lemonldap-ng/TODO-2.0.md

• Minimal authn level system
• (2ndF/OTP mail)
• Combination/Choice for password (using session data)
• Combination: reinitialize password without being authentified
• (Twitter, Facebook,… => no UserDB)
• Menu: how to calculate rights for SAML icons (with internal rules)

3.0:

• tab plugin for menu

• Real federation

• Unify SAML/OIDC presentation in Choice

• Read-only manager

• Register to do

• Brute-force detection ?

• Add new SMTP params

• unhandled parameters:

  • issuerDB*Rule

• securize SOAP session creation by cipher

• Verify securedCookie=3 (strange)

• Calendar in notifications explorer

• Test for Zero

• "mail" in UserDB/*

• verify activeTimer on/off on screen

• Add test for #173

Combination

• detect changes
• diff()

# Password

• Enable it during auth