dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
40cb557d6d
lemonldap-ng/po-doc/fr/pages/documentation/1.9/formreplay.html
Clément Oudot 40cb557d6d Import FR documentation (#909)
2016-02-10 10:17:52 +00:00

163 lines
7.4 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title></title><!-- metadata --><!-- style sheet links -->
<meta name="generator" content="Hors ligne" />
<meta name="version" content="Hors-ligne 0.1" />
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1 class="sectionedit1" id="form_replay">Rejeu de formulaires</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "Form replay" [1-27] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
Form replay allows you to open a session on a protected application by filling a <abbr title="HyperText Markup Language">HTML</abbr> POST login form and autosubmitting it, without asking anything to the user.
</p>
<p>
</p><p></p><div class="notewarning">
Ce type de mécanisme <abbr title="Authentification unique (Single Sign On)">SSO</abbr> n'est pas parfait et peut générer des problèmes tels des blocages de mots-de-passe, sessions locales mal closes, etc...
</p>
<p>
Il est en général préférable de trouver une autre solution pour protéger les applications avec <abbr title="LemonLDAP::NG">LL::NG</abbr>. Ainsi, vérifier si l'<a href="../../documentation/1.9/applications.html" class="wikilink1" title="documentation:1.9:applications">application est connue</a> ou <a href="../../documentation/1.9/selfmadeapplication.html" class="wikilink1" title="documentation:1.9:selfmadeapplication">essayer d'adapter le code source</a>.
</p></div></p>
</p>
<p>
If you configure form replay with <abbr title="LemonLDAP::NG">LL::NG</abbr>, the Handler will detect forms to fill, add a javascript in the html page to fill form fields with dummy datas and submit it, then intercept the POST request and add POST data in the request body.
</p>
<p>
POST data can be static values or computed from user's session.
</p>
<p>
</p><p></p><div class="notetip">
Pour envoyer le mot-de-passe utilisateur, il faut activer le <a href="../../documentation/1.9/passwordstore.html" class="wikilink1" title="documentation:1.9:passwordstore">stockage du mot-de-passe</a>. Dans ce cas, la variable <code>$_password</code> peut être utilisée dans tous les champs à envoyer.
</div></p>
</p>
</div><!-- EDIT2 SECTION "Presentation" [28-1068] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
Il faut récolter quelques informations:
</p>
<ul>
<li class="level1"><div class="li"> <abbr title="Uniform Resource Identifier">URI</abbr> of the html page which contains the form</div>
</li>
<li class="level1"><div class="li"> <abbr title="Uniform Resource Identifier">URI</abbr> the html form is sent to</div>
</li>
<li class="level1"><div class="li"> Does the html page load jQuery ? If not, grab a jQuery <abbr title="Uniform Resource Locator">URL</abbr> reachable by user (any version over jQuery 1.0 is suitable)</div>
</li>
<li class="level1"><div class="li"> are there several html forms in the page ? If so, get a jQuery selector for the form you want to post</div>
</li>
<li class="level1"><div class="li"> is user required to click on a button, for example in order to perform some script ? If so, get a jQuery selector for that button</div>
</li>
<li class="level1"><div class="li"> names and values of the fields you want to control</div>
</li>
</ul>
<p>
If you don't know jQuery selector, just be aware that they are similar to css selectors: for example, button#foo points to the html button whose id is “foo”, and .bar points to all html elements of css class “bar”.
</p>
<p>
Par exemple :
</p>
<ul>
<li class="level1"><div class="li"> <abbr title="Uniform Resource Identifier">URI</abbr> de la page de formulaire : /login.php</div>
</li>
<li class="level1"><div class="li"> Target <abbr title="Uniform Resource Identifier">URI</abbr>: /process.php (if you let this parameter empty, target <abbr title="Uniform Resource Identifier">URI</abbr> is supposed to be the same as form page <abbr title="Uniform Resource Identifier">URI</abbr>)</div>
</li>
<li class="level1"><div class="li"> jQuery <abbr title="Uniform Resource Locator">URL</abbr>: http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js (if you let this parameter empty, jQuery is supposed to be already loaded; you can also set “default” to point to jQuery <abbr title="Uniform Resource Locator">URL</abbr> of <abbr title="LemonLDAP::NG">LL::NG</abbr> portal)</div>
</li>
<li class="level1"><div class="li"> jQuery form selector: #loginForm (if you let this parameter empty, browser will fill and submit any html form)</div>
</li>
<li class="level1"><div class="li"> jQuery button selector: button.validate (if you let this parameter empty, the form will be submitted but no button will be clicked; if you set it to “none”, no button will be clicked and the form will be filled but not submitted)</div>
</li>
<li class="level1"><div class="li"> Champs :</div>
<ul>
<li class="level2"><div class="li"> login: $uid (uid de l'utilisateur)</div>
</li>
<li class="level2"><div class="li"> password: $_password (mot-de-passe de l'utilisateur)</div>
</li>
<li class="level2"><div class="li"> static: 'StaticValue' (une valeur statique)</div>
</li>
<li class="level2"><div class="li"> remember: '1' (une case à cocher)</div>
</li>
</ul>
</li>
</ul>
<p>
Then go in Manager, “Virtual Hosts” » <em>virtualhost</em> » “Form replay” and click on “New form”.
</p>
<p>
<a href="/_detail/documentation/manager-formreplay-newurl.png?id=documentation%3A1.9%3Aformreplay" class="media" title="documentation:manager-formreplay-newurl.png"><img src="../../../media/documentation/manager-formreplay-newurl.png" class="mediacenter" alt="" /></a>
</p>
<p>
Renseigner les valeurs ici :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Form <abbr title="Uniform Resource Locator">URL</abbr></strong>: /login.php</div>
</li>
<li class="level1"><div class="li"> <strong><abbr title="Uniform Resource Locator">URL</abbr> cible</strong> : /process.php</div>
</li>
<li class="level1"><div class="li"> <strong>jQuery <abbr title="Uniform Resource Locator">URL</abbr></strong>: http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js</div>
</li>
<li class="level1"><div class="li"> <strong>jQuery form selector</strong>: #loginForm</div>
</li>
<li class="level1"><div class="li"> <strong>jQuery button selector</strong>: button.validate</div>
</li>
</ul>
<p>
Cliquer ensuite sur <code>Nouvelle donnée POST</code> et ajouter chaque donnée avec sa valeur, par exemple :
</p>
<p>
<a href="/_detail/documentation/manager-formreplay-newdata.png?id=documentation%3A1.9%3Aformreplay" class="media" title="documentation:manager-formreplay-newdata.png"><img src="../../../media/documentation/manager-formreplay-newdata.png" class="mediacenter" alt="" /></a>
</p>
<p>
</p><p></p><div class="notetip">Il est possible de définir plusieurs <abbr title="Uniform Resource Locator">URL</abbr> de rejeu de formulaires par hôte virtuel.
</div></p>
</p>
</div>
</div><!-- closes <div class="dokuwiki export">--></body></html>
Reference in New Issue View Git Blame Copy Permalink