Clément Oudot
11761807f4
SAML: do not send empty Attribute Statement ( #109 )
2010-06-18 07:50:37 +00:00
Clément Oudot
af0f4ef88e
SAML: force NameID format if requested format is unspecified ( #108 )
2010-06-17 13:29:53 +00:00
Clément Oudot
e33f7c2efc
SAML:
...
* Use table instead of list for SP SLO status
* Catch SLO response and display status logo (#106 )
2010-06-16 16:17:05 +00:00
Clément Oudot
885966f04b
SAML: error in SAML POST field name ( #56 )
2010-06-16 13:08:18 +00:00
Clément Oudot
1aec1902f5
SAML: create POST relay mechanism to send POST SLO requests ( #56 )
2010-06-16 10:32:43 +00:00
Clément Oudot
8ffd3e6244
Display status of SLO request in debug level ( #78 )
2010-06-14 15:42:32 +00:00
Clément Oudot
d1d0accae6
Rebuild logout object before sending SLO response ( #78 )
2010-06-14 15:29:37 +00:00
Clément Oudot
ebc421d335
Return directly if no local session ( #105 )
2010-06-14 14:52:52 +00:00
Clément Oudot
021f89d918
Check session before closing it ( #105 )
2010-06-14 14:18:27 +00:00
Clément Oudot
6bc5246690
Send SOAP SLO request to other entities when receiving a SOAP SLO request on IDP ( #78 )
2010-06-11 14:50:28 +00:00
Clément Oudot
98a9b6ef40
SAML: delete secondary SAML sessions ( #100 )
2010-06-11 14:13:26 +00:00
Clément Oudot
a62484dc91
SAML: manage SOAP SLO request - work in progress ( #78 )
2010-06-11 10:17:43 +00:00
Clément Oudot
7e031e199a
SAML: minor corrections for forceAuthn flag management ( #34 )
2010-06-07 15:36:45 +00:00
Clément Oudot
783d88eabb
SAML: manage ForceAuthn flag from SP ( #34 )
2010-06-07 14:48:59 +00:00
Clément Oudot
dd615d0678
SAML:
...
* Check values of requested attributes (#85 )
* Refactor some code in _SAML (createAttribute and createAttributeValue)
2010-06-04 14:23:41 +00:00
Thomas CHEMINEAU
160c5f670a
fix #35 - include more checks to test contents on identity dump
2010-06-03 14:02:15 +00:00
Clément Oudot
101442179d
Check format and friendly name from attribute ( #84 )
2010-06-02 14:51:39 +00:00
Clément Oudot
e928b770f7
SAML: browse SP authorized attributes and build attribute response ( #2 )
2010-06-02 13:45:37 +00:00
Clément Oudot
82b350a397
SAML: check NameID before extracting content
2010-06-02 09:08:33 +00:00
Clément Oudot
5444a9d3b4
SAML:
...
* Grab NameID from attribute request and find corresponding session (#2 )
* create a getSamlSession subroutine
2010-06-02 09:04:07 +00:00
Clément Oudot
a27464e277
SAML: process and validate attribute request ( #2 )
2010-06-02 08:09:59 +00:00
Clément Oudot
608e5e6b0a
Little corrections for make test
2010-06-01 15:39:18 +00:00
Clément Oudot
8fe3e749a3
SAML: catch attribute service URL ( #2 )
2010-06-01 15:34:08 +00:00
Clément Oudot
e8c514f794
SAML: set NameID in attribute query ( #2 )
2010-06-01 14:43:49 +00:00
Clément Oudot
8c14ba24bf
SAML: keep NameID in a SAML session to answer later attribute queries ( #2 )
2010-06-01 13:27:02 +00:00
Clément Oudot
6c1dc91ff0
SAML: set SessionNotOnOrAfter ( #81 )
2010-06-01 08:03:24 +00:00
Clément Oudot
ffeb9e3134
SAML: adjust HTTP-POST artifact binding ( #75 )
2010-05-31 15:46:41 +00:00
Clément Oudot
82ff667d57
SAML: add POST binding to SAML services ( #75 )
2010-05-28 10:35:24 +00:00
Clément Oudot
d1b4541a4d
SAML: check Destination attribute ( closes #33 )
2010-05-21 13:44:16 +00:00
Clément Oudot
58bec95435
SAML: map NameID formats to local session keys ( closes #67 )
2010-05-21 09:03:29 +00:00
Clément Oudot
0817e9918f
SAML: Option to configure default NameID format for a SP ( #67 )
2010-05-20 15:57:51 +00:00
Clément Oudot
f187851ba6
SAML: signatures on SSO/SLO messages issued from IDP ( #66 )
2010-05-20 13:08:07 +00:00
Clément Oudot
bc618ce075
SAML: check SSO/SLO messages signature in IDP ( #66 )
2010-05-20 10:25:00 +00:00
Clément Oudot
fdc84aac52
SAML: get SessionIndex before validating SLO request ( closes #64 )
2010-05-20 08:59:59 +00:00
Clément Oudot
ef3faf7d3e
SAML: eval SessionIndex call to prevent server error ( #64 )
2010-05-19 15:54:20 +00:00
Clément Oudot
df4198399f
* Add a new process step (authFinish) run after session store
...
* Create SAML session linked to real session to store NameID and SessionIndex, in order to use searchOn on them (will not force globalStorage to be compatible with searchOn)
* Control SessionIndex sent by IDP on a SLO request is now managed in SP to get the correct local session
* This solves issue #51
2010-05-17 16:02:21 +00:00
Clément Oudot
18bda4be2e
SAML: SLO request without SessionIndex are rejected ( #51 )
2010-05-17 12:44:26 +00:00
Clément Oudot
be742cfac6
SAML: use encrypt/decrypt to match session_index and session_id ( #51 )
2010-05-12 15:56:27 +00:00
Clément Oudot
c6dd158903
SAML: map SAML authentication context and authentication level ( #47 )
2010-05-12 15:14:07 +00:00
Clément Oudot
7f427610fe
SAML: typo in #53 correction
2010-05-12 12:56:16 +00:00
Thomas CHEMINEAU
14c23cea6d
fix #53 - use sendLogoutResponseToServiceProvider in IssuerDBSAML
2010-05-12 09:41:54 +00:00
Xavier Guimard
3844ba4192
"make tidy"
2010-05-12 04:04:10 +00:00
Clément Oudot
a04ff6e964
SAML:
...
* OneTimeUse is no more used in SP (#50 )
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
2010-05-05 07:10:13 +00:00
Clément Oudot
5eb7895dac
SAML: manage SP conf key
2010-05-04 10:10:34 +00:00
Thomas CHEMINEAU
4f979bfe22
SAML: change error name to PE_IMG_OK and PE_IMG_NOK
2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b
SAML:
...
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6
SAML: work in progress to manage asynchronous SOAP logout requests
2010-04-28 17:16:38 +00:00
Thomas CHEMINEAU
54afc28e75
SAML: manage logout initiate by IDP
2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
873aa0c32e
SAML: generalizing and moving some functions to _SAML.pm
2010-04-26 17:06:49 +00:00