7 LemonLDAP::NG : HTML::Template translation filter 2008-09-03 16:11:16 +00:00
Xavier Guimard
8364a0e78d LEMONLDAP::NG : CPAN versions update and little doc update 2008-08-25 19:54:24 +00:00
Xavier Guimard
7c3a6f3cfc LEMONLDAP::NG : complete integration of Password Policy (i18n not done) 2008-08-08 16:19:16 +00:00
Xavier Guimard
e1b8027ccd LEMONLDAP::NG : pod update 2008-06-11 06:00:26 +00:00
Xavier Guimard
8c073cc030 LEMONLDAP::NG : little corrections issued from CPAN test 2008-06-06 12:59:36 +00:00
Xavier Guimard
7bac798370 LEMONLDAP::NG : * new auth architecture 
* environment variables can now be used in exportedVars (usefull to access to SSL variables)
		* UTF-8 in examples
		* Romanian translation of portal
 2008-06-06 03:51:39 +00:00
Xavier Guimard
9b523a3534 LEMONLDAP::NG : revert to revision 310 : new auth architecture is not usable in some case 2008-06-01 06:25:09 +00:00
Xavier Guimard
2962eb2699 LEMONLDAP::NG : now, new auth architecture is running... 2008-05-31 13:33:34 +00:00
Xavier Guimard
772a9ad1e8 LEMONLDAP::NG : new sub "authInit" called by new() to initialize authentication module 2008-05-30 06:07:37 +00:00
Xavier Guimard
aca6815c1b LEMONLDAP::NG : New auth architecture in Portal 2008-05-30 04:47:32 +00:00
Xavier Guimard
83ec000c5f LEMONLDAP::NG : new constant : PE_CERTIFICATEREQUIRED 2008-05-25 13:17:16 +00:00
Xavier Guimard
dc8d0a4334 LEMONLDAP::NG : new functionality in Poratl/AuthSSL.pm : the parameter SSLRequire can be set to 0 to authenticate users both by certificate or login/password 2008-05-25 12:54:45 +00:00
Xavier Guimard
f52755060e LEMONLDAP::NG : Debian default portal is now issued from index_skin.pl 
Update versions
 2008-05-24 19:12:28 +00:00
Xavier Guimard
87d1f521e1 LEMONLDAP::NG : now, status page displays portal activity if an handler exists 2008-05-11 19:21:39 +00:00
Clément Oudot
3a8e138a88 Add perldoc for Password Policy 2008-05-10 09:31:43 +00:00
Xavier Guimard
edfb4aa305 LEMONLDAP::NG : update module versions and changelogs 2008-04-07 13:04:14 +00:00
Xavier Guimard
23ae454e60 LEMONLDAP::NG : When Net::LDAP::Control::PasswordPolicy isn't available, constants LDAP_CONTROL_PASSWORDPOLICY LDAP_PP_ACCOUNT_LOCKED LDAP_PP_PASSWORD_EXPIRED are not available. So I added a "no strict 'subs'" else, compilation failed whith earlier Net::LDAP packages. 2008-04-03 09:09:43 +00:00
Xavier Guimard
1e46733d63 LEMONLDAP::NG : Constants LDAP_CONTROL_PASSWORDPOLICY LDAP_PP_ACCOUNT_LOCKED LDAP_PP_PASSWORD_EXPIRED are not exported if Net::LDAP::Control::PasswordPolicy is missing, so we have to add an "eval" 2008-04-03 08:55:11 +00:00