dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,166 Commits 3 Branches 0 Tags 75 MiB
c2b642f172
Commit Graph

433 Commits

Author SHA1 Message Date
Clément Oudot
07c528d6fd SAML: update POD 2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068 SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT) 2010-03-25 16:43:34 +00:00
Thomas CHEMINEAU
b67654d42d SAML: code to load SP metadata 2010-03-25 14:44:38 +00:00
Thomas CHEMINEAU
dec9d562d8 SAML: work in progress in IssuerDBSAML 2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc SAML: move code that load SAML services and IDPs into _SAML 2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c SAML: option to adapt session _utime with SessionNotOnOrAfter 2010-03-25 10:02:53 +00:00
Clément Oudot
bc7df7b3bc SAML: correct NAME POD section to prevent lintian warning 2010-03-25 08:55:42 +00:00
Clément Oudot
44f5d27b7a Prepare for 1.0rc1: 
* Update modules main version
* make tidy
* make manifest
* make documentation
 2010-03-24 22:06:43 +00:00
Clément Oudot
bd9c9d13dc LDAP: change test for Net::LDAP minimal version for ppolicy feature 2010-03-24 15:53:55 +00:00
Clément Oudot
953806ed93 SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet 2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a SAML: add AllowLoginFromIDP option 2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27 SAML: proxy restriction was not working, now it is set in authn request conditions 2010-03-24 12:33:45 +00:00
Clément Oudot
bac76b680d LDAP: option to change the password as user (and not as managerDn) 2010-03-24 10:00:52 +00:00
Clément Oudot
fa05c16e02 OpenID: warning message for IssuerDBOpenID use 2010-03-15 10:57:17 +00:00
Clément Oudot
7692cefd95 Portal: all is ready for AuthOpenID 2010-03-15 09:53:56 +00:00
Clément Oudot
099c846d42 perltidy + manager bug with node created from special parent nodes 2010-03-13 17:39:50 +00:00
Clément Oudot
5a61c04a2d SAML: use correct IDP name in confirmation message 2010-03-13 16:49:33 +00:00
Clément Oudot
f80620fae4 SAML: No need to force default nameIDFormat value 2010-03-12 16:19:41 +00:00
Clément Oudot
44aeddbc5c Bug with samlIDPMetaDataOptions upload and use make tidy 2010-03-11 15:00:59 +00:00
Clément Oudot
ce8d8ee84e SAML: correct a bug if no NameIDFormat were given 2010-03-11 12:00:25 +00:00
Xavier Guimard
d439cab42e * Little CSS for abort() 
* Comments for lemonldap-ng.ini
* lemonldap-ng.ini was not well read in Manager
* New target 'unprotect' in rules
* Status update
 2010-03-09 21:42:31 +00:00
Clément Oudot
058ab93a15 SAML: manage HTTP method choice for SLO 2010-03-05 17:11:40 +00:00
Clément Oudot
ae4ff763df SAML: manage HTTP method choice for SSO 2010-03-05 16:57:11 +00:00
Clément Oudot
8564389fa7 SAML: manage IDP resolution rules 2010-03-05 15:37:16 +00:00
Clément Oudot
8d1793b7bc SAML: check OneTimeUse and Issuer (for proxy test) 2010-03-05 15:23:49 +00:00
Clément Oudot
c2b7c07dc1 SAML: use NameIDFormat option 2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28 SAML: use ForceAuthn option 2010-03-05 08:54:01 +00:00
Clément Oudot
71283e3596 SAML: attribute request in UserDBSAML 2010-03-03 16:54:23 +00:00
Xavier Guimard
40d2c70604 New target 'tidy' in Makefile 2010-03-01 20:32:28 +00:00
Clément Oudot
b5e2407728 SAML: get mandatory attributes - work in progress 2010-03-01 17:16:42 +00:00
Clément Oudot
13769b69f2 SAML: stop timer when choosing an IDP 2010-03-01 16:14:13 +00:00
Xavier Guimard
a746a440e6 perltidy 2010-03-01 10:45:04 +00:00
Clément Oudot
923e509226 SAML: split conditions validation between time and auience 2010-03-01 09:42:25 +00:00
Clément Oudot
1cecbe512d SAML: Manage logout redirection URL trough RelayState in SLO 2010-03-01 09:19:28 +00:00
Clément Oudot
2c584cf7f7 SAML: 
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
 2010-02-28 19:07:02 +00:00
Xavier Guimard
4634d58f36 AuthTwitter works now 2010-02-27 22:37:59 +00:00
Xavier Guimard
ec35e6c397 Skeleton for AuthTwitter 2010-02-27 16:20:11 +00:00
Xavier Guimard
226a40d5f6 AuthOpenID is ready ! 2010-02-27 14:10:23 +00:00
Xavier Guimard
58c28c5732 * Inheritance instead of @EXPORT 
* Purge CGI::Session dependency (LA)
 2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f SAML: manage SOAP 2010-02-26 09:12:18 +00:00
Clément Oudot
9c228f7022 SAML: Manage relayState trough session backend 2010-02-25 11:39:55 +00:00
Clément Oudot
cc79d3cfe9 SAML: use the last configuration format for IDP metadata 2010-02-24 17:48:20 +00:00
Clément Oudot
9937568f97 SAML: manage SSO response trough Artifact 2010-02-24 15:24:54 +00:00
Clément Oudot
f0c29c779a SAML: 
* Manage SSO message like SLO message
* Send SLO request trough REDIRECT and POST
* Reponse to SSO request trough REDIRECT, POST and SOAP
* Reponse to SLO request trough REDIRECT, POST and SOAP
 2010-02-24 10:11:01 +00:00
Clément Oudot
38060929fb SAML: 
* Use new configuration keys
* sum up replay protection code
 2010-02-22 17:12:16 +00:00
Clément Oudot
fc542fa6b1 Portal: method to auto submit data through POST 2010-02-22 11:07:48 +00:00
Clément Oudot
7444d9802c Portal: set content-type to application/xml for SOAP response 2010-02-22 10:08:14 +00:00
Xavier Guimard
d0cd16172c IssuerOpenID skeleton 2010-02-21 20:17:13 +00:00
Xavier Guimard
fd40d830c8 AuthOpenID in progress 2010-02-21 14:47:16 +00:00
Xavier Guimard
6a2270b73d OpenID authentication skeleton 2010-02-21 14:00:53 +00:00
Clément Oudot
3eac5ce288 Portal: display logout status to user 2010-02-20 11:44:05 +00:00
Clément Oudot
9766b8457a SAML: SP SLO response trough HTTP-REDIRECT and SOAP 2010-02-19 11:33:34 +00:00
Clément Oudot
2238075912 SAML: SP SLO validate request 2010-02-18 17:42:31 +00:00
Clément Oudot
bd2c92f207 SAML: SP SLO in progress 2010-02-18 17:22:04 +00:00
Clément Oudot
a6d7f7a3a3 SAML: 
* Send correct logout request
* Use getMetaDataURL to get URL from metadata configuration keys
 2010-02-18 09:58:59 +00:00
Clément Oudot
46764465b2 SAML: SP SLO in progress 2010-02-17 17:37:38 +00:00
Clément Oudot
4c5d286196 SAML: rename keys of samlIDMetaData hash 2010-02-17 15:34:19 +00:00
Clément Oudot
5b34644e10 SAML: SLO initiated by SP (not achieved) 2010-02-17 15:13:00 +00:00
Clément Oudot
b9a6eb6743 SAML: replay protection was buggy 2010-02-17 12:02:11 +00:00
Clément Oudot
3da1b1ed19 SAML: conditions validations corrected in Lasso 2010-02-17 11:51:01 +00:00
Clément Oudot
d5d56f7649 SAML: conditions validation 2010-02-15 17:03:07 +00:00
Clément Oudot
88b81bf2aa SAML: assertion replay protection 2010-02-15 13:44:06 +00:00
Clément Oudot
12668e7cc2 SAML: register attributes from SAML authn statement in session 2010-02-12 14:26:45 +00:00
Clément Oudot
71f142316f SAML: 
* IDP metadata are in metadata key
* Use IDP internal ID instead of entityID to keep choosen IDP information
* Use base64 encoding for RelayState value
 2010-02-12 10:53:43 +00:00
Clément Oudot
cb7f7f8bd1 SAML: first complete SP cinematic implementation 2010-02-11 12:39:42 +00:00
Xavier Guimard
27769948f3 * abort instead of log when apps.list is deprecated 
* lmMigrateConfFiles2ini does not quit if storage.conf is missing so it can be launched more than one time
 2010-02-11 08:44:57 +00:00
Clément Oudot
e323fe1cf5 SAML: customize authentication request 2010-02-10 17:18:46 +00:00
Clément Oudot
be4198a31e SAML: Lasso can now use ; in query string 2010-02-10 10:59:20 +00:00
Clément Oudot
f265cbce57 SAML: NameID management 2010-02-09 20:49:23 +00:00
Clément Oudot
e891c13ad3 SAML: use query_string and get name identifier 2010-02-09 09:02:39 +00:00
Clément Oudot
040aea4dfb SAML: 
* Redirect user to IDP SSO URL
* Catch IDP response for HTTP-REDIRECT binding
 2010-02-08 17:24:45 +00:00
Xavier Guimard
788f688d78 little thing 2010-02-08 10:21:34 +00:00
Xavier Guimard
be93f8dc47 Somes fixes 2010-02-08 10:16:28 +00:00
Xavier Guimard
fad774f41b Fix some little bugs 2010-02-08 10:06:21 +00:00
Clément Oudot
434f8ea286 SAML: better organization name management 2010-02-05 17:18:09 +00:00
Clément Oudot
9b0c8ef9c1 SAML: use serviceToXML 2010-02-05 16:14:05 +00:00
Clément Oudot
3606362946 LDAP: 
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
 2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be Portal: force authentication is now working 2010-02-05 10:21:48 +00:00
Clément Oudot
a1976436b6 SAML: build authentication request 2010-02-04 16:02:02 +00:00
Clément Oudot
3a3ec647e9 SAML: IDP choice 2010-02-04 12:30:18 +00:00
Clément Oudot
a15fdcaaae SAML: 
* Lasso error can be a string or a Lasso::Error object
* Use private key to create Lasso::Server
* Perl binding bug resolution waiting: some method arguments should accept NULL values
 2010-02-03 10:59:53 +00:00
Clément Oudot
79075b8e5c SAML: do not force optional parameters in add_provider_from_buffer 2010-02-02 22:16:29 +00:00
Clément Oudot
8b883bc147 SAML: typo in Lasso method 2010-02-02 21:55:25 +00:00
Clément Oudot
718e4fa136 SAML: add IDP in Lasso::Server 2010-02-01 17:07:40 +00:00
Clément Oudot
bcfdac9dd1 SAML: catch Glib messages 2010-02-01 15:24:56 +00:00
Clément Oudot
8abef3a99b SAML: 
* perltidy
* use XML::Simple instead of XML::LibXML to parse XML
* Add initializeFromConfHash method to use directly configuration hash object
* Create Lasso server with metadata in buffers rather than XML files
 2010-02-01 14:01:28 +00:00
Xavier Guimard
01785de792 * "SKIP" in SAML tests 
* "= splice @_" instead of "= @_" avoid memory duplication
 2010-01-31 08:25:05 +00:00
Clément Oudot
ccbb52c13c SAML: create Lasso Server 2010-01-29 17:33:35 +00:00
Clément Oudot
5dd981fa85 SAML: load Lasso method 2010-01-29 10:44:56 +00:00
Clément Oudot
90a08dbbde Portal/Multi: 
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
 2010-01-28 14:47:51 +00:00
Clément Oudot
760f62e534 Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user 2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd Portal: portalForceAuthn option was unusable with Menu password change 2010-01-27 14:04:41 +00:00
Clément Oudot
1f243e0a20 Portal: possibility to force reauthentication (set portalForceAuthn = 1) 2010-01-25 17:40:46 +00:00
Clément Oudot
5aa74c08d6 Portal: allow passwordDBNull in Menu.pm 2010-01-25 14:32:22 +00:00
Clément Oudot
86b18ea609 Portal: Null modules for authentication and passwordDB 2010-01-25 14:20:51 +00:00
Clément Oudot
95e29fd733 Portal: change _password value in session when user changes its password 2010-01-22 21:54:58 +00:00
Clément Oudot
3222021897 Portal: 
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}
 2010-01-22 11:25:37 +00:00
Clément Oudot
f6c250207c Portal - new feature: token to reset password by mail: 
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid
 2010-01-21 17:38:55 +00:00
Clément Oudot
81f510a6e5 Menu: 
* XML conf is now deprecated, applicationList configuration parameter is used
* Remove all XML related code
* filter applications under applications
* Hide empty categories
 2010-01-20 17:17:21 +00:00
Clément Oudot
15e77c7d88 Portal SOAP: 
* perltidy
* Add process stages in getCookies
* Move _buildSoapHash in private methods parts
* Create getXmlMenu method in /config
* Update buildPortalWSDL script
 2010-01-19 16:50:38 +00:00