lemonldap-ng issueshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues2019-05-28T19:57:28Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1708lmerror page loops on url parameter2019-05-28T19:57:28ZYaddlmerror page loops on url parameterlmerror calls `controlUrl()` which set url parameter in persistent data. Then user loops on this page when clicking to Portal links.lmerror calls `controlUrl()` which set url parameter in persistent data. Then user loops on this page when clicking to Portal links.2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1707Allow hashes in Combination/Choice module overload2019-04-09T19:26:20ZMaxime BessonAllow hashes in Combination/Choice module overload### Summary
Currently, there doesn't seem to be a way to override a hash-valued parameter in a Combination module.
For instance, if I want to have two different LDAP servers, each returning a different set of attributes :
![Clipboard_...### Summary
Currently, there doesn't seem to be a way to override a hash-valued parameter in a Combination module.
For instance, if I want to have two different LDAP servers, each returning a different set of attributes :
![Clipboard_-_9_avril_2019_17_28](/uploads/4c7a550c22ea1d83f4e463ea3df6ea2b/Clipboard_-_9_avril_2019_17_28.png)
This currently doesn't work, instead, all attributes from both LDAP servers must be defined on the shared LDAP module configuration, but this is not very flexible and might lead to conflicts.
### Design proposition
Maybe allowing JSON in that field?2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1700Update AuthBasic handler doc : REST server is required2023-10-08T16:40:55ZChris AUpdate AuthBasic handler doc : REST server is required### Concerned version
Version: %"2.0.2"
Platform: Nginx
### Summary
Authentication via basic auth using LDAP seems to lose track of its sessions. It correctly authenticates to LDAP, but then denies the client. This creates many se...### Concerned version
Version: %"2.0.2"
Platform: Nginx
### Summary
Authentication via basic auth using LDAP seems to lose track of its sessions. It correctly authenticates to LDAP, but then denies the client. This creates many sessions in the database, one for each client connection, which can quickly overload the database.
### Logs
```
pr 02 21:52:51 janus2 LLNG[27146]: Session c8023fb986d5c2e0928ab64d83465516 can't be retrieved
Apr 02 21:52:51 janus2 LLNG[27146]: Session cannot be tied: Object does not exist in the data store at /usr/share/perl5/vendor_perl/Apache/Session/Store/File.pm line 98.
Apr 02 21:52:51 janus2 LLNG[27146]: Good REST authentication for systems.test
Apr 02 21:52:51 janus2 LLNG[27146]: Session c8023fb986d5c2e0928ab64d83465516 can't be retrieved
Apr 02 21:52:51 janus2 LLNG[27146]: Session cannot be tied: Object does not exist in the data store at /usr/share/perl5/vendor_perl/Apache/Session/Store/File.pm line 98.
Apr 02 21:52:54 janus2 LLNG[27148]: Session c8023fb986d5c2e0928ab64d83465516 can't be retrieved
Apr 02 21:52:54 janus2 LLNG[27148]: Session cannot be tied: Object does not exist in the data store at /usr/share/perl5/vendor_perl/Apache/Session/Store/File.pm line 98.
Apr 02 21:52:56 janus2 LLNG[27148]: Good REST authentication for systems.test
Apr 02 21:52:56 janus2 LLNG[27148]: Session c8023fb986d5c2e0928ab64d83465516 can't be retrieved
Apr 02 21:52:56 janus2 LLNG[27148]: Session cannot be tied: Object does not exist in the data store at /usr/share/perl5/vendor_perl/Apache/Session/Store/File.pm line 98.
Apr 02 21:52:57 janus2 LLNG[27152]: Session c8023fb986d5c2e0928ab64d83465516 can't be retrieved
Apr 02 21:52:57 janus2 LLNG[27152]: Session cannot be tied: Object does not exist in the data store at /usr/share/perl5/vendor_perl/Apache/Session/Store/File.pm line 98.
Apr 02 21:52:59 janus2 LLNG[27152]: Good REST authentication for systems.test
Apr 02 21:52:59 janus2 LLNG[27152]: Session c8023fb986d5c2e0928ab64d83465516 can't be retrieved
Apr 02 21:52:59 janus2 LLNG[27152]: Session cannot be tied: Object does not exist in the data store at /usr/share/perl5/vendor_perl/Apache/Session/Store/File.pm line 98.
```
### Backends used
Authentication/Users/Password = LDAP
localStorage=Cache::FileCache
Session storage = Apache::Session::File (was LDAP, but changed due to the number of sessions being written)2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1697Command-line tool to delete session for specific user(s)2019-04-10T21:17:22ZRoberto RAMOS Roberto RAMOSCommand-line tool to delete session for specific user(s)Hi,
Is it possible to delete session for specific user(s) based on userid or mail ?.
RegardsHi,
Is it possible to delete session for specific user(s) based on userid or mail ?.
Regards2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1687Add granted log for user and connexion informations2019-03-27T21:13:13ZAntoine RosierAdd granted log for user and connexion informationsLogging user action :
Missing granted user action into logs, like in previous lemonldap versions.
Message : "Session granted for user...."
Missing IP user address.
Add type authentification (LDAP, SSL, SAML, etc....)Logging user action :
Missing granted user action into logs, like in previous lemonldap versions.
Message : "Session granted for user...."
Missing IP user address.
Add type authentification (LDAP, SSL, SAML, etc....)2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1686SOAP Portal WSDL file is invalid2019-04-15T06:15:03ZJulien LedouxSOAP Portal WSDL file is invalid### Concerned version
Version: 2.0.2
Platform: Docker / CentOS 7 / Apache 2.4.6 (mpm prefork)
### Summary
SOAP Portal WSDL file is invalid
I know Soap web services are deprecated, but the functionality is still available so I tried ...### Concerned version
Version: 2.0.2
Platform: Docker / CentOS 7 / Apache 2.4.6 (mpm prefork)
### Summary
SOAP Portal WSDL file is invalid
I know Soap web services are deprecated, but the functionality is still available so I tried it out but I can't import portal wsdl file into Soap UI. It says something is wrong with the file. I don't have this issue with 1.9.x
![Capture_d_écran_2019-03-26_à_18.33.49](/uploads/2c9f5bfbee82e740040d0822bcbc4f69/Capture_d_écran_2019-03-26_à_18.33.49.png)
![Capture_d_écran_2019-03-26_à_18.33.30](/uploads/54ef81ca2a4dd54dcbe1ca6ca601050d/Capture_d_écran_2019-03-26_à_18.33.30.png)2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1673Application list display and specific rules2019-03-25T18:35:07ZCarl R.Application list display and specific rules### Concerned version
Version: %2.0.2
Platform: (Nginx/Apache/Node.js)
### Summary
Application display does not always respect defined specific rule
### Logs
```
no logs
```
### Backends used
For any bug on configuration/sessions...### Concerned version
Version: %2.0.2
Platform: (Nginx/Apache/Node.js)
### Summary
Application display does not always respect defined specific rule
### Logs
```
no logs
```
### Backends used
For any bug on configuration/sessions storage, give us details on backends
### Possible fixes
I tried to identify the bug and found that it seems to come from what's called the "cache". Once i commented it, every application is rightfully displayed or hidden, respectfully to the defined special appdisplay rule :
in /usr/share/perl5/vendor_perl/Lemonldap/NG/Portal/Main/Menu.pm :
```
## @method private string _filterHash(hashref apphash)
# Remove unauthorized menu elements
# @param $apphash Menu elements
# @return filtered hash
sub _filterHash {
my ( $self, $req, $apphash ) = @_;
foreach my $key ( keys %$apphash ) {
next if $key =~ /(type|options|catname)/;
if ( $apphash->{$key}->{type}
and $apphash->{$key}->{type} eq "category" )
{
# Filter the category
$self->_filterHash( $req, $apphash->{$key} );
}
if ( $apphash->{$key}->{type}
and $apphash->{$key}->{type} eq "application" )
{
# Find sub applications and filter them
foreach my $appkey ( keys %{ $apphash->{$key} } ) {
next if $appkey =~ /(type|options|catname)/;
# We have sub elements, so we filter them
$self->_filterHash( $req, $apphash->{$key} );
}
# Check rights
my $appdisplay = $apphash->{$key}->{options}->{display}
|| "auto";
my ( $vhost, $appuri ) =
$apphash->{$key}->{options}->{uri} =~ m#^https?://([^/]*)(.*)#;
$vhost =~ s/:\d+$//;
$vhost = $self->p->HANDLER->resolveAlias($vhost);
$appuri ||= '/';
# Remove if display is "no" or "off"
delete $apphash->{$key} and next if ( $appdisplay =~ /^(no|off)$/ );
# Keep node if display is "yes" or "on"
next if ( $appdisplay =~ /^(yes|on)$/ );
my $cond = undef;
# Handle partner rules (SAML, CAS or OIDC)
if ( $appdisplay =~ /^sp:\s*(.*)$/ ) {
$self->logger->warn("jepassedanssamlcasoidc");#pouet
my $p = $1;
if ( my $sub = $self->p->spRules->{$p} ) {
eval {
delete $apphash->{$key}
unless ( $sub->( $req, $req->sessionInfo ) );
};
if ($@) {
$self->logger->error("Partner rule $p returns: $@");
}
}
next;
}
# If a specific rule exists, get it from cache or compile it
if ( $appdisplay !~ /^auto$/i ) {
# if ( $self->specific->{$appuri} ) {
# $cond = $self->specific->{$appuri};
# }
# else {
$cond = $self->specific->{$appuri} =
$self->p->HANDLER->buildSub(
$self->p->HANDLER->substitute($appdisplay) );
# }
}
# Check grant function if display is "auto" (this is the default)
delete $apphash->{$key}
unless (
$self->p->HANDLER->grant(
$req, $req->sessionInfo, $appuri, $cond, $vhost
)
);
next;
}
}
}
```2.0.3YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1657Session Dates timestamps language and formatting issue2019-03-25T21:14:55ZDave ConroySession Dates timestamps language and formatting issueWith a development copy of 2.0.1 (2.0.2 fails for me, will create issue after I have diagnosed properly) looking at the Session Explorer using the english language I find a mixture or formatting for the date/timestamps. See attached phot...With a development copy of 2.0.1 (2.0.2 fails for me, will create issue after I have diagnosed properly) looking at the Session Explorer using the english language I find a mixture or formatting for the date/timestamps. See attached photo:
![image](/uploads/f90d95cd5673be94cac96715a39bf99a/image.png)
Creation, Update Date seem to be using a different structure reversing the M/DD/YYYY format in previous releases along with accented characters.2.0.3YaddYadd