dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,253 Commits 3 Branches 0 Tags 75 MiB
b8c3f5e6ff
Commit Graph

91 Commits

Author SHA1 Message Date
Clément Oudot
b8c3f5e6ff SAML: transport url parameter in IDP choice screens (closes #73) 2010-05-28 08:03:13 +00:00
Clément Oudot
d1b4541a4d SAML: check Destination attribute (closes #33) 2010-05-21 13:44:16 +00:00
Clément Oudot
df4198399f * Add a new process step (authFinish) run after session store 
* Create SAML session linked to real session to store NameID and SessionIndex, in order to use searchOn on them (will not force globalStorage to be compatible with searchOn)
* Control SessionIndex sent by IDP on a SLO request is now managed in SP to get the correct local session
* This solves issue #51
 2010-05-17 16:02:21 +00:00
Clément Oudot
be742cfac6 SAML: use encrypt/decrypt to match session_index and session_id (#51) 2010-05-12 15:56:27 +00:00
Clément Oudot
c6dd158903 SAML: map SAML authentication context and authentication level (#47) 2010-05-12 15:14:07 +00:00
Xavier Guimard
3844ba4192 "make tidy" 2010-05-12 04:04:10 +00:00
Clément Oudot
a04ff6e964 SAML: 
* OneTimeUse is no more used in SP (#50)
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
 2010-05-05 07:10:13 +00:00
Clément Oudot
1b81ccd96f SAML: use get_signature_status from Lasso::Profile 2010-05-03 21:12:14 +00:00
Xavier Guimard
5ceb94e612 Correct errors 2010-05-02 13:41:12 +00:00
Xavier Guimard
cf0ece9aa2 Reformating 2010-05-02 11:37:25 +00:00
Clément Oudot
2523fc5cf5 SAML: check IDP value from IDP cookie (LEMONLDAP-44) 2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd SAML: 
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
 2010-04-30 14:55:40 +00:00
Xavier Guimard
1380d89865 New session explorer (not finished but useable) + some little tips 2010-04-28 19:57:16 +00:00
Clément Oudot
a1d41fbdda SAML: 
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
 2010-04-28 16:29:27 +00:00
Clément Oudot
70a214b9e0 SAML: 
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
 2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe SAML: add methods to disable signature verification (tests in progress) 2010-04-16 10:13:20 +00:00
Clément Oudot
c4e1379452 * make tidy 
* Manage authenticationLevel in all authentication backends
 2010-04-14 15:37:57 +00:00
Clément Oudot
91e1419f57 SAML: artifact resolution response in SP and IDP 2010-04-12 09:09:53 +00:00
Clément Oudot
7fef157210 SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage) 2010-04-09 13:27:54 +00:00
Clément Oudot
e34c8409b1 SAML: escape URL strings in regexp 2010-04-08 10:16:13 +00:00
Clément Oudot
fb9f964515 SAML: move use POSIX from AuthSAML to _SAML 2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5 SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP 2010-04-08 09:39:53 +00:00
Clément Oudot
ecf5612e4f SAML: 
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
 2010-04-07 15:14:17 +00:00
Clément Oudot
119386dca7 SAML: use checkMessage in AuthSAML 2010-04-02 14:47:17 +00:00
Clément Oudot
e21b4c936a SAML: intercept artefact resolution URL in SP 2010-04-02 11:41:44 +00:00
Clément Oudot
f87d6b9b3d SAML: IDP requestedAuthnContext option 2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f SAML: IDP isPassive option 2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4 SAML: work on SSO/SLO signature options 2010-04-01 14:18:37 +00:00
Clément Oudot
6d505c9468 SAML: IDP option to validate SSO response signature -not working now 2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681 SAML: IDP option to sign SSO requests 2010-04-01 09:55:33 +00:00
Thomas CHEMINEAU
a3a80947bc SAML: move code that load SAML services and IDPs into _SAML 2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c SAML: option to adapt session _utime with SessionNotOnOrAfter 2010-03-25 10:02:53 +00:00
Clément Oudot
953806ed93 SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet 2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a SAML: add AllowLoginFromIDP option 2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27 SAML: proxy restriction was not working, now it is set in authn request conditions 2010-03-24 12:33:45 +00:00
Clément Oudot
099c846d42 perltidy + manager bug with node created from special parent nodes 2010-03-13 17:39:50 +00:00
Clément Oudot
5a61c04a2d SAML: use correct IDP name in confirmation message 2010-03-13 16:49:33 +00:00
Clément Oudot
f80620fae4 SAML: No need to force default nameIDFormat value 2010-03-12 16:19:41 +00:00
Clément Oudot
44aeddbc5c Bug with samlIDPMetaDataOptions upload and use make tidy 2010-03-11 15:00:59 +00:00
Clément Oudot
ce8d8ee84e SAML: correct a bug if no NameIDFormat were given 2010-03-11 12:00:25 +00:00
Clément Oudot
058ab93a15 SAML: manage HTTP method choice for SLO 2010-03-05 17:11:40 +00:00
Clément Oudot
ae4ff763df SAML: manage HTTP method choice for SSO 2010-03-05 16:57:11 +00:00
Clément Oudot
8564389fa7 SAML: manage IDP resolution rules 2010-03-05 15:37:16 +00:00
Clément Oudot
8d1793b7bc SAML: check OneTimeUse and Issuer (for proxy test) 2010-03-05 15:23:49 +00:00
Clément Oudot
c2b7c07dc1 SAML: use NameIDFormat option 2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28 SAML: use ForceAuthn option 2010-03-05 08:54:01 +00:00
Clément Oudot
71283e3596 SAML: attribute request in UserDBSAML 2010-03-03 16:54:23 +00:00
Clément Oudot
13769b69f2 SAML: stop timer when choosing an IDP 2010-03-01 16:14:13 +00:00
Xavier Guimard
a746a440e6 perltidy 2010-03-01 10:45:04 +00:00
Clément Oudot
923e509226 SAML: split conditions validation between time and auience 2010-03-01 09:42:25 +00:00