diff --git a/_example/etc/handler-nginx.conf b/_example/etc/handler-nginx.conf
index ed77da070..5e8a4e985 100644
--- a/_example/etc/handler-nginx.conf
+++ b/_example/etc/handler-nginx.conf
@@ -32,7 +32,7 @@ server {
   #real_ip_header    X-Forwarded-For;
 
   location = /reload {
-    allow 127.0.0.1/8;
+    allow 127.0.0.0/8;
     allow ::1/128;
     deny all;
 
diff --git a/doc/sources/admin/adaptativeauthenticationlevel.rst b/doc/sources/admin/adaptativeauthenticationlevel.rst
new file mode 100644
index 000000000..584d593fe
--- /dev/null
+++ b/doc/sources/admin/adaptativeauthenticationlevel.rst
@@ -0,0 +1,46 @@
+Adaptative Authentication Level
+===============================
+
+Presentation
+------------
+
+A user obtain an authentication level depending on which authentication
+module was used, and eventually which second factor module.
+
+This plugin allows to adapt this authentication level depending on
+other conditions, like network, device, etc.
+
+Sample use case: a strategic application is configured to require an
+authentication level of 5. Users obtain level 2 with their login/password
+and level 5 using a TOTP second factor. You can trust users form internal
+network by incrementing their authentication level based on their IP address,
+they would then not be forced to use 2FA to access the strategic application.
+
+.. tip::
+
+    This use case works if you enable the *Use 2FA for session upgrade* option.
+
+Configuration
+-------------
+
+This plugin is enabled when at least one rule is defind.
+
+To configure rules, go in ``General Parameters`` > ``Plugins`` >
+``Adapative Authentication Level``.
+
+You can then create rules with these fields:
+
+-  **Rule**: The condition that will be evaluated. If this condition
+   does not return true, then the level is not changed.
+-  **Value**: How change the authentication level. First character is
+   ``+``, ``-`` or ``=``, the second part is the number to add, remove 
+   or set.
+
+
+.. tip::
+
+    By example, to add 3 to authentication level for users from 192.168.0.0/24 network:
+    
+    - Rule: ``$env->{REMOTE_ADDR} =~ /^192\.168\./``
+    - Value: ``+3``
+
diff --git a/doc/sources/admin/applications/jitsimeet.rst b/doc/sources/admin/applications/jitsimeet.rst
index 067299a7e..7b24221ca 100644
--- a/doc/sources/admin/applications/jitsimeet.rst
+++ b/doc/sources/admin/applications/jitsimeet.rst
@@ -95,6 +95,20 @@ configuration file:
        proxy_pass http://127.0.0.1:8888/login;
    }
 
+
+.. warning::
+
+    Thoses 2 blocks should be append BEFORE the following block::
+
+      #Anything that didn't match above, and isn't a real file,
+      #assume it's a room name and redirect to /
+      location ~ ^/([^/?&:'"]+)/(.*)$ {
+         set $subdomain "$1.";
+         set $subdir "$1/";
+         rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
+      }
+
+
 Jitsi Meet Virtual host in Manager
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
diff --git a/doc/sources/admin/authsaml.rst b/doc/sources/admin/authsaml.rst
index 68374ffd2..3e780cbc1 100644
--- a/doc/sources/admin/authsaml.rst
+++ b/doc/sources/admin/authsaml.rst
@@ -175,6 +175,7 @@ Signature
 These options override service signature options (see
 :ref:`SAML service configuration<samlservice-general-options>`).
 
+-  **Signature method**: signature method for requests sent to this provider
 -  **Sign SSO message**: sign SSO message
 -  **Check SSO message signature**: check SSO message signature
 -  **Sign SLO message**: sign SLO message
diff --git a/doc/sources/admin/behindproxyminihowto.rst b/doc/sources/admin/behindproxyminihowto.rst
index 45b12683d..42120237b 100644
--- a/doc/sources/admin/behindproxyminihowto.rst
+++ b/doc/sources/admin/behindproxyminihowto.rst
@@ -6,6 +6,9 @@ Your network infrastructure might require that LemonLDAP::NG components
 
 |image0|
 
+Transmitting the correct IP address to the portal
+-------------------------------------------------
+
 In this case, LemonLDAP::NG components will store the ip address of the
 connection between the reverse proxy and the webserver in the session,
 and in logs. This prevents features such as session restrictions and
@@ -19,7 +22,7 @@ to forward the original IP address all the way to LemonLDAP::NG.
 In order to do this you have several options.
 
 HTTP Header
------------
+~~~~~~~~~~~
 
 This generic method is the most likely to work in your particular
 environment.
@@ -68,7 +71,7 @@ uncomment the relevant parts of the configuration file.
     module documentation carefully.
 
 PROXY Protocol
---------------
+~~~~~~~~~~~~~~
 
 Alternatively, if your proxy supports the PROXY protocol (Nginx,
 HAProxy, Amazon ELB), you may use it to carry over the information
@@ -86,6 +89,41 @@ Portal/Manager/Handler:
    # or
    # listen 443 ssl proxy_protocol;
 
+   set_real_ip_from  127.0.0.1;
+   real_ip_header    proxy_protocol;
+
 .. |image0| image:: /documentation/reverseproxy.png
    :class: align-center
 
+
+Fixing handler redirections
+---------------------------
+
+If your handler server runs behind a reverse proxy, it may have trouble figuring
+out the right URL to redirect you to after logging in.
+
+In this case, you can force a particular port and scheme in the Virtual Host's
+Options.
+
+But is instead you want this scheme to be auto-detected by LemonLDAP (in order to have a
+same VHost domain available over multiple schemes), you can also use the following
+declarations in the handler's virtual host to force LemonLDAP to use the correct port
+and scheme
+
+Nginx
+~~~~~
+
+::
+
+   fastcgi_param SERVER_PORT 443
+   fastcgi_param HTTPS On
+
+Apache
+~~~~~~
+
+.. versionadded: 2.0.10
+
+::
+
+   PerlSetEnv SERVER_PORT 443
+   PerlSetEnv HTTPS On
diff --git a/doc/sources/admin/confignginx.rst b/doc/sources/admin/confignginx.rst
index 066d3f5f7..a206b82e4 100644
--- a/doc/sources/admin/confignginx.rst
+++ b/doc/sources/admin/confignginx.rst
@@ -27,7 +27,7 @@ Red Hat/CentOS
 
 ::
 
-   yum install lemonldap-ng-fastcgi-server
+   yum install lemonldap-ng-nginx lemonldap-ng-fastcgi-server
 
 Enable and start the service :
 
@@ -40,25 +40,25 @@ Files
 -----
 
 With tarball installation, Nginx configuration files will be installed
-in ``/usr/local/lemonldap-ng/etc/``, else they are in
-``/etc/lemonldap-ng``.
-
-You have to include them in Nginx main configuration.
+in ``/usr/local/lemonldap-ng/etc/``, else they are directly in web server
+configuration.
 
 .. _debianubuntu-1:
 
 Debian/Ubuntu
 ~~~~~~~~~~~~~
 
-Link files into ``sites-available`` directory (should already have been
-done if you used packages):
+-  Install log format *(automatically loaded when linked in this place)*
 
 ::
 
-   ln -s /etc/lemonldap-ng/handler-nginx.conf /etc/nginx/sites-available/
-   ln -s /etc/lemonldap-ng/manager-nginx.conf /etc/nginx/sites-available/
-   ln -s /etc/lemonldap-ng/portal-nginx.conf /etc/nginx/sites-available/
-   ln -s /etc/lemonldap-ng/test-nginx.conf /etc/nginx/sites-available/
+   ln -s /etc/lemonldap-ng/nginx-lmlog.conf /etc/nginx/conf.d/llng-lmlog.conf
+
+-  Install snippet for vhost configuration files:
+
+::
+
+   ln -s /etc/lemonldap-ng/nginx-lua-headers.conf /etc/nginx/snippets/llng-lua-headers.conf
 
 -  Enable sites:
 
@@ -68,18 +68,3 @@ done if you used packages):
    ln -s /etc/nginx/sites-available/manager-nginx.conf /etc/nginx/sites-enabled/
    ln -s /etc/nginx/sites-available/portal-nginx.conf /etc/nginx/sites-enabled/
    ln -s /etc/nginx/sites-available/test-nginx.conf /etc/nginx/sites-enabled/
-
-.. _red-hatcentos-1:
-
-Red Hat/CentOS
-~~~~~~~~~~~~~~
-
-Link files directly in ``conf.d`` directory:
-
-::
-
-   ln -s /etc/lemonldap-ng/handler-nginx.conf /etc/nginx/conf.d/
-   ln -s /etc/lemonldap-ng/manager-nginx.conf /etc/nginx/conf.d/
-   ln -s /etc/lemonldap-ng/portal-nginx.conf /etc/nginx/conf.d/
-   ln -s /etc/lemonldap-ng/test-nginx.conf /etc/nginx/conf.d/
-
diff --git a/doc/sources/admin/configvhost.rst b/doc/sources/admin/configvhost.rst
index de8e0201a..8c03c87d3 100644
--- a/doc/sources/admin/configvhost.rst
+++ b/doc/sources/admin/configvhost.rst
@@ -261,7 +261,7 @@ Example of a protected virtual host for a local application:
 Reverse proxy
 ~~~~~~~~~~~~~
 
-\* Example of a protected reverse-proxy:
+- Example of a protected reverse-proxy:
 
 .. code-block:: nginx
 
@@ -300,7 +300,7 @@ Reverse proxy
        # PASSING HEADERS TO APPLICATION #
        ##################################
        # IF LUA IS SUPPORTED
-       #include /path/to/nginx-lua-headers.conf
+       #include /path/to/nginx-lua-headers.conf;
 
        # ELSE
        # Set manually your headers
@@ -309,8 +309,16 @@ Reverse proxy
      }
    }
 
-\* Example of a Nginx Virtual Host using uWSGI with many URIs protected
-by different types of handler :
+If /etc/nginx/proxy_params file does not exist, you can create it with this content:
+
+.. code-block:: nginx
+
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+- Example of a Nginx Virtual Host using uWSGI with many URIs protected by different types of handler:
 
 .. code-block:: nginx
 
diff --git a/doc/sources/admin/contextswitching.rst b/doc/sources/admin/contextswitching.rst
index abeb819c3..3c92b39db 100644
--- a/doc/sources/admin/contextswitching.rst
+++ b/doc/sources/admin/contextswitching.rst
@@ -15,7 +15,8 @@ can be forbidden to assume.
 
 -  **Parameters**:
 
-   -  **Use rule**: Select which users may use this plugin
+   -  **Use rule**: Rule to enable or define which users may use this plugin
+      (By example: $uid eq 'dwho' && $authenticationLevel > 2).
    -  **Identities use rule**: Rule to define which identities can be
       assumed. Useful to prevent impersonation of certain sensitive
       identities like CEO, administrators or anonymous/protected users.
@@ -30,7 +31,7 @@ can be forbidden to assume.
     During context switching authentication process, all
     plugins are disabled. In other words, all entry points like afterData,
     endAuth and so on are skipped. Therefore, second factors or
-    notifications by example will not be prompted!
+    notifications by example will not be prompted and login history is not updated!
 
 
 .. attention::
@@ -39,6 +40,11 @@ can be forbidden to assume.
     backend. You can not switch context with federated authentication.
 
 
+.. attention::
+
+    Used identity, start and end of switching context process are logged!
+
+
 contextSwitchingPrefix is used to store real user's session Id. You can
 set this prefix ('switching' by default) by editing ``lemonldap-ng.ini``
 in [portal] section:
diff --git a/doc/sources/admin/idpsaml.rst b/doc/sources/admin/idpsaml.rst
index d3db06b7d..dbcd88079 100644
--- a/doc/sources/admin/idpsaml.rst
+++ b/doc/sources/admin/idpsaml.rst
@@ -154,6 +154,7 @@ Signature
 These options override service signature options (see
 :ref:`SAML service configuration<samlservice-general-options>`).
 
+-  **Signature method**: signature method for messages sent to this service
 -  **Sign SSO message**: sign SSO message
 -  **Check SSO message signature**: check SSO message signature
 -  **Sign SLO message**: sign SLO message
diff --git a/doc/sources/admin/index_plugins.rst b/doc/sources/admin/index_plugins.rst
index e649f1d6a..773db006d 100644
--- a/doc/sources/admin/index_plugins.rst
+++ b/doc/sources/admin/index_plugins.rst
@@ -4,6 +4,7 @@ Plugins
 .. toctree::
    :maxdepth: 1
 
+   adaptativeauthenticationlevel
    autosignin
    bruteforceprotection
    cda
diff --git a/doc/sources/admin/logs.rst b/doc/sources/admin/logs.rst
index fe79c8052..a0d504ca4 100644
--- a/doc/sources/admin/logs.rst
+++ b/doc/sources/admin/logs.rst
@@ -6,8 +6,8 @@ Presentation
 
 Main settings:
 
--  **REMOTE_USER** : session attribute used for logging user access.
--  **REMOTE_CUSTOM** : can be used for logging a second user attribute
+-  **REMOTE_USER** : session attribute used for logging user access
+-  **REMOTE_CUSTOM** : can be used for logging an another user attribute or a macro
    (optional)
 -  **Hidden attributes** : session attributes never displayed or sent
 
diff --git a/doc/sources/admin/radius2f-inwebo.rst b/doc/sources/admin/radius2f-inwebo.rst
new file mode 100644
index 000000000..8abcb8629
--- /dev/null
+++ b/doc/sources/admin/radius2f-inwebo.rst
@@ -0,0 +1,27 @@
+InWebo Second Factor
+====================
+
+`InWebo <https://www.inwebo.com/>`_ is a proprietary MFA solution.
+You can use is as second factor trough :doc:`Radius 2FA module<radius2f>`.
+
+Configuration
+~~~~~~~~~~~~~
+
+On InWebo side :
+
+- Create a connector of type ``Radius Push``.
+- Fill in the “IP Address” field with the IP of the public interface of your LL::NG server.
+- Enter a secret, that you will also configure on LL::NG side.
+
+See `InWebo Radius documentation <https://inwebo.atlassian.net/wiki/spaces/DOCS/pages/2216886275/RADIUS+integration+and+redundancy>`_ for more details.
+
+On LL::NG side, go in "General Parameters » Second factors »
+Radius second factor".
+
+-  **Activation**: Set to ``On`` to activate this module, or use a
+   specific rule to select which users may use this type of second
+   factor
+-  **Server hostname**: The hostname of InWebo Radius server (for example `radius2.myinwebo.com`)
+-  **Shared secret**: The secret key declared on InWebo side
+
+See :doc:`Radius 2FA module<radius2f>` for more details.
diff --git a/doc/sources/admin/radius2f.rst b/doc/sources/admin/radius2f.rst
index 4d1ed0cfc..572139ab1 100644
--- a/doc/sources/admin/radius2f.rst
+++ b/doc/sources/admin/radius2f.rst
@@ -63,3 +63,13 @@ Mail second factor".
 -  **Logo** (Optional): logo file *(in static/<skin> directory)*
 -  **Label** (Optional): label that should be displayed to the user on
    the choice screen
+
+Vendor specific
+~~~~~~~~~~~~~~~
+
+Some configuration examples for specific vendors:
+
+.. toctree::
+   :maxdepth: 1
+
+   radius2f-inwebo
diff --git a/doc/sources/admin/samlservice.rst b/doc/sources/admin/samlservice.rst
index 29eee3d6c..9ca56ccf6 100644
--- a/doc/sources/admin/samlservice.rst
+++ b/doc/sources/admin/samlservice.rst
@@ -121,8 +121,12 @@ encryption.
 To define keys, you can:
 
 -  import your own private and public keys (``Replace by file`` input)
--  generate new public and private keys (``New keys`` button)
+-  generate new public and private keys (``New certificate`` button)
 
+.. versionchanged:: 2.0.10
+
+   A X.509 certificate is now generated instead of a plain public key. It has
+   20 years of validity, and is self signed with the 2048bit RSA key.
 
 .. tip::
 
@@ -132,34 +136,35 @@ To define keys, you can:
 
 |image1|
 
-You can import a certificate containing the public key instead the raw
-public key. However, certificate will not be really validated by other
-SAML components (expiration date, common name, etc.), but will just be a
-public key wrapper.
 
 
-.. tip::
+-  **Use certificate in response**: Certificate will be sent inside SAML
+   responses.
+-  **Signature method**: set the signature algorithm
 
-    You can easily generate a certificate to replace your public
-    key by saving the private key in a file, and use ``openssl`` commands to
-    issue a self-signed certificate:
+.. versionchanged:: 2.0.10
 
-    ::
+   The signature method can now be overriden for a SP or IDP. This will only work
+   if you are using a certificate for signature instead of a public key.
 
-       $ openssl req -new -key private.key -out cert.pem -x509 -days 3650
 
+.. attention::
+
+   If you are running a version under 2.0.10, the choice of a signature
+   algorithm will affect all SP and IDP.
 
+Converting a RSA public key to a certificate
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
--  **Use certificate in response**: Certificate will be sent inside SAML
-   responses.
--  **Signature method**: set the signature algorithm
+If your application complains about the lack of certificate in SAML Metadatas, and you generated a public RSA key instead of a certificate in a previous version of LemonLDAP::NG, you can convert the public key into a certificate without changing the private key.
 
+Save the private key in a file, and use the ``openssl`` commands to
+issue a self-signed certificate:
 
-.. attention::
+    ::
+
+       $ openssl req -new -key private.key -out cert.pem -x509 -days 3650
 
-    Default value is RSA SHA1 for compatibility purpose but
-    we recommend to use RSA SHA256. This requires to test all partners to
-    check their compatibility.
 
 NameID formats
 ~~~~~~~~~~~~~~
diff --git a/fastcgi-server/psgi/llngapp.psgi b/fastcgi-server/psgi/llngapp.psgi
index ba3421a12..8e7009c50 100644
--- a/fastcgi-server/psgi/llngapp.psgi
+++ b/fastcgi-server/psgi/llngapp.psgi
@@ -1,6 +1,6 @@
 # Plack app to use with Nginx
 #
-# This app can remplace FastCGI server using Starman, Twiggy, uWSGI-Plugin-PSGI,
+# This app can replace FastCGI server using Starman, Twiggy, uWSGI-Plugin-PSGI,
 # Feersum,...
 
 my %builder = (
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
index 51914e5f7..1ee91ae74 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
@@ -29,8 +29,8 @@ use constant DEFAULTCONFBACKEND => "File";
 use constant DEFAULTCONFBACKENDOPTIONS => (
     dirName => '/usr/local/lemonldap-ng/data/conf',
 );
-our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
-our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:Allow(?:PasswordGrant|Offline)|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|o(?:ntextSwitchingStopWithLogout|mpactConf|rsEnabled)|heck(?:State|User|XSS)|da)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|d(?:isablePersistentStorage|biDynamicHashEnabled)|g(?:roupsBeforeMacros|lobalLogoutTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs))$/;
+our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
+our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:Allow(?:PasswordGrant|Offline)|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|c(?:o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:State|User|XSS)|da)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|d(?:isablePersistentStorage|biDynamicHashEnabled)|g(?:roupsBeforeMacros|lobalLogoutTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs))$/;
 
 our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
 
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index 30f982433..28eb3387f 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -312,7 +312,7 @@ sub defaultValues {
         'samlOrganizationURL'        => 'http://www.example.com',
         'samlOverrideIDPEntityID'    => '',
         'samlRelayStateTimeout'      => 600,
-        'samlServiceSignatureMethod' => 'RSA_SHA1',
+        'samlServiceSignatureMethod' => 'RSA_SHA256',
         'samlSPSSODescriptorArtifactResolutionServiceArtifact' =>
 '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
         'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' =>
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
index 526a36db2..af3d21e7b 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
@@ -22,14 +22,14 @@ our $specialNodeHash = {
 };
 
 our $doubleHashKeys = 'issuerDBGetParameters';
-our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|ombModule)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|S(?:MTPTLSOpts|SLVarIf))';
+our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|ombModule)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))';
 our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s';
 our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:(?:UserAttribut|Servic|Rul)e|AuthnLevel)|(?:ExportedVar|Macro)s)';
 our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)';
 our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
 our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:uth(?:orizationCodeExpiration|nLevel)|llow(?:PasswordGrant|Offline)|ccessTokenExpiration|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|(?:ExportedVar|Macro)s)';
-our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
-our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|AuthnLevel|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)';
+our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ign(?:S[LS]OMessage|atureMethod)|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
+our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:S(?:ign(?:S[LS]OMessage|atureMethod)|essionNotOnOrAfterTimeout)|N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|AuthnLevel|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)';
 our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|Https|Port)|(?:exportedHeader|locationRule)s|post)';
 
 our $authParameters = {
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
index 8d7e3cba3..496d4dba1 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
@@ -25,7 +25,7 @@ sub new {
         QUERY_STRING      => $args,
         REQUEST_URI       => $uri_full,
         PATH_INFO         => '',
-        SERVER_PORT       => $r->get_server_port,
+        SERVER_PORT       => $ENV{SERVER_PORT} || $r->get_server_port,
         REQUEST_METHOD    => $r->method,
         'psgi.version'    => [ 1, 1 ],
         'psgi.url_scheme' => ( $ENV{HTTPS} || 'off' ) =~ /^(?:on|1)$/i
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
index 3d253c248..60979357d 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
@@ -614,7 +614,7 @@ sub _getPort {
             return $class->tsv->{port}->{_};
         }
         else {
-            return $req->{env}->{SERVER_PORT};
+            return $req->port;
         }
     }
 }
@@ -638,7 +638,7 @@ sub _isHttps {
             return $class->tsv->{https}->{_};
         }
         else {
-            return ( uc( $req->{env}->{HTTPS} || "OFF" ) eq "ON" );
+            return $req->secure;
         }
     }
 }
diff --git a/lemonldap-ng-manager/MANIFEST b/lemonldap-ng-manager/MANIFEST
index 47b32dce7..d1f2ab31c 100644
--- a/lemonldap-ng-manager/MANIFEST
+++ b/lemonldap-ng-manager/MANIFEST
@@ -139,7 +139,7 @@ site/htdocs/static/forms/post.html
 site/htdocs/static/forms/postContainer.html
 site/htdocs/static/forms/README.md
 site/htdocs/static/forms/restore.html
-site/htdocs/static/forms/RSAKey.html
+site/htdocs/static/forms/RSACertKey.html
 site/htdocs/static/forms/RSAKeyNoPassword.html
 site/htdocs/static/forms/rule.html
 site/htdocs/static/forms/ruleContainer.html
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index c5e6707aa..054f4d93c 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -171,7 +171,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
         'RSAPrivateKey' => {
             'test' => sub {
                 return $_[0] =~
-m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s
+m[^(?:(?:\-+\s*BEGIN\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s
                   ? 1
                   : ( 1, '__badPemEncoding__' );
             }
@@ -263,6 +263,18 @@ sub attributes {
             'default' => 1,
             'type'    => 'bool'
         },
+        'adaptativeAuthenticationLevelRules' => {
+            'keyMsgFail' => '__badRegexp__',
+            'keyTest'    => sub {
+                eval {
+                    do {
+                        qr/$_[0]/;
+                    }
+                };
+                return $@ ? 0 : 1;
+            },
+            'type' => 'keyTextContainer'
+        },
         'ADPwdExpireWarning' => {
             'default' => 0,
             'type'    => 'int'
@@ -1026,6 +1038,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             ],
             'type' => 'select'
         },
+        'contextSwitchingAllowed2fModifications' => {
+            'default' => 0,
+            'type'    => 'bool'
+        },
         'contextSwitchingIdRule' => {
             'default' => 1,
             'test'    => sub {
@@ -3203,6 +3219,31 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => '',
             'type'    => 'longtext'
         },
+        'samlIDPMetaDataOptionsSignatureMethod' => {
+            'default' => '',
+            'select'  => [ {
+                    'k' => '',
+                    'v' => 'default'
+                },
+                {
+                    'k' => 'RSA_SHA1',
+                    'v' => 'RSA SHA1'
+                },
+                {
+                    'k' => 'RSA_SHA256',
+                    'v' => 'RSA SHA256'
+                },
+                {
+                    'k' => 'RSA_SHA384',
+                    'v' => 'RSA SHA384'
+                },
+                {
+                    'k' => 'RSA_SHA512',
+                    'v' => 'RSA SHA512'
+                }
+            ],
+            'type' => 'select'
+        },
         'samlIDPMetaDataOptionsSignSLOMessage' => {
             'default' => -1,
             'type'    => 'trool'
@@ -3394,7 +3435,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'type'    => 'RSAPublicKeyOrCertificate'
         },
         'samlServiceSignatureMethod' => {
-            'default' => 'RSA_SHA1',
+            'default' => 'RSA_SHA256',
             'select'  => [ {
                     'k' => 'RSA_SHA1',
                     'v' => 'RSA SHA1'
@@ -3402,6 +3443,14 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
                 {
                     'k' => 'RSA_SHA256',
                     'v' => 'RSA SHA256'
+                },
+                {
+                    'k' => 'RSA_SHA384',
+                    'v' => 'RSA SHA384'
+                },
+                {
+                    'k' => 'RSA_SHA512',
+                    'v' => 'RSA SHA512'
                 }
             ],
             'type' => 'select'
@@ -3539,6 +3588,31 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => 72000,
             'type'    => 'int'
         },
+        'samlSPMetaDataOptionsSignatureMethod' => {
+            'default' => '',
+            'select'  => [ {
+                    'k' => '',
+                    'v' => 'default'
+                },
+                {
+                    'k' => 'RSA_SHA1',
+                    'v' => 'RSA SHA1'
+                },
+                {
+                    'k' => 'RSA_SHA256',
+                    'v' => 'RSA SHA256'
+                },
+                {
+                    'k' => 'RSA_SHA384',
+                    'v' => 'RSA SHA384'
+                },
+                {
+                    'k' => 'RSA_SHA512',
+                    'v' => 'RSA SHA512'
+                }
+            ],
+            'type' => 'select'
+        },
         'samlSPMetaDataOptionsSignSLOMessage' => {
             'default' => -1,
             'type'    => 'trool'
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index 5b849aa77..39147bf25 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -154,7 +154,7 @@ sub types {
             test => sub {
                 return (
                     $_[0] =~
-/^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$/s
+/^(?:(?:\-+\s*BEGIN\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9\/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:(?:RSA|ENCRYPTED)\s+)?PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$/s
                     ? (1)
                     : ( 1, '__badPemEncoding__' )
                 );
@@ -594,6 +594,12 @@ sub attributes {
             documentation => 'Stop context switching by logout',
             flags         => 'p',
         },
+        contextSwitchingAllowed2fModifications => {
+            type          => 'bool',
+            default       => 0,
+            documentation => 'Allowed SFA modifications',
+            flags         => 'p',
+        },
         contextSwitchingPrefix => {
             type          => 'text',
             default       => 'switching',
@@ -2119,6 +2125,18 @@ sub attributes {
             documentation => 'List of auto signin rules',
         },
 
+	# Adaptative Authentication Level plugin
+        adaptativeAuthenticationLevelRules => {
+            type => 'keyTextContainer',
+                keyTest => sub {
+                    eval { qr/$_[0]/ };
+                    return $@ ? 0 : 1;
+                },
+                keyMsgFail => '__badRegexp__',
+            documentation => 'Adaptative authentication level rules',
+            flags         => 'p',
+        },
+
         ## Virtualhosts
 
         # Fake attribute: used by manager REST API to agglomerate all other
@@ -2490,8 +2508,10 @@ sub attributes {
             select => [
                 { k => 'RSA_SHA1',   v => 'RSA SHA1' },
                 { k => 'RSA_SHA256', v => 'RSA SHA256' },
+                { k => 'RSA_SHA384', v => 'RSA SHA384' },
+                { k => 'RSA_SHA512', v => 'RSA SHA512' },
             ],
-            default => 'RSA_SHA1',
+            default => 'RSA_SHA256',
         },
         samlServiceUseCertificateInResponse => {
             type    => 'bool',
@@ -2764,6 +2784,17 @@ sub attributes {
             type    => 'trool',
             default => -1,
         },
+        samlIDPMetaDataOptionsSignatureMethod => {
+            type   => 'select',
+            select => [
+                { k => '',           v => 'default' },
+                { k => 'RSA_SHA1',   v => 'RSA SHA1' },
+                { k => 'RSA_SHA256', v => 'RSA SHA256' },
+                { k => 'RSA_SHA384', v => 'RSA SHA384' },
+                { k => 'RSA_SHA512', v => 'RSA SHA512' },
+            ],
+            default => '',
+        },
         samlIDPMetaDataOptionsCheckSLOMessageSignature => {
             type    => 'bool',
             default => 1,
@@ -2920,6 +2951,17 @@ sub attributes {
             type    => 'trool',
             default => -1,
         },
+        samlSPMetaDataOptionsSignatureMethod => {
+            type   => 'select',
+            select => [
+                { k => '',           v => 'default' },
+                { k => 'RSA_SHA1',   v => 'RSA SHA1' },
+                { k => 'RSA_SHA256', v => 'RSA SHA256' },
+                { k => 'RSA_SHA384', v => 'RSA SHA384' },
+                { k => 'RSA_SHA512', v => 'RSA SHA512' },
+            ],
+            default => '',
+        },
         samlSPMetaDataOptionsCheckSSOMessageSignature => {
             type    => 'bool',
             default => 1,
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
index 9a101d5a5..0023f9a6b 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
@@ -52,6 +52,7 @@ sub cTrees {
                 title => "samlIDPMetaDataOptionsSignature",
                 form  => 'simpleInputContainer',
                 nodes => [
+                    "samlIDPMetaDataOptionsSignatureMethod",
                     "samlIDPMetaDataOptionsSignSSOMessage",
                     "samlIDPMetaDataOptionsCheckSSOMessageSignature",
                     "samlIDPMetaDataOptionsSignSLOMessage",
@@ -122,10 +123,11 @@ sub cTrees {
                         title => "samlSPMetaDataOptionsSignature",
                         form  => 'simpleInputContainer',
                         nodes => [
+                            "samlSPMetaDataOptionsSignatureMethod",
                             "samlSPMetaDataOptionsSignSSOMessage",
                             "samlSPMetaDataOptionsCheckSSOMessageSignature",
                             "samlSPMetaDataOptionsSignSLOMessage",
-                            "samlSPMetaDataOptionsCheckSLOMessageSignature"
+                            "samlSPMetaDataOptionsCheckSLOMessageSignature",
                         ]
                     },
                     {
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
index 9ea5b3e5e..d62ef1b2b 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@@ -615,6 +615,7 @@ sub tree {
                     nodes => [
                         'stayConnected',
                         'portalStatus',
+			'adaptativeAuthenticationLevelRules',
                         'upgradeSession',
                         'refreshSessions',
                         {
@@ -792,6 +793,7 @@ sub tree {
                                 'contextSwitchingRule',
                                 'contextSwitchingIdRule',
                                 'contextSwitchingUnrestrictedUsersRule',
+                                'contextSwitchingAllowed2fModifications',
                                 'contextSwitchingStopWithLogout',
                             ]
                         },
@@ -812,7 +814,11 @@ sub tree {
                 {
                     title => 'secondFactors',
                     help  => 'secondfactor.html',
-                    nodes => [ {
+                    nodes => [
+                        'sfManagerRule',
+                        'sfRequired',
+                        'sfOnlyUpgrade',
+                        {
                             title => 'utotp2f',
                             help  => 'utotp2f.html',
                             form  => 'simpleInputContainer',
@@ -930,9 +936,6 @@ sub tree {
                                 'sfRemovedNotifMsg',
                             ],
                         },
-                        'sfOnlyUpgrade',
-                        'sfManagerRule',
-                        'sfRequired',
                     ]
                 },
                 {
@@ -1074,7 +1077,7 @@ sub tree {
                     help  => 'samlservice.html#security-parameters',
                     nodes => [ {
                             title => 'samlServiceSecuritySig',
-                            form  => 'RSAKey',
+                            form  => 'RSACertKey',
                             group => [
                                 'samlServicePrivateKeySig',
                                 'samlServicePrivateKeySigPwd',
@@ -1083,7 +1086,7 @@ sub tree {
                         },
                         {
                             title => 'samlServiceSecurityEnc',
-                            form  => 'RSAKey',
+                            form  => 'RSACertKey',
                             group => [
                                 'samlServicePrivateKeyEnc',
                                 'samlServicePrivateKeyEncPwd',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm
index 8ad2e3466..03263f5fc 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm
@@ -431,7 +431,6 @@ sub run {
     unless (@_) {
         die 'nothing to do, aborting';
     }
-    $self->cfgNum( $self->lastCfg ) unless ( $self->cfgNum );
     my $action = shift;
     unless (
         $action =~ /^(?:get|set|del|addKey|delKey|save|restore|rollback)$/ )
@@ -440,6 +439,12 @@ sub run {
 "Unknown action $action. Only get, set, del, addKey, delKey, save, restore, rollback allowed";
     }
 
+    unless ( $action eq "restore" ) {
+
+        # This step prevents restoring when config DB is empty (#2340)
+        $self->cfgNum( $self->lastCfg ) unless ( $self->cfgNum );
+    }
+
     $self->$action(@_);
 }
 
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm
index 762bb4bd0..1702fc6a8 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm
@@ -15,6 +15,7 @@ use Lemonldap::NG::Common::EmailTransport;
 use Crypt::OpenSSL::RSA;
 use Convert::PEM;
 use URI::URL;
+use Net::SSLeay;
 
 use feature 'state';
 
@@ -59,10 +60,11 @@ sub init {
       # New key and conf save
       ->addRoute(
         confs => {
-            newRSAKey    => 'newRSAKey',
-            sendTestMail => 'sendTestMail',
-            raw          => 'newRawConf',
-            '*'          => 'newConf'
+            newRSAKey      => 'newRSAKey',
+            newCertificate => 'newCertificate',
+            sendTestMail   => 'sendTestMail',
+            raw            => 'newRawConf',
+            '*'            => 'newConf'
         },
         ['POST']
       )
@@ -76,6 +78,31 @@ sub init {
     return 1;
 }
 
+# 35 - New Certificate on demand
+#      --------------------------
+
+##@method public PSGI-JSON-response newRSAKey($req)
+# Return a hashref containing private and public keys
+# The posted data must contain a JSON object containing
+# {"password":"newpassword"}
+#
+#@param $req Lemonldap::NG::Common::PSGI::Request object
+#@return PSGI JSON response
+sub newCertificate {
+    my ( $self, $req, @others ) = @_;
+    return $self->sendError( $req, 'There is no subkey for "newCertificate"',
+        400 )
+      if (@others);
+    my $query = $req->jsonBodyToObj;
+
+    my ( $private, $cert ) = $self->_generateX509( $query->{password} );
+    my $keys = {
+        'private' => $private,
+        'public'  => $cert,
+    };
+    return $self->sendJSONresponse( $req, $keys );
+}
+
 # 35 - New RSA key pair on demand
 #      --------------------------
 
@@ -90,8 +117,9 @@ sub newRSAKey {
     my ( $self, $req, @others ) = @_;
     return $self->sendError( $req, 'There is no subkey for "newRSAKey"', 400 )
       if (@others);
+    my $rsa = Crypt::OpenSSL::RSA->generate_key(2048);
+
     my $query = $req->jsonBodyToObj;
-    my $rsa   = Crypt::OpenSSL::RSA->generate_key(2048);
     my $keys  = {
         'private' => $rsa->get_private_key_string(),
         'public'  => $rsa->get_public_key_x509_string(),
@@ -121,6 +149,81 @@ sub newRSAKey {
     return $self->sendJSONresponse( $req, $keys );
 }
 
+# This function does the dirty X509 work,
+# mostly copied from IO::Socket::SSL::Utils
+# and adapter to work on old platforms (CentOS7)
+
+sub _generateX509 {
+    my ( $self, $password ) = @_;
+    Net::SSLeay::SSLeay_add_ssl_algorithms();
+    my $conf = $self->confAcc->getConf();
+
+    # Generate 2048 bits RSA key
+    my $key = Net::SSLeay::EVP_PKEY_new();
+    Net::SSLeay::EVP_PKEY_assign_RSA( $key,
+        Net::SSLeay::RSA_generate_key( 2048, 0x10001 ) );
+
+    my $cert = Net::SSLeay::X509_new();
+
+    # Serial
+    Net::SSLeay::ASN1_INTEGER_set(
+        Net::SSLeay::X509_get_serialNumber($cert),
+        rand( 2**32 ),
+    );
+
+    # Version
+    Net::SSLeay::X509_set_version( $cert, 2 );
+
+    # Make it last 20 years
+    Net::SSLeay::ASN1_TIME_set( Net::SSLeay::X509_get_notBefore($cert),
+        time() );
+    Net::SSLeay::ASN1_TIME_set( Net::SSLeay::X509_get_notAfter($cert),
+        time() + 20 * 365 * 86400 );
+
+    # set subject
+    my $portal_uri  = new URI::URL( $conf->{portal} || "http://localhost" );
+    my $portal_host = $portal_uri->host;
+    my $subj_e      = Net::SSLeay::X509_get_subject_name($cert);
+    my $subj        = { commonName => $portal_host, };
+
+    while ( my ( $k, $v ) = each %$subj ) {
+
+        # Not everything we get is nice - try with MBSTRING_UTF8 first and if it
+        # fails try V_ASN1_T61STRING and finally V_ASN1_OCTET_STRING
+        Net::SSLeay::X509_NAME_add_entry_by_txt( $subj_e, $k, 0x1000, $v, -1,
+            0 )
+          or
+          Net::SSLeay::X509_NAME_add_entry_by_txt( $subj_e, $k, 20, $v, -1, 0 )
+          or
+          Net::SSLeay::X509_NAME_add_entry_by_txt( $subj_e, $k, 4, $v, -1, 0 )
+          or croak( "failed to add entry for $k - "
+              . Net::SSLeay::ERR_error_string( Net::SSLeay::ERR_get_error() ) );
+    }
+
+    # Set to self-sign
+    Net::SSLeay::X509_set_pubkey( $cert, $key );
+    Net::SSLeay::X509_set_issuer_name( $cert,
+        Net::SSLeay::X509_get_subject_name($cert) );
+
+    # Sign with default alg
+    Net::SSLeay::X509_sign( $cert, $key, 0 );
+
+    my $strCert = Net::SSLeay::PEM_get_string_X509($cert);
+    my $strPrivate;
+    if ($password) {
+        $strPrivate = Net::SSLeay::PEM_get_string_PrivateKey( $key, $password );
+    }
+    else {
+        $strPrivate = Net::SSLeay::PEM_get_string_PrivateKey($key);
+    }
+
+    # Free OpenSSL objects
+    Net::SSLeay::X509_free($cert);
+    Net::SSLeay::EVP_PKEY_free($key);
+
+    return ( $strPrivate, $strCert );
+}
+
 #      Sending a test Email
 #      --------------------
 
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
index b2685fdc9..17207cab6 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
@@ -380,6 +380,31 @@ sub tests {
                 && $conf->{samlServicePublicKeySig} );
             return 1;
         },
+        samlSignatureOverrideNeedsCertificate => sub {
+
+            return 1 if $conf->{samlServicePublicKeySig} =~ /CERTIFICATE/;
+
+            my @offenders;
+            for my $idp ( keys %{ $conf->{samlIDPMetaDataOptions} } ) {
+                if ( $conf->{samlIDPMetaDataOptions}->{$idp}
+                    ->{samlIDPMetaDataOptionsSignatureMethod} )
+                {
+                    push @offenders, $idp;
+                }
+            }
+            for my $sp ( keys %{ $conf->{samlSPMetaDataOptions} } ) {
+                if ( $conf->{samlSPMetaDataOptions}->{$sp}
+                    ->{samlSPMetaDataOptionsSignatureMethod} )
+                {
+                    push @offenders, $sp;
+                }
+            }
+            return 1 unless @offenders;
+            return ( 0,
+                    "Cannot set non-default signature method on "
+                  . join( ", ", @offenders )
+                  . " unless SAML signature key is in certificate form" );
+        },
 
         # Try to parse combination with declared modules
         checkCombinations => sub {
@@ -811,19 +836,27 @@ sub tests {
         # Cookie SameSite=None requires Secure flag
         # Same with SameSite=(auto) and SAML issuer in use
         SameSiteNoneWithSecure => sub {
-            return ( 1, 'SameSite value = None requires the secured flag' )
+            return ( -1, 'SameSite value = None requires the secured flag' )
               if ( getSameSite($conf) eq 'None' and !$conf->{securedCookie} );
             return 1;
         },
 
         # Secure cookies require HTTPS
         SecureCookiesRequireHttps => sub {
-            return ( 1, 'Secure cookies require a HTTPS portal URL' )
+            return ( -1, 'Secure cookies require a HTTPS portal URL' )
               if (  $conf->{securedCookie} == 1
                 and $conf->{portal}
                 and $conf->{portal} !~ /^https:/ );
             return 1;
         },
+
+        # Password module requires a password backend
+        passwordModuleNeedsBackend => sub {
+            return ( -1, 'Password module is enabled without password backend' )
+              if (  $conf->{portalDisplayChangePassword}
+                and $conf->{passwordDB} eq 'Null' );
+            return 1;
+        },
     };
 }
 
diff --git a/lemonldap-ng-manager/site/coffee/manager.coffee b/lemonldap-ng-manager/site/coffee/manager.coffee
index bba62e3ea..fe9f7c79d 100644
--- a/lemonldap-ng-manager/site/coffee/manager.coffee
+++ b/lemonldap-ng-manager/site/coffee/manager.coffee
@@ -691,6 +691,19 @@ llapp.controller 'TreeCtrl', [
 				console.log('Error sending test email')
 
 		# RSA keys generation
+		$scope.newCertificate = ->
+			$scope.showModal('password.html').then ->
+				$scope.waiting = true
+				currentNode = $scope.currentNode
+				password = $scope.result
+				$http.post("#{window.confPrefix}/newCertificate", {"password": password}).then (response) ->
+					currentNode.data[0].data = response.data.private
+					currentNode.data[1].data = password
+					currentNode.data[2].data = response.data.public
+					$scope.waiting = false
+				, readError
+			, ->
+				console.log('New key cancelled')
 		$scope.newRSAKey = ->
 			$scope.showModal('password.html').then ->
 				$scope.waiting = true
diff --git a/lemonldap-ng-manager/site/htdocs/static/forms/RSAKey.html b/lemonldap-ng-manager/site/htdocs/static/forms/RSACertKey.html
similarity index 98%
rename from lemonldap-ng-manager/site/htdocs/static/forms/RSAKey.html
rename to lemonldap-ng-manager/site/htdocs/static/forms/RSACertKey.html
index 19062e62f..ba6851380 100644
--- a/lemonldap-ng-manager/site/htdocs/static/forms/RSAKey.html
+++ b/lemonldap-ng-manager/site/htdocs/static/forms/RSACertKey.html
@@ -33,7 +33,7 @@
 </div>
 <script type="text/menu">
 [{
- "title": "newRSAKey",
+ "title": "newCertificate",
  "icon": "plus-sign"
 },{
   "title": "download",
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js
index 34f75c3dc..8b8bd871f 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js
+++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js
@@ -708,6 +708,35 @@ function templates(tpl,key) {
    },
    {
       "_nodes" : [
+         {
+            "default" : "",
+            "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignatureMethod",
+            "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignatureMethod",
+            "select" : [
+               {
+                  "k" : "",
+                  "v" : "default"
+               },
+               {
+                  "k" : "RSA_SHA1",
+                  "v" : "RSA SHA1"
+               },
+               {
+                  "k" : "RSA_SHA256",
+                  "v" : "RSA SHA256"
+               },
+               {
+                  "k" : "RSA_SHA384",
+                  "v" : "RSA SHA384"
+               },
+               {
+                  "k" : "RSA_SHA512",
+                  "v" : "RSA SHA512"
+               }
+            ],
+            "title" : "samlIDPMetaDataOptionsSignatureMethod",
+            "type" : "select"
+         },
          {
             "default" : -1,
             "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",
@@ -1102,6 +1131,35 @@ function templates(tpl,key) {
          },
          {
             "_nodes" : [
+               {
+                  "default" : "",
+                  "get" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignatureMethod",
+                  "id" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignatureMethod",
+                  "select" : [
+                     {
+                        "k" : "",
+                        "v" : "default"
+                     },
+                     {
+                        "k" : "RSA_SHA1",
+                        "v" : "RSA SHA1"
+                     },
+                     {
+                        "k" : "RSA_SHA256",
+                        "v" : "RSA SHA256"
+                     },
+                     {
+                        "k" : "RSA_SHA384",
+                        "v" : "RSA SHA384"
+                     },
+                     {
+                        "k" : "RSA_SHA512",
+                        "v" : "RSA SHA512"
+                     }
+                  ],
+                  "title" : "samlSPMetaDataOptionsSignatureMethod",
+                  "type" : "select"
+               },
                {
                   "default" : -1,
                   "get" : tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js
index 609abfe76..52fa98710 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js
+++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js
@@ -1 +1 @@
-function templates(t,a){switch(t){case"casAppMetaDataNode":return[{cnodes:t+"s/"+a+"/casAppMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casAppMetaDataOptionsService",id:t+"s/"+a+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",id:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",title:"casAppMetaDataOptionsUserAttribute"},{get:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",title:"casAppMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/casAppMetaDataOptionsRule",id:t+"s/"+a+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:t+"s/"+a+"/casAppMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/casAppMetaDataMacros",title:"casAppMetaDataMacros",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:t+"s/"+a+"/casSrvMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",id:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsUrl",id:t+"s/"+a+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsRenew",id:t+"s/"+a+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsGateway",id:t+"s/"+a+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",id:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/casSrvMetaDataOptionsIcon",id:t+"s/"+a+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",id:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"int"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:t+"s/"+a+"/oidcOPMetaDataJSON",id:t+"s/"+a+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:t+"s/"+a+"/oidcOPMetaDataJWKS",id:t+"s/"+a+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:t+"s/"+a+"/oidcOPMetaDataExportedVars",default:[{data:"name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",id:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",id:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",id:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:t+"s/"+a+"/oidcOPMetaDataOptionsScope",id:t+"s/"+a+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",id:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",id:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",id:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",id:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",id:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",id:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:t+"s/"+a+"/oidcRPMetaDataExportedVars",default:[{data:"mail",id:t+"s/"+a+"/oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:t+"s/"+a+"/oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:t+"s/"+a+"/oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:t+"s/"+a+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",default:[],id:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",id:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",title:"oidcRPMetaDataOptionsPublic",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"}],id:"oidcRPMetaDataOptionsBasic",title:"oidcRPMetaDataOptionsBasic",type:"simpleInputContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",id:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",title:"oidcRPMetaDataOptionsIDTokenForceClaims",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",id:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",title:"oidcRPMetaDataOptionsAdditionalAudiences"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",id:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",title:"oidcRPMetaDataOptionsRefreshToken",type:"bool"}],id:"oidcRPMetaDataOptionsAdvanced",title:"oidcRPMetaDataOptionsAdvanced",type:"simpleInputContainer"},{_nodes:[{default:"HS512",get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",id:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",title:"oidcRPMetaDataOptionsRequirePKCE",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",title:"oidcRPMetaDataOptionsAllowOffline",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",title:"oidcRPMetaDataOptionsAllowPasswordGrant",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",title:"oidcRPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRule",id:t+"s/"+a+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"security",title:"security",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",title:"oidcRPMetaDataOptionsAuthorizationCodeExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",title:"oidcRPMetaDataOptionsOfflineSessionExpiration",type:"int"}],id:"oidcRPMetaDataOptionsTimeouts",title:"oidcRPMetaDataOptionsTimeouts",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"}],help:"idpopenidconnect.html#options",id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:t+"s/"+a+"/oidcRPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/oidcRPMetaDataMacros",title:"oidcRPMetaDataMacros",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:t+"s/"+a+"/samlIDPMetaDataXML",id:t+"s/"+a+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported-attributes",id:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",id:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",id:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",id:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",id:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",id:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",id:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",id:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",id:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:t+"s/"+a+"/samlSPMetaDataXML",id:t+"s/"+a+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported-attributes",id:t+"s/"+a+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",id:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",title:"samlSPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/samlSPMetaDataOptionsRule",id:t+"s/"+a+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"},{cnodes:t+"s/"+a+"/samlSPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/samlSPMetaDataMacros",title:"samlSPMetaDataMacros",type:"keyTextContainer"}];case"virtualHost":return[{cnodes:t+"s/"+a+"/locationRules",default:[{data:"deny",id:t+"s/"+a+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:t+"s/"+a+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:t+"s/"+a+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:t+"s/"+a+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/post",help:"formreplay.html",id:t+"s/"+a+"/post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:t+"s/"+a+"/vhostPort",id:t+"s/"+a+"/vhostPort",title:"vhostPort",type:"int"},{default:-1,get:t+"s/"+a+"/vhostHttps",id:t+"s/"+a+"/vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:t+"s/"+a+"/vhostMaintenance",id:t+"s/"+a+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{default:"",get:t+"s/"+a+"/vhostAliases",id:t+"s/"+a+"/vhostAliases",title:"vhostAliases"},{default:"Main",get:t+"s/"+a+"/vhostType",id:t+"s/"+a+"/vhostType",select:[{k:"AuthBasic",v:"AuthBasic"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"Main",v:"Main"},{k:"OAuth2",v:"OAuth2"},{k:"SecureToken",v:"SecureToken"},{k:"ServiceToken",v:"ServiceToken"},{k:"ZimbraPreAuth",v:"ZimbraPreAuth"}],title:"vhostType",type:"select"},{get:t+"s/"+a+"/vhostAuthnLevel",id:t+"s/"+a+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"},{default:-1,get:t+"s/"+a+"/vhostServiceTokenTTL",id:t+"s/"+a+"/vhostServiceTokenTTL",title:"vhostServiceTokenTTL",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(t){t.portal=t.data[0]._nodes[0]._nodes[0],t.getKey(t.portal),t.domain=t.data[0]._nodes[4]._nodes[1],t.getKey(t.domain)}
\ No newline at end of file
+function templates(t,a){switch(t){case"casAppMetaDataNode":return[{cnodes:t+"s/"+a+"/casAppMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casAppMetaDataOptionsService",id:t+"s/"+a+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",id:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",title:"casAppMetaDataOptionsUserAttribute"},{get:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",title:"casAppMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/casAppMetaDataOptionsRule",id:t+"s/"+a+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:t+"s/"+a+"/casAppMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/casAppMetaDataMacros",title:"casAppMetaDataMacros",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:t+"s/"+a+"/casSrvMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",id:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsUrl",id:t+"s/"+a+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsRenew",id:t+"s/"+a+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsGateway",id:t+"s/"+a+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",id:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/casSrvMetaDataOptionsIcon",id:t+"s/"+a+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",id:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"int"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:t+"s/"+a+"/oidcOPMetaDataJSON",id:t+"s/"+a+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:t+"s/"+a+"/oidcOPMetaDataJWKS",id:t+"s/"+a+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:t+"s/"+a+"/oidcOPMetaDataExportedVars",default:[{data:"name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",id:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",id:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",id:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:t+"s/"+a+"/oidcOPMetaDataOptionsScope",id:t+"s/"+a+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",id:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",id:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",id:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",id:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",id:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",id:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:t+"s/"+a+"/oidcRPMetaDataExportedVars",default:[{data:"mail",id:t+"s/"+a+"/oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:t+"s/"+a+"/oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:t+"s/"+a+"/oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:t+"s/"+a+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",default:[],id:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",id:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",title:"oidcRPMetaDataOptionsPublic",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"}],id:"oidcRPMetaDataOptionsBasic",title:"oidcRPMetaDataOptionsBasic",type:"simpleInputContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",id:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",title:"oidcRPMetaDataOptionsIDTokenForceClaims",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",id:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",title:"oidcRPMetaDataOptionsAdditionalAudiences"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",id:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",title:"oidcRPMetaDataOptionsRefreshToken",type:"bool"}],id:"oidcRPMetaDataOptionsAdvanced",title:"oidcRPMetaDataOptionsAdvanced",type:"simpleInputContainer"},{_nodes:[{default:"HS512",get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",id:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",title:"oidcRPMetaDataOptionsRequirePKCE",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",title:"oidcRPMetaDataOptionsAllowOffline",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",title:"oidcRPMetaDataOptionsAllowPasswordGrant",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",title:"oidcRPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRule",id:t+"s/"+a+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"security",title:"security",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",title:"oidcRPMetaDataOptionsAuthorizationCodeExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",title:"oidcRPMetaDataOptionsOfflineSessionExpiration",type:"int"}],id:"oidcRPMetaDataOptionsTimeouts",title:"oidcRPMetaDataOptionsTimeouts",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"}],help:"idpopenidconnect.html#options",id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:t+"s/"+a+"/oidcRPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/oidcRPMetaDataMacros",title:"oidcRPMetaDataMacros",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:t+"s/"+a+"/samlIDPMetaDataXML",id:t+"s/"+a+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported-attributes",id:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",id:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",id:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSignatureMethod",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlIDPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",id:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",id:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",id:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",id:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",id:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",id:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:t+"s/"+a+"/samlSPMetaDataXML",id:t+"s/"+a+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported-attributes",id:t+"s/"+a+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",id:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsSignatureMethod",id:t+"s/"+a+"/samlSPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlSPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",title:"samlSPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/samlSPMetaDataOptionsRule",id:t+"s/"+a+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"},{cnodes:t+"s/"+a+"/samlSPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/samlSPMetaDataMacros",title:"samlSPMetaDataMacros",type:"keyTextContainer"}];case"virtualHost":return[{cnodes:t+"s/"+a+"/locationRules",default:[{data:"deny",id:t+"s/"+a+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:t+"s/"+a+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:t+"s/"+a+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:t+"s/"+a+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/post",help:"formreplay.html",id:t+"s/"+a+"/post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:t+"s/"+a+"/vhostPort",id:t+"s/"+a+"/vhostPort",title:"vhostPort",type:"int"},{default:-1,get:t+"s/"+a+"/vhostHttps",id:t+"s/"+a+"/vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:t+"s/"+a+"/vhostMaintenance",id:t+"s/"+a+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{default:"",get:t+"s/"+a+"/vhostAliases",id:t+"s/"+a+"/vhostAliases",title:"vhostAliases"},{default:"Main",get:t+"s/"+a+"/vhostType",id:t+"s/"+a+"/vhostType",select:[{k:"AuthBasic",v:"AuthBasic"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"Main",v:"Main"},{k:"OAuth2",v:"OAuth2"},{k:"SecureToken",v:"SecureToken"},{k:"ServiceToken",v:"ServiceToken"},{k:"ZimbraPreAuth",v:"ZimbraPreAuth"}],title:"vhostType",type:"select"},{get:t+"s/"+a+"/vhostAuthnLevel",id:t+"s/"+a+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"},{default:-1,get:t+"s/"+a+"/vhostServiceTokenTTL",id:t+"s/"+a+"/vhostServiceTokenTTL",title:"vhostServiceTokenTTL",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(t){t.portal=t.data[0]._nodes[0]._nodes[0],t.getKey(t.portal),t.domain=t.data[0]._nodes[4]._nodes[1],t.getKey(t.domain)}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map
index f323925df..eb45ae3da 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map
+++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map
@@ -1 +1 @@
-{"version":3,"sources":["conftree.js"],"names":["templates","tpl","key","cnodes","default","data","id","title","type","_nodes","get","help","select","k","v","re","setScopeVars","scope","portal","getKey","domain"],"mappings":"AAAA,SAASA,UAAUC,EAAIC,GASrB,OAAOD,GACP,IAAK,qBACH,MAAO,CACR,CACGE,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,sCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wCACxBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,4BACrBI,GAAOL,EAAI,KAAKC,EAAI,4BACpBK,MAAU,4BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,SAGfF,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,QACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,cACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,iBACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,MACNC,EAAM,QAGZP,MAAU,+BACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,+BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,qBACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,qBACNC,EAAM,sBAET,CACGD,EAAM,sBACNC,EAAM,wBAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,gCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfF,GAAO,wBACPC,MAAU,yBAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,QACVC,KAAS,WAEZ,CACGH,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,cACVC,KAAS,WAEZ,CACGH,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZE,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,sCAGhBD,GAAO,6BACPC,MAAU,6BACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBS,KAAS,2BACTL,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,mCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,4CAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,WACPC,MAAU,WACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBK,MAAU,mDACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBK,MAAU,+CAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,kBAGZP,MAAU,kCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,SAGfF,GAAO,SACPC,MAAU,SACVC,KAAS,yBAGfG,KAAS,gCACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,sBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,qCACxBE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,wCAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,SAGfF,GAAO,kCACPC,MAAU,kCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,iBAGZP,MAAU,mCACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,YACNC,EAAM,SAGZP,MAAU,mCACVC,KAAS,WAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,YAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,qCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,+BACNC,EAAM,gCAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,2BAGZP,MAAU,8CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfG,KAAS,wBACTL,GAAO,yBACPC,MAAU,yBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,qCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,qBACrBI,GAAOL,EAAI,KAAKC,EAAI,qBACpBK,MAAU,oBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZO,KAAS,mCACTL,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,oCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,mDACrBI,GAAOL,EAAI,KAAKC,EAAI,mDACpBK,MAAU,kDACVC,KAAS,OAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,2CACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,iCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfG,KAAS,uBACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,cACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,iBACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,yBACpBa,GAAO,UACPR,MAAU,UACVC,KAAS,SAGfG,KAAS,qCACTL,GAAOL,EAAI,KAAKC,EAAI,iBACpBK,MAAU,gBACVC,KAAS,iBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,mBACxBS,KAAS,uCACTL,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,QACxBS,KAAS,kBACTL,GAAOL,EAAI,KAAKC,EAAI,QACpBK,MAAU,OACVC,KAAS,iBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBK,MAAU,YACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,cACrBI,GAAOL,EAAI,KAAKC,EAAI,cACpBK,MAAU,aACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oBACrBI,GAAOL,EAAI,KAAKC,EAAI,oBACpBK,MAAU,mBACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gBACrBI,GAAOL,EAAI,KAAKC,EAAI,gBACpBK,MAAU,gBAEb,CACGH,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBU,OAAW,CACR,CACGC,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,MACNC,EAAM,OAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,gBACNC,EAAM,kBAGZP,MAAU,YACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mBACrBI,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wBACrBI,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,QAGfG,KAAS,2BACTL,GAAO,eACPC,MAAU,eACVC,KAAS,yBAIb,QACE,MAAO,IAIX,SAASQ,aAAaC,GACpBA,EAAMC,OAASD,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMC,QACnBD,EAAMG,OAASH,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMG"}
\ No newline at end of file
+{"version":3,"sources":["conftree.js"],"names":["templates","tpl","key","cnodes","default","data","id","title","type","_nodes","get","help","select","k","v","re","setScopeVars","scope","portal","getKey","domain"],"mappings":"AAAA,SAASA,UAAUC,EAAIC,GASrB,OAAOD,GACP,IAAK,qBACH,MAAO,CACR,CACGE,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,sCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wCACxBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,4BACrBI,GAAOL,EAAI,KAAKC,EAAI,4BACpBK,MAAU,4BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,SAGfF,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,QACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,cACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,iBACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,MACNC,EAAM,QAGZP,MAAU,+BACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,+BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,qBACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,qBACNC,EAAM,sBAET,CACGD,EAAM,sBACNC,EAAM,wBAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,gCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfF,GAAO,wBACPC,MAAU,yBAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,QACVC,KAAS,WAEZ,CACGH,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,cACVC,KAAS,WAEZ,CACGH,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZE,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,sCAGhBD,GAAO,6BACPC,MAAU,6BACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBS,KAAS,2BACTL,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,mCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,4CAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,WACPC,MAAU,WACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBK,MAAU,mDACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBK,MAAU,+CAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,kBAGZP,MAAU,kCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,SAGfF,GAAO,SACPC,MAAU,SACVC,KAAS,yBAGfG,KAAS,gCACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,sBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,qCACxBE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,wCAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,wCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,SAGfF,GAAO,kCACPC,MAAU,kCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,iBAGZP,MAAU,mCACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,YACNC,EAAM,SAGZP,MAAU,mCACVC,KAAS,WAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,YAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,qCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,+BACNC,EAAM,gCAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,2BAGZP,MAAU,8CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfG,KAAS,wBACTL,GAAO,yBACPC,MAAU,yBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,qCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,qBACrBI,GAAOL,EAAI,KAAKC,EAAI,qBACpBK,MAAU,oBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZO,KAAS,mCACTL,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,oCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,mDACrBI,GAAOL,EAAI,KAAKC,EAAI,mDACpBK,MAAU,kDACVC,KAAS,OAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,2CACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,iCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfG,KAAS,uBACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,cACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,iBACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,yBACpBa,GAAO,UACPR,MAAU,UACVC,KAAS,SAGfG,KAAS,qCACTL,GAAOL,EAAI,KAAKC,EAAI,iBACpBK,MAAU,gBACVC,KAAS,iBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,mBACxBS,KAAS,uCACTL,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,QACxBS,KAAS,kBACTL,GAAOL,EAAI,KAAKC,EAAI,QACpBK,MAAU,OACVC,KAAS,iBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBK,MAAU,YACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,cACrBI,GAAOL,EAAI,KAAKC,EAAI,cACpBK,MAAU,aACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oBACrBI,GAAOL,EAAI,KAAKC,EAAI,oBACpBK,MAAU,mBACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gBACrBI,GAAOL,EAAI,KAAKC,EAAI,gBACpBK,MAAU,gBAEb,CACGH,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBU,OAAW,CACR,CACGC,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,MACNC,EAAM,OAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,gBACNC,EAAM,kBAGZP,MAAU,YACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mBACrBI,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wBACrBI,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,QAGfG,KAAS,2BACTL,GAAO,eACPC,MAAU,eACVC,KAAS,yBAIb,QACE,MAAO,IAIX,SAASQ,aAAaC,GACpBA,EAAMC,OAASD,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMC,QACnBD,EAAMG,OAASH,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMG"}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/manager.js b/lemonldap-ng-manager/site/htdocs/static/js/manager.js
index 262f8ceb5..d600bf53a 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/manager.js
+++ b/lemonldap-ng-manager/site/htdocs/static/js/manager.js
@@ -841,6 +841,24 @@ This file contains:
           return console.log('Error sending test email');
         });
       };
+      $scope.newCertificate = function() {
+        return $scope.showModal('password.html').then(function() {
+          var currentNode, password;
+          $scope.waiting = true;
+          currentNode = $scope.currentNode;
+          password = $scope.result;
+          return $http.post(window.confPrefix + "/newCertificate", {
+            "password": password
+          }).then(function(response) {
+            currentNode.data[0].data = response.data["private"];
+            currentNode.data[1].data = password;
+            currentNode.data[2].data = response.data["public"];
+            return $scope.waiting = false;
+          }, readError);
+        }, function() {
+          return console.log('New key cancelled');
+        });
+      };
       $scope.newRSAKey = function() {
         return $scope.showModal('password.html').then(function() {
           var currentNode, password;
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js b/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js
index e359aca14..aaec14092 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js
+++ b/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js
@@ -1 +1 @@
-(function(){angular.module("llngManager",["ui.tree","ui.bootstrap","llApp","ngCookies"]).controller("TreeCtrl",["$scope","$http","$location","$q","$uibModal","$translator","$cookies","$htmlParams",function(f,u,a,l,o,n,r,e){var t,s,d,c,i,p,m,g,h;return f.links=window.links,f.menu=e.menu,f.menulinks=window.menulinks,f.staticPrefix=window.staticPrefix,f.formPrefix=window.formPrefix,f.availableLanguages=window.availableLanguages,f.waiting=!0,f.showM=!1,f.showT=!1,f.form="home",f.currentCfg={},f.confPrefix=window.confPrefix,f.message={},f.result="",f.translateTitle=function(e){return n.translateField(e,"title")},f.translateP=n.translateP,f.translate=n.translate,f.helpUrl="start.html#configuration",f.setShowHelp=function(e){var t;return null==e&&(e=!f.showH),f.showH=e,(t=new Date(Date.now())).setFullYear(t.getFullYear()+1),r.put("showhelp",e?"true":"false",{expires:t})},f.showH="false"!==r.get("showhelp"),null==f.showH&&f.setShowHelp(!0),m=function(e){var t,n;return t=e.status,n=e.statusLine,f.waiting=!1,f.message=403===t?{title:"forbidden",message:"",items:[]}:401===t?(console.log("Authentication needed"),{title:"authenticationNeeded",message:"__waitOrF5__",items:[]}):400===t?{title:"badRequest",message:n,items:[]}:0<t?{title:"badRequest",message:n,items:[]}:{title:"networkProblem",message:"",items:[]},f.showModal("message.html")},f.showModal=function(e,t){var n,r;return r=o.open({templateUrl:e,controller:"ModalInstanceCtrl",size:"lg",resolve:{elem:function(){return function(e){return f[e]}},set:function(){return function(e,t){return f[e]=t}},init:function(){return t}}}),n=l.defer(),r.result.then(function(e){return f.message={title:"",message:"",items:[]},n.resolve(e)},function(e){return f.message={title:"",message:"",items:[]},n.reject(e)}),n.promise},f.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(f.currentNode,f);break;case"string":f[e.action]();break;default:console.log(typeof e.action)}return f.showM=!1},f.home=function(){return f.form="home",f.showM=!1},t=function(e){var t;if(f.message={title:"",message:"",items:[],itemsE:[],itemsNC:[],itemsW:[]},e.needConfirm&&(f.confirmNeeded=!0),e.message&&(f.message.message=e.message),e.details){for(t in e.details)"__changes__"!==t&&("__needConfirmation__"===t?(f.message.itemsNC.push({message:t,items:e.details[t]}),console.log("NeedConfirmation:",f.message.itemsNC)):"__warnings__"===t?(f.message.itemsW.push({message:t,items:e.details[t]}),console.log("Warnings:",f.message.itemsW)):(f.message.itemsE.push({message:t,items:e.details[t]}),console.log("Errors:",f.message.itemsE)));f.message.items=f.message.itemsE.concat(f.message.itemsNC.concat(f.message.itemsW))}return f.waiting=!1,1===e.result?(a.path("/confs/"),f.message.title="successfullySaved"):f.message.title="saveReport",f.showModal("message.html")},f.downloadConf=function(){return window.open(f.confPrefix+f.currentCfg.cfgNum+"?full=1")},f.save=function(){return f.showModal("save.html").then(function(){return f.waiting=!0,f.data.push({id:"cfgLog",title:"cfgLog",data:f.result?f.result:""}),u.post(window.confPrefix+"?cfgNum="+f.currentCfg.cfgNum+(f.forceSave?"&force=1":""),f.data).then(function(e){return f.data.pop(),t(e.data)},function(e){return m(e),f.data.pop()})},function(){return console.log("Saving canceled")}),f.showM=!1},f.saveRawConf=function(e){return f.waiting=!0,u.post(window.confPrefix+"/raw",e).then(function(e){return t(e.data)},m)},f.restore=function(){return f.currentNode=null,f.form="restore"},f.cancel=function(){return f.currentNode.data=null,f.getKey(f.currentNode)},i=1,f._findContainer=function(){return f._findScopeContainer().$modelValue},f._findScopeContainer=function(){var e;for(e=f.currentScope;!e.$modelValue.type.match(/Container$/);)e=e.$parentNodeScope;return e},f._findScopeByKey=function(e){var t;for(t=f.currentScope;t.$modelValue.title!==e;)t=t.$parentNodeScope;return t},f.newGrantRule=function(){var e,t;return 0<(e=(t=f._findContainer()).nodes.length)?e-1:0,t.nodes.push({id:t.id+"/n"+i++,title:"New rule",re:"Message",comment:"New rule",data:"1",type:"grant"})},f.newRule=function(){var e,t,n;return t=0<(e=(n=f._findContainer()).nodes.length)?e-1:0,n.nodes.splice(t,0,{id:n.id+"/n"+i++,title:"New rule",re:"^/new",comment:"New rule",data:"accept",type:"rule"})},f.newPost=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"/absolute/path/to/form",data:{},type:"post"})},f.newPostVar=function(){return null==f.currentNode.data.vars&&(f.currentNode.data.vars=[]),f.currentNode.data.vars.push(["var1","$uid"])},f.newAuthChoice=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"1_Key",data:["Null","Null","Null"],type:"authChoice"}),f.execFilters(f._findScopeByKey("authParams"))},f.newHashEntry=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",data:"",type:"keyText"})},f.newCat=function(){var e;return"menuApp"===(e=f.currentScope).$modelValue.type&&(e=e.$parentNodeScope),e.$modelValue.nodes.push({id:e.$modelValue.id+"/n"+i++,title:"New category",type:"menuCat",nodes:[]})},f.newApp=function(){var e;return"menuApp"===(e=f.currentScope).$modelValue.type&&(e=e.$parentNodeScope),e.$modelValue.nodes.push({id:e.$modelValue.id+"/n"+i++,title:"New application",type:"menuApp",data:{description:"New app description",uri:"https://test.example.com/",tooltip:"New app tooltip",logo:"network.png",display:"auto"}})},f.newCmbMod=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",type:"cmbModule",data:{type:"LDAP",for:"0",over:[]}}),f.execFilters(f._findScopeByKey("authParams"))},f.newSfExtra=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",type:"sfExtra",data:{type:"",rule:"",logo:"",level:"",label:"",over:[]}})},f.newSfOver=function(){var e;return(e=f.currentNode.data).over||(e.over=[]),e.over.push(["new"+i++,""])},f.newCmbOver=function(){var e;return(e=f.currentNode.data).over||(e.over=[]),e.over.push(["new"+i++,""])},f.newChoiceOver=function(){var e;return e=f.currentNode.data,console.log("data",e),e[5]||(e[5]=[]),e[5].push(["new"+i++,""])},f.addHost=function(){var e;return(e=f.currentNode).data||(e.data=[]),e.data.push({k:"newHost",h:[{k:"key",v:"uid"}]})},f.addSamlAttribute=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",type:"samlAttribute",data:["0","New","",""]})},f.addVhost=function(){var e;return e=f.domain?"."+f.domain.data:".example.com",f.message={title:"virtualHostName",field:"hostname"},f.showModal("prompt.html",e).then(function(){var e;if(e=f.result)return f.addTemplateNode(e,"virtualHost")})},f.duplicateVhost=function(){var e;return e=f.domain?"."+f.domain.data:".example.com",f.message={title:"virtualHostName",field:"hostname"},f.showModal("prompt.html",e).then(function(){var e;return e=f.result,f.duplicateNode(e,"virtualHost",f.currentNode.title)})},f.addSamlIDP=function(){return f.newTemplateNode("samlIDPMetaDataNode","samlPartnerName","idp-example")},f.addSamlSP=function(){return f.newTemplateNode("samlSPMetaDataNode","samlPartnerName","sp-example")},f.addOidcOp=function(){return f.newTemplateNode("oidcOPMetaDataNode","oidcOPName","op-example")},f.addOidcRp=function(){return f.newTemplateNode("oidcRPMetaDataNode","oidcRPName","rp-example")},f.addCasSrv=function(){return f.newTemplateNode("casSrvMetaDataNode","casPartnerName","srv-example")},f.addCasApp=function(){return f.newTemplateNode("casAppMetaDataNode","casPartnerName","app-example")},f.newTemplateNode=function(t,e,n){return f.message={title:e,field:"name"},f.showModal("prompt.html",n).then(function(){var e;if(e=f.result)return f.addTemplateNode(e,t)})},f.addTemplateNode=function(e,t){var n,r;for(n=f.currentScope;n.$modelValue.title!==t+"s";)n=n.$parentNodeScope;return r={id:t+"s/new__"+e,title:e,type:t,nodes:templates(t,"new__"+e)},g(r.nodes),n.$modelValue.nodes.push(r),n.expand(),r},g=function(e){var t,n,r;for(r=0,t=e.length;r<t;r++)(n=e[r]).cnodes&&n.default&&(delete n.cnodes,n._nodes=n.default),n._nodes?g(n._nodes):(n.default||0===n.default)&&(n.data=n.default);return e},d=function(o){var e,i;return e=l.defer(),i=l.defer(),o._nodes?(c(o),e.resolve()):o.cnodes?s(o).then(function(){return e.resolve()}):o.nodes||o.data?e.resolve():f.getKey(o).then(function(){return e.resolve()}),e.promise.then(function(){var e,t,n,r,a;if(a=[],o.nodes)for(n=0,e=(r=o.nodes).length;n<e;n++)t=r[n],a.push(d(t));return l.all(a).then(function(){return i.resolve()})}),i.promise},f.duplicateNode=function(t,n,r){var a;return a=f.currentScope,d(f.currentNode).then(function(){for(var e;a.$modelValue.title!==n+"s";)a=a.$parentNodeScope;return(e=JSON.parse(JSON.stringify(f.currentNode).replace(new RegExp(r,"g"),"new__"+t))).id=n+"s/new__"+t,e.title=t,a.$modelValue.nodes.push(e),e})},f.del=function(e,t){return e.splice(t,1)},f.deleteEntry=function(){var e;return e=f.currentScope.$parentNodeScope,f.currentScope.remove(),f.displayForm(e)},f.down=function(){var e,t,n,r,a,o,i,s;for(t=f.currentNode.id,n=(o=f.currentScope.$parentNodeScope.$modelValue).nodes.length,e=a=0,r=(i=o.nodes).length;a<r;e=++a)i[e].id===t&&(n=e);return n<o.nodes.length-1&&(s=o.nodes[n],o.nodes[n]=o.nodes[n+1],o.nodes[n+1]=s),n},f.up=function(){var e,t,n,r,a,o,i,s;for(t=f.currentNode.id,n=-1,e=a=0,r=(i=(o=f.currentScope.$parentNodeScope.$modelValue).nodes).length;a<r;e=++a)i[e].id===t&&(n=e);return 0<n&&(s=o.nodes[n],o.nodes[n]=o.nodes[n-1],o.nodes[n-1]=s),n},f.inSelect=function(e){var t,n,r;for(n=0,t=(r=f.currentNode.select).length;n<t;n++)if(r[n].k===e)return!0;return!1},f.changeRuleTitle=function(e){return e.title=0<e.comment.length?e.comment:e.re},f.filters={},f.execFilters=function(e){var t,n,r;for(t in e=e||f,r=f.filters)if(n=r[t],f.filters.hasOwnProperty(t))return window.filterFunctions[t](e,l,n);return!1},f.stoggle=function(e){var t;return t=e.$modelValue,c(t),e.toggle()},c=function(e){var t,n,r,a,o,i,s,u,l,d,c;for(i=0,n=(l=["nodes","nodes_cond"]).length;i<n;i++)if(e["_"+(o=l[i])]){for(e[o]=[],s=0,r=(d=e["_"+o]).length;s<r;s++)t=d[s],e[o].push(t);delete e["_"+o]}if(e._nodes_filter){if(e.nodes)for(u=0,a=(c=e.nodes).length;u<a;u++)(o=c[u]).onChange=f.execFilters;return f.filters[e._nodes_filter]=e,f.execFilters()}},f.toggle=function(e){return e.toggle()},f.download=function(e){var t;return t=e.$modelValue,s(t)},s=function(o){var i;return(i=l.defer()).notify("Trying to get datas"),f.waiting=!0,u.get(""+window.confPrefix+f.currentCfg.cfgNum+"/"+o.cnodes).then(function(e){var t,n,r,a;if(n=e.data)if(n.error)n.error.match(/setDefault$/)?(o.default?o.nodes=o.default.slice(0):o.nodes=[],delete o.cnodes,i.resolve("Set data to default value")):i.reject("Server return an error: "+n.error);else{for(delete o.cnodes,o.type||(o.type="keyTextContainer"),o.nodes=[],a=0,r=n.length;a<r;a++)(t=n[a]).template&&(t._nodes=templates(t.template,t.title)),o.nodes.push(t),t.type.match(/^rule$/)&&(console.log("Parse rule AuthnLevel as integer"),t.level&&"string"==typeof t.level&&(t.level=parseInt(t.level,10)));i.resolve("OK")}else i.reject("Empty response from server");return f.waiting=!1},function(e){return m(e),i.reject("")}),i.promise},f.openCnode=function(e){return f.download(e).then(function(){return e.toggle()})},h=function(e){for(;!e.$modelValue.help&&e.$parentNodeScope;)e=e.$parentNodeScope;return f.helpUrl=e.$modelValue.help||"start.html#configuration"},f.displayForm=function(e){var t,n,r,a,o,i;if((a=e.$modelValue).cnodes&&f.download(e),a._nodes&&f.stoggle(e),f.currentNode=a,f.currentScope=e,t=a.type?a.type:"text",a.nodes||a._nodes||a.cnodes?f.form="text"!==t?t:"mini":(f.form=t,f.getKey(a)),a.type&&"simpleInputContainer"===a.type)for(o=0,n=(i=a.nodes).length;o<n;o++)r=i[o],f.getKey(r);return f.showT=!1,h(e)},f.keyWritable=function(e){var t;return!(!(t=e.$modelValue).type||!t.type.match(/^(?:s(?:aml(?:(?:ID|S)PMetaDataNod|Attribut)e|fExtra)|(?:(?:cmbMod|r)ul|authChoic)e|(?:virtualHos|keyTex)t|menu(?:App|Cat))$/))},f.sendTestMail=function(){return f.message={title:"sendTestMail",field:"dest"},f.showModal("prompt.html").then(function(){var e;return f.result,f.waiting=!0,e=f.result,u.post(window.confPrefix+"/sendTestMail",{dest:e}).then(function(e){var t,n;return n=e.data.success,t=e.data.error,f.waiting=!1,f.message=n?{title:"ok",message:"__sendTestMailSuccess__",items:[]}:{title:"error",message:t,items:[]},f.showModal("message.html")},m)},function(){return console.log("Error sending test email")})},f.newRSAKey=function(){return f.showModal("password.html").then(function(){var t,n;return f.waiting=!0,t=f.currentNode,n=f.result,u.post(window.confPrefix+"/newRSAKey",{password:n}).then(function(e){return t.data[0].data=e.data.private,t.data[1].data=n,t.data[2].data=e.data.public,f.waiting=!1},m)},function(){return console.log("New key cancelled")})},f.newRSAKeyNoPassword=function(){var t;return f.waiting=!0,t=f.currentNode,u.post(window.confPrefix+"/newRSAKey",{password:""}).then(function(e){return t.data[0].data=e.data.private,t.data[1].data=e.data.public,f.waiting=!1},m)},f.getKey=function(n){var r,e,t,a,o,i,s;if(r=l.defer(),n.data)r.resolve(n.data);else if(f.waiting=!0,n.get&&"object"==typeof n.get){for(n.data=[],s=[],e=o=0,t=(i=n.get).length;o<t;e=++o)a=i[e],n.data[e]={title:a,id:a},s.push(f.getKey(n.data[e]));l.all(s).then(function(){return r.resolve(n.data)},function(e){return r.reject(e.statusLine),f.waiting=!1})}else u.get(""+window.confPrefix+f.currentCfg.cfgNum+"/"+(n.get?n.get:n.title)).then(function(e){var t;return(null===(t=e.data).value||t.error&&t.error.match(/setDefault$/))&&null!==n.default?n.data=n.default:n.data=t.value,n.type&&n.type.match(/^(bool|trool|boolOrExpr)$/)&&"string"==typeof n.data&&n.data.match(/^(?:-1|0|1)$/)&&(n.data=parseInt(n.data,10)),n.type&&n.type.match(/^int$/)&&(n.data=parseInt(n.data,10)),n.type&&n.type.match(/^select$/)?n.data=n.data.toString():n.type&&n.type.match(/^(saml(Service|Assertion)|blackWhiteList)$/)&&"object"!=typeof n.data&&(n.data=n.data.split(";")),f.waiting=!1,r.resolve(n.data)},function(e){return m(e),r.reject(e.status)});return r.promise},p=function(e,t,n){var r;return null===(r=t.match(new RegExp("#!?/confs/(latest|[0-9]+)")))?a.path("/confs/latest"):(console.log("Trying to get cfg number "+r[1]),f.getCfg(r[1]))},f.$on("$locationChangeSuccess",p),f.getCfg=function(n){return f.currentCfg.cfgNum!==n?u.get(""+window.confPrefix+n).then(function(e){var t;return f.currentCfg=e.data,t=new Date(1e3*f.currentCfg.cfgDate),f.currentCfg.date=t.toLocaleString(),console.log("Metadatas of cfg "+n+" loaded"),a.path("/confs/"+n),f.init()},function(e){return m(e).then(function(){return f.currentCfg.cfgNum=0,f.init()})}):f.waiting=!1},f.getLanguage=function(e){return f.lang=e,f.form="white",f.init(),f.showM=!1},f.init=function(){var t;return t=null,f.waiting=!0,f.data=[],f.confirmNeeded=!1,f.forceSave=!1,l.all([n.init(f.lang),u.get(window.staticPrefix+"struct.json").then(function(e){return t=e.data,console.log("Structure loaded")})]).then(function(){return console.log("Starting structure binding"),f.data=t,t=null,0!==f.currentCfg.cfgNum?setScopeVars(f):(f.message={title:"emptyConf",message:"__zeroConfExplanations__"},f.showModal("message.html")),f.form="home",f.waiting=!1},m),f.activeModule="conf",f.myStyle={color:"#ffb84d"}},a.path().match(new RegExp("^/confs/(latest|[0-9]+)"))||(console.log("Redirecting to /confs/latest"),a.path("/confs/latest")),f.replaceContentByUrl=function(t,e){return f.waiting=!0,u.post(window.scriptname+"prx",{url:e}).then(function(e){return t.data=e.data.content,f.waiting=!1},m)},f.replaceContent=function(e,t){return e.data=t},f.saveAs=function(e,t,n){return saveAs(new Blob([e],{type:t}),n)},f.saveAsPem=function(e,t){return t.saveAs(e.data[0].data+"\n"+e.data[2].data,"application/x-pem-file",e.title+".pem")},f.saveAsText=function(e,t){return t.saveAs(e.data,"text/plain",e.title+".txt")}}])}).call(this);
\ No newline at end of file
+(function(){angular.module("llngManager",["ui.tree","ui.bootstrap","llApp","ngCookies"]).controller("TreeCtrl",["$scope","$http","$location","$q","$uibModal","$translator","$cookies","$htmlParams",function(f,u,a,l,o,n,r,e){var t,s,d,c,i,p,m,g,w;return f.links=window.links,f.menu=e.menu,f.menulinks=window.menulinks,f.staticPrefix=window.staticPrefix,f.formPrefix=window.formPrefix,f.availableLanguages=window.availableLanguages,f.waiting=!0,f.showM=!1,f.showT=!1,f.form="home",f.currentCfg={},f.confPrefix=window.confPrefix,f.message={},f.result="",f.translateTitle=function(e){return n.translateField(e,"title")},f.translateP=n.translateP,f.translate=n.translate,f.helpUrl="start.html#configuration",f.setShowHelp=function(e){var t;return null==e&&(e=!f.showH),f.showH=e,(t=new Date(Date.now())).setFullYear(t.getFullYear()+1),r.put("showhelp",e?"true":"false",{expires:t})},f.showH="false"!==r.get("showhelp"),null==f.showH&&f.setShowHelp(!0),m=function(e){var t,n;return t=e.status,n=e.statusLine,f.waiting=!1,f.message=403===t?{title:"forbidden",message:"",items:[]}:401===t?(console.log("Authentication needed"),{title:"authenticationNeeded",message:"__waitOrF5__",items:[]}):400===t?{title:"badRequest",message:n,items:[]}:0<t?{title:"badRequest",message:n,items:[]}:{title:"networkProblem",message:"",items:[]},f.showModal("message.html")},f.showModal=function(e,t){var n,r;return r=o.open({templateUrl:e,controller:"ModalInstanceCtrl",size:"lg",resolve:{elem:function(){return function(e){return f[e]}},set:function(){return function(e,t){return f[e]=t}},init:function(){return t}}}),n=l.defer(),r.result.then(function(e){return f.message={title:"",message:"",items:[]},n.resolve(e)},function(e){return f.message={title:"",message:"",items:[]},n.reject(e)}),n.promise},f.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(f.currentNode,f);break;case"string":f[e.action]();break;default:console.log(typeof e.action)}return f.showM=!1},f.home=function(){return f.form="home",f.showM=!1},t=function(e){var t;if(f.message={title:"",message:"",items:[],itemsE:[],itemsNC:[],itemsW:[]},e.needConfirm&&(f.confirmNeeded=!0),e.message&&(f.message.message=e.message),e.details){for(t in e.details)"__changes__"!==t&&("__needConfirmation__"===t?(f.message.itemsNC.push({message:t,items:e.details[t]}),console.log("NeedConfirmation:",f.message.itemsNC)):"__warnings__"===t?(f.message.itemsW.push({message:t,items:e.details[t]}),console.log("Warnings:",f.message.itemsW)):(f.message.itemsE.push({message:t,items:e.details[t]}),console.log("Errors:",f.message.itemsE)));f.message.items=f.message.itemsE.concat(f.message.itemsNC.concat(f.message.itemsW))}return f.waiting=!1,1===e.result?(a.path("/confs/"),f.message.title="successfullySaved"):f.message.title="saveReport",f.showModal("message.html")},f.downloadConf=function(){return window.open(f.confPrefix+f.currentCfg.cfgNum+"?full=1")},f.save=function(){return f.showModal("save.html").then(function(){return f.waiting=!0,f.data.push({id:"cfgLog",title:"cfgLog",data:f.result?f.result:""}),u.post(window.confPrefix+"?cfgNum="+f.currentCfg.cfgNum+(f.forceSave?"&force=1":""),f.data).then(function(e){return f.data.pop(),t(e.data)},function(e){return m(e),f.data.pop()})},function(){return console.log("Saving canceled")}),f.showM=!1},f.saveRawConf=function(e){return f.waiting=!0,u.post(window.confPrefix+"/raw",e).then(function(e){return t(e.data)},m)},f.restore=function(){return f.currentNode=null,f.form="restore"},f.cancel=function(){return f.currentNode.data=null,f.getKey(f.currentNode)},i=1,f._findContainer=function(){return f._findScopeContainer().$modelValue},f._findScopeContainer=function(){var e;for(e=f.currentScope;!e.$modelValue.type.match(/Container$/);)e=e.$parentNodeScope;return e},f._findScopeByKey=function(e){var t;for(t=f.currentScope;t.$modelValue.title!==e;)t=t.$parentNodeScope;return t},f.newGrantRule=function(){var e,t;return 0<(e=(t=f._findContainer()).nodes.length)?e-1:0,t.nodes.push({id:t.id+"/n"+i++,title:"New rule",re:"Message",comment:"New rule",data:"1",type:"grant"})},f.newRule=function(){var e,t,n;return t=0<(e=(n=f._findContainer()).nodes.length)?e-1:0,n.nodes.splice(t,0,{id:n.id+"/n"+i++,title:"New rule",re:"^/new",comment:"New rule",data:"accept",type:"rule"})},f.newPost=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"/absolute/path/to/form",data:{},type:"post"})},f.newPostVar=function(){return null==f.currentNode.data.vars&&(f.currentNode.data.vars=[]),f.currentNode.data.vars.push(["var1","$uid"])},f.newAuthChoice=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"1_Key",data:["Null","Null","Null"],type:"authChoice"}),f.execFilters(f._findScopeByKey("authParams"))},f.newHashEntry=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",data:"",type:"keyText"})},f.newCat=function(){var e;return"menuApp"===(e=f.currentScope).$modelValue.type&&(e=e.$parentNodeScope),e.$modelValue.nodes.push({id:e.$modelValue.id+"/n"+i++,title:"New category",type:"menuCat",nodes:[]})},f.newApp=function(){var e;return"menuApp"===(e=f.currentScope).$modelValue.type&&(e=e.$parentNodeScope),e.$modelValue.nodes.push({id:e.$modelValue.id+"/n"+i++,title:"New application",type:"menuApp",data:{description:"New app description",uri:"https://test.example.com/",tooltip:"New app tooltip",logo:"network.png",display:"auto"}})},f.newCmbMod=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",type:"cmbModule",data:{type:"LDAP",for:"0",over:[]}}),f.execFilters(f._findScopeByKey("authParams"))},f.newSfExtra=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",type:"sfExtra",data:{type:"",rule:"",logo:"",level:"",label:"",over:[]}})},f.newSfOver=function(){var e;return(e=f.currentNode.data).over||(e.over=[]),e.over.push(["new"+i++,""])},f.newCmbOver=function(){var e;return(e=f.currentNode.data).over||(e.over=[]),e.over.push(["new"+i++,""])},f.newChoiceOver=function(){var e;return e=f.currentNode.data,console.log("data",e),e[5]||(e[5]=[]),e[5].push(["new"+i++,""])},f.addHost=function(){var e;return(e=f.currentNode).data||(e.data=[]),e.data.push({k:"newHost",h:[{k:"key",v:"uid"}]})},f.addSamlAttribute=function(){var e;return(e=f._findContainer()).nodes.push({id:e.id+"/n"+i++,title:"new",type:"samlAttribute",data:["0","New","",""]})},f.addVhost=function(){var e;return e=f.domain?"."+f.domain.data:".example.com",f.message={title:"virtualHostName",field:"hostname"},f.showModal("prompt.html",e).then(function(){var e;if(e=f.result)return f.addTemplateNode(e,"virtualHost")})},f.duplicateVhost=function(){var e;return e=f.domain?"."+f.domain.data:".example.com",f.message={title:"virtualHostName",field:"hostname"},f.showModal("prompt.html",e).then(function(){var e;return e=f.result,f.duplicateNode(e,"virtualHost",f.currentNode.title)})},f.addSamlIDP=function(){return f.newTemplateNode("samlIDPMetaDataNode","samlPartnerName","idp-example")},f.addSamlSP=function(){return f.newTemplateNode("samlSPMetaDataNode","samlPartnerName","sp-example")},f.addOidcOp=function(){return f.newTemplateNode("oidcOPMetaDataNode","oidcOPName","op-example")},f.addOidcRp=function(){return f.newTemplateNode("oidcRPMetaDataNode","oidcRPName","rp-example")},f.addCasSrv=function(){return f.newTemplateNode("casSrvMetaDataNode","casPartnerName","srv-example")},f.addCasApp=function(){return f.newTemplateNode("casAppMetaDataNode","casPartnerName","app-example")},f.newTemplateNode=function(t,e,n){return f.message={title:e,field:"name"},f.showModal("prompt.html",n).then(function(){var e;if(e=f.result)return f.addTemplateNode(e,t)})},f.addTemplateNode=function(e,t){var n,r;for(n=f.currentScope;n.$modelValue.title!==t+"s";)n=n.$parentNodeScope;return r={id:t+"s/new__"+e,title:e,type:t,nodes:templates(t,"new__"+e)},g(r.nodes),n.$modelValue.nodes.push(r),n.expand(),r},g=function(e){var t,n,r;for(r=0,t=e.length;r<t;r++)(n=e[r]).cnodes&&n.default&&(delete n.cnodes,n._nodes=n.default),n._nodes?g(n._nodes):(n.default||0===n.default)&&(n.data=n.default);return e},d=function(o){var e,i;return e=l.defer(),i=l.defer(),o._nodes?(c(o),e.resolve()):o.cnodes?s(o).then(function(){return e.resolve()}):o.nodes||o.data?e.resolve():f.getKey(o).then(function(){return e.resolve()}),e.promise.then(function(){var e,t,n,r,a;if(a=[],o.nodes)for(n=0,e=(r=o.nodes).length;n<e;n++)t=r[n],a.push(d(t));return l.all(a).then(function(){return i.resolve()})}),i.promise},f.duplicateNode=function(t,n,r){var a;return a=f.currentScope,d(f.currentNode).then(function(){for(var e;a.$modelValue.title!==n+"s";)a=a.$parentNodeScope;return(e=JSON.parse(JSON.stringify(f.currentNode).replace(new RegExp(r,"g"),"new__"+t))).id=n+"s/new__"+t,e.title=t,a.$modelValue.nodes.push(e),e})},f.del=function(e,t){return e.splice(t,1)},f.deleteEntry=function(){var e;return e=f.currentScope.$parentNodeScope,f.currentScope.remove(),f.displayForm(e)},f.down=function(){var e,t,n,r,a,o,i,s;for(t=f.currentNode.id,n=(o=f.currentScope.$parentNodeScope.$modelValue).nodes.length,e=a=0,r=(i=o.nodes).length;a<r;e=++a)i[e].id===t&&(n=e);return n<o.nodes.length-1&&(s=o.nodes[n],o.nodes[n]=o.nodes[n+1],o.nodes[n+1]=s),n},f.up=function(){var e,t,n,r,a,o,i,s;for(t=f.currentNode.id,n=-1,e=a=0,r=(i=(o=f.currentScope.$parentNodeScope.$modelValue).nodes).length;a<r;e=++a)i[e].id===t&&(n=e);return 0<n&&(s=o.nodes[n],o.nodes[n]=o.nodes[n-1],o.nodes[n-1]=s),n},f.inSelect=function(e){var t,n,r;for(n=0,t=(r=f.currentNode.select).length;n<t;n++)if(r[n].k===e)return!0;return!1},f.changeRuleTitle=function(e){return e.title=0<e.comment.length?e.comment:e.re},f.filters={},f.execFilters=function(e){var t,n,r;for(t in e=e||f,r=f.filters)if(n=r[t],f.filters.hasOwnProperty(t))return window.filterFunctions[t](e,l,n);return!1},f.stoggle=function(e){var t;return t=e.$modelValue,c(t),e.toggle()},c=function(e){var t,n,r,a,o,i,s,u,l,d,c;for(i=0,n=(l=["nodes","nodes_cond"]).length;i<n;i++)if(e["_"+(o=l[i])]){for(e[o]=[],s=0,r=(d=e["_"+o]).length;s<r;s++)t=d[s],e[o].push(t);delete e["_"+o]}if(e._nodes_filter){if(e.nodes)for(u=0,a=(c=e.nodes).length;u<a;u++)(o=c[u]).onChange=f.execFilters;return f.filters[e._nodes_filter]=e,f.execFilters()}},f.toggle=function(e){return e.toggle()},f.download=function(e){var t;return t=e.$modelValue,s(t)},s=function(o){var i;return(i=l.defer()).notify("Trying to get datas"),f.waiting=!0,u.get(""+window.confPrefix+f.currentCfg.cfgNum+"/"+o.cnodes).then(function(e){var t,n,r,a;if(n=e.data)if(n.error)n.error.match(/setDefault$/)?(o.default?o.nodes=o.default.slice(0):o.nodes=[],delete o.cnodes,i.resolve("Set data to default value")):i.reject("Server return an error: "+n.error);else{for(delete o.cnodes,o.type||(o.type="keyTextContainer"),o.nodes=[],a=0,r=n.length;a<r;a++)(t=n[a]).template&&(t._nodes=templates(t.template,t.title)),o.nodes.push(t),t.type.match(/^rule$/)&&(console.log("Parse rule AuthnLevel as integer"),t.level&&"string"==typeof t.level&&(t.level=parseInt(t.level,10)));i.resolve("OK")}else i.reject("Empty response from server");return f.waiting=!1},function(e){return m(e),i.reject("")}),i.promise},f.openCnode=function(e){return f.download(e).then(function(){return e.toggle()})},w=function(e){for(;!e.$modelValue.help&&e.$parentNodeScope;)e=e.$parentNodeScope;return f.helpUrl=e.$modelValue.help||"start.html#configuration"},f.displayForm=function(e){var t,n,r,a,o,i;if((a=e.$modelValue).cnodes&&f.download(e),a._nodes&&f.stoggle(e),f.currentNode=a,f.currentScope=e,t=a.type?a.type:"text",a.nodes||a._nodes||a.cnodes?f.form="text"!==t?t:"mini":(f.form=t,f.getKey(a)),a.type&&"simpleInputContainer"===a.type)for(o=0,n=(i=a.nodes).length;o<n;o++)r=i[o],f.getKey(r);return f.showT=!1,w(e)},f.keyWritable=function(e){var t;return!(!(t=e.$modelValue).type||!t.type.match(/^(?:s(?:aml(?:(?:ID|S)PMetaDataNod|Attribut)e|fExtra)|(?:(?:cmbMod|r)ul|authChoic)e|(?:virtualHos|keyTex)t|menu(?:App|Cat))$/))},f.sendTestMail=function(){return f.message={title:"sendTestMail",field:"dest"},f.showModal("prompt.html").then(function(){var e;return f.result,f.waiting=!0,e=f.result,u.post(window.confPrefix+"/sendTestMail",{dest:e}).then(function(e){var t,n;return n=e.data.success,t=e.data.error,f.waiting=!1,f.message=n?{title:"ok",message:"__sendTestMailSuccess__",items:[]}:{title:"error",message:t,items:[]},f.showModal("message.html")},m)},function(){return console.log("Error sending test email")})},f.newCertificate=function(){return f.showModal("password.html").then(function(){var t,n;return f.waiting=!0,t=f.currentNode,n=f.result,u.post(window.confPrefix+"/newCertificate",{password:n}).then(function(e){return t.data[0].data=e.data.private,t.data[1].data=n,t.data[2].data=e.data.public,f.waiting=!1},m)},function(){return console.log("New key cancelled")})},f.newRSAKey=function(){return f.showModal("password.html").then(function(){var t,n;return f.waiting=!0,t=f.currentNode,n=f.result,u.post(window.confPrefix+"/newRSAKey",{password:n}).then(function(e){return t.data[0].data=e.data.private,t.data[1].data=n,t.data[2].data=e.data.public,f.waiting=!1},m)},function(){return console.log("New key cancelled")})},f.newRSAKeyNoPassword=function(){var t;return f.waiting=!0,t=f.currentNode,u.post(window.confPrefix+"/newRSAKey",{password:""}).then(function(e){return t.data[0].data=e.data.private,t.data[1].data=e.data.public,f.waiting=!1},m)},f.getKey=function(n){var r,e,t,a,o,i,s;if(r=l.defer(),n.data)r.resolve(n.data);else if(f.waiting=!0,n.get&&"object"==typeof n.get){for(n.data=[],s=[],e=o=0,t=(i=n.get).length;o<t;e=++o)a=i[e],n.data[e]={title:a,id:a},s.push(f.getKey(n.data[e]));l.all(s).then(function(){return r.resolve(n.data)},function(e){return r.reject(e.statusLine),f.waiting=!1})}else u.get(""+window.confPrefix+f.currentCfg.cfgNum+"/"+(n.get?n.get:n.title)).then(function(e){var t;return(null===(t=e.data).value||t.error&&t.error.match(/setDefault$/))&&null!==n.default?n.data=n.default:n.data=t.value,n.type&&n.type.match(/^(bool|trool|boolOrExpr)$/)&&"string"==typeof n.data&&n.data.match(/^(?:-1|0|1)$/)&&(n.data=parseInt(n.data,10)),n.type&&n.type.match(/^int$/)&&(n.data=parseInt(n.data,10)),n.type&&n.type.match(/^select$/)?n.data=n.data.toString():n.type&&n.type.match(/^(saml(Service|Assertion)|blackWhiteList)$/)&&"object"!=typeof n.data&&(n.data=n.data.split(";")),f.waiting=!1,r.resolve(n.data)},function(e){return m(e),r.reject(e.status)});return r.promise},p=function(e,t,n){var r;return null===(r=t.match(new RegExp("#!?/confs/(latest|[0-9]+)")))?a.path("/confs/latest"):(console.log("Trying to get cfg number "+r[1]),f.getCfg(r[1]))},f.$on("$locationChangeSuccess",p),f.getCfg=function(n){return f.currentCfg.cfgNum!==n?u.get(""+window.confPrefix+n).then(function(e){var t;return f.currentCfg=e.data,t=new Date(1e3*f.currentCfg.cfgDate),f.currentCfg.date=t.toLocaleString(),console.log("Metadatas of cfg "+n+" loaded"),a.path("/confs/"+n),f.init()},function(e){return m(e).then(function(){return f.currentCfg.cfgNum=0,f.init()})}):f.waiting=!1},f.getLanguage=function(e){return f.lang=e,f.form="white",f.init(),f.showM=!1},f.init=function(){var t;return t=null,f.waiting=!0,f.data=[],f.confirmNeeded=!1,f.forceSave=!1,l.all([n.init(f.lang),u.get(window.staticPrefix+"struct.json").then(function(e){return t=e.data,console.log("Structure loaded")})]).then(function(){return console.log("Starting structure binding"),f.data=t,t=null,0!==f.currentCfg.cfgNum?setScopeVars(f):(f.message={title:"emptyConf",message:"__zeroConfExplanations__"},f.showModal("message.html")),f.form="home",f.waiting=!1},m),f.activeModule="conf",f.myStyle={color:"#ffb84d"}},a.path().match(new RegExp("^/confs/(latest|[0-9]+)"))||(console.log("Redirecting to /confs/latest"),a.path("/confs/latest")),f.replaceContentByUrl=function(t,e){return f.waiting=!0,u.post(window.scriptname+"prx",{url:e}).then(function(e){return t.data=e.data.content,f.waiting=!1},m)},f.replaceContent=function(e,t){return e.data=t},f.saveAs=function(e,t,n){return saveAs(new Blob([e],{type:t}),n)},f.saveAsPem=function(e,t){return t.saveAs(e.data[0].data+"\n"+e.data[2].data,"application/x-pem-file",e.title+".pem")},f.saveAsText=function(e,t){return t.saveAs(e.data,"text/plain",e.title+".txt")}}])}).call(this);
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js.map b/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js.map
index 8107d45d8..7f96d380e 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js.map
+++ b/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js.map
@@ -1 +1 @@
-{"version":3,"sources":["manager.js"],"names":["angular","module","controller","$scope","$http","$location","$q","$uibModal","$translator","$cookies","$htmlParams","_checkSaveResponse","_download","_getAll","_stoggle","idinc","pathEvent","readError","setDefault","setHelp","links","window","menu","menulinks","staticPrefix","formPrefix","availableLanguages","waiting","showM","showT","form","currentCfg","confPrefix","message","result","translateTitle","node","translateField","translateP","translate","helpUrl","setShowHelp","val","d","showH","Date","now","setFullYear","getFullYear","put","expires","get","response","e","j","status","statusLine","title","items","console","log","showModal","tpl","init","modalInstance","open","templateUrl","size","resolve","elem","s","set","f","defer","then","msgok","msgnok","reject","promise","menuClick","button","popup","action","currentNode","home","data","m","itemsE","itemsNC","itemsW","needConfirm","confirmNeeded","details","push","concat","path","downloadConf","cfgNum","save","id","post","forceSave","pop","saveRawConf","$fileContent","restore","cancel","getKey","_findContainer","_findScopeContainer","$modelValue","cs","currentScope","type","match","$parentNodeScope","_findScopeByKey","k","newGrantRule","l","nodes","length","re","comment","newRule","n","splice","newPost","newPostVar","vars","newAuthChoice","execFilters","newHashEntry","newCat","newApp","description","uri","tooltip","logo","display","newCmbMod","for","over","newSfExtra","rule","level","label","newSfOver","newCmbOver","newChoiceOver","addHost","cn","h","v","addSamlAttribute","addVhost","name","domain","field","addTemplateNode","duplicateVhost","duplicateNode","addSamlIDP","newTemplateNode","addSamlSP","addOidcOp","addOidcRp","addCasSrv","addCasApp","t","templates","expand","len","o","cnodes","_nodes","d2","ref","all","idkey","JSON","parse","stringify","replace","RegExp","del","a","i","deleteEntry","p","remove","displayForm","down","ind","tmp","up","inSelect","value","select","changeRuleTitle","filters","scope","filter","func","hasOwnProperty","filterFunctions","stoggle","toggle","len1","len2","q","r","ref1","ref2","_nodes_filter","onChange","download","notify","error","slice","template","parseInt","openCnode","help","keyWritable","sendTestMail","dest","success","newRSAKey","password","newRSAKeyNoPassword","toString","split","event","next","current","getCfg","$on","cfgDate","date","toLocaleString","getLanguage","lang","setScopeVars","activeModule","myStyle","color","replaceContentByUrl","url","scriptname","content","replaceContent","saveAs","filename","Blob","saveAsPem","saveAsText","call","this"],"mappings":"CAaA,WAGUA,QAAQC,OAAO,cAAe,CAAC,UAAW,eAAgB,QAAS,cAOrEC,WAAW,WAAY,CAC3B,SAAU,QAAS,YAAa,KAAM,YAAa,cAAe,WAAY,cAAe,SAASC,EAAQC,EAAOC,EAAWC,EAAIC,EAAWC,EAAaC,EAAUC,GACpK,IAAIC,EAAoBC,EAAWC,EAASC,EAAaC,EAAOC,EAAWC,EAAWC,EAAYC,EAw+BlG,OAv+BAhB,EAAOiB,MAAQC,OAAOD,MACtBjB,EAAOmB,KAAOZ,EAAYY,KAC1BnB,EAAOoB,UAAYF,OAAOE,UAC1BpB,EAAOqB,aAAeH,OAAOG,aAC7BrB,EAAOsB,WAAaJ,OAAOI,WAC3BtB,EAAOuB,mBAAqBL,OAAOK,mBACnCvB,EAAOwB,SAAU,EACjBxB,EAAOyB,OAAQ,EACfzB,EAAO0B,OAAQ,EACf1B,EAAO2B,KAAO,OACd3B,EAAO4B,WAAa,GACpB5B,EAAO6B,WAAaX,OAAOW,WAC3B7B,EAAO8B,QAAU,GACjB9B,EAAO+B,OAAS,GAChB/B,EAAOgC,eAAiB,SAASC,GAC/B,OAAO5B,EAAY6B,eAAeD,EAAM,UAE1CjC,EAAOmC,WAAa9B,EAAY8B,WAChCnC,EAAOoC,UAAY/B,EAAY+B,UAC/BpC,EAAOqC,QAAU,2BACjBrC,EAAOsC,YAAc,SAASC,GAC5B,IAAIC,EAOJ,OANW,MAAPD,IACFA,GAAOvC,EAAOyC,OAEhBzC,EAAOyC,MAAQF,GACfC,EAAI,IAAIE,KAAKA,KAAKC,QAChBC,YAAYJ,EAAEK,cAAgB,GACzBvC,EAASwC,IAAI,WAAaP,EAAM,OAAS,QAAU,CACxDQ,QAAWP,KAGfxC,EAAOyC,MAAqC,UAA7BnC,EAAS0C,IAAI,YACR,MAAhBhD,EAAOyC,OACTzC,EAAOsC,aAAY,GAErBxB,EAAY,SAASmC,GACnB,IAAIC,EAAGC,EAoCP,OAnCAD,EAAID,EAASG,OACbD,EAAIF,EAASI,WACbrD,EAAOwB,SAAU,EAEfxB,EAAO8B,QADC,MAANoB,EACe,CACfI,MAAO,YACPxB,QAAS,GACTyB,MAAO,IAEM,MAANL,GACTM,QAAQC,IAAI,yBACK,CACfH,MAAO,uBACPxB,QAAS,eACTyB,MAAO,KAEM,MAANL,EACQ,CACfI,MAAO,aACPxB,QAASqB,EACTI,MAAO,IAEI,EAAJL,EACQ,CACfI,MAAO,aACPxB,QAASqB,EACTI,MAAO,IAGQ,CACfD,MAAO,iBACPxB,QAAS,GACTyB,MAAO,IAGJvD,EAAO0D,UAAU,iBAE1B1D,EAAO0D,UAAY,SAASC,EAAKC,GAC/B,IAAIpB,EAAGqB,EAqCP,OApCAA,EAAgBzD,EAAU0D,KAAK,CAC7BC,YAAaJ,EACb5D,WAAY,oBACZiE,KAAM,KACNC,QAAS,CACPC,KAAM,WACJ,OAAO,SAASC,GACd,OAAOnE,EAAOmE,KAGlBC,IAAK,WACH,OAAO,SAASC,EAAGF,GACjB,OAAOnE,EAAOqE,GAAKF,IAGvBP,KAAM,WACJ,OAAOA,MAIbpB,EAAIrC,EAAGmE,QACPT,EAAc9B,OAAOwC,KAAK,SAASC,GAMjC,OALAxE,EAAO8B,QAAU,CACfwB,MAAO,GACPxB,QAAS,GACTyB,MAAO,IAEFf,EAAEyB,QAAQO,IAChB,SAASC,GAMV,OALAzE,EAAO8B,QAAU,CACfwB,MAAO,GACPxB,QAAS,GACTyB,MAAO,IAEFf,EAAEkC,OAAOD,KAEXjC,EAAEmC,SAEX3E,EAAO4E,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACT5D,OAAO4C,KAAKe,EAAOC,YAKnB,OAHKD,EAAOE,SACVF,EAAOE,OAASF,EAAOvB,cAEVuB,EAAOE,QACpB,IAAK,WACHF,EAAOE,OAAO/E,EAAOgF,YAAahF,GAClC,MACF,IAAK,SACHA,EAAO6E,EAAOE,UACd,MACF,QACEvB,QAAQC,WAAWoB,EAAOE,QAGhC,OAAO/E,EAAOyB,OAAQ,GAExBzB,EAAOiF,KAAO,WAEZ,OADAjF,EAAO2B,KAAO,OACP3B,EAAOyB,OAAQ,GAExBjB,EAAqB,SAAS0E,GAC5B,IAAIC,EAeJ,GAdAnF,EAAO8B,QAAU,CACfwB,MAAO,GACPxB,QAAS,GACTyB,MAAO,GACP6B,OAAQ,GACRC,QAAS,GACTC,OAAQ,IAENJ,EAAKK,cACPvF,EAAOwF,eAAgB,GAErBN,EAAKpD,UACP9B,EAAO8B,QAAQA,QAAUoD,EAAKpD,SAE5BoD,EAAKO,QAAS,CAChB,IAAKN,KAAKD,EAAKO,QACH,gBAANN,IACQ,yBAANA,GACFnF,EAAO8B,QAAQuD,QAAQK,KAAK,CAC1B5D,QAASqD,EACT5B,MAAO2B,EAAKO,QAAQN,KAEtB3B,QAAQC,IAAI,oBAAqBzD,EAAO8B,QAAQuD,UACjC,iBAANF,GACTnF,EAAO8B,QAAQwD,OAAOI,KAAK,CACzB5D,QAASqD,EACT5B,MAAO2B,EAAKO,QAAQN,KAEtB3B,QAAQC,IAAI,YAAazD,EAAO8B,QAAQwD,UAExCtF,EAAO8B,QAAQsD,OAAOM,KAAK,CACzB5D,QAASqD,EACT5B,MAAO2B,EAAKO,QAAQN,KAEtB3B,QAAQC,IAAI,UAAWzD,EAAO8B,QAAQsD,UAI5CpF,EAAO8B,QAAQyB,MAAQvD,EAAO8B,QAAQsD,OAAOO,OAAO3F,EAAO8B,QAAQuD,QAAQM,OAAO3F,EAAO8B,QAAQwD,SASnG,OAPAtF,EAAOwB,SAAU,EACG,IAAhB0D,EAAKnD,QACP7B,EAAU0F,KAAK,WACf5F,EAAO8B,QAAQwB,MAAQ,qBAEvBtD,EAAO8B,QAAQwB,MAAQ,aAElBtD,EAAO0D,UAAU,iBAE1B1D,EAAO6F,aAAe,WACpB,OAAO3E,OAAO4C,KAAK9D,EAAO6B,WAAa7B,EAAO4B,WAAWkE,OAAS,YAEpE9F,EAAO+F,KAAO,WAkBZ,OAjBA/F,EAAO0D,UAAU,aAAaa,KAAK,WAOjC,OANAvE,EAAOwB,SAAU,EACjBxB,EAAOkF,KAAKQ,KAAK,CACfM,GAAI,SACJ1C,MAAO,SACP4B,KAAMlF,EAAO+B,OAAS/B,EAAO+B,OAAS,KAEjC9B,EAAMgG,KAAK/E,OAAOW,WAAa,WAAa7B,EAAO4B,WAAWkE,QAAU9F,EAAOkG,UAAY,WAAa,IAAKlG,EAAOkF,MAAMX,KAAK,SAAStB,GAE7I,OADAjD,EAAOkF,KAAKiB,MACL3F,EAAmByC,EAASiC,OAClC,SAASjC,GAEV,OADAnC,EAAUmC,GACHjD,EAAOkF,KAAKiB,SAEpB,WACD,OAAO3C,QAAQC,IAAI,qBAEdzD,EAAOyB,OAAQ,GAExBzB,EAAOoG,YAAc,SAASC,GAE5B,OADArG,EAAOwB,SAAU,EACVvB,EAAMgG,KAAK/E,OAAOW,WAAa,OAAQwE,GAAc9B,KAAK,SAAStB,GACxE,OAAOzC,EAAmByC,EAASiC,OAClCpE,IAELd,EAAOsG,QAAU,WAEf,OADAtG,EAAOgF,YAAc,KACdhF,EAAO2B,KAAO,WAEvB3B,EAAOuG,OAAS,WAEd,OADAvG,EAAOgF,YAAYE,KAAO,KACnBlF,EAAOwG,OAAOxG,EAAOgF,cAE9BpE,EAAQ,EACRZ,EAAOyG,eAAiB,WACtB,OAAOzG,EAAO0G,sBAAsBC,aAEtC3G,EAAO0G,oBAAsB,WAC3B,IAAIE,EAEJ,IADAA,EAAK5G,EAAO6G,cACJD,EAAGD,YAAYG,KAAKC,MAAM,eAChCH,EAAKA,EAAGI,iBAEV,OAAOJ,GAET5G,EAAOiH,gBAAkB,SAASC,GAChC,IAAIN,EAEJ,IADAA,EAAK5G,EAAO6G,aACHD,EAAGD,YAAYrD,QAAU4D,GAChCN,EAAKA,EAAGI,iBAEV,OAAOJ,GAET5G,EAAOmH,aAAe,WACpB,IAAIC,EAAMnF,EAIV,OADQ,GADRmF,GADAnF,EAAOjC,EAAOyG,kBACLY,MAAMC,QACHF,EAAI,EAAI,EACbnF,EAAKoF,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,WACPiE,GAAI,UACJC,QAAS,WACTtC,KAAM,IACN4B,KAAM,WAGV9G,EAAOyH,QAAU,WACf,IAAIL,EAAGM,EAAGzF,EAIV,OADAyF,EAAQ,GADRN,GADAnF,EAAOjC,EAAOyG,kBACLY,MAAMC,QACHF,EAAI,EAAI,EACbnF,EAAKoF,MAAMM,OAAOD,EAAG,EAAG,CAC7B1B,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,WACPiE,GAAI,QACJC,QAAS,WACTtC,KAAM,SACN4B,KAAM,UAGV9G,EAAO4H,QAAU,WACf,IAAI3F,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,yBACP4B,KAAM,GACN4B,KAAM,UAGV9G,EAAO6H,WAAa,WAIlB,OAHoC,MAAhC7H,EAAOgF,YAAYE,KAAK4C,OAC1B9H,EAAOgF,YAAYE,KAAK4C,KAAO,IAE1B9H,EAAOgF,YAAYE,KAAK4C,KAAKpC,KAAK,CAAC,OAAQ,UAEpD1F,EAAO+H,cAAgB,WACrB,IAAI9F,EAQJ,OAPAA,EAAOjC,EAAOyG,kBACTY,MAAM3B,KAAK,CACdM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,QACP4B,KAAM,CAAC,OAAQ,OAAQ,QACvB4B,KAAM,eAED9G,EAAOgI,YAAYhI,EAAOiH,gBAAgB,gBAEnDjH,EAAOiI,aAAe,WACpB,IAAIhG,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACP4B,KAAM,GACN4B,KAAM,aAGV9G,EAAOkI,OAAS,WACd,IAAItB,EAKJ,MAH4B,aAD5BA,EAAK5G,EAAO6G,cACLF,YAAYG,OACjBF,EAAKA,EAAGI,kBAEHJ,EAAGD,YAAYU,MAAM3B,KAAK,CAC/BM,GAAIY,EAAGD,YAAYX,GAAK,KAAQpF,IAChC0C,MAAO,eACPwD,KAAM,UACNO,MAAO,MAGXrH,EAAOmI,OAAS,WACd,IAAIvB,EAKJ,MAH4B,aAD5BA,EAAK5G,EAAO6G,cACLF,YAAYG,OACjBF,EAAKA,EAAGI,kBAEHJ,EAAGD,YAAYU,MAAM3B,KAAK,CAC/BM,GAAIY,EAAGD,YAAYX,GAAK,KAAQpF,IAChC0C,MAAO,kBACPwD,KAAM,UACN5B,KAAM,CACJkD,YAAa,sBACbC,IAAK,4BACLC,QAAS,kBACTC,KAAM,cACNC,QAAS,WAIfxI,EAAOyI,UAAY,WACjB,IAAIxG,EAYJ,OAXAA,EAAOjC,EAAOyG,kBACTY,MAAM3B,KAAK,CACdM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACPwD,KAAM,YACN5B,KAAM,CACJ4B,KAAM,OACN4B,IAAO,IACPC,KAAM,MAGH3I,EAAOgI,YAAYhI,EAAOiH,gBAAgB,gBAEnDjH,EAAO4I,WAAa,WAClB,IAAI3G,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACPwD,KAAM,UACN5B,KAAM,CACJ4B,KAAM,GACN+B,KAAM,GACNN,KAAM,GACNO,MAAO,GACPC,MAAO,GACPJ,KAAM,OAIZ3I,EAAOgJ,UAAY,WACjB,IAAIxG,EAKJ,OAJAA,EAAIxC,EAAOgF,YAAYE,MAChByD,OACLnG,EAAEmG,KAAO,IAEJnG,EAAEmG,KAAKjD,KAAK,CAAC,MAAS9E,IAAU,MAEzCZ,EAAOiJ,WAAa,WAClB,IAAIzG,EAKJ,OAJAA,EAAIxC,EAAOgF,YAAYE,MAChByD,OACLnG,EAAEmG,KAAO,IAEJnG,EAAEmG,KAAKjD,KAAK,CAAC,MAAS9E,IAAU,MAEzCZ,EAAOkJ,cAAgB,WACrB,IAAI1G,EAMJ,OALAA,EAAIxC,EAAOgF,YAAYE,KACvB1B,QAAQC,IAAI,OAAQjB,GACfA,EAAE,KACLA,EAAE,GAAK,IAEFA,EAAE,GAAGkD,KAAK,CAAC,MAAS9E,IAAU,MAEvCZ,EAAOmJ,QAAU,WACf,IAAIC,EAKJ,OAJAA,EAAKpJ,EAAOgF,aACJE,OACNkE,EAAGlE,KAAO,IAELkE,EAAGlE,KAAKQ,KAAK,CAClBwB,EAAG,UACHmC,EAAG,CACD,CACEnC,EAAK,MACLoC,EAAK,WAKbtJ,EAAOuJ,iBAAmB,WACxB,IAAItH,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACPwD,KAAM,gBACN5B,KAAM,CAAC,IAAK,MAAO,GAAI,OAG3BlF,EAAOwJ,SAAW,WAChB,IAAIC,EAMJ,OALAA,EAAOzJ,EAAO0J,OAAS,IAAM1J,EAAO0J,OAAOxE,KAAO,eAClDlF,EAAO8B,QAAU,CACfwB,MAAO,kBACPqG,MAAO,YAEF3J,EAAO0D,UAAU,cAAe+F,GAAMlF,KAAK,WAChD,IAAImD,EAEJ,GADAA,EAAI1H,EAAO+B,OAET,OAAO/B,EAAO4J,gBAAgBlC,EAAG,kBAIvC1H,EAAO6J,eAAiB,WACtB,IAAIJ,EAMJ,OALAA,EAAOzJ,EAAO0J,OAAS,IAAM1J,EAAO0J,OAAOxE,KAAO,eAClDlF,EAAO8B,QAAU,CACfwB,MAAO,kBACPqG,MAAO,YAEF3J,EAAO0D,UAAU,cAAe+F,GAAMlF,KAAK,WAChD,IAAImD,EAEJ,OADAA,EAAI1H,EAAO+B,OACJ/B,EAAO8J,cAAcpC,EAAG,cAAe1H,EAAOgF,YAAY1B,UAGrEtD,EAAO+J,WAAa,WAClB,OAAO/J,EAAOgK,gBAAgB,sBAAuB,kBAAmB,gBAE1EhK,EAAOiK,UAAY,WACjB,OAAOjK,EAAOgK,gBAAgB,qBAAsB,kBAAmB,eAEzEhK,EAAOkK,UAAY,WACjB,OAAOlK,EAAOgK,gBAAgB,qBAAsB,aAAc,eAEpEhK,EAAOmK,UAAY,WACjB,OAAOnK,EAAOgK,gBAAgB,qBAAsB,aAAc,eAEpEhK,EAAOoK,UAAY,WACjB,OAAOpK,EAAOgK,gBAAgB,qBAAsB,iBAAkB,gBAExEhK,EAAOqK,UAAY,WACjB,OAAOrK,EAAOgK,gBAAgB,qBAAsB,iBAAkB,gBAExEhK,EAAOgK,gBAAkB,SAASlD,EAAMxD,EAAOM,GAK7C,OAJA5D,EAAO8B,QAAU,CACfwB,MAAOA,EACPqG,MAAO,QAEF3J,EAAO0D,UAAU,cAAeE,GAAMW,KAAK,WAChD,IAAIkF,EAEJ,GADAA,EAAOzJ,EAAO+B,OAEZ,OAAO/B,EAAO4J,gBAAgBH,EAAM3C,MAI1C9G,EAAO4J,gBAAkB,SAASH,EAAM3C,GACtC,IAAIF,EAAI0D,EAER,IADA1D,EAAK5G,EAAO6G,aACLD,EAAGD,YAAYrD,QAAWwD,EAAO,KACtCF,EAAKA,EAAGI,iBAWV,OATAsD,EAAI,CACFtE,GAAIc,EAAO,UAAY2C,EACvBnG,MAAOmG,EACP3C,KAAMA,EACNO,MAAOkD,UAAUzD,EAAM,QAAU2C,IAEnC1I,EAAWuJ,EAAEjD,OACbT,EAAGD,YAAYU,MAAM3B,KAAK4E,GAC1B1D,EAAG4D,SACIF,GAETvJ,EAAa,SAASkB,GACpB,IAAIwI,EAAK/C,EAAGgD,EACZ,IAAKA,EAAI,EAAGD,EAAMxI,EAAKqF,OAAQoD,EAAID,EAAKC,KACtChD,EAAIzF,EAAKyI,IACHC,QAAUjD,EAAW,iBAClBA,EAAEiD,OACTjD,EAAEkD,OAASlD,EAAW,SAEpBA,EAAEkD,OACJ7J,EAAW2G,EAAEkD,SACJlD,EAAW,SAAsB,IAAjBA,EAAW,WACpCA,EAAExC,KAAOwC,EAAW,SAGxB,OAAOzF,GAETvB,EAAU,SAASuB,GACjB,IAAIO,EAAGqI,EA+BP,OA9BArI,EAAIrC,EAAGmE,QACPuG,EAAK1K,EAAGmE,QACJrC,EAAK2I,QACPjK,EAASsB,GACTO,EAAEyB,WACOhC,EAAK0I,OACdlK,EAAUwB,GAAMsC,KAAK,WACnB,OAAO/B,EAAEyB,YAEFhC,EAAKoF,OAASpF,EAAKiD,KAC5B1C,EAAEyB,UAEFjE,EAAOwG,OAAOvE,GAAMsC,KAAK,WACvB,OAAO/B,EAAEyB,YAGbzB,EAAEmC,QAAQJ,KAAK,WACb,IAAIkG,EAAK/C,EAAGgD,EAAGI,EAAKR,EAEpB,GADAA,EAAI,GACArI,EAAKoF,MAEP,IAAKqD,EAAI,EAAGD,GADZK,EAAM7I,EAAKoF,OACWC,OAAQoD,EAAID,EAAKC,IACrChD,EAAIoD,EAAIJ,GACRJ,EAAE5E,KAAKhF,EAAQgH,IAGnB,OAAOvH,EAAG4K,IAAIT,GAAG/F,KAAK,WACpB,OAAOsG,EAAG5G,cAGP4G,EAAGlG,SAEZ3E,EAAO8J,cAAgB,SAASL,EAAM3C,EAAMkE,GAC1C,IAAIpE,EAEJ,OADAA,EAAK5G,EAAO6G,aACLnG,EAAQV,EAAOgF,aAAaT,KAAK,WAEtC,IADA,IAAI+F,EACG1D,EAAGD,YAAYrD,QAAWwD,EAAO,KACtCF,EAAKA,EAAGI,iBAMV,OAJAsD,EAAIW,KAAKC,MAAMD,KAAKE,UAAUnL,EAAOgF,aAAaoG,QAAQ,IAAIC,OAAOL,EAAO,KAAM,QAAUvB,KAC1FzD,GAAKc,EAAO,UAAY2C,EAC1Ba,EAAEhH,MAAQmG,EACV7C,EAAGD,YAAYU,MAAM3B,KAAK4E,GACnBA,KAGXtK,EAAOsL,IAAM,SAASC,EAAGC,GACvB,OAAOD,EAAE5D,OAAO6D,EAAG,IAErBxL,EAAOyL,YAAc,WACnB,IAAIC,EAGJ,OAFAA,EAAI1L,EAAO6G,aAAaG,iBACxBhH,EAAO6G,aAAa8E,SACb3L,EAAO4L,YAAYF,IAE5B1L,EAAO6L,KAAO,WACZ,IAAIL,EAAGxF,EAAI8F,EAAKrB,EAAQC,EAAGgB,EAAGZ,EAAKiB,EAKnC,IAJA/F,EAAKhG,EAAOgF,YAAYgB,GAExB8F,GADAJ,EAAI1L,EAAO6G,aAAaG,iBAAiBL,aACjCU,MAAMC,OAETkE,EAAId,EAAI,EAAGD,GADhBK,EAAMY,EAAErE,OACkBC,OAAQoD,EAAID,EAAKe,IAAMd,EAC3CI,EAAIU,GACFxF,KAAOA,IACX8F,EAAMN,GAQV,OALIM,EAAMJ,EAAErE,MAAMC,OAAS,IACzByE,EAAML,EAAErE,MAAMyE,GACdJ,EAAErE,MAAMyE,GAAOJ,EAAErE,MAAMyE,EAAM,GAC7BJ,EAAErE,MAAMyE,EAAM,GAAKC,GAEdD,GAET9L,EAAOgM,GAAK,WACV,IAAIR,EAAGxF,EAAI8F,EAAKrB,EAAQC,EAAGgB,EAAGZ,EAAKiB,EAKnC,IAJA/F,EAAKhG,EAAOgF,YAAYgB,GAExB8F,GAAO,EAEFN,EAAId,EAAI,EAAGD,GADhBK,GAFAY,EAAI1L,EAAO6G,aAAaG,iBAAiBL,aAEjCU,OACkBC,OAAQoD,EAAID,EAAKe,IAAMd,EAC3CI,EAAIU,GACFxF,KAAOA,IACX8F,EAAMN,GAQV,OALU,EAANM,IACFC,EAAML,EAAErE,MAAMyE,GACdJ,EAAErE,MAAMyE,GAAOJ,EAAErE,MAAMyE,EAAM,GAC7BJ,EAAErE,MAAMyE,EAAM,GAAKC,GAEdD,GAET9L,EAAOiM,SAAW,SAASC,GACzB,IAAIzB,EAAQC,EAAGI,EAEf,IAAKJ,EAAI,EAAGD,GADZK,EAAM9K,EAAOgF,YAAYmH,QACH7E,OAAQoD,EAAID,EAAKC,IAErC,GADII,EAAIJ,GACFxD,IAAMgF,EACV,OAAO,EAGX,OAAO,GAETlM,EAAOoM,gBAAkB,SAASnK,GAChC,OAAOA,EAAKqB,MAA8B,EAAtBrB,EAAKuF,QAAQF,OAAarF,EAAKuF,QAAUvF,EAAKsF,IAEpEvH,EAAOqM,QAAU,GACjBrM,EAAOgI,YAAc,SAASsE,GAC5B,IAAIC,EAAQC,EAAM1B,EAGlB,IAAKyB,KAFLD,EAAQA,GAAgBtM,EACxB8K,EAAM9K,EAAOqM,QAGX,GADAG,EAAO1B,EAAIyB,GACPvM,EAAOqM,QAAQI,eAAeF,GAChC,OAAOrL,OAAOwL,gBAAgBH,GAAQD,EAAOnM,EAAIqM,GAGrD,OAAO,GAETxM,EAAO2M,QAAU,SAASL,GACxB,IAAIrK,EAGJ,OAFAA,EAAOqK,EAAM3F,YACbhG,EAASsB,GACFqK,EAAMM,UAEfjM,EAAW,SAASsB,GAClB,IAAIsJ,EAAGd,EAAKoC,EAAMC,EAAMpF,EAAGgD,EAAGqC,EAAGC,EAAGlC,EAAKmC,EAAMC,EAE/C,IAAKxC,EAAI,EAAGD,GADZK,EAAM,CAAC,QAAS,eACMxD,OAAQoD,EAAID,EAAKC,IAErC,GAAIzI,EAAK,KADTyF,EAAIoD,EAAIJ,KACW,CAGjB,IAFAzI,EAAKyF,GAAK,GAELqF,EAAI,EAAGF,GADZI,EAAOhL,EAAK,IAAMyF,IACMJ,OAAQyF,EAAIF,EAAME,IACxCxB,EAAI0B,EAAKF,GACT9K,EAAKyF,GAAGhC,KAAK6F,UAERtJ,EAAK,IAAMyF,GAGtB,GAAIzF,EAAKkL,cAAe,CACtB,GAAIlL,EAAKoF,MAEP,IAAK2F,EAAI,EAAGF,GADZI,EAAOjL,EAAKoF,OACYC,OAAQ0F,EAAIF,EAAME,KACxCtF,EAAIwF,EAAKF,IACPI,SAAWpN,EAAOgI,YAIxB,OADAhI,EAAOqM,QAAQpK,EAAKkL,eAAiBlL,EAC9BjC,EAAOgI,gBAGlBhI,EAAO4M,OAAS,SAASN,GACvB,OAAOA,EAAMM,UAEf5M,EAAOqN,SAAW,SAASf,GACzB,IAAIrK,EAEJ,OADAA,EAAOqK,EAAM3F,YACNlG,EAAUwB,IAEnBxB,EAAY,SAASwB,GACnB,IAAIO,EA+CJ,OA9CAA,EAAIrC,EAAGmE,SACLgJ,OAAO,uBACTtN,EAAOwB,SAAU,EACjBvB,EAAM+C,IAAI,GAAK9B,OAAOW,WAAa7B,EAAO4B,WAAWkE,OAAS,IAAM7D,EAAK0I,QAAQpG,KAAK,SAAStB,GAC7F,IAAIsI,EAAGrG,EAAMuF,EAAKC,EAElB,GADAxF,EAAOjC,EAASiC,KAGT,GAAIA,EAAKqI,MACVrI,EAAKqI,MAAMxG,MAAM,gBACf9E,EAAc,QAChBA,EAAKoF,MAAQpF,EAAc,QAAEuL,MAAM,GAEnCvL,EAAKoF,MAAQ,UAERpF,EAAK0I,OACZnI,EAAEyB,QAAQ,8BAEVzB,EAAEkC,OAAO,2BAA6BQ,EAAKqI,WAExC,CAML,WALOtL,EAAK0I,OACP1I,EAAK6E,OACR7E,EAAK6E,KAAO,oBAEd7E,EAAKoF,MAAQ,GACRqD,EAAI,EAAGD,EAAMvF,EAAKoC,OAAQoD,EAAID,EAAKC,KACtCa,EAAIrG,EAAKwF,IACH+C,WACJlC,EAAEX,OAASL,UAAUgB,EAAEkC,SAAUlC,EAAEjI,QAErCrB,EAAKoF,MAAM3B,KAAK6F,GACZA,EAAEzE,KAAKC,MAAM,YACfvD,QAAQC,IAAI,oCACR8H,EAAEzC,OAA4B,iBAAZyC,EAAEzC,QACtByC,EAAEzC,MAAQ4E,SAASnC,EAAEzC,MAAO,MAIlCtG,EAAEyB,QAAQ,WAhCVzB,EAAEkC,OAAO,8BAkCX,OAAO1E,EAAOwB,SAAU,GACvB,SAASyB,GAEV,OADAnC,EAAUmC,GACHT,EAAEkC,OAAO,MAEXlC,EAAEmC,SAEX3E,EAAO2N,UAAY,SAASrB,GAC1B,OAAOtM,EAAOqN,SAASf,GAAO/H,KAAK,WACjC,OAAO+H,EAAMM,YAGjB5L,EAAU,SAASsL,GACjB,MAAQA,EAAM3F,YAAYiH,MAAQtB,EAAMtF,kBACtCsF,EAAQA,EAAMtF,iBAEhB,OAAOhH,EAAOqC,QAAUiK,EAAM3F,YAAYiH,MAAQ,4BAEpD5N,EAAO4L,YAAc,SAASU,GAC5B,IAAIjI,EAAGoG,EAAK/C,EAAGzF,EAAMyI,EAAGI,EAiBxB,IAhBA7I,EAAOqK,EAAM3F,aACJgE,QACP3K,EAAOqN,SAASf,GAEdrK,EAAK2I,QACP5K,EAAO2M,QAAQL,GAEjBtM,EAAOgF,YAAc/C,EACrBjC,EAAO6G,aAAeyF,EACtBjI,EAAIpC,EAAK6E,KAAO7E,EAAK6E,KAAO,OACxB7E,EAAKoF,OAASpF,EAAK2I,QAAU3I,EAAK0I,OACpC3K,EAAO2B,KAAa,SAAN0C,EAAeA,EAAI,QAEjCrE,EAAO2B,KAAO0C,EACdrE,EAAOwG,OAAOvE,IAEZA,EAAK6E,MAAsB,yBAAd7E,EAAK6E,KAEpB,IAAK4D,EAAI,EAAGD,GADZK,EAAM7I,EAAKoF,OACWC,OAAQoD,EAAID,EAAKC,IACrChD,EAAIoD,EAAIJ,GACR1K,EAAOwG,OAAOkB,GAIlB,OADA1H,EAAO0B,OAAQ,EACRV,EAAQsL,IAEjBtM,EAAO6N,YAAc,SAASvB,GAC5B,IAAIrK,EAEJ,UADAA,EAAOqK,EAAM3F,aACJG,OAAQ7E,EAAK6E,KAAKC,MAAM,kIAMnC/G,EAAO8N,aAAe,WAKpB,OAJA9N,EAAO8B,QAAU,CACfwB,MAAO,eACPqG,MAAO,QAEF3J,EAAO0D,UAAU,eAAea,KAAK,WAC1C,IAAIwJ,EAIJ,OAHI/N,EAAO+B,OACX/B,EAAOwB,SAAU,EACjBuM,EAAO/N,EAAO+B,OACP9B,EAAMgG,KAAK/E,OAAOW,WAAa,gBAAiB,CACrDkM,KAAQA,IACPxJ,KAAK,SAAStB,GACf,IAAIsK,EAAOS,EAiBX,OAhBAA,EAAU/K,EAASiC,KAAK8I,QACxBT,EAAQtK,EAASiC,KAAKqI,MACtBvN,EAAOwB,SAAU,EAEfxB,EAAO8B,QADLkM,EACe,CACf1K,MAAO,KACPxB,QAAS,0BACTyB,MAAO,IAGQ,CACfD,MAAO,QACPxB,QAASyL,EACThK,MAAO,IAGJvD,EAAO0D,UAAU,iBACvB5C,IACF,WACD,OAAO0C,QAAQC,IAAI,+BAGvBzD,EAAOiO,UAAY,WACjB,OAAOjO,EAAO0D,UAAU,iBAAiBa,KAAK,WAC5C,IAAIS,EAAakJ,EAIjB,OAHAlO,EAAOwB,SAAU,EACjBwD,EAAchF,EAAOgF,YACrBkJ,EAAWlO,EAAO+B,OACX9B,EAAMgG,KAAK/E,OAAOW,WAAa,aAAc,CAClDqM,SAAYA,IACX3J,KAAK,SAAStB,GAIf,OAHA+B,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAc,QAClDF,EAAYE,KAAK,GAAGA,KAAOgJ,EAC3BlJ,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAa,OAC1ClF,EAAOwB,SAAU,GACvBV,IACF,WACD,OAAO0C,QAAQC,IAAI,wBAGvBzD,EAAOmO,oBAAsB,WAC3B,IAAInJ,EAGJ,OAFAhF,EAAOwB,SAAU,EACjBwD,EAAchF,EAAOgF,YACd/E,EAAMgG,KAAK/E,OAAOW,WAAa,aAAc,CAClDqM,SAAY,KACX3J,KAAK,SAAStB,GAGf,OAFA+B,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAc,QAClDF,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAa,OAC1ClF,EAAOwB,SAAU,GACvBV,IAELd,EAAOwG,OAAS,SAASvE,GACvB,IAAIO,EAAGgJ,EAAGf,EAAK/C,EAAGgD,EAAGI,EAAKiB,EAE1B,GADAvJ,EAAIrC,EAAGmE,QACFrC,EAAKiD,KAkDR1C,EAAEyB,QAAQhC,EAAKiD,WAhDf,GADAlF,EAAOwB,SAAU,EACbS,EAAKe,KAA2B,iBAAbf,EAAKe,IAAkB,CAI5C,IAHAf,EAAKiD,KAAO,GACZ6G,EAAM,GAEDP,EAAId,EAAI,EAAGD,GADhBK,EAAM7I,EAAKe,KACesE,OAAQoD,EAAID,EAAKe,IAAMd,EAC/ChD,EAAIoD,EAAIU,GACRvJ,EAAKiD,KAAKsG,GAAK,CACblI,MAAOoE,EACP1B,GAAI0B,GAENqE,EAAIrG,KAAK1F,EAAOwG,OAAOvE,EAAKiD,KAAKsG,KAEnCrL,EAAG4K,IAAIgB,GAAKxH,KAAK,WACf,OAAO/B,EAAEyB,QAAQhC,EAAKiD,OACrB,SAASjC,GAEV,OADAT,EAAEkC,OAAOzB,EAASI,YACXrD,EAAOwB,SAAU,SAG1BvB,EAAM+C,IAAI,GAAK9B,OAAOW,WAAa7B,EAAO4B,WAAWkE,OAAS,KAAO7D,EAAKe,IAAMf,EAAKe,IAAMf,EAAKqB,QAAQiB,KAAK,SAAStB,GACpH,IAAIiC,EAqBJ,OAnBoB,QADpBA,EAAOjC,EAASiC,MACNgH,OAAmBhH,EAAKqI,OAASrI,EAAKqI,MAAMxG,MAAM,iBAAwC,OAApB9E,EAAc,QAC5FA,EAAKiD,KAAOjD,EAAc,QAE1BA,EAAKiD,KAAOA,EAAKgH,MAEfjK,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,8BACN,iBAAd9E,EAAKiD,MAAqBjD,EAAKiD,KAAK6B,MAAM,kBACnD9E,EAAKiD,KAAOwI,SAASzL,EAAKiD,KAAM,KAGhCjD,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,WAC/B9E,EAAKiD,KAAOwI,SAASzL,EAAKiD,KAAM,KAE9BjD,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,YAC/B9E,EAAKiD,KAAOjD,EAAKiD,KAAKkJ,WACbnM,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,+CAAwE,iBAAd9E,EAAKiD,OACrGjD,EAAKiD,KAAOjD,EAAKiD,KAAKmJ,MAAM,MAE9BrO,EAAOwB,SAAU,EACVgB,EAAEyB,QAAQhC,EAAKiD,OACrB,SAASjC,GAEV,OADAnC,EAAUmC,GACHT,EAAEkC,OAAOzB,EAASG,UAM/B,OAAOZ,EAAEmC,SAEX9D,EAAY,SAASyN,EAAOC,EAAMC,GAChC,IAAI9G,EAEJ,OAAU,QADVA,EAAI6G,EAAKxH,MAAM,IAAIsE,OAAO,+BAEjBnL,EAAU0F,KAAK,kBAEtBpC,QAAQC,IAAI,4BAA8BiE,EAAE,IACrC1H,EAAOyO,OAAO/G,EAAE,MAG3B1H,EAAO0O,IAAI,yBAA0B7N,GACrCb,EAAOyO,OAAS,SAAS/G,GACvB,OAAI1H,EAAO4B,WAAWkE,SAAW4B,EACxBzH,EAAM+C,IAAI,GAAK9B,OAAOW,WAAa6F,GAAGnD,KAAK,SAAStB,GACzD,IAAIT,EAMJ,OALAxC,EAAO4B,WAAaqB,EAASiC,KAC7B1C,EAAI,IAAIE,KAAiC,IAA5B1C,EAAO4B,WAAW+M,SAC/B3O,EAAO4B,WAAWgN,KAAOpM,EAAEqM,iBAC3BrL,QAAQC,IAAI,oBAAsBiE,EAAI,WACtCxH,EAAU0F,KAAK,UAAY8B,GACpB1H,EAAO4D,QACb,SAASX,GACV,OAAOnC,EAAUmC,GAAUsB,KAAK,WAE9B,OADAvE,EAAO4B,WAAWkE,OAAS,EACpB9F,EAAO4D,WAIX5D,EAAOwB,SAAU,GAG5BxB,EAAO8O,YAAc,SAASC,GAI5B,OAHA/O,EAAO+O,KAAOA,EACd/O,EAAO2B,KAAO,QACd3B,EAAO4D,OACA5D,EAAOyB,OAAQ,GAExBzB,EAAO4D,KAAO,WACZ,IAAImI,EA4BJ,OA3BAA,EAAM,KACN/L,EAAOwB,SAAU,EACjBxB,EAAOkF,KAAO,GACdlF,EAAOwF,eAAgB,EACvBxF,EAAOkG,WAAY,EACnB/F,EAAG4K,IAAI,CACL1K,EAAYuD,KAAK5D,EAAO+O,MAAO9O,EAAM+C,IAAI9B,OAAOG,aAAe,eAAekD,KAAK,SAAStB,GAE1F,OADA8I,EAAM9I,EAASiC,KACR1B,QAAQC,IAAI,wBAEpBc,KAAK,WAcN,OAbAf,QAAQC,IAAI,8BACZzD,EAAOkF,KAAO6G,EACdA,EAAM,KAC2B,IAA7B/L,EAAO4B,WAAWkE,OACpBkJ,aAAahP,IAEbA,EAAO8B,QAAU,CACfwB,MAAO,YACPxB,QAAS,4BAEX9B,EAAO0D,UAAU,iBAEnB1D,EAAO2B,KAAO,OACP3B,EAAOwB,SAAU,GACvBV,GACHd,EAAOiP,aAAe,OACfjP,EAAOkP,QAAU,CACtBC,MAAO,YAGPjP,EAAU0F,OAAOmB,MAAM,IAAIsE,OAAO,8BAEpC7H,QAAQC,IAAI,gCACZvD,EAAU0F,KAAK,kBAEjB5F,EAAOoP,oBAAsB,SAASnN,EAAMoN,GAE1C,OADArP,EAAOwB,SAAU,EACVvB,EAAMgG,KAAK/E,OAAOoO,WAAa,MAAO,CAC3CD,IAAKA,IACJ9K,KAAK,SAAStB,GAEf,OADAhB,EAAKiD,KAAOjC,EAASiC,KAAKqK,QACnBvP,EAAOwB,SAAU,GACvBV,IAELd,EAAOwP,eAAiB,SAASvN,EAAMoE,GACrC,OAAOpE,EAAKiD,KAAOmB,GAErBrG,EAAOyP,OAAS,SAASF,EAASzI,EAAM4I,GACtC,OAAOD,OAAO,IAAIE,KAAK,CAACJ,GAAU,CAChCzI,KAAQA,IACN4I,IAEN1P,EAAO4P,UAAY,SAAShJ,EAAI0F,GAC9B,OAAOA,EAAMmD,OAAO7I,EAAG1B,KAAK,GAAGA,KAAO,KAAO0B,EAAG1B,KAAK,GAAGA,KAAM,yBAA0B0B,EAAGtD,MAAQ,SAE9FtD,EAAO6P,WAAa,SAASjJ,EAAI0F,GACtC,OAAOA,EAAMmD,OAAO7I,EAAG1B,KAAM,aAAc0B,EAAGtD,MAAQ,cAK3DwM,KAAKC"}
\ No newline at end of file
+{"version":3,"sources":["manager.js"],"names":["angular","module","controller","$scope","$http","$location","$q","$uibModal","$translator","$cookies","$htmlParams","_checkSaveResponse","_download","_getAll","_stoggle","idinc","pathEvent","readError","setDefault","setHelp","links","window","menu","menulinks","staticPrefix","formPrefix","availableLanguages","waiting","showM","showT","form","currentCfg","confPrefix","message","result","translateTitle","node","translateField","translateP","translate","helpUrl","setShowHelp","val","d","showH","Date","now","setFullYear","getFullYear","put","expires","get","response","e","j","status","statusLine","title","items","console","log","showModal","tpl","init","modalInstance","open","templateUrl","size","resolve","elem","s","set","f","defer","then","msgok","msgnok","reject","promise","menuClick","button","popup","action","currentNode","home","data","m","itemsE","itemsNC","itemsW","needConfirm","confirmNeeded","details","push","concat","path","downloadConf","cfgNum","save","id","post","forceSave","pop","saveRawConf","$fileContent","restore","cancel","getKey","_findContainer","_findScopeContainer","$modelValue","cs","currentScope","type","match","$parentNodeScope","_findScopeByKey","k","newGrantRule","l","nodes","length","re","comment","newRule","n","splice","newPost","newPostVar","vars","newAuthChoice","execFilters","newHashEntry","newCat","newApp","description","uri","tooltip","logo","display","newCmbMod","for","over","newSfExtra","rule","level","label","newSfOver","newCmbOver","newChoiceOver","addHost","cn","h","v","addSamlAttribute","addVhost","name","domain","field","addTemplateNode","duplicateVhost","duplicateNode","addSamlIDP","newTemplateNode","addSamlSP","addOidcOp","addOidcRp","addCasSrv","addCasApp","t","templates","expand","len","o","cnodes","_nodes","d2","ref","all","idkey","JSON","parse","stringify","replace","RegExp","del","a","i","deleteEntry","p","remove","displayForm","down","ind","tmp","up","inSelect","value","select","changeRuleTitle","filters","scope","filter","func","hasOwnProperty","filterFunctions","stoggle","toggle","len1","len2","q","r","ref1","ref2","_nodes_filter","onChange","download","notify","error","slice","template","parseInt","openCnode","help","keyWritable","sendTestMail","dest","success","newCertificate","password","newRSAKey","newRSAKeyNoPassword","toString","split","event","next","current","getCfg","$on","cfgDate","date","toLocaleString","getLanguage","lang","setScopeVars","activeModule","myStyle","color","replaceContentByUrl","url","scriptname","content","replaceContent","saveAs","filename","Blob","saveAsPem","saveAsText","call","this"],"mappings":"CAaA,WAGUA,QAAQC,OAAO,cAAe,CAAC,UAAW,eAAgB,QAAS,cAOrEC,WAAW,WAAY,CAC3B,SAAU,QAAS,YAAa,KAAM,YAAa,cAAe,WAAY,cAAe,SAASC,EAAQC,EAAOC,EAAWC,EAAIC,EAAWC,EAAaC,EAAUC,GACpK,IAAIC,EAAoBC,EAAWC,EAASC,EAAaC,EAAOC,EAAWC,EAAWC,EAAYC,EA0/BlG,OAz/BAhB,EAAOiB,MAAQC,OAAOD,MACtBjB,EAAOmB,KAAOZ,EAAYY,KAC1BnB,EAAOoB,UAAYF,OAAOE,UAC1BpB,EAAOqB,aAAeH,OAAOG,aAC7BrB,EAAOsB,WAAaJ,OAAOI,WAC3BtB,EAAOuB,mBAAqBL,OAAOK,mBACnCvB,EAAOwB,SAAU,EACjBxB,EAAOyB,OAAQ,EACfzB,EAAO0B,OAAQ,EACf1B,EAAO2B,KAAO,OACd3B,EAAO4B,WAAa,GACpB5B,EAAO6B,WAAaX,OAAOW,WAC3B7B,EAAO8B,QAAU,GACjB9B,EAAO+B,OAAS,GAChB/B,EAAOgC,eAAiB,SAASC,GAC/B,OAAO5B,EAAY6B,eAAeD,EAAM,UAE1CjC,EAAOmC,WAAa9B,EAAY8B,WAChCnC,EAAOoC,UAAY/B,EAAY+B,UAC/BpC,EAAOqC,QAAU,2BACjBrC,EAAOsC,YAAc,SAASC,GAC5B,IAAIC,EAOJ,OANW,MAAPD,IACFA,GAAOvC,EAAOyC,OAEhBzC,EAAOyC,MAAQF,GACfC,EAAI,IAAIE,KAAKA,KAAKC,QAChBC,YAAYJ,EAAEK,cAAgB,GACzBvC,EAASwC,IAAI,WAAaP,EAAM,OAAS,QAAU,CACxDQ,QAAWP,KAGfxC,EAAOyC,MAAqC,UAA7BnC,EAAS0C,IAAI,YACR,MAAhBhD,EAAOyC,OACTzC,EAAOsC,aAAY,GAErBxB,EAAY,SAASmC,GACnB,IAAIC,EAAGC,EAoCP,OAnCAD,EAAID,EAASG,OACbD,EAAIF,EAASI,WACbrD,EAAOwB,SAAU,EAEfxB,EAAO8B,QADC,MAANoB,EACe,CACfI,MAAO,YACPxB,QAAS,GACTyB,MAAO,IAEM,MAANL,GACTM,QAAQC,IAAI,yBACK,CACfH,MAAO,uBACPxB,QAAS,eACTyB,MAAO,KAEM,MAANL,EACQ,CACfI,MAAO,aACPxB,QAASqB,EACTI,MAAO,IAEI,EAAJL,EACQ,CACfI,MAAO,aACPxB,QAASqB,EACTI,MAAO,IAGQ,CACfD,MAAO,iBACPxB,QAAS,GACTyB,MAAO,IAGJvD,EAAO0D,UAAU,iBAE1B1D,EAAO0D,UAAY,SAASC,EAAKC,GAC/B,IAAIpB,EAAGqB,EAqCP,OApCAA,EAAgBzD,EAAU0D,KAAK,CAC7BC,YAAaJ,EACb5D,WAAY,oBACZiE,KAAM,KACNC,QAAS,CACPC,KAAM,WACJ,OAAO,SAASC,GACd,OAAOnE,EAAOmE,KAGlBC,IAAK,WACH,OAAO,SAASC,EAAGF,GACjB,OAAOnE,EAAOqE,GAAKF,IAGvBP,KAAM,WACJ,OAAOA,MAIbpB,EAAIrC,EAAGmE,QACPT,EAAc9B,OAAOwC,KAAK,SAASC,GAMjC,OALAxE,EAAO8B,QAAU,CACfwB,MAAO,GACPxB,QAAS,GACTyB,MAAO,IAEFf,EAAEyB,QAAQO,IAChB,SAASC,GAMV,OALAzE,EAAO8B,QAAU,CACfwB,MAAO,GACPxB,QAAS,GACTyB,MAAO,IAEFf,EAAEkC,OAAOD,KAEXjC,EAAEmC,SAEX3E,EAAO4E,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACT5D,OAAO4C,KAAKe,EAAOC,YAKnB,OAHKD,EAAOE,SACVF,EAAOE,OAASF,EAAOvB,cAEVuB,EAAOE,QACpB,IAAK,WACHF,EAAOE,OAAO/E,EAAOgF,YAAahF,GAClC,MACF,IAAK,SACHA,EAAO6E,EAAOE,UACd,MACF,QACEvB,QAAQC,WAAWoB,EAAOE,QAGhC,OAAO/E,EAAOyB,OAAQ,GAExBzB,EAAOiF,KAAO,WAEZ,OADAjF,EAAO2B,KAAO,OACP3B,EAAOyB,OAAQ,GAExBjB,EAAqB,SAAS0E,GAC5B,IAAIC,EAeJ,GAdAnF,EAAO8B,QAAU,CACfwB,MAAO,GACPxB,QAAS,GACTyB,MAAO,GACP6B,OAAQ,GACRC,QAAS,GACTC,OAAQ,IAENJ,EAAKK,cACPvF,EAAOwF,eAAgB,GAErBN,EAAKpD,UACP9B,EAAO8B,QAAQA,QAAUoD,EAAKpD,SAE5BoD,EAAKO,QAAS,CAChB,IAAKN,KAAKD,EAAKO,QACH,gBAANN,IACQ,yBAANA,GACFnF,EAAO8B,QAAQuD,QAAQK,KAAK,CAC1B5D,QAASqD,EACT5B,MAAO2B,EAAKO,QAAQN,KAEtB3B,QAAQC,IAAI,oBAAqBzD,EAAO8B,QAAQuD,UACjC,iBAANF,GACTnF,EAAO8B,QAAQwD,OAAOI,KAAK,CACzB5D,QAASqD,EACT5B,MAAO2B,EAAKO,QAAQN,KAEtB3B,QAAQC,IAAI,YAAazD,EAAO8B,QAAQwD,UAExCtF,EAAO8B,QAAQsD,OAAOM,KAAK,CACzB5D,QAASqD,EACT5B,MAAO2B,EAAKO,QAAQN,KAEtB3B,QAAQC,IAAI,UAAWzD,EAAO8B,QAAQsD,UAI5CpF,EAAO8B,QAAQyB,MAAQvD,EAAO8B,QAAQsD,OAAOO,OAAO3F,EAAO8B,QAAQuD,QAAQM,OAAO3F,EAAO8B,QAAQwD,SASnG,OAPAtF,EAAOwB,SAAU,EACG,IAAhB0D,EAAKnD,QACP7B,EAAU0F,KAAK,WACf5F,EAAO8B,QAAQwB,MAAQ,qBAEvBtD,EAAO8B,QAAQwB,MAAQ,aAElBtD,EAAO0D,UAAU,iBAE1B1D,EAAO6F,aAAe,WACpB,OAAO3E,OAAO4C,KAAK9D,EAAO6B,WAAa7B,EAAO4B,WAAWkE,OAAS,YAEpE9F,EAAO+F,KAAO,WAkBZ,OAjBA/F,EAAO0D,UAAU,aAAaa,KAAK,WAOjC,OANAvE,EAAOwB,SAAU,EACjBxB,EAAOkF,KAAKQ,KAAK,CACfM,GAAI,SACJ1C,MAAO,SACP4B,KAAMlF,EAAO+B,OAAS/B,EAAO+B,OAAS,KAEjC9B,EAAMgG,KAAK/E,OAAOW,WAAa,WAAa7B,EAAO4B,WAAWkE,QAAU9F,EAAOkG,UAAY,WAAa,IAAKlG,EAAOkF,MAAMX,KAAK,SAAStB,GAE7I,OADAjD,EAAOkF,KAAKiB,MACL3F,EAAmByC,EAASiC,OAClC,SAASjC,GAEV,OADAnC,EAAUmC,GACHjD,EAAOkF,KAAKiB,SAEpB,WACD,OAAO3C,QAAQC,IAAI,qBAEdzD,EAAOyB,OAAQ,GAExBzB,EAAOoG,YAAc,SAASC,GAE5B,OADArG,EAAOwB,SAAU,EACVvB,EAAMgG,KAAK/E,OAAOW,WAAa,OAAQwE,GAAc9B,KAAK,SAAStB,GACxE,OAAOzC,EAAmByC,EAASiC,OAClCpE,IAELd,EAAOsG,QAAU,WAEf,OADAtG,EAAOgF,YAAc,KACdhF,EAAO2B,KAAO,WAEvB3B,EAAOuG,OAAS,WAEd,OADAvG,EAAOgF,YAAYE,KAAO,KACnBlF,EAAOwG,OAAOxG,EAAOgF,cAE9BpE,EAAQ,EACRZ,EAAOyG,eAAiB,WACtB,OAAOzG,EAAO0G,sBAAsBC,aAEtC3G,EAAO0G,oBAAsB,WAC3B,IAAIE,EAEJ,IADAA,EAAK5G,EAAO6G,cACJD,EAAGD,YAAYG,KAAKC,MAAM,eAChCH,EAAKA,EAAGI,iBAEV,OAAOJ,GAET5G,EAAOiH,gBAAkB,SAASC,GAChC,IAAIN,EAEJ,IADAA,EAAK5G,EAAO6G,aACHD,EAAGD,YAAYrD,QAAU4D,GAChCN,EAAKA,EAAGI,iBAEV,OAAOJ,GAET5G,EAAOmH,aAAe,WACpB,IAAIC,EAAMnF,EAIV,OADQ,GADRmF,GADAnF,EAAOjC,EAAOyG,kBACLY,MAAMC,QACHF,EAAI,EAAI,EACbnF,EAAKoF,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,WACPiE,GAAI,UACJC,QAAS,WACTtC,KAAM,IACN4B,KAAM,WAGV9G,EAAOyH,QAAU,WACf,IAAIL,EAAGM,EAAGzF,EAIV,OADAyF,EAAQ,GADRN,GADAnF,EAAOjC,EAAOyG,kBACLY,MAAMC,QACHF,EAAI,EAAI,EACbnF,EAAKoF,MAAMM,OAAOD,EAAG,EAAG,CAC7B1B,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,WACPiE,GAAI,QACJC,QAAS,WACTtC,KAAM,SACN4B,KAAM,UAGV9G,EAAO4H,QAAU,WACf,IAAI3F,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,yBACP4B,KAAM,GACN4B,KAAM,UAGV9G,EAAO6H,WAAa,WAIlB,OAHoC,MAAhC7H,EAAOgF,YAAYE,KAAK4C,OAC1B9H,EAAOgF,YAAYE,KAAK4C,KAAO,IAE1B9H,EAAOgF,YAAYE,KAAK4C,KAAKpC,KAAK,CAAC,OAAQ,UAEpD1F,EAAO+H,cAAgB,WACrB,IAAI9F,EAQJ,OAPAA,EAAOjC,EAAOyG,kBACTY,MAAM3B,KAAK,CACdM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,QACP4B,KAAM,CAAC,OAAQ,OAAQ,QACvB4B,KAAM,eAED9G,EAAOgI,YAAYhI,EAAOiH,gBAAgB,gBAEnDjH,EAAOiI,aAAe,WACpB,IAAIhG,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACP4B,KAAM,GACN4B,KAAM,aAGV9G,EAAOkI,OAAS,WACd,IAAItB,EAKJ,MAH4B,aAD5BA,EAAK5G,EAAO6G,cACLF,YAAYG,OACjBF,EAAKA,EAAGI,kBAEHJ,EAAGD,YAAYU,MAAM3B,KAAK,CAC/BM,GAAIY,EAAGD,YAAYX,GAAK,KAAQpF,IAChC0C,MAAO,eACPwD,KAAM,UACNO,MAAO,MAGXrH,EAAOmI,OAAS,WACd,IAAIvB,EAKJ,MAH4B,aAD5BA,EAAK5G,EAAO6G,cACLF,YAAYG,OACjBF,EAAKA,EAAGI,kBAEHJ,EAAGD,YAAYU,MAAM3B,KAAK,CAC/BM,GAAIY,EAAGD,YAAYX,GAAK,KAAQpF,IAChC0C,MAAO,kBACPwD,KAAM,UACN5B,KAAM,CACJkD,YAAa,sBACbC,IAAK,4BACLC,QAAS,kBACTC,KAAM,cACNC,QAAS,WAIfxI,EAAOyI,UAAY,WACjB,IAAIxG,EAYJ,OAXAA,EAAOjC,EAAOyG,kBACTY,MAAM3B,KAAK,CACdM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACPwD,KAAM,YACN5B,KAAM,CACJ4B,KAAM,OACN4B,IAAO,IACPC,KAAM,MAGH3I,EAAOgI,YAAYhI,EAAOiH,gBAAgB,gBAEnDjH,EAAO4I,WAAa,WAClB,IAAI3G,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACPwD,KAAM,UACN5B,KAAM,CACJ4B,KAAM,GACN+B,KAAM,GACNN,KAAM,GACNO,MAAO,GACPC,MAAO,GACPJ,KAAM,OAIZ3I,EAAOgJ,UAAY,WACjB,IAAIxG,EAKJ,OAJAA,EAAIxC,EAAOgF,YAAYE,MAChByD,OACLnG,EAAEmG,KAAO,IAEJnG,EAAEmG,KAAKjD,KAAK,CAAC,MAAS9E,IAAU,MAEzCZ,EAAOiJ,WAAa,WAClB,IAAIzG,EAKJ,OAJAA,EAAIxC,EAAOgF,YAAYE,MAChByD,OACLnG,EAAEmG,KAAO,IAEJnG,EAAEmG,KAAKjD,KAAK,CAAC,MAAS9E,IAAU,MAEzCZ,EAAOkJ,cAAgB,WACrB,IAAI1G,EAMJ,OALAA,EAAIxC,EAAOgF,YAAYE,KACvB1B,QAAQC,IAAI,OAAQjB,GACfA,EAAE,KACLA,EAAE,GAAK,IAEFA,EAAE,GAAGkD,KAAK,CAAC,MAAS9E,IAAU,MAEvCZ,EAAOmJ,QAAU,WACf,IAAIC,EAKJ,OAJAA,EAAKpJ,EAAOgF,aACJE,OACNkE,EAAGlE,KAAO,IAELkE,EAAGlE,KAAKQ,KAAK,CAClBwB,EAAG,UACHmC,EAAG,CACD,CACEnC,EAAK,MACLoC,EAAK,WAKbtJ,EAAOuJ,iBAAmB,WACxB,IAAItH,EAEJ,OADAA,EAAOjC,EAAOyG,kBACFY,MAAM3B,KAAK,CACrBM,GAAI/D,EAAK+D,GAAK,KAAQpF,IACtB0C,MAAO,MACPwD,KAAM,gBACN5B,KAAM,CAAC,IAAK,MAAO,GAAI,OAG3BlF,EAAOwJ,SAAW,WAChB,IAAIC,EAMJ,OALAA,EAAOzJ,EAAO0J,OAAS,IAAM1J,EAAO0J,OAAOxE,KAAO,eAClDlF,EAAO8B,QAAU,CACfwB,MAAO,kBACPqG,MAAO,YAEF3J,EAAO0D,UAAU,cAAe+F,GAAMlF,KAAK,WAChD,IAAImD,EAEJ,GADAA,EAAI1H,EAAO+B,OAET,OAAO/B,EAAO4J,gBAAgBlC,EAAG,kBAIvC1H,EAAO6J,eAAiB,WACtB,IAAIJ,EAMJ,OALAA,EAAOzJ,EAAO0J,OAAS,IAAM1J,EAAO0J,OAAOxE,KAAO,eAClDlF,EAAO8B,QAAU,CACfwB,MAAO,kBACPqG,MAAO,YAEF3J,EAAO0D,UAAU,cAAe+F,GAAMlF,KAAK,WAChD,IAAImD,EAEJ,OADAA,EAAI1H,EAAO+B,OACJ/B,EAAO8J,cAAcpC,EAAG,cAAe1H,EAAOgF,YAAY1B,UAGrEtD,EAAO+J,WAAa,WAClB,OAAO/J,EAAOgK,gBAAgB,sBAAuB,kBAAmB,gBAE1EhK,EAAOiK,UAAY,WACjB,OAAOjK,EAAOgK,gBAAgB,qBAAsB,kBAAmB,eAEzEhK,EAAOkK,UAAY,WACjB,OAAOlK,EAAOgK,gBAAgB,qBAAsB,aAAc,eAEpEhK,EAAOmK,UAAY,WACjB,OAAOnK,EAAOgK,gBAAgB,qBAAsB,aAAc,eAEpEhK,EAAOoK,UAAY,WACjB,OAAOpK,EAAOgK,gBAAgB,qBAAsB,iBAAkB,gBAExEhK,EAAOqK,UAAY,WACjB,OAAOrK,EAAOgK,gBAAgB,qBAAsB,iBAAkB,gBAExEhK,EAAOgK,gBAAkB,SAASlD,EAAMxD,EAAOM,GAK7C,OAJA5D,EAAO8B,QAAU,CACfwB,MAAOA,EACPqG,MAAO,QAEF3J,EAAO0D,UAAU,cAAeE,GAAMW,KAAK,WAChD,IAAIkF,EAEJ,GADAA,EAAOzJ,EAAO+B,OAEZ,OAAO/B,EAAO4J,gBAAgBH,EAAM3C,MAI1C9G,EAAO4J,gBAAkB,SAASH,EAAM3C,GACtC,IAAIF,EAAI0D,EAER,IADA1D,EAAK5G,EAAO6G,aACLD,EAAGD,YAAYrD,QAAWwD,EAAO,KACtCF,EAAKA,EAAGI,iBAWV,OATAsD,EAAI,CACFtE,GAAIc,EAAO,UAAY2C,EACvBnG,MAAOmG,EACP3C,KAAMA,EACNO,MAAOkD,UAAUzD,EAAM,QAAU2C,IAEnC1I,EAAWuJ,EAAEjD,OACbT,EAAGD,YAAYU,MAAM3B,KAAK4E,GAC1B1D,EAAG4D,SACIF,GAETvJ,EAAa,SAASkB,GACpB,IAAIwI,EAAK/C,EAAGgD,EACZ,IAAKA,EAAI,EAAGD,EAAMxI,EAAKqF,OAAQoD,EAAID,EAAKC,KACtChD,EAAIzF,EAAKyI,IACHC,QAAUjD,EAAW,iBAClBA,EAAEiD,OACTjD,EAAEkD,OAASlD,EAAW,SAEpBA,EAAEkD,OACJ7J,EAAW2G,EAAEkD,SACJlD,EAAW,SAAsB,IAAjBA,EAAW,WACpCA,EAAExC,KAAOwC,EAAW,SAGxB,OAAOzF,GAETvB,EAAU,SAASuB,GACjB,IAAIO,EAAGqI,EA+BP,OA9BArI,EAAIrC,EAAGmE,QACPuG,EAAK1K,EAAGmE,QACJrC,EAAK2I,QACPjK,EAASsB,GACTO,EAAEyB,WACOhC,EAAK0I,OACdlK,EAAUwB,GAAMsC,KAAK,WACnB,OAAO/B,EAAEyB,YAEFhC,EAAKoF,OAASpF,EAAKiD,KAC5B1C,EAAEyB,UAEFjE,EAAOwG,OAAOvE,GAAMsC,KAAK,WACvB,OAAO/B,EAAEyB,YAGbzB,EAAEmC,QAAQJ,KAAK,WACb,IAAIkG,EAAK/C,EAAGgD,EAAGI,EAAKR,EAEpB,GADAA,EAAI,GACArI,EAAKoF,MAEP,IAAKqD,EAAI,EAAGD,GADZK,EAAM7I,EAAKoF,OACWC,OAAQoD,EAAID,EAAKC,IACrChD,EAAIoD,EAAIJ,GACRJ,EAAE5E,KAAKhF,EAAQgH,IAGnB,OAAOvH,EAAG4K,IAAIT,GAAG/F,KAAK,WACpB,OAAOsG,EAAG5G,cAGP4G,EAAGlG,SAEZ3E,EAAO8J,cAAgB,SAASL,EAAM3C,EAAMkE,GAC1C,IAAIpE,EAEJ,OADAA,EAAK5G,EAAO6G,aACLnG,EAAQV,EAAOgF,aAAaT,KAAK,WAEtC,IADA,IAAI+F,EACG1D,EAAGD,YAAYrD,QAAWwD,EAAO,KACtCF,EAAKA,EAAGI,iBAMV,OAJAsD,EAAIW,KAAKC,MAAMD,KAAKE,UAAUnL,EAAOgF,aAAaoG,QAAQ,IAAIC,OAAOL,EAAO,KAAM,QAAUvB,KAC1FzD,GAAKc,EAAO,UAAY2C,EAC1Ba,EAAEhH,MAAQmG,EACV7C,EAAGD,YAAYU,MAAM3B,KAAK4E,GACnBA,KAGXtK,EAAOsL,IAAM,SAASC,EAAGC,GACvB,OAAOD,EAAE5D,OAAO6D,EAAG,IAErBxL,EAAOyL,YAAc,WACnB,IAAIC,EAGJ,OAFAA,EAAI1L,EAAO6G,aAAaG,iBACxBhH,EAAO6G,aAAa8E,SACb3L,EAAO4L,YAAYF,IAE5B1L,EAAO6L,KAAO,WACZ,IAAIL,EAAGxF,EAAI8F,EAAKrB,EAAQC,EAAGgB,EAAGZ,EAAKiB,EAKnC,IAJA/F,EAAKhG,EAAOgF,YAAYgB,GAExB8F,GADAJ,EAAI1L,EAAO6G,aAAaG,iBAAiBL,aACjCU,MAAMC,OAETkE,EAAId,EAAI,EAAGD,GADhBK,EAAMY,EAAErE,OACkBC,OAAQoD,EAAID,EAAKe,IAAMd,EAC3CI,EAAIU,GACFxF,KAAOA,IACX8F,EAAMN,GAQV,OALIM,EAAMJ,EAAErE,MAAMC,OAAS,IACzByE,EAAML,EAAErE,MAAMyE,GACdJ,EAAErE,MAAMyE,GAAOJ,EAAErE,MAAMyE,EAAM,GAC7BJ,EAAErE,MAAMyE,EAAM,GAAKC,GAEdD,GAET9L,EAAOgM,GAAK,WACV,IAAIR,EAAGxF,EAAI8F,EAAKrB,EAAQC,EAAGgB,EAAGZ,EAAKiB,EAKnC,IAJA/F,EAAKhG,EAAOgF,YAAYgB,GAExB8F,GAAO,EAEFN,EAAId,EAAI,EAAGD,GADhBK,GAFAY,EAAI1L,EAAO6G,aAAaG,iBAAiBL,aAEjCU,OACkBC,OAAQoD,EAAID,EAAKe,IAAMd,EAC3CI,EAAIU,GACFxF,KAAOA,IACX8F,EAAMN,GAQV,OALU,EAANM,IACFC,EAAML,EAAErE,MAAMyE,GACdJ,EAAErE,MAAMyE,GAAOJ,EAAErE,MAAMyE,EAAM,GAC7BJ,EAAErE,MAAMyE,EAAM,GAAKC,GAEdD,GAET9L,EAAOiM,SAAW,SAASC,GACzB,IAAIzB,EAAQC,EAAGI,EAEf,IAAKJ,EAAI,EAAGD,GADZK,EAAM9K,EAAOgF,YAAYmH,QACH7E,OAAQoD,EAAID,EAAKC,IAErC,GADII,EAAIJ,GACFxD,IAAMgF,EACV,OAAO,EAGX,OAAO,GAETlM,EAAOoM,gBAAkB,SAASnK,GAChC,OAAOA,EAAKqB,MAA8B,EAAtBrB,EAAKuF,QAAQF,OAAarF,EAAKuF,QAAUvF,EAAKsF,IAEpEvH,EAAOqM,QAAU,GACjBrM,EAAOgI,YAAc,SAASsE,GAC5B,IAAIC,EAAQC,EAAM1B,EAGlB,IAAKyB,KAFLD,EAAQA,GAAgBtM,EACxB8K,EAAM9K,EAAOqM,QAGX,GADAG,EAAO1B,EAAIyB,GACPvM,EAAOqM,QAAQI,eAAeF,GAChC,OAAOrL,OAAOwL,gBAAgBH,GAAQD,EAAOnM,EAAIqM,GAGrD,OAAO,GAETxM,EAAO2M,QAAU,SAASL,GACxB,IAAIrK,EAGJ,OAFAA,EAAOqK,EAAM3F,YACbhG,EAASsB,GACFqK,EAAMM,UAEfjM,EAAW,SAASsB,GAClB,IAAIsJ,EAAGd,EAAKoC,EAAMC,EAAMpF,EAAGgD,EAAGqC,EAAGC,EAAGlC,EAAKmC,EAAMC,EAE/C,IAAKxC,EAAI,EAAGD,GADZK,EAAM,CAAC,QAAS,eACMxD,OAAQoD,EAAID,EAAKC,IAErC,GAAIzI,EAAK,KADTyF,EAAIoD,EAAIJ,KACW,CAGjB,IAFAzI,EAAKyF,GAAK,GAELqF,EAAI,EAAGF,GADZI,EAAOhL,EAAK,IAAMyF,IACMJ,OAAQyF,EAAIF,EAAME,IACxCxB,EAAI0B,EAAKF,GACT9K,EAAKyF,GAAGhC,KAAK6F,UAERtJ,EAAK,IAAMyF,GAGtB,GAAIzF,EAAKkL,cAAe,CACtB,GAAIlL,EAAKoF,MAEP,IAAK2F,EAAI,EAAGF,GADZI,EAAOjL,EAAKoF,OACYC,OAAQ0F,EAAIF,EAAME,KACxCtF,EAAIwF,EAAKF,IACPI,SAAWpN,EAAOgI,YAIxB,OADAhI,EAAOqM,QAAQpK,EAAKkL,eAAiBlL,EAC9BjC,EAAOgI,gBAGlBhI,EAAO4M,OAAS,SAASN,GACvB,OAAOA,EAAMM,UAEf5M,EAAOqN,SAAW,SAASf,GACzB,IAAIrK,EAEJ,OADAA,EAAOqK,EAAM3F,YACNlG,EAAUwB,IAEnBxB,EAAY,SAASwB,GACnB,IAAIO,EA+CJ,OA9CAA,EAAIrC,EAAGmE,SACLgJ,OAAO,uBACTtN,EAAOwB,SAAU,EACjBvB,EAAM+C,IAAI,GAAK9B,OAAOW,WAAa7B,EAAO4B,WAAWkE,OAAS,IAAM7D,EAAK0I,QAAQpG,KAAK,SAAStB,GAC7F,IAAIsI,EAAGrG,EAAMuF,EAAKC,EAElB,GADAxF,EAAOjC,EAASiC,KAGT,GAAIA,EAAKqI,MACVrI,EAAKqI,MAAMxG,MAAM,gBACf9E,EAAc,QAChBA,EAAKoF,MAAQpF,EAAc,QAAEuL,MAAM,GAEnCvL,EAAKoF,MAAQ,UAERpF,EAAK0I,OACZnI,EAAEyB,QAAQ,8BAEVzB,EAAEkC,OAAO,2BAA6BQ,EAAKqI,WAExC,CAML,WALOtL,EAAK0I,OACP1I,EAAK6E,OACR7E,EAAK6E,KAAO,oBAEd7E,EAAKoF,MAAQ,GACRqD,EAAI,EAAGD,EAAMvF,EAAKoC,OAAQoD,EAAID,EAAKC,KACtCa,EAAIrG,EAAKwF,IACH+C,WACJlC,EAAEX,OAASL,UAAUgB,EAAEkC,SAAUlC,EAAEjI,QAErCrB,EAAKoF,MAAM3B,KAAK6F,GACZA,EAAEzE,KAAKC,MAAM,YACfvD,QAAQC,IAAI,oCACR8H,EAAEzC,OAA4B,iBAAZyC,EAAEzC,QACtByC,EAAEzC,MAAQ4E,SAASnC,EAAEzC,MAAO,MAIlCtG,EAAEyB,QAAQ,WAhCVzB,EAAEkC,OAAO,8BAkCX,OAAO1E,EAAOwB,SAAU,GACvB,SAASyB,GAEV,OADAnC,EAAUmC,GACHT,EAAEkC,OAAO,MAEXlC,EAAEmC,SAEX3E,EAAO2N,UAAY,SAASrB,GAC1B,OAAOtM,EAAOqN,SAASf,GAAO/H,KAAK,WACjC,OAAO+H,EAAMM,YAGjB5L,EAAU,SAASsL,GACjB,MAAQA,EAAM3F,YAAYiH,MAAQtB,EAAMtF,kBACtCsF,EAAQA,EAAMtF,iBAEhB,OAAOhH,EAAOqC,QAAUiK,EAAM3F,YAAYiH,MAAQ,4BAEpD5N,EAAO4L,YAAc,SAASU,GAC5B,IAAIjI,EAAGoG,EAAK/C,EAAGzF,EAAMyI,EAAGI,EAiBxB,IAhBA7I,EAAOqK,EAAM3F,aACJgE,QACP3K,EAAOqN,SAASf,GAEdrK,EAAK2I,QACP5K,EAAO2M,QAAQL,GAEjBtM,EAAOgF,YAAc/C,EACrBjC,EAAO6G,aAAeyF,EACtBjI,EAAIpC,EAAK6E,KAAO7E,EAAK6E,KAAO,OACxB7E,EAAKoF,OAASpF,EAAK2I,QAAU3I,EAAK0I,OACpC3K,EAAO2B,KAAa,SAAN0C,EAAeA,EAAI,QAEjCrE,EAAO2B,KAAO0C,EACdrE,EAAOwG,OAAOvE,IAEZA,EAAK6E,MAAsB,yBAAd7E,EAAK6E,KAEpB,IAAK4D,EAAI,EAAGD,GADZK,EAAM7I,EAAKoF,OACWC,OAAQoD,EAAID,EAAKC,IACrChD,EAAIoD,EAAIJ,GACR1K,EAAOwG,OAAOkB,GAIlB,OADA1H,EAAO0B,OAAQ,EACRV,EAAQsL,IAEjBtM,EAAO6N,YAAc,SAASvB,GAC5B,IAAIrK,EAEJ,UADAA,EAAOqK,EAAM3F,aACJG,OAAQ7E,EAAK6E,KAAKC,MAAM,kIAMnC/G,EAAO8N,aAAe,WAKpB,OAJA9N,EAAO8B,QAAU,CACfwB,MAAO,eACPqG,MAAO,QAEF3J,EAAO0D,UAAU,eAAea,KAAK,WAC1C,IAAIwJ,EAIJ,OAHI/N,EAAO+B,OACX/B,EAAOwB,SAAU,EACjBuM,EAAO/N,EAAO+B,OACP9B,EAAMgG,KAAK/E,OAAOW,WAAa,gBAAiB,CACrDkM,KAAQA,IACPxJ,KAAK,SAAStB,GACf,IAAIsK,EAAOS,EAiBX,OAhBAA,EAAU/K,EAASiC,KAAK8I,QACxBT,EAAQtK,EAASiC,KAAKqI,MACtBvN,EAAOwB,SAAU,EAEfxB,EAAO8B,QADLkM,EACe,CACf1K,MAAO,KACPxB,QAAS,0BACTyB,MAAO,IAGQ,CACfD,MAAO,QACPxB,QAASyL,EACThK,MAAO,IAGJvD,EAAO0D,UAAU,iBACvB5C,IACF,WACD,OAAO0C,QAAQC,IAAI,+BAGvBzD,EAAOiO,eAAiB,WACtB,OAAOjO,EAAO0D,UAAU,iBAAiBa,KAAK,WAC5C,IAAIS,EAAakJ,EAIjB,OAHAlO,EAAOwB,SAAU,EACjBwD,EAAchF,EAAOgF,YACrBkJ,EAAWlO,EAAO+B,OACX9B,EAAMgG,KAAK/E,OAAOW,WAAa,kBAAmB,CACvDqM,SAAYA,IACX3J,KAAK,SAAStB,GAIf,OAHA+B,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAc,QAClDF,EAAYE,KAAK,GAAGA,KAAOgJ,EAC3BlJ,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAa,OAC1ClF,EAAOwB,SAAU,GACvBV,IACF,WACD,OAAO0C,QAAQC,IAAI,wBAGvBzD,EAAOmO,UAAY,WACjB,OAAOnO,EAAO0D,UAAU,iBAAiBa,KAAK,WAC5C,IAAIS,EAAakJ,EAIjB,OAHAlO,EAAOwB,SAAU,EACjBwD,EAAchF,EAAOgF,YACrBkJ,EAAWlO,EAAO+B,OACX9B,EAAMgG,KAAK/E,OAAOW,WAAa,aAAc,CAClDqM,SAAYA,IACX3J,KAAK,SAAStB,GAIf,OAHA+B,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAc,QAClDF,EAAYE,KAAK,GAAGA,KAAOgJ,EAC3BlJ,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAa,OAC1ClF,EAAOwB,SAAU,GACvBV,IACF,WACD,OAAO0C,QAAQC,IAAI,wBAGvBzD,EAAOoO,oBAAsB,WAC3B,IAAIpJ,EAGJ,OAFAhF,EAAOwB,SAAU,EACjBwD,EAAchF,EAAOgF,YACd/E,EAAMgG,KAAK/E,OAAOW,WAAa,aAAc,CAClDqM,SAAY,KACX3J,KAAK,SAAStB,GAGf,OAFA+B,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAc,QAClDF,EAAYE,KAAK,GAAGA,KAAOjC,EAASiC,KAAa,OAC1ClF,EAAOwB,SAAU,GACvBV,IAELd,EAAOwG,OAAS,SAASvE,GACvB,IAAIO,EAAGgJ,EAAGf,EAAK/C,EAAGgD,EAAGI,EAAKiB,EAE1B,GADAvJ,EAAIrC,EAAGmE,QACFrC,EAAKiD,KAkDR1C,EAAEyB,QAAQhC,EAAKiD,WAhDf,GADAlF,EAAOwB,SAAU,EACbS,EAAKe,KAA2B,iBAAbf,EAAKe,IAAkB,CAI5C,IAHAf,EAAKiD,KAAO,GACZ6G,EAAM,GAEDP,EAAId,EAAI,EAAGD,GADhBK,EAAM7I,EAAKe,KACesE,OAAQoD,EAAID,EAAKe,IAAMd,EAC/ChD,EAAIoD,EAAIU,GACRvJ,EAAKiD,KAAKsG,GAAK,CACblI,MAAOoE,EACP1B,GAAI0B,GAENqE,EAAIrG,KAAK1F,EAAOwG,OAAOvE,EAAKiD,KAAKsG,KAEnCrL,EAAG4K,IAAIgB,GAAKxH,KAAK,WACf,OAAO/B,EAAEyB,QAAQhC,EAAKiD,OACrB,SAASjC,GAEV,OADAT,EAAEkC,OAAOzB,EAASI,YACXrD,EAAOwB,SAAU,SAG1BvB,EAAM+C,IAAI,GAAK9B,OAAOW,WAAa7B,EAAO4B,WAAWkE,OAAS,KAAO7D,EAAKe,IAAMf,EAAKe,IAAMf,EAAKqB,QAAQiB,KAAK,SAAStB,GACpH,IAAIiC,EAqBJ,OAnBoB,QADpBA,EAAOjC,EAASiC,MACNgH,OAAmBhH,EAAKqI,OAASrI,EAAKqI,MAAMxG,MAAM,iBAAwC,OAApB9E,EAAc,QAC5FA,EAAKiD,KAAOjD,EAAc,QAE1BA,EAAKiD,KAAOA,EAAKgH,MAEfjK,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,8BACN,iBAAd9E,EAAKiD,MAAqBjD,EAAKiD,KAAK6B,MAAM,kBACnD9E,EAAKiD,KAAOwI,SAASzL,EAAKiD,KAAM,KAGhCjD,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,WAC/B9E,EAAKiD,KAAOwI,SAASzL,EAAKiD,KAAM,KAE9BjD,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,YAC/B9E,EAAKiD,KAAOjD,EAAKiD,KAAKmJ,WACbpM,EAAK6E,MAAQ7E,EAAK6E,KAAKC,MAAM,+CAAwE,iBAAd9E,EAAKiD,OACrGjD,EAAKiD,KAAOjD,EAAKiD,KAAKoJ,MAAM,MAE9BtO,EAAOwB,SAAU,EACVgB,EAAEyB,QAAQhC,EAAKiD,OACrB,SAASjC,GAEV,OADAnC,EAAUmC,GACHT,EAAEkC,OAAOzB,EAASG,UAM/B,OAAOZ,EAAEmC,SAEX9D,EAAY,SAAS0N,EAAOC,EAAMC,GAChC,IAAI/G,EAEJ,OAAU,QADVA,EAAI8G,EAAKzH,MAAM,IAAIsE,OAAO,+BAEjBnL,EAAU0F,KAAK,kBAEtBpC,QAAQC,IAAI,4BAA8BiE,EAAE,IACrC1H,EAAO0O,OAAOhH,EAAE,MAG3B1H,EAAO2O,IAAI,yBAA0B9N,GACrCb,EAAO0O,OAAS,SAAShH,GACvB,OAAI1H,EAAO4B,WAAWkE,SAAW4B,EACxBzH,EAAM+C,IAAI,GAAK9B,OAAOW,WAAa6F,GAAGnD,KAAK,SAAStB,GACzD,IAAIT,EAMJ,OALAxC,EAAO4B,WAAaqB,EAASiC,KAC7B1C,EAAI,IAAIE,KAAiC,IAA5B1C,EAAO4B,WAAWgN,SAC/B5O,EAAO4B,WAAWiN,KAAOrM,EAAEsM,iBAC3BtL,QAAQC,IAAI,oBAAsBiE,EAAI,WACtCxH,EAAU0F,KAAK,UAAY8B,GACpB1H,EAAO4D,QACb,SAASX,GACV,OAAOnC,EAAUmC,GAAUsB,KAAK,WAE9B,OADAvE,EAAO4B,WAAWkE,OAAS,EACpB9F,EAAO4D,WAIX5D,EAAOwB,SAAU,GAG5BxB,EAAO+O,YAAc,SAASC,GAI5B,OAHAhP,EAAOgP,KAAOA,EACdhP,EAAO2B,KAAO,QACd3B,EAAO4D,OACA5D,EAAOyB,OAAQ,GAExBzB,EAAO4D,KAAO,WACZ,IAAImI,EA4BJ,OA3BAA,EAAM,KACN/L,EAAOwB,SAAU,EACjBxB,EAAOkF,KAAO,GACdlF,EAAOwF,eAAgB,EACvBxF,EAAOkG,WAAY,EACnB/F,EAAG4K,IAAI,CACL1K,EAAYuD,KAAK5D,EAAOgP,MAAO/O,EAAM+C,IAAI9B,OAAOG,aAAe,eAAekD,KAAK,SAAStB,GAE1F,OADA8I,EAAM9I,EAASiC,KACR1B,QAAQC,IAAI,wBAEpBc,KAAK,WAcN,OAbAf,QAAQC,IAAI,8BACZzD,EAAOkF,KAAO6G,EACdA,EAAM,KAC2B,IAA7B/L,EAAO4B,WAAWkE,OACpBmJ,aAAajP,IAEbA,EAAO8B,QAAU,CACfwB,MAAO,YACPxB,QAAS,4BAEX9B,EAAO0D,UAAU,iBAEnB1D,EAAO2B,KAAO,OACP3B,EAAOwB,SAAU,GACvBV,GACHd,EAAOkP,aAAe,OACflP,EAAOmP,QAAU,CACtBC,MAAO,YAGPlP,EAAU0F,OAAOmB,MAAM,IAAIsE,OAAO,8BAEpC7H,QAAQC,IAAI,gCACZvD,EAAU0F,KAAK,kBAEjB5F,EAAOqP,oBAAsB,SAASpN,EAAMqN,GAE1C,OADAtP,EAAOwB,SAAU,EACVvB,EAAMgG,KAAK/E,OAAOqO,WAAa,MAAO,CAC3CD,IAAKA,IACJ/K,KAAK,SAAStB,GAEf,OADAhB,EAAKiD,KAAOjC,EAASiC,KAAKsK,QACnBxP,EAAOwB,SAAU,GACvBV,IAELd,EAAOyP,eAAiB,SAASxN,EAAMoE,GACrC,OAAOpE,EAAKiD,KAAOmB,GAErBrG,EAAO0P,OAAS,SAASF,EAAS1I,EAAM6I,GACtC,OAAOD,OAAO,IAAIE,KAAK,CAACJ,GAAU,CAChC1I,KAAQA,IACN6I,IAEN3P,EAAO6P,UAAY,SAASjJ,EAAI0F,GAC9B,OAAOA,EAAMoD,OAAO9I,EAAG1B,KAAK,GAAGA,KAAO,KAAO0B,EAAG1B,KAAK,GAAGA,KAAM,yBAA0B0B,EAAGtD,MAAQ,SAE9FtD,EAAO8P,WAAa,SAASlJ,EAAI0F,GACtC,OAAOA,EAAMoD,OAAO9I,EAAG1B,KAAM,aAAc0B,EAAGtD,MAAQ,cAK3DyM,KAAKC"}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
index 50dc69d40..f1f1f9beb 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@@ -28,6 +28,7 @@
 "2ndFA":"Second Factors",
 "actives":"مفعلة",
 "activeTimer":"قبول تلقائي للوقت",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"إضافة تطبيق كاس",
 "addIDPSamlPartner":"أضف IDP SAML",
 "addOidcOp":"إضافة أوبين أيدي كونيكت بروفيدر",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Reset your Certificate",
 "contentSecurityPolicy":"Content security policy",
 "contextSwitching":"Switch context another user",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"السمات المخفية",
 "contextSwitchingIdRule":"Identities use rule",
 "contextSwitchingRule":"استخدام القاعدة",
@@ -517,6 +519,7 @@
 "newApp":"تطبيق جديد",
 "newChain":"سلسلة جديدة",
 "newCat":"فئة جديدة",
+"newCertificate":"New certificate",
 "newCfgAvailable":"إعدادات جديد متاح",
 "newCmbMod":"وحدة جديدة",
 "newCmbOver":"معايير جديدة",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"طلب إثبات الهوية",
 "samlIDPMetaDataOptionsSession":"جلسة",
 "samlIDPMetaDataOptionsSignature":"توقيع",
+"samlIDPMetaDataOptionsSignatureMethod":"Signature method",
 "samlIDPMetaDataOptionsBinding":"ربط",
 "samlIDPMetaDataOptionsDisplay":"عرض",
 "samlIDPMetaDataOptionsDisplayName":"عرض الاسم",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"أسلوب التشفير",
 "samlSPMetaDataOptionsAuthnResponse":"رد إثبات الهوية",
 "samlSPMetaDataOptionsSignature":"توقيع",
+"samlSPMetaDataOptionsSignatureMethod":"Signature method",
 "samlSPMetaDataOptionsSecurity":"الحماية",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"تمكين استخدام عنوان يو آر إل  IDP ",
 "samlSPMetaDataOptionsNameIDSessionKey":"فرض اسم المعرف لمفتاح الجلسة",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
index 351080896..9b026ac1c 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json
@@ -28,6 +28,7 @@
 "2ndFA":"Second Factors",
 "actives":"Enabled",
 "activeTimer":"Auto accept time",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"Add CAS application",
 "addIDPSamlPartner":"Add SAML IDP",
 "addOidcOp":"Add OpenID Connect Provider",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Reset your certificate",
 "contentSecurityPolicy":"Content security policy",
 "contextSwitching":"Switch context another user",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Hidden attributes",
 "contextSwitchingIdRule":"Identities use rule",
 "contextSwitchingRule":"Use rule",
@@ -517,6 +519,7 @@
 "newApp":"New application",
 "newChain":"New chain",
 "newCat":"New category",
+"newCertificate":"New certificate",
 "newCfgAvailable":"A new configuration is available",
 "newCmbMod":"New module",
 "newCmbOver":"New parameter",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Authentication request",
 "samlIDPMetaDataOptionsSession":"Session",
 "samlIDPMetaDataOptionsSignature":"Signature",
+"samlIDPMetaDataOptionsSignatureMethod":"Signature method",
 "samlIDPMetaDataOptionsBinding":"Binding",
 "samlIDPMetaDataOptionsDisplay":"Display",
 "samlIDPMetaDataOptionsDisplayName":"Display name",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Encryption mode",
 "samlSPMetaDataOptionsAuthnResponse":"Authentication response",
 "samlSPMetaDataOptionsSignature":"Signature",
+"samlSPMetaDataOptionsSignatureMethod":"Signature method",
 "samlSPMetaDataOptionsSecurity":"Security",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL",
 "samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
index 916fe69af..c7c9718dc 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@@ -28,6 +28,7 @@
 "2ndFA":"Second Factors",
 "actives":"Enabled",
 "activeTimer":"Auto accept time",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"Add CAS application",
 "addIDPSamlPartner":"Add SAML IDP",
 "addOidcOp":"Add OpenID Connect Provider",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Reset your certificate",
 "contentSecurityPolicy":"Content security policy",
 "contextSwitching":"Switch context another user",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Hidden attributes",
 "contextSwitchingIdRule":"Identities use rule",
 "contextSwitchingRule":"Use rule",
@@ -517,6 +519,7 @@
 "newApp":"New application",
 "newChain":"New chain",
 "newCat":"New category",
+"newCertificate":"New certificate",
 "newCfgAvailable":"A new configuration is available",
 "newCmbMod":"New module",
 "newCmbOver":"New parameter",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Authentication request",
 "samlIDPMetaDataOptionsSession":"Session",
 "samlIDPMetaDataOptionsSignature":"Signature",
+"samlIDPMetaDataOptionsSignatureMethod":"Signature method",
 "samlIDPMetaDataOptionsBinding":"Binding",
 "samlIDPMetaDataOptionsDisplay":"Display",
 "samlIDPMetaDataOptionsDisplayName":"Display name",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Encryption mode",
 "samlSPMetaDataOptionsAuthnResponse":"Authentication response",
 "samlSPMetaDataOptionsSignature":"Signature",
+"samlSPMetaDataOptionsSignatureMethod":"Signature method",
 "samlSPMetaDataOptionsSecurity":"Security",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL",
 "samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
index 5e87ce57a..0f2911286 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@@ -28,6 +28,7 @@
 "2ndFA":"Seconds Facteurs",
 "actives":"Actives",
 "activeTimer":"Délai d'acceptation automatique",
+"adaptativeAuthenticationLevelRules":"Règles d'authentification adaptative",
 "addAppCasPartner":"Ajouter une application CAS",
 "addIDPSamlPartner":"Ajouter un FI SAML",
 "addOidcOp":"Ajouter un fournisseur OpenID Connect",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Réinitialiser votre certificat",
 "contentSecurityPolicy":"Politique de sécurité de contenu",
 "contextSwitching":"Endossement d'identité",
+"contextSwitchingAllowed2fModifications":"Autoriser les modifications des SF",
 "contextSwitchingHiddenAttributes":"Attributs masqués",
 "contextSwitchingIdRule":"Règle d'utilisation des identités",
 "contextSwitchingRule":"Règle d'utilisation",
@@ -517,6 +519,7 @@
 "newApp":"Nouvelle application",
 "newChain":"Nouvelle chaîne",
 "newCat":"Nouvelle catégorie",
+"newCertificate":"Nouveau certificat",
 "newCfgAvailable":"Une nouvelle configuration est disponible",
 "newCmbMod":"Nouveau module",
 "newCmbOver":"Nouveau paramètre",
@@ -804,7 +807,7 @@
 "remoteParams":"Paramètres Remote",
 "remotePortal":"URL du portail",
 "replaceByFile":"Remplacer par le fichier",
-"requireToken":"Exige un jeton pour les formulaires",
+"requireToken":"Exiger un jeton pour les formulaires",
 "restAuthnLevel":"Niveau d'authentification",
 "restAuthUrl":"URL d'authentification",
 "restConfigServer":"Serveur de configurations REST",
@@ -860,7 +863,7 @@
 "sfaTitle":"Seconds facteurs d'authentification",
 "sfExtra":"Seconds facteurs additionnels",
 "sfManagerRule":"Afficher le lien du Gestionnaire",
-"sfOnlyUpgrade": "Utiliser le second facteur pour augmenter le niveau d'authentification",
+"sfOnlyUpgrade": "Utiliser le SF pour augmenter le niveau d'authentification",
 "sfRequired":"Exiger l'enrôlement d'un SF à l'authentification",
 "sfRemovedNotification":"Avertir si un SF expiré est supprimé",
 "sfRemovedMsgRule":"Activation",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Requête d'authentification",
 "samlIDPMetaDataOptionsSession":"Session",
 "samlIDPMetaDataOptionsSignature":"Signature",
+"samlIDPMetaDataOptionsSignatureMethod":"Méthode pour la signature",
 "samlIDPMetaDataOptionsBinding":"Méthode",
 "samlIDPMetaDataOptionsDisplay":"Affichage",
 "samlIDPMetaDataOptionsDisplayName":"Nom d'affichage",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Mode de chiffrement",
 "samlSPMetaDataOptionsAuthnResponse":"Réponse d'authentification",
 "samlSPMetaDataOptionsSignature":"Signature",
+"samlSPMetaDataOptionsSignatureMethod":"Méthode pour la signature",
 "samlSPMetaDataOptionsSecurity":"Sécurité",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Autoriser l'utilisation d'URL SSO initié par l'IDP",
 "samlSPMetaDataOptionsNameIDSessionKey":"Forcer la clef de session NameID",
@@ -1103,7 +1108,7 @@
 "samlSPName":"Nom du fournisseur de service SAML",
 "samlSPSSODescriptor":"Fournisseur de service",
 "samlSPSSODescriptorAuthnRequestsSigned":"Requêtes d'authentification signées",
-"samlSPSSODescriptorWantAssertionsSigned":"Exige des assertions signées",
+"samlSPSSODescriptorWantAssertionsSigned":"Exiger des assertions signées",
 "samlSPSSODescriptorSingleLogoutService":"Single Logout",
 "samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"Redirection HTTP",
 "samlSPSSODescriptorSingleLogoutServiceHTTPPost":"POST HTTP",
@@ -1114,7 +1119,7 @@
 "samlSPSSODescriptorArtifactResolutionService":"Résolution d'Artifact",
 "samlSPSSODescriptorArtifactResolutionServiceArtifact":"Service Artifact",
 "samlIDPSSODescriptor":"Fournisseur d'identité",
-"samlIDPSSODescriptorWantAuthnRequestsSigned":"Exige des requêtes d'authentification signées",
+"samlIDPSSODescriptorWantAuthnRequestsSigned":"Exiger des requêtes d'authentification signées",
 "samlIDPSSODescriptorSingleSignOnService":"Single Sign On",
 "samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"Redirection HTTP",
 "samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"POST HTTP",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
index 388bc8465..24ee69d4e 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@@ -28,6 +28,7 @@
 "2ndFA":"Secondi fattori",
 "actives":"Attivi",
 "activeTimer":"Auto accettazione tempo",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"Aggiungi applicazione CAS",
 "addIDPSamlPartner":"Aggiungi SAML IDP",
 "addOidcOp":"Aggiungere OpenID Connect Provider",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Reset your certificate",
 "contentSecurityPolicy":"Politica di protezione dei contenuti",
 "contextSwitching":"Switch context another user",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Attributi nascosti",
 "contextSwitchingIdRule":"Le identità usano la regola",
 "contextSwitchingRule":"Utilizza la regola",
@@ -517,6 +519,7 @@
 "newApp":"Nuova applicazione",
 "newChain":"Nuova catena",
 "newCat":"NUova categoria",
+"newCertificate":"New certificate",
 "newCfgAvailable":"É disponibile una nuova configurazione",
 "newCmbMod":"Nuovo modulo",
 "newCmbOver":"Nuovo parametro",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Richiesta di autenticazione",
 "samlIDPMetaDataOptionsSession":"Sessioni",
 "samlIDPMetaDataOptionsSignature":"Firma",
+"samlIDPMetaDataOptionsSignatureMethod":"Metodo di firma",
 "samlIDPMetaDataOptionsBinding":"Vincolante",
 "samlIDPMetaDataOptionsDisplay":" Visualizza  ",
 "samlIDPMetaDataOptionsDisplayName":"Nome da visualizzare",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Modalità di crittografia",
 "samlSPMetaDataOptionsAuthnResponse":"Risposta di autenticazione",
 "samlSPMetaDataOptionsSignature":"Firma",
+"samlSPMetaDataOptionsSignatureMethod":"Metodo di firma",
 "samlSPMetaDataOptionsSecurity":"Sicurezza",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Abilitare l'utilizzo dell'URL IDP avviata ",
 "samlSPMetaDataOptionsNameIDSessionKey":"Forza la chiave di sessione NameID",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json
index bd4a16231..8e4196df4 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json
@@ -28,6 +28,7 @@
 "2ndFA":"Drugie czynniki",
 "actives":"Włączone",
 "activeTimer":"Czas automatycznej akceptacji",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"Dodaj aplikację CAS",
 "addIDPSamlPartner":"Dodaj SAML IDP",
 "addOidcOp":"Dodaj dostawcę OpenID Connect",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Zresetuj swój certyfikat",
 "contentSecurityPolicy":"Polityka bezpieczeństwa treści",
 "contextSwitching":"Przełącz kontekst innego użytkownika",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Ukryte atrybuty",
 "contextSwitchingIdRule":"Reguła korzystania z tożsamości",
 "contextSwitchingRule":"Użyj reguły",
@@ -517,6 +519,7 @@
 "newApp":"Nowa aplikacja",
 "newChain":"Nowy łańcuch",
 "newCat":"Nowa kategoria",
+"newCertificate":"New certificate",
 "newCfgAvailable":"Dostępna jest nowa konfiguracja",
 "newCmbMod":"Nowy moduł",
 "newCmbOver":"Nowy parametr",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Żądanie uwierzytelnienia",
 "samlIDPMetaDataOptionsSession":"Sesja",
 "samlIDPMetaDataOptionsSignature":"Podpis",
+"samlIDPMetaDataOptionsSignatureMethod":"Metoda podpisu",
 "samlIDPMetaDataOptionsBinding":"Przywiązania",
 "samlIDPMetaDataOptionsDisplay":"Wyświetl",
 "samlIDPMetaDataOptionsDisplayName":"Wyświetlana nazwa",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Tryb szyfrowania",
 "samlSPMetaDataOptionsAuthnResponse":"Odpowiedź uwierzytelnienia",
 "samlSPMetaDataOptionsSignature":"Podpis",
+"samlSPMetaDataOptionsSignatureMethod":"Metoda podpisu",
 "samlSPMetaDataOptionsSecurity":"Bezpieczeństwo",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Włącz korzystanie z adresu URL zainicjowanego przez IDP",
 "samlSPMetaDataOptionsNameIDSessionKey":"Wymuś klucz sesji NameID",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json
index 5ee36e159..a35370bc1 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json
@@ -28,6 +28,7 @@
 "2ndFA":"İki Faktörlü Kimlik Doğrulama",
 "actives":"Etkin",
 "activeTimer":"Otomatik kabul süresi",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"CAS uygulaması ekle",
 "addIDPSamlPartner":"SAML IDP ekle",
 "addOidcOp":"OpenID Connect Sağlayıcısı Ekle",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Sertifikanızı sıfırlayın",
 "contentSecurityPolicy":"İçerik güvenlik ilkesi",
 "contextSwitching":"İçeriği başka bir kullanıcıyla değiştir",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Gizli nitelikler",
 "contextSwitchingIdRule":"Kimlik kullanım kuralı",
 "contextSwitchingRule":"Kuralı kullan",
@@ -517,6 +519,7 @@
 "newApp":"Yeni uygulama",
 "newChain":"Yeni zincir",
 "newCat":"Yeni kategori",
+"newCertificate":"New certificate",
 "newCfgAvailable":"Yeni bir yapılandırma mevcut",
 "newCmbMod":"Yeni modül",
 "newCmbOver":"Yeni parametre",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Doğrulama isteği",
 "samlIDPMetaDataOptionsSession":"Oturum",
 "samlIDPMetaDataOptionsSignature":"İmza",
+"samlIDPMetaDataOptionsSignatureMethod":"İmzalama yöntemi",
 "samlIDPMetaDataOptionsBinding":"Bağlayıcı",
 "samlIDPMetaDataOptionsDisplay":"Görüntüle",
 "samlIDPMetaDataOptionsDisplayName":"Görüntülenen ad",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Şifreleme modu",
 "samlSPMetaDataOptionsAuthnResponse":"Doğrulama cevabı",
 "samlSPMetaDataOptionsSignature":"İmza",
+"samlSPMetaDataOptionsSignatureMethod":"İmzalama yöntemi",
 "samlSPMetaDataOptionsSecurity":"Güvenlik",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"IDP ile başlatılan URL’nin kullanımını etkinleştir",
 "samlSPMetaDataOptionsNameIDSessionKey":"NameID oturum anahtarını zorla",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
index 2b22498e8..b16c6cda9 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@@ -28,6 +28,7 @@
 "2ndFA":"Second Factors",
 "actives":"Hoạt động",
 "activeTimer":"Tự động chấp nhận thời gian",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"Thêm ứng dụng CAS",
 "addIDPSamlPartner":"Thêm SAML IDP",
 "addOidcOp":"Thêm nhà cung cấp kết nối OpenID",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Reset your certificate",
 "contentSecurityPolicy":"Chính sách bảo mật nội dung",
 "contextSwitching":"Switch context another user",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Thuộc tính ẩn",
 "contextSwitchingIdRule":"Identities use rule",
 "contextSwitchingRule":"Quy tắc sử dụng",
@@ -517,6 +519,7 @@
 "newApp":"Ứng dụng mới",
 "newChain":"Chuỗi mới",
 "newCat":"Danh mục mới",
+"newCertificate":"New certificate",
 "newCfgAvailable":"Một cấu hình mới có sẵn",
 "newCmbMod":"Mô-đun mới",
 "newCmbOver":"Tham số mới",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Yêu cầu xác thực",
 "samlIDPMetaDataOptionsSession":"Phiên",
 "samlIDPMetaDataOptionsSignature":"Chữ ký",
+"samlIDPMetaDataOptionsSignatureMethod":"Signature method",
 "samlIDPMetaDataOptionsBinding":"Liên kết",
 "samlIDPMetaDataOptionsDisplay":"Hiển thị",
 "samlIDPMetaDataOptionsDisplayName":"Tên hiển thị",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Chế độ mã hóa",
 "samlSPMetaDataOptionsAuthnResponse":"Phản hồi xác thực",
 "samlSPMetaDataOptionsSignature":"Chữ ký",
+"samlSPMetaDataOptionsSignatureMethod":"Signature method",
 "samlSPMetaDataOptionsSecurity":"Bảo mật",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Cho phép sử dụng URL bắt đầu IDP",
 "samlSPMetaDataOptionsNameIDSessionKey":"Bắt buộc khóa phiên NameID",
diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
index 2674f3152..9e76182a8 100644
--- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json
@@ -28,6 +28,7 @@
 "2ndFA":"Second Factors",
 "actives":"Enabled",
 "activeTimer":"自动接收时间",
+"adaptativeAuthenticationLevelRules":"Adaptative authentication rules",
 "addAppCasPartner":"增加CAS应用",
 "addIDPSamlPartner":"增加SAML IDP",
 "addOidcOp":"增加OpenID Connect Provider",
@@ -161,6 +162,7 @@
 "portalDisplayCertificateResetByMail":"Reset your certificate",
 "contentSecurityPolicy":"Content security policy",
 "contextSwitching":"Switch context another user",
+"contextSwitchingAllowed2fModifications":"Allow 2FA modifications",
 "contextSwitchingHiddenAttributes":"Hidden attributes",
 "contextSwitchingIdRule":"Identities use rule",
 "contextSwitchingRule":"Use rule",
@@ -517,6 +519,7 @@
 "newApp":"New application",
 "newChain":"New chain",
 "newCat":"New category",
+"newCertificate":"New certificate",
 "newCfgAvailable":"A new configuration is available",
 "newCmbMod":"New module",
 "newCmbOver":"New parameter",
@@ -1060,6 +1063,7 @@
 "samlIDPMetaDataOptionsAuthnRequest":"Authentication request",
 "samlIDPMetaDataOptionsSession":"Session",
 "samlIDPMetaDataOptionsSignature":"Signature",
+"samlIDPMetaDataOptionsSignatureMethod":"Signature method",
 "samlIDPMetaDataOptionsBinding":"Binding",
 "samlIDPMetaDataOptionsDisplay":"Display",
 "samlIDPMetaDataOptionsDisplayName":"Display name",
@@ -1083,6 +1087,7 @@
 "samlSPMetaDataOptionsEncryptionMode":"Encryption mode",
 "samlSPMetaDataOptionsAuthnResponse":"Authentication response",
 "samlSPMetaDataOptionsSignature":"Signature",
+"samlSPMetaDataOptionsSignatureMethod":"Signature method",
 "samlSPMetaDataOptionsSecurity":"Security",
 "samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL",
 "samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key",
diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
index 745b7dc9f..4a9289fc0 100644
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
@@ -1 +1 @@
-{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","combinationForms":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/reloadParams","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","favAppsMaxNumber":"generalParameters/portalParams/portalMenu/portalModules/favApps","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayFavApps":"generalParameters/portalParams/portalMenu/portalModules/favApps","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers","restConfigServer":"generalParameters/plugins/portalServers","restExportSecretKeys":"generalParameters/plugins/portalServers","restPasswordServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfManagerRule":"generalParameters/secondFactors","sfOnlyUpgrade":"generalParameters/secondFactors","sfRemovedMsgRule":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfRemovedNotification","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fLabel":"generalParameters/secondFactors/u2f","u2fLogo":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","utotp2fLabel":"generalParameters/secondFactors/utotp2f","utotp2fLogo":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
+{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","combinationForms":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/reloadParams","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","favAppsMaxNumber":"generalParameters/portalParams/portalMenu/portalModules/favApps","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayFavApps":"generalParameters/portalParams/portalMenu/portalModules/favApps","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers","restConfigServer":"generalParameters/plugins/portalServers","restExportSecretKeys":"generalParameters/plugins/portalServers","restPasswordServer":"generalParameters/plugins/portalServers","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfManagerRule":"generalParameters/secondFactors","sfOnlyUpgrade":"generalParameters/secondFactors","sfRemovedMsgRule":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfRemovedNotification","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers","soapSessionServer":"generalParameters/plugins/portalServers","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fLabel":"generalParameters/secondFactors/u2f","u2fLogo":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","utotp2fLabel":"generalParameters/secondFactors/utotp2f","utotp2fLogo":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"}
\ No newline at end of file
diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json
index 273f08a96..f7319b575 100644
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
@@ -1 +1 @@
-[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"},{"_nodes":[{"default":1,"id":"portalDisplayFavApps","title":"portalDisplayFavApps","type":"boolOrExpr"},{"default":3,"id":"favAppsMaxNumber","title":"favAppsMaxNumber","type":"int"}],"help":"favapps.html","id":"favApps","title":"favApps","type":"simpleInputContainer"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"id":"portalCustomCss","title":"portalCustomCss"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"boolOrExpr"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"},{"id":"combinationForms","title":"combinationForms"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"cnodes":"reloadUrls","help":"configlocation.html#configuration-reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"}],"help":"configlocation.html#configuration-reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"id":"refreshSessions","title":"refreshSessions","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"certificateMailContent","title":"certificateMailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/certificateReset","id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"id":"certificateResetByMailManagement","title":"certificateResetByMailManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"default":"_loginHistory _session_id hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"},{"id":"utotp2fLabel","title":"utotp2fLabel"},{"id":"utotp2fLogo","title":"utotp2fLogo"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fTTL","title":"u2fTTL","type":"int"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"id":"u2fLabel","title":"u2fLabel"},{"id":"u2fLogo","title":"u2fLogo"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"int"},{"id":"radius2fLogo","title":"radius2fLogo"},{"id":"radius2fLabel","title":"radius2fLabel"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"cnodes":"sfExtra","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"5, 15, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSAKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSAKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA1","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
+[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"},{"_nodes":[{"default":1,"id":"portalDisplayFavApps","title":"portalDisplayFavApps","type":"boolOrExpr"},{"default":3,"id":"favAppsMaxNumber","title":"favAppsMaxNumber","type":"int"}],"help":"favapps.html","id":"favApps","title":"favApps","type":"simpleInputContainer"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"id":"portalCustomCss","title":"portalCustomCss"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"boolOrExpr"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":120,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"},{"id":"combinationForms","title":"combinationForms"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"cnodes":"reloadUrls","help":"configlocation.html#configuration-reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"}],"help":"configlocation.html#configuration-reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"cnodes":"adaptativeAuthenticationLevelRules","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"id":"refreshSessions","title":"refreshSessions","type":"bool"},{"_nodes":[{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"},{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"id":"exportedAttr","title":"exportedAttr"}],"help":"portalservers.html","id":"portalServers","title":"portalServers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"certificateMailContent","title":"certificateMailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/certificateReset","id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"id":"certificateResetByMailManagement","title":"certificateResetByMailManagement","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"default":"_loginHistory _session_id hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"},{"id":"utotp2fLabel","title":"utotp2fLabel"},{"id":"utotp2fLogo","title":"utotp2fLogo"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fTTL","title":"u2fTTL","type":"int"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"id":"u2fLabel","title":"u2fLabel"},{"id":"u2fLogo","title":"u2fLogo"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"int"},{"id":"radius2fLogo","title":"radius2fLogo"},{"id":"radius2fLabel","title":"radius2fLabel"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"cnodes":"sfExtra","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"5, 15, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"id":"oidcServiceKeyIdSig","title":"oidcServiceKeyIdSig"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}]
\ No newline at end of file
diff --git a/lemonldap-ng-manager/t/06-rest-api-RSA.t b/lemonldap-ng-manager/t/06-rest-api-RSA.t
index c08779ad8..44860f48e 100644
--- a/lemonldap-ng-manager/t/06-rest-api-RSA.t
+++ b/lemonldap-ng-manager/t/06-rest-api-RSA.t
@@ -6,6 +6,16 @@ use JSON;
 use IO::String;
 require 't/test-lib.pm';
 
+sub checkResult {
+    my $res = shift;
+    ok( $res->[0] == 200, "Result code is 200" );
+    my $key;
+    ok( $key = from_json( $res->[2]->[0] ), 'Response is JSON' );
+    like( $key->{private}, qr/BEGIN/, "is PEM formatted" );
+    like( $key->{public},  qr/BEGIN/, "is PEM formatted" );
+    count(4);
+}
+
 my $res;
 ok(
     $res = &client->_post(
@@ -13,10 +23,8 @@ ok(
     ),
     "Request succeed"
 );
-ok( $res->[0] == 200, "Result code is 200" );
-my $key;
-ok( $key = from_json( $res->[2]->[0] ), 'Response is JSON' );
-count(3);
+count(1);
+checkResult($res);
 
 ok(
     $res = &client->_post(
@@ -25,8 +33,28 @@ ok(
     ),
     "Request succeed"
 );
-ok( $res->[0] == 200, "Result code is 200" );
-ok( $key = from_json( $res->[2]->[0] ), 'Response is JSON' );
-count(3);
+count(1);
+checkResult($res);
+
+ok(
+    $res = &client->_post(
+        '/confs/newCertificate', '',
+        IO::String->new(''),     'application/json',
+        0,
+    ),
+    "Request succeed"
+);
+count(1);
+checkResult($res);
+
+ok(
+    $res = &client->_post(
+        '/confs/newCertificate', '', IO::String->new('{"password":"hello"}'),
+        'application/json', 20,
+    ),
+    "Request succeed"
+);
+count(1);
+checkResult($res);
 
 done_testing( count() );
diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST
index f8d24c034..f5c480d42 100644
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@@ -101,6 +101,7 @@ lib/Lemonldap/NG/Portal/Password/Demo.pm
 lib/Lemonldap/NG/Portal/Password/LDAP.pm
 lib/Lemonldap/NG/Portal/Password/Null.pm
 lib/Lemonldap/NG/Portal/Password/REST.pm
+lib/Lemonldap/NG/Portal/Plugins/AdaptativeAuthenticationLevel.pm
 lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
 lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
 lib/Lemonldap/NG/Portal/Plugins/CDA.pm
@@ -638,6 +639,7 @@ t/59-Double-cookies-for-Double-sessions.t
 t/59-Double-cookies-Refresh-and-Logout.t
 t/59-Secured-cookie-Refresh-and-Logout.t
 t/60-Status.t
+t/61-AdaptativeAuthenticationLevel.t
 t/61-BruteForceProtection-with-Incremental-lockTimes-and-TOTP.t
 t/61-BruteForceProtection-with-Incremental-lockTimes.t
 t/61-BruteForceProtection.t
@@ -674,6 +676,7 @@ t/68-Impersonation-with-doubleCookies.t
 t/68-Impersonation-with-filtered-merge.t
 t/68-Impersonation-with-History.t
 t/68-Impersonation-with-merge.t
+t/68-Impersonation-with-SFA.t
 t/68-Impersonation-with-TOTP.t
 t/68-Impersonation-with-UnrestrictedUser.t
 t/68-Impersonation.t
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
index 0159332a5..fccda1a39 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
@@ -177,12 +177,10 @@ sub init {
         # Registration base
         $self->addAuthRoute( '2fregisters' => '_displayRegister', ['GET'] );
         $self->addAuthRoute( '2fregisters' => 'register',         ['POST'] );
-        if ( $self->conf->{sfRequired} ) {
-            $self->addUnauthRoute(
-                '2fregisters' => 'restoreSession',
-                [ 'GET', 'POST' ]
-            );
-        }
+        $self->addUnauthRoute(
+            '2fregisters' => 'restoreSession',
+            [ 'GET', 'POST' ]
+        ) if ( $self->conf->{sfRequired} );
     }
     return 1;
 }
@@ -236,11 +234,11 @@ sub run {
             $self->logger->error("Bad encoding in _2fDevices: $@");
             return PE_ERROR;
         }
-
         $self->logger->debug(" -> 2F Device(s) found");
-        my $now     = time();
-        my $removed = 0;
+
         $self->logger->debug("Looking for expired 2F device(s)...");
+        my $removed = 0;
+        my $now     = time();
         foreach my $device (@$_2fDevices) {
             my $type = lc( $device->{type} );
             $type =~ s/2f$//i;
@@ -449,14 +447,10 @@ sub _displayRegister {
     if ($tpl) {
         my ($m) =
           grep { $_->{m}->prefix eq $tpl } @{ $self->sfRModules };
-        unless ($m) {
-            return $self->p->sendError( $req,
-                'Inexistent register module', 400 );
-        }
-        unless ( $m->{r}->( $req, $req->userData ) ) {
-            return $self->p->sendError( $req,
-                'Registration not authorized', 403 );
-        }
+        return $self->p->sendError( $req, 'Inexistent register module', 400 )
+          unless $m;
+        return $self->p->sendError( $req, 'Registration not authorized', 403 )
+          unless $m->{r}->( $req, $req->userData );
         return $self->p->sendHtml(
             $req,
             $m->{m}->template,
@@ -481,32 +475,35 @@ sub _displayRegister {
               };
         }
     }
-    if (
+
+    return [ 302, [ Location => $self->conf->{portal} . $am[0]->{URL} ], [] ]
+      if (
         @am == 1
         and not( $req->userData->{_2fDevices}
             or $req->data->{sfRegRequired} )
-      )
-    {
-        return [ 302, [ Location => $self->conf->{portal} . $am[0]->{URL} ],
-            [] ];
-    }
+      );
 
     # Retrieve user all second factors
-    my $_2fDevices =
-      $req->userData->{_2fDevices}
-      ? eval {
-        from_json( $req->userData->{_2fDevices}, { allow_nonref => 1 } ); }
-      : undef;
-    unless ($_2fDevices) {
-        $self->logger->debug("No 2F Device found");
-        $_2fDevices = [];
+    my $_2fDevices = [];
+    if ( $self->allowedUpdateSfa($req) ) {
+        $_2fDevices = $req->userData->{_2fDevices}
+          ? eval {
+            from_json( $req->userData->{_2fDevices}, { allow_nonref => 1 } );
+          }
+          : undef;
+        unless ($_2fDevices) {
+            $self->logger->debug("No 2F Device found");
+            $_2fDevices = [];
+        }
+    }
+    else {
+        $self->userLogger->warn("Do not diplay 2F Devices!");
     }
 
     # Parse second factors to display delete button if allowed
     my $action = '';
     foreach
       my $type ( split /,\s*/, $self->conf->{available2FSelfRegistration} )
-
     {
         foreach (@$_2fDevices) {
             $_->{type} =~ s/^UBK$/Yubikey/;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
index 67170c1e2..922540278 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
@@ -11,13 +11,10 @@ extends 'Lemonldap::NG::Portal::Main::Plugin', 'Lemonldap::NG::Common::TOTP';
 
 # INITIALIZATION
 
-has prefix => ( is => 'rw', default => 'totp' );
-
+has prefix   => ( is => 'rw', default => 'totp' );
 has template => ( is => 'ro', default => 'totp2fregister' );
-
-has logo => ( is => 'rw', default => 'totp.png' );
-
-has ott => (
+has logo     => ( is => 'rw', default => 'totp.png' );
+has ott      => (
     is      => 'rw',
     lazy    => 1,
     default => sub {
@@ -35,10 +32,13 @@ sub init {
 sub run {
     my ( $self, $req, $action ) = @_;
     my $user = $req->userData->{ $self->conf->{whatToTrace} };
-    unless ($user) {
-        return $self->p->sendError( $req,
-            'No ' . $self->conf->{whatToTrace} . ' found in user data', 500 );
-    }
+    return $self->p->sendError( $req,
+        'No ' . $self->conf->{whatToTrace} . ' found in user data', 500 )
+      unless $user;
+
+    # Check if TOTP can be updated
+    return $self->p->sendError( $req, 'notAuthorized', 400 )
+      unless $self->allowedUpdateSfa($req, $action);
 
     # Verification that user has a valid TOTP app
     if ( $action eq 'verify' ) {
@@ -75,7 +75,7 @@ sub run {
         }
         $TOTPName =
           substr( $TOTPName, 0, $self->conf->{max2FDevicesNameLength} );
-        $self->logger->debug("TOTP name : $TOTPName");
+        $self->logger->debug("TOTP name: $TOTPName");
 
         unless ($code) {
             $self->userLogger->info('TOTP registration: empty validation form');
@@ -102,11 +102,10 @@ sub run {
         $self->logger->debug('TOTP code verified');
 
         # Now code is verified, let's store the master key in persistent data
-
         my $secret = '';
 
         # Reading existing 2FDevices
-        $self->logger->debug("Looking for 2F Devices ...");
+        $self->logger->debug("Looking for 2F Devices...");
         my $_2fDevices;
         if ( $req->userData->{_2fDevices} ) {
             $_2fDevices = eval {
@@ -124,7 +123,7 @@ sub run {
         }
 
         # Reading existing TOTP
-        my @totp2f = grep { $_->{type} eq "TOTP" } @$_2fDevices;
+        my @totp2f = grep { $_->{type} eq 'TOTP' } @$_2fDevices;
         unless (@totp2f) {
             $self->logger->debug("No TOTP Device found");
 
@@ -133,26 +132,20 @@ sub run {
         }
 
         # Loading TOTP secret
-        $self->logger->debug("Reading TOTP secret if exists ...");
+        $self->logger->debug("Reading TOTP secret if exists...");
         $secret = $_->{_secret} foreach (@totp2f);
-
-        if ( $token->{_totp2fSecret} eq $secret ) {
-            return $self->p->sendError( $req, 'totpExistingKey', 200 );
-        }
+        return $self->p->sendError( $req, 'totpExistingKey', 200 )
+          if ( $token->{_totp2fSecret} eq $secret );
 
         ### USER CAN ONLY REGISTER ONE TOTP ###
         # Delete TOTP previously registered
-        my @keep = ();
-        while (@$_2fDevices) {
-            my $element = shift @$_2fDevices;
-            $self->logger->debug("Looking for TOTP to delete ...");
-            push @keep, $element unless ( $element->{type} eq "TOTP" );
-        }
+        $self->logger->debug("Looking for TOTP to delete...");
+        my $size = my @keep =
+          map { $_->{type} eq 'TOTP' ? () : $_ } @$_2fDevices;
 
         # Check if user can register one more device
-        my $size    = @keep;
         my $maxSize = $self->conf->{max2FDevices};
-        $self->logger->debug("Nbr 2FDevices = $size / $maxSize");
+        $self->logger->debug("Registered 2F Device(s): $size / $maxSize");
         if ( $size >= $maxSize ) {
             $self->userLogger->warn("Max number of 2F devices is reached");
             return $self->p->sendError( $req, 'maxNumberof2FDevicesReached',
@@ -167,9 +160,8 @@ sub run {
             _secret => $token->{_totp2fSecret},
             epoch   => $epoch
           };
-
         $self->logger->debug(
-            "Append 2F Device : { type => 'TOTP', name => $TOTPName }");
+            "Append 2F Device: { type => 'TOTP', name => $TOTPName }");
         $self->p->updatePersistentSession( $req,
             { _2fDevices => to_json( \@keep ) } );
         $self->userLogger->notice(
@@ -187,7 +179,7 @@ sub run {
         my $secret = '';
 
         # Read existing 2FDevices
-        $self->logger->debug("Looking for 2F Devices ...");
+        $self->logger->debug("Looking for 2F Devices...");
         my $_2fDevices;
         if ( $req->userData->{_2fDevices} ) {
             $_2fDevices = eval {
@@ -215,7 +207,7 @@ sub run {
         }
 
         # Loading TOTP secret
-        $self->logger->debug("Reading TOTP secret if exists ...");
+        $self->logger->debug("Reading TOTP secret if exists...");
         $secret = $_->{_secret} foreach (@totp2f);
 
         if ( ( $req->param('newkey') and $self->conf->{totp2fUserCanChangeKey} )
@@ -278,8 +270,8 @@ sub run {
             400 );
 
         # Read existing 2FDevices
-        $self->logger->debug("Loading 2F Devices ...");
-        my $_2fDevices;
+        $self->logger->debug("Loading 2F Devices...");
+        my ( $_2fDevices, $TOTPName );
         if ( $req->userData->{_2fDevices} ) {
             $_2fDevices = eval {
                 from_json( $req->userData->{_2fDevices},
@@ -296,13 +288,12 @@ sub run {
         }
 
         # Delete TOTP 2F device
-        my $TOTPName;
-        foreach (@$_2fDevices) {
-            $TOTPName = $_->{name} if $_->{epoch} eq $epoch;
-        }
-        @$_2fDevices = grep { $_->{epoch} ne $epoch } @$_2fDevices;
+        @$_2fDevices = map {
+            if ( $_->{epoch} eq $epoch ) { $TOTPName = $_->{name}; () }
+            else                         { $_ }
+        } @$_2fDevices;
         $self->logger->debug(
-"Delete 2F Device : { type => 'TOTP', epoch => $epoch, name => $TOTPName }"
+"Delete 2F Device: { type => 'TOTP', epoch => $epoch, name => $TOTPName }"
         );
         $self->p->updatePersistentSession( $req,
             { _2fDevices => to_json($_2fDevices) } );
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
index 061970ed9..866a82b92 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
@@ -12,11 +12,9 @@ extends 'Lemonldap::NG::Portal::Main::Plugin',
 
 # INITIALIZATION
 
-has prefix => ( is => 'rw', default => 'u' );
-
+has prefix   => ( is => 'rw', default => 'u' );
 has template => ( is => 'ro', default => 'u2fregister' );
-
-has logo => ( is => 'rw', default => 'u2f.png' );
+has logo     => ( is => 'rw', default => 'u2f.png' );
 
 sub init {
     my ($self) = @_;
@@ -30,15 +28,19 @@ sub init {
 sub run {
     my ( $self, $req, $action ) = @_;
     my $user = $req->userData->{ $self->conf->{whatToTrace} };
-    unless ($user) {
-        return $self->p->sendError( $req,
-            'No ' . $self->conf->{whatToTrace} . ' found in user data', 500 );
-    }
+
+    return $self->p->sendError( $req,
+        'No ' . $self->conf->{whatToTrace} . ' found in user data', 500 )
+      unless $user;
+
+    # Check if U2F key can be updated
+    return $self->p->sendError( $req, 'notAuthorized', 400 )
+      unless $self->allowedUpdateSfa($req, $action);
 
     if ( $action eq 'register' ) {
 
         # Read existing 2FDevices
-        $self->logger->debug("Looking for 2F Devices ...");
+        $self->logger->debug("Looking for 2F Devices...");
         my $_2fDevices;
         if ( $req->userData->{_2fDevices} ) {
             $_2fDevices = eval {
@@ -50,7 +52,6 @@ sub run {
                 return $self->p->sendError( $req, "Corrupted session", 500 );
             }
         }
-
         else {
             $self->logger->debug("No 2F Device found");
             $_2fDevices = [];
@@ -59,7 +60,7 @@ sub run {
         # Check if user can register one more 2F device
         my $size    = @$_2fDevices;
         my $maxSize = $self->conf->{max2FDevices};
-        $self->logger->debug("Registered 2F Device(s) : $size / $maxSize");
+        $self->logger->debug("Registered 2F Device(s): $size / $maxSize");
         if ( $size >= $maxSize ) {
             $self->userLogger->warn("Max number of 2F devices is reached");
             return $self->p->sendError( $req, 'maxNumberof2FDevicesReached',
@@ -99,7 +100,7 @@ sub run {
             if ( $keyHandle and $userKey ) {
 
                 # Read existing 2FDevices
-                $self->logger->debug("Looking for 2F Devices ...");
+                $self->logger->debug("Looking for 2F Devices...");
                 my $_2fDevices;
                 if ( $req->userData->{_2fDevices} ) {
                     $_2fDevices = eval {
@@ -115,7 +116,6 @@ sub run {
                             500 );
                     }
                 }
-
                 else {
                     $self->logger->debug("No 2F Device found");
                     $_2fDevices = [];
@@ -132,7 +132,7 @@ sub run {
                 }
                 $keyName =
                   substr( $keyName, 0, $self->conf->{max2FDevicesNameLength} );
-                $self->logger->debug("Key name : $keyName");
+                $self->logger->debug("Key name: $keyName");
 
                 push @{$_2fDevices},
                   {
@@ -143,7 +143,7 @@ sub run {
                     epoch      => $epoch
                   };
                 $self->logger->debug(
-                    "Append 2F Device : { type => 'U2F', name => $keyName }");
+                    "Append 2F Device: { type => 'U2F', name => $keyName }");
                 $self->p->updatePersistentSession( $req,
                     { _2fDevices => to_json($_2fDevices) } );
                 $self->userLogger->notice(
@@ -182,13 +182,6 @@ sub run {
         }
 
         # Get registered keys
-
-        # my @rk;
-        # foreach ( @{ $req->data->{crypter} } ) {
-        #     my $k = push @rk,
-        #       { keyHandle => $_->{keyHandle}, version => $data->{version} };
-        # }
-
         my @rk =
           map { { keyHandle => $_->{keyHandle}, version => $data->{version} } }
           @{ $req->data->{crypter} };
@@ -230,10 +223,6 @@ sub run {
             return $self->p->sendError( $req, "U2FAnswerError" );
         }
 
-        # my $crypter;
-        # foreach ( @{ $req->data->{crypter} } ) {
-        #     $crypter = $_ if ( $_->{keyHandle} eq $data->{keyHandle} );
-        # }
         $crypter = $_
           foreach grep { $_->{keyHandle} eq $data->{keyHandle} }
           @{ $req->data->{crypter} };
@@ -246,7 +235,6 @@ sub run {
         if ( not $crypter->setChallenge($challenge) ) {
             $self->logger->error(
                 $@ ? $@ : Crypt::U2F::Server::Simple::lastError() );
-
             return $self->p->sendError( $req, "U2FServerError" );
         }
 
@@ -269,7 +257,7 @@ sub run {
             400 );
 
         # Read existing 2FDevices
-        $self->logger->debug("Looking for 2F Devices ...");
+        $self->logger->debug("Looking for 2F Devices...");
         my ( $_2fDevices, $keyName );
         if ( $req->userData->{_2fDevices} ) {
             $_2fDevices = eval {
@@ -287,15 +275,10 @@ sub run {
         }
 
         # Delete U2F device
-
-        # my $keyName;
-        # foreach (@$_2fDevices) {
-        #     $keyName = $_->{name} if $_->{epoch} eq $epoch;
-        # }
-
-        $keyName = $_->{name}
-          foreach grep { $_->{epoch} eq $epoch } @$_2fDevices;
-        @$_2fDevices = grep { $_->{epoch} ne $epoch } @$_2fDevices;
+        @$_2fDevices = map {
+            if ( $_->{epoch} eq $epoch ) { $keyName = $_->{name}; () }
+            else                         { $_ }
+        } @$_2fDevices;
         $self->logger->debug(
 "Delete 2F Device : { type => 'U2F', epoch => $epoch, name => $keyName }"
         );
@@ -318,10 +301,10 @@ sub run {
 
 sub loadUser {
     my ( $self, $req ) = @_;
-    $self->logger->debug("Loading user U2F Devices ...");
+    $self->logger->debug("Loading user U2F Devices...");
 
     # Read existing 2FDevices
-    $self->logger->debug("Looking for 2F Devices ...");
+    $self->logger->debug("Looking for 2F Devices...");
     my ( $kh, $uk, $_2fDevices );
     my @u2fs = ();
 
@@ -341,7 +324,7 @@ sub loadUser {
 
     # Reading existing U2F keys
     foreach (@$_2fDevices) {
-        $self->logger->debug("Looking for registered U2F key(s) ...");
+        $self->logger->debug("Looking for registered U2F key(s)...");
         if ( $_->{type} eq 'U2F' ) {
             unless ( $_->{_userKey} and $_->{_keyHandle} ) {
                 $self->logger->error(
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm
index 32c89d5e7..cbc1e91ba 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm
@@ -15,11 +15,9 @@ extends 'Lemonldap::NG::Portal::Main::Plugin';
 
 # INITIALIZATION
 
-has prefix => ( is => 'rw', default => 'yubikey' );
-
+has prefix   => ( is => 'rw', default => 'yubikey' );
 has template => ( is => 'ro', default => 'yubikey2fregister' );
-
-has logo => ( is => 'rw', default => 'yubikey.png' );
+has logo     => ( is => 'rw', default => 'yubikey.png' );
 
 sub init {
     my ($self) = @_;
@@ -36,6 +34,16 @@ sub run {
         'No ' . $self->conf->{whatToTrace} . ' found in user data', 500 )
       unless $user;
 
+    # Check if UBK key can be updated
+    return $self->p->sendHtml(
+        $req, 'error',
+        params => {
+            MAIN_LOGO       => $self->conf->{portalMainLogo},
+            RAW_ERROR       => 'notAuthorized',
+            AUTH_ERROR_TYPE => 'warning',
+        }
+    ) unless $self->allowedUpdateSfa($req, $action);
+
     if ( $action eq 'register' ) {
         my $otp     = $req->param('otp');
         my $UBKName = $req->param('UBKName');
@@ -48,7 +56,7 @@ sub run {
             return $self->p->sendError( $req, 'badName', 200 );
         }
         $UBKName = substr( $UBKName, 0, $self->conf->{max2FDevicesNameLength} );
-        $self->logger->debug("Yubikey name : $UBKName");
+        $self->logger->debug("Yubikey name: $UBKName");
 
         if ( $otp
             and length($otp) > $self->conf->{yubikey2fPublicIDSize} )
@@ -56,7 +64,7 @@ sub run {
             my $key = substr( $otp, 0, $self->conf->{yubikey2fPublicIDSize} );
 
             # Read existing 2FDevices
-            $self->logger->debug("Looking for 2F Devices ...");
+            $self->logger->debug("Looking for 2F Devices...");
             my $_2fDevices;
             if ( $req->userData->{_2fDevices} ) {
                 $_2fDevices = eval {
@@ -78,7 +86,7 @@ sub run {
             # Search if the Yubikey is already registered
             my $SameUBKFound = 0;
             foreach (@$_2fDevices) {
-                $self->logger->debug("Reading Yubikeys ...");
+                $self->logger->debug("Reading Yubikeys...");
                 if ( $_->{_yubikey} eq $key ) {
                     $SameUBKFound = 1;
                     last;
@@ -100,7 +108,7 @@ sub run {
             # Check if user can register one more device
             my $size    = @$_2fDevices;
             my $maxSize = $self->conf->{max2FDevices};
-            $self->logger->debug("Nbr 2FDevices = $size / $maxSize");
+            $self->logger->debug("Registered 2F Device(s): $size / $maxSize");
             if ( $size >= $maxSize ) {
                 $self->userLogger->warn("Max number of 2F devices is reached");
                 return $self->p->sendHtml(
@@ -120,9 +128,8 @@ sub run {
                 _yubikey => $key,
                 epoch    => $epoch
               };
-
             $self->logger->debug(
-                "Append 2F Device : { type => 'UBK', name => $UBKName }");
+                "Append 2F Device: { type => 'UBK', name => $UBKName }");
             $self->p->updatePersistentSession( $req,
                 { _2fDevices => to_json($_2fDevices) } );
             $self->userLogger->notice(
@@ -161,8 +168,8 @@ sub run {
             400 );
 
         # Read existing 2FDevices
-        $self->logger->debug("Looking for 2F Devices ...");
-        my $_2fDevices;
+        $self->logger->debug("Looking for 2F Devices...");
+        my ( $_2fDevices, $UBKName );
         if ( $req->userData->{_2fDevices} ) {
             $_2fDevices = eval {
                 from_json( $req->userData->{_2fDevices},
@@ -179,13 +186,12 @@ sub run {
         }
 
         # Delete Yubikey device
-        my $UBKName;
-        foreach (@$_2fDevices) {
-            $UBKName = $_->{name} if $_->{epoch} eq $epoch;
-        }
-        @$_2fDevices = grep { $_->{epoch} ne $epoch } @$_2fDevices;
+        @$_2fDevices = map {
+            if ( $_->{epoch} eq $epoch ) { $UBKName = $_->{name}; () }
+            else                         { $_ }
+        } @$_2fDevices;
         $self->logger->debug(
-"Delete 2F Device : { type => 'UBK', epoch => $epoch, name => $UBKName }"
+"Delete 2F Device: { type => 'UBK', epoch => $epoch, name => $UBKName }"
         );
         $self->p->updatePersistentSession( $req,
             { _2fDevices => to_json($_2fDevices) } );
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/TOTP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/TOTP.pm
index 68ff5064b..e49e7e1b0 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/TOTP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/TOTP.pm
@@ -23,7 +23,6 @@ extends 'Lemonldap::NG::Portal::Main::SecondFactor',
 # INITIALIZATION
 
 has prefix => ( is => 'ro', default => 'totp' );
-
 has logo => ( is => 'rw', default => 'totp.png' );
 
 sub init {
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm
index f9aedfcf0..96a42afb6 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm
@@ -24,9 +24,7 @@ extends 'Lemonldap::NG::Portal::Main::SecondFactor',
 # INITIALIZATION
 
 has rule => ( is => 'rw' );
-
 has prefix => ( is => 'ro', default => 'u' );
-
 has logo => ( is => 'rw', default => 'u2f.png' );
 
 sub init {
@@ -109,6 +107,7 @@ sub run {
 
 sub verify {
     my ( $self, $req, $session ) = @_;
+    my $crypter;
 
     # Check U2F signature
     if (    my $resp = $req->param('signature')
@@ -136,10 +135,9 @@ sub verify {
             $req->error(PE_ERROR);
             return $self->fail($req);
         }
-        my $crypter;
-        foreach ( @{ $req->data->{crypter} } ) {
-            $crypter = $_ if ( $_->{keyHandle} eq $data->{keyHandle} );
-        }
+        $crypter = $_
+          foreach grep { $_->{keyHandle} eq $data->{keyHandle} }
+          @{ $req->data->{crypter} };
         unless ($crypter) {
             $self->userLogger->error("Unregistered U2F key");
             $req->error(PE_BADCREDENTIALS);
@@ -245,7 +243,7 @@ sub loadUser {
                     'U2F error: ' . Crypt::U2F::Server::u2fclib_getError() );
             }
         }
-        return -1 unless (@crypters);
+        return -1 unless @crypters;
 
         $req->data->{crypter} = \@crypters;
         return 1;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Yubikey.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Yubikey.pm
index 8ca6ee649..c1611c240 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Yubikey.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Yubikey.pm
@@ -22,9 +22,7 @@ extends 'Lemonldap::NG::Portal::Main::SecondFactor';
 # INITIALIZATION
 
 has prefix => ( is => 'ro', default => 'yubikey' );
-
 has logo => ( is => 'rw', default => 'yubikey.png' );
-
 has yubi => ( is => 'rw' );
 
 sub init {
@@ -88,8 +86,7 @@ sub init {
 
 sub _findYubikey {
     my ( $self, $req, $sessionInfo ) = @_;
-    my $yubikey;
-    my $_2fDevices;
+    my ( $yubikey, $_2fDevices );
 
     # First, lookup from session attribute
     if ( $self->conf->{yubikey2fFromSessionAttribute} ) {
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm
index f969c2cfc..b5fd7439d 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm
@@ -115,10 +115,7 @@ sub getUser {
     my ( $self, $req, %args ) = @_;
 
     $self->validateLdap;
-
-    unless ( $self->ldap ) {
-        return PE_LDAPCONNECTFAILED;
-    }
+    return PE_LDAPCONNECTFAILED unless $self->ldap;
 
     $self->bind();
 
@@ -144,7 +141,10 @@ sub getUser {
         return PE_BADCREDENTIALS;
     }
     unless ( $req->data->{ldapentry} = $mesg->entry(0) ) {
-        $self->userLogger->warn("$req->{user} was not found in LDAP directory (".$req->address.")");
+        $self->userLogger->warn(
+                "$req->{user} was not found in LDAP directory ("
+              . $req->address
+              . ")" );
         eval { $self->p->_authentication->setSecurity($req) };
         return PE_BADCREDENTIALS;
     }
@@ -168,8 +168,8 @@ sub bind {
     my $self = shift;
 
     $self->validateLdap;
-
-    return undef unless ( $self->ldap );
+    return undef unless $self->ldap;
+    
     my $msg = $self->ldap->bind(@_);
     if ( $msg->code ) {
         $self->logger->error( $msg->error );
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/REST.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/REST.pm
index 211f9848e..fe2f1497b 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/REST.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/REST.pm
@@ -28,9 +28,8 @@ sub restCall {
     $hreq->header( 'Content-Type' => 'application/json' );
     $hreq->content( to_json($content) );
     my $resp = $self->ua->request($hreq);
-    unless ( $resp->is_success ) {
-        die $resp->status_line;
-    }
+    die $resp->status_line unless $resp->is_success;
+
     my $res = eval { from_json( $resp->content ) };
     die "Bad REST response: $@" if ($@);
     if ( ref($res) ne "HASH" ) {
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
index 1554b7894..45388d9f1 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
@@ -308,6 +308,29 @@ sub loadIDPs {
         }
         $self->logger->debug("Set encryption mode $encryption_mode on IDP $_");
 
+        # Set signature method if overriden
+        my $signature_method = $self->conf->{samlIDPMetaDataOptions}->{$_}
+          ->{samlIDPMetaDataOptionsSignatureMethod};
+        if ($signature_method) {
+            my $lasso_signature_method =
+              $self->getSignatureMethod($signature_method);
+
+            unless (
+                $self->setProviderSignatureMethod(
+                    $self->lassoServer->get_provider($entityID),
+                    $lasso_signature_method
+                )
+              )
+            {
+                $self->logger->error(
+                    "Unable to set signature method $signature_method on IDP $_"
+                );
+                next;
+            }
+            $self->logger->debug(
+                "Set signature method $signature_method on IDP $_");
+        }
+
         # Set display options
         $self->idpList->{$entityID}->{displayName} =
           $self->conf->{samlIDPMetaDataOptions}->{$_}
@@ -414,6 +437,29 @@ sub loadSPs {
         }
         $self->logger->debug("Set encryption mode $encryption_mode on SP $_");
 
+        # Set signature method if overriden
+        my $signature_method = $self->conf->{samlSPMetaDataOptions}->{$_}
+          ->{samlSPMetaDataOptionsSignatureMethod};
+        if ($signature_method) {
+            my $lasso_signature_method =
+              $self->getSignatureMethod($signature_method);
+
+            unless (
+                $self->setProviderSignatureMethod(
+                    $self->lassoServer->get_provider($entityID),
+                    $lasso_signature_method
+                )
+              )
+            {
+                $self->logger->error(
+                    "Unable to set signature method $signature_method on SP $_"
+                );
+                next;
+            }
+            $self->logger->debug(
+                "Set signature method $signature_method on SP $_");
+        }
+
         my $rule = $self->conf->{samlSPMetaDataOptions}->{$_}
           ->{samlSPMetaDataOptionsRule};
         if ( length $rule ) {
@@ -3166,15 +3212,44 @@ sub getSignatureMethod {
       eval 'Lasso::Constants::SIGNATURE_METHOD_RSA_SHA1';
     my $signature_method_rsa_sha256 =
       eval 'Lasso::Constants::SIGNATURE_METHOD_RSA_SHA256';
+    my $signature_method_rsa_sha384 =
+      eval 'Lasso::Constants::SIGNATURE_METHOD_RSA_SHA384';
+    my $signature_method_rsa_sha512 =
+      eval 'Lasso::Constants::SIGNATURE_METHOD_RSA_SHA512';
     my $signature_method_none = eval 'Lasso::Constants::SIGNATURE_METHOD_NONE';
 
     return $signature_method_rsa_sha1
       if ( $signature_method =~ /^RSA_SHA1$/i );
     return $signature_method_rsa_sha256
       if ( $signature_method =~ /^RSA_SHA256$/i );
+    return $signature_method_rsa_sha384
+      if ( $signature_method =~ /^RSA_SHA384$/i );
+    return $signature_method_rsa_sha512
+      if ( $signature_method =~ /^RSA_SHA512$/i );
     return $signature_method_none;
 }
 
+## @method boolean setProviderSignatureMethod(Lasso::Provider provider, int signature_method)
+# Set signature method on a provider
+# @param provider Lasso::Provider object
+# @param signature_method Lasso signature method
+# @return result
+sub setProviderSignatureMethod {
+    my ( $self, $provider, $signature_method ) = @_;
+
+    eval {
+        my $key = Lasso::Key::new_for_signature_from_file(
+            $self->conf->{samlServicePrivateKeySig},
+            $self->conf->{samlServicePrivateKeySigPwd} || '',
+            $signature_method,
+            $self->conf->{samlServicePublicKeySig}
+        );
+        $provider->set_server_signing_key($key);
+    };
+
+    return $self->checkLassoError($@);
+}
+
 1;
 
 __END__
@@ -3540,6 +3615,10 @@ Get query string with or without CGI query_string() method
 
 Return Lasso signature method
 
+=head2 setProviderSignatureMethod
+
+Set signature method on a provider
+
 =head1 SEE ALSO
 
 L<Lemonldap::NG::Portal::Auth::SAML>, L<Lemonldap::NG::Portal::UserDBSAML>
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm
index e594ad834..a9b5b7daa 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm
@@ -104,6 +104,63 @@ sub createNotification {
     }
 }
 
+sub allowedUpdateSfa {
+    my ( $self, $req, $action ) = @_;
+    my $user = $req->userData->{ $self->conf->{whatToTrace} };
+    my $res  = 1;
+
+    # Test action
+    if ( $action && $action eq 'delete' ) {
+        my $module = lc ref $self;
+        $module = ( $module =~ /2f::register::(\w+)$/ )[0];
+        $module =~ s/2f//;
+        $self->logger->debug("$user request to delete ${module}2f device");
+        if (   $self->{conf}->{"${module}2fAuthnLevel"}
+            && $req->userData->{authenticationLevel} <
+            $self->{conf}->{"${module}2fAuthnLevel"} )
+        {
+            $self->userLogger->warn(
+"$user request to delete ${module}2f device rejected due to insufficient authentication level!"
+            );
+            $self->logger->debug(
+"authLevel: $req->{userData}->{authenticationLevel} < requiredLevel: "
+                  . $self->{conf}->{"${module}2fAuthnLevel"} );
+            undef $res;
+        }
+    }
+
+    # Test if impersonation is in progress
+    if ( $res && $self->conf->{impersonationRule} ) {
+        $self->logger->debug('Impersonation plugin is enabled');
+        if (   $req->userData->{"$self->{conf}->{impersonationPrefix}_user"}
+            && $req->userData->{"$self->{conf}->{impersonationPrefix}_user"} ne
+            $req->userData->{_user} )
+        {
+            $self->userLogger->warn(
+                "Impersonation in progress! $user is not allowed to update 2FA."
+            );
+            undef $res;
+        }
+    }
+
+    # Test if contextSwitching is in progress
+    if ( $res && $self->conf->{contextSwitchingRule} ) {
+        $self->logger->debug('ContextSwitching plugin is enabled');
+        if (
+            $req->userData->{
+                "$self->{conf}->{contextSwitchingPrefix}_session_id"}
+            && !$self->conf->{contextSwitchingAllowed2fModifications} )
+        {
+            $self->userLogger->warn(
+"ContextSwitching in progress! $user is not allowed to update 2FA."
+            );
+            undef $res;
+        }
+    }
+    $self->userLogger->info("$user is allowed to update 2FA") if $res;
+    return $res;
+}
+
 1;
 __END__
 
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
index c7cd51d19..6d5d744ea 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
@@ -32,8 +32,10 @@ our @pList = (
     portalDisplayFavApps                => '::Plugins::FavApps',
     contextSwitchingRule                => '::Plugins::ContextSwitching',
     decryptValueRule                    => '::Plugins::DecryptValue',
-    globalLogoutRule                    => '::Plugins::GlobalLogout',
-    refreshSessions                     => '::Plugins::Refresh',
+    adaptativeAuthenticationLevelRules =>
+      '::Plugins::AdaptativeAuthenticationLevel',
+    globalLogoutRule => '::Plugins::GlobalLogout',
+    refreshSessions  => '::Plugins::Refresh',
 );
 
 ##@method list enabledPlugins
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AdaptativeAuthenticationLevel.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AdaptativeAuthenticationLevel.pm
new file mode 100644
index 000000000..0a2b8bee7
--- /dev/null
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AdaptativeAuthenticationLevel.pm
@@ -0,0 +1,83 @@
+package Lemonldap::NG::Portal::Plugins::AdaptativeAuthenticationLevel;
+
+use Mouse;
+use Lemonldap::NG::Portal::Main::Constants qw(
+  PE_OK
+);
+
+our $VERSION = '2.0.10';
+
+extends 'Lemonldap::NG::Portal::Main::Plugin';
+
+use constant afterData => 'adaptAuthenticationLevel';
+
+has rules => ( is => 'rw', default => sub { {} } );
+
+sub init {
+    my ($self) = @_;
+    $self->logger->debug('Init AdaptativeAuthenticationLevel plugin');
+
+    foreach (
+        keys %{ $self->conf->{adaptativeAuthenticationLevelRules} // {} } )
+    {
+        $self->logger->debug("adaptativeAuthenticationLevelRules key -> $_");
+        $self->logger->debug( "adaptativeAuthenticationLevelRules value -> "
+              . $self->conf->{adaptativeAuthenticationLevelRules}->{$_} );
+
+        my $rule =
+          $self->p->buildRule( $_, 'adaptativeAuthenticationLevelRules' );
+        next unless $rule;
+        $self->rules->{$_} = $rule;
+    }
+    return 1;
+}
+
+sub adaptAuthenticationLevel {
+    my ( $self, $req ) = @_;
+
+    my $userid = $req->sessionInfo->{ $self->conf->{whatToTrace} };
+    $self->logger->debug("Check adaptative authentication rules for $userid");
+
+    my $authenticationLevel = $req->sessionInfo->{authenticationLevel};
+    $self->logger->debug(
+        "Current authentication level for $userid is $authenticationLevel");
+
+    my $updatedAuthenticationLevel = $authenticationLevel;
+
+    foreach ( keys %{ $self->rules } ) {
+        my $rule = $_;
+        $self->logger->debug(
+            "Check adaptativeAuthenticationLevelRules -> $rule");
+        if ( $self->rules->{$_}->( $req, $req->sessionInfo ) ) {
+            my $levelOperation =
+              $self->conf->{adaptativeAuthenticationLevelRules}->{$_};
+            $self->logger->debug(
+"User $userid match rule, apply $levelOperation on authentication level"
+            );
+
+            my ( $op, $level ) = ( $levelOperation =~ /([=+-])?(\d+)/ );
+            $updatedAuthenticationLevel = $level if ( !$op or $op eq '=' );
+            $updatedAuthenticationLevel += $level if ( $op and $op eq '+' );
+            $updatedAuthenticationLevel -= $level if ( $op and $op eq '-' );
+            $self->logger->debug(
+"Authentication level for $userid is now $updatedAuthenticationLevel"
+            );
+        }
+    }
+
+    if ( $authenticationLevel ne $updatedAuthenticationLevel ) {
+        $self->logger->debug(
+            "Authentication level has changed for $userid, update session");
+        $self->p->updateSession(
+            $req,
+            {
+                'authenticationLevel' => $updatedAuthenticationLevel
+            }
+        );
+
+    }
+
+    return PE_OK;
+}
+
+1;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm
index 1a0d1b34d..eddf8ae7e 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm
@@ -177,7 +177,18 @@ sub activeSessions {
       $self->module->searchOn( $moduleOptions, $self->conf->{whatToTrace},
         $user );
 
-    $self->logger->debug("Building array ref with sessions info...");
+    $self->logger->debug('Remove corrupted sessions...');
+    my $corrupted = 0;
+    foreach ( keys %$sessions ) {
+        unless ( $sessions->{$_}->{_session_kind} eq 'SSO' ) {
+            delete $sessions->{$_};
+            $corrupted++;
+        }
+    }
+    $self->logger->info("$corrupted corrupted session(s) removed")
+      if $corrupted;
+
+    $self->logger->debug('Build an array ref with sessions info...');
     @$activeSessions =
       map {
         my $epoch;
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index f1c127a55..faf9d7244 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -1,6 +1,6 @@
 {
 "PE-7":"Vous avez été déconnecté",
-"PE-6":"Le mot de passe a été changé",
+"PE-6":"Le mot de passe a été changé avec succès",
 "PE0":"Utilisateur authentifié",
 "PE1":"Votre session a expiré, vous devez vous ré-authentifier",
 "PE2":"Identifiant ou mot de passe non renseigné",
@@ -237,7 +237,7 @@
 "proxyError": "Mauvaise passerelle : impossible de joindre le serveur amont",
 "pwd":"Mot de passe",
 "pwdChange":"Changement de mot de passe",
-"pwdChanged":"Your password has been successfully changed!",
+"pwdChanged":"Votre mot de passe a été changé avec succès !",
 "pwdResetAlreadyIssued":"Une demande de réinitialisation de mot de passe a déjà été faite le ",
 "pwdWillExpire":"%s jours, %s heures, %s minutes et %s secondes avant expiration de votre mot de passe, pensez à le changer !",
 "radius2f":"Radius",
diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t
index f19c6f302..a4639209a 100644
--- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t
+++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t
@@ -1,6 +1,8 @@
 use lib 'inc';
 use Test::More;
 use strict;
+use URI;
+use URI::QueryParam;
 use IO::String;
 use LWP::UserAgent;
 use LWP::Protocol::PSGI;
@@ -11,7 +13,7 @@ BEGIN {
     require 't/saml-lib.pm';
 }
 
-my $maintests = 19;
+my $maintests = 21;
 my $debug     = 'error';
 my ( $issuer, $sp, $res );
 
@@ -152,6 +154,14 @@ SKIP: {
       expectForm( $res, 'auth.sp.com', '/saml/proxySingleSignOnPost',
         'SAMLResponse', 'RelayState' );
 
+    my ($resp) = $query =~ qr/SAMLResponse=([^&]*)/;
+    my $message = decode_base64( URI::Escape::uri_unescape $resp);
+    like(
+        $message,
+qr@SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"@,
+        "Signed using SHA-256"
+    );
+
     # Post SAML response to SP
     switch ('sp');
     ok(
@@ -190,6 +200,14 @@ SKIP: {
     ( $url, $query ) = expectRedirection( $res,
         qr#^http://auth.idp.com(/saml/singleLogout)\?(SAMLRequest=.+)# );
 
+    my $uri = URI->new;
+    $uri->query($query);
+    is(
+        $uri->query_param("SigAlg"),
+        'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384',
+        'SHA256 used to sign Logout Request'
+    );
+
     # Push SAML logout request to IdP
     switch ('issuer');
     ok(
@@ -264,6 +282,7 @@ sub issuer {
                         samlSPMetaDataOptionsSignSLOMessage           => 1,
                         samlSPMetaDataOptionsCheckSSOMessageSignature => 1,
                         samlSPMetaDataOptionsCheckSLOMessageSignature => 1,
+                        samlSPMetaDataOptionsSignatureMethod => "RSA_SHA256",
                     }
                 },
                 samlSPMetaDataExportedAttributes => {
@@ -281,6 +300,7 @@ sub issuer {
                 samlServicePrivateKeySig    => saml_key_idp_private_sig,
                 samlServicePublicKeyEnc     => saml_key_idp_public_enc,
                 samlServicePublicKeySig     => saml_key_idp_public_sig,
+                samlServiceSignatureMethod  => "RSA_SHA1",
                 samlSPMetaDataXML           => {
                     "sp.com" => {
                         samlSPMetaDataXML =>
@@ -319,6 +339,7 @@ sub sp {
                         samlIDPMetaDataOptionsCheckSSOMessageSignature => 1,
                         samlIDPMetaDataOptionsCheckSLOMessageSignature => 1,
                         samlIDPMetaDataOptionsForceUTF8                => 1,
+                        samlIDPMetaDataOptionsSignatureMethod => "RSA_SHA384",
                     }
                 },
                 samlIDPMetaDataExportedAttributes => {
@@ -340,6 +361,7 @@ sub sp {
                 samlServicePrivateKeyEnc    => saml_key_sp_private_enc,
                 samlServicePrivateKeySig    => saml_key_sp_private_sig,
                 samlServicePublicKeyEnc     => saml_key_sp_public_enc,
+                samlServiceSignatureMethod  => "RSA_SHA1",
                 samlSPSSODescriptorAuthnRequestsSigned => 1,
             },
         }
diff --git a/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t b/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t
new file mode 100644
index 000000000..dcacae271
--- /dev/null
+++ b/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t
@@ -0,0 +1,84 @@
+use Test::More;
+use strict;
+use IO::String;
+use Data::Dumper;
+
+BEGIN {
+    require 't/test-lib.pm';
+}
+
+my $res;
+my $id;
+my $json;
+
+my $client = LLNG::Manager::Test->new( {
+        ini => {
+            logLevel                           => 'error',
+            authentication                     => 'Demo',
+            userDB                             => 'Same',
+            adaptativeAuthenticationLevelRules => {
+                '$uid eq "dwho"'   => '+2',
+                '$uid eq "msmith"' => '=5',
+            },
+            restSessionServer => 1,
+        }
+    }
+);
+
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new('user=dwho&password=dwho'),
+        accept => 'text/html',
+        length => 23
+    ),
+    'Auth query'
+);
+count(1);
+$id = expectCookie($res);
+
+ok(
+    $res = $client->_get(
+        '/session/my/global', cookie => "lemonldap=$id"
+    ),
+    'Get session'
+);
+count(1);
+$json = expectJSON($res);
+
+ok( $json->{authenticationLevel} == 3, 'Authentication level upgraded' );
+count(1);
+
+ok( $client->logout($id), 'Logout' );
+count(1);
+
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new('user=msmith&password=msmith'),
+        accept => 'text/html',
+        length => 27
+    ),
+    'Auth query'
+);
+count(1);
+$id = expectCookie($res);
+
+ok(
+    $res = $client->_get(
+        '/session/my/global', cookie => "lemonldap=$id"
+    ),
+    'Get session'
+);
+count(1);
+$json = expectJSON($res);
+
+ok( $json->{authenticationLevel} == 5, 'Authentication level upgraded' );
+count(1);
+
+ok( $client->logout($id), 'Logout' );
+count(1);
+
+clean_sessions();
+
+done_testing( count() );
diff --git a/lemonldap-ng-portal/t/68-Impersonation-with-SFA.t b/lemonldap-ng-portal/t/68-Impersonation-with-SFA.t
new file mode 100644
index 000000000..e5d233e64
--- /dev/null
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-SFA.t
@@ -0,0 +1,408 @@
+use Test::More;
+use strict;
+use IO::String;
+
+BEGIN {
+    require 't/test-lib.pm';
+}
+my $maintests = 57;
+
+SKIP: {
+    require Lemonldap::NG::Common::TOTP;
+    eval { require Crypt::U2F::Server; require Authen::U2F::Tester };
+    if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) {
+        skip 'Missing U2F libraries', $maintests;
+    }
+    eval { require Convert::Base32 };
+    if ($@) {
+        skip 'Convert::Base32 is missing';
+    }
+    use_ok('Lemonldap::NG::Common::FormEncode');
+
+    my $res;
+    my $client = LLNG::Manager::Test->new( {
+            ini => {
+                logLevel               => 'error',
+                authentication         => 'Demo',
+                userDB                 => 'Same',
+                portalMainLogo         => 'common/logos/logo_llng_old.png',
+                impersonationRule      => 1,
+                totp2fSelfRegistration => 1,
+                totp2fActivation       => 1,
+                totp2fAuthnLevel       => 8,
+                u2fSelfRegistration    => 1,
+                u2fActivation          => 1,
+            }
+        }
+    );
+
+    # Try to authenticate
+    # -------------------
+    ok(
+        $res = $client->_post(
+            '/', IO::String->new('user=rtyler&password=rtyler'),
+            length => 27
+        ),
+        'Auth query'
+    );
+    my $id = expectCookie($res);
+
+    ok(
+        $res = $client->_get(
+            '/',
+            cookie => "lemonldap=$id",
+            accept => 'text/html'
+        ),
+        'Get Menu'
+    );
+    expectAuthenticatedAs( $res, 'rtyler' );
+    ok( $res->[2]->[0] =~ m%<span trspan="sfaManager">sfaManager</span>%,
+        'sfaManager link found' )
+      or print STDERR Dumper( $res->[2]->[0] );
+
+    ## Try to register a TOTP
+    # TOTP form
+    ok(
+        $res = $client->_get(
+            '/2fregisters/totp',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /totpregistration\.(?:min\.)?js/, 'Found TOTP js' );
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # JS query
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/getkey', IO::String->new(''),
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get new key'
+    );
+    eval { $res = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), 'Content is JSON' )
+      or explain( $res->[2]->[0], 'JSON content' );
+    my ( $key, $token );
+    ok( $key   = $res->{secret}, 'Found secret' ) or print STDERR Dumper($res);
+    ok( $token = $res->{token},  'Found token' )  or print STDERR Dumper($res);
+    ok( $res->{user} eq 'rtyler', 'Found user' )
+      or print STDERR Dumper($res);
+    $key = Convert::Base32::decode_base32($key);
+
+    # Post code
+    my $code;
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
+        'Code' );
+    ok( $code =~ /^\d{6}$/, 'Code contains 6 digits' );
+    my $s = "code=$code&token=$token&TOTPName=myTOTP";
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/verify',
+            IO::String->new($s),
+            length => length($s),
+            cookie => "lemonldap=$id",
+        ),
+        'Post code'
+    );
+    eval { $res = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), 'Content is JSON' )
+      or explain( $res->[2]->[0], 'JSON content' );
+    ok( $res->{result} == 1, 'TOTP is registered' );
+
+    ## Try to register an U2F key
+    ok(
+        $res = $client->_get(
+            '/2fregisters/u',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /u2fregistration\.(?:min\.)?js/, 'Found U2F js' );
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # Ajax registration request
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/register', IO::String->new(''),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get registration challenge'
+    );
+    expectOK($res);
+    my $data;
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( ( $data->{challenge} and $data->{appId} ), ' Get challenge and appId' )
+      or explain( $data, 'challenge and appId' );
+
+    # Build U2F tester
+    my $tester = Authen::U2F::Tester->new(
+        certificate => Crypt::OpenSSL::X509->new_from_string(
+            '-----BEGIN CERTIFICATE-----
+MIIB6DCCAY6gAwIBAgIJAJKuutkN2sAfMAoGCCqGSM49BAMCME8xCzAJBgNVBAYT
+AlVTMQ4wDAYDVQQIDAVUZXhhczEaMBgGA1UECgwRVW50cnVzdGVkIFUyRiBPcmcx
+FDASBgNVBAMMC3ZpcnR1YWwtdTJmMB4XDTE4MDMyODIwMTc1OVoXDTI3MTIyNjIw
+MTc1OVowTzELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRowGAYDVQQKDBFV
+bnRydXN0ZWQgVTJGIE9yZzEUMBIGA1UEAwwLdmlydHVhbC11MmYwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQTij+9mI1FJdvKNHLeSQcOW4ob3prvIXuEGJMrQeJF
+6OYcgwxrVqsmNMl5w45L7zx8ryovVOti/mtqkh2pQjtpo1MwUTAdBgNVHQ4EFgQU
+QXKKf+rrZwA4WXDCU/Vebe4gYXEwHwYDVR0jBBgwFoAUQXKKf+rrZwA4WXDCU/Ve
+be4gYXEwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAiCdOEmw5
+hknzHR1FoyFZKRrcJu17a1PGcqTFMJHTC70CIHeCZ8KVuuMIPjoofQd1l1E221rv
+RJY1Oz1fUNbrIPsL
+-----END CERTIFICATE-----', Crypt::OpenSSL::X509::FORMAT_PEM()
+        ),
+        key => Crypt::PK::ECC->new(
+            \'-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOdbZw1swQIL+RZoDQ9zwjWY5UjA1NO81WWjwbmznUbgoAoGCCqGSM49
+AwEHoUQDQgAEE4o/vZiNRSXbyjRy3kkHDluKG96a7yF7hBiTK0HiRejmHIMMa1ar
+JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
+-----END EC PRIVATE KEY-----'
+        ),
+    );
+    my $r = $tester->register( $data->{appId}, $data->{challenge} );
+    ok( $r->is_success, ' Good challenge value' )
+      or diag( $r->error_message );
+
+    my $registrationData = JSON::to_json( {
+            clientData       => $r->client_data,
+            errorCode        => 0,
+            registrationData => $r->registration_data,
+            version          => "U2F_V2"
+        }
+    );
+    my ( $host, $url, $query );
+    $query = Lemonldap::NG::Common::FormEncode::build_urlencoded(
+        registration => $registrationData,
+        challenge    => $res->[2]->[0],
+    );
+
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/registration', IO::String->new($query),
+            length => length($query),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+        ),
+        'Push registration data'
+    );
+    expectOK($res);
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( $data->{result} == 1, 'U2F key is registered' )
+      or explain( $data, '"result":1' );
+
+    $client->logout($id);
+
+    ## Try to impersonate
+    ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
+    ( $host, $url, $query ) =
+      expectForm( $res, '#', undef, 'user', 'password', 'spoofId' );
+
+    $query =~ s/user=/user=rtyler/;
+    $query =~ s/password=/password=rtyler/;
+    $query =~ s/spoofId=/spoofId=dwho/;
+
+    ok(
+        $res = $client->_post(
+            '/',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    ( $host, $url, $query ) = expectForm( $res, undef, '/2fchoice', 'token' );
+    $query .= '&sf=totp';
+    ok(
+        $res = $client->_post(
+            '/2fchoice',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post TOTP choice'
+    );
+    ( $host, $url, $query ) =
+      expectForm( $res, undef, '/totp2fcheck', 'token' );
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
+        'Code' );
+    $query =~ s/code=/code=$code/;
+    ok(
+        $res = $client->_post(
+            '/totp2fcheck', IO::String->new($query),
+            length => length($query),
+        ),
+        'Post code'
+    );
+    $id = expectCookie($res);
+
+    # Get Menu
+    # ------------------------
+    ok(
+        $res = $client->_get(
+            '/',
+            cookie => "lemonldap=$id",
+            accept => 'text/html'
+        ),
+        'Get Menu',
+    );
+    expectOK($res);
+    expectAuthenticatedAs( $res, 'dwho' );
+
+    # 2fregisters
+    ok(
+        $res = $client->_get(
+            '/2fregisters',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form 2fregisters'
+    );
+    ok( $res->[2]->[0] =~ /<span id="msg" trspan="choose2f">/,
+        'Found choose 2F' )
+      or print STDERR Dumper( $res->[2]->[0] );
+    ok( $res->[2]->[0] !~ m%<span device=\'(TOTP|U2F)\' epoch=\'\d{10}\'%g,
+        'No 2F device found' )
+      or print STDERR Dumper( $res->[2]->[0] );
+
+    ## Try to register a TOTP
+    # TOTP form
+    ok(
+        $res = $client->_get(
+            '/2fregisters/totp',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /totpregistration\.(?:min\.)?js/, 'Found TOTP js' )
+      or print STDERR Dumper( $res->[2]->[0] );
+
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # JS query
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/getkey', IO::String->new(''),
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get new key'
+    );
+    eval { $res = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), 'Content is JSON' )
+      or explain( $res->[2]->[0], 'JSON content' );
+    ok( $res->{error} eq 'notAuthorized', 'Not authorized to register a TOTP' )
+      or explain( $res, 'Bad result' );
+
+    # Try to unregister TOTP
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/delete',
+            IO::String->new("epoch=1234567890"),
+            length => 16,
+            cookie => "lemonldap=$id",
+        ),
+        'Delete TOTP query'
+    );
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok(
+        $data->{error} eq 'notAuthorized',
+        'Not authorized to unregister a TOTP'
+    ) or explain( $data, 'Bad result' );
+
+    # Try to verify TOTP
+    $s = "code=123456&token=1234567890&TOTPName=myTOTP";
+    ok(
+        $res = $client->_post(
+            '/2fregisters/totp/verify',
+            IO::String->new($s),
+            length => length($s),
+            cookie => "lemonldap=$id",
+        ),
+        'Post code'
+    );
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok( $data->{error} eq 'notAuthorized', 'Not authorized to verify a TOTP' )
+      or explain( $data, 'Bad result' );
+
+    ## Try to register an U2F key
+    # U2F form
+    ok(
+        $res = $client->_get(
+            '/2fregisters/u',
+            cookie => "lemonldap=$id",
+            accept => 'text/html',
+        ),
+        'Form registration'
+    );
+    ok( $res->[2]->[0] =~ /u2fregistration\.(?:min\.)?js/, 'Found U2F js' );
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+
+    # Ajax registration request
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/register', IO::String->new(''),
+            accept => 'application/json',
+            cookie => "lemonldap=$id",
+            length => 0,
+        ),
+        'Get registration challenge'
+    );
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok(
+        $data->{error} eq 'notAuthorized',
+        'Not authorized to register an U2F key'
+    ) or explain( $data, 'Bad result' );
+
+    # Try to unregister U2F key
+    ok(
+        $res = $client->_post(
+            '/2fregisters/u/delete',
+            IO::String->new("epoch=1234567890"),
+            length => 16,
+            cookie => "lemonldap=$id",
+        ),
+        'Delete U2F key query'
+    );
+    eval { $data = JSON::from_json( $res->[2]->[0] ) };
+    ok( not($@), ' Content is JSON' )
+      or explain( [ $@, $res->[2] ], 'JSON content' );
+    ok(
+        $data->{error} eq 'notAuthorized',
+        'Not authorized to unregister an U2F key'
+    ) or explain( $data, 'Bad result' );
+
+    $client->logout($id);
+}
+
+count($maintests);
+clean_sessions();
+done_testing( count() );
diff --git a/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t b/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t
index c9e39924b..013743fc4 100644
--- a/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-TOTP.t
@@ -23,13 +23,13 @@ SKIP: {
                 requireToken        => 0,
                 checkUser           => 1,
                 impersonationRule   => 1,
-                checkUserDisplayPersistentInfo => 0,
-                checkUserDisplayEmptyValues    => 0,
+                checkUserDisplayPersistentInfo  => 0,
+                checkUserDisplayEmptyValues     => 0,
                 checkUserDisplayComputedSession => 1,
-                impersonationMergeSSOgroups    => 1,
-                totp2fSelfRegistration         => 1,
-                totp2fActivation               => 1,
-                totp2fAuthnLevel               => 8
+                impersonationMergeSSOgroups     => 1,
+                totp2fSelfRegistration          => 1,
+                totp2fActivation                => 1,
+                totp2fAuthnLevel                => 8
             }
         }
     );
diff --git a/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t b/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t
index 749288f2f..b4d12be91 100644
--- a/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t
+++ b/lemonldap-ng-portal/t/70-2F-TOTP-with-TTL.t
@@ -47,7 +47,7 @@ SKIP: {
         'Get Menu'
     );
     ok( $res->[2]->[0] !~ m%<span trspan="sfaManager">sfaManager</span>%,
-        'sfaManager link found' )
+        'sfaManager link not found' )
       or print STDERR Dumper( $res->[2]->[0] );
 
     # TOTP form
@@ -113,7 +113,7 @@ SKIP: {
     eval { $res = JSON::from_json( $res->[2]->[0] ) };
     ok( not($@), 'Content is JSON' )
       or explain( $res->[2]->[0], 'JSON content' );
-    ok( $res->{result} == 1, 'Key is registered' );
+    ok( $res->{result} == 1, 'TOTP is registered' );
 
     # Try to sign-in
     $client->logout($id);
diff --git a/lemonldap-ng-portal/t/71-2F-U2F.t b/lemonldap-ng-portal/t/71-2F-U2F.t
index a3df4ce2c..2b045ea17 100644
--- a/lemonldap-ng-portal/t/71-2F-U2F.t
+++ b/lemonldap-ng-portal/t/71-2F-U2F.t
@@ -46,7 +46,7 @@ SKIP: {
         'Get Menu'
     );
     ok( $res->[2]->[0] !~ m%<span trspan="sfaManager">sfaManager</span>%,
-        'sfaManager link found' )
+        'sfaManager link not found' )
       or print STDERR Dumper( $res->[2]->[0] );
 
     # U2F form
@@ -210,8 +210,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
         );
     }
 }
-count($maintests);
 
+count($maintests);
 clean_sessions();
-
 done_testing( count() );