Thomas CHEMINEAU
a54d53f160
SAML #89 - adding codes to generate private/public keys from manager
2010-06-07 15:26:16 +00:00
Clément Oudot
783d88eabb
SAML: manage ForceAuthn flag from SP ( #34 )
2010-06-07 14:48:59 +00:00
Clément Oudot
05637bf0c4
SAML: set encryption mode on providers (none, nameid or assertion) ( #49 )
2010-06-04 15:54:52 +00:00
Thomas CHEMINEAU
ba78107135
SAML #89 - fix a little bug
2010-06-04 15:10:46 +00:00
Clément Oudot
dd615d0678
SAML:
...
* Check values of requested attributes (#85 )
* Refactor some code in _SAML (createAttribute and createAttributeValue)
2010-06-04 14:23:41 +00:00
Thomas CHEMINEAU
346d901a15
SAML #89 - adding configuration key to store priv/pub keys for signature and encryption
2010-06-04 13:39:00 +00:00
Clément Oudot
241d972b07
SAML: Attribute format select in Manager ( #87 )
2010-06-04 10:22:12 +00:00
Xavier Guimard
208a4f34d2
Closes #82 : CDA always use secured cookie even if requested site is a http one
2010-06-04 08:43:42 +00:00
Xavier Guimard
47d38c7e3f
New debconf translation ( Closes : #584453 / bugs.debian.org)
2010-06-04 08:35:53 +00:00
Thomas CHEMINEAU
160c5f670a
fix #35 - include more checks to test contents on identity dump
2010-06-03 14:02:15 +00:00
Clément Oudot
cc1eb344a7
SAML: get attributes in attribute response
2010-06-02 15:21:39 +00:00
Clément Oudot
101442179d
Check format and friendly name from attribute ( #84 )
2010-06-02 14:51:39 +00:00
Clément Oudot
e928b770f7
SAML: browse SP authorized attributes and build attribute response ( #2 )
2010-06-02 13:45:37 +00:00
Clément Oudot
5ded22db86
Do not return errors in POST or SOAP response process, just quit if something is wrong
2010-06-02 09:12:35 +00:00
Clément Oudot
82b350a397
SAML: check NameID before extracting content
2010-06-02 09:08:33 +00:00
Clément Oudot
5444a9d3b4
SAML:
...
* Grab NameID from attribute request and find corresponding session (#2 )
* create a getSamlSession subroutine
2010-06-02 09:04:07 +00:00
Clément Oudot
a27464e277
SAML: process and validate attribute request ( #2 )
2010-06-02 08:09:59 +00:00
Clément Oudot
67e3e0ee6b
was not set
2010-06-01 15:42:35 +00:00
Clément Oudot
608e5e6b0a
Little corrections for make test
2010-06-01 15:39:18 +00:00
Clément Oudot
8fe3e749a3
SAML: catch attribute service URL ( #2 )
2010-06-01 15:34:08 +00:00
Clément Oudot
e8c514f794
SAML: set NameID in attribute query ( #2 )
2010-06-01 14:43:49 +00:00
Clément Oudot
8c14ba24bf
SAML: keep NameID in a SAML session to answer later attribute queries ( #2 )
2010-06-01 13:27:02 +00:00
Clément Oudot
00a952a372
SAML: create a new Lasso::Server object to manage attribute queries ( #2 )
2010-06-01 12:23:11 +00:00
Clément Oudot
d7cee9a4f9
Use redirection message in page title ( #80 )
2010-06-01 10:11:35 +00:00
Clément Oudot
bb9c7435cc
POST fields are now hidden ( #80 )
2010-06-01 09:59:37 +00:00
Clément Oudot
6c1dc91ff0
SAML: set SessionNotOnOrAfter ( #81 )
2010-06-01 08:03:24 +00:00
Clément Oudot
ffeb9e3134
SAML: adjust HTTP-POST artifact binding ( #75 )
2010-05-31 15:46:41 +00:00
Xavier Guimard
aa06d53bcf
New dependency not inserted in control files (Crypt::OpenSSL::X509)
2010-05-31 15:44:40 +00:00
Thomas CHEMINEAU
0f10a2c8ad
SAML: fix #10 - remove certificate header and footer
2010-05-31 15:07:46 +00:00
Thomas CHEMINEAU
3cef8ecf0a
SAML: fix #10 - support certificate into metadata
2010-05-31 14:57:34 +00:00
Clément Oudot
ec8892ef7f
SAML:
...
* Identity is no more required in attribute query
* Mandatory attributes are requested if not defined in SSO assertion (#79 )
2010-05-31 14:54:24 +00:00
Clément Oudot
b678ab454f
SAML: test SessionNotOnOrAfter before converting it ( #77 )
2010-05-31 13:50:26 +00:00
Clément Oudot
9d3fd0ebd0
SAML:
...
* Add Attribute Authority metadata (#3 )
* Clean existing metadata (remove NameID management, and set NameIDFormat directly in XML)
2010-05-31 10:37:43 +00:00
Clément Oudot
c0edd943db
SAML: add an IDP option to force attribute value in UTF-8 ( #72 )
2010-05-28 15:31:20 +00:00
Clément Oudot
6964b09eb2
SAML: use HTTP method string in debug messages
2010-05-28 12:17:05 +00:00
Clément Oudot
b91cba9f32
SAML: adapt metadata to new Post bindings ( #75 )
2010-05-28 11:51:53 +00:00
Clément Oudot
82ff667d57
SAML: add POST binding to SAML services ( #75 )
2010-05-28 10:35:24 +00:00
Clément Oudot
b8c3f5e6ff
SAML: transport url parameter in IDP choice screens ( closes #73 )
2010-05-28 08:03:13 +00:00
Clément Oudot
62d9cccaa0
SAML: #68 is not a Lasso bug
2010-05-27 15:53:32 +00:00
Clément Oudot
d6d50cca62
SAML: add SOAP binding in samlAssertion bindings list ( #71 )
2010-05-27 15:48:57 +00:00
Clément Oudot
cfec37d111
SAML:
...
* Error message when no artifact resolution URL in profile
* Manage XML boolean values in metadata
2010-05-27 12:39:32 +00:00
Clément Oudot
8d76924fbf
SAML: little workaround for Exponent/Modulus order in metadata, will not be kept if this is later corrected in Lasso ( #68 )
2010-05-27 09:17:55 +00:00
Clément Oudot
8789b5d131
SAML: do not throw error if no SP or no IDP configured ( closes #70 )
2010-05-26 15:32:09 +00:00
Clément Oudot
a2cd83aea9
* - in domain ( closes #69 )
...
* securedCookie select box
* bad abort arguments number
* manager/index.pl comments
2010-05-26 15:17:51 +00:00
Clément Oudot
b1c87f1e49
Sympa Handler:
...
* Read sympa secret from configuration
* Add mail session key parameter
* Install Sympa Handler
* Closes #55
2010-05-21 15:53:54 +00:00
Clément Oudot
d1b4541a4d
SAML: check Destination attribute ( closes #33 )
2010-05-21 13:44:16 +00:00
Clément Oudot
58bec95435
SAML: map NameID formats to local session keys ( closes #67 )
2010-05-21 09:03:29 +00:00
Clément Oudot
0817e9918f
SAML: Option to configure default NameID format for a SP ( #67 )
2010-05-20 15:57:51 +00:00
Clément Oudot
f187851ba6
SAML: signatures on SSO/SLO messages issued from IDP ( #66 )
2010-05-20 13:08:07 +00:00
Clément Oudot
bc618ce075
SAML: check SSO/SLO messages signature in IDP ( #66 )
2010-05-20 10:25:00 +00:00
Clément Oudot
fdc84aac52
SAML: get SessionIndex before validating SLO request ( closes #64 )
2010-05-20 08:59:59 +00:00
Clément Oudot
ef3faf7d3e
SAML: eval SessionIndex call to prevent server error ( #64 )
2010-05-19 15:54:20 +00:00
Clément Oudot
4d0a5a651d
SAML: IssuerDB Activation Rule ( #52 )
2010-05-19 14:59:43 +00:00
Clément Oudot
df4198399f
* Add a new process step (authFinish) run after session store
...
* Create SAML session linked to real session to store NameID and SessionIndex, in order to use searchOn on them (will not force globalStorage to be compatible with searchOn)
* Control SessionIndex sent by IDP on a SLO request is now managed in SP to get the correct local session
* This solves issue #51
2010-05-17 16:02:21 +00:00
Clément Oudot
18bda4be2e
SAML: SLO request without SessionIndex are rejected ( #51 )
2010-05-17 12:44:26 +00:00
Clément Oudot
6f0dde1bac
SAML: correct unit test if no Lasso available
2010-05-17 09:36:03 +00:00
Clément Oudot
a3cc63ac90
SAML: skip all tests if Lasso no available
2010-05-17 07:43:37 +00:00
Clément Oudot
be742cfac6
SAML: use encrypt/decrypt to match session_index and session_id ( #51 )
2010-05-12 15:56:27 +00:00
Clément Oudot
c6dd158903
SAML: map SAML authentication context and authentication level ( #47 )
2010-05-12 15:14:07 +00:00
Clément Oudot
7f427610fe
SAML: typo in #53 correction
2010-05-12 12:56:16 +00:00
Clément Oudot
01f928504d
SAML: correct date to timestamp conversion ( #62 ) and add unit test
2010-05-12 12:46:47 +00:00
Thomas CHEMINEAU
14c23cea6d
fix #53 - use sendLogoutResponseToServiceProvider in IssuerDBSAML
2010-05-12 09:41:54 +00:00
Xavier Guimard
3844ba4192
"make tidy"
2010-05-12 04:04:10 +00:00
Xavier Guimard
c7c093b46d
Closes : #20
2010-05-11 11:05:24 +00:00
Xavier Guimard
67e480217c
Timeout for thread cache
2010-05-11 10:16:05 +00:00
Xavier Guimard
2a8db1c3d6
Closes : #54
2010-05-11 07:47:51 +00:00
Xavier Guimard
034e5a0142
Some little things
2010-05-11 07:09:10 +00:00
Clément Oudot
798498befc
Zimbra: timestamp was missing in preauth URL
2010-05-10 16:05:30 +00:00
Clément Oudot
0ae986296a
Clean all UserDBEnv related files
2010-05-08 15:55:27 +00:00
Clément Oudot
2d88be8222
Portal: catch ENV exportedVars for all UserDB modules ( #58 )
2010-05-07 21:33:57 +00:00
Clément Oudot
f7fc51100c
Zimbra Handler:
...
* Parameters are now read from main configuration
* Zimbra parameters in Manager
* Add zimbraSsoUrl to catch the local SSO URL (Apache configuration is now very easy)
2010-05-07 10:42:38 +00:00
Thomas CHEMINEAU
d262a95744
fix little bug in Manager::Help.pm
2010-05-07 10:13:13 +00:00
Thomas CHEMINEAU
adf7e8158a
Add activity timeout on SSO sessions
2010-05-07 10:00:55 +00:00
Thomas CHEMINEAU
f60e65166d
adding Lemonldap::NG::Handler::UpdateCookie.pm and associated files
2010-05-05 16:49:26 +00:00
Xavier Guimard
810505b1cb
( Closes : #46 )
2010-05-05 16:42:22 +00:00
Xavier Guimard
1b1cb88f14
Local macros ( Closes : #57 )
2010-05-05 16:40:23 +00:00
Clément Oudot
2007ac3814
Typo in Zimbra doc
2010-05-05 13:11:26 +00:00
Clément Oudot
bec0831f2d
Zimbra preAuth is now an independent Handler ( #12 )
2010-05-05 08:13:44 +00:00
Xavier Guimard
cdad662b0e
Warning for classes properties
2010-05-05 07:33:20 +00:00
Clément Oudot
a04ff6e964
SAML:
...
* OneTimeUse is no more used in SP (#50 )
* Compile regexp for SAML URLs
* Move sendLogoutRequestToServiceProviders in _SAML
* In AuthSAML, do not predefined variables outside loops
2010-05-05 07:10:13 +00:00
Thomas CHEMINEAU
c935584300
informations is correctly stored into session but not well displayed by manager (add _utime, remove useless code)
2010-05-04 15:55:48 +00:00
Clément Oudot
5eb7895dac
SAML: manage SP conf key
2010-05-04 10:10:34 +00:00
Clément Oudot
1b81ccd96f
SAML: use get_signature_status from Lasso::Profile
2010-05-03 21:12:14 +00:00
Thomas CHEMINEAU
c4ea39fae4
UserDB* modules should store user in sessionInfo
2010-05-03 17:42:42 +00:00
Thomas CHEMINEAU
a963e83dc2
add optional session identifier to update existing session with a valid user via SOAP
2010-05-03 16:49:57 +00:00
Thomas CHEMINEAU
1ba9f9ecf1
cleaning wsdl file, fix little bug in a wrong function name
2010-05-03 15:45:59 +00:00
Clément Oudot
cbf1401f1e
Declare Zimbra preauth in other grant subroutines
2010-05-03 14:18:40 +00:00
Clément Oudot
4bd444d427
Handler: first implementation of Zimbra preauth
2010-05-03 12:48:39 +00:00
Clément Oudot
9a5512bdf2
Bad test rule for logout_app_sso, correct #45
2010-05-03 08:59:22 +00:00
Clément Oudot
9832b9fdab
Sessions explorer: active sessions button in interface
2010-05-03 07:54:49 +00:00
Xavier Guimard
408365bc5f
strftime is defined in POSIX
2010-05-02 17:40:21 +00:00
Xavier Guimard
5ceb94e612
Correct errors
2010-05-02 13:41:12 +00:00
Xavier Guimard
c53bdf0edc
Little error
2010-05-02 13:30:04 +00:00
Xavier Guimard
cf0ece9aa2
Reformating
2010-05-02 11:37:25 +00:00
Xavier Guimard
5d2b50e905
Modif for XSS: for logout URL, we test now Referer field
2010-05-01 13:12:28 +00:00
Clément Oudot
2523fc5cf5
SAML: check IDP value from IDP cookie (LEMONLDAP-44)
2010-04-30 15:21:10 +00:00
Clément Oudot
a9c5d000fd
SAML:
...
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
2010-04-30 14:55:40 +00:00
Clément Oudot
b182e74247
Sessions explorer: set default skin, and do not converted already converted &
2010-04-30 08:02:27 +00:00
Xavier Guimard
c37033b81a
$self->{id} was not well managed in portal
2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22
SAML: change error name to PE_IMG_OK and PE_IMG_NOK
2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b
SAML:
...
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6
SAML: work in progress to manage asynchronous SOAP logout requests
2010-04-28 17:16:38 +00:00
Clément Oudot
a1d41fbdda
SAML:
...
* authLogout should return an error code (as it is catched in Simple.pm)
* For SLO final redirection, match the trailing / of portal URL
2010-04-28 16:29:27 +00:00
Clément Oudot
37afeeaeb5
SAML: force attribute values in UTF-8 (JIRA #21 )
2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45
SAML: manage SOAP logout request send by IDP to SP
2010-04-28 14:29:52 +00:00
Clément Oudot
6aac834de7
Sessions explorer: & was remplaced too much times in htmlquote()
2010-04-28 13:56:45 +00:00
Thomas CHEMINEAU
d9db773996
SAML: now use get_first_http_method when sending logout request on SP
2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
54afc28e75
SAML: manage logout initiate by IDP
2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
873aa0c32e
SAML: generalizing and moving some functions to _SAML.pm
2010-04-26 17:06:49 +00:00
Clément Oudot
844a8807b0
SAML: set sessionIndex in assertion, to be compliant with simpleSAMLphp logout
2010-04-26 15:47:09 +00:00
Thomas CHEMINEAU
6ef67cc5ea
SAML: manage internationalization
2010-04-26 15:39:38 +00:00
Clément Oudot
975a585a51
SAML: create NameIdentifier only if it does not already exists
2010-04-26 14:30:54 +00:00
Thomas CHEMINEAU
a0378cd572
SAML: hide submit button when SLO info page is displayed
2010-04-26 13:10:04 +00:00
Clément Oudot
3441a05d2b
perltidy + better nameIdentifier construction in SSO phase (bug with latest Lasso verion and simpleSAMLphp)
2010-04-26 10:02:26 +00:00
Thomas CHEMINEAU
9c99b920f0
SAML: perform HTTP redirection in SAML context, when information is displayed to the user, to fix some problem during SAML logout response
2010-04-23 16:57:25 +00:00
Thomas CHEMINEAU
aac04dabdc
SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post
2010-04-23 16:26:23 +00:00
Thomas CHEMINEAU
c2b642f172
SAML: continue work on sending logout request for all SP when an SP initiate a logout request
2010-04-23 15:18:08 +00:00
Thomas CHEMINEAU
cd8b59998b
SAML: first work on dispatching logout requests to SP during IDP SLO process
2010-04-22 17:01:37 +00:00
Thomas CHEMINEAU
c387e47e4f
SAML: retrieve session to be deleted then during a SLO initiate by a SP (maj lasso)
2010-04-22 13:00:32 +00:00
Thomas CHEMINEAU
8e08663576
SAML: no need to search for a valid session, when we are into issuerForAuthUser, we already have a valid one
2010-04-21 16:54:05 +00:00
Thomas CHEMINEAU
0eba588385
SAML: now delete session when logout request for authenticated user is correct
2010-04-20 15:49:48 +00:00
Thomas CHEMINEAU
6bfdad2d0b
SAML: manage logout into issuerForAuthUser
2010-04-20 15:31:21 +00:00
Thomas CHEMINEAU
005037df8c
SAML: first implementation of SLO initiated by a SP
2010-04-20 10:04:34 +00:00
Clément Oudot
70a214b9e0
SAML:
...
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe
SAML: add methods to disable signature verification (tests in progress)
2010-04-16 10:13:20 +00:00
Clément Oudot
a9cfdb9a64
SAML: mandatory attributes are now set in authentication response attribute statement
2010-04-16 08:55:56 +00:00
Clément Oudot
99b4c7fb72
SAML: attributes in authn response (work in progress)
2010-04-15 15:40:07 +00:00
Clément Oudot
4379adc014
SAML: reformate SP list to use EntityID as primary key
2010-04-15 14:42:17 +00:00
Clément Oudot
fbe50de653
* Better log of what is registered in session
...
* Control whatToTrace parameter before logging into Apache
2010-04-15 13:46:45 +00:00
Clément Oudot
656a1d7ff9
Use multiValuesSeparator in sessions explorer
2010-04-15 11:20:42 +00:00
Clément Oudot
d9c4b44c4b
Add multiValuesSeparator configuration parameter
2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28
SAML: SSL authentication context is TLSClient and not X509
2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7
SAML: map authenticationLevel and authn context
2010-04-14 16:22:55 +00:00
Xavier Guimard
799b643949
$ENV not taken in acount in macros
2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
756ca82484
SAML: NameID generation (work in progress)
2010-04-14 11:14:24 +00:00
Thomas CHEMINEAU
19256b0aaa
support JSON version 1 and 2 for Red Hat EL and Debian compatibilities
2010-04-13 16:43:32 +00:00
Clément Oudot
bc21f58b46
SAML: correct a bug when trying to update a newly created session (cookie not already set)
2010-04-12 15:42:38 +00:00
Clément Oudot
2406d832e9
SAML: manage Lasso session in artifacts
2010-04-12 15:03:54 +00:00
Clément Oudot
ea24dc314e
Portal: updateSession can now take session id as parameter
2010-04-12 13:50:42 +00:00
Clément Oudot
ae66b57881
SAML: load and store Lasso Identity and Session
2010-04-12 13:23:22 +00:00
Clément Oudot
91e1419f57
SAML: artifact resolution response in SP and IDP
2010-04-12 09:09:53 +00:00
Clément Oudot
ce1e5840fb
SAML: artifact response is now working
2010-04-12 08:26:18 +00:00
Clément Oudot
0ae2585a97
SAML: manage artifact (work in progess)
2010-04-09 16:42:50 +00:00
Clément Oudot
aa986aa337
purgeCentralCache:
...
* Add debug option and debug message
* Manage SAML storage backend
* Read local configuration file
2010-04-09 15:43:21 +00:00
Clément Oudot
7fef157210
SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage)
2010-04-09 13:27:54 +00:00
Clément Oudot
46808d3f78
SAML: manage artifact (work in progess)
2010-04-08 16:28:10 +00:00
Clément Oudot
9bb7adb3c3
SAML: catch artefact resolution URL
2010-04-08 11:03:53 +00:00
Clément Oudot
e34c8409b1
SAML: escape URL strings in regexp
2010-04-08 10:16:13 +00:00
Clément Oudot
fb9f964515
SAML: move use POSIX from AuthSAML to _SAML
2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5
SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP
2010-04-08 09:39:53 +00:00
Clément Oudot
89bf4a6630
SAML: build assertion
2010-04-07 16:37:23 +00:00
Clément Oudot
ecf5612e4f
SAML:
...
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
2010-04-07 15:14:17 +00:00
Clément Oudot
f9e8ce7092
SAML: validate request message
2010-04-07 12:27:50 +00:00
Clément Oudot
7859ba292a
SAML: trust hidden fields when they are present
2010-04-07 10:11:21 +00:00
Thomas CHEMINEAU
341f9f944f
SAML: first work on issuerForAuthUser into IssuerDBSAML.pm
2010-04-02 16:19:10 +00:00
Thomas CHEMINEAU
0974c128ec
SAML: fix a little bug
2010-04-02 15:34:44 +00:00
Thomas CHEMINEAU
7202a6651f
SAML: manage hidden values for SAML authentication request
2010-04-02 15:28:29 +00:00
Clément Oudot
119386dca7
SAML: use checkMessage in AuthSAML
2010-04-02 14:47:17 +00:00
Thomas CHEMINEAU
16a5230e2e
SAML: check if parameters are present or not when assigning values
2010-04-02 12:04:18 +00:00
Clément Oudot
e21b4c936a
SAML: intercept artefact resolution URL in SP
2010-04-02 11:41:44 +00:00
Thomas CHEMINEAU
fa039d2114
Store hidden informations in forms
...
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
* Simple: add functions to manage hidden values for forms
2010-04-02 09:17:02 +00:00
Clément Oudot
62330e2d44
SAML: add ArtifactResolutionService in SP Metadata
2010-04-02 08:40:35 +00:00
Clément Oudot
83880118b3
SAML: change SP option
2010-04-02 08:12:59 +00:00
Clément Oudot
f87d6b9b3d
SAML: IDP requestedAuthnContext option
2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f
SAML: IDP isPassive option
2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4
SAML: work on SSO/SLO signature options
2010-04-01 14:18:37 +00:00
Clément Oudot
3ff16331f3
Manager: display configuration datas on page load
2010-04-01 13:10:14 +00:00
Clément Oudot
6d505c9468
SAML: IDP option to validate SSO response signature -not working now
2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681
SAML: IDP option to sign SSO requests
2010-04-01 09:55:33 +00:00
Clément Oudot
7f91ef3c83
SAML: was set too late
2010-03-26 16:47:17 +00:00
Thomas CHEMINEAU
ba6bb76549
SAML:
...
- Move part of the code into _SAML.pm so that it could be reused;
- Create the method checkMessage that check SAML requests and responses.
2010-03-26 16:02:27 +00:00
Clément Oudot
408fe2a82d
Manager: display config datas after success upload
2010-03-26 15:32:24 +00:00
Thomas CHEMINEAU
e7103c56c5
SAML: implementing issuerForUnAuthUser
2010-03-26 13:56:37 +00:00
Clément Oudot
48857dc62b
SAML: encode metadata in UTF8 after XML export
2010-03-26 11:19:07 +00:00
Clément Oudot
07c528d6fd
SAML: update POD
2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068
SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT)
2010-03-25 16:43:34 +00:00
Clément Oudot
a7bd4b0f78
Manager: little corrections
2010-03-25 16:36:30 +00:00
Clément Oudot
401ba8a857
Manager:
...
* Correct IDP and SP delete functions
* Add select for NameIDFormat and Bindings
2010-03-25 16:19:10 +00:00
Clément Oudot
9f68350124
Manager: add issuerDB parameter
2010-03-25 15:00:48 +00:00
Thomas CHEMINEAU
b67654d42d
SAML: code to load SP metadata
2010-03-25 14:44:38 +00:00
Clément Oudot
3cd3050e9e
SAML: add Service Providers node
2010-03-25 14:38:54 +00:00
Thomas CHEMINEAU
dec9d562d8
SAML: work in progress in IssuerDBSAML
2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc
SAML: move code that load SAML services and IDPs into _SAML
2010-03-25 11:01:32 +00:00
Clément Oudot
409ceb953c
SAML: option to adapt session _utime with SessionNotOnOrAfter
2010-03-25 10:02:53 +00:00
Clément Oudot
bc7df7b3bc
SAML: correct NAME POD section to prevent lintian warning
2010-03-25 08:55:42 +00:00
Clément Oudot
44f5d27b7a
Prepare for 1.0rc1:
...
* Update modules main version
* make tidy
* make manifest
* make documentation
2010-03-24 22:06:43 +00:00
Thomas CHEMINEAU
3510863964
manager: little css enhancement on sessions manager
2010-03-24 17:28:06 +00:00
Thomas CHEMINEAU
969b905221
skin: continue to fix mail and notification templates in impact skin
2010-03-24 17:05:10 +00:00
Clément Oudot
bd9c9d13dc
LDAP: change test for Net::LDAP minimal version for ppolicy feature
2010-03-24 15:53:55 +00:00
Clément Oudot
67124c6bff
Manager: nice skin change feature
2010-03-24 14:56:38 +00:00
Clément Oudot
953806ed93
SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet
2010-03-24 13:44:24 +00:00
Clément Oudot
aa5831493a
SAML: add AllowLoginFromIDP option
2010-03-24 13:01:14 +00:00
Clément Oudot
5c26f07d27
SAML: proxy restriction was not working, now it is set in authn request conditions
2010-03-24 12:33:45 +00:00
Clément Oudot
bac76b680d
LDAP: option to change the password as user (and not as managerDn)
2010-03-24 10:00:52 +00:00
Clément Oudot
857d421b1e
Handler: correct Proxy bugs
2010-03-23 15:26:33 +00:00
Thomas CHEMINEAU
f4a724b0b9
make manifest on portal
2010-03-22 18:02:16 +00:00
Thomas CHEMINEAU
d434d9f2ec
SAML: cleaning/hidding some unused parameters (bindings, index, protocol)
2010-03-22 17:47:59 +00:00
Clément Oudot
a99b604f1a
Skin impact: add notification template
2010-03-22 17:02:59 +00:00
Clément Oudot
d3bea6dd47
Skin impact: add mail reset template
2010-03-22 16:59:10 +00:00
Clément Oudot
3c1db04316
Skin impact: logout was not working
2010-03-22 16:47:13 +00:00
Clément Oudot
8c655fe281
Skin impact: correct tab problem
2010-03-22 16:39:25 +00:00
Thomas CHEMINEAU
a09e94a76e
skin: update impact portal skin (work in progress)
2010-03-22 16:22:58 +00:00
Thomas CHEMINEAU
42e11743db
skin: update impact portal skin (work in progress)
2010-03-22 16:22:31 +00:00
Clément Oudot
4de567dddc
Manager: apply configuration on upload success
2010-03-22 16:09:07 +00:00
Clément Oudot
3bb119108d
Manager: better integration of sessions explorer
2010-03-22 11:32:28 +00:00
Thomas CHEMINEAU
a00a20eb60
skin: add confirm.tpl into impact portal skin
2010-03-22 10:50:28 +00:00
Thomas CHEMINEAU
b1575b552c
Manager: fix CSS style into the HTML header of the sessions manager
2010-03-22 10:42:17 +00:00
Clément Oudot
3d7e43df5e
Manager: help messages correction
2010-03-22 10:38:37 +00:00
Thomas CHEMINEAU
37773df261
add the html header into sessions manager
2010-03-22 10:08:39 +00:00
Thomas CHEMINEAU
067c96502f
skins: update impact skin (missing confirm.tpl due to bad manipulation during upgrade from trunk)
2010-03-22 09:56:13 +00:00
Clément Oudot
1e6dc91fdb
Manager: update some help messages
2010-03-21 12:00:04 +00:00
Xavier Guimard
9001e5f028
Just a "make tidy"
2010-03-20 17:14:28 +00:00
Clément Oudot
273abab2bb
Manager: CSS on form elements
2010-03-19 10:01:23 +00:00
Clément Oudot
39809cae6e
Manager: add DBI params
2010-03-18 21:46:38 +00:00
Thomas CHEMINEAU
713914c81b
sessions manager: add header to switch between managers
2010-03-18 17:44:19 +00:00
Thomas CHEMINEAU
d9afdee0eb
MANAGER: update some icons
2010-03-18 16:51:26 +00:00
Thomas CHEMINEAU
415cf5a167
MANAGER:
...
- Generalize the select element
- Options in select area are displayed with their descriptions
- SecuredCookie parameter is displayed within the select element
2010-03-18 15:22:10 +00:00
Thomas CHEMINEAU
3bf4c14d1c
MANAGER:
...
- Add icons to hide/show contents, boutons and help
- Help layer should now be auto hidden when there is no place to display it
2010-03-18 14:08:34 +00:00
Thomas CHEMINEAU
44cb9657a8
SAML: Only samlIDPMetaDataXML element could be loaded from URL
2010-03-18 10:18:25 +00:00
Thomas CHEMINEAU
f05ed59e46
Online documentation indicates that the default passwordDB is LDAP
2010-03-17 15:50:44 +00:00
Thomas CHEMINEAU
8521c6e9f6
Global:
...
- Modules for authentication, userdb and passworddb are now displayed in a select box;
- Multi authentication modules could be completed with options.
SAML:
- Default URL are now prebuild with portal URL.
2010-03-17 15:45:53 +00:00
Thomas CHEMINEAU
0558b4b202
SAML: bindings are now displayed inside a select box
2010-03-17 13:16:55 +00:00
Thomas CHEMINEAU
428c8072d5
skins: update on impact portal skin
2010-03-17 10:46:20 +00:00
Thomas CHEMINEAU
f5d947e47f
update portal MANIFEST
2010-03-17 09:48:34 +00:00
Thomas CHEMINEAU
53f83771a9
skins: make impact portal skin functionnal
2010-03-17 09:40:10 +00:00
Clément Oudot
8538f65d04
* Add customFunctions and port in Manager
...
* Correct a bug in Handler for default values
2010-03-17 08:23:20 +00:00
Clément Oudot
207116b21e
Manager: add an apply button for each field type
2010-03-15 20:52:45 +00:00
Clément Oudot
96519790ab
Manager: restore last changes...
2010-03-15 20:24:02 +00:00
Thomas CHEMINEAU
85054c3638
skins: add applications list into menu of impact portal skin
2010-03-15 18:26:32 +00:00
Thomas CHEMINEAU
95a6d98627
SAML: private and public keys are now displayed by the filearea form into the manager
2010-03-15 17:05:30 +00:00
Thomas CHEMINEAU
bcd6bb6d3a
SAML: updates on LemonLDAP::NG::Common::Conf::SAML::Metadata
...
- Add new dependency on use Crypt::OpenSSL::RSA;
- Public keys into exported metadata of lemonldap-ng is now well formed
2010-03-15 16:59:13 +00:00
Clément Oudot
600ef4e614
Manager: Remote and Proxy parameters
2010-03-15 16:47:50 +00:00
Clément Oudot
0cd44258c3
Manager: join passwordDB to auth/userDB modules management
2010-03-15 15:49:51 +00:00
Clément Oudot
87c96539b9
Manager: CAS parameters
2010-03-15 15:23:03 +00:00
Clément Oudot
825c8d05f0
Manager: SSL parameters
2010-03-15 15:07:19 +00:00
Clément Oudot
8242602cd9
Manager: reorganize sessions parameters
2010-03-15 14:48:22 +00:00
Thomas CHEMINEAU
53d12684c7
filearea: filename is now asked to the user before saving it
2010-03-15 14:42:36 +00:00
Clément Oudot
8628817c86
Manager: add Twitter parameters
2010-03-15 13:47:36 +00:00
Thomas CHEMINEAU
07d64f8c82
skins: add menu.tpl in impact portal skin
2010-03-15 12:54:48 +00:00
Thomas CHEMINEAU
433b1f9180
SAML: fix bug when file or url is empty into metadata form
2010-03-15 12:11:11 +00:00
Thomas CHEMINEAU
23dd944f0d
SAML: fix metadata downloads and updates from URL into manager
2010-03-15 11:21:12 +00:00
Clément Oudot
fa05c16e02
OpenID: warning message for IssuerDBOpenID use
2010-03-15 10:57:17 +00:00
Clément Oudot
d9f324b9f4
Set jquery classes after authParams reload
2010-03-15 10:47:18 +00:00
Clément Oudot
8de7259e01
Manager: add OpenID parameters
2010-03-15 10:44:44 +00:00
Clément Oudot
df64e375c2
OpenID: do not show form after logout
2010-03-15 10:44:16 +00:00
Clément Oudot
7692cefd95
Portal: all is ready for AuthOpenID
2010-03-15 09:53:56 +00:00
Thomas CHEMINEAU
4e79246c37
skins (impact): fix CSS bugs in login.tpl
2010-03-15 09:51:50 +00:00
Clément Oudot
2bccbdd4f4
Manager: add missing tests
2010-03-15 09:03:24 +00:00
Clément Oudot
45589a6e41
Manager: add and reorganize LDAP parameters
2010-03-14 21:45:49 +00:00
Xavier Guimard
dc20a3a99d
Little fault in i18n
2010-03-14 19:06:41 +00:00
Clément Oudot
f52a6bebb2
Manager: add cda parameter
2010-03-14 14:38:39 +00:00
Clément Oudot
2afa512c2f
Manager: add and reorganize parameters
2010-03-14 14:29:15 +00:00
Clément Oudot
01cb9f20ce
Manager: get current vhost and IDP name to save vhost and IDP configuration
2010-03-14 13:36:20 +00:00
Clément Oudot
099c846d42
perltidy + manager bug with node created from special parent nodes
2010-03-13 17:39:50 +00:00
Clément Oudot
5a61c04a2d
SAML: use correct IDP name in confirmation message
2010-03-13 16:49:33 +00:00
Clément Oudot
79376f4b44
Manager:
...
* Change test for SAML attributes value
* Remove unused Apply button
* Use js to always display New Vhost or New Metadata on Vhost or IDP node
2010-03-13 16:21:55 +00:00
Xavier Guimard
384ef05b2e
Use " instead of ' in JSON: avoid some JSON errors on Firefox
2010-03-13 14:31:22 +00:00
Thomas CHEMINEAU
26a3241b96
SAML: work on metadata download link for client (update MANIFEST)
2010-03-12 17:54:40 +00:00
Thomas CHEMINEAU
e0843ccb98
SAML: work on metadata download link for client
2010-03-12 17:54:16 +00:00
Clément Oudot
f80620fae4
SAML: No need to force default nameIDFormat value
2010-03-12 16:19:41 +00:00
Clément Oudot
f7cb80321f
SAML: no \r \n in metadata text content
2010-03-12 14:31:42 +00:00
Thomas CHEMINEAU
91e911a6df
SAML: delete unused image
2010-03-12 14:09:05 +00:00
Clément Oudot
d8ef0bef30
Documentation for upgrade process
2010-03-12 13:49:41 +00:00
Thomas CHEMINEAU
a8865ee094
SAML: metadata could be now loaded through URL
2010-03-12 12:56:14 +00:00
Thomas CHEMINEAU
03fb551475
SAML: some style adjustement on the filearea form into the manager
2010-03-12 09:39:46 +00:00
Thomas CHEMINEAU
0c2fd9f063
SAML: metadata are now loaded from file given by the adminitrator (update manifest)
2010-03-12 09:18:23 +00:00
Thomas CHEMINEAU
f3d3851503
SAML: metadata are now loaded from file given by the adminitrator (add missing javascript library)
2010-03-12 09:16:27 +00:00
Thomas CHEMINEAU
073aeb74db
SAML: file upload task is visible by a waiting image
2010-03-11 18:11:12 +00:00
Thomas CHEMINEAU
6807028824
SAML: file upload task is visible by a waiting image
2010-03-11 18:10:57 +00:00
Thomas CHEMINEAU
591cc277d5
SAML: metadata are now loaded from file given by the adminitrator
2010-03-11 16:43:21 +00:00
Clément Oudot
44aeddbc5c
Bug with samlIDPMetaDataOptions upload and use make tidy
2010-03-11 15:00:59 +00:00
Clément Oudot
ce8d8ee84e
SAML: correct a bug if no NameIDFormat were given
2010-03-11 12:00:25 +00:00
Clément Oudot
bf5c2616c3
Hanlder: remove ALL cookies and not just the first that match
2010-03-11 11:05:41 +00:00
Clément Oudot
3737e3f67f
Handler: correct a bug with portal()
2010-03-10 10:44:25 +00:00
Clément Oudot
27cb64b247
Common: typo in test 01
2010-03-10 07:59:31 +00:00
Xavier Guimard
d439cab42e
* Little CSS for abort()
...
* Comments for lemonldap-ng.ini
* lemonldap-ng.ini was not well read in Manager
* New target 'unprotect' in rules
* Status update
2010-03-09 21:42:31 +00:00
Thomas CHEMINEAU
5b77fa66b4
update information template into impact portal skin
2010-03-08 19:23:38 +00:00
Thomas CHEMINEAU
08e423a38d
add info.tpl into impact portal skin
2010-03-08 18:57:49 +00:00
Clément Oudot
d9f2af49bf
Set application list in ini file
2010-03-08 17:06:03 +00:00
Thomas CHEMINEAU
0a943ba5ff
update manifest for impact portal skin
2010-03-07 23:41:39 +00:00
Thomas CHEMINEAU
35899de76c
add icons into impact portal skin
2010-03-07 23:01:28 +00:00
Thomas CHEMINEAU
0262a3da23
add impact skin in MANIFEST
2010-03-07 21:55:27 +00:00
Thomas CHEMINEAU
5ce35adc2d
portal skin: first work on impact skin
2010-03-07 21:54:02 +00:00
Clément Oudot
058ab93a15
SAML: manage HTTP method choice for SLO
2010-03-05 17:11:40 +00:00
Clément Oudot
ae4ff763df
SAML: manage HTTP method choice for SSO
2010-03-05 16:57:11 +00:00
Clément Oudot
8564389fa7
SAML: manage IDP resolution rules
2010-03-05 15:37:16 +00:00
Clément Oudot
8d1793b7bc
SAML: check OneTimeUse and Issuer (for proxy test)
2010-03-05 15:23:49 +00:00
Clément Oudot
c2b7c07dc1
SAML: use NameIDFormat option
2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28
SAML: use ForceAuthn option
2010-03-05 08:54:01 +00:00
Clément Oudot
e57cafaf15
Manager: IDP options are now fully described
2010-03-04 16:51:28 +00:00
Clément Oudot
cfd54cdf23
Manager: add subnode to store IDP options
2010-03-04 15:44:03 +00:00
Clément Oudot
75ed02bd4c
Manager:
...
* Correct bug for groups
* Do not transform " in ' for values (special chars already escaped in uri_escape)
* Add some debug messages in upload process
* Modify hashRoot js method
2010-03-04 13:41:59 +00:00
Clément Oudot
71283e3596
SAML: attribute request in UserDBSAML
2010-03-03 16:54:23 +00:00
Clément Oudot
8a27aa0ec4
Manager: handle vhost buttons
2010-03-03 10:48:11 +00:00
Clément Oudot
c00345cfc6
Manager: handle SAML buttons
2010-03-03 10:26:42 +00:00
Clément Oudot
d5431376e4
Manager: correct a bug for SAML assertions
2010-03-03 09:57:23 +00:00
Xavier Guimard
40d2c70604
New target 'tidy' in Makefile
2010-03-01 20:32:28 +00:00
Clément Oudot
b5e2407728
SAML: get mandatory attributes - work in progress
2010-03-01 17:16:42 +00:00