worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Doc update

Browse Source
environments/ppa-mbqj77/deployments/1
Clément Oudot 15 years ago
parent 3bfced12ba
commit 280a6fb6d9
3 changed files with 139 additions and 66 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 104
      build/lemonldap-ng/doc/pages/documentation/1.0/security.html
  2. 25
      modules/lemonldap-ng-manager/example/skins/default/js/manager.js
  3. 76
      modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm

104
build/lemonldap-ng/doc/pages/documentation/1.0/security.html
Unescape View File

@ -118,7 +118,7 @@ To protect the manager by <acronym title="LemonLDAP::NG">LL::NG</acronym>, you j
<p>
Rules are applied in alphabetical order (comment and regular expression). The first rule that matches is applied.
<a href="../../documentation/1.0/writingrulesand_headers.html#rules" class="wikilink1" title="documentation:1.0:writingrulesand_headers">Rules</a> are applied in alphabetical order (comment and regular expression). The first rule that matches is applied.
</p>
<p>
@ -127,27 +127,50 @@ Rules are applied in alphabetical order (comment and regular expression). The fi
</p>
<p>
Bad example:
The Manager let you define comments in rules, to order them:
</p>
<p>
<a href="/_detail/documentation/manager_access_rule.png?id=documentation%3A1.0%3Asecurity" class="media" title="documentation:manager_access_rule.png"><img src="../../../media/documentation/manager_access_rule.png" class="mediacenter" alt="" /></a>
</p>
<p>
For example, if these rules are used without comments:
</p>
<pre class="code shell"># Rule 1, no comment
^/pub/admin/ -&gt; $uid eq &quot;root&quot;
# Rule 2, no comment
^/pub/ -&gt; accept</pre>
<table class="inline">
<tr class="row0 roweven">
<th class="col0 centeralign"> Regular expression </th><th class="col1 centeralign"> Rule </th><th class="col2 leftalign"> Comment </th>
</tr>
<tr class="row1 rowodd">
<td class="col0"> ^/pub/admin/ </td><td class="col1"> $uid eq “root” </td><td class="col2"> </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> ^/pub/ </td><td class="col1"> accept </td><td class="col2"> </td>
</tr>
</table>
<p>
The rule 2 will be applied first, so every authenticated user will access to /pub/admin directory
Then the second rule will be applied first, so every authenticated user will access to <code>/pub/admin</code> directory.
</p>
<p>
Use comment to correct this:
</p>
<pre class="code shell"># Rule 1, comment &quot;1_pub&quot;
(?#1_pub)^/pub/admin/ -&gt; $uid eq &quot;root&quot;
# Rule 2, comment &quot;2_admin&quot;
(?#2_admin)^/pub/ -&gt; accept</pre>
<table class="inline">
<tr class="row0 roweven">
<th class="col0 centeralign"> Regular expression </th><th class="col1 centeralign"> Rule </th><th class="col2 leftalign"> Comment </th>
</tr>
<tr class="row1 rowodd">
<td class="col0"> ^/pub/admin/ </td><td class="col1"> $uid eq “root” </td><td class="col2"> 1_pub </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> ^/pub/ </td><td class="col1"> accept </td><td class="col2"> 2_admin </td>
</tr>
</table>
<p>
<p><div class="notetip">
</p>
<ul>
@ -163,22 +186,33 @@ Use comment to correct this:
</p>
</div>
<!-- SECTION "Order your rules" [2149-2903] -->
<!-- SECTION "Order your rules" [2149-3072] -->
<h3><a name="be_careful_with_url_parameters" id="be_careful_with_url_parameters">Be careful with URL parameters</a></h3>
<div class="level3">
<p>
You can write <a href="../../documentation/1.0/writingrulesand_headers.html#rules" class="wikilink1" title="documentation:1.0:writingrulesand_headers">rules</a> matching any component of <acronym title="Uniform Resource Locator">URL</acronym> to protect including GET parameters, but be careful:
Bad example:
You can write <a href="../../documentation/1.0/writingrulesand_headers.html#rules" class="wikilink1" title="documentation:1.0:writingrulesand_headers">rules</a> matching any component of <acronym title="Uniform Resource Locator">URL</acronym> to protect including GET parameters, but be careful.
</p>
<p>
For example with this rule on the <code>access</code> parameter:
</p>
<pre class="code">
/^index.php\?.*access=admin -&gt; $groups =~ /\badmin\b/
default -&gt; accept
</pre>
<table class="inline">
<tr class="row0 roweven">
<th class="col0 centeralign"> Regular expression </th><th class="col1 centeralign"> Rule </th><th class="col2 leftalign"> Comment </th>
</tr>
<tr class="row1 rowodd">
<td class="col0"> ^/index.php\?.*access=admin </td><td class="col1"> $groups =~ /\badmin\b/ </td><td class="col2"> </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> default </td><td class="col1"> accept </td><td class="col2"> </td>
</tr>
</table>
<p>
Now, user that try to access to one of the following <em class="u">will be granted</em> !
Then a user that try to access to one of the following <em class="u">will be granted</em> !
</p>
<ul>
<li class="level1"><div class="li"> /index.php?access=admin&amp;access=other</div>
@ -189,17 +223,25 @@ Now, user that try to access to one of the following <em class="u">will be grant
<p>
You can use the following instead:
You can use the following rules instead:
</p>
<pre class="code">
# insert a comment 0_bad for this rule:
/^(?i#0_bad)index.php\?.*access.*access -&gt; deny
# insert a comment 1_admin for this rule
/^(?i#1_admin)index.php\?.*access=admin -&gt; $groups =~ /\badmin\b/
default -&gt; accept
</pre>
<table class="inline">
<tr class="row0 roweven">
<th class="col0 centeralign"> Regular expression </th><th class="col1 centeralign"> Rule </th><th class="col2 leftalign"> Comment </th>
</tr>
<tr class="row1 rowodd">
<td class="col0"> ^/(?i)index.php\?.*access.*access </td><td class="col1"> deny </td><td class="col2"> 0_bad </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> ^/(?i)index.php\?.*access=admin </td><td class="col1"> $groups =~ /\badmin\b/ </td><td class="col2"> 1_admin </td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> default </td><td class="col1"> accept </td><td class="col2"> </td>
</tr>
</table>
<p>
<p><div class="notetip"><strong>(?i)</strong> means case no sensitive.
</div></p>
</p>
@ -210,7 +252,7 @@ default -&gt; accept
</p>
</div>
<!-- SECTION "Be careful with URL parameters" [2904-3778] -->
<!-- SECTION "Be careful with URL parameters" [3073-3981] -->
<h3><a name="encoded_characters" id="encoded_characters">Encoded characters</a></h3>
<div class="level3">
@ -220,7 +262,7 @@ Some characters are encoded in URLs by the browser (such as space,…). To avoid
</p>
</div>
<!-- SECTION "Encoded characters" [3779-4032] -->
<!-- SECTION "Encoded characters" [3982-4235] -->
<h2><a name="secure_reverse-proxies" id="secure_reverse-proxies">Secure reverse-proxies</a></h2>
<div class="level2">
@ -268,7 +310,7 @@ It is recommended to secure the channel between reverse-proxies and application
</ul>
</div>
<!-- SECTION "Secure reverse-proxies" [4033-5701] -->
<!-- SECTION "Secure reverse-proxies" [4236-5904] -->
<h2><a name="configure_security_settings" id="configure_security_settings">Configure security settings</a></h2>
<div class="level2">
@ -288,4 +330,4 @@ Go in Manager, <code>General parameters</code> » <code>Advanced parameters</cod
</ul>
</div>
<!-- SECTION "Configure security settings" [5702-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Configure security settings" [5905-] --></div><!-- closes <div class="dokuwiki export">-->

25
modules/lemonldap-ng-manager/example/skins/default/js/manager.js
Unescape View File

@ -45,13 +45,34 @@ var helpCh={
'portal':'/pages/documentation/latest/ssocookie.html#portal_url',
'portalcustom':'/pages/documentation/latest/portalcustom.html',
'portalParams':'/pages/documentation/latest/portal.html',
'post':'/pages/documentation/latest/formreplay.html',
'redirections':'/pages/documentation/latest/redirections.html',
'rules':'/pages/documentation/latest/writingrulesand_headers.html#rules',
'samlIDP':'/pages/documentation/latest/authsaml.html#register_partner_identity_provider_on_lemonldapng',
'samlIDPExportedAttributes':'/pages/documentation/latest/authsaml.html#exported_attributes',
'samlIDPMetaDataXML':'/pages/documentation/latest/authsaml.html#metadata',
'samlIDPOptions':'/pages/documentation/latest/authsaml.html#options',
'samlService':'/pages/documentation/latest/samlservice.html',
'samlServiceAA':'/pages/documentation/latest/samlservice.html#attribute_authority',
'samlServiceAdvanced':'/pages/documentation/latest/samlservice.html#advanced',
'samlServiceAuthnContexts':'/pages/documentation/latest/samlservice.html#authentication_contexts',
'samlServiceEntityID':'/pages/documentation/latest/samlservice.html#entry_identifier',
'samlServiceIDP':'/pages/documentation/latest/samlservice.html#identity_provider',
'samlServiceNameIDFormats':'/pages/documentation/latest/samlservice.html#nameid_formats',
'samlServiceOrganization':'/pages/documentation/latest/samlservice.html#organization',
'samlServiceSecurity':'/pages/documentation/latest/samlservice.html#security_parameters',
'samlServiceSP':'/pages/documentation/latest/samlservice.html#service_provider',
'samlSP':'/pages/documentation/latest/idpsaml.html#register_partner_service_provider_on_lemonldapng',
'samlSPExportedAttributes':'/pages/documentation/latest/idpsaml.html#exported_attributes',
'samlSPMetaDataXML':'/pages/documentation/latest/idpsaml.html#metadata',
'samlSPOptions':'/pages/documentation/latest/idpsaml.html#options',
'security':'/pages/documentation/latest/security.html#configure_security_settings',
'sessions':'/pages/documentation/latest/sessions.html',
'sessionsdb':'/pages/documentation/latest/start.html#sessions_database',
'sympa':'/pages/documentation/latest/applications/sympa.html',
'userdbParams':'/pages/documentation/latest/start.html#authentication_and_users_database',
'vhostOptions':'/pages/documentation/latest/configvhost.html#options',
'virtualHosts':'/pages/documentation/latest/configvhost.html',
'zimbra':'/pages/documentation/latest/applications/zimbra.html',
};
@ -1442,7 +1463,11 @@ function networkPb(){
var lasthelp='';
function loadHelp(ch){
var url;
// Keep actual page if no help chapter
if(!ch){return;}
// Display default help if help chapter not defined
if(typeof(helpCh[ch])!='string'){ch='default';}
// Display new help only if not the last help
if(ch!=lasthelp){
url='/doc'+helpCh[ch];
var html = '<iframe src="'+url+'" frameborder="0" />';

76
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
Unescape View File

@ -45,11 +45,13 @@ sub cstruct {
post => {
_nodes => ["post:/post/$k2:post:post"],
_js => 'postRoot',
_help => 'post',
},
vhostOptions => {
_nodes => [qw(vhostPort vhostHttps)],
vhostPort => "int:/vhostOptions/$k2/vhostPort",
vhostHttps => "trool:/vhostOptions/$k2/vhostHttps",
_help => 'vhostOptions',
},
}
}
@ -63,19 +65,24 @@ sub cstruct {
_nodes => [
qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions)
],
samlIDPMetaDataExportedAttributes => {
_nodes => [
"hash:/samlIDPMetaDataExportedAttributes/$k2"
. ":samlIDPMetaDataExportedAttributes:samlAttribute"
],
_js => 'samlAttributeRoot'
_js => 'samlAttributeRoot',
_help => 'samlIDPExportedAttributes',
},
samlIDPMetaDataXML => "samlmetadata:/samlIDPMetaDataXML/$k2"
. ":samlIDPMetaDataXML:filearea",
samlIDPMetaDataOptions => {
_nodes => [
qw(samlIDPMetaDataOptionsResolutionRule samlIDPMetaDataOptionsAuthnRequest samlIDPMetaDataOptionsSession samlIDPMetaDataOptionsSignature samlIDPMetaDataOptionsBinding samlIDPMetaDataOptionsSecurity)
],
_help => 'samlIDPOptions',
samlIDPMetaDataOptionsResolutionRule =>
"textarea:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsResolutionRule",
@ -87,7 +94,7 @@ sub cstruct {
samlIDPMetaDataOptionsNameIDFormat =>
"text:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsNameIDFormat"
. ":default:nameIdFormatParams",
. ":samlIDPOptions:nameIdFormatParams",
samlIDPMetaDataOptionsForceAuthn =>
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsForceAuthn",
samlIDPMetaDataOptionsIsPassive =>
@ -98,8 +105,7 @@ sub cstruct {
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsAllowLoginFromIDP",
samlIDPMetaDataOptionsRequestedAuthnContext =>
"text:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsRequestedAuthnContext"
. ":default:authnContextParams",
. ":samlIDPOptions:authnContextParams",
},
samlIDPMetaDataOptionsSession => {
@ -137,10 +143,10 @@ sub cstruct {
samlIDPMetaDataOptionsSSOBinding =>
"text:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsSSOBinding"
. ":default:bindingParams",
. ":samlIDPOptions:bindingParams",
samlIDPMetaDataOptionsSLOBinding =>
"text:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsSLOBinding"
. ":default:bindingParams",
. ":samlIDPOptions:bindingParams",
},
@ -150,7 +156,7 @@ sub cstruct {
],
samlIDPMetaDataOptionsEncryptionMode =>
"text:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsEncryptionMode:default:encryptionModeParams",
"text:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsEncryptionMode:samlIDPOptions:encryptionModeParams",
samlIDPMetaDataOptionsCheckConditions =>
"bool:/samlIDPMetaDataOptions/$k2/samlIDPMetaDataOptionsCheckConditions",
@ -169,19 +175,24 @@ sub cstruct {
_nodes => [
qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions)
],
samlSPMetaDataExportedAttributes => {
_nodes => [
"hash:/samlSPMetaDataExportedAttributes/$k2"
. ":samlSPMetaDataExportedAttributes:samlAttribute"
],
_js => 'samlAttributeRoot'
_js => 'samlAttributeRoot',
_help => 'samlSPExportedAttributes',
},
samlSPMetaDataXML => "samlmetadata:/samlSPMetaDataXML/$k2"
. ":samlSPMetaDataXML:filearea",
samlSPMetaDataOptions => {
_nodes => [
qw(samlSPMetaDataOptionsAuthnResponse samlSPMetaDataOptionsSignature samlSPMetaDataOptionsSecurity)
],
_help => 'samlSPOptions',
samlSPMetaDataOptionsAuthnResponse => {
_nodes => [
@ -190,7 +201,7 @@ sub cstruct {
samlSPMetaDataOptionsNameIDFormat =>
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDFormat"
. ":default:nameIdFormatParams",
. ":samlSPOptions:nameIdFormatParams",
samlSPMetaDataOptionsOneTimeUse =>
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsOneTimeUse",
},
@ -214,7 +225,7 @@ sub cstruct {
_nodes => [qw(samlSPMetaDataOptionsEncryptionMode)],
samlSPMetaDataOptionsEncryptionMode =>
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsEncryptionMode:default:encryptionModeParams",
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsEncryptionMode:samlSPOptions:encryptionModeParams",
},
},
}
@ -856,7 +867,7 @@ sub struct {
'nhash:/samlIDPMetaDataExportedAttributes:samlIDPMetaDataNode:samlIdpMetaData'
],
_upload => [ '/samlIDPMetaDataXML', '/samlIDPMetaDataOptions' ],
_help => 'default',
_help => 'samlIDP',
_js => 'samlIdpRoot',
},
@ -865,7 +876,7 @@ sub struct {
'nhash:/samlSPMetaDataExportedAttributes:samlSPMetaDataNode:samlSpMetaData'
],
_upload => [ '/samlSPMetaDataXML', '/samlSPMetaDataOptions' ],
_help => 'default',
_help => 'samlSP',
_js => 'samlSpRoot',
},
@ -881,29 +892,28 @@ sub struct {
n:samlAttributeAuthorityDescriptor
n:samlAdvanced)
],
_help => 'default',
_help => 'samlService',
# GLOBAL INFORMATIONS
samlEntityID => 'text:/samlEntityID',
samlEntityID => 'text:/samlEntityID:samlServiceEntityID:text',
# SECURITY NODE
samlServiceSecurity => {
_nodes =>
[qw(n:samlServiceSecuritySig n:samlServiceSecurityEnc)],
_help => 'default',
_help => 'samlServiceSecurity',
samlServiceSecuritySig => {
_nodes => [
qw(samlServicePrivateKeySig
samlServicePrivateKeySigPwd
samlServicePublicKeySig)
],
_help => 'default',
samlServicePrivateKeySig =>
'filearea:/samlServicePrivateKeySig:samlServicePrivateKeySig:filearea',
'filearea:/samlServicePrivateKeySig',
samlServicePrivateKeySigPwd =>
'text:/samlServicePrivateKeySigPwd',
samlServicePublicKeySig =>
'filearea:/samlServicePublicKeySig:samlServicePublicKeySig:filearea',
'filearea:/samlServicePublicKeySig',
},
samlServiceSecurityEnc => {
_nodes => [
@ -911,13 +921,12 @@ sub struct {
samlServicePrivateKeyEncPwd
samlServicePublicKeyEnc)
],
_help => 'default',
samlServicePrivateKeyEnc =>
'filearea:/samlServicePrivateKeyEnc:samlServicePrivateKeyEnc:filearea',
'filearea:/samlServicePrivateKeyEnc',
samlServicePrivateKeyEncPwd =>
'text:/samlServicePrivateKeyEncPwd',
samlServicePublicKeyEnc =>
'filearea:/samlServicePublicKeyEnc:samlServicePublicKeyEnc:filearea',
'filearea:/samlServicePublicKeyEnc',
},
},
@ -926,7 +935,7 @@ sub struct {
_nodes => [
qw(samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos)
],
_help => 'default',
_help => 'samlServiceNameIDFormats',
samlNameIDFormatMapEmail => 'text:/samlNameIDFormatMapEmail',
samlNameIDFormatMapX509 => 'text:/samlNameIDFormatMapX509',
samlNameIDFormatMapWindows =>
@ -940,7 +949,7 @@ sub struct {
_nodes => [
qw(samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos)
],
_help => 'default',
_help => 'samlServiceAuthnContexts',
samlAuthnContextMapPassword =>
'int:/samlAuthnContextMapPassword',
samlAuthnContextMapPasswordProtectedTransport =>
@ -958,7 +967,7 @@ sub struct {
samlOrganizationName
samlOrganizationURL)
],
_help => 'default',
_help => 'samlServiceOrganization',
samlOrganizationDisplayName =>
'text:/samlOrganizationDisplayName',
samlOrganizationURL => 'text:/samlOrganizationURL',
@ -975,7 +984,7 @@ sub struct {
n:samlSPSSODescriptorArtifactResolutionService
)
],
_help => 'default',
_help => 'samlServiceSP',
samlSPSSODescriptorAuthnRequestsSigned =>
'bool:/samlSPSSODescriptorAuthnRequestsSigned',
@ -988,7 +997,6 @@ sub struct {
samlSPSSODescriptorSingleLogoutServiceHTTPPost
samlSPSSODescriptorSingleLogoutServiceSOAP)
],
_help => 'default',
samlSPSSODescriptorSingleLogoutServiceHTTPRedirect =>
'samlService:/samlSPSSODescriptorSingleLogoutServiceHTTPRedirect',
samlSPSSODescriptorSingleLogoutServiceHTTPPost =>
@ -1002,7 +1010,6 @@ sub struct {
qw(samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact
samlSPSSODescriptorAssertionConsumerServiceHTTPPost)
],
_help => 'default',
samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact =>
'samlAssertion:/samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact',
samlSPSSODescriptorAssertionConsumerServiceHTTPPost =>
@ -1013,7 +1020,6 @@ sub struct {
_nodes => [
qw(samlSPSSODescriptorArtifactResolutionServiceArtifact)
],
_help => 'default',
samlSPSSODescriptorArtifactResolutionServiceArtifact =>
'samlAssertion:/samlSPSSODescriptorArtifactResolutionServiceArtifact',
},
@ -1027,7 +1033,7 @@ sub struct {
n:samlIDPSSODescriptorSingleLogoutService
n:samlIDPSSODescriptorArtifactResolutionService)
],
_help => 'default',
_help => 'samlServiceIDP',
samlIDPSSODescriptorWantAuthnRequestsSigned =>
'bool:/samlIDPSSODescriptorWantAuthnRequestsSigned',
@ -1039,7 +1045,6 @@ sub struct {
samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact
samlIDPSSODescriptorSingleSignOnServiceSOAP)
],
_help => 'default',
samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect =>
'samlService:/samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect',
samlIDPSSODescriptorSingleSignOnServiceHTTPPost =>
@ -1056,7 +1061,6 @@ sub struct {
samlIDPSSODescriptorSingleLogoutServiceHTTPPost
samlIDPSSODescriptorSingleLogoutServiceSOAP)
],
_help => 'default',
samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect =>
'samlService:/samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect',
samlIDPSSODescriptorSingleLogoutServiceHTTPPost =>
@ -1069,7 +1073,6 @@ sub struct {
_nodes => [
qw(samlIDPSSODescriptorArtifactResolutionServiceArtifact)
],
_help => 'default',
samlIDPSSODescriptorArtifactResolutionServiceArtifact =>
'samlAssertion:/samlIDPSSODescriptorArtifactResolutionServiceArtifact',
},
@ -1080,7 +1083,8 @@ sub struct {
samlAttributeAuthorityDescriptor => {
_nodes =>
[qw(n:samlAttributeAuthorityDescriptorAttributeService)],
_help => 'default',
_help => 'samlServiceAA',
samlAttributeAuthorityDescriptorAttributeService => {
_nodes => [
qw(samlAttributeAuthorityDescriptorAttributeServiceSOAP)
@ -1095,14 +1099,16 @@ sub struct {
_nodes => [
qw(samlIdPResolveCookie samlMetadataForceUTF8 samlStorage cn:samlStorageOptions n:samlCommonDomainCookie)
],
_help => 'samlServiceAdvanced',
samlIdPResolveCookie => 'text:/samlIdPResolveCookie',
samlMetadataForceUTF8 => 'bool:/samlMetadataForceUTF8',
samlStorage => 'text:/samlStorage',
samlStorageOptions => {
_nodes => ['hash:/samlStorageOptions:default:btext'],
_nodes =>
['hash:/samlStorageOptions:samlServiceAdvanced:btext'],
_js => 'hashRoot',
_help => 'default',
_help => 'samlServiceAdvanced',
},
samlCommonDomainCookie => {
_nodes => [

Write Preview
Loading…
Cancel
Save