diff --git a/tmpl/lmConf-1.js b/tmpl/lmConf-1.js deleted file mode 100644 index 60af145..0000000 --- a/tmpl/lmConf-1.js +++ /dev/null @@ -1,441 +0,0 @@ -%set %%ssoFilters = %%getSSOFilters -{ - "ldapGroupAttributeNameUser": "dn", - "cfgAuthorIP": "172.16.0.1", - "samlSPMetaDataXML": null, - "facebookAuthnLevel": 1, - "mailConfirmSubject": "[LemonLDAP::NG] Password reset confirmation", - "secureTokenAttribute": "uid", - "singleSession": 0, - "registerConfirmSubject": "[LemonLDAP::NG] Account register confirmation", - "CAS_pgtFile": "/tmp/pgt.txt", - "cookieName": "lemonldap", - "slaveExportedVars": {}, - "whatToTrace": "_whatToTrace", - "oidcRPMetaDataOptions": {}, - "notifyDeleted": 1, - "useRedirectOnError": 1, - "samlSPMetaDataExportedAttributes": null, - "ldapPwdEnc": "utf-8", - "openIdSPList": "0;", - "samlNameIDFormatMapEmail": "mail", - "samlSPMetaDataOptions": null, - "issuerDBOpenIDRule": 1, - "casStorageOptions": {}, - "mailFrom": "noreply@%%nom_domaine_local", - "timeoutActivity": 0, - "oidcRPMetaDataExportedVars": {}, - "issuerDBSAMLActivation": 0, - "issuerDBCASPath": "^/%%casFolder/", - "randomPasswordRegexp": "[A-Z]{3}[a-z]{5}.\\d{2}", - "samlIDPSSODescriptorSingleSignOnServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleSignOnSOAP;", - "samlSPSSODescriptorSingleLogoutServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn", - "exportedHeaders": { - "test1.%%nom_domaine_local": { - "Auth-User": "$uid" - }, - "test2.%%nom_domaine_local": { - "Auth-User": "$uid" - }, - "%%managerWebName": {} - }, - "vhostOptions": { - "%%managerWebName": { - "vhostHttps" : "1" - }, - "test1.%%nom_domaine_local": {}, - "test2.%%nom_domaine_local": {} - }, - "radiusAuthnLevel": 3, - "dbiAuthnLevel": 2, - "ldapPasswordResetAttribute": "pwdReset", - "ldapGroupObjectClass": "groupOfNames", - "apacheAuthnLevel": 4, - "samlNameIDFormatMapKerberos": "uid", - "groups": {}, - "securedCookie": 0, - "httpOnly": 1, - "yubikeyAuthnLevel": 3, - "ADPwdMaxAge": 0, - "samlUseQueryStringSpecific": 0, - "loginHistoryEnabled": 1, - "samlSPSSODescriptorSingleLogoutServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;", - "failedLoginNumber": 5, - "samlServicePrivateKeyEncPwd": "", - "portalForceAuthnInterval": 0, - "cfgLog": "", - "samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn", - "exportedVars": { - "UA": "HTTP_USER_AGENT", -%for att in %%casAttribute - "%%att": "%%att", -%end for -%set %%idx = 0 -%set %%size = %%len(%%ssoFilters) - 1 -%for key,value in %%ssoFilters - %if %%idx == %%size - "%%key": "%%value" - %else - "%%key": "%%value", - %end if - %set %%idx += 1 -%end for - }, - "notificationStorage": "File", - "applicationList": { - "1sample": { - "test2": { - "options": { - "name": "Application Test 2", - "logo": "thumbnail.png", - "uri": "https://test2.%%nom_domaine_local/", - "display": "auto", - "description": "The same simple application displaying authenticated user" - }, - "type": "application" - }, - "type": "category", - "catname": "Sample applications", - "test1": { - "type": "application", - "options": { - "description": "A simple application displaying authenticated user", - "uri": "https://test1.%%nom_domaine_local/", - "logo": "demo.png", - "display": "auto", - "name": "Application Test 1" - } - } - }, - "2administration": { - "notifications": { - "options": { - "name": "Notifications explorer", - "display": "auto", - "description": "Explore WebSSO notifications", - "uri": "https://%%managerWebName/notifications.pl", - "logo": "database.png" - }, - "type": "application" - }, - "manager": { - "options": { - "uri": "https://%%managerWebName/", - "display": "auto", - "description": "Configure LemonLDAP::NG WebSSO", - "logo": "configure.png", - "name": "WebSSO Manager" - }, - "type": "application" - }, - "type": "category", - "sessions": { - "type": "application", - "options": { - "description": "Explore WebSSO sessions", - "uri": "https://%%managerWebName/sessions.pl", - "logo": "database.png", - "display": "auto", - "name": "Sessions explorer" - } - }, - "catname": "Administration" - }, - "3documentation": { - "catname": "Documentation", - "officialwebsite": { - "type": "application", - "options": { - "name": "Offical Website", - "description": "Official LemonLDAP::NG Website", - "logo": "network.png", - "display": "on", - "uri": "http://lemonldap-ng.org/" - } - }, - "type": "category", - "localdoc": { - "options": { - "logo": "help.png", - "description": "Documentation supplied with LemonLDAP::NG", - "display": "on", - "uri": "https://%%managerWebName/doc/", - "name": "Local documentation" - }, - "type": "application" - } - } - }, - "userControl": "^[\\w\\.\\-@]+$", - "timeout": 72000, - "portalAntiFrame": 1, - "SMTPServer": "", - "ldapTimeout": 120, - "samlAuthnContextMapPasswordProtectedTransport": 3, - "ldapUsePasswordResetAttribute": 1, - "ldapPpolicyControl": 0, - "casAttributes": { -%for att in %%casAttribute - "%%att": "%%att.casLDAPAttribute", -%end for -%set %%idx = 0 -%set %%size = %%len(%%ssoFilters) - 1 -%for key,value in %%ssoFilters - %if %%idx == %%size - "%%key": "%%key" - %else - "%%key": "%%key", - %end if - %set %%idx += 1 -%end for - }, - "issuerDBSAMLPath": "^/saml/", - "samlAttributeAuthorityDescriptorAttributeServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;", - "portalDisplayAppslist": 1, - "confirmFormMethod": "post", - "domain": "%%nom_domaine_local", - "cfgNum": "1", - "authentication": "LDAP", - "samlNameIDFormatMapWindows": "uid", - "authChoiceModules": {}, - "ldapGroupAttributeName": "member", - "samlServicePrivateKeySigPwd": "", - "googleAuthnLevel": 1, - "successLoginNumber": 5, - "localSessionStorageOptions": { - "cache_root": "/tmp", - "namespace": "lemonldap-ng-sessions", - "default_expires_in": 600, - "directory_umask": "007", - "cache_depth": 3 - }, - "samlSPSSODescriptorArtifactResolutionServiceArtifact": "1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact", - "portalRequireOldPassword": 1, - "samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;", - "ADPwdExpireWarning": 0, - "yubikeyPublicIDSize": 12, - "ldapGroupAttributeNameGroup": "dn", - "oidcRPMetaDataOptionsExtraClaims": null, - "ldapGroupRecursive": 0, - "mailSubject": "[LemonLDAP::NG] Your new password", - "nginxCustomHandlers": {}, - "samlSPSSODescriptorAuthnRequestsSigned": 1, -%if %%llResetPassword == "oui" - "portalDisplayResetPassword": 1, -%else - "portalDisplayResetPassword": 0, -%end if - "openIdSreg_timezone": "_timezone", - "infoFormMethod": "get", - "openIdAuthnLevel": 1, - "openIdSreg_nickname": "uid", - "samlServicePublicKeyEnc": "", - "userDB": "LDAP", - "grantSessionRules": {}, - "remoteGlobalStorage": "Lemonldap::NG::Common::Apache::Session::SOAP", - "reloadUrls": { - "%%reloadWebName": "https://%%reloadWebName/reload" - }, - "registerTimeout": 0, - "samlIDPSSODescriptorSingleSignOnServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;", - "slaveAuthnLevel": 2, - "samlIDPSSODescriptorSingleLogoutServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn", - "Soap": 1, -%set %%RegisterDB=%%getVar('llRegisterDB', 'Demo') -%if %%RegisterDB == "Custom" - "registerDB": "Null", -%else - "registerDB": "%%RegisterDB", -%end if - "locationRules": { - "%%managerWebName": { - "default": "$uid eq \"%%lemonAdmin\"" - }, - "test1.%%nom_domaine_local": { - "default": "accept", - "^/logout": "logout_sso" - }, - "test2.%%nom_domaine_local": { - "default": "accept", - "^/logout": "logout_sso" - } - }, - "portalDisplayChangePassword": "$_auth =~ /^(LDAP|DBI|Demo)$/", - "hideOldPassword": 0, -%if %%is_file(%%ldapBindUserPassword) - "managerPassword": "%%readPass("", %%ldapBindUserPassword)", -%else - "managerPassword": "%%ldapBindUserPassword", -%end if - "authChoiceParam": "lmAuth", - "lwpSslOpts": {}, - "portalSkinRules": {}, - "issuerDBOpenIDPath": "^/openidserver/", - "redirectFormMethod": "get", - "portalDisplayRegister": 1, - "secureTokenMemcachedServers": "127.0.0.1:11211", - "notificationStorageOptions": { - "dirName": "/var/lib/lemonldap-ng/notifications" - }, - "browserIdAuthnLevel": 1, - "portalUserAttr": "_user", - "ldapVersion": 3, - "sessionDataToRemember": {}, - "samlNameIDFormatMapX509": "mail", - "managerDn": "%%ldapBindUserDN", - "mailSessionKey": "mail", - "openIdSreg_email": "mail", - "localSessionStorage": "Cache::FileCache", - "persistentStorage": "Apache::Session::File", - "mailOnPasswordChange": 0, - "captchaStorage": "Apache::Session::File", - "remoteGlobalStorageOptions": { - "proxy": "https://%%authWebName/index.pl/sessions", - "ns": "https://%%authWebName/Lemonldap/NG/Common/CGI/SOAPService" - }, - "passwordDB": "LDAP", - "captcha_size": 6, - "mailCharset": "utf-8", - "facebookExportedVars": {}, - "nullAuthnLevel": 2, - "singleIP": 0, - "dbiExportedVars": {}, - "portalSkin": "bootstrap", - "storePassword": 0, - "hiddenAttributes": "_password", - "samlServicePrivateKeySig": "", - "globalStorage": "Apache::Session::File", - "notificationWildcard": "allusers", - "portalForceAuthn": 0, - "samlMetadataForceUTF8": 1, - "secureTokenUrls": ".*", - "secureTokenAllowOnError": 1, - "samlAuthnContextMapTLSClient": 5, - "ldapAllowResetExpiredPassword": 0, - "oidcOPMetaDataExportedVars": {}, - "notifyOther": 0, - "secureTokenExpiration": 60, - "captcha_mail_enabled": 0, - "samlStorageOptions": {}, - "samlOrganizationDisplayName": "Example", - "trustedProxies": "", - "secureTokenHeader": "Auth-Token", - "issuerDBCASActivation": 1, - "samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;", - "samlSPSSODescriptorSingleLogoutServiceHTTPRedirect": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn", - "samlIDPMetaDataXML": {}, - "oidcStorageOptions": {}, - "cfgDate": 1519998069, - "samlAuthnContextMapPassword": 2, - "portalDisplayLoginHistory": 1, - "ldapPasswordResetAttributeValue": "TRUE", - "ldapServer": "%%ldapScheme://%%ldapServer", - "samlIDPSSODescriptorSingleLogoutServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;", - "samlIDPMetaDataExportedAttributes": null, - "samlServicePrivateKeyEnc": "", - "useRedirectOnForbidden": 0, - "captcha_login_enabled": 0, - "https": 0, - "checkXSS": 1, - "ldapSetPassword": 0, - "portalPingInterval": 60000, - "captchaStorageOptions": { - "Directory": "/var/lib/lemonldap-ng/captcha/" - }, - "useSafeJail": 1, - "registerDoneSubject": "[LemonLDAP::NG] Your new account", - "issuerDBCASRule": 1, - "samlAuthnContextMapKerberos": 4, - "ldapGroupAttributeNameSearch": "cn", - "logoutServices": {}, - "samlIDPSSODescriptorWantAuthnRequestsSigned": 1, - "portalDisplayLogout": 1, - "issuerDBGetParameters": {}, - "googleExportedVars": {}, - "openIdSreg_fullname": "cn", - "samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact": "1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact", - "demoExportedVars": { - "mail": "mail", - "uid": "uid", - "cn": "cn" - }, - "oidcOPMetaDataJSON": null, - "samlIdPResolveCookie": "lemonldapidp", - "samlRelayStateTimeout": 600, - "samlOrganizationURL": "https://auth.%%nom_domaine_local", - "globalStorageOptions": { - "Directory": "/var/lib/lemonldap-ng/sessions", - "LockDirectory": "/var/lib/lemonldap-ng/sessions/lock" - }, - "ldapExportedVars": { - "mail": "mail", - "cn": "cn", - "uid": "uid" - }, - "webIDExportedVars": {}, - "activeTimer": 1, - "cda": 0, - "samlServicePublicKeySig": "", -%if %%llCheckLogins == "oui" - "portalCheckLogins": 1, -%else - "portalCheckLogins": 0, -%end if - "CAS_authnLevel": 1, - "macros": { - "_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\"" - }, - "samlIDPMetaDataOptions": null, - "twitterAuthnLevel": 1, - "openIdExportedVars": {}, - "captcha_register_enabled": 1, - "oidcOPMetaDataJWKS": null, - "webIDAuthnLevel": 1, - "issuerDBOpenIDActivation": "1", -%if %%is_empty(%%llResetUrl) - "mailUrl": "https://%%authWebName/mail.pl", -%else - "mailUrl": "%%llResetUrl", -%end if - "maintenance": 0, - "jsRedirect": 0, - "cfgAuthor": "Cadoles", - "persistentStorageOptions": { - "LockDirectory": "/var/lib/lemonldap-ng/psessions/lock", - "Directory": "/var/lib/lemonldap-ng/psessions" - }, - "SSLAuthnLevel": 5, - "oidcServiceMetaDataAuthnContext": {}, - "samlIDPSSODescriptorArtifactResolutionServiceArtifact": "1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact", - "notification": 1, - "ldapChangePasswordAsUser": 0, - "CAS_proxiedServices": {}, - "key": "e\"bTCt3*eU9^\\V%b", - "portal": "https://%%authWebName/", - "singleSessionUserByIP": 0, - "portalOpenLinkInNewWindow": 0, - "post": { - "test2.%%nom_domaine_local": {}, - "test1.%%nom_domaine_local": {}, - "%%managerWebName": {} - }, - "samlSPSSODescriptorAssertionConsumerServiceHTTPPost": "0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost", - "issuerDBSAMLRule": 1, - "samlCommonDomainCookieActivation": 0, - "syslog": "", - "ldapBase": "%%ldapUserBaseDN", - "ldapAuthnLevel": 2, - "mailTimeout": 0, - "samlEntityID": "#PORTAL#/saml/metadata", - "oidcOPMetaDataOptions": null, - "samlSPSSODescriptorWantAssertionsSigned": 1, - "samlOrganizationName": "%%samlOrganizationName", -%if %%RegisterDB == "Custom" - "registerUrl": "%%llRegisterURL", -%else - "registerUrl": "https://%%authWebName/register.pl", -%end if - "casAccessControlPolicy": "none", - "multiValuesSeparator": ";", - "ldapPort": %%ldapServerPort -}