Compare commits

...

112 Commits

Author SHA1 Message Date
Philippe Caseiro 16bdcef9c9 Merge branch 'master' into dist/eole/2.7.2/master 2021-03-03 16:24:30 +01:00
Philippe Caseiro 3f41daca79 Merge branch 'master' into dist/eole/2.7.2/master 2021-02-03 17:18:28 +01:00
Philippe Caseiro e81cc93e01 Merge branch 'master' into dist/eole/2.7.2/master 2021-02-03 15:49:37 +01:00
Philippe Caseiro 6258856478 Merge branch 'master' into dist/eole/2.7.2/master 2021-02-03 15:44:53 +01:00
Philippe Caseiro 7084e18a11 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2021-01-29 10:51:41 +01:00
Philippe Caseiro 0f0e822069 Fix Register button display 2021-01-29 10:51:24 +01:00
Philippe Caseiro acb1e51d09 Merge branch 'master' into dist/eole/2.7.2/master 2021-01-29 10:10:24 +01:00
Philippe Caseiro 534784d296 Merge branch 'master' into dist/eole/2.7.2/master 2021-01-28 11:04:52 +01:00
Philippe Caseiro 0388ccb095 Adding missing dep for libio-socket-timeout-perl 2021-01-28 11:03:55 +01:00
Philippe Caseiro 432f61b73c Fix control file 2020-12-28 18:48:20 +01:00
Philippe Caseiro 7b79e99bc2 Adding libmouse-perl dep 2020-12-28 18:27:44 +01:00
Philippe Caseiro f672982f98 Update depends 2020-12-22 16:20:25 +01:00
Philippe Caseiro 1af49f9fb9 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-12-21 16:12:12 +01:00
Philippe Caseiro b6ba914978 2.7.2 uses python 2 and not python3 2020-12-21 16:10:54 +01:00
Philippe Caseiro e6c9c8213a Merge branch 'master' into dist/eole/2.7.2/master 2020-12-18 16:54:16 +01:00
Philippe Caseiro ecfbc63a38 Merge branch 'master' into dist/eole/2.7.2/master 2020-12-11 15:46:53 +01:00
Philippe Caseiro 65f53a45b6 Merge branch 'master' into dist/eole/2.7.2/master 2020-12-09 17:56:17 +01:00
Philippe Caseiro de5ce3b797 Adding compat file 2020-12-09 10:33:04 +01:00
Philippe Caseiro 9687572302 Try to fix packaging 2020-12-09 10:17:34 +01:00
Philippe Caseiro 3ea07a6ea2 Fix copyright 2020-12-09 10:03:25 +01:00
Philippe Caseiro 771247ef0a Fix depends 2020-12-09 09:51:25 +01:00
Philippe Caseiro 9c967b27ed Merge packaging from upstream 2020-12-09 09:42:51 +01:00
Philippe Caseiro 9b8e8acce3 Merge branch 'master' into dist/eole/2.7.2/master 2020-12-09 09:29:03 +01:00
Philippe Caseiro b9b6176453 Updating packaging from eole 2020-12-09 09:28:26 +01:00
Philippe Caseiro 846b92b90f Merge branch 'master' into dist/eole/2.7.2/master 2020-11-26 17:14:12 +01:00
Philippe Caseiro 25c5bf5768 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-26 16:58:39 +01:00
Philippe Caseiro 28af340a58 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-26 16:53:14 +01:00
Philippe Caseiro 55a6529380 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-26 14:09:28 +01:00
Philippe Caseiro b6cf7bb9e3 Fix bad merge 2020-11-26 14:04:51 +01:00
Philippe Caseiro ed37cb6666 fix conflict 2020-11-26 13:50:37 +01:00
Philippe Caseiro 774d06913b Fix conflict 2020-11-26 13:22:55 +01:00
Philippe Caseiro 7912544665 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 14:45:14 +01:00
Philippe Caseiro e348aa7381 Fix daemon default configuration 2020-11-24 14:45:02 +01:00
Philippe Caseiro 66c57c702b Fix missing dep 2020-11-24 14:41:09 +01:00
Philippe Caseiro 6aa8c6ceff Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 14:33:28 +01:00
Philippe Caseiro dfeb49f3d6 Fix missing sso port 2020-11-24 14:33:17 +01:00
Philippe Caseiro 5ccad1d1f7 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 14:27:36 +01:00
Philippe Caseiro 36fe95a0ca Adding eolesso_cas_folder variable redefine 2020-11-24 14:27:23 +01:00
Philippe Caseiro 2c8a46ab16 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 14:22:43 +01:00
Philippe Caseiro 7ea9061878 Adding missing dep 2020-11-24 14:22:18 +01:00
Philippe Caseiro 027d549e18 we now need eole-ldapclient 2020-11-24 14:20:54 +01:00
Philippe Caseiro 0fda6b9e59 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 14:17:13 +01:00
Philippe Caseiro 48c524c555 Fix ldap_tls redefine 2020-11-24 14:17:00 +01:00
Philippe Caseiro f5c5681d5e Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 14:00:29 +01:00
Philippe Caseiro 24d49c49e3 Fix ldap_tls missing variable 2020-11-24 14:00:20 +01:00
Philippe Caseiro e5b6b94f7c Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 13:54:24 +01:00
Philippe Caseiro 578090525e Fix dicos 2020-11-24 13:54:10 +01:00
Philippe Caseiro 21a8bc8b91 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 13:50:40 +01:00
Philippe Caseiro 25006949e8 Fix redefine for eolebase compat 2020-11-24 13:50:29 +01:00
Philippe Caseiro f6fb864962 Merge branch '2.7.2/master' into dist/eole/2.7.2/master 2020-11-24 13:31:42 +01:00
Philippe Caseiro faac2bb213 Merge branch 'master' into 2.7.2/master 2020-11-24 13:31:11 +01:00
Philippe Caseiro 944dbed98a Cleanup merge fail 2020-11-24 13:27:45 +01:00
vfebvre c1478b7e77 parent d08c965ee8
author vfebvre <vfebvre@cadoles.com> 1599144265 +0200
committer Philippe Caseiro <pcaseiro@cadoles.com> 1606220045 +0100

Corrections diverses
2020-11-24 13:19:52 +01:00
Philippe Caseiro 25f36f63a0 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-24 11:08:57 +01:00
Philippe Caseiro fd4ee5dc87 Fix reset password bug 2020-11-24 11:08:33 +01:00
Philippe Caseiro 9a7db5bd01 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-24 10:54:09 +01:00
Philippe Caseiro 70a1c26d53 Fix disable if in 2020-11-24 10:53:58 +01:00
Philippe Caseiro c150f446c8 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-24 09:32:41 +01:00
Philippe Caseiro 09fcd2eacb Disable service 2020-11-24 09:31:12 +01:00
Philippe Caseiro 6bf3f75087 Don't run postservice if service is disabled 2020-11-24 09:30:08 +01:00
Philippe Caseiro 0a5f0f7d94 Merge branch 'master' into dist/eole/2.7.2/master 2020-11-20 14:45:38 +01:00
Philippe Caseiro beb6341981 Fix llResetUrl bugé 2020-11-20 14:44:51 +01:00
Philippe Caseiro b81f96f0dd Merge branch 'master' into dist/eole/2.7.2/master 2020-11-20 14:35:46 +01:00
Philippe Caseiro eafbc3bd8a Fix typo 2020-11-20 14:34:56 +01:00
Philippe Caseiro 46c699813e Merge branch 'master' into dist/eole/2.7.2/master 2020-11-20 14:30:07 +01:00
Philippe Caseiro 7e3f6d3408 Updating readme 2020-11-20 11:16:29 +01:00
Philippe Caseiro 84ad8d7fbd Merge branch 'master' into dist/eole/2.7.2/master 2020-11-20 11:07:45 +01:00
Philippe Caseiro edc22cacc2 Fix help and variable type 2020-11-20 11:06:51 +01:00
vfebvre 8f5885406f Merge branch 'master' into dist/eole/2.7.2/master 2020-09-10 15:10:07 +02:00
vfebvre eb06eaaf5a Merge branch 'develop' into staging 2020-09-10 15:05:11 +02:00
vfebvre eb15ad0846 Merge branch 'develop' into dist/eole/2.7.2/develop 2020-09-03 16:57:11 +02:00
vfebvre 22f5af608e passage en 2.7.2 2020-09-03 16:47:31 +02:00
Arnaud Fornerot 667384db1f Merge branch 'develop' into dist/eole/2.6.2/develop 2020-01-16 09:28:07 +01:00
Arnaud Fornerot 01d1cb3811 Merge branch 'develop' into dist/eole/2.6.2/develop 2020-01-16 09:13:39 +01:00
Benjamin Bohard 26d696d6f8 Merge branch 'develop' into dist/eole/2.6.2/develop 2019-12-12 12:12:37 +01:00
Philippe Caseiro 11aca56f4e Merge branch 'develop' into dist/eole/2.6.2/develop 2019-09-13 16:08:34 +02:00
Philippe Caseiro 85f8f7b079 adding install file for eole-lemonldap package 2019-07-22 15:53:56 +02:00
Philippe Caseiro 2d8082913c Ajout d'un paquet eole-lemonldap-pkg 2019-07-22 15:34:50 +02:00
Benjamin Bohard a53fe39db1 Fixing syntax error in debian/control 2019-07-15 11:20:51 +02:00
Benjamin Bohard 44ee4421c1 Merge branch 'develop' into dist/eole/2.6.2/develop 2019-07-15 11:10:39 +02:00
Benjamin Bohard 24a5264933 Update package dependencies 2019-07-15 10:54:57 +02:00
Philippe Caseiro f5631ff980 French documentation is no longer maintened
This package does not exists for 2.x versions
2019-07-08 15:35:53 +02:00
afornerot c9eebbb0a5 Merge branch 'master' into dist/eole/2.6.2/master 2018-09-13 14:37:01 +02:00
Philippe Caseiro c7c5f08b7a Merge branch 'master' into dist/eole/2.6.2/master 2018-04-12 09:27:39 +02:00
Philippe Caseiro 889010cfe7 Merge branch 'master' into dist/eole/2.6.2/master 2018-04-09 14:32:24 +02:00
Philippe Caseiro f0d6325cf5 Merge branch 'master' into dist/eole/2.6.2/master 2018-04-09 13:30:56 +02:00
Philippe Caseiro 3b4d3ccb41 Adding missing perl library for lemonldap-ng-cli command
This is mandatory to refresh the cache
2018-04-09 13:26:59 +02:00
Philippe Caseiro 66be6dc37e Merge branch 'master' into dist/eole/2.6.2/master 2018-03-27 12:27:19 +02:00
Philippe Caseiro 08ed6a21dc Merge branch 'master' into dist/eole/2.6.2/master 2018-03-26 11:31:14 +02:00
Philippe Caseiro faf2a361db Merge branch 'master' into dist/eole/2.6.2/master 2018-03-21 15:31:05 +01:00
Philippe Caseiro 7ae579b670 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-21 14:22:00 +01:00
Philippe Caseiro baa4dca9de Merge branch 'master' into dist/eole/2.6.2/master 2018-03-21 14:18:42 +01:00
Philippe Caseiro 849c3f0a88 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-21 14:15:00 +01:00
Philippe Caseiro 6f1cb45eac Merge branch 'master' into dist/eole/2.6.2/master 2018-03-21 12:29:44 +01:00
Philippe Caseiro 4916317d30 Setting up an conflict with eole-sso, this replace eole-sso so
we had also a Provides eole-sso
2018-03-21 12:29:09 +01:00
Philippe Caseiro b7556a03b8 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-19 16:12:38 +01:00
Philippe Caseiro f1defd2626 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-16 10:49:06 +01:00
Philippe Caseiro 7269e252de Merge branch 'master' into dist/eole/2.6.2/master 2018-03-13 10:49:05 +01:00
Philippe Caseiro 9e64f5ca8d Merge branch 'master' into dist/eole/2.6.2/master 2018-03-13 10:24:36 +01:00
Philippe Caseiro 84f41d0196 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-09 16:10:23 +01:00
Philippe Caseiro b90eb474f5 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-09 15:08:45 +01:00
Philippe Caseiro d69f20c896 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-09 14:30:05 +01:00
Philippe Caseiro 658013c177 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-09 12:01:42 +01:00
Philippe Caseiro 35edad1538 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-08 16:58:04 +01:00
Philippe Caseiro 32d336e37b Merge branch 'master' into dist/eole/2.6.2/master 2018-03-08 16:51:00 +01:00
Philippe Caseiro 4b26fc5c38 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-08 16:38:06 +01:00
Philippe Caseiro 904abd02a4 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-08 16:11:59 +01:00
Philippe Caseiro e2f656f9f8 Merge branch 'master' into dist/eole/2.6.2/master 2018-03-08 16:04:28 +01:00
Philippe Caseiro e5ada4d3eb Merge branch 'master' into dist/eole/2.6.2/master 2018-03-08 15:47:47 +01:00
Philippe Caseiro dab8085a83 Adding missing Depends for eole-lemonldap 2018-03-06 16:12:59 +01:00
Philippe Caseiro ad490d3810 Fix typo 2018-03-05 16:55:22 +01:00
Philippe Caseiro 0fc774cd05 Adding Debian packaging 2018-03-05 16:48:11 +01:00
12 changed files with 566 additions and 1 deletions

View File

@ -31,7 +31,7 @@ def getSSOFilters():
""" Convert former eole-sso filters to LemonLDAP filters
"""
import glob
from configparser import ConfigParser
from ConfigParser import ConfigParser
try:
filters = { 'uid': "uid", "mail": "mail" }

1
debian/compat vendored Normal file
View File

@ -0,0 +1 @@
10

56
debian/control vendored Normal file
View File

@ -0,0 +1,56 @@
Source: eole-lemonldap
Section: web
Priority: optional
Maintainer: Équipe EOLE <eole@ac-dijon.fr>
Build-Depends: debhelper (>= 9)
Standards-Version: 3.9.3
Homepage: https://dev-eole.ac-dijon.fr/projects/sso
Vcs-Git: https://dev-eole.ac-dijon.fr/git/eole-lemonldap-ng.git
Vcs-Browser: https://dev-eole.ac-dijon.fr/projects/sso/repository
Package: eole-lemonldap
Architecture: all
Depends: eole-lemonldap-pkg,
${misc:Depends}
Description: Dictionnaires et templates pour la configuration d'un serveur LemonLDAP::NG
Pour toute information complémentaire, veuillez vous rendre sur le
site du projet EOLE.
Package: eole-lemonldap-ng-scribe
Architecture: all
Depends: eole-scribe,
eole-lemonldap,
libapache2-mod-perl2,
${misc:Depends}
Description: Dictionnaire pour calculer les valeurs automatiquement sur Scribe
.
Pour toute information complémentaire, veuillez vous rendre sur le
site du projet EOLE.
Package: eole-lemonldap-pkg
Architecture: all
Section: metapackages
Depends: lemonldap-ng,
lemonldap-ng-doc,
lemonldap-ng-fastcgi-server,
lemonldap-ng-handler,
liblemonldap-ng-handler-perl,
liblemonldap-ng-manager-perl,
liblemonldap-ng-portal-perl,
libauthen-captcha-perl,
libauthen-sasl-perl,
libemail-sender-perl,
libgd-securityimage-perl,
libimage-magick-perl,
libio-string-perl,
liblasso-perl,
libmouse-perl,
libnet-ldap-perl,
libunicode-string-perl,
libmime-tools-perl,
libio-socket-timeout-perl,
libnet-openid-server-perl,
${misc:Depends}
Description: Paquet de dépendances pour eole-lemonldap.
.
Pour toute information complémentaire, veuillez vous rendre sur la forge Cadoles.

37
debian/copyright vendored Normal file
View File

@ -0,0 +1,37 @@
Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: {PROJECT}
Source: ${URL}
Files: *
Copyright: 2020 Équipe EOLE <eole@ac-dijon.fr>
License: CeCILL-C
License: CeCILL-C
This software is governed by the CeCILL-C license under French law and
abiding by the rules of distribution of free software. You can use,
modify and or redistribute the software under the terms of the CeCILL-C
license as circulated by CEA, CNRS and INRIA at the following URL
"http://www.cecill.info";.
.
As a counterpart to the access to the source code and rights to copy,
modify and redistribute granted by the license, users are provided only
with a limited warranty and the software's author, the holder of the
economic rights, and the successive licensors have only limited
liability.
.
In this respect, the user's attention is drawn to the risks associated
with loading, using, modifying and/or developing or reproducing the
software by the user in light of its specific status of free software,
that may mean that it is complicated to manipulate, and that also
therefore means that it is reserved for developers and experienced
professionals having in-depth computer knowledge. Users are therefore
encouraged to load and test the software's suitability as regards their
requirements in conditions enabling the security of their systems and/or
data to be ensured and, more generally, to use and operate it in the
same conditions as regards security.
.
The fact that you are presently reading this means that you have had
knowledge of the CeCILL-C license and that you accept its terms.
.
On Eole systems, the complete text of the CeCILL-C License can be found
in `/usr/share/common-licenses/CeCILL-2'.

View File

@ -0,0 +1,2 @@
usr/share/eole/creole/dicos/71_lemonldap_ng_scribe.xml
usr/share/eole/postservice/98-lemonldap-ng-scribe-register-hosts

6
debian/eole-lemonldap.install vendored Normal file
View File

@ -0,0 +1,6 @@
usr/share/creole/
usr/share/eole/creole/dicos/70_lemonldap_ng.xml
usr/share/eole/creole/distrib/
usr/share/eole/diagnose/
usr/share/eole/postservice/99-lemonldap-ng
usr/share/eole/posttemplate/

3
debian/gbp.conf vendored Normal file
View File

@ -0,0 +1,3 @@
# Set per distribution debian tag
[DEFAULT]
debian-tag = debian/eole/%(version)s

9
debian/rules vendored Executable file
View File

@ -0,0 +1,9 @@
#!/usr/bin/make -f
# -*- makefile -*-
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
#export DH_OPTIONS=-v
%:
dh $@

BIN
debian/source/.format.un~ vendored Normal file

Binary file not shown.

1
debian/source/format vendored Normal file
View File

@ -0,0 +1 @@
3.0 (native)

443
tmpl/lmConf-1.js Normal file
View File

@ -0,0 +1,443 @@
%set %%ssoFilters = %%getSSOFilters
{
"ldapGroupAttributeNameUser": "dn",
"cfgAuthorIP": "172.16.0.1",
"samlSPMetaDataXML": null,
"facebookAuthnLevel": 1,
"mailConfirmSubject": "[LemonLDAP::NG] Password reset confirmation",
"secureTokenAttribute": "uid",
"singleSession": 0,
"registerConfirmSubject": "[LemonLDAP::NG] Account register confirmation",
"CAS_pgtFile": "/tmp/pgt.txt",
"cookieName": "lemonldap",
"slaveExportedVars": {},
"whatToTrace": "_whatToTrace",
"oidcRPMetaDataOptions": {},
"notifyDeleted": 1,
"useRedirectOnError": 1,
"samlSPMetaDataExportedAttributes": null,
"ldapPwdEnc": "utf-8",
"openIdSPList": "0;",
"samlNameIDFormatMapEmail": "mail",
"samlSPMetaDataOptions": null,
"issuerDBOpenIDRule": 1,
"casStorageOptions": {},
"mailFrom": "noreply@%%nom_domaine_local",
"timeoutActivity": 0,
"oidcRPMetaDataExportedVars": {},
"issuerDBSAMLActivation": 0,
"issuerDBCASPath": "^/%%casFolder/",
"randomPasswordRegexp": "[A-Z]{3}[a-z]{5}.\\d{2}",
"samlIDPSSODescriptorSingleSignOnServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleSignOnSOAP;",
"samlSPSSODescriptorSingleLogoutServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn",
"exportedHeaders": {
"test1.%%nom_domaine_local": {
"Auth-User": "$uid"
},
"test2.%%nom_domaine_local": {
"Auth-User": "$uid"
},
"%%managerWebName": {}
},
"vhostOptions": {
"%%managerWebName": {
"vhostHttps" : "1"
},
"test1.%%nom_domaine_local": {},
"test2.%%nom_domaine_local": {}
},
"radiusAuthnLevel": 3,
"dbiAuthnLevel": 2,
"ldapPasswordResetAttribute": "pwdReset",
"ldapGroupObjectClass": "groupOfNames",
"apacheAuthnLevel": 4,
"samlNameIDFormatMapKerberos": "uid",
"groups": {},
"securedCookie": 0,
"httpOnly": 1,
"yubikeyAuthnLevel": 3,
"ADPwdMaxAge": 0,
"samlUseQueryStringSpecific": 0,
"loginHistoryEnabled": 1,
"samlSPSSODescriptorSingleLogoutServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;",
"failedLoginNumber": 5,
"samlServicePrivateKeyEncPwd": "",
"portalForceAuthnInterval": 0,
"cfgLog": "",
"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn",
"exportedVars": {
"UA": "HTTP_USER_AGENT",
%for att in %%casAttribute
"%%att": "%%att",
%end for
%set %%idx = 0
%set %%size = %%len(%%ssoFilters) - 1
%for key,value in %%ssoFilters
%if %%idx == %%size
"%%key": "%%value"
%else
"%%key": "%%value",
%end if
%set %%idx += 1
%end for
},
"notificationStorage": "File",
"applicationList": {
"1sample": {
"test2": {
"options": {
"name": "Application Test 2",
"logo": "thumbnail.png",
"uri": "https://test2.%%nom_domaine_local/",
"display": "auto",
"description": "The same simple application displaying authenticated user"
},
"type": "application"
},
"type": "category",
"catname": "Sample applications",
"test1": {
"type": "application",
"options": {
"description": "A simple application displaying authenticated user",
"uri": "https://test1.%%nom_domaine_local/",
"logo": "demo.png",
"display": "auto",
"name": "Application Test 1"
}
}
},
"2administration": {
"notifications": {
"options": {
"name": "Notifications explorer",
"display": "auto",
"description": "Explore WebSSO notifications",
"uri": "https://%%managerWebName/notifications.pl",
"logo": "database.png"
},
"type": "application"
},
"manager": {
"options": {
"uri": "https://%%managerWebName/",
"display": "auto",
"description": "Configure LemonLDAP::NG WebSSO",
"logo": "configure.png",
"name": "WebSSO Manager"
},
"type": "application"
},
"type": "category",
"sessions": {
"type": "application",
"options": {
"description": "Explore WebSSO sessions",
"uri": "https://%%managerWebName/sessions.pl",
"logo": "database.png",
"display": "auto",
"name": "Sessions explorer"
}
},
"catname": "Administration"
},
"3documentation": {
"catname": "Documentation",
"officialwebsite": {
"type": "application",
"options": {
"name": "Offical Website",
"description": "Official LemonLDAP::NG Website",
"logo": "network.png",
"display": "on",
"uri": "http://lemonldap-ng.org/"
}
},
"type": "category",
"localdoc": {
"options": {
"logo": "help.png",
"description": "Documentation supplied with LemonLDAP::NG",
"display": "on",
"uri": "https://%%managerWebName/doc/",
"name": "Local documentation"
},
"type": "application"
}
}
},
"userControl": "^[\\w\\.\\-@]+$",
"timeout": 72000,
"portalAntiFrame": 1,
"SMTPServer": "",
"ldapTimeout": 120,
"samlAuthnContextMapPasswordProtectedTransport": 3,
"ldapUsePasswordResetAttribute": 1,
"ldapPpolicyControl": 0,
"casAttributes": {
%for att in %%casAttribute
"%%att": "%%att.casLDAPAttribute",
%end for
%set %%idx = 0
%set %%size = %%len(%%ssoFilters) - 1
%for key,value in %%ssoFilters
%if %%idx == %%size
"%%key": "%%key"
%else
"%%key": "%%key",
%end if
%set %%idx += 1
%end for
},
"issuerDBSAMLPath": "^/saml/",
"samlAttributeAuthorityDescriptorAttributeServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;",
"portalDisplayAppslist": 1,
"confirmFormMethod": "post",
"domain": "%%nom_domaine_local",
"cfgNum": "1",
"authentication": "LDAP",
"samlNameIDFormatMapWindows": "uid",
"authChoiceModules": {},
"ldapGroupAttributeName": "member",
"samlServicePrivateKeySigPwd": "",
"googleAuthnLevel": 1,
"successLoginNumber": 5,
"localSessionStorageOptions": {
"cache_root": "/tmp",
"namespace": "lemonldap-ng-sessions",
"default_expires_in": 600,
"directory_umask": "007",
"cache_depth": 3
},
"samlSPSSODescriptorArtifactResolutionServiceArtifact": "1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact",
"portalRequireOldPassword": 1,
"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;",
"ADPwdExpireWarning": 0,
"yubikeyPublicIDSize": 12,
"ldapGroupAttributeNameGroup": "dn",
"oidcRPMetaDataOptionsExtraClaims": null,
"ldapGroupRecursive": 0,
"mailSubject": "[LemonLDAP::NG] Your new password",
"nginxCustomHandlers": {},
"samlSPSSODescriptorAuthnRequestsSigned": 1,
%if %%llResetPassword == "oui"
"portalDisplayResetPassword": 1,
%else
"portalDisplayResetPassword": 0,
%end if
"openIdSreg_timezone": "_timezone",
"infoFormMethod": "get",
"openIdAuthnLevel": 1,
"openIdSreg_nickname": "uid",
"samlServicePublicKeyEnc": "",
"userDB": "LDAP",
"grantSessionRules": {},
"remoteGlobalStorage": "Lemonldap::NG::Common::Apache::Session::SOAP",
"reloadUrls": {
"%%reloadWebName": "https://%%reloadWebName/reload"
},
"registerTimeout": 0,
"samlIDPSSODescriptorSingleSignOnServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;",
"slaveAuthnLevel": 2,
"samlIDPSSODescriptorSingleLogoutServiceHTTPPost": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn",
"Soap": 1,
%set %%RegisterDB=%%getVar('llRegisterDB', 'Demo')
%if %%RegisterDB == "Custom"
"registerDB": "Null",
%else
"registerDB": "%%RegisterDB",
%end if
"locationRules": {
"%%managerWebName": {
"default": "$uid eq \"%%lemonAdmin\""
},
"test1.%%nom_domaine_local": {
"default": "accept",
"^/logout": "logout_sso"
},
"test2.%%nom_domaine_local": {
"default": "accept",
"^/logout": "logout_sso"
}
},
"portalDisplayChangePassword": "$_auth =~ /^(LDAP|DBI|Demo)$/",
"hideOldPassword": 0,
%if %%is_file(%%ldapBindUserPassword)
"managerPassword": "%%readPass("", %%ldapBindUserPassword)",
%else
"managerPassword": "%%ldapBindUserPassword",
%end if
"authChoiceParam": "lmAuth",
"lwpSslOpts": {},
"portalSkinRules": {},
"issuerDBOpenIDPath": "^/openidserver/",
"redirectFormMethod": "get",
"portalDisplayRegister": 1,
"secureTokenMemcachedServers": "127.0.0.1:11211",
"notificationStorageOptions": {
"dirName": "/var/lib/lemonldap-ng/notifications"
},
"browserIdAuthnLevel": 1,
"portalUserAttr": "_user",
"ldapVersion": 3,
"sessionDataToRemember": {},
"samlNameIDFormatMapX509": "mail",
"managerDn": "%%ldapBindUserDN",
"mailSessionKey": "mail",
"openIdSreg_email": "mail",
"localSessionStorage": "Cache::FileCache",
"persistentStorage": "Apache::Session::File",
"mailOnPasswordChange": 0,
"captchaStorage": "Apache::Session::File",
"remoteGlobalStorageOptions": {
"proxy": "https://%%authWebName/index.pl/sessions",
"ns": "https://%%authWebName/Lemonldap/NG/Common/CGI/SOAPService"
},
"passwordDB": "LDAP",
"captcha_size": 6,
"mailCharset": "utf-8",
"facebookExportedVars": {},
"nullAuthnLevel": 2,
"singleIP": 0,
"dbiExportedVars": {},
"portalSkin": "bootstrap",
"storePassword": 0,
"hiddenAttributes": "_password",
"samlServicePrivateKeySig": "",
"globalStorage": "Apache::Session::File",
"notificationWildcard": "allusers",
"portalForceAuthn": 0,
"samlMetadataForceUTF8": 1,
"secureTokenUrls": ".*",
"secureTokenAllowOnError": 1,
"samlAuthnContextMapTLSClient": 5,
"ldapAllowResetExpiredPassword": 0,
"oidcOPMetaDataExportedVars": {},
"notifyOther": 0,
"secureTokenExpiration": 60,
"captcha_mail_enabled": 0,
"samlStorageOptions": {},
"samlOrganizationDisplayName": "Example",
"trustedProxies": "",
"secureTokenHeader": "Auth-Token",
"issuerDBCASActivation": 1,
"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;",
"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn",
"samlIDPMetaDataXML": {},
"oidcStorageOptions": {},
"cfgDate": 1519998069,
"samlAuthnContextMapPassword": 2,
"portalDisplayLoginHistory": 1,
"ldapPasswordResetAttributeValue": "TRUE",
"ldapServer": "%%ldapScheme://%%ldapServer",
"samlIDPSSODescriptorSingleLogoutServiceSOAP": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;",
"samlIDPMetaDataExportedAttributes": null,
"samlServicePrivateKeyEnc": "",
"useRedirectOnForbidden": 0,
"captcha_login_enabled": 0,
"https": 0,
"checkXSS": 1,
"ldapSetPassword": 0,
"portalPingInterval": 60000,
"captchaStorageOptions": {
"Directory": "/var/lib/lemonldap-ng/captcha/"
},
"useSafeJail": 1,
"registerDoneSubject": "[LemonLDAP::NG] Your new account",
"issuerDBCASRule": 1,
"samlAuthnContextMapKerberos": 4,
"ldapGroupAttributeNameSearch": "cn",
"logoutServices": {},
"samlIDPSSODescriptorWantAuthnRequestsSigned": 1,
"portalDisplayLogout": 1,
"issuerDBGetParameters": {},
"googleExportedVars": {},
"openIdSreg_fullname": "cn",
"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact": "1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact",
"demoExportedVars": {
"mail": "mail",
"uid": "uid",
"cn": "cn"
},
"oidcOPMetaDataJSON": null,
"samlIdPResolveCookie": "lemonldapidp",
"samlRelayStateTimeout": 600,
"samlOrganizationURL": "https://auth.%%nom_domaine_local",
"globalStorageOptions": {
"Directory": "/var/lib/lemonldap-ng/sessions",
"LockDirectory": "/var/lib/lemonldap-ng/sessions/lock"
},
"ldapExportedVars": {
"mail": "mail",
"cn": "cn",
"uid": "uid"
},
"webIDExportedVars": {},
"activeTimer": 1,
"cda": 0,
"samlServicePublicKeySig": "",
%if %%llCheckLogins == "oui"
"portalCheckLogins": 1,
%else
"portalCheckLogins": 0,
%end if
"CAS_authnLevel": 1,
"macros": {
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\""
},
"samlIDPMetaDataOptions": null,
"twitterAuthnLevel": 1,
"openIdExportedVars": {},
"captcha_register_enabled": 1,
"oidcOPMetaDataJWKS": null,
"webIDAuthnLevel": 1,
"issuerDBOpenIDActivation": "1",
%if %%llResetPassword == "oui"
%if %%is_empty(%%llResetUrl)
"mailUrl": "https://%%authWebName/mail.pl",
%else
"mailUrl": "%%llResetUrl",
%end if
%end if
"maintenance": 0,
"jsRedirect": 0,
"cfgAuthor": "Cadoles",
"persistentStorageOptions": {
"LockDirectory": "/var/lib/lemonldap-ng/psessions/lock",
"Directory": "/var/lib/lemonldap-ng/psessions"
},
"SSLAuthnLevel": 5,
"oidcServiceMetaDataAuthnContext": {},
"samlIDPSSODescriptorArtifactResolutionServiceArtifact": "1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact",
"notification": 1,
"ldapChangePasswordAsUser": 0,
"CAS_proxiedServices": {},
"key": "e\"bTCt3*eU9^\\V%b",
"portal": "https://%%authWebName/",
"singleSessionUserByIP": 0,
"portalOpenLinkInNewWindow": 0,
"post": {
"test2.%%nom_domaine_local": {},
"test1.%%nom_domaine_local": {},
"%%managerWebName": {}
},
"samlSPSSODescriptorAssertionConsumerServiceHTTPPost": "0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost",
"issuerDBSAMLRule": 1,
"samlCommonDomainCookieActivation": 0,
"syslog": "",
"ldapBase": "%%ldapUserBaseDN",
"ldapAuthnLevel": 2,
"mailTimeout": 0,
"samlEntityID": "#PORTAL#/saml/metadata",
"oidcOPMetaDataOptions": null,
"samlSPSSODescriptorWantAssertionsSigned": 1,
"samlOrganizationName": "%%samlOrganizationName",
%if %%RegisterDB == "Custom"
"registerUrl": "%%llRegisterURL",
%else
"registerUrl": "https://%%authWebName/register.pl",
%end if
"casAccessControlPolicy": "none",
"multiValuesSeparator": ";",
"ldapPort": %%ldapServerPort
}

View File

@ -224,6 +224,13 @@
"macros": {
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\""
},
"samlIDPMetaDataOptions": null,
"twitterAuthnLevel": 1,
"openIdExportedVars": {},
"captcha_register_enabled": 1,
"oidcOPMetaDataJWKS": null,
"webIDAuthnLevel": 1,
"issuerDBOpenIDActivation": "1",
"mailCharset": "utf-8",
"mailConfirmSubject": "[LemonLDAP::NG] Password reset confirmation",
"mailFrom": "noreply@%%nom_domaine_local",