Clément Oudot
fbe50de653
* Better log of what is registered in session
...
* Control whatToTrace parameter before logging into Apache
2010-04-15 13:46:45 +00:00
Clément Oudot
d9c4b44c4b
Add multiValuesSeparator configuration parameter
2010-04-15 11:15:36 +00:00
Xavier Guimard
799b643949
$ENV not taken in acount in macros
2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
ea24dc314e
Portal: updateSession can now take session id as parameter
2010-04-12 13:50:42 +00:00
Clément Oudot
7fef157210
SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage)
2010-04-09 13:27:54 +00:00
Thomas CHEMINEAU
7202a6651f
SAML: manage hidden values for SAML authentication request
2010-04-02 15:28:29 +00:00
Thomas CHEMINEAU
fa039d2114
Store hidden informations in forms
...
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
* Simple: add functions to manage hidden values for forms
2010-04-02 09:17:02 +00:00
Clément Oudot
953806ed93
SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet
2010-03-24 13:44:24 +00:00
Clément Oudot
7692cefd95
Portal: all is ready for AuthOpenID
2010-03-15 09:53:56 +00:00
Xavier Guimard
40d2c70604
New target 'tidy' in Makefile
2010-03-01 20:32:28 +00:00
Clément Oudot
2c584cf7f7
SAML:
...
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
2010-02-28 19:07:02 +00:00
Xavier Guimard
58c28c5732
* Inheritance instead of @EXPORT
...
* Purge CGI::Session dependency (LA)
2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f
SAML: manage SOAP
2010-02-26 09:12:18 +00:00
Clément Oudot
f0c29c779a
SAML:
...
* Manage SSO message like SLO message
* Send SLO request trough REDIRECT and POST
* Reponse to SSO request trough REDIRECT, POST and SOAP
* Reponse to SLO request trough REDIRECT, POST and SOAP
2010-02-24 10:11:01 +00:00
Clément Oudot
fc542fa6b1
Portal: method to auto submit data through POST
2010-02-22 11:07:48 +00:00
Clément Oudot
7444d9802c
Portal: set content-type to application/xml for SOAP response
2010-02-22 10:08:14 +00:00
Clément Oudot
3eac5ce288
Portal: display logout status to user
2010-02-20 11:44:05 +00:00
Clément Oudot
9766b8457a
SAML: SP SLO response trough HTTP-REDIRECT and SOAP
2010-02-19 11:33:34 +00:00
Clément Oudot
bd2c92f207
SAML: SP SLO in progress
2010-02-18 17:22:04 +00:00
Clément Oudot
46764465b2
SAML: SP SLO in progress
2010-02-17 17:37:38 +00:00
Clément Oudot
3606362946
LDAP:
...
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be
Portal: force authentication is now working
2010-02-05 10:21:48 +00:00
Clément Oudot
3a3ec647e9
SAML: IDP choice
2010-02-04 12:30:18 +00:00
Clément Oudot
90a08dbbde
Portal/Multi:
...
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
2010-01-28 14:47:51 +00:00
Clément Oudot
760f62e534
Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user
2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd
Portal: portalForceAuthn option was unusable with Menu password change
2010-01-27 14:04:41 +00:00
Clément Oudot
1f243e0a20
Portal: possibility to force reauthentication (set portalForceAuthn = 1)
2010-01-25 17:40:46 +00:00
Clément Oudot
3222021897
Portal:
...
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}
2010-01-22 11:25:37 +00:00
Clément Oudot
f6c250207c
Portal - new feature: token to reset password by mail:
...
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid
2010-01-21 17:38:55 +00:00
Clément Oudot
5af1db1c3e
Portal: move ppolicy warnings from menu to information page
2010-01-15 22:01:04 +00:00
Clément Oudot
9477aa69af
Portal: confirm template amelioration
2010-01-12 11:19:13 +00:00
Clément Oudot
bea600dff4
Portal: info template amelioration
2010-01-12 11:07:31 +00:00
Xavier Guimard
7d98447f5e
PE_CONFIRM target
2010-01-12 11:05:01 +00:00
Xavier Guimard
271c4767a8
Link to delete other sessions
2010-01-12 10:36:04 +00:00
Xavier Guimard
effa0b9fa6
Notify existing sessions and deleted sessions if wanted
2010-01-12 09:53:49 +00:00
Clément Oudot
dc2556386d
Portal: little corrections
2010-01-11 16:58:57 +00:00
Xavier Guimard
d181da867b
* perltidy
...
* new feature : info can be displayed by portal => used to notify deleted sessions
* notifyDeleted in the manager
2010-01-11 16:04:36 +00:00
Clément Oudot
dc3d9558fe
Portal: create a grantSession stage in process()
2010-01-11 14:02:43 +00:00
Xavier Guimard
8102f72d50
POD updates :
...
* spelling errors found by Lintian
* encoding utf8
2010-01-03 08:09:59 +00:00
Xavier Guimard
4d47d92749
* Debian upgrade for jquery management
...
* SQL injection protection for DBI
* Regexp to control user field
* Missing parameters in _Struct.pm
* Bad errors management in Uploader
2009-12-19 08:57:59 +00:00
Clément Oudot
a8601a0e5f
portalOpenLinkInNewWindow parameter
2009-12-17 14:10:39 +00:00
Clément Oudot
5b82343808
Reorganize issuer methods in process()
2009-12-16 15:53:49 +00:00
Xavier Guimard
dcd4905342
* Update Perl and Debian dependencies, and debian/rules for the new manager
...
* Add pod skeleton for Manager.pm
* correct pod for IssuerDB*
2009-12-13 15:40:33 +00:00
Xavier Guimard
5b2363b959
perltidy
2009-12-11 21:17:06 +00:00
Xavier Guimard
b301a5b5c8
New manager
2009-12-11 18:17:00 +00:00
Clément Oudot
5499a042ab
Replace SAML* methods by IssuerDB* methods, allowing use of other IssuerDB modules
2009-12-10 17:03:57 +00:00
Clément Oudot
1f0b9ed10c
First implementation of Auth/UserDB/PasswordDB DBI
2009-12-10 11:30:43 +00:00
Clément Oudot
9d7e1a85c1
Move default values in setDefaultValues
2009-12-03 13:51:55 +00:00
Clément Oudot
36e8868e31
Add parameter cookieExpiration (close feature request #314368 )
2009-12-03 11:47:50 +00:00
Xavier Guimard
7d4a491af3
* Remove class variable in handler (to do later)
...
* little bug in _LDAP
* new parameter singleUserByIp + removeOther() try to purge local cache
2009-11-25 12:38:22 +00:00
Clément Oudot
b972c10a20
Use configuration parameters for portal customization
2009-11-25 08:44:12 +00:00
Xavier Guimard
5f73c30706
Bug if trustedDomains contains more than 1 domain
2009-11-09 15:32:27 +00:00
Xavier Guimard
7a04829a08
New portal parameters : singleIP and singleSession
2009-10-21 12:43:13 +00:00
Xavier Guimard
655fd9e526
* perltidy
...
* LDAP: loadPP() is called now directly in ldap() to avoid to call it in authInit()
2009-10-12 16:55:35 +00:00
Xavier Guimard
bf6230c5ac
VERSION 0.9.4.1
2009-10-11 08:13:50 +00:00
Xavier Guimard
49cc593005
'*' for trustedDomains
2009-10-02 16:10:23 +00:00
Xavier Guimard
947ee7f7c6
Relay in progress...
2009-09-23 13:35:19 +00:00
Xavier Guimard
444e093004
Bugs :
...
* Crypto was usable only with 16xn characters
* Menu was not able to filter embedded <application>
Google page speed :
* optimize images
* set size
2009-08-20 14:19:40 +00:00
Xavier Guimard
771bf46a5f
HTTP code 302 has to be replaced by 303
2009-08-18 13:33:36 +00:00
Xavier Guimard
6c7558cffd
* Better performances for Menu : XML was parsed 2 times
...
* Doc for SympaAutoLogin
* Version update
2009-07-05 11:11:33 +00:00
Xavier Guimard
36c9aa2409
Change CDA parameter to cda.
2009-06-15 14:13:09 +00:00
Xavier Guimard
0ac63904e7
* New parameter for XSS protection : trustedDomains
...
* parameters test to avoid warnings
* debian/control : missing dependencies
* perltidy
* tests update
2009-06-14 16:43:02 +00:00
Clément Oudot
f52b609d0e
Correct errors seen in make test
2009-06-04 14:27:36 +00:00
Clément Oudot
8f423fd276
Move setGroups in UserDB
2009-06-04 09:13:03 +00:00
Clément Oudot
84c02a1c17
Mail customization (plain text only) with parameter mailBody
2009-06-03 16:40:41 +00:00
Clément Oudot
50e88a68a7
Manage X-FORWARDED-FOR with multiple IP
2009-06-03 14:52:22 +00:00
Clément Oudot
75c1f0feae
LEMONLDAP::NG : Reset password by mail (new functionnality)
2009-05-28 16:31:39 +00:00
Clément Oudot
43988469c7
LEMONLDAP::NG : Manage X-FORWARDED-FOR header for IP (close bug #312340 )
2009-05-20 09:29:52 +00:00
Clément Oudot
0d9eaed6fc
LEMONLDAP::NG :
...
* Correct XSS on user field
* Add "XSS attack detected" log messages
2009-05-19 08:52:27 +00:00
Clément Oudot
565ba83c05
LEMONLDAP::NG :
...
* Verify old password before modify
* Add the "PE_BADOLDPASSWORD" error
* Minor changes in pastel skin
* Erase old default skins
* Move icons to skins/common
2009-05-18 13:53:51 +00:00
Clément Oudot
cae5e6ed98
LemonLDAP::NG :
...
* Create PasswordDBLDAP
* Force password modification when password is reset with ppolicy
* new parameter ldapSetPassword: set to 1 if you want to use the LDAP extended operation rather than LDAP modify
* TODO: update HTML templates
2009-05-14 16:19:49 +00:00
Xavier Guimard
051f61b288
Since CGI stores now parameters at the root of the object, param is now redefined in Common/CGI.pm to secure those parameters
2009-04-11 11:16:44 +00:00
Xavier Guimard
c40c13734e
SAML skeleton in progress...
2009-04-08 16:31:13 +00:00
Xavier Guimard
a98e3ac8bb
SAML skeleton
2009-04-07 20:38:24 +00:00
Xavier Guimard
740ad09f9f
Safelib + LDAPFilter parameter
2009-04-05 08:12:16 +00:00
Xavier Guimard
8bc0d20afa
* Portal can now been used as 'proxy' for SOAP session storage.
...
* Session explorer works now with SOAP session storage (very low performances)
2009-04-03 16:17:57 +00:00
Xavier Guimard
b0b971b241
Double session mechanism : 2 cookies are generated, 1 secured, the other not.
...
Handlers detects automatically the cookie to choose.
2009-03-31 10:52:43 +00:00
Xavier Guimard
e5e80709e6
Use Net::LDAP high availability system
...
%ENV was not shared
2009-03-08 17:37:31 +00:00
Xavier Guimard
231f54ddf0
* New authentication and userDB module : 'Multi' to chain authentication modules.
...
* Compilation for ModPerl::Registry by default
2009-03-08 08:50:58 +00:00
Xavier Guimard
859be3923f
* Doxygen doc update
...
* More tests
* perltidy on tests
2009-02-25 18:10:07 +00:00
Xavier Guimard
6307a00750
Lot of work on Portal SOAP services. Now 5 functions are exported:
...
* getAttributes(cookieValue)
* getConfig()
* getCookies(user,password)
* error(code,language)
* newNotification(xml)
WSDL is up to date but getConfig is not documented since it's a Lemonldap::NG internal service.
2009-02-24 17:53:59 +00:00
Xavier Guimard
20764ad812
New authentication and userDB backend : "Remote" can be used to check authentication from a remote Lemonldap::NG portal using CDA
2009-02-23 17:35:38 +00:00
Xavier Guimard
018bee1fc6
CDA now included in main portal
2009-02-17 15:39:14 +00:00
Xavier Guimard
553058998f
Doxygen comments update
2009-02-17 15:22:42 +00:00
Xavier Guimard
ffb5ee8e33
Doxygen filter modification to show authentication process methods
2009-02-17 14:56:38 +00:00
Xavier Guimard
5803952784
* delete log() method from the portal :
...
* user actions are logged by userNotice() and userError()
* other access are logged by HTTP server
* create authenticate() method in Simple.pm used to launch userNotice() for
all authentication method
2009-02-15 17:58:38 +00:00
Xavier Guimard
b6cdee5d2a
Now userNotice and userError are customizable like subs called by _subProcess
2009-02-15 11:30:25 +00:00
Xavier Guimard
415d23b6e4
User actions are now registered with 3 functions :
...
* log : normal access to the portal
* userNotice : authentications, logout,...
* userError : bad password,...
A new parameter 'syslog => "auth"' can be set to log userNotice and userError via syslog
2009-02-15 08:53:44 +00:00
Xavier Guimard
0c18700f65
* cleaning code :
...
* session have not to be recover in Menu since it's done before bu the portal
* accounting in CGIs (ModPerl::Registry context only) :
* used by portal to inform Apache
2009-02-14 08:55:19 +00:00
Xavier Guimard
19e59af4cd
log & debug method lmLog() for CGIs
2009-02-12 19:48:53 +00:00
Clément Oudot
ed55803c04
LEMONLDAP::NG : Abort redirection if ppolicy warnings are present
2009-02-12 17:09:33 +00:00
Xavier Guimard
f8169c1909
Notification system in progress :
...
* File storage is running
* DBI storage has not yet been tested
Documentation update
2009-02-11 16:18:38 +00:00
Xavier Guimard
7c1ff1d938
Versions update
2009-02-10 17:28:27 +00:00
Xavier Guimard
c5a5ba909f
Typo in pod
2009-02-08 19:12:08 +00:00
Xavier Guimard
fbdb9ccb22
LEMONLDAP::NG : * Version is missing in SOAPServer.pm
...
* perltidy on Portal/Simple.pm
2009-02-08 07:59:46 +00:00
Xavier Guimard
1800497815
LEMONLDAP::NG : propagation of 0.9.3.4 changes
2009-02-05 17:05:18 +00:00
Xavier Guimard
a25e10b040
LEMONLDAP::NG : * documentation modification
...
* SOAP service to update notification database
2009-02-03 09:36:13 +00:00
Xavier Guimard
1b6f56699a
LEMONLDAP::NG : Missing file Portal/Notification.pm
2009-02-02 08:53:51 +00:00
Xavier Guimard
85d765a002
LEMONLDAP::NG : WSDL for portal + dependency of Crypt::Rijndael in Debian
2009-02-01 15:38:06 +00:00