dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,210 Commits 3 Branches 0 Tags 75 MiB
b187b54b35
Commit Graph

1137 Commits

Author SHA1 Message Date
Clément Oudot
e759219371 Control confirm stamp before decrypting it (#207) 2010-10-21 13:41:26 +00:00
Clément Oudot
2f4b218488 Require Lasso 2.3.0 (#199) 2010-10-21 11:46:46 +00:00
Clément Oudot
24a9971297 Add setPersistentSessionInfo step in authentication process (closes #200) 2010-10-21 10:28:47 +00:00
Xavier Guimard
3e0ff9322e Closes #202 "searchOn no working with SAML and Apache::Session::File" 2010-10-20 05:47:10 +00:00
Xavier Guimard
6ce85e83d7 Problem with OpenID tests 2010-10-18 21:38:33 +00:00
Clément Oudot
c8a3b80055 Load CAS Storage if different from globalStorage 2010-10-18 15:33:21 +00:00
Clément Oudot
0d6e9acd6d Bigger fonts for dark skin 2010-10-18 09:20:17 +00:00
Clément Oudot
01d4f364ef Remove AuthLA (#194) 2010-10-18 08:59:20 +00:00
Xavier Guimard
038c312200 Tests 2010-10-14 10:25:50 +00:00
Xavier Guimard
51d4c67f11 * OpenID: more tests for SREG 
* OpenID: delete trust persistent datas when confirm=-1
* make tidy
 2010-10-14 09:50:23 +00:00
Xavier Guimard
01bf8253f0 Typo 2010-10-14 07:59:15 +00:00
Xavier Guimard
cb267983dc - update Debian control file 
- more tests for OpenID
- Romanian missing translation
 2010-10-14 05:55:28 +00:00
Clément Oudot
7f8e7084c7 Correct persistent session typo and add possibility to delete a session value in updateSession 2010-10-13 08:32:27 +00:00
Xavier Guimard
813288bfe3 Typo 2010-10-12 18:12:13 +00:00
Clément Oudot
56049b9827 Use persistent storage for SAML identity (#191) 2010-10-12 13:32:18 +00:00
Clément Oudot
876317ed4c Add missing romanian translation 2010-10-12 08:24:45 +00:00
Xavier Guimard
c1d218947f Bug in OpenID white/black lists 2010-10-11 12:36:09 +00:00
Xavier Guimard
cdcb7ab31c Use PE_BADPARTNER instead of PE_BADURL 2010-10-11 12:27:03 +00:00
Xavier Guimard
6155d579f7 Better display for federation errors 2010-10-11 12:22:51 +00:00
Xavier Guimard
f95acaa007 Closes #182 "portal return a 500 error under cgi-script 2010-10-11 11:45:37 +00:00
Xavier Guimard
cb717868de #164 in progress: need to manage list parameters 2010-10-10 13:32:01 +00:00
Xavier Guimard
de64f48d48 Closes #189 "Cleanup process slows down considerably the Apache server" 2010-10-08 19:19:59 +00:00
Xavier Guimard
7fd3964c9a #166 fixed but not yet tested 2010-10-08 16:14:06 +00:00
Xavier Guimard
05e1d01fdc #166 in progress 
- persistent datats restored
 2010-10-08 16:02:43 +00:00
Xavier Guimard
51e7ff2a02 #166 in progress 
- new updatePersistentSession sub
 2010-10-08 15:35:40 +00:00
Xavier Guimard
1588463687 #166 in progress: 
- Lemonldap::NG::Common::Apache::Session is used as Apache::Session module and provides a way to choose _session_id
 2010-10-08 14:21:49 +00:00
Clément Oudot
43d5c921a8 Add CAS Issuer parameters in Manager (#186) 2010-10-07 14:30:58 +00:00
Xavier Guimard
0ee20f3d0e Attributes management 2010-10-07 11:05:36 +00:00
Xavier Guimard
fd86915f35 More tests + skip for OpenID 2010-10-05 18:39:15 +00:00
Xavier Guimard
cc2fbdf7d1 make tidy 2010-10-04 17:27:32 +00:00
Clément Oudot
030da0ee57 Manage encoding for displayed connected user in Menu 2010-10-04 14:50:33 +00:00
Clément Oudot
24df2548ac Use correct values to display SREG confirmation 2010-10-04 13:53:44 +00:00
Clément Oudot
0bfe3b95df Use a table to display SREG parameters confirmation 2010-10-04 13:04:38 +00:00
Clément Oudot
3b0ea0dd30 Bad OpenID SREG attribute in authentication is not a blocking error -> use warn instead of error log level 2010-10-04 12:29:18 +00:00
Clément Oudot
f204750f0a Correct a little bug in OpenID Issuer SREG attributes filtering (it was only returning the first attribute) 2010-10-04 12:06:15 +00:00
Clément Oudot
b146969947 OpenID Issuer parameters in Manager (#175) 2010-10-04 09:55:50 +00:00
Xavier Guimard
84a56ef1d8 - make tidy 
- OpenID log levels
- DIFFPREFIX in Makefile (for vservers,...)
 2010-10-03 18:32:53 +00:00
Xavier Guimard
2ae2c53868 Doxygen comments 2010-10-03 10:26:50 +00:00
Xavier Guimard
5dd15f78f3 - Doxygen doc in progress 
- lmLog display caller in case of level != debug
 2010-10-03 08:25:40 +00:00
Xavier Guimard
ad0ebc182e Doxygen comments 2010-10-02 15:45:10 +00:00
Clément Oudot
7a84710467 Close bug #179 2010-10-01 15:05:06 +00:00
Clément Oudot
24dc3d54e9 Use get_module for check in AuthOpenID 2010-10-01 14:21:46 +00:00
Clément Oudot
68daddc246 Simple tests for OpenID 2010-10-01 13:21:54 +00:00
Clément Oudot
a346e07f1d Do not abort on unknow attribute, as OpenID can be used with Multi or Choice authentication 2010-10-01 13:21:25 +00:00
Clément Oudot
a81c8c7f52 Use get_module for check in UserDBOpenID init 2010-10-01 13:04:13 +00:00
Clément Oudot
82feff1eb7 OpenID: prefill user login with submitted OpenID identity 2010-10-01 12:36:45 +00:00
Clément Oudot
4a181801e5 Correct previous commit 2010-10-01 09:47:06 +00:00
Clément Oudot
8cc808f1de IssuerOpenID: store only OpenID params in hidden fields (#177) 2010-10-01 09:34:42 +00:00
Clément Oudot
52e8221608 Correct code of updateSession 2010-10-01 09:06:32 +00:00
Clément Oudot
42e19787f1 Use standard header for OpenID Issuer template 2010-10-01 07:48:50 +00:00
Clément Oudot
1ad26b0f42 Add CSS special styles for webkit 2010-10-01 07:48:21 +00:00
Xavier Guimard
f804756fad Debian install: links in /etc/apache2/sites-available 2010-09-30 20:20:12 +00:00
Xavier Guimard
a406d79d2f updateSession + checkboxes checked 2010-09-29 10:09:04 +00:00
Xavier Guimard
431a809a90 Messages update 2010-09-29 07:24:56 +00:00
Xavier Guimard
aa39949546 OpenID SREG works !!! 2010-09-29 06:42:48 +00:00
Xavier Guimard
7db3b688fa make tidy 2010-09-29 06:28:15 +00:00
Xavier Guimard
b48232068e OpenID SREG in progress 2010-09-28 16:26:35 +00:00
Clément Oudot
6147019e90 * Portal error page merged with main portal script 
* Option to use Redirect instead of Forbidden in Handler (#6)
 2010-09-28 14:40:50 +00:00
Clément Oudot
7f3b69b8c9 Create Display module to clean portal index.pl (#160) 2010-09-28 10:30:57 +00:00
Xavier Guimard
ed4de56194 Doxygen comments for inheritance 2010-09-28 05:47:47 +00:00
Clément Oudot
6ddf9774c5 Menu applications can now be requested trought SOAP (#25) 2010-09-27 14:18:48 +00:00
Clément Oudot
aeae8ce1d8 Typo in CDC writer URL call (#18) 2010-09-27 09:11:37 +00:00
Clément Oudot
6697e4a221 forcedSAML must not be shown in authentication choices 2010-09-27 08:53:16 +00:00
Clément Oudot
c546d7c9a9 Update Common Domain Cookie before IDP redirects to SP (#18) 2010-09-27 08:40:18 +00:00
Xavier Guimard
c57087d696 OpenID SREG in progress... 2010-09-26 13:09:46 +00:00
Xavier Guimard
657238d8d8 OpenID SREG in progress 2010-09-26 08:16:56 +00:00
Xavier Guimard
075767dacc OpenID SREG in progress 2010-09-25 14:40:38 +00:00
Xavier Guimard
545c05ca60 OpenID SREG in progress 2010-09-25 14:15:53 +00:00
Xavier Guimard
23f22817b0 OpenID SREG in progress 2010-09-25 12:55:29 +00:00
Clément Oudot
537fcbdf26 Use Common Domain Cookie in AuthSAML (#18) 2010-09-24 15:27:40 +00:00
Clément Oudot
c3e9fbba7e Module to manage SAML Common Domain Cookie (#18) 2010-09-24 14:23:27 +00:00
Xavier Guimard
e7fdfb79ed OpenID SREG in progress 2010-09-24 14:21:19 +00:00
Xavier Guimard
dab3aaa07f Closes #156 : "Confirm parameter is not secured" 2010-09-24 12:02:57 +00:00
Xavier Guimard
bcc84f0ceb make tidy 2010-09-23 16:41:39 +00:00
Xavier Guimard
7c0e37d6fd Closes: #157 "Warning messages in make test" 2010-09-23 16:21:47 +00:00
Clément Oudot
c5fefefe81 Use eval in _SAML BEGIN block to get Lasso constants values 2010-09-23 15:47:17 +00:00
Clément Oudot
8f7a94c1fb Add artifact resolution URL in authForce (fixes #170) 2010-09-23 15:29:48 +00:00
Xavier Guimard
fb88b25e10 Optimization to increase performances 2010-09-23 15:09:27 +00:00
Clément Oudot
a51202cd65 Correct a bug in CAS login return URL (#169) 2010-09-23 13:19:25 +00:00
Clément Oudot
6008516967 Add icons (GPL) for applications in Menu (#29) 2010-09-23 09:30:00 +00:00
Clément Oudot
890daaf5a5 'on' and 'off' are also valid values fo display mode (#29) 2010-09-22 14:26:28 +00:00
Clément Oudot
48a12e1610 Update MANIFEST for application logos (#29) 2010-09-20 15:23:55 +00:00
Clément Oudot
ff58e89b0a Categories and applications sorted by alphabetical order of their id (#29) 2010-09-20 14:04:33 +00:00
Clément Oudot
fd114a0345 New application list for dark theme (#29) 2010-09-20 13:07:28 +00:00
Clément Oudot
fecc9cc332 Adapt CSS for application list, skin pastel (#29) 2010-09-20 12:35:24 +00:00
Clément Oudot
36a1674c09 Use template loops to display categories and applications - work in progress (#29) 2010-09-20 10:39:23 +00:00
Clément Oudot
59c17a6604 Build applications list as a perl struct (#29) 2010-09-20 08:31:09 +00:00
Xavier Guimard
eae0070d8e Doxygen doc 2010-09-19 12:23:46 +00:00
Xavier Guimard
a28a147674 Little error 2010-09-19 09:47:38 +00:00
Xavier Guimard
e8b2860ff6 - Missing Debian dependencies 
- META.yml update
 2010-09-19 09:29:40 +00:00
Xavier Guimard
df0c8004c0 New feature : configuration is cached in portal memory 2010-09-19 09:25:47 +00:00
Xavier Guimard
85d384bac1 #28 in progress 2010-09-18 06:41:48 +00:00
Xavier Guimard
c80795805a #28 in progress 2010-09-18 06:23:34 +00:00
Xavier Guimard
305113c53f #28 in progress : 
- Extension to Net::OpenID::Server to manage extensions (and sign them)
 2010-09-17 15:32:43 +00:00
Clément Oudot
ce8b2f0adf Dark skin in progress 2010-09-17 12:20:58 +00:00
Xavier Guimard
09b6f037df _SOAP.pm and Menu.pm provide both _compileRules => moved to _LibAccess.pm 2010-09-17 10:23:49 +00:00
Clément Oudot
d2bef48797 New Menu in impact skin (#29) 2010-09-16 15:23:05 +00:00
Clément Oudot
d7fb73b2e2 Rewrite Menu module, to integrate it in Portal (#29) 2010-09-16 15:10:00 +00:00
Clément Oudot
b658c3df43 SAFEWRAP test was not good 2010-09-16 08:44:56 +00:00
Clément Oudot
30a337176e Correct confirmation template for skin impact 2010-09-15 15:14:11 +00:00
Clément Oudot
0ab89e1f14 Use a cookie to know which authchoice tab was selected 2010-09-15 08:31:44 +00:00
Clément Oudot
6623372844 Add SSL logo 2010-09-13 20:22:51 +00:00
Clément Oudot
dda83a3e67 Store authChoice in session, and load it for existing sessions 2010-09-13 15:14:19 +00:00
Clément Oudot
07c1c59d0e Load IDPs in SAML userDBInit to manage SLO in SAML proxy mode 2010-09-13 15:10:39 +00:00
Clément Oudot
657c39d563 Use subProcess to change password in Menu 2010-09-13 15:08:29 +00:00
Clément Oudot
3304885bf0 Register dn in session even if no UserDBLDAP selected 2010-09-13 14:09:07 +00:00
Clément Oudot
a9ab38424d Dark skin: mail reset form 2010-09-13 14:08:20 +00:00
Clément Oudot
c004e6363d Load correct authentication module on issuer logout process 2010-09-10 20:27:14 +00:00
Clément Oudot
0fb130e29e Correct UserDBSAML init test 2010-09-10 20:17:08 +00:00
Clément Oudot
17b3c15466 Code authentication choice like multiple authentication (#19) 2010-09-10 19:52:44 +00:00
Clément Oudot
974b4377f7 Dark theme in progress 2010-09-09 20:45:57 +00:00
Clément Oudot
18e62ab725 Work on a new skin (dark), based on pastel templates 2010-09-09 15:49:10 +00:00
Clément Oudot
1a7c6e5e77 Modify file organization for skins 2010-09-09 15:00:59 +00:00
Clément Oudot
789b726225 Some enhancements on skins 2010-09-08 20:17:56 +00:00
Clément Oudot
61a73e59dd Work on authentication choice (#19) 2010-09-08 20:16:32 +00:00
Clément Oudot
a565dd555a Display user login in impact theme 2010-09-07 14:02:18 +00:00
Clément Oudot
1f4a6e6450 #19: 
* Dedicated AuthChoice.pm
* Authentication choice parameters in Manager
 2010-09-06 15:05:54 +00:00
Clément Oudot
7bcbdaa318 Manage auth choice and OpenID in impact skin (#19) 2010-09-06 12:43:33 +00:00
Clément Oudot
13da8acd79 * Confirmation data are always resend to portal (form action=#) 
* Transport authentication choice in info and confirm steps (#19)
 2010-09-06 11:48:41 +00:00
Clément Oudot
d2549c2fbe Always display authentication choices if any (#19) 2010-09-06 09:35:05 +00:00
Xavier Guimard
c8a2b8c5e0 "_safe" instead of "safe" in Menu 2010-09-06 09:23:23 +00:00
Clément Oudot
b5361c1175 Specific templates for standard from and OpenID form (#19) 2010-09-06 08:45:22 +00:00
Clément Oudot
45bd8a6872 Use global_vars in template to see template vars inside loops (#19) 2010-09-05 13:57:07 +00:00
Xavier Guimard
29640f3829 test wrapper for Safe 2010-09-04 11:49:03 +00:00
Clément Oudot
09b06fecbf Add SSL and Apache in authentication choices (#19) 2010-09-03 16:02:10 +00:00
Xavier Guimard
d00f68a54b Try to close LEMONLDAP-117 2010-09-03 15:58:57 +00:00
Clément Oudot
b57ae4f34a Add logos for authentication choice (#19) 2010-09-03 15:43:41 +00:00
Clément Oudot
82b4ea080e Load correct authentication module for authLogout (#LEMONDLAP-19) 2010-09-03 15:23:08 +00:00
Xavier Guimard
8663fd29e9 AddUserDBOpenID 2010-09-03 15:20:38 +00:00
Clément Oudot
615f0ba259 Transport authChoice in OpenID workflow 2010-09-03 14:58:25 +00:00
Clément Oudot
a8cc940774 Manage authChoice in CAS proxy callback 2010-09-03 14:53:31 +00:00
Clément Oudot
9e38c5ea2a Transport authChoice in CAS authentication 2010-09-03 14:24:19 +00:00
Clément Oudot
41151228ff Typo in checkXSSAttack call 2010-09-03 14:23:54 +00:00
Clément Oudot
f47388bc32 Update MANIFEST for UserDBOpenID 2010-09-03 14:23:30 +00:00
Clément Oudot
ec8eb57b1f * Common XSS attack check method 
* Check XSS attack on authChoice parameter
 2010-09-03 14:15:44 +00:00
Xavier Guimard
eacdc8e2dd Typo 2010-09-03 13:37:49 +00:00
Xavier Guimard
47cb5c1a59 OpenID consumer now supports "OpenID Simple Registration Extension" 2010-09-03 13:34:35 +00:00
Clément Oudot
c10f1a96db Authentication choice in progress (#19) 2010-09-03 13:21:03 +00:00
Clément Oudot
0f4212abc2 URL param to choose authentication module (#LEMONLDAP19) 2010-09-02 15:32:40 +00:00
Xavier Guimard
0e1f5f4217 According to OpenID-2.0 specs, HTML field should be called "openid_identifier" 2010-09-02 10:38:28 +00:00
Clément Oudot
9992c56f43 Configure mapping between SAML authentication contexts and authentication levels (#152) 2010-09-02 09:09:10 +00:00
Clément Oudot
8d6899c2b2 Configuration keys for authentication levels (#152) 2010-09-01 16:06:01 +00:00
Xavier Guimard
06beaa6ff4 « make tidy » 2010-09-01 12:56:15 +00:00
Xavier Guimard
dd597a7cce OpenID federation message 2010-09-01 12:52:56 +00:00
Clément Oudot
a5ac6ee02b Recreate an ARRAY ref for ldapGroupAttributeNameSearch (#1) 2010-09-01 10:59:11 +00:00
Clément Oudot
6dd0c45e61 Add fake authFinish in Portal unit test 01 2010-09-01 10:29:24 +00:00
Clément Oudot
0f973b7b87 Set external authenticationLevel to 1 2010-09-01 09:53:55 +00:00
Xavier Guimard
7770f58ab2 Error using Lemonldap::NG::Common::Crypt 2010-09-01 09:16:02 +00:00
Clément Oudot
e5bbac08de Add authFinish, authLogout and authForce in authentication modules (#149) 2010-09-01 08:59:39 +00:00
Xavier Guimard
f7bc27e310 Typo 2010-09-01 08:13:44 +00:00
Xavier Guimard
ebc6609da9 Typo 2010-09-01 08:11:34 +00:00
Xavier Guimard
f6f09f635c IssuerOpenID in progress 2010-08-31 15:36:32 +00:00
Clément Oudot
038f57d7b5 SAML Issuer: redirect on logout page after logout process initiated by IDP 2010-08-31 15:21:17 +00:00
Clément Oudot
0d5faacc0a Manage // in path when checking IssuerDB path 2010-08-31 15:14:44 +00:00
Clément Oudot
88272cce87 Use _saml_id key in SAML sessions to rattach them to main SSO session_id (#148) 2010-08-31 14:36:45 +00:00
Clément Oudot
35935c5b7f Little bug in controlExistingSession 2010-08-31 12:23:11 +00:00
Clément Oudot
1e1f9bf5ea Modify binmode to bytes for SOAP responses (closes #144) 2010-08-31 10:34:28 +00:00
Xavier Guimard
2295d560f8 "make manifest" 2010-08-31 06:53:04 +00:00
Clément Oudot
a73968cd84 AuthCAS: use logoutServices to register CAS logout URL 2010-08-30 16:01:25 +00:00
Clément Oudot
92352246ee Support from logout services: they are deconnected with a GET request after portal logout (#121) 2010-08-30 15:46:26 +00:00
Clément Oudot
611d252ebc AuthCAS: renew and gateway flags can now been configured 2010-08-30 13:41:45 +00:00
Clément Oudot
9a4df749fe CAS: Manage renew flag in VALIDATE and SERVICE VALIDATE URL (#101) 2010-08-30 09:24:04 +00:00
Clément Oudot
d3aefd81b8 AuthCAS: declare authForce method 2010-08-30 09:01:15 +00:00
Clément Oudot
60296f0143 CAS: Manage renew flag in LOGIN URL (#101) 2010-08-30 08:56:16 +00:00
Clément Oudot
8e7c112181 AuthCAS: declare authLogout and authFinish methods 2010-08-30 08:38:53 +00:00
Clément Oudot
e3010de6e5 CAS Issuer (#101): 
* Manage gateway parameter (refused unauthenticated user)
* Display CAS logout URL message
* Do not check base64 encoded URL for CAS (mandatory for logout URL management)
 2010-08-27 16:07:19 +00:00
Xavier Guimard
7eb813fbca Little TODO 2010-08-27 15:35:53 +00:00
Xavier Guimard
cd00bf3b62 OpenID server in progress 2010-08-27 15:34:03 +00:00
Clément Oudot
6045909d1f AuthCAS: collect PT for each registered CAS proxied service (#146) 2010-08-27 14:42:07 +00:00
Clément Oudot
832f7050eb Add activation parameter for each IssuerDB module (#147) 2010-08-27 13:01:54 +00:00
Clément Oudot
ac47c65adb AuthCAS: remove unused parameters and add debug information (#146) 2010-08-27 08:50:09 +00:00
Clément Oudot
f4514c41e7 Manage all proxy workflow for CAS (#101) 2010-08-26 16:16:13 +00:00
Clément Oudot
b4f5adde99 Manage proxy granting ticket for CAS service validate URL (#101) 2010-08-26 14:43:32 +00:00
Clément Oudot
b721763e23 Manage CAS service validate URL (#101) 2010-08-26 12:24:38 +00:00
Clément Oudot
cf282a3c25 Add sample CAS client script (#101) 2010-08-26 10:25:58 +00:00
Clément Oudot
a19067e5a2 Delete CAS secondary sessions on logout (#101) 2010-08-26 08:42:28 +00:00
Clément Oudot
b819f75f9e Remove HTTP-Redirect binding for SAML authentication response because not supported in SAML 2.0 conformance document (#144) 2010-08-26 08:05:25 +00:00
Clément Oudot
04ede0a918 CAS: 
* Check the ticket is a service ticket
* Add _utime in CAS service sessions
* Add some debug messages
 2010-08-25 15:57:21 +00:00
Clément Oudot
2b1e09d09c Manage CAS logout and validate URL (#101) 2010-08-25 15:33:33 +00:00
Clément Oudot
a6acf86f4e Generate CAS Service Ticket (#101) 2010-08-25 14:23:45 +00:00
Clément Oudot
c6c8024326 Manage CAS URLs (#101) 2010-08-23 16:41:38 +00:00
Clément Oudot
5877fa95d6 CAS IssuerDB skeleton (#101) 2010-08-23 15:47:53 +00:00
Clément Oudot
dca8b923ac * Add setUserDBValue method for LDAP and DBI userDB 
* Add samlUserDBIdentityKey
* IssuerDBSAML now try to store Lasso identity in UserDB
* References #123
 2010-08-23 14:52:53 +00:00
Clément Oudot
240c2b56eb SAML: 
* Use request path to choose IssuerDB module to load
* Store all used IssuerDB module in user session
* Launch issuerLogout method for all used IssuerDB module
* References #102
 2010-08-23 13:27:16 +00:00
Clément Oudot
503fd5d9c3 Correct bug in javascript when action URL has no '?' (#125) 2010-08-20 15:36:06 +00:00
Clément Oudot
4fa2f6318e Build removeOther link with javascript, to get the final redirection URL and method (#125) 2010-08-20 15:07:55 +00:00
Clément Oudot
a9a2106e89 Add a back URL in removeOther link (#125) 2010-08-20 13:48:09 +00:00
Clément Oudot
a85958f90f Always clear previous hidden form value when PE_INFO is returned by autoRedirect and autoPost (#125) 2010-08-20 10:52:52 +00:00
Clément Oudot
5e6efebab1 Manage info form hidden fields for autoRedirect and autoPost (#125) 2010-08-20 10:31:20 +00:00
Clément Oudot
ead9413dd8 Possibility to control form method of info and confirm screen (references #125) 2010-08-19 16:19:30 +00:00
Clément Oudot
f0af83546a Correct bug for artifact resolution on IDP side (#143) 2010-08-19 14:17:25 +00:00
Clément Oudot
e29a65e92b Disable timer on IDP list (#141) 2010-08-18 15:10:30 +00:00
Clément Oudot
6781054397 Return error when SAML authentication is refused by user (#132) 2010-08-18 14:26:18 +00:00
Xavier Guimard
b09b37566d Update to Jquery 1.4.2 2010-08-18 13:54:50 +00:00
Clément Oudot
33403f3396 Display a link to go back to SP on IDP login page (#140) 2010-08-18 13:39:15 +00:00
Xavier Guimard
45aaa41cee Split extractFormInfo => create getIDP() 2010-08-18 10:07:42 +00:00
Clément Oudot
6c534022f4 Use #PORTAL# macro in SAML URL to ease SAML configuration (#139) 2010-08-18 09:49:55 +00:00
Xavier Guimard
7cf902d9e2 Debian packaging requires "/skins" due to symbolic links 2010-08-16 16:29:16 +00:00
Xavier Guimard
d32e31e5bd Perl dependency + typo 2010-08-05 08:21:31 +00:00
Clément Oudot
1dc1f926e4 Add timeout, version and binary attributes options for LDAP configuration (closes #129) 2010-07-28 10:00:30 +00:00
Clément Oudot
5cc3a3057a Update MailReset doxygen documentation (#7) 2010-07-22 09:06:50 +00:00
Clément Oudot
a32502b8f7 Do use st when browsing backends (authentication, userDB, ...) to prevent from a bug in Perl-LDAP 0.40 (#128) 2010-07-21 12:13:12 +00:00
Clément Oudot
6792a1350c Store replay protection for SAML SLO request sent by IDP 2010-07-05 21:24:34 +00:00
Clément Oudot
d475674b4c * Modify some default conf values 
* Add missing SAML error codes to portal CGI
 2010-07-05 21:09:55 +00:00
Clément Oudot
192dd9c8e1 Preparation for 1.0rc2 release 2010-07-05 16:20:17 +00:00
Clément Oudot
15cb8f6e29 SAML error codes for IDP and UserDBSAML (#40) 2010-07-05 15:58:03 +00:00
Clément Oudot
abfc445f38 SAML Error codes for SP (#40) 2010-07-05 15:38:02 +00:00
Clément Oudot
6fb21c669b Use private key passwords (#97) 2010-07-05 11:50:12 +00:00
Clément Oudot
3ed02a09b8 * Set noInfo flag when updating session 
* Get sessionIndex from SLO request before validating the request
* Use NameID dump in debug message
 2010-07-05 09:36:52 +00:00
Clément Oudot
5c406c5381 Counter is never negative (#124) 2010-07-04 14:05:20 +00:00
Clément Oudot
1c4d8535f7 SAML: Issuer can send SLO requests to SP and IDP when in proxy mode (#31) 2010-07-03 14:38:46 +00:00
Clément Oudot
c0548bab70 Modify XML namespace for Lasso Session empty object 2010-07-03 13:55:43 +00:00
Clément Oudot
0dac2f1374 * authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode 
* do not 'return' sendSLOErrorMessage
 2010-07-02 15:42:22 +00:00
Clément Oudot
b635d87761 * authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode 
* do not 'return' sendSLOErrorMessage
 2010-07-02 15:14:54 +00:00
Clément Oudot
f193d0b66d Really exit if sendSLOErrorMessage fail 2010-07-02 14:17:01 +00:00
Clément Oudot
a6c60ec1a7 Keep and restore SAML request for IDP proxy (#31) 2010-07-02 11:29:00 +00:00
Clément Oudot
e0bbb1c9d0 Delete SAML sessions on local logout (#122) 2010-07-02 09:05:46 +00:00
Clément Oudot
1f28b97cd8 Wrong error level in debug message 2010-07-02 08:54:54 +00:00
Clément Oudot
e359e1a7d1 SAML: use correct method to build artifact message (#32) 2010-07-02 08:14:26 +00:00
Clément Oudot
5754d86ff5 * Add a troolean type in Manager 
* Sign SAML Message options can accept the default value (#88)
 2010-07-01 16:05:57 +00:00
Clément Oudot
2ce4e19a0d SAML: catch SSO artifact URL in IssuerDBSAML (#32) 2010-07-01 11:31:24 +00:00
Clément Oudot
90debded1d SAML: add Artifact binding in metadata (#32) 2010-07-01 09:58:39 +00:00
Clément Oudot
f46c3b4224 SAML: artifact for sending authn request, work in progress (#32) 2010-07-01 09:48:50 +00:00
Clément Oudot
edb345f23c SAML: 
* Correct a SLO bug when only one SP in session 
* Check NotOnOrAfter in SLO request (#36)
 2010-06-30 08:05:20 +00:00
Clément Oudot
b2381101d7 SAML: use getSamlSession whenever it's possible 2010-06-28 16:22:07 +00:00
Clément Oudot
758c133f81 SAML: encode metadata flag was not honored for attribute authority 2010-06-28 15:04:40 +00:00
Clément Oudot
d07eaab83f SAML: keep SAML request in memory for IDP Proxy management (#31) 2010-06-28 15:00:14 +00:00
Clément Oudot
3ee1e9b393 Add an option to encode Metadata in UTF-8 (#119) 2010-06-28 09:11:59 +00:00
Clément Oudot
f5367d4dc9 * Create sendSLOErrorResponse subroutine 
* Send SLO error if REDIRECT or POST SLO request on a closed session (#107)
* Send SLO error instead of empty SOAP message, or local error page
 2010-06-28 08:34:15 +00:00
Clément Oudot
dee65a4d00 SAML: cache Lasso::Server object to increase performances (#86) 2010-06-25 15:38:14 +00:00
Clément Oudot
d114827e70 Store metadata in raw format (#104) 2010-06-25 13:51:09 +00:00
Clément Oudot
b32d4e8f52 Remove HttpRedirect and HttpDisableSubmit options in info.tpl, and use hidden fields to store URL parameters, for form GET to work (#115) 2010-06-23 14:03:18 +00:00
Clément Oudot
07f648cd7e SLO termination complete (#111) 2010-06-23 09:58:14 +00:00
Xavier Guimard
0e082b1d8f Closes: #114 : Bad usage of Apache::Session::searchOn() on portal 2010-06-22 16:30:38 +00:00
Clément Oudot
33699a6d40 SAML: build a SLO termination state (#111) 2010-06-21 16:24:50 +00:00
Clément Oudot
174026f44c SAML: validate SLO request before building other SP SLO request (#111) 2010-06-21 15:44:18 +00:00
Xavier Guimard
aa190c7f35 make tidy 2010-06-21 15:29:59 +00:00
Clément Oudot
58419de458 Portal: we can have information message for unauthenticated users 2010-06-21 15:20:51 +00:00
Xavier Guimard
8139248c15 Closes: #113 : Lemonldap::NG is not compatible with the use of a LDAP server using a different encoding than UTF-8 for storing passwords 2010-06-21 14:47:27 +00:00
Clément Oudot
8b23a63fb3 SAML: use a SLO status session to store SLO status on IDP side (#111) 2010-06-21 14:28:42 +00:00
Clément Oudot
3b6e0567ee SAML: store SAML Token in session (#110) 2010-06-18 13:07:20 +00:00
Clément Oudot
11761807f4 SAML: do not send empty Attribute Statement (#109) 2010-06-18 07:50:37 +00:00
Clément Oudot
af0f4ef88e SAML: force NameID format if requested format is unspecified (#108) 2010-06-17 13:29:53 +00:00
Clément Oudot
e33f7c2efc SAML: 
* Use table instead of list for SP SLO status
* Catch SLO response and display status logo (#106)
 2010-06-16 16:17:05 +00:00
Clément Oudot
885966f04b SAML: error in SAML POST field name (#56) 2010-06-16 13:08:18 +00:00
Clément Oudot
1aec1902f5 SAML: create POST relay mechanism to send POST SLO requests (#56) 2010-06-16 10:32:43 +00:00
Clément Oudot
8ffd3e6244 Display status of SLO request in debug level (#78) 2010-06-14 15:42:32 +00:00
Clément Oudot
d1d0accae6 Rebuild logout object before sending SLO response (#78) 2010-06-14 15:29:37 +00:00
Clément Oudot
ebc421d335 Return directly if no local session (#105) 2010-06-14 14:52:52 +00:00
Clément Oudot
021f89d918 Check session before closing it (#105) 2010-06-14 14:18:27 +00:00