lemonldap-ng merge requestshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests2024-03-08T09:52:47Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/459Add failedLogin code 110 PR_RETRY_2FA in history on failure retry (#3106)2024-03-08T09:52:47Zphilippe lhardyphilha@worteks.comAdd failedLogin code 110 PR_RETRY_2FA in history on failure retry (#3106)- each 2FA retry failure is recorded as a failure within history
- _utime date of any history record is now the actual date and not the _utime of seesion
- update test 77-2F-Retry for history length side effect
- create dedicated test ca...- each 2FA retry failure is recorded as a failure within history
- _utime date of any history record is now the actual date and not the _utime of seesion
- update test 77-2F-Retry for history length side effect
- create dedicated test case 77-2F-Retry-BruteForcehttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/452fix diff or variables named with top-level configuration keys (#3107)2024-02-23T13:24:32Zphilippe lhardyphilha@worteks.comfix diff or variables named with top-level configuration keys (#3107)- check value is a HASH before getting its hash length
leaf variable value is a string
Related to #3107- check value is a HASH before getting its hash length
leaf variable value is a string
Related to #3107https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/446More checkXSS2024-02-06T16:40:31ZYaddMore checkXSSImport XSS fix from v2.0Import XSS fix from v2.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/144Allow user to set their login when registering2024-01-14T20:34:24ZGhost UserAllow user to set their login when registeringHi,
I added the possibility for a registering user to set its login.
Changes:
+ Introduce `registerDisplayLoginInput` config variable to toggle the visibility of the login input.
+ Use `registerDisplayLoginInput` to create a template v...Hi,
I added the possibility for a registering user to set its login.
Changes:
+ Introduce `registerDisplayLoginInput` config variable to toggle the visibility of the login input.
+ Use `registerDisplayLoginInput` to create a template variable `DISPLAY_LOGIN_INPUT`
+ Create a login input in `register.tpl`
+ Add the login param to the `registerInfo` object in `Register.pm`
+ Use the provided login instead of calling `computeLogin`
+ Make `isLoginUsed` method a public method in `SAML` and `AD`
+ Add a `isLoginUsed` method to `DEMO` to make it compliant with the new API requirement
+ Add default values for the variables in `Attributes.pm`
Extra changes:
+ Introduce `loginControl` config variables to validate the login and validate the login in the registration flow in `Register.pm`
+ Introduce `registerLdapObjectClasses` config variable to customize the `objectClass` in `userCreation` in `LDAP.pm` and `AD.pm`
+ Introduce `registerTransformNames` to prevent first and last name transformation in `userCreation`
Needed changes (I would need guidance):
+ Create a `PE_LOGINALREADYEXISTS` variable in `Register.pm` and a correct error message
+ Add inputs in manager
+ Write tests3.0.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/426No Authen::WebAuthn for EL72024-01-08T11:30:53ZXavier BachelotNo Authen::WebAuthn for EL7Fixes #3072Fixes #3072https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/400Update german de.json regarding TOTP2023-12-19T21:31:46ZWalter BenderUpdate german de.json regarding TOTPThis is german translation regarding TOTP as 2FA.This is german translation regarding TOTP as 2FA.Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/371Display captcha in password form (#2952)2023-08-29T16:31:41ZChristophe Maudouxchrmdx@gmail.comDisplay captcha in password form (#2952)Append captcha to lemonldap-ng-portal/site/templates/bootstrap/password.tplAppend captcha to lemonldap-ng-portal/site/templates/bootstrap/password.tpl2.17.0Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/350Append OAuth2ST wrapper (#2947)2023-07-12T22:15:48ZChristophe Maudouxchrmdx@gmail.comAppend OAuth2ST wrapper (#2947)Provide a handler able to handle AccessToken, ServiceToken and Cookie.Provide a handler able to handle AccessToken, ServiceToken and Cookie.2.17.0Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/356Add AppGrid API (#2955)2023-07-06T14:47:35ZYaddAdd AppGrid API (#2955)2.17.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/344Resolve "unreachable LDAP server blocks initialization for too long"2023-06-08T12:01:09Zdcoutadeur dcoutadeurResolve "unreachable LDAP server blocks initialization for too long"Related to #2932Related to #29322.17.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/330OIDC RP Initiated Logout: ensure RP can not bypass confirmation2023-02-27T18:40:43ZYaddOIDC RP Initiated Logout: ensure RP can not bypass confirmation2.17.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/297implement CAS back-channel Single Logout2023-01-18T08:56:12ZPascal Rigauximplement CAS back-channel Single LogoutThe Single Logout is sending back-channel POST with the ticket to the services, cf https://apereo.github.io/cas/development/protocol/CAS-Protocol-Specification.html#head_appdx_c
NB: I've not managed yet to test the added conf "casBackCh...The Single Logout is sending back-channel POST with the ticket to the services, cf https://apereo.github.io/cas/development/protocol/CAS-Protocol-Specification.html#head_appdx_c
NB: I've not managed yet to test the added conf "casBackChannelSingleLogout" in manager2.0.16Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/28525882023-01-30T10:38:50ZChristophe Maudouxchrmdx@gmail.com2588Clarify PE_BADURLClarify PE_BADURLChristophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/283Resolve "2fSelfRegistration == 0 + 2fActivation == 1 leads to registrable sec...2022-08-28T21:34:59ZChristophe Maudouxchrmdx@gmail.comResolve "2fSelfRegistration == 0 + 2fActivation == 1 leads to registrable second factor being presented every time"Related to #2712Related to #27122.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/28127122022-08-25T09:18:13ZChristophe Maudouxchrmdx@gmail.com2712Remove selfRegistration testRemove selfRegistration test2.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/280New lemonldap-ng-cli subcommand: merge2022-09-15T10:01:06ZMaxime BessonNew lemonldap-ng-cli subcommand: mergeSee #2780See #2780Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/271workaround in the documentation about lemon+nginx logs (bug #2769)2022-08-19T09:20:18Zdcoutadeur dcoutadeurworkaround in the documentation about lemon+nginx logs (bug #2769)Related to #2769Related to #27692.0.15dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/277set logger to LLNG_DEFAULTLOGGER envvar when set, during handler init (#2769)2022-07-28T14:46:10Zdcoutadeur dcoutadeurset logger to LLNG_DEFAULTLOGGER envvar when set, during handler init (#2769)Related to #2769Related to #27692.0.15dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/263New plugin : Persistent UUID2022-05-16T14:59:22ZClément OUDOTNew plugin : Persistent UUIDThis plugin with generate an UUID at first connection and store it in
persistent session, in ``_persistentUUID`` key.
The persistent UUID can then be used as unique identifier for connected applications.
It can be useful if LL::NG is c...This plugin with generate an UUID at first connection and store it in
persistent session, in ``_persistentUUID`` key.
The persistent UUID can then be used as unique identifier for connected applications.
It can be useful if LL::NG is configured to authenticate against multiple identity
providers and you want to share an uniform identifier on applications.
- [x] Plugin code
- [x] Unit test
- [x] Configuration in Manager
- [x] Documentation2.0.15https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/248set a default value for cfgDate + display cfgDate in logs during conf reload ...2022-01-27T15:24:57Zdcoutadeur dcoutadeurset a default value for cfgDate + display cfgDate in logs during conf reload (#2566)Related to #2566Related to #25662.0.14