Clément Oudot
f4514c41e7
Manage all proxy workflow for CAS ( #101 )
2010-08-26 16:16:13 +00:00
Clément Oudot
b4f5adde99
Manage proxy granting ticket for CAS service validate URL ( #101 )
2010-08-26 14:43:32 +00:00
Clément Oudot
b721763e23
Manage CAS service validate URL ( #101 )
2010-08-26 12:24:38 +00:00
Clément Oudot
cf282a3c25
Add sample CAS client script ( #101 )
2010-08-26 10:25:58 +00:00
Clément Oudot
a19067e5a2
Delete CAS secondary sessions on logout ( #101 )
2010-08-26 08:42:28 +00:00
Clément Oudot
b819f75f9e
Remove HTTP-Redirect binding for SAML authentication response because not supported in SAML 2.0 conformance document ( #144 )
2010-08-26 08:05:25 +00:00
Clément Oudot
04ede0a918
CAS:
...
* Check the ticket is a service ticket
* Add _utime in CAS service sessions
* Add some debug messages
2010-08-25 15:57:21 +00:00
Clément Oudot
2b1e09d09c
Manage CAS logout and validate URL ( #101 )
2010-08-25 15:33:33 +00:00
Clément Oudot
a6acf86f4e
Generate CAS Service Ticket ( #101 )
2010-08-25 14:23:45 +00:00
Clément Oudot
c6c8024326
Manage CAS URLs ( #101 )
2010-08-23 16:41:38 +00:00
Clément Oudot
5877fa95d6
CAS IssuerDB skeleton ( #101 )
2010-08-23 15:47:53 +00:00
Clément Oudot
dca8b923ac
* Add setUserDBValue method for LDAP and DBI userDB
...
* Add samlUserDBIdentityKey
* IssuerDBSAML now try to store Lasso identity in UserDB
* References #123
2010-08-23 14:52:53 +00:00
Clément Oudot
240c2b56eb
SAML:
...
* Use request path to choose IssuerDB module to load
* Store all used IssuerDB module in user session
* Launch issuerLogout method for all used IssuerDB module
* References #102
2010-08-23 13:27:16 +00:00
Clément Oudot
503fd5d9c3
Correct bug in javascript when action URL has no '?' ( #125 )
2010-08-20 15:36:06 +00:00
Clément Oudot
4fa2f6318e
Build removeOther link with javascript, to get the final redirection URL and method ( #125 )
2010-08-20 15:07:55 +00:00
Clément Oudot
a9a2106e89
Add a back URL in removeOther link ( #125 )
2010-08-20 13:48:09 +00:00
Clément Oudot
a85958f90f
Always clear previous hidden form value when PE_INFO is returned by autoRedirect and autoPost ( #125 )
2010-08-20 10:52:52 +00:00
Clément Oudot
5e6efebab1
Manage info form hidden fields for autoRedirect and autoPost ( #125 )
2010-08-20 10:31:20 +00:00
Clément Oudot
ead9413dd8
Possibility to control form method of info and confirm screen (references #125 )
2010-08-19 16:19:30 +00:00
Clément Oudot
f0af83546a
Correct bug for artifact resolution on IDP side ( #143 )
2010-08-19 14:17:25 +00:00
Clément Oudot
e29a65e92b
Disable timer on IDP list ( #141 )
2010-08-18 15:10:30 +00:00
Clément Oudot
6781054397
Return error when SAML authentication is refused by user ( #132 )
2010-08-18 14:26:18 +00:00
Xavier Guimard
b09b37566d
Update to Jquery 1.4.2
2010-08-18 13:54:50 +00:00
Clément Oudot
33403f3396
Display a link to go back to SP on IDP login page ( #140 )
2010-08-18 13:39:15 +00:00
Xavier Guimard
45aaa41cee
Split extractFormInfo => create getIDP()
2010-08-18 10:07:42 +00:00
Clément Oudot
6c534022f4
Use #PORTAL# macro in SAML URL to ease SAML configuration ( #139 )
2010-08-18 09:49:55 +00:00
Xavier Guimard
7cf902d9e2
Debian packaging requires "/skins" due to symbolic links
2010-08-16 16:29:16 +00:00
Xavier Guimard
d32e31e5bd
Perl dependency + typo
2010-08-05 08:21:31 +00:00
Clément Oudot
1dc1f926e4
Add timeout, version and binary attributes options for LDAP configuration ( closes #129 )
2010-07-28 10:00:30 +00:00
Clément Oudot
5cc3a3057a
Update MailReset doxygen documentation ( #7 )
2010-07-22 09:06:50 +00:00
Clément Oudot
a32502b8f7
Do use st when browsing backends (authentication, userDB, ...) to prevent from a bug in Perl-LDAP 0.40 ( #128 )
2010-07-21 12:13:12 +00:00
Clément Oudot
6792a1350c
Store replay protection for SAML SLO request sent by IDP
2010-07-05 21:24:34 +00:00
Clément Oudot
d475674b4c
* Modify some default conf values
...
* Add missing SAML error codes to portal CGI
2010-07-05 21:09:55 +00:00
Clément Oudot
192dd9c8e1
Preparation for 1.0rc2 release
2010-07-05 16:20:17 +00:00
Clément Oudot
15cb8f6e29
SAML error codes for IDP and UserDBSAML ( #40 )
2010-07-05 15:58:03 +00:00
Clément Oudot
abfc445f38
SAML Error codes for SP ( #40 )
2010-07-05 15:38:02 +00:00
Clément Oudot
6fb21c669b
Use private key passwords ( #97 )
2010-07-05 11:50:12 +00:00
Clément Oudot
3ed02a09b8
* Set noInfo flag when updating session
...
* Get sessionIndex from SLO request before validating the request
* Use NameID dump in debug message
2010-07-05 09:36:52 +00:00
Clément Oudot
5c406c5381
Counter is never negative ( #124 )
2010-07-04 14:05:20 +00:00
Clément Oudot
1c4d8535f7
SAML: Issuer can send SLO requests to SP and IDP when in proxy mode ( #31 )
2010-07-03 14:38:46 +00:00
Clément Oudot
c0548bab70
Modify XML namespace for Lasso Session empty object
2010-07-03 13:55:43 +00:00
Clément Oudot
0dac2f1374
* authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode
...
* do not 'return' sendSLOErrorMessage
2010-07-02 15:42:22 +00:00
Clément Oudot
b635d87761
* authInit should be called before issuerForAuthUser when we catch SLO URL in IDP proxy mode
...
* do not 'return' sendSLOErrorMessage
2010-07-02 15:14:54 +00:00
Clément Oudot
f193d0b66d
Really exit if sendSLOErrorMessage fail
2010-07-02 14:17:01 +00:00
Clément Oudot
a6c60ec1a7
Keep and restore SAML request for IDP proxy ( #31 )
2010-07-02 11:29:00 +00:00
Clément Oudot
e0bbb1c9d0
Delete SAML sessions on local logout ( #122 )
2010-07-02 09:05:46 +00:00
Clément Oudot
1f28b97cd8
Wrong error level in debug message
2010-07-02 08:54:54 +00:00
Clément Oudot
e359e1a7d1
SAML: use correct method to build artifact message ( #32 )
2010-07-02 08:14:26 +00:00
Clément Oudot
5754d86ff5
* Add a troolean type in Manager
...
* Sign SAML Message options can accept the default value (#88 )
2010-07-01 16:05:57 +00:00
Clément Oudot
2ce4e19a0d
SAML: catch SSO artifact URL in IssuerDBSAML ( #32 )
2010-07-01 11:31:24 +00:00
Clément Oudot
90debded1d
SAML: add Artifact binding in metadata ( #32 )
2010-07-01 09:58:39 +00:00
Clément Oudot
f46c3b4224
SAML: artifact for sending authn request, work in progress ( #32 )
2010-07-01 09:48:50 +00:00
Clément Oudot
edb345f23c
SAML:
...
* Correct a SLO bug when only one SP in session
* Check NotOnOrAfter in SLO request (#36 )
2010-06-30 08:05:20 +00:00
Clément Oudot
b2381101d7
SAML: use getSamlSession whenever it's possible
2010-06-28 16:22:07 +00:00
Clément Oudot
758c133f81
SAML: encode metadata flag was not honored for attribute authority
2010-06-28 15:04:40 +00:00
Clément Oudot
d07eaab83f
SAML: keep SAML request in memory for IDP Proxy management ( #31 )
2010-06-28 15:00:14 +00:00
Clément Oudot
3ee1e9b393
Add an option to encode Metadata in UTF-8 ( #119 )
2010-06-28 09:11:59 +00:00
Clément Oudot
f5367d4dc9
* Create sendSLOErrorResponse subroutine
...
* Send SLO error if REDIRECT or POST SLO request on a closed session (#107 )
* Send SLO error instead of empty SOAP message, or local error page
2010-06-28 08:34:15 +00:00
Clément Oudot
dee65a4d00
SAML: cache Lasso::Server object to increase performances ( #86 )
2010-06-25 15:38:14 +00:00
Clément Oudot
d114827e70
Store metadata in raw format ( #104 )
2010-06-25 13:51:09 +00:00
Clément Oudot
b32d4e8f52
Remove HttpRedirect and HttpDisableSubmit options in info.tpl, and use hidden fields to store URL parameters, for form GET to work ( #115 )
2010-06-23 14:03:18 +00:00
Clément Oudot
07f648cd7e
SLO termination complete ( #111 )
2010-06-23 09:58:14 +00:00
Xavier Guimard
0e082b1d8f
Closes : #114 : Bad usage of Apache::Session::searchOn() on portal
2010-06-22 16:30:38 +00:00
Clément Oudot
33699a6d40
SAML: build a SLO termination state ( #111 )
2010-06-21 16:24:50 +00:00
Clément Oudot
174026f44c
SAML: validate SLO request before building other SP SLO request ( #111 )
2010-06-21 15:44:18 +00:00
Xavier Guimard
aa190c7f35
make tidy
2010-06-21 15:29:59 +00:00
Clément Oudot
58419de458
Portal: we can have information message for unauthenticated users
2010-06-21 15:20:51 +00:00
Xavier Guimard
8139248c15
Closes : #113 : Lemonldap::NG is not compatible with the use of a LDAP server using a different encoding than UTF-8 for storing passwords
2010-06-21 14:47:27 +00:00
Clément Oudot
8b23a63fb3
SAML: use a SLO status session to store SLO status on IDP side ( #111 )
2010-06-21 14:28:42 +00:00
Clément Oudot
3b6e0567ee
SAML: store SAML Token in session ( #110 )
2010-06-18 13:07:20 +00:00
Clément Oudot
11761807f4
SAML: do not send empty Attribute Statement ( #109 )
2010-06-18 07:50:37 +00:00
Clément Oudot
af0f4ef88e
SAML: force NameID format if requested format is unspecified ( #108 )
2010-06-17 13:29:53 +00:00
Clément Oudot
e33f7c2efc
SAML:
...
* Use table instead of list for SP SLO status
* Catch SLO response and display status logo (#106 )
2010-06-16 16:17:05 +00:00
Clément Oudot
885966f04b
SAML: error in SAML POST field name ( #56 )
2010-06-16 13:08:18 +00:00
Clément Oudot
1aec1902f5
SAML: create POST relay mechanism to send POST SLO requests ( #56 )
2010-06-16 10:32:43 +00:00
Clément Oudot
8ffd3e6244
Display status of SLO request in debug level ( #78 )
2010-06-14 15:42:32 +00:00
Clément Oudot
d1d0accae6
Rebuild logout object before sending SLO response ( #78 )
2010-06-14 15:29:37 +00:00
Clément Oudot
ebc421d335
Return directly if no local session ( #105 )
2010-06-14 14:52:52 +00:00
Clément Oudot
021f89d918
Check session before closing it ( #105 )
2010-06-14 14:18:27 +00:00
Xavier Guimard
22387615fb
Permit direct OpenID server side direct authentication
2010-06-14 06:19:34 +00:00
Clément Oudot
6bc5246690
Send SOAP SLO request to other entities when receiving a SOAP SLO request on IDP ( #78 )
2010-06-11 14:50:28 +00:00
Clément Oudot
98a9b6ef40
SAML: delete secondary SAML sessions ( #100 )
2010-06-11 14:13:26 +00:00
Clément Oudot
a570447179
SAML: use another method to set NameID in Attribute request ( #83 )
2010-06-11 13:49:33 +00:00
Clément Oudot
a62484dc91
SAML: manage SOAP SLO request - work in progress ( #78 )
2010-06-11 10:17:43 +00:00
Clément Oudot
c6ff319439
SAML: add unit test for SAML date with milliseconds
2010-06-11 08:48:00 +00:00
Clément Oudot
2b7cbd4d83
SAML:
...
* IDP Option to check conditions (#98 )
* Extend SAML date format (add milliseconds)
2010-06-10 15:01:05 +00:00
Clément Oudot
a2921f9d10
SAML: add encryption key in attribute authority metadata ( #96 )
2010-06-10 10:06:42 +00:00
Thomas CHEMINEAU
3fb6a0ccd1
SAML #89 - Now use a different private key for encryption when creation Lasso::Server object
2010-06-09 08:42:30 +00:00
Thomas CHEMINEAU
a410b90dc4
SAML #89 - metadata file of the service now use newly defined public keys parameter
2010-06-08 16:20:17 +00:00
Clément Oudot
2ab40fea15
Soap is not required for SAML ( #91 )
2010-06-08 13:19:00 +00:00
Xavier Guimard
11dd597a41
Some Lintian tips
2010-06-08 10:39:34 +00:00
Clément Oudot
7e031e199a
SAML: minor corrections for forceAuthn flag management ( #34 )
2010-06-07 15:36:45 +00:00
Clément Oudot
783d88eabb
SAML: manage ForceAuthn flag from SP ( #34 )
2010-06-07 14:48:59 +00:00
Clément Oudot
05637bf0c4
SAML: set encryption mode on providers (none, nameid or assertion) ( #49 )
2010-06-04 15:54:52 +00:00
Clément Oudot
dd615d0678
SAML:
...
* Check values of requested attributes (#85 )
* Refactor some code in _SAML (createAttribute and createAttributeValue)
2010-06-04 14:23:41 +00:00
Xavier Guimard
208a4f34d2
Closes #82 : CDA always use secured cookie even if requested site is a http one
2010-06-04 08:43:42 +00:00
Xavier Guimard
47d38c7e3f
New debconf translation ( Closes : #584453 / bugs.debian.org)
2010-06-04 08:35:53 +00:00
Thomas CHEMINEAU
160c5f670a
fix #35 - include more checks to test contents on identity dump
2010-06-03 14:02:15 +00:00
Clément Oudot
cc1eb344a7
SAML: get attributes in attribute response
2010-06-02 15:21:39 +00:00
Clément Oudot
101442179d
Check format and friendly name from attribute ( #84 )
2010-06-02 14:51:39 +00:00