Cadoles
/
eole-lemonldap
20
0
Fork 0
Code Issues 11 Pull Requests Releases Wiki Activity

Adding SSO auth page customisation

This commit is contained in:
Philippe Caseiro 2018-03-23 16:13:40 +01:00
parent 61b982607e
commit a5ce48110d
3 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
dicos/70_lemonldap_ng.xml
View File

@ -51,11 +51,23 @@
<variable name='ssoDebug' type='string' description="Activer le Debug pour la lib php-CAS" mode="expert"> <variable name='ssoDebug' type='string' description="Activer le Debug pour la lib php-CAS" mode="expert">
<value>non</value> <value>non</value>
</variable> </variable>
<variable name='llCheckLogins' type='oui/non' description="Permettre aux utilisateurs d'afficher l'historique de connection">
<value>non</value>
</variable>
<variable name='llResetPassword' type='oui/non' description="Permettre aux utilisateurs de réinitialiser leurs mots de passe">
<value>oui</value>
</variable>
<variable name='llRegisterAccount' type='oui/non' description="Permettre aux utilisateurs de créer un compte">
<value>oui</value>
</variable>
<variable name='llRegisterDB' type='string' description="Base de comptes pour l'enregistrement"/>
<variable name='llRegisterURL' type='string' description="Adresse de l'application de création de compte"/>
</family> </family>
<separators> <separators>
<separator name="managerWebName">Configuration DNS</separator> <separator name="managerWebName">Configuration DNS</separator>
<separator name="ldapScheme">Configuration LDAP</separator> <separator name="ldapScheme">Configuration LDAP</separator>
<separator name="casAttribute">Configuration CAS</separator> <separator name="casAttribute">Configuration CAS</separator>
<separator name="llCheckLogins">Personnalisation de la mire SSO</separator>
</separators> </separators>
</variables> </variables>
<constraints> <constraints>
@ -77,6 +89,9 @@
</fill> </fill>
<check name="valid_enum" target="ldapScheme"> <check name="valid_enum" target="ldapScheme">
<param>['ldaps','ldap']</param> <param>['ldaps','ldap']</param>
</check>
<check name="valid_enum" target="llRegisterDB">
<param>['LDAP','Demo','Custom']</param>
</check> </check>
<group master="casAttribute"> <group master="casAttribute">
<slave>casLDAPAttribute</slave> <slave>casLDAPAttribute</slave>
@ -88,6 +103,14 @@
<target type='family'>LemonLDAP</target> <target type='family'>LemonLDAP</target>
<target type='service_accesslist'>saLemon</target> <target type='service_accesslist'>saLemon</target>
</condition> </condition>
<condition name='disabled_if_in' source='llRegisterAccount'>
<param>non</param>
<target type='variable'>llRegisterDB</target>
</condition>
<condition name='disabled_if_not_in' source='llRegisterDB'>
<param>Custom</param>
<target type='variable'>llRegisterURL</target>
</condition>
</constraints> </constraints>
<help> <help>
<variable name='activerLemon'>Activer l'hébergement d'une place de marché HTTP pour OpenNebula</variable> <variable name='activerLemon'>Activer l'hébergement d'une place de marché HTTP pour OpenNebula</variable>
@ -95,5 +118,6 @@
<variable name='authWebName'>Nom DNS de service d'authentification de LemonLDAP::NG ex:auth.cadoles.com</variable> <variable name='authWebName'>Nom DNS de service d'authentification de LemonLDAP::NG ex:auth.cadoles.com</variable>
<variable name='ldapUserBaseDN'>DN de l'utilisateur de connection en lecture à l'annuaire (ex: cn=reader,o=gouv,c=fr)</variable> <variable name='ldapUserBaseDN'>DN de l'utilisateur de connection en lecture à l'annuaire (ex: cn=reader,o=gouv,c=fr)</variable>
<variable name='nginxBucketSize'>server_names_hash_bucket_size Taille du hash des noms de serveur pour NGINX</variable> <variable name='nginxBucketSize'>server_names_hash_bucket_size Taille du hash des noms de serveur pour NGINX</variable>
<variable name='llCheckLogins'>Affiche une case à cocher sur la mire SSO qui permet a l'utilisateur de voir l'historique de connection de son compte avant d'être redirigé vers le service demandé</variable>
</help> </help>
</creole> </creole>

6
tmpl/lemonldap-ng.ini
View File

@ -115,7 +115,11 @@ localStorageOptions={ \
;portalSkin = pastel ;portalSkin = pastel
; Modules displayed ; Modules displayed
;portalDisplayLogout = 1 ;portalDisplayLogout = 1
;portalDisplayResetPassword = 1 %if %%llResetPassword == "oui"
portalDisplayResetPassword = 1
%else
portalDisplayResetPassword = 0
%end if
;portalDisplayChangePassword = 1 ;portalDisplayChangePassword = 1
;portalDisplayAppslist = 1 ;portalDisplayAppslist = 1
;portalDisplayLoginHistory = 1 ;portalDisplayLoginHistory = 1

12
tmpl/lmConf-1.js
View File

@ -39,7 +39,9 @@
"%%managerWebName": {} "%%managerWebName": {}
}, },
"vhostOptions": { "vhostOptions": {
"%%managerWebName": {}, "%%managerWebName": {
"vhostHttps" : "1"
},
"test1.%%nom_domaine_local": {}, "test1.%%nom_domaine_local": {},
"test2.%%nom_domaine_local": {} "test2.%%nom_domaine_local": {}
}, },
@ -195,7 +197,11 @@
"mailSubject": "[LemonLDAP::NG] Your new password", "mailSubject": "[LemonLDAP::NG] Your new password",
"nginxCustomHandlers": {}, "nginxCustomHandlers": {},
"samlSPSSODescriptorAuthnRequestsSigned": 1, "samlSPSSODescriptorAuthnRequestsSigned": 1,
%if %%llResetPassword == "oui"
"portalDisplayResetPassword": 1, "portalDisplayResetPassword": 1,
%else
"portalDisplayResetPassword": 0,
%end if
"openIdSreg_timezone": "_timezone", "openIdSreg_timezone": "_timezone",
"infoFormMethod": "get", "infoFormMethod": "get",
"openIdAuthnLevel": 1, "openIdAuthnLevel": 1,
@ -342,7 +348,11 @@
"activeTimer": 1, "activeTimer": 1,
"cda": 0, "cda": 0,
"samlServicePublicKeySig": "", "samlServicePublicKeySig": "",
%if %%llCheckLogins == "oui"
"portalCheckLogins": 1, "portalCheckLogins": 1,
%else
"portalCheckLogins": 0,
%end if
"CAS_authnLevel": 1, "CAS_authnLevel": 1,
"macros": { "macros": {
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\"" "_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\""