Clément Oudot
3ee1e9b393
Add an option to encode Metadata in UTF-8 ( #119 )
2010-06-28 09:11:59 +00:00
Xavier Guimard
0e082b1d8f
Closes : #114 : Bad usage of Apache::Session::searchOn() on portal
2010-06-22 16:30:38 +00:00
Xavier Guimard
aa190c7f35
make tidy
2010-06-21 15:29:59 +00:00
Xavier Guimard
11dd597a41
Some Lintian tips
2010-06-08 10:39:34 +00:00
Xavier Guimard
208a4f34d2
Closes #82 : CDA always use secured cookie even if requested site is a http one
2010-06-04 08:43:42 +00:00
Clément Oudot
5ded22db86
Do not return errors in POST or SOAP response process, just quit if something is wrong
2010-06-02 09:12:35 +00:00
Clément Oudot
d7cee9a4f9
Use redirection message in page title ( #80 )
2010-06-01 10:11:35 +00:00
Clément Oudot
bb9c7435cc
POST fields are now hidden ( #80 )
2010-06-01 09:59:37 +00:00
Clément Oudot
58bec95435
SAML: map NameID formats to local session keys ( closes #67 )
2010-05-21 09:03:29 +00:00
Clément Oudot
4d0a5a651d
SAML: IssuerDB Activation Rule ( #52 )
2010-05-19 14:59:43 +00:00
Clément Oudot
df4198399f
* Add a new process step (authFinish) run after session store
...
* Create SAML session linked to real session to store NameID and SessionIndex, in order to use searchOn on them (will not force globalStorage to be compatible with searchOn)
* Control SessionIndex sent by IDP on a SLO request is now managed in SP to get the correct local session
* This solves issue #51
2010-05-17 16:02:21 +00:00
Clément Oudot
2d88be8222
Portal: catch ENV exportedVars for all UserDB modules ( #58 )
2010-05-07 21:33:57 +00:00
Thomas CHEMINEAU
f60e65166d
adding Lemonldap::NG::Handler::UpdateCookie.pm and associated files
2010-05-05 16:49:26 +00:00
Xavier Guimard
810505b1cb
( Closes : #46 )
2010-05-05 16:42:22 +00:00
Thomas CHEMINEAU
c935584300
informations is correctly stored into session but not well displayed by manager (add _utime, remove useless code)
2010-05-04 15:55:48 +00:00
Xavier Guimard
5d2b50e905
Modif for XSS: for logout URL, we test now Referer field
2010-05-01 13:12:28 +00:00
Xavier Guimard
c37033b81a
$self->{id} was not well managed in portal
2010-04-30 05:27:06 +00:00
Thomas CHEMINEAU
4f979bfe22
SAML: change error name to PE_IMG_OK and PE_IMG_NOK
2010-04-29 13:47:57 +00:00
Thomas CHEMINEAU
423541455b
SAML:
...
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865
New session explorer (not finished but useable) + some little tips
2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
54afc28e75
SAML: manage logout initiate by IDP
2010-04-27 15:11:53 +00:00
Thomas CHEMINEAU
6ef67cc5ea
SAML: manage internationalization
2010-04-26 15:39:38 +00:00
Thomas CHEMINEAU
aac04dabdc
SAML: print information to user if many SP to logout throught HTTP-Redirect or HTTP-Post
2010-04-23 16:26:23 +00:00
Clément Oudot
fbe50de653
* Better log of what is registered in session
...
* Control whatToTrace parameter before logging into Apache
2010-04-15 13:46:45 +00:00
Clément Oudot
d9c4b44c4b
Add multiValuesSeparator configuration parameter
2010-04-15 11:15:36 +00:00
Xavier Guimard
799b643949
$ENV not taken in acount in macros
2010-04-14 16:13:24 +00:00
Clément Oudot
c4e1379452
* make tidy
...
* Manage authenticationLevel in all authentication backends
2010-04-14 15:37:57 +00:00
Clément Oudot
ea24dc314e
Portal: updateSession can now take session id as parameter
2010-04-12 13:50:42 +00:00
Clément Oudot
7fef157210
SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage)
2010-04-09 13:27:54 +00:00
Thomas CHEMINEAU
7202a6651f
SAML: manage hidden values for SAML authentication request
2010-04-02 15:28:29 +00:00
Thomas CHEMINEAU
fa039d2114
Store hidden informations in forms
...
* SAML: store SAMLRequest in IssuerDBSAML, just before to redirect to IDP
* Simple: add functions to manage hidden values for forms
2010-04-02 09:17:02 +00:00
Clément Oudot
953806ed93
SAML: manage SessionNotOnOrAfter but do not adapt session _utime yet
2010-03-24 13:44:24 +00:00
Clément Oudot
7692cefd95
Portal: all is ready for AuthOpenID
2010-03-15 09:53:56 +00:00
Xavier Guimard
40d2c70604
New target 'tidy' in Makefile
2010-03-01 20:32:28 +00:00
Clément Oudot
2c584cf7f7
SAML:
...
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
2010-02-28 19:07:02 +00:00
Xavier Guimard
58c28c5732
* Inheritance instead of @EXPORT
...
* Purge CGI::Session dependency (LA)
2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f
SAML: manage SOAP
2010-02-26 09:12:18 +00:00
Clément Oudot
f0c29c779a
SAML:
...
* Manage SSO message like SLO message
* Send SLO request trough REDIRECT and POST
* Reponse to SSO request trough REDIRECT, POST and SOAP
* Reponse to SLO request trough REDIRECT, POST and SOAP
2010-02-24 10:11:01 +00:00
Clément Oudot
fc542fa6b1
Portal: method to auto submit data through POST
2010-02-22 11:07:48 +00:00
Clément Oudot
7444d9802c
Portal: set content-type to application/xml for SOAP response
2010-02-22 10:08:14 +00:00
Clément Oudot
3eac5ce288
Portal: display logout status to user
2010-02-20 11:44:05 +00:00
Clément Oudot
9766b8457a
SAML: SP SLO response trough HTTP-REDIRECT and SOAP
2010-02-19 11:33:34 +00:00
Clément Oudot
bd2c92f207
SAML: SP SLO in progress
2010-02-18 17:22:04 +00:00
Clément Oudot
46764465b2
SAML: SP SLO in progress
2010-02-17 17:37:38 +00:00
Clément Oudot
3606362946
LDAP:
...
* Add ldapGroupRecursive to enable recursive group search
* Create searchGroup method in _LDAP
* Create getLdapValue method in _LDAP to manage DN and multi-valued attributes
2010-02-05 14:17:55 +00:00
Clément Oudot
dae6b880be
Portal: force authentication is now working
2010-02-05 10:21:48 +00:00
Clément Oudot
3a3ec647e9
SAML: IDP choice
2010-02-04 12:30:18 +00:00
Clément Oudot
90a08dbbde
Portal/Multi:
...
* Get the correct _auth and _userDB value when using Multi
* Resolve a bug: functions of modules loaded in _Multi were not available for _subProcess
* Use a common loadModule method between Simple.pm and _Multi.pm
* Do not consider PE_FORMEMPTY and PE_FIRSTACCESS as errors in Multi process
2010-01-28 14:47:51 +00:00
Clément Oudot
760f62e534
Portal: set _auth, _userDN, _passwordDB and _issuerDB in session, to know which module was used to open the session of the user
2010-01-27 16:30:19 +00:00
Clément Oudot
b904587edd
Portal: portalForceAuthn option was unusable with Menu password change
2010-01-27 14:04:41 +00:00