lemonldap-ng issueshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues2020-01-30T12:53:52Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/60Squid handler2020-01-30T12:53:52ZYaddSquid handlerIn some cases, using Squid can be more interresting than Apache for reverse-proxies. Using the same interface than SquidGuard, it seems be possible to build a handlerIn some cases, using Squid can be more interresting than Apache for reverse-proxies. Using the same interface than SquidGuard, it seems be possible to build a handler3.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/290Dynamic output filters are not called on /2017-12-05T18:36:05ZClément OUDOTDynamic output filters are not called on /We use sometimes output filter, injected dynamically (with $r->add_output_filter), for example to manage logout or form replay. Recently I used this with the SecureToken Handler.
But it seems we have a little bug. The output filter is a...We use sometimes output filter, injected dynamically (with $r->add_output_filter), for example to manage logout or form replay. Recently I used this with the SecureToken Handler.
But it seems we have a little bug. The output filter is always called, except if the URI is '/'. It is maybe a side effect of DocumentIndex? I will try to send a mail to mod_perl users mailing list to get more information.
This is not a critical bug, as our filters are often executed on URI not equal to '/'.Backloghttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/321Use references from URI regexp in rules2020-01-29T07:04:56ZClément OUDOTUse references from URI regexp in rulesThe idea is to catch a string in the uri to be used in the rule, like :
```
/groupe-(\d+) => $groups =~ /groupe$1/
```
This need to be done in all modules that use the "grant" function. Seems not really easy, planning this for a la...The idea is to catch a string in the uri to be used in the rule, like :
```
/groupe-(\d+) => $groups =~ /groupe$1/
```
This need to be done in all modules that use the "grant" function. Seems not really easy, planning this for a later release3.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/480Floating menu is not localized2018-08-08T21:21:14ZDaniel B.Floating menu is not localizedThe floating menu is great, but texts Home and Logout are hardcoded. Would it be possible to localize this ?The floating menu is great, but texts Home and Logout are hardcoded. Would it be possible to localize this ?Backloghttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/482Rules for maintenance mode2019-11-21T17:36:36ZDaniel B.Rules for maintenance modeThe new maintenance mode is a great idea, but it would be better if it was possible to enable it with specific rules, for example, we could set:
$groups !~ /\badmins\b/
so users get the maintenance message, but members of the admins gr...The new maintenance mode is a great idea, but it would be better if it was possible to enable it with specific rules, for example, we could set:
$groups !~ /\badmins\b/
so users get the maintenance message, but members of the admins group can upgrade the app and check everything is OK before removing the maintenance mode.3.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/610Sympa 6 Auto login2017-12-05T18:36:13ZFlorian PradenSympa 6 Auto loginHi,
Since Sympa v6.0, the sharing of the sympa auth is no more possible via the cookie
See: http://www.sympa.org/manual_6.0/authentication#sharing_wwsympa_s_authentication_with_other_applications
For now, I added a new handler to do ...Hi,
Since Sympa v6.0, the sharing of the sympa auth is no more possible via the cookie
See: http://www.sympa.org/manual_6.0/authentication#sharing_wwsympa_s_authentication_with_other_applications
For now, I added a new handler to do it, which interact directly with the Sympa database.
Sympa6AutoLogin.pm and SympaSession.pm (which is a copy (part of it) of the Sympa perl module)
SympaHandler is the handler to adapt to config.
It's in alpha state.
Another possibility for a "near" future: https://sourcesup.cru.fr/tracker/index.php?func=detail&aid=4056&group_id=23&atid=170
Best,
--
FlorianBackloghttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/977Problem with accents characters in SOAP Requests2018-12-04T08:29:39ZRichard PhanProblem with accents characters in SOAP RequestsHi,
I have a critical bug, I use SOAP for using sessions, but, when there are accents in sessions information, the handlers send increasingly large POST requests to /index.pl/adminSessions :
```
lemonldap [11/Mar/2016:14:52:16 +0100] "...Hi,
I have a critical bug, I use SOAP for using sessions, but, when there are accents in sessions information, the handlers send increasingly large POST requests to /index.pl/adminSessions :
```
lemonldap [11/Mar/2016:14:52:16 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 146080 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:52:41 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 146080 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:53:41 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 277152 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:54:51 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 539296 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:56:01 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 1063584 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:57:02 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 2112160 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:57:16 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 4209312 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:58:07 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 4209312 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:59:32 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 8403616 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:14:59:37 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 8403616 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:01:48 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 16792224 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:01:54 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 16792224 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:02:51 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 33569440 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:02:46 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 33569440 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:03:35 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 33569440 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:03:28 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 33569440 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:02:40 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 33569440 "-" "SOAP::Lite/Perl/1.1"
lemonldap [11/Mar/2016:15:03:22 +0100] "POST /index.pl/adminSessions HTTP/1.1" 200 33569440 "-" "SOAP::Lite/Perl/1.1"
...
```
A request SOAP size may exceed 60 MB !
I dump all my mysql request and here is a request extract which show the problem when contain a accent is replace by strange repeat characters :
```
UPDATE sessions SET a_session = '^E ^Y\0\0\0\0^_^D^Y\0\0\0\0^A^D^B\0\0\0^E^D^Y\0\0\0\0^B^W\rXXX.XX.XXX.XX^B\0\0\0^FipAddr^W\n1456741132^B\0\0\0^F_utime^D^Y\0\0\0\0^B^W\rXXX.XX.XXX.XX^B\0\0\0^FipAddr^W\n1455876018^B\0\0\
0^F_utime^D^Y\0\0\0\0^B^W\rXXX.XX.XXX.XX^B\0\0\0^FipAddr^W\n1455874416^B\0\0\0^F_utime^D^Y\0\0\0\0^B^W\rXXX.XX.XXX.XX^B\0\0\0^FipAddr^W\n1455793697^B\0\0\0^F_utime^D^Y\0\0\0\0^B^W\rXXX.XX.XXX.XX^B\0\0\0^FipAddr^W\n1455712268^B\0\0\
0^F_utime^B\0\0\0^LsuccessLogin^B\0\0\0^LloginHistory^A\0\0^B^KJosÃ<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â
<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â
<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â
<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â
<U+0082>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0083>Ã<U+0082>Â<U+0083>Ã<U+0083>Â<U+0082>Ã<U+0082>Â<U+0082>Ã<U+0083>Â
<U+0083>Ã<U+0082>Â<U+0082>Ã<U+0083>Â<U+0082>Ã<U+0082>...
```
As you see, the word José is remplaced by JosÃ<U+0083>Â<U+0083>Ã<U+0082>...
Any Idea ?
Regards
In discussionhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/982CPAN Tests fails for Lemonldap-NG-Handler2017-12-05T18:36:14ZClément OUDOTCPAN Tests fails for Lemonldap-NG-HandlerSee for example http://www.cpantesters.org/cpan/report/3c076310-eeaf-11e5-a54c-72f12867457e
```
# Failed test 'use Lemonldap::NG::Handler::Reload;'
# at t/01-Lemonldap-NG-Handler-Main.t line 13.
# Tried to use 'Lemonldap::NG::H...See for example http://www.cpantesters.org/cpan/report/3c076310-eeaf-11e5-a54c-72f12867457e
```
# Failed test 'use Lemonldap::NG::Handler::Reload;'
# at t/01-Lemonldap-NG-Handler-Main.t line 13.
# Tried to use 'Lemonldap::NG::Handler::Reload'.
# Error: Can't locate Crypt/Rijndael.pm in @INC (you may need to install the Crypt::Rijndael module) (@INC contains: /home/smoker/.cpan/build/Lemonldap-NG-Handler-1.9.0-9WfX7U/blib/lib /home/smoker/.cpan/build/Lemonldap-NG-Handler-1.9.0-9WfX7U/blib/arch /home/smoker/.cpan/build/Apache-Session-1.93-CgGkg9/blib/arch /home/smoker/.cpan/build/Apache-Session-1.93-CgGkg9/blib/lib /home/smoker/.cpan/build/SOAP-Lite-1.19-yOFk7q/blib/arch /home/smoker/.cpan/build/SOAP-Lite-1.19-yOFk7q/blib/lib /home/smoker/.cpan/build/HTML-Template-2.95-MzfoMr/blib/arch /home/smoker/.cpan/build/HTML-Template-2.95-MzfoMr/blib/lib /home/smoker/.cpan/build/Lemonldap-NG-Common-1.9.0-m1TDwz/blib/arch /home/smoker/.cpan/build/Lemonldap-NG-Common-1.9.0-m1TDwz/blib/lib /home/smoker/perl5/lib/perl5/5.23.8/x86_64-linux /home/smoker/perl5/lib/perl5/5.23.8/x86_64-linux /home/smoker/perl5/lib/perl5/5.23.8 /home/smoker/perl5/lib/perl5/x86_64-linux /home/smoker/perl5/lib/perl5/5.23.8/x86_64-linux /home/smoker/perl5/lib/perl5/5.23.8 /home/smoker/perl5/lib/perl5/x86_64-linux /home/smoker/perl5/lib/perl5 /home/smoker/.cpan/build/Apache-Session-1.93-CgGkg9/blib/arch /home/smoker/.cpan/build/Apache-Session-1.93-CgGkg9/blib/lib /home/smoker/.cpan/build/SOAP-Lite-1.19-yOFk7q/blib/arch /home/smoker/.cpan/build/SOAP-Lite-1.19-yOFk7q/blib/lib /home/smoker/.cpan/build/HTML-Template-2.95-MzfoMr/blib/arch /home/smoker/.cpan/build/HTML-Template-2.95-MzfoMr/blib/lib /home/smoker/.cpan/build/Lemonldap-NG-Common-1.9.0-m1TDwz/blib/arch /home/smoker/.cpan/build/Lemonldap-NG-Common-1.9.0-m1TDwz/blib/lib /home/smoker/perl5/lib/perl5/5.23.8/x86_64-linux /home/smoker/perl5/lib/perl5/5.23.8 /home/smoker/perl5/lib/perl5/x86_64-linux /home/smoker/perl5/lib/perl5 /home/smoker/perl5/perlbrew/perls/perl-5.23.8/lib/site_perl/5.23.8/x86_64-linux /home/smoker/perl5/perlbrew/perls/perl-5.23.8/lib/site_perl/5.23.8 /home/smoker/perl5/perlbrew/perls/perl-5.23.8/lib/5.23.8/x86_64-linux /home/smoker/perl5/perlbrew/perls/perl-5.23.8/lib/5.23.8 .) at /home/smoker/.cpan/build/Lemonldap-NG-Common-1.9.0-m1TDwz/blib/lib/Lemonldap/NG/Common/Crypto.pm line 12.
# BEGIN failed--compilation aborted at /home/smoker/.cpan/build/Lemonldap-NG-Common-1.9.0-m1TDwz/blib/lib/Lemonldap/NG/Common/Crypto.pm line 12.
# Compilation failed in require at /home/smoker/.cpan/build/Lemonldap-NG-Handler-1.9.0-9WfX7U/blib/lib/Lemonldap/NG/Handler/Reload.pm line 12.
# BEGIN failed--compilation aborted at /home/smoker/.cpan/build/Lemonldap-NG-Handler-1.9.0-9WfX7U/blib/lib/Lemonldap/NG/Handler/Reload.pm line 12.
# Compilation failed in require at t/01-Lemonldap-NG-Handler-Main.t line 13.
# BEGIN failed--compilation aborted at t/01-Lemonldap-NG-Handler-Main.t line 13.
# Looks like you planned 10 tests but ran 2.
# Looks like you failed 1 test of 2 run.
# Looks like your test exited with 25 just after 2.
t/01-Lemonldap-NG-Handler-Main.t .........
Dubious, test returned 25 (wstat 6400, 0x1900)
Failed 9/10 subtests
t/02-Lemonldap-NG-Handler-Main-Portal.t .. ok
```
Dependency to Crypt::Rijndael seems missing.In discussionhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1167Manage multi tenancy (multi tenant) with Apache2018-02-07T13:07:54ZClément OUDOTManage multi tenancy (multi tenant) with ApacheWe already discussed about this feature. The goal is to have one LL::NG installation that can be used for several tenants (clients/domains/etc.)
I think the work that is needed is:
* Be able to set the lemonldap-ng.ini file to use as an...We already discussed about this feature. The goal is to have one LL::NG installation that can be used for several tenants (clients/domains/etc.)
I think the work that is needed is:
* Be able to set the lemonldap-ng.ini file to use as an environment variable in Nginx/Apache virtual hosts
* Be able to separate caches between tenant, maybe be having the tenant ID as primary cache level
With different lemonldap-ng.ini per tenant, it is then really easy to isolate configuration/sessions for each tenant.Backloghttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1240Access rules redirection with nginx2017-12-05T18:36:14ZIsmael DuprasAccess rules redirection with nginxI try to use logout_sso with an url to redirect after logout and it doesn’t work do you have any idea why ?
I try to use logout_sso with an url to redirect after logout and it doesn’t work do you have any idea why ?
In discussionhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1276FailOver mode - For globalStorage (session)2017-12-05T18:36:15ZMathieu Lecompte-melançonFailOver mode - For globalStorage (session)Is case of disaster recovery plan, or simply maintenance.
We would like a failover-mode in case of SGBd is'not reachable during exploration of SGBD.
After X attempt of connection or a manual switch form the manager, LLNG should be ...Is case of disaster recovery plan, or simply maintenance.
We would like a failover-mode in case of SGBd is'not reachable during exploration of SGBD.
After X attempt of connection or a manual switch form the manager, LLNG should be able to fail over session storage in a local File system.
Some time we want to update/check our SGB and we could have to bring those down for some minute/hours. We suggestion that when happen LLNG switch in failover mode, make a annoncement in the main login page ( FailOver mode ON - Some feature could be unavailable) and ask again for a new sessions.
To switch back in normal mode, the main globale storage should be available and be activate from the manager page by a config push to ensure every node of LLNG is in normal modeIn discussion