Clément Oudot
50e88a68a7
Manage X-FORWARDED-FOR with multiple IP
2009-06-03 14:52:22 +00:00
Clément Oudot
75c1f0feae
LEMONLDAP::NG : Reset password by mail (new functionnality)
2009-05-28 16:31:39 +00:00
Clément Oudot
43988469c7
LEMONLDAP::NG : Manage X-FORWARDED-FOR header for IP (close bug #312340 )
2009-05-20 09:29:52 +00:00
Clément Oudot
0d9eaed6fc
LEMONLDAP::NG :
...
* Correct XSS on user field
* Add "XSS attack detected" log messages
2009-05-19 08:52:27 +00:00
Clément Oudot
565ba83c05
LEMONLDAP::NG :
...
* Verify old password before modify
* Add the "PE_BADOLDPASSWORD" error
* Minor changes in pastel skin
* Erase old default skins
* Move icons to skins/common
2009-05-18 13:53:51 +00:00
Clément Oudot
cae5e6ed98
LemonLDAP::NG :
...
* Create PasswordDBLDAP
* Force password modification when password is reset with ppolicy
* new parameter ldapSetPassword: set to 1 if you want to use the LDAP extended operation rather than LDAP modify
* TODO: update HTML templates
2009-05-14 16:19:49 +00:00
Xavier Guimard
051f61b288
Since CGI stores now parameters at the root of the object, param is now redefined in Common/CGI.pm to secure those parameters
2009-04-11 11:16:44 +00:00
Xavier Guimard
c40c13734e
SAML skeleton in progress...
2009-04-08 16:31:13 +00:00
Xavier Guimard
a98e3ac8bb
SAML skeleton
2009-04-07 20:38:24 +00:00
Xavier Guimard
740ad09f9f
Safelib + LDAPFilter parameter
2009-04-05 08:12:16 +00:00
Xavier Guimard
8bc0d20afa
* Portal can now been used as 'proxy' for SOAP session storage.
...
* Session explorer works now with SOAP session storage (very low performances)
2009-04-03 16:17:57 +00:00
Xavier Guimard
b0b971b241
Double session mechanism : 2 cookies are generated, 1 secured, the other not.
...
Handlers detects automatically the cookie to choose.
2009-03-31 10:52:43 +00:00
Xavier Guimard
e5e80709e6
Use Net::LDAP high availability system
...
%ENV was not shared
2009-03-08 17:37:31 +00:00
Xavier Guimard
231f54ddf0
* New authentication and userDB module : 'Multi' to chain authentication modules.
...
* Compilation for ModPerl::Registry by default
2009-03-08 08:50:58 +00:00
Xavier Guimard
859be3923f
* Doxygen doc update
...
* More tests
* perltidy on tests
2009-02-25 18:10:07 +00:00
Xavier Guimard
6307a00750
Lot of work on Portal SOAP services. Now 5 functions are exported:
...
* getAttributes(cookieValue)
* getConfig()
* getCookies(user,password)
* error(code,language)
* newNotification(xml)
WSDL is up to date but getConfig is not documented since it's a Lemonldap::NG internal service.
2009-02-24 17:53:59 +00:00
Xavier Guimard
20764ad812
New authentication and userDB backend : "Remote" can be used to check authentication from a remote Lemonldap::NG portal using CDA
2009-02-23 17:35:38 +00:00
Xavier Guimard
018bee1fc6
CDA now included in main portal
2009-02-17 15:39:14 +00:00
Xavier Guimard
553058998f
Doxygen comments update
2009-02-17 15:22:42 +00:00
Xavier Guimard
ffb5ee8e33
Doxygen filter modification to show authentication process methods
2009-02-17 14:56:38 +00:00
Xavier Guimard
5803952784
* delete log() method from the portal :
...
* user actions are logged by userNotice() and userError()
* other access are logged by HTTP server
* create authenticate() method in Simple.pm used to launch userNotice() for
all authentication method
2009-02-15 17:58:38 +00:00
Xavier Guimard
b6cdee5d2a
Now userNotice and userError are customizable like subs called by _subProcess
2009-02-15 11:30:25 +00:00
Xavier Guimard
415d23b6e4
User actions are now registered with 3 functions :
...
* log : normal access to the portal
* userNotice : authentications, logout,...
* userError : bad password,...
A new parameter 'syslog => "auth"' can be set to log userNotice and userError via syslog
2009-02-15 08:53:44 +00:00
Xavier Guimard
0c18700f65
* cleaning code :
...
* session have not to be recover in Menu since it's done before bu the portal
* accounting in CGIs (ModPerl::Registry context only) :
* used by portal to inform Apache
2009-02-14 08:55:19 +00:00
Xavier Guimard
19e59af4cd
log & debug method lmLog() for CGIs
2009-02-12 19:48:53 +00:00
Clément Oudot
ed55803c04
LEMONLDAP::NG : Abort redirection if ppolicy warnings are present
2009-02-12 17:09:33 +00:00
Xavier Guimard
f8169c1909
Notification system in progress :
...
* File storage is running
* DBI storage has not yet been tested
Documentation update
2009-02-11 16:18:38 +00:00
Xavier Guimard
7c1ff1d938
Versions update
2009-02-10 17:28:27 +00:00
Xavier Guimard
c5a5ba909f
Typo in pod
2009-02-08 19:12:08 +00:00
Xavier Guimard
fbdb9ccb22
LEMONLDAP::NG : * Version is missing in SOAPServer.pm
...
* perltidy on Portal/Simple.pm
2009-02-08 07:59:46 +00:00
Xavier Guimard
1800497815
LEMONLDAP::NG : propagation of 0.9.3.4 changes
2009-02-05 17:05:18 +00:00
Xavier Guimard
a25e10b040
LEMONLDAP::NG : * documentation modification
...
* SOAP service to update notification database
2009-02-03 09:36:13 +00:00
Xavier Guimard
1b6f56699a
LEMONLDAP::NG : Missing file Portal/Notification.pm
2009-02-02 08:53:51 +00:00
Xavier Guimard
85d765a002
LEMONLDAP::NG : WSDL for portal + dependency of Crypt::Rijndael in Debian
2009-02-01 15:38:06 +00:00
Xavier Guimard
21f5808cdf
LEMONLDAP::NG : Notification system is running now (for file storage only). TODO: Soapservice to accept notifications
2009-01-30 15:26:34 +00:00
Xavier Guimard
2540bb36f0
LEMONLDAP::NG : * new feature in devel : notification system
...
* now, there is a shared key that can be use to crypt datas
(used in notification to hide cookie value)
2009-01-28 17:37:10 +00:00
Xavier Guimard
bfab1a6e3b
LEMONLDAP::NG Doxygen in progress
2008-12-31 15:10:02 +00:00
Xavier Guimard
41fe04e8b8
LEMONLDAP::NG : Doxygen documentation in progress...
2008-12-29 10:28:31 +00:00
Xavier Guimard
2e5911ac4e
LEMONLDAP::NG : Doxygen in progress.
2008-12-28 08:36:52 +00:00
Clément Oudot
985bdc2509
LEMONLDAP::NG : don't test url if direct access to portal
2008-12-27 11:00:45 +00:00
Xavier Guimard
13a5a1daab
LEMONLDAP::NG : Doxygen documentation in progress
2008-12-26 17:58:48 +00:00
Xavier Guimard
78852ac337
LEMONLDAP::NG perltidy
2008-12-24 14:57:23 +00:00
Xavier Guimard
13cdc9b8ec
LEMONLDAP::NG : XSS patch not compatible with logout system
2008-12-24 14:55:44 +00:00
Xavier Guimard
2449e92c2d
LEMONLDAP::NG : A site in the protected domain is accepted in $portal->{urldc} even if the site is not declared in the manager
2008-12-24 09:12:53 +00:00
Xavier Guimard
cc07eae107
LEMONLDAP::NG : customFunctions are now shared in macros, groups, headers and rules
2008-12-11 17:02:02 +00:00
Xavier Guimard
a77e385730
LEMONLDAP::NG : little bug in SOAP error()
2008-12-08 10:56:19 +00:00
Xavier Guimard
16a29be9fa
LEMONLDAP::NG : error display in SOAP
2008-12-07 20:07:52 +00:00
Xavier Guimard
b9ba2337e4
LEMONLDAP::NG : now the portal can be called by browser or by SOAP
2008-12-07 14:12:36 +00:00
Xavier Guimard
68d447b422
LEMONLDAP::NG : typo
2008-12-07 12:15:40 +00:00
Xavier Guimard
53dc4bbbf4
LEMONLDAP::NG : * To avoid XSS, 3 controls :
...
1) url must be base64 encoded
2) urldc is serialized on 1 line ("s/[\r\n]//sg")
3) urldc must not contains '"`\0<
* Common/CGI can now intercept SOAP requests
2008-12-07 09:02:44 +00:00
Xavier Guimard
8b4f38e58c
LEMONLDAP::NG : XSS prevention
2008-12-06 10:26:24 +00:00
Xavier Guimard
66c60cc416
LEMONLDAP::NG : * branche 0.9.2 is missing
...
* ' and " are now filtered in url in Portal.pm
2008-12-06 07:27:35 +00:00
Xavier Guimard
5f552f4085
LEMONLDAP::NG : minnor things
2008-12-03 18:30:57 +00:00
Clément Oudot
35df5dddb8
LEMONLDAP::NG : Enforce XSS protection by deleting bad urls
2008-12-03 16:41:30 +00:00
Xavier Guimard
24a14caeda
LEMONLDAP::NG : * Security fix : redirections in portal must be in protected sites
...
* perltidy in Manager/Sessions.pm
* Doxygen in progress...
2008-12-03 16:05:27 +00:00
Xavier Guimard
fbc8b7bfd2
LEMONLDAP::NG : * security fix => XSS
...
* Begin Doxygen documentation
2008-12-03 13:27:30 +00:00
Xavier Guimard
de7edc7387
LEMONLDAP::NG : better manner to delete cookie
2008-12-01 13:39:52 +00:00
Xavier Guimard
d7bbb44924
LEMONLDAP::NG : * change default value for existing sessions : now, it's PE_DONE
...
* after POST and logout, Portal generates a redirection to itself unless an url is given. This help MSIE to relog after logout
2008-12-01 09:36:02 +00:00
Xavier Guimard
96e625a29d
LEMONLDAP::NG : binmod(STDOUT,'utf8') has to be called at each request
2008-11-26 11:20:36 +00:00
Xavier Guimard
ccbb0a12e0
LEMONLDAP::NG : * eval+abort in XML parsing (to avoid die include in XML::LibXML)
...
* Correct use of UTF8 : a apps-list.xml UTF8 encoded was not displayed correctly
2008-11-26 11:11:03 +00:00
Xavier Guimard
a72eebdd81
LEMONLDAP::NG : Notification system skeleton
2008-11-24 06:57:18 +00:00
Xavier Guimard
2725f06fd3
LEMONLDAP::NG : * Handler/SharedConf.pm is more simple now since it use the new Conf.pm capabilities
...
* CGIs now use abort() instead of die
* debug system in COnf.pm (set "LogLevel debug" in Apache)
2008-11-21 17:51:52 +00:00
Xavier Guimard
63f196078b
LEMONLDAP::NG : die replaced by $self->abort in CGIs
2008-11-21 07:27:08 +00:00
Xavier Guimard
ac87a4b49e
LEMONLDAP::NG : removing old feature : LDAP filter in groups
2008-11-20 18:13:27 +00:00
Xavier Guimard
a75e882741
LEMONLDAP::NG : New module Sessions.pm to manage sessions
2008-11-04 16:35:16 +00:00
Clément Oudot
9e2a494da5
LEMONLDAP::NG : password can now be stored in session
2008-10-16 07:35:42 +00:00
Xavier Guimard
26c944caa7
LEMONLDAP::NG : UserDB system updated + general perltidy
2008-10-07 20:15:48 +00:00
Xavier Guimard
80f199fbc7
LEMONLDAP::NG : LDAP User database module
2008-10-05 18:42:50 +00:00
Clément Oudot
6623c149f6
LEMONLDAP::NG : corrections on enhanced menu
2008-09-26 07:36:30 +00:00
Clément Oudot
b14983208c
LemonLDAP::NG : W3C standards compliance and password modification module
2008-09-19 15:28:00 +00:00
Clément Oudot
1c15139a3a
LemonLDAP::NG : pre-release of new Portal::Menu module
2008-09-18 08:34:17 +00:00
Xavier Guimard
7c9bb1621d
LEMONLDAP::NG : bug in doc
2008-09-10 10:40:01 +00:00
Xavier Guimard
4e90f24172
LEMONLDAP::NG : perltidy + template language detection regexp
2008-09-04 06:05:24 +00:00
Clément Oudot
b264d0f8c7
LemonLDAP::NG : HTML::Template translation filter
2008-09-03 16:11:16 +00:00
Xavier Guimard
8364a0e78d
LEMONLDAP::NG : CPAN versions update and little doc update
2008-08-25 19:54:24 +00:00
Xavier Guimard
7c3a6f3cfc
LEMONLDAP::NG : complete integration of Password Policy (i18n not done)
2008-08-08 16:19:16 +00:00
Xavier Guimard
e1b8027ccd
LEMONLDAP::NG : pod update
2008-06-11 06:00:26 +00:00
Xavier Guimard
8c073cc030
LEMONLDAP::NG : little corrections issued from CPAN test
2008-06-06 12:59:36 +00:00
Xavier Guimard
7bac798370
LEMONLDAP::NG : * new auth architecture
...
* environment variables can now be used in exportedVars (usefull to access to SSL variables)
* UTF-8 in examples
* Romanian translation of portal
2008-06-06 03:51:39 +00:00
Xavier Guimard
9b523a3534
LEMONLDAP::NG : revert to revision 310 : new auth architecture is not usable in some case
2008-06-01 06:25:09 +00:00
Xavier Guimard
2962eb2699
LEMONLDAP::NG : now, new auth architecture is running...
2008-05-31 13:33:34 +00:00
Xavier Guimard
772a9ad1e8
LEMONLDAP::NG : new sub "authInit" called by new() to initialize authentication module
2008-05-30 06:07:37 +00:00
Xavier Guimard
aca6815c1b
LEMONLDAP::NG : New auth architecture in Portal
2008-05-30 04:47:32 +00:00
Xavier Guimard
83ec000c5f
LEMONLDAP::NG : new constant : PE_CERTIFICATEREQUIRED
2008-05-25 13:17:16 +00:00
Xavier Guimard
dc8d0a4334
LEMONLDAP::NG : new functionality in Poratl/AuthSSL.pm : the parameter SSLRequire can be set to 0 to authenticate users both by certificate or login/password
2008-05-25 12:54:45 +00:00
Xavier Guimard
f52755060e
LEMONLDAP::NG : Debian default portal is now issued from index_skin.pl
...
Update versions
2008-05-24 19:12:28 +00:00
Xavier Guimard
87d1f521e1
LEMONLDAP::NG : now, status page displays portal activity if an handler exists
2008-05-11 19:21:39 +00:00
Clément Oudot
3a8e138a88
Add perldoc for Password Policy
2008-05-10 09:31:43 +00:00
Xavier Guimard
edfb4aa305
LEMONLDAP::NG : update module versions and changelogs
2008-04-07 13:04:14 +00:00
Xavier Guimard
23ae454e60
LEMONLDAP::NG : When Net::LDAP::Control::PasswordPolicy isn't available, constants LDAP_CONTROL_PASSWORDPOLICY LDAP_PP_ACCOUNT_LOCKED LDAP_PP_PASSWORD_EXPIRED are not available. So I added a "no strict 'subs'" else, compilation failed whith earlier Net::LDAP packages.
2008-04-03 09:09:43 +00:00
Xavier Guimard
1e46733d63
LEMONLDAP::NG : Constants LDAP_CONTROL_PASSWORDPOLICY LDAP_PP_ACCOUNT_LOCKED LDAP_PP_PASSWORD_EXPIRED are not exported if Net::LDAP::Control::PasswordPolicy is missing, so we have to add an "eval"
2008-04-03 08:55:11 +00:00
Clément Oudot
0a11a048e7
Add support for LDAP Password Policy
2008-03-31 14:25:14 +00:00
Xavier Guimard
2690cc4cfb
LEMONLDAP::NG : Liberty-Alliance integration in progress...
2007-10-22 19:42:19 +00:00
Xavier Guimard
57bb1df1b4
LEMONLDAP::NG : little bug in Portal/Simple.pm, timeout avoidance in
...
Manager/Conf/DBI.pm and new feature in Handler: port can
be fixed in redirection to avoid some Apache problems.
2007-07-30 19:38:19 +00:00
Xavier Guimard
621afef56b
LEMONLDAP::NG : New features :
...
* new logout system: URL interception can now be configured in Manager interface
* TLS can now be used in LDAP connexions
2007-07-22 20:30:27 +00:00
Xavier Guimard
d739803b92
LEMONLDAP::NG : security bug in Portal/Simple.pm
2007-07-06 09:38:31 +00:00
Xavier Guimard
2df9aed0f9
LEMONLDAP::NG : little bug in redirect sub (Portal/Simple.pm)
2007-07-03 05:48:52 +00:00
Xavier Guimard
5ffac30027
LEMONLDAP::NG : Change in configuration storage format ( Closes : #307173 ) and documentation
2007-06-13 12:04:02 +00:00
Xavier Guimard
c1ef3e0b87
LEMONLDAP::NG : another little bug correction in CDA (thanks to Alex)
2007-05-23 06:48:07 +00:00
Xavier Guimard
3b70838704
LEMONLDAP::NG : version 0.8.2.1. Bug correction in DBI configuration access
2007-05-15 04:31:10 +00:00
Xavier Guimard
a156a2d825
LEMONLDAP::NG : SOAP HTTP basic authentication
2007-05-06 14:41:30 +00:00
Xavier Guimard
6af2a2c60b
LEMONLDAP::NG : New feature: configurations management (next; last, previous, delete)
2007-05-05 14:13:44 +00:00
Xavier Guimard
dfc4b52e8a
LEMONLDAP::NG : Bug fix in other authentication scheme than default (ldap)
2007-04-14 20:38:55 +00:00
Xavier Guimard
e502a3dc57
LEMONLDAP::NG::Handler :
...
* new feature: Lemonldap::NG::Handler::CGI can be used directly in Perl CGI instead of using a real handler
* little bugs correction
2007-04-14 13:12:11 +00:00
Xavier Guimard
305c6a8c88
LEMONLDAP::NG : More tests in Lemonldap::NG::Manager
2007-04-10 05:15:26 +00:00
Xavier Guimard
0a3512617a
Lemonldap::NG : new web site in POD
2007-04-02 19:13:05 +00:00
Xavier Guimard
f84b7eccd4
LEMONLDAP::NG : $startDate and $date are not available for rules.
2007-03-23 19:56:33 +00:00
Xavier Guimard
f80730b65f
LEMONLDAP::NG : Single logout (portal and handler) and restricted manager are finished (TODO: single logout doc)
2007-03-18 18:33:38 +00:00
Xavier Guimard
71f3f7310c
LEMONLDAP::NG : Multi-valued attributes in HTTP headers ( Closes : #306792 )
2007-03-15 21:14:00 +00:00
Xavier Guimard
9c9bec7ca5
LEMONLDAP::NG : Version 0.803
2007-03-15 07:08:34 +00:00
Xavier Guimard
baf74b2cc4
LEMONLDAP::NG :
...
stable : bug correction: existingSessions was never called in Portal/Simple.pm
trunk : new feature: logout
2007-03-14 07:28:53 +00:00
Xavier Guimard
2523a54943
LEMONLDAP::NG : new features:
...
- 'apply changes' button in Manager used to reload configuration
in handlers (by calling reload sub via HTTP)
- i18n module in portal (for displaying errors)
- lock in DBI configuration system (NOT YET TESTED)
2007-03-04 14:52:51 +00:00
Xavier Guimard
8852e3db5d
LEMONLDAP::NG : new feature: authentication via CAS
2007-03-01 20:03:19 +00:00
Xavier Guimard
7c40292c0d
* New feature: configurtion access via SOAP
2007-02-28 12:56:35 +00:00
Xavier Guimard
0f1d5ce5cc
* Cross Domain Authentication works now.
...
* An example is now given for using Lemonldap::NG as a slave of another Web-SSO.
2007-02-24 13:30:53 +00:00
Xavier Guimard
9a8d380ad7
New feature in Portal: Cross-Domain-Authentication (Lemonldap::NG::Portal::CDA).
2007-02-23 05:31:32 +00:00
Xavier Guimard
2f01f72553
Change update
2007-02-11 08:40:09 +00:00
Xavier Guimard
d57de94078
New feature in Portal: existing sessions are now examined and a new sub
...
`existingSession' is called if a previous session has been found.
2007-02-11 08:31:56 +00:00
Xavier Guimard
91844e41be
Little corrections
2007-01-14 19:39:07 +00:00
Xavier Guimard
23d2343774
* New feature: 'macros' parameter can be used to add exported variables
...
calculated with other LDAP attributes. It can be used to simplify rules
configuration
* Correction of bad use of Safe in portal: groups mechanism was not working
well since we use Safe
2007-01-13 19:34:03 +00:00
Xavier Guimard
6f2a40e4ed
Comments in Portal code
2007-01-11 06:42:57 +00:00
Xavier Guimard
90522e3e96
* Help system skeleton in Manager
...
* Correction in apache-1.3 configuration file
* Rights corrections in example files (Apache::Registry needs +x for apache-1.3
* perltidy on all files
2007-01-04 08:42:13 +00:00
Xavier Guimard
f96f94bad5
Portal POD update
2006-12-24 08:37:27 +00:00
Clément Oudot
50727aa3f6
Initial import from SF and other sources
2006-12-18 11:32:33 +00:00