lemonldap-ng (2.0.0~alpha2) testing; urgency=low lemonldap-ng (2.0.0~alpha1) testing; urgency=low lemonldap-ng (1.9.14) stable; urgency=high * #707: Kerberos authentication module * #1308: make saml work with POST sso binding and multiple authentication * #1310: Form replay javascript generates error for fields with a dot * #1315: Missing Mouse dependency in Debian packages * #1316: In docs, for Alfresco, said they need to add an exclusion for ressources path * #1324: Allow SAML with Office365 multidomains * #1326: SessionIndex should not be mandatory in SAML SingleLogoutRequest * #1328: Value 0 can not be set in hidden field * #1329: No need to 'warn' if no IDP or SP is present in configuration * #1331: Manage UTF-8 values in HTTP headers lemonldap-ng (1.9.13) stable; urgency=high * [LEMONLDAP-1209] - [UTF8-Enconding] Issues with mysql backend and saml attributes * [LEMONLDAP-1303] - Debian 9 and JSON parsing error - OpenID Connect * [LEMONLDAP-1304] - make saml tolerant to issuerDBSAMLPath lemonldap-ng (1.9.12) stable; urgency=high * [LEMONLDAP-1293] - Unable to delete "Exported Attributes" in SAML SP * [LEMONLDAP-1294] - Debian - JSON - Apache::Session module failed * [LEMONLDAP-1295] - Bad UserInfo response wihen attribute values are Perl references * [LEMONLDAP-1297] - Restrict reload url to the localhost * [LEMONLDAP-1299] - Unable to use LemonLDAP on Debian Stretch - Portal issue * [LEMONLDAP-1298] - CAS logout redirect service lemonldap-ng (1.9.11) stable; urgency=high * [LEMONLDAP-1244] - CGIPassAuth not usable in CentOS 7.3.1611 because of old Apache version * [LEMONLDAP-1255] - Issue with openid-configuration.pl when updating Perl * [LEMONLDAP-1262] - Session expired on Handler * [LEMONLDAP-1277] - Missing screen shot in documentation * [LEMONLDAP-1288] - Empty hash configuration parameters are converted to empty scalar trough SOAP * [LEMONLDAP-1289] - Proxy authentication module does not catch authentication error * [LEMONLDAP-1245] - adding salt feature for database backend * [LEMONLDAP-1254] - APT warning on weak digest algo on lemonldap repository * [LEMONLDAP-1256] - Avoid 'forcedSAML' in Choice module * [LEMONLDAP-1261] - SAML SessionIndex may leak SSO data and cause interoperability issues * [LEMONLDAP-1263] - No error message when backend is in ReadOnly * [LEMONLDAP-1270] - Logout_* * [LEMONLDAP-1243] - LinkedIn authentication module * [LEMONLDAP-1286] - httpd dependency lemonldap-ng (1.9.10) stable; urgency=high * [LEMONLDAP-1202] - CSS an JS not correctly loaded in FR offline doc * [LEMONLDAP-1203] - NginX handler and CDA does not work * [LEMONLDAP-1207] - GUI Error (HTTP 500) on Issuer module "GET" * [LEMONLDAP-1214] - No display type selected when session expired and authentication done via Mutli or Choice * [LEMONLDAP-1218] - Warning on expired session can break transparent authentication * [LEMONLDAP-1231] - debian wheezy doc package not working * [LEMONLDAP-1233] - redirect_uri parameter validity should be checked first to avoid unwanted redirections * [LEMONLDAP-1211] - Provide error page / error message for error 404 and 502 * [LEMONLDAP-1219] - Reject same SAML EntityID for Service Providers * [LEMONLDAP-1225] - Lost Password error message lemonldap-ng (1.9.9) stable; urgency=high * [LEMONLDAP-1081] - SAML artifact server double encode UTF-8 characters * [LEMONLDAP-1193] - entityID not found in metadata if value is between simple quotes instead of double quotes * [LEMONLDAP-1195] - JS error when clicking on export configuration * [LEMONLDAP-1197] - CSP errors in Manager * [LEMONLDAP-1199] - Compilation error in IssuerDBOpenIDConnect.pm * [LEMONLDAP-1187] - Make crypto functions available in safe jail * [LEMONLDAP-1191] - Brute force protection for OIDC * [LEMONLDAP-1200] - Force AllowCreate in NameIDPolicy for broken SAML clients lemonldap-ng (1.9.8) stable; urgency=high * [LEMONLDAP-1121] - Fail to require customNginxHandler * [LEMONLDAP-1130] - SOAP request fail (FCGI) - missing path info * [LEMONLDAP-1136] - Mail reset form allows email enumaration * [LEMONLDAP-1139] - Errors "Session cannot be tied" * [LEMONLDAP-1141] - Bad encoding in reset password emails * [LEMONLDAP-1145] - Missing user identifier in mail reset log messages * [LEMONLDAP-1147] - SAML session ID * [LEMONLDAP-1149] - lemonldap-ng-fastcgi-server not working on CentOS7 * [LEMONLDAP-1152] - jquery-ui.min.js not found * [LEMONLDAP-1155] - Typo in OIDC OP for keeping acr_values parameter * [LEMONLDAP-1159] - Session concurrency issue with SAML + OpenID Connect flow * [LEMONLDAP-1166] - Typo in bootstrap footer.tpl * [LEMONLDAP-1170] - Browse sessions by ip address duplicates entries * [LEMONLDAP-1179] - Bad session count in sessions explorer multi IP tab * [LEMONLDAP-1086] - Make Debian packages autopkgtestable * [LEMONLDAP-1120] - Add public pages concept in LemonLDAP::Portal * [LEMONLDAP-1122] - Enclose expressions * [LEMONLDAP-1125] - Avoid using unsafe eval Javascript * [LEMONLDAP-1127] - SAML: Reject same entityID on different Metadata * [LEMONLDAP-1132] - Warn users about session expired in portal * [LEMONLDAP-1135] - Warnings in unit tests * [LEMONLDAP-1143] - Manage doc indexing using robots.txt to avoid indexing old doc * [LEMONLDAP-1144] - Add vhost in reject log message * [LEMONLDAP-1156] - Export OpenIDConnect request parameters in %ENV * [LEMONLDAP-1158] - Export CAS request parameters in %ENV * [LEMONLDAP-1129] - Extract CN field from SSL certificate (authSSL) * [LEMONLDAP-1177] - Custom skin lost when submitting login form lemonldap-ng (1.9.7) stable; urgency=high * [LEMONLDAP-1097] - invalid base64 encoding on openidconnect key2jwks * [LEMONLDAP-1099] - FCGI: reload method return Internal Server Error * [LEMONLDAP-1101] - SAML IDP-initiated : Federation not found on login * [LEMONLDAP-1102] - Random access denied * [LEMONLDAP-1105] - Broken openidconect oidcRPMetaDataOptionsExtraClaims parsing (or saving) when using sql datastore * [LEMONLDAP-1107] - Use of uninitialized value in pattern match...Simple.pm line 1561 * [LEMONLDAP-1109] - Notification DBI backend has compilation error * [LEMONLDAP-1117] - Corrupted persistent session when value has accentued characters and storage is LDAP * [LEMONLDAP-1096] - Use manager libraries for doc with "external" hook * [LEMONLDAP-1098] - Allow access tokens to be gathered as parameters too * [LEMONLDAP-1100] - Create custom lltype for custom handler * [LEMONLDAP-1104] - Allow the parameters for the reload url to contain basic credentials * [LEMONLDAP-1106] - returnJSONError on _OpenIDConnect.pm should return a 400 status not a 200 * [LEMONLDAP-1108] - caFile/caPathc options should be available for LDAPS, not only for LDAP+TLS * [LEMONLDAP-1110] - Provide autopkgtest tests * [LEMONLDAP-1114] - Missing DirectoryIndex in offline documentation * [LEMONLDAP-1116] - Change how we check signatures on SAML messages * [LEMONLDAP-173] - Token for cross domain authentication * [LEMONLDAP-1115] - Documentation error lemonldap-ng (1.9.6) stable; urgency=high * [LEMONLDAP-1058] - Timeout on save conf * [LEMONLDAP-1060] - Missing reload target for nginx * [LEMONLDAP-1064] - getApacheSession not working with id * [LEMONLDAP-1068] - Error in logout request * [LEMONLDAP-1069] - start-stop-daemon warning in lemonldap-ng-fastcgi-server init script * [LEMONLDAP-1071] - OpenID Connect discovery: LLNG does not use booleans * [LEMONLDAP-1075] - Unable to add rule or header in a vhost using lemonldap-ng-cli * [LEMONLDAP-1076] - IDP resolution rule is no more available in Manager * [LEMONLDAP-1078] - CryptoJS URL have changed * [LEMONLDAP-1079] - Security options for SAML are set to Off by default * [LEMONLDAP-1080] - Typo is URL matching for Auth OpenID * [LEMONLDAP-1093] - /run/llng-fastcgi-server is deleted on reboot * [LEMONLDAP-1094] - typo in error_pt.al * [LEMONLDAP-1001] - Possibility to configure the update interval used for timeout activity * [LEMONLDAP-1065] - Provide SSL options for AuthBasic * [LEMONLDAP-1082] - Return explicit error if no token endpoint auth method is set * [LEMONLDAP-1083] - Create an option to not store SAML/OIDC tokens in session * [LEMONLDAP-1084] - Disable SAML SLO request when LL::NG configured as SP and IDP does not support SLO * [LEMONLDAP-1087] - Allow to check audience and time conditions separately in SAML flow * [LEMONLDAP-1088] - Allow relayState to be a redirection URI * [LEMONLDAP-1089] - Option to bypass consent in OpenID Connect Issuer * [LEMONLDAP-1067] - Authbasic handler for Nginx lemonldap-ng (1.9.5) stable; urgency=high * [LEMONLDAP-966] - RSA Keys generated from Manager are incomplete * [LEMONLDAP-1028] - SAML SP SOAP logout does not happen * [LEMONLDAP-1046] - Default value for samlIDPMetaDataOptionsSSOBinding should be undef * [LEMONLDAP-1047] - SAML SLO from IDP does not work when SP is LL::NG * [LEMONLDAP-1048] - Unable to upgrade a configuration from 1.4 to 1.9 using lmConfigEditor * [LEMONLDAP-1049] - Unable to read LDAP session in 1.4 format with 1.9 version * [LEMONLDAP-1050] - signing in to chrome devices via sso is broken * [LEMONLDAP-1054] - test_config not found in lemonldap-ng-fastcgi-server init script * [LEMONLDAP-1059] - Portal disconnection warning * [LEMONLDAP-1043] - Display total number of sessions * [LEMONLDAP-1045] - Wrong SAML attributes encoding issued by IDP * [LEMONLDAP-1052] - Use Lasso 'thin-sessions' * [LEMONLDAP-1055] - Remove network access attempts during tests * [LEMONLDAP-1057] - Change displayed message when sending confirmation mail after password reset * [LEMONLDAP-1056] - SAML SLO relay URL not catched lemonldap-ng (1.9.4) stable; urgency=high * [LEMONLDAP-1034] - Missing dependencies in documentation * [LEMONLDAP-1036] - LDAP sessions are not purged * [LEMONLDAP-1037] - Using LDAP as conf backend, IssuerDBGetParameters with wrong value inserted after conf save * [LEMONLDAP-1038] - All information is lost when vhost or SAML/OIDC partner is renamed in Manager * [LEMONLDAP-1039] - Error not displayed correctly for notification browsing * [LEMONLDAP-1040] - Session browsing not working if _whatToTrace is missing * [LEMONLDAP-1041] - ldapAttributeId not used everywhere in _LDAPGKFAS * [LEMONLDAP-1035] - Manage Plack engines in FastCGI server * [LEMONLDAP-1042] - Some information are lost when renaming OIDC/SAML partner lemonldap-ng (1.9.3) stable; urgency=low * [LEMONLDAP-985] - authForce is not well called trough AuthMulti * [LEMONLDAP-997] - Circular dependency for liblemonldap-ng-handler-perl package * [LEMONLDAP-1003] - Replace Mouse by Moose if ModPerl::Registry is used with Perl 5.22 * [LEMONLDAP-1006] - Typo in Common/Apache/Session.pm on LDAP disconnect * [LEMONLDAP-1008] - Bad comment in lemonldap-ng.ini * [LEMONLDAP-1009] - Version shown in Manager is not the one of the main module * [LEMONLDAP-1010] - Problem with persistent sessions and MongoDB backend * [LEMONLDAP-1012] - AuthTwitter is not working anymore * [LEMONLDAP-1013] - AuthFacebook is not working anymore * [LEMONLDAP-1014] - Example values for LDAP backend configuration are wrong * [LEMONLDAP-1016] - Can't configure OpenID Connect RP Extra claims in lemonldap web manager * [LEMONLDAP-1018] - Slave authentication error (Can't locate object method "checkHeader") * [LEMONLDAP-1020] - Can't define SMTP server with port * [LEMONLDAP-1022] - The path of the request is lost when using the url parameter of a Choice module * [LEMONLDAP-1026] - lemonldap-ng-fastcgi-server is missing libfcgi-procmanager-perl as a dependency * [LEMONLDAP-1029] - Missing images in Debian packaging * [LEMONLDAP-1030] - Cannot start Manager with zero conf in LDAP backend * [LEMONLDAP-983] - Import encrypt in functions * [LEMONLDAP-1004] - Es, it, pt, ne and de translations * [LEMONLDAP-1011] - Option to allow a user to reset an expired password * [LEMONLDAP-1023] - Add documentation to nginx handler * [LEMONLDAP-1025] - provide additional GET parameters while redirecting to handler * [LEMONLDAP-1031] - Be less restrictive on service parameter check in CAS issuer lemonldap-ng (1.9.2) stable; urgency=low * [LEMONLDAP-985] - authForce is not well called trough AuthMulti * [LEMONLDAP-988] - CPAN Tests fails for Lemonldap-NG-Common * [LEMONLDAP-989] - CPAN Tests fails for Lemonldap-NG-Portal * [LEMONLDAP-991] - LDAP TCP connections is still not closed * [LEMONLDAP-992] - LL:NG use wrong variables with Multi auth * [LEMONLDAP-994] - Can't call method "add_output_filter" on an undefined value when I logout * [LEMONLDAP-995] - Encoding problem in menu categories and applications * [LEMONLDAP-996] - logout_app_sso URL rejected * [LEMONLDAP-1000] - Session errors with persistent sessions * [LEMONLDAP-1002] - Show sent headers in debug mode * [LEMONLDAP-986] - Propose packages for SLES 12 SP1 lemonldap-ng (1.9.1) stable; urgency=low * [LEMONLDAP-961] - PAUSE indexer report * [LEMONLDAP-962] - Applications logos and portal background not displayed in Manager * [LEMONLDAP-964] - Links to change * [LEMONLDAP-965] - Syntax checking on certificate must be more tolerant * [LEMONLDAP-968] - Headers corrupted when authenticating with HTTP basic authentication on a protected application * [LEMONLDAP-969] - /var/run is a tmpfs so FastCGI pid can't be written after reboot * [LEMONLDAP-972] - Missing test for exportedHeaders * [LEMONLDAP-974] - keyMsgFail are missing in Manager/Attributes.pm * [LEMONLDAP-976] - $ENV is replaced by $datas->{ENV} * [LEMONLDAP-978] - CPAN Tests fails for Lemonldap-NG-Common * [LEMONLDAP-980] - Error "password must be changed" when user not found in AD * [LEMONLDAP-984] - Allow to set replica for MongoDB configuration backend * [LEMONLDAP-973] - Activate maintenance mode if reval() fails * [LEMONLDAP-185] - Check configuration uploaded by lmConfigEditor lemonldap-ng (1.9.0) stable; urgency=low * [LEMONLDAP-176] - POST Handler feature does not work with mod_proxy * [LEMONLDAP-395] - LL::NG::Handler::CGI ignores some config parameters * [LEMONLDAP-729] - Handler Jail may be inconsistent with its attributes * [LEMONLDAP-759] - Cannot store Conf or Sessions in AD (was Storable appears to not work on 64-bit OS) * [LEMONLDAP-767] - future deprecated dependency * [LEMONLDAP-777] - Password fiedls in Manager * [LEMONLDAP-802] - Apache2::Connection remote_ip not supported in Apache 2.4 * [LEMONLDAP-825] - Error when session is not in backend but only in cookie * [LEMONLDAP-827] - Error encoding of passwords when using special characters in file lmconf. * [LEMONLDAP-828] - wrong Makefile target for translation * [LEMONLDAP-835] - Interface with unicode * [LEMONLDAP-840] - Auth-User HTTP Header appears even if no HTTP Headers defined on VHost * [LEMONLDAP-854] - Manager returns "Not authorized" with Apache 2.4 and fr-doc not installed * [LEMONLDAP-858] - Error 500 at Save (on virtualHost Rules), when the displayName of one Category Portal Menu contains accentuated Character * [LEMONLDAP-866] - Configuration deletion does not work * [LEMONLDAP-867] - 404 errors in documentation * [LEMONLDAP-870] - _lastSeen should be updated when a issuer module (ex: CAS) is called * [LEMONLDAP-872] - Omegat does not end * [LEMONLDAP-914] - Password expiration interception in Multi mode * [LEMONLDAP-922] - SAML Error on update session * [LEMONLDAP-923] - Error save conf SlaveMasterIp * [LEMONLDAP-948] - openid userinfo endpoints need Authorization header * [LEMONLDAP-954] - GLPI link is broken * [LEMONLDAP-955] - GRR link is broken * [LEMONLDAP-958] - Infinite redirection loop when redirected from Handler for an error (403/500/503) * [LEMONLDAP-428] - Ergonomic items * [LEMONLDAP-534] - splice not necessary to parse @_ in subroutines * [LEMONLDAP-633] - unify var substitution in locationRules and exportedHeaders * [LEMONLDAP-717] - Handler init management * [LEMONLDAP-733] - Form replay refactoring * [LEMONLDAP-776] - Use Bootstrap for Manager * [LEMONLDAP-787] - [UserDB][LDAP] Allow alias dereferencing in search * [LEMONLDAP-790] - Portal should not return HTML for AJAX requests * [LEMONLDAP-794] - Default values must be set before storing in local cache * [LEMONLDAP-795] - Propose JSON serialization in Apache::Session to be able to access to sessions with other languages * [LEMONLDAP-796] - Replace our own serializer by JSON in Conf/File.pm * [LEMONLDAP-798] - Avoid opening local cache when root * [LEMONLDAP-815] - Improve the cookie name regexp * [LEMONLDAP-821] - JSON File as new default configuration backend * [LEMONLDAP-824] - autocomplete=off does not prevent anymore password manager use * [LEMONLDAP-833] - Manager - Multi : display only the selected modules * [LEMONLDAP-865] - Check conditions in AuthSlave and UserDBSlave * [LEMONLDAP-877] - Replace Storable by JSON to be arch independent * [LEMONLDAP-908] - Replace own minifier by external * [LEMONLDAP-911] - Possibility to set a specific logo for a choice module * [LEMONLDAP-917] - Possibility to define finely sessions timeout activity * [LEMONLDAP-924] - Manager not checking regex before saving * [LEMONLDAP-930] - Scripts must have POD * [LEMONLDAP-946] - Set cfgAuthor to lmConfigEditor * [LEMONLDAP-24] - Browse configuration versions and apply them * [LEMONLDAP-183] - OAuth 2.0 / OpenID Connect authentication module * [LEMONLDAP-184] - OAuth 2.0 / OpenID Connect provider module * [LEMONLDAP-227] - VirtualHost Copy/paste functions in Manager * [LEMONLDAP-287] - Implement HTTP Strict Transport Security * [LEMONLDAP-495] - Persistent sessions Explorer * [LEMONLDAP-583] - Nginx handler * [LEMONLDAP-630] - Modularization of Handler code * [LEMONLDAP-770] - Configuration of portal background * [LEMONLDAP-773] - Implement CAS 3.0 Protocol (attributes exchange) * [LEMONLDAP-800] - MongoDB configuration and session backend * [LEMONLDAP-820] - New Manager interface with AngularJS * [LEMONLDAP-836] - Add Choice to included X509 certificate in Signature of SAML Messages, when LL::NG acts as IDP * [LEMONLDAP-915] - Portal message customization * [LEMONLDAP-925] - New Notification Explorer * [LEMONLDAP-935] - Capability to duplicate virtualhost * [LEMONLDAP-864] - SAML and manager translations(utf8) * [LEMONLDAP-859] - Perl-Digest-SHA is not listed at dependencies documentation * [LEMONLDAP-873] - Change screenshots in doc * [LEMONLDAP-891] - Remove "return to SP link" * [LEMONLDAP-909] - Push French translation into sources * [LEMONLDAP-932] - Packages for RHEL / CentOS * [LEMONLDAP-871] - Manager protection * [LEMONLDAP-874] - Add portal and logout links, add current version * [LEMONLDAP-878] - Button to download file * [LEMONLDAP-879] - Possibility to have a certificate instead of a public key * [LEMONLDAP-880] - Bug in Logs node * [LEMONLDAP-881] - Load metadata from file * [LEMONLDAP-882] - Problem with radio buttons in samlAttributeContainer component * [LEMONLDAP-883] - Bug with choices modules confguration * [LEMONLDAP-884] - Optional URL in AuthChoices module * [LEMONLDAP-885] - Unable to register OpenID Connect metadata * [LEMONLDAP-886] - favicon disappear when using configuration tab * [LEMONLDAP-888] - SAML attributes and other options not saved * [LEMONLDAP-889] - Saving an old configuration leads to "No such file or directory" * [LEMONLDAP-892] - Set OpenID Connect standard attributes in default values * [LEMONLDAP-893] - Unable to download configuration * [LEMONLDAP-894] - Get another default component for nodes * [LEMONLDAP-895] - Associated help is not displayed in SAML SP/IDP * [LEMONLDAP-896] - Labels for samlSP and samlSPName not displayed * [LEMONLDAP-897] - Handler Status does not work * [LEMONLDAP-898] - Handler Menu does not work * [LEMONLDAP-899] - Button to show/hide documentation panel * [LEMONLDAP-900] - Fill the domain when creating a new virtual host * [LEMONLDAP-901] - Propose default names for IDP/SP/OP/RP * [LEMONLDAP-902] - Replace javascript prompts by dialogs/modals * [LEMONLDAP-903] - ZeroConf * [LEMONLDAP-904] - Open IDP/SP node after its creation * [LEMONLDAP-905] - Login is displayed in errors * [LEMONLDAP-906] - Hide inaccessible modules in manager interface * [LEMONLDAP-907] - Deleting a menu entry isn't detected * [LEMONLDAP-913] - XS mode: menu never visible when tree is displayed * [LEMONLDAP-916] - missing semicolons in Makefile * [LEMONLDAP-919] - Choosing Multi module should not lock passwordDB configuration * [LEMONLDAP-920] - Clear cfgLog when using lmConfigEditor * [LEMONLDAP-921] - Implement lemonldap-ng-cli wth new configuration code * [LEMONLDAP-926] - Error is not displayed to user * [LEMONLDAP-927] - Use modal instead of alert * [LEMONLDAP-928] - Bad notification encoding * [LEMONLDAP-929] - Manage other portal CGIs * [LEMONLDAP-934] - LLNG status for Nginx * [LEMONLDAP-936] - Extra headers sent to protected applications * [LEMONLDAP-938] - Can't save conf due to bad custom function name * [LEMONLDAP-940] - Timout for reloadUrls * [LEMONLDAP-941] - Aliases not taken into account * [LEMONLDAP-942] - Session explorer not usable with Apache::Session::Browseable::MySQL * [LEMONLDAP-943] - Zimbra Handler * [LEMONLDAP-944] - Notifications - invalid date * [LEMONLDAP-945] - Auto-protected CGI not working * [LEMONLDAP-947] - Notifications cannot be purged for DBI and LDAP * [LEMONLDAP-949] - Handler PSGI should set LMREMOTE_USER * [LEMONLDAP-950] - spelling * [LEMONLDAP-952] - Errors not displayed in Notifications Explorer * [LEMONLDAP-953] - Notifications are mixed under the same letter * [LEMONLDAP-956] - Custom functions don't work with useSafeJail * [LEMONLDAP-957] - Replace $http.success() by .then() lemonldap-ng (1.4.11) stable; urgency=low * [LEMONLDAP-1068] - Error in logout request * [LEMONLDAP-1080] - Typo is URL matching for Auth OpenID * [LEMONLDAP-1092] - Net::LDAP does not have an uri method in el5 * [LEMONLDAP-1001] - Possibility to configure the update interval used for timeout activity * [LEMONLDAP-1052] - Use Lasso 'thin-sessions' * [LEMONLDAP-1083] - Create an option to not store SAML/OIDC tokens in session * [LEMONLDAP-1084] - Disable SAML SLO request when LL::NG configured as SP and IDP does not support SLO lemonldap-ng (1.4.10) stable; urgency=low * [LEMONLDAP-985] - authForce is not well called trough AuthMulti * [LEMONLDAP-1034] - Missing dependencies in documentation * [LEMONLDAP-1047] - SAML SLO from IDP does not work when SP is LL::NG * [LEMONLDAP-1050] - signing in to chrome devices via sso is broken * [LEMONLDAP-1059] - Portal disconnection warning * [LEMONLDAP-1057] - Change displayed message when sending confirmation mail after password reset lemonldap-ng (1.4.9) stable; urgency=low * [LEMONLDAP-1003] - Replace Mouse by Moose if ModPerl::Registry is used with Perl 5.22 * [LEMONLDAP-1006] - Typo in Common/Apache/Session.pm on LDAP disconnect * [LEMONLDAP-1022] - The path of the request is lost when using the url parameter of a Choice module * [LEMONLDAP-1027] - Can't locate object method "client_ip" via package "Apache2::Connection" * [LEMONLDAP-1004] - Es, it, pt, ne and de translations * [LEMONLDAP-1031] - Be less restrictive on service parameter check in CAS issuer lemonldap-ng (1.4.8) stable; urgency=low * [LEMONLDAP-985] - authForce is not well called trough AuthMulti * [LEMONLDAP-991] - LDAP TCP connections is still not closed * [LEMONLDAP-992] - LL:NG use wrong variables with Multi auth * [LEMONLDAP-1000] - Session errors with persistent sessions * [LEMONLDAP-986] - Propose packages for SLES 12 SP1 lemonldap-ng (1.4.7) stable; urgency=low * [LEMONLDAP-802] - Apache2::Connection remote_ip not supported in Apache 2.4 * [LEMONLDAP-842] - manager configuration tree does not display correctly * [LEMONLDAP-866] - Configuration deletion does not work * [LEMONLDAP-958] - Infinite redirection loop when redirected from Handler for an error (403/500/503) * [LEMONLDAP-964] - Links to change * [LEMONLDAP-968] - Headers corrupted when authenticating with HTTP basic authentication on a protected application * [LEMONLDAP-976] - $ENV is replaced by $datas->{ENV} * [LEMONLDAP-980] - Error "password must be changed" when user not found in AD lemonldap-ng (1.4.6) stable; urgency=low * [LEMONLDAP-705] - SAML with Signature Method rsa-sha256 * [LEMONLDAP-715] - Multi with # in the module name: error while calling authLogout * [LEMONLDAP-720] - Error with CPAN tests * [LEMONLDAP-823] - duplicated groups when recursive groups enabled * [LEMONLDAP-841] - Error in extract_lang with a value with * * [LEMONLDAP-843] - localStorage replaced by localSessionStorage * [LEMONLDAP-845] - Session activity not updated * [LEMONLDAP-846] - Session cache not purged * [LEMONLDAP-848] - Do not call 'perl' directly (see RT#107205) * [LEMONLDAP-849] - Syntax checking on domain name is too restrictive * [LEMONLDAP-850] - SOAP data not well formatted * [LEMONLDAP-768] - Fixed with for application boxes in menu in bootstrap skin * [LEMONLDAP-771] - Adapt foot size in mobile mode for Bootstrap skin * [LEMONLDAP-822] - checking pwdLastSet in AD is not sufficient * [LEMONLDAP-781] - Lasso package * [LEMONLDAP-785] - Display password expiration management with Active Directory * [LEMONLDAP-792] - Support for multivaluated attributes in LDAP for groups lemonldap-ng (1.4.5) stable; urgency=low * [LEMONLDAP-816] - Wrong definition of getAttributes in Portal WSDL * [LEMONLDAP-817] - Wrong parameter order for error SOAP operation in Portal WSDL * [LEMONLDAP-818] - Skin rules on mail reset and register page lemonldap-ng (1.4.4) stable; urgency=low * [LEMONLDAP-763] - purgeCentralCache sometimes hangs * [LEMONLDAP-783] - Test error with SOAP::Lite 1.12 * [LEMONLDAP-784] - reset password in AD not working * [LEMONLDAP-788] - Captcha not working using multiple backends... * [LEMONLDAP-793] - Common/Conf/File must return an error if file can't be opened * [LEMONLDAP-801] - Multi and Kerberos does not work with a positive LocationMatch * [LEMONLDAP-805] - Update session failure on high load if idle timeout is configured * [LEMONLDAP-806] - ErrorDocument conflicts with CentOS's default apache vhost * [LEMONLDAP-799] - parameter notOnOrAfter should be computed against SAML message emission date * [LEMONLDAP-807] - End of OpenID 2.0 support for Google on April 20, 2015 lemonldap-ng (1.4.3) stable; urgency=low * [LEMONLDAP-775] - Cas Service Ticket should be used only once * [LEMONLDAP-772] - Collapse menu on click in mobile mode in Bootstrap skin * [LEMONLDAP-774] - Use portal bootstrap theme for test pages * [LEMONLDAP-765] - Provide packages for CentOS 7 * [LEMONLDAP-780] - Remove old captcha dirs lemonldap-ng (1.4.2) stable; urgency=low * [LEMONLDAP-740] - TCP connections never closed on LDAP * [LEMONLDAP-743] - Password reset doesn't work with Apache::Session::MySQL::NoLock * [LEMONLDAP-745] - notifyDeleted ignored with the new bootstrap theme * [LEMONLDAP-747] - Apache::Session::Postgres.pm * [LEMONLDAP-750] - Exported variable name vs LDAP attr name * [LEMONLDAP-751] - Login page on Bootstrap thème * [LEMONLDAP-752] - Portal URL is treated as Bad URL * [LEMONLDAP-753] - OpenID provider broken * [LEMONLDAP-754] - Error when configuring captcha trough Manager * [LEMONLDAP-758] - SAML metadata are not valid (NameIDFormat not in the rigth place) * [LEMONLDAP-761] - SOAP cannot be used with DBI backend * [LEMONLDAP-762] - Don't call data() on unavailable session * [LEMONLDAP-746] - Doc: update id size for DBI sessions backend * [LEMONLDAP-748] - Possibility to start with empty configuration masks errors loading conf backend * [LEMONLDAP-749] - AuthBasic doesn't support HTTPS with self-signed certificate * [LEMONLDAP-755] - check aliases when computing vhost rules on portal * [LEMONLDAP-760] - Apache2.4-style syntax lemonldap-ng (1.4.1) stable; urgency=low * [LEMONLDAP-719] - AuthBasic handler doesn't check password when using AuthMulti (SSL;LDAP) * [LEMONLDAP-721] - Portal cipher object unavailable with useLocalConf = 1 * [LEMONLDAP-722] - Error on session explorer and notification explorer on CentOS * [LEMONLDAP-723] - Error 500 on portal when mpm worker enabled on RHEL6.5 * [LEMONLDAP-725] - [Password reset] Reset pwd with pwdReset cause empty $groups * [LEMONLDAP-727] - /status page not working since upgrade * [LEMONLDAP-728] - Skirt header cleaning with unprotect * [LEMONLDAP-730] - lmConfigEditor do not save conf with ldap backend * [LEMONLDAP-731] - convertConfig fail to migrate conf to LDAP from File * [LEMONLDAP-732] - Soap communication broken since upgrade * [LEMONLDAP-734] - lemonldap-ng-cli not working with LDAP conf backend * [LEMONLDAP-735] - IssuerDB modules do not work with Kerberos failback login script * [LEMONLDAP-736] - Do not force default value in SMTPServer * [LEMONLDAP-739] - dpkg error while installing fresh LemonLDAP::NG 1.4.0 on wheezy * [LEMONLDAP-738] - Add a portal button on the Manager * [LEMONLDAP-741] - Store errors in Common session module to display them in logs * [LEMONLDAP-742] - Do not make lock calls when session found in cache * [LEMONLDAP-737] - Possibilty to configure NotOnOrAfter and SessionNotOnOrAfter attributes in SAML messages lemonldap-ng (1.4.0) stable; urgency=low * [LEMONLDAP-663] - Connections to auth backends not closed on errors * [LEMONLDAP-664] - Connections to LDAP not closed with the Multi plugin * [LEMONLDAP-670] - Bootstrap theme * [LEMONLDAP-693] - loginHistory and Session Explorer : Error * [LEMONLDAP-694] - Duplicate entry '1-globalStorage' for key 'PRIMARY' when using RDBI configuration * [LEMONLDAP-695] - Vulnerability on the size of session identifiers. * [LEMONLDAP-698] - error at reading last config number with RDBI config storage * [LEMONLDAP-699] - MySQL config storage lock does not work * [LEMONLDAP-700] - Unable to handle SAML session * [LEMONLDAP-701] - missing debian dependency to Mouse * [LEMONLDAP-704] - Unable to change password with Active Directory backend * [LEMONLDAP-708] - Memory leak in portal when notifications are enabled * [LEMONLDAP-709] - The cipher decrypt method breaks carriage returns * [LEMONLDAP-710] - sessionDatas not reinitialized from request to request in a thread * [LEMONLDAP-711] - Read a session in remote session backend causes an update request * [LEMONLDAP-712] - strange behaviour with session cache * [LEMONLDAP-386] - use LL::NG::Handler instead of custom perl module in apache config * [LEMONLDAP-430] - httpSession and updateSession + deleteSessionFromLocalStorage optimization * [LEMONLDAP-591] - Portal should refresh their configuration cache on expiration * [LEMONLDAP-600] - Rewrite object libs with Moo or Mouse * [LEMONLDAP-636] - Manage exported variables per UserDB module * [LEMONLDAP-648] - Build French documentation in Makefile * [LEMONLDAP-657] - [SAML] NameID format customizable per SP * [LEMONLDAP-658] - Portal keepalive should be desactivable and configurable * [LEMONLDAP-671] - Cache management for configuration and sessions * [LEMONLDAP-675] - Password should not be send trough email * [LEMONLDAP-681] - Add option in SP configuration to specify which query_string method to use. * [LEMONLDAP-683] - Externalize all JS code and use make tidy-js * [LEMONLDAP-686] - Centralize default configuration values * [LEMONLDAP-702] - Possibility to start with empty configuration * [LEMONLDAP-703] - Do not use files for Captcha * [LEMONLDAP-26] - Auto-register page * [LEMONLDAP-208] - Build SAML IDP SSO initiated URL on IDP side for registered SP * [LEMONLDAP-629] - Handler with mpm_event lemonldap-ng (1.3.3) stable; urgency=low * [LEMONLDAP-665] - level parameter not used in userLog with syslog * [LEMONLDAP-684] - syslog: invalid level/facility: warn * [LEMONLDAP-685] - /var/lib/lemonldap-ng/psessions is not created on rpm based install * [LEMONLDAP-687] - 404 error : jquery-1.10.2.min.map is not found * [LEMONLDAP-688] - lemonldap-cli-ng apps-set-* and vhost-del not working properly * [LEMONLDAP-690] - Cannot register more than on POST URL in Manager * [LEMONLDAP-692] - lemonldap-ng-cli config encoding * [LEMONLDAP-689] - Remove compressed js file from Debian distribution * [LEMONLDAP-691] - Manage apache configuration during install lemonldap-ng (1.3.2) stable; urgency=low * [LEMONLDAP-655] - Password change not working for DBI password backend with option "require old password" enabled * [LEMONLDAP-656] - UserDB Multi does not accept any module * [LEMONLDAP-660] - Missing PID in syslog messages * [LEMONLDAP-661] - lemonldap ng dependancy not installed for debian wheezy * [LEMONLDAP-662] - lemonldap ng psession directory not created in package * [LEMONLDAP-665] - level parameter not used in userLog with syslog * [LEMONLDAP-666] - Lemonldap NG (1.2.5) Control XSS problem with logonid have apostrophe * [LEMONLDAP-669] - [LDAP] Authentication process stopped if a user must change its password and expiration warning is displayed * [LEMONLDAP-674] - Remove Facebook script in offline doc * [LEMONLDAP-676] - Privacy break * [LEMONLDAP-677] - Signature Problem using ADFS as SP * [LEMONLDAP-679] - Javascript error in Manager when loading a metadata from URL * [LEMONLDAP-680] - CDA does not work for http with "double cookie for single session" * [LEMONLDAP-682] - Permissions for lemonldap-ng-cli * [LEMONLDAP-647] - Hide message div if no message to display * [LEMONLDAP-650] - logout tab in menu should display by default only if no other tab is present * [LEMONLDAP-654] - DBI authentication not working with Unix passwords in DB * [LEMONLDAP-659] - The user input field in password.tpl should be readonly or hidden * [LEMONLDAP-668] - Performance improvement with DNS cache * [LEMONLDAP-649] - Total rewrite of lemonldap-ng-cli tool * [LEMONLDAP-678] - Provide non minified versions of javascript libraries lemonldap-ng (1.3.1) stable; urgency=low * [LEMONLDAP-635] - Extra tests fails on new install * [LEMONLDAP-637] - Missing XML::Simple dependency in Manager CPAN package * [LEMONLDAP-638] - Lemonldap::NG::Manager::Cli requires perl(feature), which is not available in EL5 * [LEMONLDAP-639] - portal/captcha_output directory has 777 permissions * [LEMONLDAP-640] - /var/lib/lemonldap-ng/captcha is not created when installed from RPM * [LEMONLDAP-642] - Captcha directories not installed with DEB packages * [LEMONLDAP-644] - Captcha required in MailReset when asking to resend confirmation mail * [LEMONLDAP-645] - Captcha not displayed in AuthChoice with form based modules * [LEMONLDAP-646] - Manager broken for MSIE-8 * [LEMONLDAP-641] - [SAML] Possibility to use IDP Name instead of IDP entityID in URL for IDP selection * [LEMONLDAP-643] - Launch initCaptcha only when needed lemonldap-ng (1.3.0) stable; urgency=low * [LEMONLDAP-471] - Incompatibility with Config::IniFiles 2.72 * [LEMONLDAP-499] - purgeLocalCache does not work * [LEMONLDAP-513] - AD password field for userModifyPassword is not userPassword but unicodePwd and must be quoted and unicoded * [LEMONLDAP-520] - Manager requires custom functions to be run with arguments * [LEMONLDAP-590] - Memory Leak in Lemonldap::NG::Common::Conf * [LEMONLDAP-592] - Encoding problems in POD * [LEMONLDAP-593] - Auth Multi getDisplayType error when using # in Multi line configuration * [LEMONLDAP-599] - Missing some dependencies with Debian packaging * [LEMONLDAP-603] - Portal's display broken with MS IE 8 * [LEMONLDAP-605] - skin rules are not applied on mail reset page * [LEMONLDAP-611] - Build failure on EL5 * [LEMONLDAP-614] - Configuration is broken when adding a form replay node without post data * [LEMONLDAP-616] - logout_sso do not stop on the "you are disconnected" page * [LEMONLDAP-618] - Lasso error with AuthChoice * [LEMONLDAP-625] - remote_ip() not available with some mod_perl and may not be required for LLNG * [LEMONLDAP-626] - Manager's display broken with Internet Explorer 8 * [LEMONLDAP-627] - Sessions explorer broken with Browseable backends * [LEMONLDAP-634] - Wrong rights on notifications dir in Debian * [LEMONLDAP-241] - Test for cryptographic functions * [LEMONLDAP-366] - [Notifications] Move Notifications code from Portal to Common * [LEMONLDAP-412] - Passwrd policy expiration warning time not friendly displayed * [LEMONLDAP-493] - Make LL::NG's rpm spec file more portable * [LEMONLDAP-500] - do not burden config in memory with useless things * [LEMONLDAP-524] - minimize weight of relaystate in SAML session backend * [LEMONLDAP-559] - Refine useXForwardedForIP option by setting trusted proxies * [LEMONLDAP-585] - Split SSO sessions and persistent sessions at installation * [LEMONLDAP-586] - Allow mail reset to be tested with Demo backend * [LEMONLDAP-589] - Debug info always printed in Lemonldap::NG::Common::Conf::LDAP * [LEMONLDAP-594] - Remove debian repository from distribution * [LEMONLDAP-596] - compute macros and local groups in a certain order * [LEMONLDAP-607] - Die and add error information if LDAP server is not reachable * [LEMONLDAP-619] - Add AuthFacebook module * [LEMONLDAP-620] - Centralize LWP::UserAgent in one file * [LEMONLDAP-628] - Optimization of configuration reload in Portal * [LEMONLDAP-61] - FastCGI portal * [LEMONLDAP-217] - Captcha in portal * [LEMONLDAP-291] - Support secondary Apache authentication in a "choice" authentication configuration * [LEMONLDAP-409] - Specific AD authentication module * [LEMONLDAP-457] - [Notifications] LDAP backend to store notifications * [LEMONLDAP-503] - vhost aliases * [LEMONLDAP-558] - Vhost alias * [LEMONLDAP-584] - BrowserID authentication module * [LEMONLDAP-588] - Include lemonldap-ng-cli * [LEMONLDAP-604] - Upgrade jQuery and jQuery UI built-in dependencies * [LEMONLDAP-612] - Hide password in logs when password is stored in session * [LEMONLDAP-613] - Log applied rule in debug mode * [LEMONLDAP-615] - Add AuthGoogle module * [LEMONLDAP-617] - [SAML] Allow to skip the IDP selection * [LEMONLDAP-621] - Config storage in JSON file * [LEMONLDAP-623] - WebID authentication and user DB modules * [LEMONLDAP-632] - Rename liblemonldap-ng-conf-perl to lemonldap-ng-common-perl * [LEMONLDAP-631] - Minimize jQuery-UI lemonldap-ng (1.2.5) stable; urgency=low * [LEMONLDAP-532] - SOAP not working with SSL * [LEMONLDAP-597] - Wrong evaluation of $ENV{REMOTE_ADDR} in Auth::Multi when safe jail is enabled * [LEMONLDAP-599] - Missing some dependencies with Debian packaging * [LEMONLDAP-603] - Portal's display broken with MS IE 8 * [LEMONLDAP-605] - skin rules are not applied on mail reset page * [LEMONLDAP-608] - Could not configure different config file in Portal thru SharedConf * [LEMONLDAP-609] - case insensitive comparison in vhost * [LEMONLDAP-596] - compute macros and local groups in a certain order * [LEMONLDAP-598] - Sessions Explorer should use the browseable indexes * [LEMONLDAP-607] - Die and add error information if LDAP server is not reachable lemonldap-ng (1.2.4) stable; urgency=low * [LEMONLDAP-590] - Memory Leak in Lemonldap::NG::Common::Conf * [LEMONLDAP-592] - Encoding problems in POD * [LEMONLDAP-593] - Auth Multi getDisplayType error when using # in Multi line configuration * [LEMONLDAP-589] - Debug info always printed in Lemonldap::NG::Common::Conf::LDAP * [LEMONLDAP-594] - Remove debian repository from distribution lemonldap-ng (1.2.3) stable; urgency=low * [LEMONLDAP-316] - Accentued letters in application list raise an error when configuration is stored in LDAP * [LEMONLDAP-536] - Password reset by mail do not work with DBI backend * [LEMONLDAP-537] - Web service deleteNotification do not work with DBI backend * [LEMONLDAP-538] - Bad log level in _DBI.pm * [LEMONLDAP-539] - Add SOAP::Lite dependency for Handler CPAN module * [LEMONLDAP-543] - LL:NG::Handler::AuthBasic fails to manage persistent connections * [LEMONLDAP-544] - Bad indexes in Browseable doc * [LEMONLDAP-545] - "none" target does not work in Handler/CGI.pm * [LEMONLDAP-548] - Error when displaying password policy messages (grace or expiration) * [LEMONLDAP-550] - Cannot use Target Url in Form Replay * [LEMONLDAP-551] - Invalid GET Request after Form Replay * [LEMONLDAP-552] - Error on configuration save if no reloadUrls defined * [LEMONLDAP-553] - SOAP Error: id is required at /usr/share/perl5/Lemonldap/NG/Portal/_SOAP.pm line 165 * [LEMONLDAP-555] - Rules field stay in readonly with JQuery 1.7.2 * [LEMONLDAP-556] - Cookie sent to untrusted domain with CDA * [LEMONLDAP-557] - Get Key From All Sessions in File backend can fail on corrupted sessions * [LEMONLDAP-561] - SAML transient NameID does not work * [LEMONLDAP-562] - CAS Authn + SAML IDP: authLogout error * [LEMONLDAP-570] - SAML messages signatures are not verified - SECURITY ISSUE * [LEMONLDAP-574] - Local cache purge script does not work * [LEMONLDAP-579] - missing dir in handler debian package * [LEMONLDAP-580] - Mail subject is not correctly encoded * [LEMONLDAP-412] - Passwrd policy expiration warning time not friendly displayed * [LEMONLDAP-512] - free size for cipher key * [LEMONLDAP-554] - Some improvements on lmConfigEditor * [LEMONLDAP-559] - Refine useXForwardedForIP option by setting trusted proxies * [LEMONLDAP-563] - CAS Authn + SAML IDP: Passing request parameters to redirect * [LEMONLDAP-566] - Allow to sort categories in the application list * [LEMONLDAP-568] - Split Test and Handler Apache configuration * [LEMONLDAP-569] - Fix application div height in application list * [LEMONLDAP-572] - Add X-Forwarded-For Header in SOAP request sent by LL::NG::Handler::AuthBasic * [LEMONLDAP-573] - Do not send void HTTP headers * [LEMONLDAP-576] - Hide post form when using Form Replay * [LEMONLDAP-577] - Display "Password changed" in Menu * [LEMONLDAP-549] - Display LL::NG version in Manager * [LEMONLDAP-560] - logging SAML authn response * [LEMONLDAP-578] - Rules to display a skin depending on called URL or IP address * [LEMONLDAP-535] - Force the ip adress when calling the webservice urn:/Lemonldap::NG::Common::CGI::SOAPService * [LEMONLDAP-546] - Form replay: POST request is not sent * [LEMONLDAP-541] - Handler SOAP errors : setAttributes is not an authorizated function * [LEMONLDAP-547] - Update Browseable documentation in case of SAML in use * [LEMONLDAP-565] - Update META.yml files * [LEMONLDAP-581] - Clean Perl dependencies * [LEMONLDAP-582] - Update .pm copyrights lemonldap-ng (1.2.2) stable; urgency=low * [LEMONLDAP-436] - LDAP Search error when authenticating and identifying on two LDAP (AD) with Multi modules * [LEMONLDAP-490] - bad error log when user sends wrong login * [LEMONLDAP-497] - CDA not working * [LEMONLDAP-498] - DBI config storage does not use transactions * [LEMONLDAP-506] - When working with 2 LDAP in Multi Mode, LDAP connexion not reinitialized on second LDAP if user not found in first LDAP * [LEMONLDAP-509] - regex for ldapServer on storing in Manager is too string/wrong * [LEMONLDAP-510] - javascript: $('...').attr('checked')==true never neems to evaluate to TRUE * [LEMONLDAP-515] - Parameter portalRequireOldPassword not checked in DBI * [LEMONLDAP-516] - date popup in notification manager * [LEMONLDAP-517] - typo in cookie name in portal WSDL * [LEMONLDAP-518] - SAML session purge * [LEMONLDAP-519] - SOAP webservice getCookies() should work with Auth Multi * [LEMONLDAP-522] - Cross-domain authentication and http cookies * [LEMONLDAP-523] - RelayState is not sent in SAML logout requests by POST method * [LEMONLDAP-527] - Error with CDA when redirecting to other domain with lemon cookie as a get parameter * [LEMONLDAP-528] - With CDA, even if service url is https, cookie secure flag is not set for the second domain * [LEMONLDAP-529] - getDisplayType not well called in Multi backend * [LEMONLDAP-530] - on androïd device, accept language misunderstood * [LEMONLDAP-491] - Don't import all functions of POSIX * [LEMONLDAP-494] - Lemonldap::NG::Portal::_DBI::hash_password and wrong log type * [LEMONLDAP-501] - All sessions browsed at SAML authentication * [LEMONLDAP-505] - Make portal W3C compliant for html validation * [LEMONLDAP-507] - It's better to "warn" the user when we create a fake jail * [LEMONLDAP-508] - Add armel architecture for debian repository * [LEMONLDAP-514] - Enable notifications by default * [LEMONLDAP-521] - arguments of custom functions * [LEMONLDAP-249] - Manage apply key with the manager * [LEMONLDAP-511] - A new SOAP webservice for deleting notifications * [LEMONLDAP-504] - CLONE - Verify that oldPassword is not empty lemonldap-ng (1.2.1) stable; urgency=low * [LEMONLDAP-479] - LDAP groups are not stored in the session anymore * [LEMONLDAP-481] - option --latest doesn't work in script convertConfig * [LEMONLDAP-486] - X Forwarded For option is not used in login history * [LEMONLDAP-487] - lmMigrateConfFiles2ini do not support continuation lines in ini file * [LEMONLDAP-488] - Quote not escaped when converting old application list XML file * [LEMONLDAP-484] - Use CSS3 standard attribute for shadow and rounded corners * [LEMONLDAP-485] - Template inclusion error when sending an HTML mail * [LEMONLDAP-483] - Remove all defined() on @array or %hash of LL::NG code lemonldap-ng (1.2.0) stable; urgency=low * [LEMONLDAP-251] - Error on form based UserDB modules afeter an non formed based Auth module display the form * [LEMONLDAP-320] - Unprotect rule does not delete headers * [LEMONLDAP-367] - Debian package on a fresh install still need upgrade procedure * [LEMONLDAP-368] - user root can't have lmConfigEditor running because of wrong file permissions * [LEMONLDAP-369] - perl error reported in logs when HTTP header "Accept-Language" not defined * [LEMONLDAP-370] - behaviour of tree menu in manager * [LEMONLDAP-371] - custom function declaration doesn't work through management UI * [LEMONLDAP-373] - Field values lost in manager * [LEMONLDAP-375] - empty query string in redirect url * [LEMONLDAP-376] - wrong authentication mode stored in session with authMulti when SSLRequire set to 0 * [LEMONLDAP-380] - Mail reset session not destroyed when password is changed * [LEMONLDAP-384] - When force password reset form is incomplete, user is redirected to main authentication screen * [LEMONLDAP-390] - Saml Attribute form not reset in Manager * [LEMONLDAP-391] - [Choice] No choice should return PE_FIRSTACCESS and not PE_FORMEMPTY * [LEMONLDAP-392] - Bad URL error when connected to the menu display the login form instead of the menu * [LEMONLDAP-393] - Can't create samlIDPMetaDataExportedAttributes or samlSPMetaDataExportedAttributes * [LEMONLDAP-394] - RelayState is sometimes not transferred by SAML IdP * [LEMONLDAP-397] - [SAML] server error when SOAP SLO request is sent by IDP, and SOAP access is not possible on SP * [LEMONLDAP-399] - invalid syntax of wsdl made by buildPortalWSDL * [LEMONLDAP-401] - SOAP method getMenuApplications lock the session * [LEMONLDAP-405] - No redirect with impact skin * [LEMONLDAP-407] - Missing dependency Crypt::OpenSSL::Bignum * [LEMONLDAP-410] - Manager should reject vhost value like test.example.com:8080 * [LEMONLDAP-411] - LDAP change password as user and extended modify password change are not working * [LEMONLDAP-418] - Typo bug in Debian control file * [LEMONLDAP-420] - Unable to access to http virtualhosts * [LEMONLDAP-425] - Error code: 200, SyntaxError: JSON.parse in Manager * [LEMONLDAP-426] - Unused perl-Apache-AuthNetLDAP dependency in spec file * [LEMONLDAP-427] - _deleteSessionFromLocalStorage should exit directly if no $id given * [LEMONLDAP-429] - links to css and js in html broken if portal url is not a root url * [LEMONLDAP-437] - SAML: redirect binding not working * [LEMONLDAP-441] - Manager do not display a correct error when configuration store fails * [LEMONLDAP-445] - Portal personalized messages are UTF8 doubled encoded * [LEMONLDAP-446] - Server error when a password mail reset session is unavailable and the token is passed to mail.pl * [LEMONLDAP-447] - Bad identifier in grantSession logs * [LEMONLDAP-448] - defined(%hash) is deprecated * [LEMONLDAP-450] - SAML Authn not working with binding HTTP Redirect * [LEMONLDAP-454] - Replace $ip with client IP in forging HTTP headers doesn't work * [LEMONLDAP-455] - Notification error because text is not valid UTF-8 * [LEMONLDAP-464] - LL::NG::Handler::AuthBasic displays login / password in error log * [LEMONLDAP-465] - Error messages with portal SOAP services * [LEMONLDAP-466] - SAML logout not working with js redirection * [LEMONLDAP-467] - SAML redirection seen as CDA requests * [LEMONLDAP-469] - No CAS authentication with CDA enabled * [LEMONLDAP-470] - Zimbra PreAuth Handler syntax error * [LEMONLDAP-472] - Debian package not signed * [LEMONLDAP-473] - SOAP items * [LEMONLDAP-478] - CAS Issuer do not work with CAS v1 * [LEMONLDAP-276] - Parameters to specify sub directories for portal and manager URL * [LEMONLDAP-377] - Add error cases in mail reset by mail management * [LEMONLDAP-382] - Move session update on password change in the main modifyPassword method * [LEMONLDAP-383] - Update local cache when session is updated * [LEMONLDAP-387] - prompt custom messages when ungrant session * [LEMONLDAP-398] - Old value 'ldap' for authentication is not accepted in Manager * [LEMONLDAP-400] - Reload SAML server cache on new configuration * [LEMONLDAP-403] - Alphabetical order in authentication modules select * [LEMONLDAP-404] - Check only path in the URI instead of full URL to match an IssuerDB action path * [LEMONLDAP-408] - Allow CAS to be on other urls than /cas * [LEMONLDAP-421] - Double cookie but single session * [LEMONLDAP-422] - Telling the authenticated user that he will be redirected * [LEMONLDAP-432] - Check conditions in AuthSlave and UserDBSlave * [LEMONLDAP-438] - User is not informed of SAML single logout success * [LEMONLDAP-453] - Add authentication mode in auth log * [LEMONLDAP-458] - Force FollowSymLinks option in Apache configuration * [LEMONLDAP-468] - optimize default structure of notifications table and requests * [LEMONLDAP-474] - textarea instead of text input * [LEMONLDAP-475] - Text items for session display * [LEMONLDAP-476] - Allow execution of portal's and manager's CGI in shell * [LEMONLDAP-236] - SSO with public/auth Website * [LEMONLDAP-249] - Manage apply key with the manager * [LEMONLDAP-342] - Create a "maintenance" rule target to disallow an application * [LEMONLDAP-378] - Display confirmation mail creation date and expiration date in mail reset screens * [LEMONLDAP-379] - Use session attributes in templates * [LEMONLDAP-385] - Option to send a mail when the password is changed * [LEMONLDAP-389] - store and display login history * [LEMONLDAP-396] - Radius authentication module * [LEMONLDAP-416] - Create Auth/UserDB/PasswordDB Demo * [LEMONLDAP-417] - Apache Fitler to add application panel on protected pages * [LEMONLDAP-424] - keyword 'skip' in access rules, to skip access control * [LEMONLDAP-442] - Keep only current version documentation offline * [LEMONLDAP-443] - Option to bypass XSS checks on fields or URL * [LEMONLDAP-449] - Possibility to set custom template parameters * [LEMONLDAP-456] - Allow to set false value of a customized error message to test it in a template * [LEMONLDAP-459] - Translate cookie domain in internat proxy (lmProxy) * [LEMONLDAP-477] - Refuse authentication if 2 entries match the authentication filter * [LEMONLDAP-406] - missing dependency on a basic portal installation * [LEMONLDAP-413] - Verify that oldPassword is not empty * [LEMONLDAP-435] - Move contribs modules to github * [LEMONLDAP-444] - Reorganize files in SVN repository lemonldap-ng (1.1.2) stable; urgency=low * [LEMONLDAP-355] - The "basic($uid,$_password)" extended function makes an error 500 in Apache * [LEMONLDAP-356] - Wrong language when user has already a session and gets redirected * [LEMONLDAP-357] - CPAN tester report: missing dependency for SecureToken Handler * [LEMONLDAP-358] - [SecureToken] Check if cached connection is alive before using it * [LEMONLDAP-359] - [SecureToken] Add an option to raise error if token could not be generated * [LEMONLDAP-360] - Fix Debian dependencies * [LEMONLDAP-361] - [CAS Issuer] check authorization on CAS service * [LEMONLDAP-362] - Portal grant function returns -1 on undefined vhost. It should return 0. * [LEMONLDAP-363] - Lasso Debian dependency need to be updated * [LEMONLDAP-364] - Configure httpOnly option in Manager * [LEMONLDAP-365] - Log sent headers in debug mode lemonldap-ng (1.1.1) stable; urgency=low * [LEMONLDAP-350] - remote SOAP handlers errors on reload * [LEMONLDAP-351] - Cannot get LDAP groups for DN with '\' into it * [LEMONLDAP-352] - Notifications needs to be accepted twice * [LEMONLDAP-353] - Configure notification filename value separator lemonldap-ng (1.1.0) stable; urgency=low * [LEMONLDAP-303] - Form replay filter is not compatible with recent Safe module version * [LEMONLDAP-314] - [Password Reset] Manage special characters in mail subject * [LEMONLDAP-315] - No error is displayed if configuration is not stored * [LEMONLDAP-317] - Errors "setKeyToH... is not a reference" are not errors but debug information * [LEMONLDAP-318] - Do not toggle opacity between tabs * [LEMONLDAP-319] - Custom functions and SafeLib ignored if Safe jail is disabled * [LEMONLDAP-322] - notificationStorageOptions parameter is ignored * [LEMONLDAP-323] - Undefined subroutine Lemonldap::NG::Portal::SharedConf::newNotification * [LEMONLDAP-324] - SAML IDP does no with Google Apps and Lasso 2.3.5 * [LEMONLDAP-325] - Persistent sessions are deleted by portal cron job * [LEMONLDAP-327] - Notifications retrieved from DBI backend are reencoded in UTF8 * [LEMONLDAP-329] - Error " Day '00' out of range 1..31" with DBI notifications getDone subroutine * [LEMONLDAP-330] - Syntax check on managerDn is too restrictive * [LEMONLDAP-331] - Reference is not decoded in File notification backend, in function getAll * [LEMONLDAP-333] - Password policy reset password is not possible if password tab is not allowed * [LEMONLDAP-334] - Some LDAP directories do not return password policy control when bind failed * [LEMONLDAP-335] - MIME subject encoding does not work with every mailer * [LEMONLDAP-337] - Target URL is lost in password policy reset workflow * [LEMONLDAP-338] - Handler::Proxy raise error with POST request without content-length * [LEMONLDAP-344] - purgeCentralCache abort if session cannot be deleted * [LEMONLDAP-15] - Reload configuration tree after configuration save in Manager * [LEMONLDAP-203] - Persistent Storage configuration * [LEMONLDAP-222] - Replace old slavePortal.pl example by AuthSlave+UserDBSlave * [LEMONLDAP-238] - Comment in AuthChoice keys * [LEMONLDAP-295] - Add an option to support old application list objects in Menu * [LEMONLDAP-332] - Configure mailSessionKey in Manager * [LEMONLDAP-336] - Create an option to touch the pwdReset attribute if the password was generated on reset form * [LEMONLDAP-339] - Create a category in Sessions explorer for notifications done * [LEMONLDAP-340] - Store URL origin in session * [LEMONLDAP-349] - Specific error message when password form is empty in mail reset workflow * [LEMONLDAP-288] - Secure Token Handler * [LEMONLDAP-296] - Yubikey authentication module * [LEMONLDAP-299] - Default notification for all users * [LEMONLDAP-300] - [Password Reset] Allow other fields than email * [LEMONLDAP-301] - [Password Reset] Allow to resend a confirmation mail * [LEMONLDAP-302] - [Password Reset] Allow to change the password on the portal * [LEMONLDAP-306] - Add a customheader.tpl and customfooter.tpl in skins * [LEMONLDAP-308] - Remeber user password when password reset is required by LDAP server * [LEMONLDAP-309] - [Password Reset] Option to set password reset request timeout * [LEMONLDAP-310] - Test if mail templates are defined in the skin before using the common ones * [LEMONLDAP-311] - [Password Reset] Option to set HTML mail charset * [LEMONLDAP-312] - [Password Reset] Option to set reply to field * [LEMONLDAP-313] - [Password Reset] Include images and CSS in MIME mail * [LEMONLDAP-326] - Allow to set titles and subtitles in notification messages * [LEMONLDAP-328] - Notification explorer * [LEMONLDAP-341] - Notifications with conditions * [LEMONLDAP-343] - Delete session in local Handler cache in portal logout process * [LEMONLDAP-345] - Open SSO session after successful password reset from ppolicy * [LEMONLDAP-346] - Possibility to configure XSLT used to display notifications * [LEMONLDAP-347] - Possibility to customize messages from the portal * [LEMONLDAP-348] - Possibility to access menu tab with an URL lemonldap-ng (1.0.6) stable; urgency=low * [LEMONLDAP-297] - LDAP attributes are not explicitely requested * [LEMONLDAP-298] - Multi option with # not accepted in Manager * [LEMONLDAP-304] - Cannot use spaces between values of Multi authentication parameter * [LEMONLDAP-305] - Parameters are not overriden in the first Multi module * [LEMONLDAP-307] - Base64 encoded IDs can contain more than one "/", but only the first is escaped lemonldap-ng (1.0.5) stable; urgency=low * [LEMONLDAP-292] - Application menu is not well displayed with multiple users having differents rights * [LEMONLDAP-294] - Subroutines can not be overriden in lemonldap-ng.ini * [LEMONLDAP-293] - Password Manager - Sending Mail lemonldap-ng (1.0.4) stable; urgency=low * [LEMONLDAP-285] - Macro are not always recalculated * [LEMONLDAP-286] - CPAN Testers report * [LEMONLDAP-289] - Dark skin seems broken, but it is just "art" lemonldap-ng (1.0.3) stable; urgency=low * [LEMONLDAP-282] - Class::Inspector is needed to build RPM * [LEMONLDAP-283] - CPAN Testers report * [LEMONLDAP-284] - Applications with 'display auto' are always hidden in Menu lemonldap-ng (1.0.2) stable; urgency=low * [LEMONLDAP-263] - Common::Apache::Session uses wrong serialization algorithm with Postgres * [LEMONLDAP-264] - sessions explorer is not protected by LemonLDAP * [LEMONLDAP-265] - authenticationLevel not honored * [LEMONLDAP-266] - logout_app in rules break the manager * [LEMONLDAP-267] - portalOpenLinkInNewWindow has no effect * [LEMONLDAP-268] - logout_app and logout_app_sso does not work with Lemonldap::NG::Handler::Proxy * [LEMONLDAP-269] - Reset password feature does not work with AuthChoice * [LEMONLDAP-270] - Safe.pm 2.27 restrict the usage of custom functions * [LEMONLDAP-271] - Portal configuration cache not reset after configuration change in Manager * [LEMONLDAP-272] - DBI authentication level not honored * [LEMONLDAP-274] - Redirection URL is not good in Handler::CGI::_uri function * [LEMONLDAP-277] - Debian packaging requires libnet-ldap-perl >=1:0.38 * [LEMONLDAP-278] - Pb in Debian package liblemonldap-ng-conf-perl * [LEMONLDAP-279] - handler-apache2.conf not shipped with Debian * [LEMONLDAP-280] - Empty menu categories are not hidden * [LEMONLDAP-281] - [Debian bug #612719] Package description outdated * [LEMONLDAP-273] - Require jQuery 1.4+ in Debian packaging * [LEMONLDAP-275] - use $ENV{SCRIPT_FILENAME} instead of $ENV{DOCUMENT_ROOT} to referer to different htdocs directories lemonldap-ng (1.0.1) stable; urgency=low * [LEMONLDAP-258] - Portal with $vhost in Handler does not work * [LEMONLDAP-261] - Session explorer does not work with LDAP backend * [LEMONLDAP-262] - Sessions not purged with Apache::Session::File * [LEMONLDAP-263] - Common::Apache::Session uses wrong serialization algorithm with Postgres * [LEMONLDAP-257] - Integrate manager access directly in portal * [LEMONLDAP-240] - Translation framework for doc lemonldap-ng (1.0) stable; urgency=low * [LEMONLDAP-1] - ldapGroupAttributeNameSearch not well Serialized by Manager * [LEMONLDAP-11] - Manager is not working with jQuery 1.4 * [LEMONLDAP-17] - reloadAuthParams function can destroy configuration values * [LEMONLDAP-45] - logout_app_sso not accepted by Manager * [LEMONLDAP-63] - Error when selecting a deleted session in Sessions Explorer * [LEMONLDAP-65] - Cannot set empty values in textarea in Manager * [LEMONLDAP-92] - Cannot change password from menu * [LEMONLDAP-93] - LDAP connection error on high load * [LEMONLDAP-99] - Special UTF-8 characters cannot be sent in HTTP-BASIC * [LEMONLDAP-117] - Invalid use of Safe to access APR::Table module (LL::NG not working on RHEL5.5) * [LEMONLDAP-118] - Cannot store configuration in Postgresql DB * [LEMONLDAP-125] - SAML request is lost in portal user interaction (remove other sessions for example) * [LEMONLDAP-127] - Can not set samlStorageOptions from Manager * [LEMONLDAP-128] - LemonLDAP::NG not compatible with perl-LDAP 0.4001 * [LEMONLDAP-132] - Can't refuse SAML federation * [LEMONLDAP-133] - SAML sessions are displayed as "other sessions" * [LEMONLDAP-134] - Sessions created by AuthSAML are not displayed in sessions explorer * [LEMONLDAP-136] - Metadatas bad displayed in manager * [LEMONLDAP-137] - Portal value is not used to fill default values in Manager * [LEMONLDAP-138] - Password of a private key is not erased when generating a new key without password * [LEMONLDAP-142] - Sessions explorer hides password value stored in sessions datas * [LEMONLDAP-143] - Invalid message with artefact POST from SP to IDP * [LEMONLDAP-144] - Signature verification fail on SP side received artifact message * [LEMONLDAP-145] - Double utf-8 encoding in SOAP requests * [LEMONLDAP-150] - Error code: 200, SyntaxError: JSON.parse with value with spaces * [LEMONLDAP-156] - confirm parameter is not secured * [LEMONLDAP-161] - RelayState value given by SP is HTML reencoded * [LEMONLDAP-167] - Bug with trunk installed from scratch * [LEMONLDAP-169] - IssuerDB CAS : ticket is added 2 times in URL with a service URL containing parameters * [LEMONLDAP-170] - SAML: artifact resolution URL is not in authForce method * [LEMONLDAP-172] - Google Apps SSO not working with Lasso 2.3.2 * [LEMONLDAP-177] - OpenID provider cache login/password information: cannot login after bad password * [LEMONLDAP-179] - OpenID provider does not honor SREG request if only optional attributes * [LEMONLDAP-182] - Pages displayed by confirm return a 500 error under cgi-script * [LEMONLDAP-187] - lmAttrOrMacro test in Manager is not suitable for OpenID SREG attributes * [LEMONLDAP-189] - Cleanup process slows down considerably the Apache server * [LEMONLDAP-190] - Display must display the menu when process() returns an eror but user is authenticated * [LEMONLDAP-198] - Cross domain does not work anymore * [LEMONLDAP-200] - Restore persistent session does not work if whatToTrace is a macro * [LEMONLDAP-201] - OpenID tests are not correctly skipped if no OpenID module * [LEMONLDAP-202] - searchOn no working with SAML and Apache::Session::File * [LEMONLDAP-207] - Confirm stamp is not used everywhere in SAML IDP selection * [LEMONLDAP-214] - Auth choice is not working with several authentication forms * [LEMONLDAP-215] - DBI authentication not working with prepared statements * [LEMONLDAP-216] - getLocalConf called without 2nd argument * [LEMONLDAP-223] - Offline doc css referer to unexistant directory /lib/ * [LEMONLDAP-224] - Manager window size is bigger than screen * [LEMONLDAP-228] - Apache::Session::Browseable searchOn functions broken by new Apache::Session wrapper * [LEMONLDAP-229] - Multi not useable on Manager * [LEMONLDAP-230] - SOAP config backend broken * [LEMONLDAP-232] - Cannot configure several LDAP servers in Manager * [LEMONLDAP-233] - Debian manager broken with jquery-ui 1.8.6 * [LEMONLDAP-235] - Session creation test in Manager does not work with SOAP session backend * [LEMONLDAP-237] - Single logout broken by AuthChoice * [LEMONLDAP-239] - key type of portalDisplayAppList must be boolean * [LEMONLDAP-242] - CAS proxy ticket is always asked with CAS authentication * [LEMONLDAP-16] - Use parameterized statements in DBI to prevent SQL injection * [LEMONLDAP-58] - Catch ENV variables to fill session for all UserDB modules * [LEMONLDAP-97] - Add configuration parameters for private keys passwords * [LEMONLDAP-103] - String encoding in sessions * [LEMONLDAP-120] - Force UTF-8 in File backend * [LEMONLDAP-130] - Create a "reload" vhost independent from test applications * [LEMONLDAP-131] - SAML documentation * [LEMONLDAP-147] - Add an activation parameter for each IssuerDB * [LEMONLDAP-148] - Register SSO session_id in SAML sessions * [LEMONLDAP-149] - Add auhtForce, authFinish and authLogout methods in all authentication modules * [LEMONLDAP-152] - Configure authenticationLevel for authentication backends * [LEMONLDAP-154] - Work on session manager eyecandy * [LEMONLDAP-157] - Warning messages in make test * [LEMONLDAP-160] - Display lib for portal * [LEMONLDAP-168] - Delete local session when logout URL is cached * [LEMONLDAP-178] - Use same Apache conf files for default and Debian install * [LEMONLDAP-180] - Explain messages displayed in error.log (except debug) * [LEMONLDAP-181] - Manager must warn when portal is not in "domain" * [LEMONLDAP-186] - CAS Issuer parameters in Manager * [LEMONLDAP-188] - Use autoloader to reduce handler size * [LEMONLDAP-191] - Use persistent storage for SAML persistent NameID * [LEMONLDAP-194] - Delete AuthLA * [LEMONLDAP-195] - Anti-frame * [LEMONLDAP-196] - Remove .sql files for Conf::DBI * [LEMONLDAP-199] - Require Lasso 2.3.0 for SAML * [LEMONLDAP-204] - abort() instead of die in handlers * [LEMONLDAP-211] - Debian : use packaged jquery-ui * [LEMONLDAP-212] - Use jquery-ui style popup to display errors and upload result * [LEMONLDAP-213] - Network errors are not catched by "error" target oj jQuery.ajax() function * [LEMONLDAP-218] - Upgrade to jquery-ui 1.8 and use dialog for Manager popup * [LEMONLDAP-221] - Allow to set a custom portal skin from Manager * [LEMONLDAP-225] - /favicon.ico is missing for new web site * [LEMONLDAP-234] - Tree style image transparency problem with obsur theme * [LEMONLDAP-5] - Configure use of HTTPS and redirection port per virtual host * [LEMONLDAP-6] - Change 403 error into 302 error for ungranted access * [LEMONLDAP-12] - Zimbra authentication * [LEMONLDAP-18] - [SAML] Common domain cookie support * [LEMONLDAP-19] - Select authentication module on authentication portal * [LEMONLDAP-22] - Session explorer should use the new Manager elements (i18n, templates, etc.) * [LEMONLDAP-25] - Provide authorized application trough SOAP * [LEMONLDAP-27] - OpenID provider * [LEMONLDAP-28] - Read user information from OpenID provider * [LEMONLDAP-29] - Improve application menu configuration * [LEMONLDAP-57] - Local Handler macros * [LEMONLDAP-101] - CAS Provider (IssuerDBCAS) * [LEMONLDAP-102] - IssuerDB contextual selection * [LEMONLDAP-121] - Fake SLO process for standard applications * [LEMONLDAP-123] - Store Lasso Identity Dump in UserDB * [LEMONLDAP-129] - LDAP timeout configuration * [LEMONLDAP-135] - Propagate domain change to all keys * [LEMONLDAP-139] - Use default values for SAML URL if they are not defined in configuration * [LEMONLDAP-141] - Disable timer on IDP list * [LEMONLDAP-146] - Request PGT in AuthCAS * [LEMONLDAP-159] - Manage comment in rule regexp * [LEMONLDAP-174] - Configure auto POST in Manager * [LEMONLDAP-210] - Ajax request in menu to check if session is always available * [LEMONLDAP-4] - Documentation for POST Handler functionnality * [LEMONLDAP-7] - Doxygen Portal/MailReset.pm * [LEMONLDAP-13] - Check that authLogout is well managed in AuthMulti * [LEMONLDAP-30] - [SAML] Unit tests * [LEMONLDAP-162] - Replace help system by offline doc * [LEMONLDAP-171] - Documentation for version 1.0 on new wiki * [LEMONLDAP-192] - Use the new wiki to generate offline documentation * [LEMONLDAP-206] - Upgrade spec file to build RPMs for 1.00 * [LEMONLDAP-209] - Update copyright and URLs in PODs * [LEMONLDAP-231] - Tidy Manager skin directory * [LEMONLDAP-164] - Trusted domains for OpenID * [LEMONLDAP-165] - Manage extensions in is_trusted hook * [LEMONLDAP-166] - Create a storage for agreements lemonldap-ng (1.0rc2) unstable; urgency=low * Debian policy 3.9.1 * [LEMONLDAP-20] - Parameter remoteCookieName is not available in Manager * [LEMONLDAP-21] - Special characters from SAML attribute statement are not well encoded * [LEMONLDAP-41] - Lasso CRITICAL error in AuthSAML logout process * [LEMONLDAP-42] - [SAML][SP] Attrubtes sent trought IDP initiated SSO are not registered into session * [LEMONLDAP-43] - [SAML][SP] IDP should not be read from IDP cookie, but from SAML request or response * [LEMONLDAP-50] - [SAML][SP] OneTimeUse flag should not reduce session duration * [LEMONLDAP-53] - [SAML][IDP] sendLogoutResponseAfterLogoutRequest method does not exists * [LEMONLDAP-54] - Handler parameters (https, port, etc.) are not taken into account if only defined in Manager, and not in ini file * [LEMONLDAP-62] - [SAML] samldate2timestamp is not returning correct timestamp * [LEMONLDAP-64] - SLO error with simpleSAMLphp * [LEMONLDAP-68] - Failed to load signing key for http://urlIDP/saml/metadata * [LEMONLDAP-69] - domain cannot contain "-" in Manager * [LEMONLDAP-71] - samlIDPSSODescriptorArtifactResolutionServiceArtifact wrong binding in Manager * [LEMONLDAP-72] - [SAML] UTF-8 encoded attributes are reencoded * [LEMONLDAP-73] - [SAML] Initial URL is not kept when IDP is choosen in AuthSAML * [LEMONLDAP-74] - [error] Unable to open relaystate session * [LEMONLDAP-75] - SSO HTTP-POST profile not declared in IDP metadata * [LEMONLDAP-76] - [SAML] SOAP SLO denied on IDP * [LEMONLDAP-77] - Error when no SessionNotOnOrAfter value in authn statement * [LEMONLDAP-78] - Request Denied on SOAP SLO request on IDP * [LEMONLDAP-79] - Mandatory attributes are not requested * [LEMONLDAP-81] - SessionNotOnOrAfter should be set explicitely * [LEMONLDAP-82] - CDA always use secured cookie even if requested site is a http one * [LEMONLDAP-100] - Secondary SAML session should be destroyed when primary session is deleted * [LEMONLDAP-105] - Error on SLO request for already closed session * [LEMONLDAP-109] - Do not send AttributeStatement when no attribute should be sent * [LEMONLDAP-112] - Handler/AuthBasic does not use local cache * [LEMONLDAP-113] - Lemonldap::NG is not compatible with the use of a LDAP server using a different encoding than UTF-8 for storing passwords * [LEMONLDAP-114] - Bad usage of Apache::Session::searchOn() on portal * [LEMONLDAP-115] - In info page, when clicking on "Continue", we are not redirected to urldc * [LEMONLDAP-119] - Special UTF-8 characters raise error in metadata * [LEMONLDAP-122] - Secondary SAML session are not deleted on local IDP logout * [LEMONLDAP-124] - Stop info/confirm timer at 0 * [LEMONLDAP-37] - [SAML] Proxy restriction should include all known IDP, and not only target IDP * [LEMONLDAP-44] - [SAML][SP] IDP list when unknown IDP in IDP cookie * [LEMONLDAP-46] - [logout] verify referer into logout process * [LEMONLDAP-47] - [SAML] RequestedAuthnContext should always be translated into authenticationLevel * [LEMONLDAP-51] - [SAML][IDP] SAML sessionIndex value should be a crypted value of LL::NG session_id * [LEMONLDAP-55] - Distribute SympaAutoLogin Handler * [LEMONLDAP-70] - Do not throw error if no SP or no IDP configured * [LEMONLDAP-80] - POST fields should be hidden * [LEMONLDAP-87] - Attribute format selection in Manager * [LEMONLDAP-89] - Security keys in service metadata * [LEMONLDAP-90] - Group IDP and SP options * [LEMONLDAP-91] - SOAP configuration parameter is not needed in SAML * [LEMONLDAP-98] - Add option to disable SAML conditions checks * [LEMONLDAP-104] - Store entities metadata in raw format * [LEMONLDAP-106] - Display OK or ERROR icons on HTTP REDIRECT and HTTP POST SLO iframes * [LEMONLDAP-107] - Manage asynchronous SLO request on closed SSO session (SAML IDP) * [LEMONLDAP-126] - Put SAML parameters in Manager * [LEMONLDAP-2] - [SAML] Attribute authority * [LEMONLDAP-10] - [SAML] Manage certificate in service metadata * [LEMONLDAP-31] - [SAML] Proxy IDP * [LEMONLDAP-32] - [SAML] Manage Artifact methods for SAML messages emission in SP * [LEMONLDAP-33] - [SAML] Check "Destination" attribute * [LEMONLDAP-35] - [SAML] Manage SLO trough SOAP * [LEMONLDAP-36] - [SAML] Check dates and other conditions in SLO requests * [LEMONLDAP-40] - [SAML] Dedicated portal errors code for SAML errors * [LEMONLDAP-49] - [SAML][IDP] Manage encrypted NameID * [LEMONLDAP-52] - IssuerDB activation rule * [LEMONLDAP-56] - [SAML][IDP] SLO trough HTTP-POST * [LEMONLDAP-66] - [SAMl][IDP] Options to check message signatures * [LEMONLDAP-67] - [SAML][IDP] Map NameID Format to local session keys * [LEMONLDAP-86] - Do not parse metadata on each authentication * [LEMONLDAP-88] - Better signature management * [LEMONLDAP-108] - NameID unspecified format should use the default NameID format * [LEMONLDAP-110] - Store SAML token in session * [LEMONLDAP-111] - Build SLO response request with other SLO request status * [LEMONLDAP-116] - Allow metadata edition in Manager * [LEMONLDAP-3] - [SAML] Attribute authority declaration in metadata * [LEMONLDAP-83] - Set NameID in attribute request * [LEMONLDAP-84] - Check format and friendly name of requested attribute * [LEMONLDAP-85] - Check requested attribute values * [LEMONLDAP-96] - Add encryptionkey in Attribute Authority metadata * Upgrade to JQuery-1.4.2 lemonldap-ng (1.0rc1) unstable; urgency=low * Little Debian changes (see 0.9.4.1-2 Debian changelog) * AuthCAS: URL redirection and module load test * Change multiple configuration files into lemonldap-ng.ini * New manager * New conf storage modules : CDBI and RDBI * DBI conf storage module is deprecated * convertConfig and lmMigrateConfFiles2ini tools * childInit() is called only 1 time * Update JQuery to 1.3 and JQueri-UI 1.7.2 (Closes: #314394) * New authentication and userDB modules : - DBI - Proxy - Env (UserDB only) - SAML - OpenID - Twitter * Portal index.pl use lemonldap-ng.ini to get parameters * CSS and Javascript minification capability * Apache configuration splitted into portal/manager/handler * XML Menu is deprecated * LDAP: recursive groups * unprotect target in rules * Force authentication parameter * Store in user session Auth/UserDB/PasswordDB/IssuerDB used module * Use a confirmation token and HTML templates for password reset by mail * SOAP: isAuthorizedUri Web Service * Confirm and Info stages in Portal * Possibility to define a rule to grant session * Configuration parameters for portal customization (skin, ...) * Possibility to set cookie expiration * LDAP: option to modify password as user * Correct bugs in Handler::Proxy * New portal skin: impact -- Xavier Guimard Wed, 24 Mar 2010 23:00:00 +0100 lemonldap-ng (0.9.4.1) unstable; urgency=low * Safe jail update * Many little bugs in Handler/CGI.pm * Apache::Session::LDAP was not usable with session explorer * syslog facility was not taken in account in Common/CGI.pm * require failed in _Multi.pm * doc update * russian debconf translation (Closes: #550552 / bugs.debian.org) -- Xavier Guimard Sun, 11 Oct 2009 09:36:35 +0200 lemonldap-ng (0.9.4) unstable; urgency=low * Bugs : - ldap+tls uri was not working (Closes: #312418) - Session timeout is in seconds and not in minutes in Manager/Help.pm (Closes: #312339) - Missing dependency in Debian package (Closes: #521959 / bugs.debian.org) * Logs : - CGI's log subroutine : now if a CGI runs under ModPerl::Registry, it stores it's log using Apache2::Log - handler logs written in PerlLogHandler * SOAP : - New SOAP architecture : the portal serves now all webservices and the security is based on Apache system (different locations) - WSDL generation * New features : - LDAP backend for configuration and sessions storage - portal can be a Perl expression in handlers - POST requests generation in handler (used to post login/password in non compatible applications) - Sympa auto login handler - New auth and userDB modules for the portal : Multi, Remote, Null (for UserDB only) - New module system for passwords - Notification system - Double session mechanism (1 secured and the other not) - New fonctions for rules (stored in lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm) : * checkLogonHours * checkDate * Other : - Pre-compilation in Apache's configuration files - Cross-domain now included in core - handler AuthBasic now uses SOAP -- Xavier Guimard Mon, 29 Jun 2009 10:28:09 +0200 lemonldap-ng (0.9.3.4) unstable; urgency=low * Security bug fix (macros and groups can be evaluated for an other user in multi-thread environment). Closes: #312627 * XSS filter can now accept URL with a port. Closes: #312625 -- Xavier Guimard Thu, 05 Feb 2009 16:12:55 +0100 lemonldap-ng (0.9.3.3) unstable; urgency=low * ldap+tls uri was not working (Closes: #312418) * Session timeout is in seconds and not in minutes in Manager/Help.pm (Closes: #312339) -- Xavier Guimard Thu, 22 Jan 2009 11:00:10 +0100 lemonldap-ng (0.9.3.2) unstable; urgency=low * Debian install failed (Closes: #510562, Closes: #510563 / bugs.debian.org) -- Xavier Guimard Sat, 03 Jan 2009 09:47:21 +0100 lemonldap-ng (0.9.3.1) unstable; urgency=low * Bug in Debian build -- Xavier Guimard Wed, 31 Dec 2008 14:16:06 +0100 lemonldap-ng (0.9.3) unstable; urgency=low [ Security ] * XSS protection [ Clement Oudot ] * New menu and skin (pastel). Menu calculates rights before displaying URL [ Xavier Guimard ] * Authentication and UserDB separation * New session explorer system * Backport of debian storage.conf file to normal installation * Errors are now displayed in the browser for portal and manager * Custom functions for rules, macros, headers and groups * Manager protection * New configuration access with local cache system * AuthBasic handler * MRTG scripts to read LmNG status * UserDB mechanism : LDAP is not required now * Portal SOAP functions -- Xavier Guimard Wed, 31 Dec 2008 11:55:57 +0100 lemonldap-ng (0.9.2.2) unstable; urgency=low * Bug in default rule (Closes: #310938) -- Xavier Guimard Mon, 25 Aug 2008 22:08:58 +0200 lemonldap-ng (0.9.2.1) unstable; urgency=low * New documentation page on advanced access rules -- Xavier Guimard Fri, 04 Jul 2008 11:54:57 +0200 lemonldap-ng (0.9.2) unstable; urgency=low * New css in manager * cleaning Handler code * Status system for Lemonldap::NG::Handler and for the portal * Debian Czech translation for debconf (Closes: #483301 / bugs.debian.org) * Debian Swedish translation for debconf (Closes: #487713 / bugs.debian.org) * Romanian translation for portal * Distinct Liberty-Alliance SP installation * Password policy included now * Bugs in redirections * Perl 5.10 check-in * More tests in "test" target * Bug in purgeCentralCache (DBI only): datas where never purged -- Xavier Guimard Tue, 24 Jun 2008 15:07:04 +0200 lemonldap-ng (0.9.1) unstable; urgency=low * logout bug : logout_sso target was not running (Closes: #308856) * javascript update : the manager was not running with MSIE7 (Closes: #308775) * Debian corrections issued from lintian (full) * 2 Net::LDAP password policy controls in the portal: - account locked - password expired -- Xavier Guimard Mon, 07 Apr 2008 11:13:06 +0200 lemonldap-ng (0.9) unstable; urgency=low * Liberty Alliance module issued of the FederID project is now included. -- Xavier Guimard Mon, 25 Feb 2008 15:05:08 +0100 lemonldap-ng (0.8.3.2) unstable; urgency=low * purgeCentralCache was not correctly installed in Debian (Closes: #461572 / bugs.debian.org) * debconf translation for german and portuguese (Closes: #451820 and #462807 bugs.debian.org) * HTML documentation update * Option +ExecCGI was missing in lemonldap-ng-handler/example/lmH-apache2.conf (Closes: #307891) * Local overload was not taken in account in handlers * Sessions could not be stored in SOAPServer (Closes: #308181) * Attributes could not be deleted in SOAP session client (Closes: #308214) * Sessions timeout can now be managed by the Manager * AuthSSL doesn't work without SSLvar parameter -- Xavier Guimard Fri, 08 Feb 2008 17:27:15 +0100 lemonldap-ng (0.8.3.1) unstable; urgency=low * New feature: LDAP groups are now available in $groups -- Xavier Guimard Wed, 07 Nov 2007 16:41:07 +0100 lemonldap-ng (0.8.3) unstable; urgency=high * Syntax errors in configuration are now displayed * Security fix: authentication could be replayed with another uid * Debian package uses po-debconf * TLS is now supported in LDAP connections (thanks to Baptiste Grenier) * New logout system: logout urls can be now intercepted in Manager * Documentation -- Xavier Guimard Fri, 07 Sep 2007 07:14:35 +0200 lemonldap-ng (0.8.2.4) unstable; urgency=low * Bug in manager javascript. -- Xavier Guimard Tue, 19 Jun 2007 22:25:10 +0200 lemonldap-ng (0.8.2.3) unstable; urgency=low * Change configuration storage format (Storable bug). Closes: #307173/objectweb.org * CDA little bug correction * Documentation update -- Xavier Guimard Wed, 13 Jun 2007 15:33:56 +0200 lemonldap-ng (0.8.2.2) unstable; urgency=low * Debian packages modifications due to Lintian control. * New Debian package: lemonldap-ng-doc * Little bug correction in Portal/CDA.pm * Bug between Handler dependencies and Debian organization: Lemonldap::NG::Handler::SharedConf must not depend from Lemonldap::NG::Manager but Lemonldap::NG::Manager::Conf -- Xavier Guimard Tue, 01 June 2007 07:18:43 +0200 lemonldap-ng (0.8.2.1) unstable; urgency=low * More documentation * Virtual host names control * Portal can now use more than one LDAP server -- Xavier Guimard Mon, 14 May 2007 07:14:10 +0200 lemonldap-ng (0.8.2) unstable; urgency=low * Little bug fix if whatToTrace parameter is not defined and display it in Manager interface * New: port is now checked in portal redirection * Different configurations can now be used on the same server at the same time * Help in english * New debian structure: lemonldap-ng is splitted in 5 packages, default configuration file has moved to /var/lib/lemonldap-ng/conf/ and first configuration file is managed by debconf * Buttons to manage configurations in manager (next, previous, last, delete). Closes: #306566 / forge.lemonldap.org. * SOAP: HTTP basic authentication and little bug correction in 'sessions' mode -- Xavier Guimard Mon, 07 May 2007 19:06:52 +0200 lemonldap-ng (0.8.1.1) unstable; urgency=low * Little bug fix in test -- Xavier Guimard Fri, 20 Apr 2007 08:57:40 +0200 lemonldap-ng (0.8.1) unstable; urgency=low * New features : - Logout system - Configuration check before saving in Manager -- Xavier Guimard Sun, 15 Apr 2007 19:18:29 +0200 lemonldap-ng (0.8.0.7) unstable; urgency=low * Bug fix in manager javascript (Closes: #306776 ?) * Display bug fix in manager -- Xavier Guimard Sun, 15 Apr 2007 13:21:43 +0200 lemonldap-ng (0.8.0.6) unstable; urgency=low * Little bug fix in unprotect function * Bug fix in authentication scheme different than default -- Xavier Guimard Thu, 12 Apr 2007 07:03:51 +0200 lemonldap-ng (0.8.0.5) unstable; urgency=low * i18n bug: Lemonldap::NG works does not fall in english but creates a bug -- Xavier Guimard Wed, 28 Mar 2007 21:26:16 +0200 lemonldap-ng (0.8.0.4) unstable; urgency=low * Multi-valued attributes in HTTP headers (Closes: #306792 / forge.objectweb.org) * Warning in Manager/Conf.pm: the same type of storage has to be used for all Lemonldap::NG parts in a same server. * Apache-1.3 configuration reload (Closes: #306761 / forge.objectweb.org) -- Xavier Guimard Thu, 22 Mar 2007 22:42:23 +0100 lemonldap-ng (0.8.0.3) unstable; urgency=low * New feature in Manager : "Delete VHost" button (Closes: #306761) * Typo correction in Makefile : (Closes: #306775) * Correction of build-depends : (Closes: #306773) * Bug correction : existingSessions was not called in Portal.pm -- Xavier Guimard Tue, 13 Mar 2007 07:55:42 +0100 lemonldap-ng (0.8.0.2) unstable; urgency=low * Bug correction: lock doesn't work with File.pm (Closes: #306760 / forge.objectweb.org) -- Xavier Guimard Sun, 11 Mar 2007 21:08:38 +0100 lemonldap-ng (0.8.0.1) unstable; urgency=medium * Closes: #306756 / forge.objectweb.org -- Xavier Guimard Fri, 10 Mar 2007 08:49:01 +0100 lemonldap-ng (0.8) unstable; urgency=low * Release 0.8: - corrects differents little bugs issued from test in real life. - on line documentation in english -- Xavier Guimard Fri, 9 Mar 2007 20:29:01 +0100 lemonldap-ng (0.7b12) unstable; urgency=low * New features: - session access via SOAP - authentication via CAS - 'apply changes' button in Manager used to reload configuration in handlers (by calling reload sub via HTTP) (Closes: #306565 / forge.objectweb.org) - i18n module in portal (for displaying errors) - lock in DBI configuration system (NOT YET TESTED) -- Xavier Guimard Sun, 4 Mar 2007 15:50:38 +0100 lemonldap-ng (0.7b11) unstable; urgency=low * New features: - Cross Domain Authentication - SOAP configuration access - READMEs and documentation update -- Xavier Guimard Tue, 27 Feb 2007 15:01:09 +0100 lemonldap-ng (0.7b10) unstable; urgency=low * Corrections in Manager issued from the first test in real life: - Close #306573 / forge.objectweb.org - Close #306574 / forge.objectweb.org -- Xavier Guimard Wed, 17 Jan 2007 20:57:33 +0100 lemonldap-ng (0.7b9) unstable; urgency=low * Internationalization of javascripts (close #306564 / forge.objectweb.org) * Help in "General Parameters" -- Xavier Guimard Sun, 14 Jan 2007 21:50:39 +0100 lemonldap-ng (0.7b8) unstable; urgency=low * Correction of the use of Safe in portal: &share doesn't work with a variable declared with my. * New system in the configuration: 'macro' section can be used to add custom exported variables. So configuration is more simple in heavy case. -- Xavier Guimard Sat, 13 Jan 2007 20:19:19 +0100 lemonldap-ng (0.7b7) unstable; urgency=low * Correction of a bug in internal redirections: now internal redirections are not examined: for example,http://test.example.com/ is internaly redirected to /index.pl, but only the first request (/) is tested. * Help in french -- Xavier Guimard Fri, 5 Jan 2007 18:22:32 +0100 lemonldap-ng (0.7b6) unstable; urgency=low * Help system skeleton -- Xavier Guimard Thu, 4 Jan 2007 09:04:05 +0100 lemonldap-ng (0.7b5) unstable; urgency=low * Localization in Manager interface (only fr and en) -- Xavier Guimard Sun, 31 Dec 2006 16:39:06 +0100 lemonldap-ng (0.7b4) unstable; urgency=low * Safe jail runs now * example runs now -- Xavier Guimard Sun, 31 Dec 2006 14:00:08 +0100 lemonldap-ng (0.7b3) unstable; urgency=low * Replacement of eval by Safe for external expressions -- Xavier Guimard Sat, 30 Dec 2006 22:23:22 +0100 lemonldap-ng (0.7b) unstable; urgency=low * Corrections in example * Example installation in debian * Revision in documentation -- Xavier Guimard Sun, 17 Dec 2006 18:37:39 +0100 lemonldap-ng (0.6) unstable; urgency=low * Initial release built starting from the three modules of the CPAN. -- Xavier Guimard Sun, 17 Dec 2006 17:46:47 +0100