dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,344 Commits 3 Branches 0 Tags 75 MiB
edb345f23c
Commit Graph

137 Commits

Author SHA1 Message Date
Clément Oudot
a9c5d000fd SAML: 
* IDP list key is now entityID
* Do not trust IDP cookie to find current IDP (use SAML message remote provider ID)
* Ignore signature before processing SAML message, and check it after (work in progress)
 2010-04-30 14:55:40 +00:00
Thomas CHEMINEAU
423541455b SAML: 
- Manage SOAP relay logout request;
- Fix a bug into info.tpl.
 2010-04-29 13:39:26 +00:00
Xavier Guimard
1380d89865 New session explorer (not finished but useable) + some little tips 2010-04-28 19:57:16 +00:00
Thomas CHEMINEAU
f351ab97f6 SAML: work in progress to manage asynchronous SOAP logout requests 2010-04-28 17:16:38 +00:00
Clément Oudot
37afeeaeb5 SAML: force attribute values in UTF-8 (JIRA #21) 2010-04-28 14:56:36 +00:00
Thomas CHEMINEAU
c236505f45 SAML: manage SOAP logout request send by IDP to SP 2010-04-28 14:29:52 +00:00
Thomas CHEMINEAU
d9db773996 SAML: now use get_first_http_method when sending logout request on SP 2010-04-28 10:28:21 +00:00
Thomas CHEMINEAU
873aa0c32e SAML: generalizing and moving some functions to _SAML.pm 2010-04-26 17:06:49 +00:00
Thomas CHEMINEAU
cd8b59998b SAML: first work on dispatching logout requests to SP during IDP SLO process 2010-04-22 17:01:37 +00:00
Clément Oudot
70a214b9e0 SAML: 
* Use Lasso method to get OneTimeUse flag
* Use Session _utime to calculate assertion NotOnOrAfter date
 2010-04-16 13:38:43 +00:00
Clément Oudot
95b28956fe SAML: add methods to disable signature verification (tests in progress) 2010-04-16 10:13:20 +00:00
Clément Oudot
4379adc014 SAML: reformate SP list to use EntityID as primary key 2010-04-15 14:42:17 +00:00
Clément Oudot
d9c4b44c4b Add multiValuesSeparator configuration parameter 2010-04-15 11:15:36 +00:00
Clément Oudot
ebf2deae28 SAML: SSL authentication context is TLSClient and not X509 2010-04-15 09:06:53 +00:00
Clément Oudot
457430f2f7 SAML: map authenticationLevel and authn context 2010-04-14 16:22:55 +00:00
Clément Oudot
c4e1379452 * make tidy 
* Manage authenticationLevel in all authentication backends
 2010-04-14 15:37:57 +00:00
Clément Oudot
2406d832e9 SAML: manage Lasso session in artifacts 2010-04-12 15:03:54 +00:00
Clément Oudot
ae66b57881 SAML: load and store Lasso Identity and Session 2010-04-12 13:23:22 +00:00
Clément Oudot
91e1419f57 SAML: artifact resolution response in SP and IDP 2010-04-12 09:09:53 +00:00
Clément Oudot
7fef157210 SAML: possibility to configure a different storage for SAML objects (samlStorage) than sessions storage (globalStorage) 2010-04-09 13:27:54 +00:00
Clément Oudot
46808d3f78 SAML: manage artifact (work in progess) 2010-04-08 16:28:10 +00:00
Clément Oudot
fb9f964515 SAML: move use POSIX from AuthSAML to _SAML 2010-04-08 09:43:28 +00:00
Clément Oudot
cdaea23ac5 SAML: create methods to convert timestamp and SAML2 dates, and set all dates in assertion created by IDP 2010-04-08 09:39:53 +00:00
Clément Oudot
89bf4a6630 SAML: build assertion 2010-04-07 16:37:23 +00:00
Clément Oudot
ecf5612e4f SAML: 
* Build artifact or complete SSO reponse message
* Send SSO response message
* Correct a bug when loading relayState in POST fields
 2010-04-07 15:14:17 +00:00
Clément Oudot
f9e8ce7092 SAML: validate request message 2010-04-07 12:27:50 +00:00
Clément Oudot
7859ba292a SAML: trust hidden fields when they are present 2010-04-07 10:11:21 +00:00
Thomas CHEMINEAU
0974c128ec SAML: fix a little bug 2010-04-02 15:34:44 +00:00
Thomas CHEMINEAU
7202a6651f SAML: manage hidden values for SAML authentication request 2010-04-02 15:28:29 +00:00
Clément Oudot
119386dca7 SAML: use checkMessage in AuthSAML 2010-04-02 14:47:17 +00:00
Clément Oudot
f87d6b9b3d SAML: IDP requestedAuthnContext option 2010-04-01 16:32:51 +00:00
Clément Oudot
a11caf800f SAML: IDP isPassive option 2010-04-01 14:40:29 +00:00
Clément Oudot
bb86139ce4 SAML: work on SSO/SLO signature options 2010-04-01 14:18:37 +00:00
Clément Oudot
6d505c9468 SAML: IDP option to validate SSO response signature -not working now 2010-04-01 12:51:32 +00:00
Clément Oudot
70f853e681 SAML: IDP option to sign SSO requests 2010-04-01 09:55:33 +00:00
Thomas CHEMINEAU
ba6bb76549 SAML: 
- Move part of the code into _SAML.pm so that it could be reused;
- Create the method checkMessage that check SAML requests and responses.
 2010-03-26 16:02:27 +00:00
Thomas CHEMINEAU
e7103c56c5 SAML: implementing issuerForUnAuthUser 2010-03-26 13:56:37 +00:00
Clément Oudot
07c528d6fd SAML: update POD 2010-03-26 09:35:31 +00:00
Clément Oudot
53d5212068 SAML: remove HTTP-GET binding since it is not supported by SAML2 (replaced by HTTP-REDIRECT) 2010-03-25 16:43:34 +00:00
Thomas CHEMINEAU
b67654d42d SAML: code to load SP metadata 2010-03-25 14:44:38 +00:00
Thomas CHEMINEAU
dec9d562d8 SAML: work in progress in IssuerDBSAML 2010-03-25 11:24:52 +00:00
Thomas CHEMINEAU
a3a80947bc SAML: move code that load SAML services and IDPs into _SAML 2010-03-25 11:01:32 +00:00
Clément Oudot
bc7df7b3bc SAML: correct NAME POD section to prevent lintian warning 2010-03-25 08:55:42 +00:00
Clément Oudot
5c26f07d27 SAML: proxy restriction was not working, now it is set in authn request conditions 2010-03-24 12:33:45 +00:00
Clément Oudot
ae4ff763df SAML: manage HTTP method choice for SSO 2010-03-05 16:57:11 +00:00
Clément Oudot
c2b7c07dc1 SAML: use NameIDFormat option 2010-03-05 09:28:28 +00:00
Clément Oudot
0979ba0f28 SAML: use ForceAuthn option 2010-03-05 08:54:01 +00:00
Clément Oudot
71283e3596 SAML: attribute request in UserDBSAML 2010-03-03 16:54:23 +00:00
Clément Oudot
923e509226 SAML: split conditions validation between time and auience 2010-03-01 09:42:25 +00:00
Clément Oudot
1cecbe512d SAML: Manage logout redirection URL trough RelayState in SLO 2010-03-01 09:19:28 +00:00
Clément Oudot
2c584cf7f7 SAML: 
* Use authForce method to know if authentication should be forced
* Use a common method to store replay protection data
* Use _utime in relaystate state
* Let Lasso choose the defaut transport and binding for requests
 2010-02-28 19:07:02 +00:00
Xavier Guimard
58c28c5732 * Inheritance instead of @EXPORT 
* Purge CGI::Session dependency (LA)
 2010-02-26 10:53:43 +00:00
Clément Oudot
7eefc6af1f SAML: manage SOAP 2010-02-26 09:12:18 +00:00
Clément Oudot
9c228f7022 SAML: Manage relayState trough session backend 2010-02-25 11:39:55 +00:00
Clément Oudot
9937568f97 SAML: manage SSO response trough Artifact 2010-02-24 15:24:54 +00:00
Clément Oudot
38060929fb SAML: 
* Use new configuration keys
* sum up replay protection code
 2010-02-22 17:12:16 +00:00
Clément Oudot
9766b8457a SAML: SP SLO response trough HTTP-REDIRECT and SOAP 2010-02-19 11:33:34 +00:00
Clément Oudot
2238075912 SAML: SP SLO validate request 2010-02-18 17:42:31 +00:00
Clément Oudot
bd2c92f207 SAML: SP SLO in progress 2010-02-18 17:22:04 +00:00
Clément Oudot
a6d7f7a3a3 SAML: 
* Send correct logout request
* Use getMetaDataURL to get URL from metadata configuration keys
 2010-02-18 09:58:59 +00:00
Clément Oudot
46764465b2 SAML: SP SLO in progress 2010-02-17 17:37:38 +00:00
Clément Oudot
5b34644e10 SAML: SLO initiated by SP (not achieved) 2010-02-17 15:13:00 +00:00
Clément Oudot
3da1b1ed19 SAML: conditions validations corrected in Lasso 2010-02-17 11:51:01 +00:00
Clément Oudot
d5d56f7649 SAML: conditions validation 2010-02-15 17:03:07 +00:00
Clément Oudot
12668e7cc2 SAML: register attributes from SAML authn statement in session 2010-02-12 14:26:45 +00:00
Clément Oudot
71f142316f SAML: 
* IDP metadata are in metadata key
* Use IDP internal ID instead of entityID to keep choosen IDP information
* Use base64 encoding for RelayState value
 2010-02-12 10:53:43 +00:00
Clément Oudot
cb7f7f8bd1 SAML: first complete SP cinematic implementation 2010-02-11 12:39:42 +00:00
Clément Oudot
e323fe1cf5 SAML: customize authentication request 2010-02-10 17:18:46 +00:00
Clément Oudot
f265cbce57 SAML: NameID management 2010-02-09 20:49:23 +00:00
Clément Oudot
e891c13ad3 SAML: use query_string and get name identifier 2010-02-09 09:02:39 +00:00
Clément Oudot
040aea4dfb SAML: 
* Redirect user to IDP SSO URL
* Catch IDP response for HTTP-REDIRECT binding
 2010-02-08 17:24:45 +00:00
Xavier Guimard
788f688d78 little thing 2010-02-08 10:21:34 +00:00
Xavier Guimard
be93f8dc47 Somes fixes 2010-02-08 10:16:28 +00:00
Xavier Guimard
fad774f41b Fix some little bugs 2010-02-08 10:06:21 +00:00
Clément Oudot
434f8ea286 SAML: better organization name management 2010-02-05 17:18:09 +00:00
Clément Oudot
9b0c8ef9c1 SAML: use serviceToXML 2010-02-05 16:14:05 +00:00
Clément Oudot
a1976436b6 SAML: build authentication request 2010-02-04 16:02:02 +00:00
Clément Oudot
a15fdcaaae SAML: 
* Lasso error can be a string or a Lasso::Error object
* Use private key to create Lasso::Server
* Perl binding bug resolution waiting: some method arguments should accept NULL values
 2010-02-03 10:59:53 +00:00
Clément Oudot
79075b8e5c SAML: do not force optional parameters in add_provider_from_buffer 2010-02-02 22:16:29 +00:00
Clément Oudot
8b883bc147 SAML: typo in Lasso method 2010-02-02 21:55:25 +00:00
Clément Oudot
718e4fa136 SAML: add IDP in Lasso::Server 2010-02-01 17:07:40 +00:00
Clément Oudot
bcfdac9dd1 SAML: catch Glib messages 2010-02-01 15:24:56 +00:00
Clément Oudot
8abef3a99b SAML: 
* perltidy
* use XML::Simple instead of XML::LibXML to parse XML
* Add initializeFromConfHash method to use directly configuration hash object
* Create Lasso server with metadata in buffers rather than XML files
 2010-02-01 14:01:28 +00:00
Clément Oudot
ccbb52c13c SAML: create Lasso Server 2010-01-29 17:33:35 +00:00
Clément Oudot
5dd981fa85 SAML: load Lasso method 2010-01-29 10:44:56 +00:00
Xavier Guimard
8102f72d50 POD updates : 
* spelling errors found by Lintian
 * encoding utf8
 2010-01-03 08:09:59 +00:00
Xavier Guimard
a98e3ac8bb SAML skeleton 2009-04-07 20:38:24 +00:00