worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Secure Token configuration in Manager (#288)

Browse Source
environments/ppa-mbqj77/deployments/1
Clément Oudot 14 years ago
parent e69d175174
commit 846a9b8998
3 changed files with 97 additions and 57 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      modules/lemonldap-ng-manager/example/skins/default/js/manager.js
  2. 69
      modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
  3. 84
      modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm

1
modules/lemonldap-ng-manager/example/skins/default/js/manager.js
Unescape View File

@ -68,6 +68,7 @@ var helpCh={
'samlSPExportedAttributes':'/pages/documentation/latest/idpsaml.html#exported_attributes',
'samlSPMetaDataXML':'/pages/documentation/latest/idpsaml.html#metadata',
'samlSPOptions':'/pages/documentation/latest/idpsaml.html#options',
'securetoken':'/pages/documentation/latest/securetoken.html',
'security':'/pages/documentation/latest/security.html#configure_security_settings',
'sessions':'/pages/documentation/latest/sessions.html',
'sessionsdb':'/pages/documentation/latest/start.html#sessions_database',

69
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
Unescape View File

@ -850,7 +850,8 @@ sub struct {
},
specialHandlers => {
_nodes => [qw(zimbraHandler sympaHandler)],
_nodes =>
[qw(zimbraHandler sympaHandler secureTokenHandler)],
# Zimbra
zimbraHandler => {
@ -872,6 +873,20 @@ sub struct {
sympaSecret => 'text:/sympaSecret',
sympaMailKey => 'text:/sympaMailKey',
},
# Secure Token
secureTokenHandler => {
_nodes => [
qw(secureTokenMemcachedServers secureTokenExpiration secureTokenAttribute secureTokenUrls secureTokenHeader)
],
_help => 'securetoken',
secureTokenMemcachedServers =>
'text:/secureTokenMemcachedServers',
secureTokenExpiration => 'int:/secureTokenExpiration',
secureTokenAttribute => 'text:secureTokenAttribute',
secureTokenUrls => 'text:/secureTokenUrls',
secureTokenHeader => 'text:/secureTokenHeader',
},
},
logoutServices => {
@ -1773,6 +1788,13 @@ sub testStruct {
yubikeyClientID => $testNotDefined,
yubikeySecretKey => $testNotDefined,
yubikeyPublicIDSize => $integer,
# Secure Token
secureTokenMemcachedServers => $testNotDefined,
secureTokenExpiration => $integer,
secureTokenAttribute => $testNotDefined,
secureTokenUrls => $testNotDefined,
secureTokenHeader => $testNotDefined,
};
}
@ -1836,26 +1858,31 @@ sub defaultConf {
protection => 'none',
remoteGlobalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
securedCookie => '0',
singleSession => '0',
singleIP => '0',
singleUserByIP => '0',
Soap => '1',
SSLRequired => '0',
storePassword => '0',
syslog => '',
timeout => '72000',
timeoutActivity => '0',
userControl => '^[\w\.\-@]+$',
userDB => 'LDAP',
passwordDB => 'LDAP',
useRedirectOnError => '1',
useRedirectOnForbidden => '0',
useSafeJail => '1',
useXForwardedForIP => '0',
vhostPort => '-1',
vhostHttps => '-1',
whatToTrace => '$_whatToTrace',
yubikeyPublicIDSize => '12',
secureTokenMemcachedServers => '127.0.0.1:11211',
secureTokenExpiration => '60',
secureTokenAttribute => 'uid',
secureTokenUrls => '.*',
secureTokenHeader => 'Auth-Token',
singleSession => '0',
singleIP => '0',
singleUserByIP => '0',
Soap => '1',
SSLRequired => '0',
storePassword => '0',
syslog => '',
timeout => '72000',
timeoutActivity => '0',
userControl => '^[\w\.\-@]+$',
userDB => 'LDAP',
passwordDB => 'LDAP',
useRedirectOnError => '1',
useRedirectOnForbidden => '0',
useSafeJail => '1',
useXForwardedForIP => '0',
vhostPort => '-1',
vhostHttps => '-1',
whatToTrace => '$_whatToTrace',
yubikeyPublicIDSize => '12',
########
# SAML #
########

84
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
Unescape View File

@ -274,6 +274,12 @@ sub en {
remotePortal => 'Portal URL',
rules => 'Rules',
securedCookie => 'Secured Cookie (SSL)',
secureTokenAttribute => 'Attribute to store',
secureTokenExpiration => 'Token expiration',
secureTokenHandler => 'Secure Token',
secureTokenHeader => 'Header name',
secureTokenMemcachedServers => 'Memcached servers',
secureTokenUrls => 'Protected URLs',
security => 'Security',
session => 'session',
sessions => 'sessions',
@ -693,42 +699,48 @@ sub fr {
purgeNotification => 'Supprimer définitivement la notification',
randomPasswordRegexp =>
'Expression regulière pour la génération des mots de passe',
redirection => 'Redirections du Handler',
remoteCookieName => 'Nom du cookie',
remoteGlobalStorage => 'Module des sessions',
remoteGlobalStorageOptions => 'Options du module des sessions',
remoteParams => 'Paramètres Remote',
remotePortal => 'URL du portail',
rules => 'Règles',
securedCookie => 'Cookie sécurisé (SSL)',
security => 'Sécurité',
session => 'session',
sessions => 'sessions',
sessionDeleted => 'La session a été supprimée',
sessionParams => 'Sessions',
sessionStartedAt => 'Session démarrée le ',
sessionStorage => 'Stockage des sessions',
sessionTitle => 'Contenu de la session',
singleIP => 'Une seule IP par utilisateur',
singleSession => 'Une seule session par utilisateur',
singleUserByIP => 'Une seule adresse IP par utilisateur',
slaveAuthnLevel => 'Niveau d\'authentification',
slaveParams => 'Paramètres Slave',
slaveUserHeader => "En-tête identifiant l'utilisateur",
SMTPAuthPass => 'Mot de passe SMTP',
SMTPAuthUser => 'Utilisateur SMTP',
SMTPServer => 'Serveur SMTP',
soap => 'SOAP',
Soap => 'Activation',
soapAuthService => 'URL du portail',
soapSessionService => 'Point d\'accès SOAP des sessions',
specialHandlers => 'Handlers spéciaux',
SSLAuthnLevel => 'Niveau d\'authentification',
SSLLDAPField => 'Attribut LDAP pour le filtre',
sslParams => 'Paramètres SSL',
SSLRequire => 'SSL Requis',
SSLVar => 'Champ extrait du certificat',
startTime => 'Date de création',
redirection => 'Redirections du Handler',
remoteCookieName => 'Nom du cookie',
remoteGlobalStorage => 'Module des sessions',
remoteGlobalStorageOptions => 'Options du module des sessions',
remoteParams => 'Paramètres Remote',
remotePortal => 'URL du portail',
rules => 'Règles',
securedCookie => 'Cookie sécurisé (SSL)',
secureTokenAttribute => 'Attribut à stocker',
secureTokenExpiration => 'Expiration du jeton',
secureTokenHandler => 'Jeton sécurisé',
secureTokenHeader => "Nom de l'en-tête HTTP",
secureTokenMemcachedServers => 'Serveurs Memcached',
secureTokenUrls => 'URLs protégées',
security => 'Sécurité',
session => 'session',
sessions => 'sessions',
sessionDeleted => 'La session a été supprimée',
sessionParams => 'Sessions',
sessionStartedAt => 'Session démarrée le ',
sessionStorage => 'Stockage des sessions',
sessionTitle => 'Contenu de la session',
singleIP => 'Une seule IP par utilisateur',
singleSession => 'Une seule session par utilisateur',
singleUserByIP => 'Une seule adresse IP par utilisateur',
slaveAuthnLevel => 'Niveau d\'authentification',
slaveParams => 'Paramètres Slave',
slaveUserHeader => "En-tête identifiant l'utilisateur",
SMTPAuthPass => 'Mot de passe SMTP',
SMTPAuthUser => 'Utilisateur SMTP',
SMTPServer => 'Serveur SMTP',
soap => 'SOAP',
Soap => 'Activation',
soapAuthService => 'URL du portail',
soapSessionService => 'Point d\'accès SOAP des sessions',
specialHandlers => 'Handlers spéciaux',
SSLAuthnLevel => 'Niveau d\'authentification',
SSLLDAPField => 'Attribut LDAP pour le filtre',
sslParams => 'Paramètres SSL',
SSLRequire => 'SSL Requis',
SSLVar => 'Champ extrait du certificat',
startTime => 'Date de création',
storePassword => "Stocke le mot de passe de l'utilisateur en session",
sympaHandler => 'Sympa',
sympaMailKey => 'Clé de session pour le mail',

Write Preview
Loading…
Cancel
Save