Clément Oudot
|
192dd9c8e1
|
Preparation for 1.0rc2 release
|
2010-07-05 16:20:17 +00:00 |
|
Clément Oudot
|
15cb8f6e29
|
SAML error codes for IDP and UserDBSAML (#40)
|
2010-07-05 15:58:03 +00:00 |
|
Clément Oudot
|
abfc445f38
|
SAML Error codes for SP (#40)
|
2010-07-05 15:38:02 +00:00 |
|
Clément Oudot
|
6fb21c669b
|
Use private key passwords (#97)
|
2010-07-05 11:50:12 +00:00 |
|
Clément Oudot
|
3ed02a09b8
|
* Set noInfo flag when updating session
* Get sessionIndex from SLO request before validating the request
* Use NameID dump in debug message
|
2010-07-05 09:36:52 +00:00 |
|
Clément Oudot
|
5c406c5381
|
Counter is never negative (#124)
|
2010-07-04 14:05:20 +00:00 |
|
Clément Oudot
|
1c4d8535f7
|
SAML: Issuer can send SLO requests to SP and IDP when in proxy mode (#31)
|
2010-07-03 14:38:46 +00:00 |
|
Clément Oudot
|
c0548bab70
|
Modify XML namespace for Lasso Session empty object
|
2010-07-03 13:55:43 +00:00 |
|
Clément Oudot
|
0dac2f1374
|
* authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode
* do not 'return' sendSLOErrorMessage
|
2010-07-02 15:42:22 +00:00 |
|
Clément Oudot
|
b635d87761
|
* authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode
* do not 'return' sendSLOErrorMessage
|
2010-07-02 15:14:54 +00:00 |
|
Clément Oudot
|
f193d0b66d
|
Really exit if sendSLOErrorMessage fail
|
2010-07-02 14:17:01 +00:00 |
|
Clément Oudot
|
a6c60ec1a7
|
Keep and restore SAML request for IDP proxy (#31)
|
2010-07-02 11:29:00 +00:00 |
|
Clément Oudot
|
e0bbb1c9d0
|
Delete SAML sessions on local logout (#122)
|
2010-07-02 09:05:46 +00:00 |
|
Clément Oudot
|
1f28b97cd8
|
Wrong error level in debug message
|
2010-07-02 08:54:54 +00:00 |
|
Clément Oudot
|
e359e1a7d1
|
SAML: use correct method to build artifact message (#32)
|
2010-07-02 08:14:26 +00:00 |
|
Clément Oudot
|
5754d86ff5
|
* Add a troolean type in Manager
* Sign SAML Message options can accept the default value (#88)
|
2010-07-01 16:05:57 +00:00 |
|
Clément Oudot
|
2ce4e19a0d
|
SAML: catch SSO artifact URL in IssuerDBSAML (#32)
|
2010-07-01 11:31:24 +00:00 |
|
Clément Oudot
|
90debded1d
|
SAML: add Artifact binding in metadata (#32)
|
2010-07-01 09:58:39 +00:00 |
|
Clément Oudot
|
f46c3b4224
|
SAML: artifact for sending authn request, work in progress (#32)
|
2010-07-01 09:48:50 +00:00 |
|
Clément Oudot
|
edb345f23c
|
SAML:
* Correct a SLO bug when only one SP in session
* Check NotOnOrAfter in SLO request (#36)
|
2010-06-30 08:05:20 +00:00 |
|
Clément Oudot
|
b2381101d7
|
SAML: use getSamlSession whenever it's possible
|
2010-06-28 16:22:07 +00:00 |
|
Clément Oudot
|
758c133f81
|
SAML: encode metadata flag was not honored for attribute authority
|
2010-06-28 15:04:40 +00:00 |
|
Clément Oudot
|
d07eaab83f
|
SAML: keep SAML request in memory for IDP Proxy management (#31)
|
2010-06-28 15:00:14 +00:00 |
|
Clément Oudot
|
3ee1e9b393
|
Add an option to encode Metadata in UTF-8 (#119)
|
2010-06-28 09:11:59 +00:00 |
|
Clément Oudot
|
f5367d4dc9
|
* Create sendSLOErrorResponse subroutine
* Send SLO error if REDIRECT or POST SLO request on a closed session (#107)
* Send SLO error instead of empty SOAP message, or local error page
|
2010-06-28 08:34:15 +00:00 |
|
Clément Oudot
|
dee65a4d00
|
SAML: cache Lasso::Server object to increase performances (#86)
|
2010-06-25 15:38:14 +00:00 |
|
Clément Oudot
|
d114827e70
|
Store metadata in raw format (#104)
|
2010-06-25 13:51:09 +00:00 |
|
Clément Oudot
|
b32d4e8f52
|
Remove HttpRedirect and HttpDisableSubmit options in info.tpl, and use hidden fields to store URL parameters, for form GET to work (#115)
|
2010-06-23 14:03:18 +00:00 |
|
Clément Oudot
|
07f648cd7e
|
SLO termination complete (#111)
|
2010-06-23 09:58:14 +00:00 |
|
Xavier Guimard
|
0e082b1d8f
|
Closes: #114 : Bad usage of Apache::Session::searchOn() on portal
|
2010-06-22 16:30:38 +00:00 |
|
Clément Oudot
|
33699a6d40
|
SAML: build a SLO termination state (#111)
|
2010-06-21 16:24:50 +00:00 |
|
Clément Oudot
|
174026f44c
|
SAML: validate SLO request before building other SP SLO request (#111)
|
2010-06-21 15:44:18 +00:00 |
|
Xavier Guimard
|
aa190c7f35
|
make tidy
|
2010-06-21 15:29:59 +00:00 |
|
Clément Oudot
|
58419de458
|
Portal: we can have information message for unauthenticated users
|
2010-06-21 15:20:51 +00:00 |
|
Xavier Guimard
|
8139248c15
|
Closes: #113 : Lemonldap::NG is not compatible with the use of a LDAP server using a different encoding than UTF-8 for storing passwords
|
2010-06-21 14:47:27 +00:00 |
|
Clément Oudot
|
8b23a63fb3
|
SAML: use a SLO status session to store SLO status on IDP side (#111)
|
2010-06-21 14:28:42 +00:00 |
|
Clément Oudot
|
3b6e0567ee
|
SAML: store SAML Token in session (#110)
|
2010-06-18 13:07:20 +00:00 |
|
Clément Oudot
|
11761807f4
|
SAML: do not send empty Attribute Statement (#109)
|
2010-06-18 07:50:37 +00:00 |
|
Clément Oudot
|
af0f4ef88e
|
SAML: force NameID format if requested format is unspecified (#108)
|
2010-06-17 13:29:53 +00:00 |
|
Clément Oudot
|
e33f7c2efc
|
SAML:
* Use table instead of list for SP SLO status
* Catch SLO response and display status logo (#106)
|
2010-06-16 16:17:05 +00:00 |
|
Clément Oudot
|
885966f04b
|
SAML: error in SAML POST field name (#56)
|
2010-06-16 13:08:18 +00:00 |
|
Clément Oudot
|
1aec1902f5
|
SAML: create POST relay mechanism to send POST SLO requests (#56)
|
2010-06-16 10:32:43 +00:00 |
|
Clément Oudot
|
8ffd3e6244
|
Display status of SLO request in debug level (#78)
|
2010-06-14 15:42:32 +00:00 |
|
Clément Oudot
|
d1d0accae6
|
Rebuild logout object before sending SLO response (#78)
|
2010-06-14 15:29:37 +00:00 |
|
Clément Oudot
|
ebc421d335
|
Return directly if no local session (#105)
|
2010-06-14 14:52:52 +00:00 |
|
Clément Oudot
|
021f89d918
|
Check session before closing it (#105)
|
2010-06-14 14:18:27 +00:00 |
|
Xavier Guimard
|
22387615fb
|
Permit direct OpenID server side direct authentication
|
2010-06-14 06:19:34 +00:00 |
|
Clément Oudot
|
6bc5246690
|
Send SOAP SLO request to other entities when receiving a SOAP SLO request on IDP (#78)
|
2010-06-11 14:50:28 +00:00 |
|
Clément Oudot
|
98a9b6ef40
|
SAML: delete secondary SAML sessions (#100)
|
2010-06-11 14:13:26 +00:00 |
|
Clément Oudot
|
a570447179
|
SAML: use another method to set NameID in Attribute request (#83)
|
2010-06-11 13:49:33 +00:00 |
|
Clément Oudot
|
a62484dc91
|
SAML: manage SOAP SLO request - work in progress (#78)
|
2010-06-11 10:17:43 +00:00 |
|
Clément Oudot
|
c6ff319439
|
SAML: add unit test for SAML date with milliseconds
|
2010-06-11 08:48:00 +00:00 |
|
Clément Oudot
|
2b7cbd4d83
|
SAML:
* IDP Option to check conditions (#98)
* Extend SAML date format (add milliseconds)
|
2010-06-10 15:01:05 +00:00 |
|
Clément Oudot
|
a2921f9d10
|
SAML: add encryption key in attribute authority metadata (#96)
|
2010-06-10 10:06:42 +00:00 |
|
Thomas CHEMINEAU
|
3fb6a0ccd1
|
SAML #89 - Now use a different private key for encryption when creation Lasso::Server object
|
2010-06-09 08:42:30 +00:00 |
|
Thomas CHEMINEAU
|
a410b90dc4
|
SAML #89 - metadata file of the service now use newly defined public keys parameter
|
2010-06-08 16:20:17 +00:00 |
|
Clément Oudot
|
2ab40fea15
|
Soap is not required for SAML (#91)
|
2010-06-08 13:19:00 +00:00 |
|
Xavier Guimard
|
11dd597a41
|
Some Lintian tips
|
2010-06-08 10:39:34 +00:00 |
|
Clément Oudot
|
7e031e199a
|
SAML: minor corrections for forceAuthn flag management (#34)
|
2010-06-07 15:36:45 +00:00 |
|
Clément Oudot
|
783d88eabb
|
SAML: manage ForceAuthn flag from SP (#34)
|
2010-06-07 14:48:59 +00:00 |
|
Clément Oudot
|
05637bf0c4
|
SAML: set encryption mode on providers (none, nameid or assertion) (#49)
|
2010-06-04 15:54:52 +00:00 |
|
Clément Oudot
|
dd615d0678
|
SAML:
* Check values of requested attributes (#85)
* Refactor some code in _SAML (createAttribute and createAttributeValue)
|
2010-06-04 14:23:41 +00:00 |
|
Xavier Guimard
|
208a4f34d2
|
Closes #82 : CDA always use secured cookie even if requested site is a http one
|
2010-06-04 08:43:42 +00:00 |
|
Xavier Guimard
|
47d38c7e3f
|
New debconf translation (Closes: #584453 / bugs.debian.org)
|
2010-06-04 08:35:53 +00:00 |
|
Thomas CHEMINEAU
|
160c5f670a
|
fix #35 - include more checks to test contents on identity dump
|
2010-06-03 14:02:15 +00:00 |
|
Clément Oudot
|
cc1eb344a7
|
SAML: get attributes in attribute response
|
2010-06-02 15:21:39 +00:00 |
|
Clément Oudot
|
101442179d
|
Check format and friendly name from attribute (#84)
|
2010-06-02 14:51:39 +00:00 |
|
Clément Oudot
|
e928b770f7
|
SAML: browse SP authorized attributes and build attribute response (#2)
|
2010-06-02 13:45:37 +00:00 |
|
Clément Oudot
|
5ded22db86
|
Do not return errors in POST or SOAP response process, just quit if something is wrong
|
2010-06-02 09:12:35 +00:00 |
|
Clément Oudot
|
82b350a397
|
SAML: check NameID before extracting content
|
2010-06-02 09:08:33 +00:00 |
|
Clément Oudot
|
5444a9d3b4
|
SAML:
* Grab NameID from attribute request and find corresponding session (#2)
* create a getSamlSession subroutine
|
2010-06-02 09:04:07 +00:00 |
|
Clément Oudot
|
a27464e277
|
SAML: process and validate attribute request (#2)
|
2010-06-02 08:09:59 +00:00 |
|
Clément Oudot
|
67e3e0ee6b
|
was not set
|
2010-06-01 15:42:35 +00:00 |
|
Clément Oudot
|
608e5e6b0a
|
Little corrections for make test
|
2010-06-01 15:39:18 +00:00 |
|
Clément Oudot
|
8fe3e749a3
|
SAML: catch attribute service URL (#2)
|
2010-06-01 15:34:08 +00:00 |
|
Clément Oudot
|
e8c514f794
|
SAML: set NameID in attribute query (#2)
|
2010-06-01 14:43:49 +00:00 |
|
Clément Oudot
|
8c14ba24bf
|
SAML: keep NameID in a SAML session to answer later attribute queries (#2)
|
2010-06-01 13:27:02 +00:00 |
|
Clément Oudot
|
00a952a372
|
SAML: create a new Lasso::Server object to manage attribute queries (#2)
|
2010-06-01 12:23:11 +00:00 |
|
Clément Oudot
|
d7cee9a4f9
|
Use redirection message in page title (#80)
|
2010-06-01 10:11:35 +00:00 |
|
Clément Oudot
|
bb9c7435cc
|
POST fields are now hidden (#80)
|
2010-06-01 09:59:37 +00:00 |
|
Clément Oudot
|
6c1dc91ff0
|
SAML: set SessionNotOnOrAfter (#81)
|
2010-06-01 08:03:24 +00:00 |
|
Clément Oudot
|
ffeb9e3134
|
SAML: adjust HTTP-POST artifact binding (#75)
|
2010-05-31 15:46:41 +00:00 |
|
Xavier Guimard
|
aa06d53bcf
|
New dependency not inserted in control files (Crypt::OpenSSL::X509)
|
2010-05-31 15:44:40 +00:00 |
|
Thomas CHEMINEAU
|
3cef8ecf0a
|
SAML: fix #10 - support certificate into metadata
|
2010-05-31 14:57:34 +00:00 |
|
Clément Oudot
|
ec8892ef7f
|
SAML:
* Identity is no more required in attribute query
* Mandatory attributes are requested if not defined in SSO assertion (#79)
|
2010-05-31 14:54:24 +00:00 |
|
Clément Oudot
|
b678ab454f
|
SAML: test SessionNotOnOrAfter before converting it (#77)
|
2010-05-31 13:50:26 +00:00 |
|
Clément Oudot
|
9d3fd0ebd0
|
SAML:
* Add Attribute Authority metadata (#3)
* Clean existing metadata (remove NameID management, and set NameIDFormat directly in XML)
|
2010-05-31 10:37:43 +00:00 |
|
Clément Oudot
|
c0edd943db
|
SAML: add an IDP option to force attribute value in UTF-8 (#72)
|
2010-05-28 15:31:20 +00:00 |
|
Clément Oudot
|
6964b09eb2
|
SAML: use HTTP method string in debug messages
|
2010-05-28 12:17:05 +00:00 |
|
Clément Oudot
|
b91cba9f32
|
SAML: adapt metadata to new Post bindings (#75)
|
2010-05-28 11:51:53 +00:00 |
|
Clément Oudot
|
82ff667d57
|
SAML: add POST binding to SAML services (#75)
|
2010-05-28 10:35:24 +00:00 |
|
Clément Oudot
|
b8c3f5e6ff
|
SAML: transport url parameter in IDP choice screens (closes #73)
|
2010-05-28 08:03:13 +00:00 |
|
Clément Oudot
|
cfec37d111
|
SAML:
* Error message when no artifact resolution URL in profile
* Manage XML boolean values in metadata
|
2010-05-27 12:39:32 +00:00 |
|
Clément Oudot
|
8789b5d131
|
SAML: do not throw error if no SP or no IDP configured (closes #70)
|
2010-05-26 15:32:09 +00:00 |
|
Clément Oudot
|
a2cd83aea9
|
* - in domain (closes #69)
* securedCookie select box
* bad abort arguments number
* manager/index.pl comments
|
2010-05-26 15:17:51 +00:00 |
|
Clément Oudot
|
d1b4541a4d
|
SAML: check Destination attribute (closes #33)
|
2010-05-21 13:44:16 +00:00 |
|
Clément Oudot
|
58bec95435
|
SAML: map NameID formats to local session keys (closes #67)
|
2010-05-21 09:03:29 +00:00 |
|
Clément Oudot
|
0817e9918f
|
SAML: Option to configure default NameID format for a SP (#67)
|
2010-05-20 15:57:51 +00:00 |
|
Clément Oudot
|
f187851ba6
|
SAML: signatures on SSO/SLO messages issued from IDP (#66)
|
2010-05-20 13:08:07 +00:00 |
|
Clément Oudot
|
bc618ce075
|
SAML: check SSO/SLO messages signature in IDP (#66)
|
2010-05-20 10:25:00 +00:00 |
|