From ec95bcd755a8b377b2889f1543543a5d90f6123b Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 30 Jul 2024 14:37:55 +0200 Subject: [PATCH 01/15] Add portal error dedicated to WebAuthn failure (#3035) --- doc/sources/admin/error_codes.rst | 1 + .../lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm | 1 + .../lib/Lemonldap/NG/Manager/Build/PortalConstants.pm | 1 + .../lib/Lemonldap/NG/Portal/2F/WebAuthn.pm | 9 +++++---- .../lib/Lemonldap/NG/Portal/Main/Constants.pm | 3 +++ lemonldap-ng-portal/site/htdocs/static/languages/ar.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/de.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/en.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/es.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/fi.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/fr.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/he.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/it.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/pl.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/pt.json | 1 + .../site/htdocs/static/languages/pt_BR.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/ru.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/tr.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/vi.json | 1 + lemonldap-ng-portal/site/htdocs/static/languages/zh.json | 1 + .../site/htdocs/static/languages/zh_TW.json | 1 + 21 files changed, 27 insertions(+), 4 deletions(-) diff --git a/doc/sources/admin/error_codes.rst b/doc/sources/admin/error_codes.rst index b3650ad8f3..d31b5fee56 100644 --- a/doc/sources/admin/error_codes.rst +++ b/doc/sources/admin/error_codes.rst @@ -94,6 +94,7 @@ Error codes list ``PE_REGISTERALREADYEXISTS``;80 ``PE_NOTOKEN``;81 ``PE_TOKENEXPIRED``;82 + ``PE_WEBAUTHNFAILED``;83 ``PE_UNAUTHORIZEDPARTNER``;84 ``PE_RENEWSESSION``;85 ``PE_WAIT``;86 diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm index e19a44c233..121911c88c 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm @@ -99,6 +99,7 @@ sub portalConsts { '80' => 'PE_REGISTERALREADYEXISTS', '81' => 'PE_NOTOKEN', '82' => 'PE_TOKENEXPIRED', + '83' => 'PE_WEBAUTHNFAILED', '84' => 'PE_UNAUTHORIZEDPARTNER', '85' => 'PE_RENEWSESSION', '86' => 'PE_WAIT', diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/PortalConstants.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/PortalConstants.pm index 4d612db256..160596d5f1 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/PortalConstants.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/PortalConstants.pm @@ -92,6 +92,7 @@ sub portalConstants { PE_REGISTERALREADYEXISTS => 80, PE_NOTOKEN => 81, PE_TOKENEXPIRED => 82, + PE_WEBAUTHNFAILED => 83, PE_UNAUTHORIZEDPARTNER => 84, PE_RENEWSESSION => 85, PE_WAIT => 86, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm index ac7dbe629f..01508bc89f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm @@ -12,6 +12,7 @@ use Crypt::URandom; use Lemonldap::NG::Portal::Main::Constants qw( PE_OK + PE_WEBAUTHNFAILED PE_ERROR PE_SENDRESPONSE PE_BADCREDENTIALS @@ -47,7 +48,7 @@ sub run { unless ($request) { $self->logger->error( $self->prefix . '2f: no registered device for ' . $req->user ); - return PE_ERROR; + return PE_WEBAUTHNFAILED; } $self->ott->updateToken( $token, _webauthn_request => $request ); @@ -81,7 +82,7 @@ sub verify { unless ($credential_json) { $self->logger->error( $self->prefix . '2f: missing signature parameter' ); - return PE_ERROR; + return PE_WEBAUTHNFAILED; } my $signature_options = $session->{_webauthn_request}; @@ -94,7 +95,7 @@ sub verify { if ($@) { $self->logger->error( $self->prefix . "2f: validation error for $user ($@)" ); - return PE_ERROR; + return PE_WEBAUTHNFAILED; } if ( $validation_result->{success} == 1 ) { @@ -118,7 +119,7 @@ sub verify { else { $self->logger->error( $self->prefix . "2f: validation did not return success for $user" ); - return PE_ERROR; + return PE_WEBAUTHNFAILED; } } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm index 06315d6697..c24330ea44 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm @@ -90,6 +90,7 @@ use constant { PE_REGISTERALREADYEXISTS => 80, PE_NOTOKEN => 81, PE_TOKENEXPIRED => 82, + PE_WEBAUTHNFAILED => 83, PE_UNAUTHORIZEDPARTNER => 84, PE_RENEWSESSION => 85, PE_WAIT => 86, @@ -213,6 +214,7 @@ sub portalConsts { '80' => 'PE_REGISTERALREADYEXISTS', '81' => 'PE_NOTOKEN', '82' => 'PE_TOKENEXPIRED', + '83' => 'PE_WEBAUTHNFAILED', '84' => 'PE_UNAUTHORIZEDPARTNER', '85' => 'PE_RENEWSESSION', '86' => 'PE_WAIT', @@ -319,6 +321,7 @@ our @EXPORT_OK = ( 'PE_REGISTERALREADYEXISTS', 'PE_NOTOKEN', 'PE_TOKENEXPIRED', + 'PE_WEBAUTHNFAILED', 'PE_UNAUTHORIZEDPARTNER', 'PE_RENEWSESSION', 'PE_WAIT', diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json index 363c0ad7fb..67c92e79db 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json @@ -86,6 +86,7 @@ "PE80":"هذا العنوان مستعمل", "PE81":"محاولة إثبات الهوية غير ناجحة", "PE82":"تم تجاوز مهلة إثبات الهوية", +"PE83":"WebAuthn authentication failed", "PE84":"أنت غير مخول بالدخول إلى هذا الخادم", "PE85":" الموقع البعيد يطلب جلسة جديدة (ولم يتم تحميل برنامج ترقية الجلسة).\nسجل الخروج و أعد المحاولة", "PE86":"Your account is locked. You have to wait", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json index ed37825b19..7240ad1219 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json @@ -86,6 +86,7 @@ "PE80":"Diese Adresse wird bereits verwendet", "PE81":"Ungültiger Authentifizierungsversuch", "PE82":"Überschreitung des Zeitlimits für die Authentifizierung", +"PE83":"WebAuthn authentication failed", "PE84":"Sie sind nicht berechtigt, auf diesen Host zuzugreifen", "PE85":"Die Gegenseite fragt nach einer neueren Sitzung (und das UpgradeSession-Plugin wurde nicht geladen). Abmelden und erneut versuchen", "PE86":"Your account is locked. You have to wait", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json index accf3154f4..669de093b7 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json @@ -86,6 +86,7 @@ "PE80":"This address is already used", "PE81":"Invalid authentication attempt", "PE82":"Exceeded authentication timeout", +"PE83":"WebAuthn authentication failed", "PE84":"You're not authorized to access to this host", "PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry", "PE86":"Your account is locked. You have to wait", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json index a09031b1b5..71d075432f 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json @@ -86,6 +86,7 @@ "PE80":"Esta dirección ya está siendo utilizada", "PE81":"Intento de autenticación inválido", "PE82":"Tiempo de espera de autenticación exedido", +"PE83":"WebAuthn authentication failed", "PE84":"Usted no está autorizado a acceder a este servidor", "PE85":"El sitio remoto pide una nueva sesión (y el plugin UpgradeSession no está cargado). Desconéctese y reintente", "PE86":"Your account is locked. You have to wait", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fi.json b/lemonldap-ng-portal/site/htdocs/static/languages/fi.json index f157bdf4eb..06bcf66581 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/fi.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/fi.json @@ -86,6 +86,7 @@ "PE80":"Tämä osoite on jo käytössä", "PE81":"Virheellinen tunnistautumisyritys", "PE82":"Tunnistautumisen aikaraja ylittyi", +"PE83":"WebAuthn-tunnistautuminen epäonnistui", "PE84":"Sinulla ei ole valtuuksia olla yhteydessä tähän isäntäkoneeseen", "PE85":"Etäsivusto pyytää uudempaa istuntoa (ja UpgradeSession-laajennusta ei ole ladattu). Kirjaudu ulos ja yritä uudestaan", "PE86":"Käyttäjätilisi on lukittu. Sinun täytyy odottaa", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json index 53b8d4a51a..b82713acb8 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json @@ -86,6 +86,7 @@ "PE80":"Cette adresse est déjà utilisée", "PE81":"Tentative d'authentification invalide", "PE82":"Délai d'authentification dépassé", +"PE83":"L'authentification WebAuthn a échoué", "PE84":"Vous n'êtes pas autorisé à accéder à ce site", "PE85":"Le site souhaite une authentification plus récente (et le plugin UpgradeSession n'est pas chargé). Déconnectez-vous et réessayez", "PE86":"Votre compte est verrouillé. Avant de pouvoir vous réauthentifier, vous devez patienter", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/he.json b/lemonldap-ng-portal/site/htdocs/static/languages/he.json index 4bd15618c9..ca0ebb3a6a 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/he.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/he.json @@ -86,6 +86,7 @@ "PE80":"כתובת זו כבר בשימוש", "PE81":"ניסיון האימות שגוי", "PE82":"חרגת מזמן האימות", +"PE83":"אימות ה־WebAuthn נכשל", "PE84":"אין לך הרשאה לגשת למארח הזה", "PE85":"האתר המאוחר ביקש הפעלה חדשה יותר (והתוסף UpgradeSession לא נטען). יש לצאת ולנסות שוב", "PE86":"החשבון שלך נעול. עליך להמתין", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json index 5eb102f213..c2200e7855 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json @@ -86,6 +86,7 @@ "PE80":"Questo indirizzo è già utilizzato", "PE81":"Tentativo di autenticazione non valido", "PE82":"Timeout di autenticazione superato", +"PE83":"WebAuthn authentication failed", "PE84":"Non sei autorizzato ad accedere a questo host", "PE85":"Il sito remoto richiede una sessione più recente (e il plug-in di UpgradeSession non viene caricato). Disconnetti e riprova", "PE86":"Your account is locked. You have to wait", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pl.json b/lemonldap-ng-portal/site/htdocs/static/languages/pl.json index 2412993355..580f401881 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/pl.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/pl.json @@ -86,6 +86,7 @@ "PE80":"Ten adres jest już używany", "PE81":"Nieprawidłowa próba uwierzytelnienia", "PE82":"Przekroczono limit czasu uwierzytelnienia", +"PE83":"Uwierzytelnianie WebAuthn nie powiodło się", "PE84":"Nie masz uprawnień dostępu do tego serwera", "PE85":"Witryna zdalna prosi o nowszą sesję (a wtyczka UpgradeSession nie jest ładowana). Wyloguj się i spróbuj ponownie", "PE86":"Twoje konto jest zablokowane. Musisz zaczekać", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json index 1aa1967c09..126dd1fb66 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json @@ -86,6 +86,7 @@ "PE80":"Este endereço já é utilizado", "PE81":"Tentativa de autenticação inválida", "PE82":"Tempo limite de autenticação excedido", +"PE83":"Autenticação WebAuthn falhou", "PE84":"Você não está autorizado a acessar este host", "PE85":"O site remoto pede uma sessão mais nova (e o plugin UpgradeSession não está carregado). Saia e tente novamente", "PE86":"Sua conta está bloqueada. Você tem que esperar", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt_BR.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt_BR.json index adeeaae48d..b2821dfd84 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/pt_BR.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt_BR.json @@ -86,6 +86,7 @@ "PE80":"Este endereço já é usado", "PE81":"Tentativa de autenticação inválida", "PE82":"Tempo limite de autenticação excedido", +"PE83":"Autenticação WebAuthn falhou", "PE84":"Você não está autorizado a acessar este host", "PE85":"O site remoto pede uma sessão mais nova (e o plugin UpgradeSession não está carregado). Saia e tente novamente", "PE86":"Sua conta está bloqueada. Você tem que esperar", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ru.json b/lemonldap-ng-portal/site/htdocs/static/languages/ru.json index ab150e6d6d..9d45e6506a 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/ru.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/ru.json @@ -86,6 +86,7 @@ "PE80":"Этот адрес уже используется", "PE81":"Неверная попытка аутентификации", "PE82":"Превышено время ожидания аутентификации", +"PE83":"Ошибка аутентификации WebAuthn", "PE84":"У вас нет прав доступа к этому хосту", "PE85":"Удаленный сайт запрашивает новый сеанс (плагин UpgradeSession не загружен). Выйдите и повторите попытку", "PE86":"Ваш аккаунт заблокирован. Пожалуйста, подождите", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/tr.json b/lemonldap-ng-portal/site/htdocs/static/languages/tr.json index ff61ac0c3d..32bb0f5b25 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/tr.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/tr.json @@ -86,6 +86,7 @@ "PE80":"Bu adres zaten kullanılıyor", "PE81":"Geçersiz kimlik doğrulama girişimi", "PE82":"Kimlik doğrulama zaman aşımına uğradı", +"PE83":"WebAuthn kimlik doğrulaması başarısız", "PE84":"Bu ana makineye erişmek için yetkili değilsiniz", "PE85":"Uzak site daha yeni bir oturum istedi (ve UpgradeSession eklentisi yüklenmedi). Çıkış yap ve tekrar dene", "PE86":"Hesabınız kilitlendi. Beklemelisiniz", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json index cf4a771345..106f9b5a24 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json @@ -86,6 +86,7 @@ "PE80":"Địa chỉ này đã được sử dụng", "PE81":"Xác thực không hợp lệ", "PE82":"Đã vượt quá thời gian chờ xác thực", +"PE83":"Xác thực WebAuthn không thành công", "PE84":"Bạn không được phép truy cập vào máy chủ lưu trữ này", "PE85":"Trang web từ xa yêu cầu một phiên mới (và plugin UpgradeSession không được tải). Đăng xuất và thử lại ", "PE86":"Tài khoản của bạn đã bị khóa. Bạn cần phải đợi ", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json index 0c828515e8..8dfba19e81 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json @@ -86,6 +86,7 @@ "PE80":"此地址已被使用", "PE81":"無效的驗證嘗試", "PE82":"驗證超時", +"PE83":"WebAuthn authentication failed", "PE84":"您没有授权访问该主机", "PE85":"遠端網站要求更新的工作階段(且 UpgradeSession 外掛程式未載入)。登出並重試", "PE86":"您的帳號已鎖定。您必須等待", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh_TW.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh_TW.json index 1a7ace4614..bb0e3096d0 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/zh_TW.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh_TW.json @@ -86,6 +86,7 @@ "PE80":"此地址已被使用", "PE81":"無效的驗證嘗試", "PE82":"驗證超時", +"PE83":"WebAuthn authentication failed", "PE84":"您無權存取此主機", "PE85":"遠端網站要求更新的工作階段(且 UpgradeSession 外掛程式未載入)。登出並重試", "PE86":"您的帳號已鎖定。您必須等待", -- GitLab From 2525c8f9e0aded54478b32db343f0678dfac5259 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 4 Jun 2024 17:24:02 +0200 Subject: [PATCH 02/15] New Auth::WebAuthn module (#3035) --- lemonldap-ng-portal/MANIFEST | 1 + .../lib/Lemonldap/NG/Portal/Auth/WebAuthn.pm | 204 ++++++++++++++++++ 2 files changed, 205 insertions(+) create mode 100644 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebAuthn.pm diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index ece7308d7e..51d46d3fbc 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -49,6 +49,7 @@ lib/Lemonldap/NG/Portal/Auth/SAML.pm lib/Lemonldap/NG/Portal/Auth/Slave.pm lib/Lemonldap/NG/Portal/Auth/SSL.pm lib/Lemonldap/NG/Portal/Auth/Twitter.pm +lib/Lemonldap/NG/Portal/Auth/WebAuthn.pm lib/Lemonldap/NG/Portal/Auth/WebID.pm lib/Lemonldap/NG/Portal/Captcha.pod lib/Lemonldap/NG/Portal/Captcha/ReCaptcha.pm diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebAuthn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebAuthn.pm new file mode 100644 index 0000000000..68bab969e5 --- /dev/null +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebAuthn.pm @@ -0,0 +1,204 @@ +package Lemonldap::NG::Portal::Auth::WebAuthn; + +use strict; +use Mouse; +use JSON; +use Lemonldap::NG::Portal::Main::Constants qw( + PE_ERROR + PE_WEBAUTHNFAILED + PE_FIRSTACCESS + PE_SENDRESPONSE + PE_TOKENEXPIRED + PE_OK +); + +our $VERSION = '2.19.0'; + +extends 'Lemonldap::NG::Portal::Auth::_WebForm'; + +has auth_id => ( is => 'ro', default => 'webauthn' ); +has type => ( is => 'ro', default => 'WebAuthn' ); + +with 'Lemonldap::NG::Portal::Lib::WebAuthn'; + +sub initDisplay { + my ( $self, $req, $auto_start ) = @_; + + my $request = $self->get_challenge($req); + + if ($request) { + + my $data = to_json( { + request => $request, + webauthn_autostart => ( $auto_start ? \1 : \0 ) + } + ); + + $req->data->{customScript} .= < +$data + +EOF + } + else { + die "Could not generate WebAuthn challenge"; + } + + $req->data->{customScript} .= <<"EOF"; + + +EOF +} + +# INITIALIZATION + +sub init { + my $self = shift; + + $self->authnLevel( $self->conf->{webauthnAuthnLevel} ); + + unless ( $self->p->unAuthRoutes->{GET}->{webauthn} ) { + $self->addUnauthRoute( + webauthn => 'init_challenge', + ['POST'] + ); + + # Used for session upgrade/reauthn + $self->addAuthRoute( + webauthn => 'init_challenge', + ['POST'] + ); + } + return $self->SUPER::init; +} + +sub auth_route { + my ( $self, $req ) = @_; + +} + +sub get_challenge { + my ( $self, $req ) = @_; + + my $request = $self->generateDiscoverableChallenge($req); + if ($request) { + + # Request is persisted on the server + # + my $webauthn_data = { authentication_options => $request, }; + if ( my $token = $req->token ) { + $self->ott->updateToken( $token, "webauthn", $webauthn_data ); + + } + else { + $req->token( + $self->ott->createToken( { + webauthn => $webauthn_data + } + ) + ); + } + + return $request; + } + return; +} + +sub extractFormInfo { + my ( $self, $req ) = @_; + if ( my $credential = $req->param('credential') + and my $token = $req->param('token') ) + { + + my $token = $self->ott->getToken($token); + if ($token) { + $req->data->{webauthn_credential} = $credential; + $req->data->{webauthn_options} = + $token->{webauthn}->{authentication_options}; + my $user_data = $self->getUserFromCredential( $req, $credential ); + if ($user_data) { + $req->user( $user_data->{uid} ); + $req->data->{webauthn__2fDevices} = $user_data->{_2fDevices}; + $req->data->{webauthn__webAuthnUserHandle} = + $user_data->{_webAuthnUserHandle}; + return PE_OK; + } + else { + return PE_WEBAUTHNFAILED; + } + } + else { + return PE_TOKENEXPIRED; + } + } + else { + + $self->initDisplay( $req, 0 ); + return PE_FIRSTACCESS; + } +} + +sub authenticate { + my ( $self, $req ) = @_; + + my $user = $req->user; + + my $authentication_options = $req->data->{webauthn_options}; + if ( !$authentication_options ) { + $self->logger->error( + "WebAuthn: missing authentication options for $user"); + return PE_WEBAUTHNFAILED; + } + my $_2fDevices = $req->data->{webauthn__2fDevices}; + if ( !$_2fDevices ) { + $self->logger->error("WebAuthn: no 2FA registrations for $user"); + return PE_WEBAUTHNFAILED; + } + my $session_info = { + _2fDevices => $_2fDevices, + _webAuthnUserHandle => $req->data->{webauthn__webAuthnUserHandle}, + }; + + my $credential_json = $req->data->{webauthn_credential}; + if ( !$credential_json ) { + $self->logger->error("WebAuthn: missing credential for $user"); + return PE_WEBAUTHNFAILED; + } + + my $validation_result = eval { + $self->validateAssertion( $req, $session_info, $authentication_options, + $credential_json ); + }; + if ($@) { + $self->logger->error("WebAuthn: validation error for $user ($@)"); + return PE_WEBAUTHNFAILED; + } + return PE_OK; +} + +sub authLogout { + return PE_OK; +} + +sub setAuthSessionInfo { + my ( $self, $req ) = @_; + $req->{sessionInfo}->{authenticationLevel} = $self->authnLevel; + return PE_OK; +} + +sub getDisplayType { + return "webauthnform"; +} + +# Define which error codes will stop Combination process +# @param res error code +# @return result 1 if stop is needed +sub stop { + my ( $self, $res ) = @_; + + return 1 + if ( $res == PE_FIRSTACCESS ); + return 0; +} + +1; -- GitLab From 8bdf07808b58734afaf5f7e49fa482d5cb11d557 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 4 Jun 2024 17:24:33 +0200 Subject: [PATCH 03/15] New webauthn template (#3035) --- debian/copyright | 2 +- lemonldap-ng-portal/MANIFEST | 1 + .../lib/Lemonldap/NG/Portal/Main/Display.pm | 4 ++- .../htdocs/static/common/modules/webauthn.png | Bin 0 -> 13483 bytes .../site/templates/bootstrap/login.tpl | 26 ++++++++++++++ .../site/templates/bootstrap/webauthnform.tpl | 32 ++++++++++++++++++ 6 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 lemonldap-ng-portal/site/htdocs/static/common/modules/webauthn.png create mode 100644 lemonldap-ng-portal/site/templates/bootstrap/webauthnform.tpl diff --git a/debian/copyright b/debian/copyright index d7b47b49bd..40d24da629 100644 --- a/debian/copyright +++ b/debian/copyright @@ -42,7 +42,7 @@ Copyright: 2005-2023, Xavier Guimard 2019-2023, Maxime Besson License: GPL-2+ -Files: lemonldap-ng-portal/site/htdocs/static/bootstrap/webauthn.png +Files: lemonldap-ng-portal/site/htdocs/static/bootstrap/webauthn.png lemonldap-ng-portal/site/htdocs/static/common/modules/webauthn.png Copyright: James Cullum License: WebAuthnLogoLicense diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index 51d46d3fbc..f1efac88e4 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -516,6 +516,7 @@ site/templates/bootstrap/totp2fregister.tpl site/templates/bootstrap/upgradesession.tpl site/templates/bootstrap/webauthn2fcheck.tpl site/templates/bootstrap/webauthn2fregister.tpl +site/templates/bootstrap/webauthnform.tpl site/templates/bootstrap/yubikey2fregister.tpl site/templates/bootstrap/yubikeyform.tpl site/templates/common/bullet_go.png diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm index 3b09546255..62bd1b4d45 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm @@ -615,7 +615,9 @@ sub display { DISPLAY_YUBIKEY_FORM => $displayType =~ /\byubikeyform\b/ ? 1 : 0, - DISPLAY_SSL_FORM => $displayType =~ /sslform/ ? 1 : 0, + DISPLAY_SSL_FORM => $displayType =~ /sslform/ ? 1 : 0, + DISPLAY_WEBAUTHN_FORM => $displayType =~ /webauthnform/ ? 1 + : 0, DISPLAY_GPG_FORM => $displayType =~ /gpgform/ ? 1 : 0, DISPLAY_LOGO_FORM => $displayType eq "logo" ? 1 : 0, DISPLAY_FINDUSER => scalar @$fields, diff --git a/lemonldap-ng-portal/site/htdocs/static/common/modules/webauthn.png b/lemonldap-ng-portal/site/htdocs/static/common/modules/webauthn.png new file mode 100644 index 0000000000000000000000000000000000000000..4d250cf3df63ff4ca6ad601d66408f1f5789a518 GIT binary patch literal 13483 zcmbt*Ra6{L&@b-pvbehw++mR*3nW;O;O@a~gZnO!1Pe|e1b2s^3&Da*@CAaq1-tt{ z_vt>|m+zZ7GkvCex@)?+y1J|CH}QHpKztk;93&(pd<}IKeMEYWxEirA5O-CJ(RoCI z=Afvph=f#^iu?E;9r4U)qpq)wgcQV%gcK2lg!B)Q74a7d>4P8=(t#Bcl2j%V5~XKu zJ4gmmfMKl#R6%ieV(ooXi1T(2)I_Z-sD&T8^(5@2#+OUX; z+bG;?-=l*PJ`xng6_7zwM41#&qL7%Fq7+6;v`1OfN5uhtukA_d zZj8yfv|Lx$gyRDK=STA!Td4;WK>Mo$=fhwBR>$sVq#mYQs3l0GGgK6c>?1S_`a)!E z!QzMMd}0um00~5auL5!3Thu2oQ?I90)V)8I;NoMIz|;)jaJ)*~N~D(9n6MK0Ey^!& z>23qS7~K`g^z!Q;;toMTJlzFx3kmcCpjKKCI}__DN_~aluPQL!jG!4wyVqG|7rpnL z6~P&MEtTWd3yip(1rXn20B1U3w0dR5ea2)ZEQmoYejHeju7P;-S8qdaVz0D%kw-L3 zBg?s8w9Eh<`*CB`<_`{7s)a-Ksq9|^NGky7bQh; z;Min$YP^?S#9pM9NMn>jMF!%$hPw1?8#3O3{e64RF3(>~5Vw^ufav=g-x@>9D`9C8 zk75|h2Y(D5BpuWPqVtc|bhUWKQHIOWy}`XCR+by#5vM5OO193btP@iwO((eT2yz{t z%~6w3hM2umQPohTiQGXZC^7_()Bz;lH+yfC?SWfvL=<2isM~|n2ALJg&-MGD4dM-p zlJ@RctZ7?15t=(5eUF}KHhf$w!87Sb&JcPHTS#Q3fFRi-`XZ(TwFFW*PC(Z<%)J`( zL{Ue`YK5bLaaOlM+OQ9uHRCyNGe_0{Ae*pdA$x}_7V1U@4Ro}+CeHu#{SV0P@xU}5}*}#Lh za!2v%Co=%iq6|;11L#_*HTKw|Ps%#_p{=z2uaZ8asmK1y9^V_sGxSCsh8G~>0ZLL73ce^ zNs0Z-bgqwiVenzKC+o?#TJ``BQK*2LvjY<^`Uy~f-^4b2Lc#fVu9ps0%`5eDJW&39 zm=Dfbkg-yxkPiB@0E}wBivWdR1$T}C%zz};Ti2V_Td0ta((kI4cf^3AYty;6f|5lS z-$5NR?XSBbtP*E|9(Ey@mfcb)aY&Idb}j<%{3mrrf|fJ&q3OB{+Ad3Z7sSLxvqAq4 zC0u#>?jq~5%ntPt!@nz|9|D;6(~lhJAN z(Ji;FO^#DMWL*{(p+K-DZ5YIhMHHqqDoq0vbO#VDjAYVHnNh^UnSmU88E&`LhWz?^kM9C`( zMQ-pS(jTc&D6Faf#Vt*nGO&td@BIdeK~V$WfyHbpbr0+V8NcH_CRZeP)VD-^q-n)T zucw-3Y7)_$?2Mci+AI>>GY8jK>y*~=nf+}kSiGhL-OOvpWzvf?HoX|K9#ig8J7amW zodsJ79LjZ&1L8Xb5lX5{V~(~JOCy&nkib0Nb-)1nf`I{{*I_;Ebzw;y6w(}jip6@Mh-Jof0lX{ zFUn{!Xbe;80UjK5vrTP9GnyI1;9YVUAGeW*v!>6E>@sB=PQ}wCgfsS`lc3YBS|lTN z$TV&q=?f#~Y7J<=B$NR1FO>d_yizbbdKL1r(F3-aM_Jz4RR4p%*%0obVxlD*5-Wz> zqo6_e(l_AjFp+Qn@~p7I!CC3cXGgM_^y+5_J)?qu3elqNkPOKu*_fDASR!OEFzNJk zO{9Z(C-vp)JF`GRoUh{rv`Zr?1Lk=1C0QS5_fmHyU5V2;EjfCw(D{($fz&!iHimz( zBmm#5Ygji1L-Fh^wNn-wejsPjed3If>7|`?kQ-C#jy$!o`$m1Gpwn}x2Uh#S@gE01 zikT3oO?*bZ1l$1h^F5eS-CTyKq72X8a3(d%F`rj}iy>wHZW-W5!G&vaO=MZ&7$!<4 zl9ObLHs_qEc^~6srPq|1J}YOBSUrO(NbSN<#9YCu)bK_dy|NqpO8;D=`LVw7l%G8bTh4?Dl)D?tc_-Iq;{dPzTAoZ+wWG7n*Z z)Y;ScXQ6fygd`w^pgr^1Pa8WTR|EBJkjYpDIpspw(|UcZ+nYnj#m005nYPwpT3rSi zij{{Qgn>V5nEe&67#?^vW!mH?-vh0>(yP^Nfm=E;y3yUpOZDR7MRzBqoEe6^qN2pw z%j<<203d}v#$b#kkk8vXwr!}5v$?~=uqgA~6lDGD5OzZc@pyN5Kc>8P800POP9M{` zwq0;Yyaa6}-Sn}3%6^B9chMMzxv0n4>@u_;-S?WIAi#5Dw20(yG7irX9LidY6M)ZW z51j#zch!hZ+M=AHGa7t^X+iqW@&jXJNceDANJB8}enML>h3JVt)So_#!!$(5o09q1 zkad7)t!YT;|Cj_R=Gb~5XFiU~IvrggA?0_Okur0ZN^bE9Op$q;0U4V+Eibx)Huy)H z(~Hp7bSw6sf@D3{!G$da@aNQ`E7%I?*mWpB%IY~7kN|!DOf_OZw1zuqw60UH(3|u` zf+Lok?Dbktd>*&=6}bC(&*8ZTqtw$PmGwNnd~`Hbw>ac5&paBIGVm3N=hFqZclyf; z#O=}CFzZqhp4?4*S8@MU8_u2K*Gltgv1w4f8Bf1-kJ#YzTkJ6)uG-SMwftCvqmqeB zI%EjNHz1}T8r6j|INt+y-A~jLicZEc6uU-mS5NrH;x$^EK;0eZZ25Gvo)4khyEe3l zQ4iuvYhJL)wY0B{j7VkLTNuqOwIgJWw`4a7UhH=!6Ipu&uCr9EyRJd8;k}@X%Dev^ zmn;8G_BKQ)K~jE?_6LWsSxV%Dzpo@o8P=g4L+sn&aPFOc7;e|HkF`k}+;mpW!N^ea zPQx(TM<}6AF1MGBP*rHlgiE&QZN|2YcoXlLet!GI{6D)@kj$tJvLqEQ=>MaWP0O|2}hzm{>qVpZ8x-tI{58N>3Pza z?1Zwu1jXLx)4+Af1htpG9fSquBVHQK=EyN%{;MnObggP#S7q{! zo=l{he*CEl&UgI>+JD|sZj_bG&00!Wl)j;!OW*m;?>Pm~!ZPW@SX0mTyC+JMNI*I5 zP7aQA`Am06XUSd|Trlz?b-%L08hu^9`9S|Z{BOsk=GB-(0s2XR;paeZ9I+~uycY#P zZ3yW)^7Hn?rRT;dRKg~{Jh5JS3c9!zZyVVHim{cXdvv|($_UNPVcI@wc z(wJ;{fdr?8dKv3-awMv>`bIw@PkgqC@XHFYZEWbydU`)XSogsIk(Z&0V=>Y_e8W3W zmNbd7;`%{KDDVN>*1!QbV{d7ZI9h*=DYP?Q<}MUe7mf*M(h%dOmYJ71JXepr6L*%F zvReOf{}jqu;wyC_9Q%DD2#*iXXqq332TJ+CM3$z7Uv201Q83+3^o+1kBQx2O+05Ao zX8+-#7_a0q0;uH*7Di(`%})u^epNgG#njth#e~PdWXFdIYpO}Q?>;)klgW{_O`<|e zWC9USmpJOpG|RNNbg7~#+OWtMBRFWyYTY1j&sWG4o`OlE)E!$`?zBnVE&qbd_R&>S zE7I%0x4vA#_AIY-6Eiqpx|B6~EKX~@t7yAHt{&M=AP+b3o9RUS-WarEua z0(sa>dl~iI$%JZ3-DVu%A!qU)_FW8ZFxEpcEgYHomp2*8venS?$DJ+$^?A+9kRWCa z3D~<~suJYaqWN0mZ8VVNU|Ie2%U$m;ikafGTes|1`sQv=T8hJh>_A-M#1vp54`FQ4 zE?y5|u;Nay#ul0tyEmP89$v$9BSzI!YRp$p#MV*_h7nA8XDS)YxYMR4&kg!Ayb5}} z*UkWTk}`kL6+O>^*tp{}o3P;E2M)LweqH>eZhfs}@h?n$nn3jBMr7N1$UG(2se@VI zVvsYj3MxaRXsBUiWVTLu&zpzz+%lV|7Z{eWnB^xgczduZN%qeS+9>LmCP8gj=-Ds0 zejBblzN_?;$emfU`%Y45zztU-$P_wz2#&iWg`=M)tG^=C7$e?Yrz6_OWPa0AcJIb^ zjKZ8)a&6zpSP9(BY8h+$oIUBi+%K;k*Ew7eZL3vyn1Xx=0^EycbTzTVPa7PiGj(U` zEZPX5cb{7Y772k{neSnOS$`n=&V`kLKR%vA9|PVd`z)d zLx5C(oKgDgU&iuk%uRlwb&({^*ECZfCD3LzMHEF@oF2L0PXtYR+0j<$LBkKf-DwvJ zLhc{_w#vV)^z_=g^I~q>|3pZljW37Bho*7VJ%w!ln=1ZjMms*QQevLb8(()nM3*rq zTtBMyP8N3PvF%y%jl*v-W#$w`GLhdB*W~~EPAW$g{gC<6kw}2x+6Tz7jkAJ zdl8WuC#A<_%mzsW1(g30`dk3{lnhoE(Mobj84&te+4zu^nw*uf32hbxyt$Imk*e@T zzo-z<-VceMN@`3c=CVr?D{StJ)eAF%@{WQm4<4S;tcFWYinW#ol0_;|>0Vg{l{{6Y zE1~0XEgrw^sxqQsIZ~6L?kf9YFgjSJ_`cYV%ShmUGrD71zpTNr?ny$JgCd5mcX7yr z855p0pU=*S{Zhut-)W%nE~4=h=bEuiwLqfbZ|%%#oSV~jqQclBK}a$oY&}i}PcDjm z_JMd9JHf({$r;fr729#Kqa+HL%9~*2UZe3qj)l2-0bUsE9=+yim-1N`{@My2qUF)4?2U(+^e6$bEBPF$ zk~GYT!{j(QM`H7=>HCX5NConawo#eyix#MP(J%u^pFdA=g!d)}DYifjzb<&$fUPdI zvmXNgC*g_2>^^m966@^1pmN@})cbjedhV+#9Bq>cf zDw}N51dGSfa%_h2+QmUBgl@rCU zfSABNZB(^SYoFe|`4_m+DpMm-M}IkNiMS58pAh)$YFwx_W}n?L~`FH5G6 zA)bAxo<2|oYmfnB`ONEoe>x7nNfmaNV^y+N&PFcR`sPOb%SadIFU(*iq}-O(g+Mf~)*Bluj}N-0x|L><1O zw%^rO(sHS{%J>|ConJt_ccCToZwgfsuwmEo)EeIz7m3N61=K=|t)uJQ{5bs6x>S70 z1Mu{n43?Az+w;TX2EJx_@4s&d#Q3gZP0DQQnAcBK6umrO6xh;py~=szZlm>0Lvv6T zTZ|BQt9Loh+PS5$vBi$;Gs+Wjysk2}P%&y!5A9j#MkPX&T&z=Ag3Z1zx}{`CNP-Nl zew28TXJa`rMIJR*D{b+q)0BPJQ4SWhLK99NRizz$Un_)^N%Sq>h-*O8nk5=oeCPIp zBp--=tbaxrLT{Yo`kA|vV$dQV-CdP7@vGW?)b;l734eK(wGk85lljlTK=vkvNs81e zPQmdHdiHC+T}S$!{WtC2fR!& zoIX(F6e2}i*1tR;KHS9CKM!F~dg#9!tX9fNUR{?c{#Qj+>J{$oe;SuB}v4oEbm)11K#+no-!BKJ9)e5^r~vCd>ES|TH; zSFS-ZU166e!G$-Xgau*0dlWmco>A@gzM@{??OVAjr%8+_@j>|36l8WHd0>3n0NOp- zLCHc9^`_Of0WU(9X)%R+Ra}a5Gtj@?TQ2i}a123lHQj4Z@9`M_xbD6im1cwGorq5` zQS8^&m%PEnp`~HqW`lhvx@lZVziMR~11e^ReE>-dQ-dSb?-i*UjusTY^-eBYue1Q7 z<-Q^+isDt|FA6emfE3Ug?K-s#4*NDZ{`Gshi&m)FC)NoZ|eETh2ra}npEbiW4mo{&H(2Ym;g0^C|b(KE0QW|HFfiYiu z6nd$B;HgNHitRIzV}Z;Q1$Iol5|GTxrl(5;WM_-Wwlt~+R~}YVE3VVKE#c?z1U1>) zd?z27%98-$S&-fda(&sxT1c;WwaFc2Iwhl>GjKQ-`f0`E*ARC}d{DLrxlqN77c_wJ z;+dk4y%B0$B=D2yp4?E>Qvuu`gtWl;z)O;C_QOf1Aji|JIjw2DjxuO9Mx2!=21n&{ z$>q2Hu}D5&9ZVVlGeH89S4D#`@oj4#*THMg7`;vI1ezgqkoRLlBqJO zL?ely$=z}Z{A2LX|Pn%Y3)LJ-gvVyN0d?_e%e0m>&`Tigho8(LUk z-+0eC#g)QdL1=L^0)()IoJbg zNphtUO=(n+F|Qxsyl(FPGPg~cdyQ$E_fGvi_6*u1QLE3)=j`m)F*U!vF6*opq|vTj zb$kf$RX!levjp|jJ;N&|>#{HrBOo$(T)yV0s`-agoGGjEhebQ7IO8Yr{Hg^)RceX? zh!vNp(OcVKrs44xsQebUHz})larCy4f)9JYmCAt$^2Fw#vqQQ&{k=LFPL7uExVwa> zr#>YOW&8p&P=ToLg5neeSmF@CaMdh8^p zTu>J?I^hSx1cwwby_Jzco5q{qm9!@J=oq( zE58gwWzcSD0$@Jo=03T8#Dt_=iQ9=uS_tU0%2Gt@>I+T{=l$LH5@84trKG zo|ekwNQPfJipMQff+EEN?p?)Ijhmb}pj~c%Rf`fnS#XlxB0f>>u4zmYp1DOQKVP6d zVUI~ug_Rdlmf~;J@+J4Jy{Tlt-j_uuJrk};^4>3601;dMBZ=u~bWbgu);zvFww=1UGtfBc_d43WHaM|w(f@s5b<*_|WMNE8DmS{}m z{L)s_d-htvl<1P`n?9Dme`^i*s9l{l}QT;r_)duv%tUT$w=dBbXP#*>Nk z`G9;S9f);6#@)ZSbXXyixBC-WR#lE4qk|N8?{!N8j7Aj|+^A2xvnS3iuax~<0Ic*% z!0IN*%4oCefQjxS{b(wGjE&x79Wy_(+4fOlkUKeTfEf2coXeYAt#>snK>uh5)X$gR z?4S_2H=yOsOhQ>A==A4-NIePuv{C!|F15SvHI;zm62>i7FCOO(gV&>Pin~qoBmQ<3 zRIQ&Tna-r}oTmf9CPK^bUw`k?c)(DuGRz_DNf(CZwf1Z)w67|0%)yrcmxx_a>D?s`sE~J_U(rJG% zyv5a+w~}AIxUcedW@cPLyGV}f??N>fgd_bt!ew?J+!S~Y6b?JQ8uxz1s0wkt;cgNm zXk_Y(I(FKTtkQgs=N(psE#&uiC{(C`WPH6%#c2CsFHronc+ISiFD=>CO@d4k5grWIt(xJruZtYlZ`BFti=Pwf(P) ze{)+9#Cu#m?+p&72Nb^ta2!8Npau;!JAP5hX)CLJK*ntP@B=JM<6yW>=_ypDVyd_t z%yz4~Jof;?5Nf`bm~ERKG8_0?o@h=&%Uq+7xAhx-LX}C_1!fs@kahmrKvLEF<}a8) znJ17+It;hI=aeyP&B6_?`H88QAK{;X((Hylfwf}ot&X$>a-T9McJJEwMr|u#Yf?dLTUXL(>uVqhR_b9H9d#FsX_%x&X6z7O52D z1+rBbL?=%t32Pn@<4`eX1J@;OWFZ_UHPEYuA1cem$>i{p3@Yq+$fCMU1PAz158G5y zsL%WNM}Yl0$~>E@)y&8l-<9=|Yv~iGfbQauzUUG#ZKXwm;e^ZU&sfB51A&vCqJ~U@ z741qORpQn+MfD@G3a#yu7Pg)!-1R`z&4W_fUS;tSSNy@n0BxAhas zB1CC!_M!Y{p8ecHoh`9GO+eWh-ilDBd#L4>x;eUrm8ywA@}Kpe{1kWfrZ86tC12KX zJY98JlV?5;bQHl$>*oR*sFHx%6s}__|5+K!s#DAtyejZSsBOxJbUWNhmegB$@O%c% zrJKS7F@tkx3u&#Hxm#$4oAG=Ry7et1=5Robi{6^2*iZFG;bnVq&UzRc_D96WXls+? zJme|JXk*=!6)$w-kN-Aqm?ZH)cP0+x@|5I`K!o3RT5lFj;%;o(iMK(o<9iDzFYuN> z{JxyJQKY}+U`|^3m>}j?_Sotp>8NsAiusdusAHhvlZ)Jys&i;ID}99FbGeiMobS6u zMf-(cUJm)C(~}D*W16(AF4J?*wi5Xul z{3R}ufbm}4&O`gUN!XWcwHT6nLFkeWeUt6-rk&GQI;o0@XJ*7B;yC4(p|?^A#KQ>^ zK4n^cL7RuaZ@%QKsuEi&CQn%?Zk8rD8qGE`eQ%_wx=TfsSCbYDLmQ0P3)(Kzu)qqyBz<+!YV;PujDpv9BucXvfPr<}~L0l|g?Vny|L{ zMQ^(u5Dq{dE^_2bRc=>TX)=|F1wDbPHCJjflYkt@w((Euy^D{_5omfxbH-omWHF|o z0WnimFng>&CbhVbg`w@;x9*wh$U297?2ylgiZcYy6#+9|^8k8FW#NlEuc6s^d!GiN=ykEl9$ji zko!XwHJ}!_k|ooUr*BP#zoK|RBImvuHVT0ZFzasw;wd}3(L9*mDpN<@ z8mI}!1hU(JLL=NhiWW>+6`lTqN>Kkv6>hz0>6WI6ra$4a>7)?ZU5I#((7IZremA_z zJ~rwI3WX;W0!FbL}_n$x3dI-Olubi^kob24PHyzRb;b=fzYO!ArCJRu*6{cKN z8fR+*HKdQ}dsjT}fTrK_z`|D?+cv46QY*gv5Fl1qSxyeauymDU$UGe?9JH-^`De|p ziea}rj%h(C-E4=Of7tOd*E?QP`?ZF}%lnSUdDnsCXE@azClinDSYIvH(oh+r^p7L7 zIFz&+l4xH<8xDeJ=J1k3#o+!+yWQ>Ml@5&Wf3)Lr`5O1SB3Zr3kIkk2FXU zyX3*Ydl#wZlY5%_;l7^63l=b0N-RQ1!YZw^-cPj=vo>+yfTzm^KZ|WzpXG>~2uxF1mv8m%_k_Jk0c&d9?mY;A3)?(>S?~2}9M%Ot^Cik<8^iaN zV&cM7g+y&yVX+hCC6F1LFB7wgUF<{7ElB6%FvnlxHjMhJ8jeBj4M2SQuyXI$UdefX z7O)43!yJMjew+1rwCiy($a>`M9n375^_UBWfGAy8ekqt2k+iUUkV3#hC=14lnM&5T zoq6?FzWl4kF0l?Sc@|0gXaJ4s##kD^Wtu$uh*(^!?nk@#auquq`O)&YlyOoqzs(4J zKDmCEx~#`YCM8nk-VyN$|B6tGLa4D|?T9F~A3>Jqs;Rslk@IlKHe+JtJ+)XjoCX8=)Nkhy|kA4}7A=8qHc~3@D^Bu7T z18K#ADc_MMyC|1I13k!nn7a=;Oo9?5Wf(5PPsDbZOMj!4*oGBPqAGq=we(0+NxGz< zbc1DvNxOUo#Gqpm9!x+J?p5(|*%PqLSlt})L*9rS41Py_Cg1xZ)AdJ)N^^ZZzrwkb zS+JX0qPNLTqSsHTglgtUBk`ca)6I-0{BfCbnIl82E~wbGhBkr{s_l=;e5Kk8L*q`O zC@x9R;QDY6V@w-o$*P@4=7isn+V9rF_?|Zg>$40JIQFv#2+Kto-?RXC*61h;i8z1v5+4On-mCE}%lL6yy z2RkG4gpzMYRaY26?k&vmL6Vw38}pw)oE01EW6#91mmxL|BvgQSX;Og#q8aY>TTCY1 ziiLm>oNU`CP}f11!jDoZ0mbyA2Kb2t5qTA7sh7aC6HzTo!s$@=9QMVcuA0}Tww&&b z04RFte7C0y|A{*s#0z8-ft1)?Sf|1`P z{ynm=i~Wr1hWZ~3!Sph6?M#MrGdf?K`j$Ke?knd*|7S086eAYQg+0#A9fH7Qk0Rqs zIN8zGci2E&DO+mWS{|o;HyKpIY=ipaMc$-xXDj~Fp7>jqx?uruy-v?UA z-Qp-;A@pIiqg0gEu~U%o0Hfyt6deg_$Kr*LWuk(24k7u3J%A$ z0$29JZ?9leB5;ioLG|ZqH7f+HQdls(zo9Kmx!PHlSmWSQ5Y9Uld_ZTb91i#}7-!3n zBeYk9mV`>${)CeOzQJJu=3>tymHhZ;Q0PAS#rXIyHcg@k)H=Fi;y9q%#nJEC72O3r)`#2yL!E_f*}7oz84Yl`=`s&h;~YJ$4PIUsEdA zc92ZXIa47fX9`~Z^`6xmt7z~C-C-0F2!06dXUZihd#nq}Kbr1X*kmuVxOcdLM}Moa zfLr`HB7x0}@xkKv>9|A1Q?mkk#k%w_*6#g255ed2akJ9z&y;VX%w@^R2Nq$Z(?*;q#Ht>3lsjn$i2 zjp|RhJg5`@9j3C}dIj>xcUN&~&L zHbO#3jY%uXm)y$=nd6%R2^bOp*0;>lr_SA$N$qiCDkS#?cg~Ke8}0~O;`M;pXhHU0 z^j;rDn2ouOrONVYF7FimX_l&>ggV>?d_ zKvX9LCF0>&fuD5y2Bt0xmU1s?c(uPtlTy9=wd{_~<2wD3ediL!<%3L@a~4Pyi?cPU zr2Y3qVfx^MEsu^OK_R8qac%_QT??azKVav0%J_YC3-}K~0i6}J1t+?wTE*g41SE6& zx&#D>ajwSQWJ4?oxTX4j!52ZEX{|Z^Wf;0@8aNJm#x&s0IsvA+03qhS0QhDX`7f`x zRym(=N=E6UG}%#aO~n^FC@;t?ksl>{--=2jQ)c_fCN=kdSJwCUPrxlkFE8J`Eicym z`EY>1W3Q=gq#GL`fNCJ`mC?I8w7_m4Bl#_MiG_T^>}1s$o6b>GHq9fk*mnVwJckd- zk5%`#yjIG2QFw%?P}1Wc5)YfRrC$c1qdV4% zSR+?kr+mUgNOl;DePlgK&pn=g|74$U2yY#jn)6#Im$!3Q=H3*}ve|`2#4KEJgzXa2 z(n0?N`Kejmf)D|8XAB{!!uh`BP%!$<9Gm`=qe@DxYsElr$*}1B>O35{m5wm0tokV0z5eLRM}uE|7A-BbfMtm zOl5MIGceZ1L|_tv5G>T$VDZ&u-A_?eMGa2R(R#;U4~snhzIVgHy$r#BL0JxY6oR)d zXLHueLKh+tzeU8zOt%T>+YqYV?8%jPsM7E`M_SR1is!`Vx=%8FXj87bzWKi$7rH>0 z1d_cs3S!*`L_dK{D`NYdAMMH3f(Qp|EmfLN%+#Y#5uRjO(uEk7I#fNu*mj(y>SDb< zSit3}vF#**QnRbTY+1#0h|KlUN_OLTh$#fkO^L*hO+S^gkN|KAoi$I$b(S>Ck=okr zgDx@&Xu|c4igV%JaRX0d;kSy;0bg|D@ER~V}tD|2$`UUeZRxf}KC-T34gV=mkjeTw3``Ss_c-tWoBw;~eAwD4?K0ygX yp;uCZ;!AO8 + + + + + + true" /> + + + @@ -196,6 +205,23 @@ + +
+ +
+
+
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/webauthnform.tpl b/lemonldap-ng-portal/site/templates/bootstrap/webauthnform.tpl new file mode 100644 index 0000000000..0620446329 --- /dev/null +++ b/lemonldap-ng-portal/site/templates/bootstrap/webauthnform.tpl @@ -0,0 +1,32 @@ +
+ +
+ common/modules/webauthn.png" alt="" class="img-thumbnail mb-3" /> +
+ + + " /> + " /> + + + + +
+ + Connect +
+ ?cancel=1&skin=" class="btn btn-secondary" role="button"> + + Cancel + + +
+ + +
+ +
+
-- GitLab From 362d1d37683bda7bb5000fbce3b51d26e3872f94 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 2 Feb 2024 10:18:14 +0100 Subject: [PATCH 04/15] Add Auth::WebAuthn to manager (#3035) --- .../lib/Lemonldap/NG/Common/Conf/DefaultValues.pm | 1 + .../lib/Lemonldap/NG/Common/Conf/ReConstants.pm | 1 + .../lib/Lemonldap/NG/Manager/Attributes.pm | 12 ++++++++++++ .../lib/Lemonldap/NG/Manager/Build/Attributes.pm | 7 +++++++ .../lib/Lemonldap/NG/Manager/Build/Tree.pm | 8 ++++++++ .../site/htdocs/static/languages/ar.json | 2 ++ .../site/htdocs/static/languages/en.json | 2 ++ .../site/htdocs/static/languages/es.json | 2 ++ .../site/htdocs/static/languages/fr.json | 2 ++ .../site/htdocs/static/languages/he.json | 2 ++ .../site/htdocs/static/languages/it.json | 2 ++ .../site/htdocs/static/languages/pl.json | 2 ++ .../site/htdocs/static/languages/pt.json | 2 ++ .../site/htdocs/static/languages/pt_BR.json | 2 ++ .../site/htdocs/static/languages/ru.json | 2 ++ .../site/htdocs/static/languages/tr.json | 2 ++ .../site/htdocs/static/languages/vi.json | 2 ++ .../site/htdocs/static/languages/zh.json | 2 ++ .../site/htdocs/static/languages/zh_TW.json | 2 ++ .../site/htdocs/static/reverseTree.json | 2 +- lemonldap-ng-manager/site/htdocs/static/struct.json | 2 +- 21 files changed, 59 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm index 231f40ceed..f55a00db9d 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm @@ -428,6 +428,7 @@ sub defaultValues { 'webauthn2fUserCanRemoveKey' => 1, 'webauthn2fUserVerification' => 'preferred', 'webauthnAppId' => 1, + 'webauthnAuthnLevel' => 3, 'webIDAuthnLevel' => 1, 'webIDExportedVars' => {}, 'whatToTrace' => 'uid', diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index 38d126cae0..c15580dae6 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -58,6 +58,7 @@ our $authParameters = { slaveParams => [qw(slaveAuthnLevel slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent slaveDisplayLogo slaveExportedVars)], sslParams => [qw(SSLAuthnLevel SSLVar SSLIssuerVar SSLVarIf sslByAjax sslHost)], twitterParams => [qw(twitterAuthnLevel twitterKey twitterSecret twitterAppName twitterUserField)], + webauthnParams => [qw(webauthnAuthnLevel)], webidParams => [qw(webIDAuthnLevel webIDExportedVars webIDWhitelist)], }; our $issuerParameters = { diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 943be58815..adf38f3c2e 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -425,6 +425,10 @@ sub attributes { 'k' => 'WebID', 'v' => 'WebID' }, + { + 'k' => 'WebAuthn', + 'v' => 'WebAuthn' + }, { 'k' => 'Custom', 'v' => 'customModule' @@ -596,6 +600,10 @@ sub attributes { 'k' => 'WebID', 'v' => 'WebID' }, + { + 'k' => 'WebAuthn', + 'v' => 'WebAuthn' + }, { 'k' => 'Demo', 'v' => 'Demonstration' @@ -5651,6 +5659,10 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- 'default' => 1, 'type' => 'bool' }, + 'webauthnAuthnLevel' => { + 'default' => 3, + 'type' => 'int' + }, 'webauthnDisplayNameAttr' => { 'type' => 'text' }, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 50cad654c1..46bf593d1f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -2621,6 +2621,11 @@ sub attributes { type => 'text', documentation => 'WebAuthn Relying Party display name', }, + webauthnAuthnLevel => { + type => 'int', + default => 3, + documentation => 'WebAuthn authentication level', + }, # Single session notifyDeleted => { @@ -3693,6 +3698,7 @@ sub attributes { { k => 'SSL', v => 'SSL' }, { k => 'Twitter', v => 'Twitter' }, { k => 'WebID', v => 'WebID' }, + { k => 'WebAuthn', v => 'WebAuthn' }, { k => 'Demo', v => 'Demonstration' }, { k => 'Choice', v => 'authChoice' }, { k => 'Combination', v => 'combineMods' }, @@ -4506,6 +4512,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: { k => 'SSL', v => 'SSL' }, { k => 'Twitter', v => 'Twitter' }, { k => 'WebID', v => 'WebID' }, + { k => 'WebAuthn', v => 'WebAuthn' }, { k => 'Custom', v => 'customModule' }, ], [ diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm index 6e106dd5a8..4c4bf2e7a2 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm @@ -252,6 +252,14 @@ sub tree { 'krbAllowedDomains', ] }, + { + title => 'webauthnParams', + form => 'simpleInputContainer', + help => 'authwebauthn.html', + nodes => [ + 'webauthnAuthnLevel', + ] + }, { title => 'ldapParams', help => 'authldap.html', diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index ecf69ea1fc..8b8c31ee65 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Allow user to remove WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"مستوى إثبات الهوية", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"معايير ويب أي دي", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index 3c47989b25..c9705f1756 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Allow user to remove WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Authentication level", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"WebID parameters", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/es.json b/lemonldap-ng-manager/site/htdocs/static/languages/es.json index e55fcfd6e9..6058ad6d39 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/es.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Allow user to remove WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Nivel de autentificación", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"WebID parameters", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index 74c7681ae4..ba7f1b6992 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Autoriser les utilisateurs à effacer leur WebAuthn", "webauthn2fUserVerification":"Vérification de l'utilisateur", "webauthnAppId":"Envoyer l'AppID U2F", +"webauthnAuthnLevel":"Niveau d'authentification", "webauthnDisplayNameAttr":"Attribut du nom d'affichage de l'utilisateur", +"webauthnParams":"Paramètres WebAuthn", "webauthnRpId":"Domaine de validité", "webauthnRpName":"Nom d'affichage du portail", "webidParams":"Paramètres WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/he.json b/lemonldap-ng-manager/site/htdocs/static/languages/he.json index 691e625d0d..0b5dd54709 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/he.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/he.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Allow user to remove WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"דרגת אימות", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"משתני WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index ad6ad25968..1fd236cbc7 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Livello di autenticazione", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"Parametri di WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json index b64c2522ba..353a11c77b 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć WebAuthn", "webauthn2fUserVerification":"Weryfikacja użytkownika", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Poziom uwierzytelnienia", "webauthnDisplayNameAttr":"Atrybut nazwy wyświetlanej użytkownika", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Wyświetlana nazwa strony uzależnionej", "webidParams":"Parametry WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pt.json b/lemonldap-ng-manager/site/htdocs/static/languages/pt.json index e315c3d983..733bfe2c9b 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pt.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pt.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Permitir que usuário remova o WebAuthn", "webauthn2fUserVerification":"Verificação de usuário", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Nível de autenticação", "webauthnDisplayNameAttr":"Atributo do Nome de Exibição do usuário", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Nome de exibição do Relying Party", "webidParams":"Parâmetros WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json b/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json index a15b3845fd..a44f23e55d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Permitir que usuário remova o WebAuthn", "webauthn2fUserVerification":"Verificação de usuário", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Nível de autenticação", "webauthnDisplayNameAttr":"Atributo do Nome de Exibição do usuário", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Nome de exibição do Relying Party", "webidParams":"Parâmetros WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ru.json b/lemonldap-ng-manager/site/htdocs/static/languages/ru.json index 2097473bc8..2a91406b60 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ru.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ru.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Разрешить пользователю удалять WebAuthn", "webauthn2fUserVerification":"Подтверждение пользователя", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Уровень аутентификации", "webauthnDisplayNameAttr":"Атрибут отображаемого имени пользователя", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Отображаемое имя проверяющей стороны", "webidParams":"Параметры WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json index a851f6b86e..87e82eb494 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"WebAuthn'i kaldırmak için kullanıcıya izin ver", "webauthn2fUserVerification":"Kullanıcı doğrulama", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Doğrulama seviyesi", "webauthnDisplayNameAttr":"Kullanıcı Görüntülenen İsim niteliği", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Bağlı Partinin görünen adı", "webidParams":"WebID parametreleri", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 971247e70e..8a226485c2 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"Cho phép người dùng xóa WebAuthn", "webauthn2fUserVerification":"xác minh người dùng", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"Mức xác thực", "webauthnDisplayNameAttr":"Thuộc tính Tên hiển thị của người dùng", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Tên hiển thị của Relying Party", "webidParams":"Tham số WebID", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index aba3df7047..653364baa0 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"允許使用者移除 WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"驗證等級", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"WebID 參數", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json index 6509d09ff9..e94f265541 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json @@ -1379,7 +1379,9 @@ "webauthn2fUserCanRemoveKey":"允許使用者移除 WebAuthn", "webauthn2fUserVerification":"User verification", "webauthnAppId":"Send U2F AppID", +"webauthnAuthnLevel":"驗證等級", "webauthnDisplayNameAttr":"User Display Name attribute", +"webauthnParams":"WebAuthn parameters", "webauthnRpId":"Relying Party ID", "webauthnRpName":"Relying Party display name", "webidParams":"WebID 參數", diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json index 8cf3384df2..ef293e6f2c 100644 --- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json +++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json @@ -1 +1 @@ -{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLIssuerVar":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceFindUser":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins","avoidAssignment":"generalParameters/advancedParams/security","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxAge":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxLockTime":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha":"generalParameters/portalParams/portalCaptcha/captchaCustom","captchaOptions":"generalParameters/portalParams/portalCaptcha/captchaCustom","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casBackChannelSingleLogout":"casServiceMetadata","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","casStrictMatching":"casServiceMetadata","casTicketExpiration":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkDevOps":"generalParameters/plugins/devOpsCheck","checkDevOpsCheckSessionAttributes":"generalParameters/plugins/devOpsCheck","checkDevOpsDisplayNormalizedHeaders":"generalParameters/plugins/devOpsCheck","checkDevOpsDownload":"generalParameters/plugins/devOpsCheck","checkEntropy":"generalParameters/advancedParams/security/Entropycheck","checkEntropyRequired":"generalParameters/advancedParams/security/Entropycheck","checkEntropyRequiredLevel":"generalParameters/advancedParams/security/Entropycheck","checkHIBP":"generalParameters/advancedParams/security/HIBPcheck","checkHIBPRequired":"generalParameters/advancedParams/security/HIBPcheck","checkHIBPURL":"generalParameters/advancedParams/security/HIBPcheck","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHiddenAttributes":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHistory":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayNormalizedHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserHiddenHeaders":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/advancedParams/eventsManagement","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","crowdsec":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecAction":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecIgnoreFailures":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecKey":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecUrl":"generalParameters/advancedParams/security/CrowdSecPlugin","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","displaySessionId":"generalParameters/sessionParams","domain":"generalParameters/cookieParams","eventQueueName":"generalParameters/advancedParams/eventsManagement","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","ext2fResendInterval":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","findUser":"generalParameters/plugins/findUsers","findUserControl":"generalParameters/plugins/findUsers","findUserExcludingAttributes":"generalParameters/plugins/findUsers","findUserSearchingAttributes":"generalParameters/plugins/findUsers","findUserWildcard":"generalParameters/plugins/findUsers","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groupLDAPFilter":"generalParameters/authParams/ldapParams/ldapGroups","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hashedSessionStore":"generalParameters/advancedParams/security","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","initializePasswordReset":"generalParameters/plugins/initializePasswordResetLabel","initializePasswordResetSecret":"generalParameters/plugins/initializePasswordResetLabel","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBJitsiMeetTokensActivation":"generalParameters/issuerParams/issuerDBJitsiMeetTokens","issuerDBJitsiMeetTokensPath":"generalParameters/issuerParams/issuerDBJitsiMeetTokens","issuerDBJitsiMeetTokensRule":"generalParameters/issuerParams/issuerDBJitsiMeetTokens","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jitsiAppId":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiAppSecret":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiDefaultServer":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiExpiration":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiIdAttribute":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions/jitsiAttributes","jitsiMailAttribute":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions/jitsiAttributes","jitsiNameAttribute":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions/jitsiAttributes","jitsiSigningAlg":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAllowedDomains":"generalParameters/authParams/kerberosParams","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGetUserBeforePasswordChange":"generalParameters/authParams/ldapParams/ldapPassword","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapIOTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","locationDetect":"generalParameters/plugins/locationDetectPlugin","locationDetectGeoIpDatabase":"generalParameters/plugins/locationDetectPlugin","locationDetectGeoIpLanguages":"generalParameters/plugins/locationDetectPlugin","locationDetectIpDetail":"generalParameters/plugins/locationDetectPlugin","locationDetectUaDetail":"generalParameters/plugins/locationDetectPlugin","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fResendInterval":"generalParameters/secondFactors/mail2f","mail2fSessionKey":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","messageBroker":"generalParameters/advancedParams/eventsManagement","messageBrokerOptions":"generalParameters/advancedParams/eventsManagement","multiValuesSeparator":"generalParameters/advancedParams","newLocationWarning":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationDisplayAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailBody":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailSubject":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMaxValues":"generalParameters/advancedParams/security/newLocationWarnings","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcDropCspHeaders":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowOnlyDeclaredScopes":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceEncAlgorithmAlg":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceEncAlgorithmEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceHideMetadata":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceIgnoreScopeForClaims":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceKeyTypeEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceKeyTypeSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceNewKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceNewKeyTypeSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceNewPrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceNewPublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceOldKeyIdEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOldKeyTypeEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldKeyTypeSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOldPrivateKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldPrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOldPublicKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldPublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServicePrivateKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServicePublicKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","okta2fActivation":"generalParameters/secondFactors/okta2f","okta2fAdminURL":"generalParameters/secondFactors/okta2f","okta2fApiKey":"generalParameters/secondFactors/okta2f","okta2fAuthnLevel":"generalParameters/secondFactors/okta2f","okta2fLabel":"generalParameters/secondFactors/okta2f","okta2fLoginAttribute":"generalParameters/secondFactors/okta2f","okta2fLogo":"generalParameters/secondFactors/okta2f","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","password2fActivation":"generalParameters/secondFactors/password2f","password2fAuthnLevel":"generalParameters/secondFactors/password2f","password2fLabel":"generalParameters/secondFactors/password2f","password2fLogo":"generalParameters/secondFactors/password2f","password2fSelfRegistration":"generalParameters/secondFactors/password2f","password2fTTL":"generalParameters/secondFactors/password2f","password2fUserCanRemoveKey":"generalParameters/secondFactors/password2f","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMaxSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/plugins/passwordManagement/mailOther","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalCustomJs":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOrder":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalEnablePasswordDisplay":"generalParameters/portalParams/portalCustomization/passwordManagement","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalFavicon":"generalParameters/portalParams/portalCustomization","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceParam":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceValue":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceImpersonation":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxyCookieName":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxySessionService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fDictionaryFile":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fRequestAttributes":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fSendInitialRequest":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusDictionaryFile":"generalParameters/authParams/radiusParams","radiusExportedVars":"generalParameters/authParams/radiusParams","radiusRequestAttributes":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","radiusTimeout":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmBody":"generalParameters/plugins/register/mailContent","registerConfirmSubject":"generalParameters/plugins/register/mailContent","registerDB":"generalParameters/authParams","registerDoneBody":"generalParameters/plugins/register/mailContent","registerDoneSubject":"generalParameters/plugins/register/mailContent","registerTimeout":"generalParameters/plugins/register/mailOther","registerUrl":"generalParameters/plugins/register/mailOther","reloadTimeout":"generalParameters/advancedParams/eventsManagement","reloadUrls":"generalParameters/advancedParams/eventsManagement","rememberAuthChoiceRule":"generalParameters/plugins/rememberAuthChoice","rememberCookieName":"generalParameters/plugins/rememberAuthChoice","rememberCookieTimeout":"generalParameters/plugins/rememberAuthChoice","rememberDefaultChecked":"generalParameters/plugins/rememberAuthChoice","rememberTimer":"generalParameters/plugins/rememberAuthChoice","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fCodeActivation":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fResendInterval":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers/restServices","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers/restServices","restConfigServer":"generalParameters/plugins/portalServers/restServices","restExportSecretKeys":"generalParameters/plugins/portalServers/restServices","restFindUserDBUrl":"generalParameters/plugins/findUsers","restPasswordServer":"generalParameters/plugins/portalServers/restServices","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers/restServices","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlFederationFiles":"samlServiceMetaData/samlAdvanced/samlFederation","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","scrollTop":"generalParameters/portalParams/portalCustomization","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfLoginTimeout":"generalParameters/secondFactors/sfOptions","sfManagerRule":"generalParameters/secondFactors/sfOptions","sfOnlyUpgrade":"generalParameters/secondFactors/sfOptions","sfRegisterTimeout":"generalParameters/secondFactors/sfOptions","sfRemovedMsgRule":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRequired":"generalParameters/secondFactors/sfOptions","sfRetries":"generalParameters/secondFactors/sfOptions","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers/soapServices","soapSessionServer":"generalParameters/plugins/portalServers/soapServices","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins/stayConnect","stayConnectedBypassFG":"generalParameters/plugins/stayConnect","stayConnectedCookieName":"generalParameters/plugins/stayConnect","stayConnectedSingleSession":"generalParameters/plugins/stayConnect","stayConnectedTimeout":"generalParameters/plugins/stayConnect","storePassword":"generalParameters/sessionParams","storePasswordEncrypted":"generalParameters/sessionParams","strictTransportSecurityMax_Age":"generalParameters/advancedParams/security","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fEncryptSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedBrowserRule":"generalParameters/plugins/stayConnect","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","webauthn2fActivation":"generalParameters/secondFactors/webauthn2f","webauthn2fAttestation":"generalParameters/secondFactors/webauthn2f","webauthn2fAttestationTrust":"generalParameters/secondFactors/webauthn2f","webauthn2fAuthnLevel":"generalParameters/secondFactors/webauthn2f","webauthn2fLabel":"generalParameters/secondFactors/webauthn2f","webauthn2fLogo":"generalParameters/secondFactors/webauthn2f","webauthn2fResidentKey":"generalParameters/secondFactors/webauthn2f","webauthn2fSelfRegistration":"generalParameters/secondFactors/webauthn2f","webauthn2fUserCanRemoveKey":"generalParameters/secondFactors/webauthn2f","webauthn2fUserVerification":"generalParameters/secondFactors/webauthn2f","webauthnAppId":"generalParameters/secondFactors/webauthn2f","webauthnDisplayNameAttr":"generalParameters/secondFactors/webauthn2f","webauthnRpId":"generalParameters/secondFactors/webauthn2f","webauthnRpName":"generalParameters/secondFactors/webauthn2f","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers/soapServices","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"} \ No newline at end of file +{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLIssuerVar":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceFindUser":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins","avoidAssignment":"generalParameters/advancedParams/security","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxAge":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxLockTime":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha":"generalParameters/portalParams/portalCaptcha/captchaCustom","captchaOptions":"generalParameters/portalParams/portalCaptcha/captchaCustom","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casBackChannelSingleLogout":"casServiceMetadata","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","casStrictMatching":"casServiceMetadata","casTicketExpiration":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/mailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkDevOps":"generalParameters/plugins/devOpsCheck","checkDevOpsCheckSessionAttributes":"generalParameters/plugins/devOpsCheck","checkDevOpsDisplayNormalizedHeaders":"generalParameters/plugins/devOpsCheck","checkDevOpsDownload":"generalParameters/plugins/devOpsCheck","checkEntropy":"generalParameters/advancedParams/security/Entropycheck","checkEntropyRequired":"generalParameters/advancedParams/security/Entropycheck","checkEntropyRequiredLevel":"generalParameters/advancedParams/security/Entropycheck","checkHIBP":"generalParameters/advancedParams/security/HIBPcheck","checkHIBPRequired":"generalParameters/advancedParams/security/HIBPcheck","checkHIBPURL":"generalParameters/advancedParams/security/HIBPcheck","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHiddenAttributes":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayHistory":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayNormalizedHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserHiddenHeaders":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/advancedParams/eventsManagement","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","crowdsec":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecAction":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecIgnoreFailures":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecKey":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecUrl":"generalParameters/advancedParams/security/CrowdSecPlugin","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","displaySessionId":"generalParameters/sessionParams","domain":"generalParameters/cookieParams","eventQueueName":"generalParameters/advancedParams/eventsManagement","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","ext2fResendInterval":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","findUser":"generalParameters/plugins/findUsers","findUserControl":"generalParameters/plugins/findUsers","findUserExcludingAttributes":"generalParameters/plugins/findUsers","findUserSearchingAttributes":"generalParameters/plugins/findUsers","findUserWildcard":"generalParameters/plugins/findUsers","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groupLDAPFilter":"generalParameters/authParams/ldapParams/ldapGroups","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hashedSessionStore":"generalParameters/advancedParams/security","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","initializePasswordReset":"generalParameters/plugins/initializePasswordResetLabel","initializePasswordResetSecret":"generalParameters/plugins/initializePasswordResetLabel","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBJitsiMeetTokensActivation":"generalParameters/issuerParams/issuerDBJitsiMeetTokens","issuerDBJitsiMeetTokensPath":"generalParameters/issuerParams/issuerDBJitsiMeetTokens","issuerDBJitsiMeetTokensRule":"generalParameters/issuerParams/issuerDBJitsiMeetTokens","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jitsiAppId":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiAppSecret":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiDefaultServer":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiExpiration":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jitsiIdAttribute":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions/jitsiAttributes","jitsiMailAttribute":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions/jitsiAttributes","jitsiNameAttribute":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions/jitsiAttributes","jitsiSigningAlg":"generalParameters/issuerParams/issuerDBJitsiMeetTokens/jitsiOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAllowedDomains":"generalParameters/authParams/kerberosParams","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGetUserBeforePasswordChange":"generalParameters/authParams/ldapParams/ldapPassword","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapIOTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","locationDetect":"generalParameters/plugins/locationDetectPlugin","locationDetectGeoIpDatabase":"generalParameters/plugins/locationDetectPlugin","locationDetectGeoIpLanguages":"generalParameters/plugins/locationDetectPlugin","locationDetectIpDetail":"generalParameters/plugins/locationDetectPlugin","locationDetectUaDetail":"generalParameters/plugins/locationDetectPlugin","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fResendInterval":"generalParameters/secondFactors/mail2f","mail2fSessionKey":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","messageBroker":"generalParameters/advancedParams/eventsManagement","messageBrokerOptions":"generalParameters/advancedParams/eventsManagement","multiValuesSeparator":"generalParameters/advancedParams","newLocationWarning":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningLocationDisplayAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailAttribute":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailBody":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMailSubject":"generalParameters/advancedParams/security/newLocationWarnings","newLocationWarningMaxValues":"generalParameters/advancedParams/security/newLocationWarnings","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcDropCspHeaders":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowOnlyDeclaredScopes":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData/oidcServiceDynamicRegistration","oidcServiceEncAlgorithmAlg":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceEncAlgorithmEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceHideMetadata":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceIgnoreScopeForClaims":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceKeyTypeEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceKeyTypeSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceNewKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceNewKeyTypeSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceNewPrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceNewPublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataTimeouts","oidcServiceOldKeyIdEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOldKeyTypeEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldKeyTypeSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOldPrivateKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldPrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServiceOldPublicKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServiceOldPublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServicePrivateKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcServicePublicKeyEnc":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataEncKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys/oidcServiceMetaDataSigKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","okta2fActivation":"generalParameters/secondFactors/okta2f","okta2fAdminURL":"generalParameters/secondFactors/okta2f","okta2fApiKey":"generalParameters/secondFactors/okta2f","okta2fAuthnLevel":"generalParameters/secondFactors/okta2f","okta2fLabel":"generalParameters/secondFactors/okta2f","okta2fLoginAttribute":"generalParameters/secondFactors/okta2f","okta2fLogo":"generalParameters/secondFactors/okta2f","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","password2fActivation":"generalParameters/secondFactors/password2f","password2fAuthnLevel":"generalParameters/secondFactors/password2f","password2fLabel":"generalParameters/secondFactors/password2f","password2fLogo":"generalParameters/secondFactors/password2f","password2fSelfRegistration":"generalParameters/secondFactors/password2f","password2fTTL":"generalParameters/secondFactors/password2f","password2fUserCanRemoveKey":"generalParameters/secondFactors/password2f","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMaxSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/plugins/passwordManagement/mailOther","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalCustomJs":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOrder":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalEnablePasswordDisplay":"generalParameters/portalParams/portalCustomization/passwordManagement","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalFavicon":"generalParameters/portalParams/portalCustomization","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceParam":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceChoiceValue":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthServiceImpersonation":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxyCookieName":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxySessionService":"generalParameters/authParams/proxyParams/proxyInternalPortal","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fDictionaryFile":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fRequestAttributes":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fSendInitialRequest":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusDictionaryFile":"generalParameters/authParams/radiusParams","radiusExportedVars":"generalParameters/authParams/radiusParams","radiusRequestAttributes":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","radiusTimeout":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmBody":"generalParameters/plugins/register/mailContent","registerConfirmSubject":"generalParameters/plugins/register/mailContent","registerDB":"generalParameters/authParams","registerDoneBody":"generalParameters/plugins/register/mailContent","registerDoneSubject":"generalParameters/plugins/register/mailContent","registerTimeout":"generalParameters/plugins/register/mailOther","registerUrl":"generalParameters/plugins/register/mailOther","reloadTimeout":"generalParameters/advancedParams/eventsManagement","reloadUrls":"generalParameters/advancedParams/eventsManagement","rememberAuthChoiceRule":"generalParameters/plugins/rememberAuthChoice","rememberCookieName":"generalParameters/plugins/rememberAuthChoice","rememberCookieTimeout":"generalParameters/plugins/rememberAuthChoice","rememberDefaultChecked":"generalParameters/plugins/rememberAuthChoice","rememberTimer":"generalParameters/plugins/rememberAuthChoice","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fCodeActivation":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fResendInterval":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers/restServices","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers/restServices","restConfigServer":"generalParameters/plugins/portalServers/restServices","restExportSecretKeys":"generalParameters/plugins/portalServers/restServices","restFindUserDBUrl":"generalParameters/plugins/findUsers","restPasswordServer":"generalParameters/plugins/portalServers/restServices","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers/restServices","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlFederationFiles":"samlServiceMetaData/samlAdvanced/samlFederation","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","scrollTop":"generalParameters/portalParams/portalCustomization","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfLoginTimeout":"generalParameters/secondFactors/sfOptions","sfManagerRule":"generalParameters/secondFactors/sfOptions","sfOnlyUpgrade":"generalParameters/secondFactors/sfOptions","sfRegisterTimeout":"generalParameters/secondFactors/sfOptions","sfRemovedMsgRule":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfOptions/sfRemovedNotification","sfRequired":"generalParameters/secondFactors/sfOptions","sfRetries":"generalParameters/secondFactors/sfOptions","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers/soapServices","soapSessionServer":"generalParameters/plugins/portalServers/soapServices","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins/stayConnect","stayConnectedBypassFG":"generalParameters/plugins/stayConnect","stayConnectedCookieName":"generalParameters/plugins/stayConnect","stayConnectedSingleSession":"generalParameters/plugins/stayConnect","stayConnectedTimeout":"generalParameters/plugins/stayConnect","storePassword":"generalParameters/sessionParams","storePasswordEncrypted":"generalParameters/sessionParams","strictTransportSecurityMax_Age":"generalParameters/advancedParams/security","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fEncryptSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedBrowserRule":"generalParameters/plugins/stayConnect","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","webauthn2fActivation":"generalParameters/secondFactors/webauthn2f","webauthn2fAttestation":"generalParameters/secondFactors/webauthn2f","webauthn2fAttestationTrust":"generalParameters/secondFactors/webauthn2f","webauthn2fAuthnLevel":"generalParameters/secondFactors/webauthn2f","webauthn2fLabel":"generalParameters/secondFactors/webauthn2f","webauthn2fLogo":"generalParameters/secondFactors/webauthn2f","webauthn2fResidentKey":"generalParameters/secondFactors/webauthn2f","webauthn2fSelfRegistration":"generalParameters/secondFactors/webauthn2f","webauthn2fUserCanRemoveKey":"generalParameters/secondFactors/webauthn2f","webauthn2fUserVerification":"generalParameters/secondFactors/webauthn2f","webauthnAppId":"generalParameters/secondFactors/webauthn2f","webauthnAuthnLevel":"generalParameters/authParams/webauthnParams","webauthnDisplayNameAttr":"generalParameters/secondFactors/webauthn2f","webauthnRpId":"generalParameters/secondFactors/webauthn2f","webauthnRpName":"generalParameters/secondFactors/webauthn2f","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers/soapServices","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json index 0bdad03e7b..76600e5353 100644 --- a/lemonldap-ng-manager/site/htdocs/static/struct.json +++ b/lemonldap-ng-manager/site/htdocs/static/struct.json @@ -1 +1 @@ -[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"Appslist ChangePassword LoginHistory OidcConsents Logout","id":"portalDisplayOrder","title":"portalDisplayOrder"}],"help":"portalmenu.html#menu-modules","id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":"common/favicon.ico","id":"portalFavicon","title":"portalFavicon"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":400,"id":"scrollTop","title":"scrollTop","type":"int"},{"id":"portalCustomCss","title":"portalCustomCss"},{"id":"portalCustomJs","title":"portalCustomJs"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"portalEnablePasswordDisplay","title":"portalEnablePasswordDisplay","type":"bool"},{"default":1,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMaxSize","title":"passwordPolicyMaxSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"boolOrExpr"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"boolOrExpr"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"boolOrExpr"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"},{"_nodes":[{"id":"captcha","title":"captcha"},{"cnodes":"captchaOptions","id":"captchaOptions","title":"captchaOptions","type":"keyTextContainer"}],"help":"captcha.html#configuration","id":"captchaCustom","title":"captchaCustom"}],"help":"captcha.html#configuration","id":"portalCaptcha","title":"portalCaptcha"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Combination","v":"combineMods"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"},{"id":"authChoiceFindUser","title":"authChoiceFindUser"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"},{"id":"krbAllowedDomains","title":"krbAllowedDomains"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"intOrNull"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":10,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":10,"id":"ldapIOTimeout","title":"ldapIOTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"id":"groupLDAPFilter","title":"groupLDAPFilter"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapGetUserBeforePasswordChange","title":"ldapGetUserBeforePasswordChange","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"WebAuthn","v":"WebAuthn"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"default":"lmAuth","id":"proxyAuthServiceChoiceParam","title":"proxyAuthServiceChoiceParam"},{"id":"proxyAuthServiceChoiceValue","title":"proxyAuthServiceChoiceValue"},{"id":"proxyCookieName","title":"proxyCookieName"},{"default":0,"id":"proxyAuthServiceImpersonation","title":"proxyAuthServiceImpersonation","type":"bool"}],"id":"proxyInternalPortal","title":"proxyInternalPortal","type":"simpleInputContainer"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"},{"id":"radiusTimeout","title":"radiusTimeout","type":"intOrNull"},{"cnodes":"radiusExportedVars","default":[],"id":"radiusExportedVars","title":"radiusExportedVars","type":"keyTextContainer"},{"id":"radiusDictionaryFile","title":"radiusDictionaryFile"},{"cnodes":"radiusRequestAttributes","default":[],"id":"radiusRequestAttributes","title":"radiusRequestAttributes","type":"keyTextContainer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"default":"SSL_CLIENT_I_DN","id":"SSLIssuerVar","title":"SSLIssuerVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":0,"id":"issuerDBJitsiMeetTokensActivation","title":"issuerDBJitsiMeetTokensActivation","type":"bool"},{"default":"^/jitsi/","id":"issuerDBJitsiMeetTokensPath","title":"issuerDBJitsiMeetTokensPath"},{"default":1,"id":"issuerDBJitsiMeetTokensRule","title":"issuerDBJitsiMeetTokensRule","type":"boolOrExpr"},{"_nodes":[{"id":"jitsiDefaultServer","title":"jitsiDefaultServer"},{"id":"jitsiAppId","title":"jitsiAppId"},{"id":"jitsiAppSecret","title":"jitsiAppSecret"},{"default":"RS256","id":"jitsiSigningAlg","select":[{"k":"HS256","v":"HS256"},{"k":"HS384","v":"HS384"},{"k":"HS512","v":"HS512"},{"k":"RS256","v":"RS256"},{"k":"RS384","v":"RS384"},{"k":"RS512","v":"RS512"},{"k":"PS256","v":"PS256"},{"k":"PS384","v":"PS384"},{"k":"PS512","v":"PS512"},{"k":"ES256","v":"ES256"},{"k":"ES384","v":"ES384"},{"k":"ES512","v":"ES512"},{"k":"EdDSA","v":"EdDSA"}],"title":"jitsiSigningAlg","type":"select"},{"default":"300","id":"jitsiExpiration","title":"jitsiExpiration","type":"int"},{"_nodes":[{"id":"jitsiIdAttribute","title":"jitsiIdAttribute"},{"id":"jitsiNameAttribute","title":"jitsiNameAttribute"},{"id":"jitsiMailAttribute","title":"jitsiMailAttribute"}],"id":"jitsiAttributes","title":"jitsiAttributes","type":"simpleInputContainer"}],"id":"jitsiOptions","title":"jitsiOptions"}],"help":"idpjitsimeettokens.html","id":"issuerDBJitsiMeetTokens","title":"issuerDBJitsiMeetTokens"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"},{"id":"cookieExpiration","title":"cookieExpiration","type":"intOrNull"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":0,"id":"storePasswordEncrypted","title":"storePasswordEncrypted","type":"bool"},{"default":1,"id":"displaySessionId","title":"displaySessionId","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"help":"refreshsessionapi.html","id":"refreshSessions","title":"refreshSessions","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"id":"exportedAttr","title":"exportedAttr"},{"_nodes":[{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"}],"help":"portalservers.html#REST","id":"restServices","title":"restServices","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"}],"help":"portalservers.html#SOAP_(deprecated)","id":"soapServices","title":"soapServices","type":"simpleInputContainer"}],"help":"portalservers.html","id":"portalServers","title":"portalServers"},{"_nodes":[{"_nodes":[{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerConfirmBody","title":"registerConfirmBody","type":"longtext"},{"id":"registerDoneSubject","title":"registerDoneSubject"},{"id":"registerDoneBody","title":"registerDoneBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"register.html","id":"register","title":"register"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetcertificate.html","id":"certificateResetByMailManagement","title":"certificateResetByMailManagement"},{"cnodes":"adaptativeAuthenticationLevelRules","help":"adaptativeauthenticationlevel.html","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"cnodes":"autoSigninRules","help":"autosignin.html","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"trustedBrowserRule","title":"trustedBrowserRule","type":"boolOrExpr"},{"default":0,"id":"stayConnected","title":"stayConnected","type":"boolOrExpr"},{"default":0,"id":"stayConnectedBypassFG","title":"stayConnectedBypassFG","type":"bool"},{"default":2592000,"id":"stayConnectedTimeout","title":"stayConnectedTimeout","type":"int"},{"default":"llngconnection","id":"stayConnectedCookieName","title":"stayConnectedCookieName"},{"default":0,"id":"stayConnectedSingleSession","title":"stayConnectedSingleSession","type":"bool"}],"help":"trustedbrowser.html","id":"stayConnect","title":"stayConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rememberAuthChoiceRule","title":"rememberAuthChoiceRule","type":"boolOrExpr"},{"default":"llngrememberauthchoice","id":"rememberCookieName","title":"rememberCookieName"},{"default":31536000,"id":"rememberCookieTimeout","title":"rememberCookieTimeout","type":"int"},{"default":0,"id":"rememberDefaultChecked","title":"rememberDefaultChecked","type":"bool"},{"default":5,"id":"rememberTimer","title":"rememberTimer","type":"int"}],"help":"rememberauthchoice.html","id":"rememberAuthChoice","title":"rememberAuthChoice","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"locationDetect","title":"locationDetect","type":"bool"},{"id":"locationDetectGeoIpDatabase","title":"locationDetectGeoIpDatabase"},{"default":"en, fr","id":"locationDetectGeoIpLanguages","title":"locationDetectGeoIpLanguages"},{"id":"locationDetectIpDetail","title":"locationDetectIpDetail"},{"id":"locationDetectUaDetail","title":"locationDetectUaDetail"}],"help":"locationdetect.html","id":"locationDetectPlugin","title":"locationDetectPlugin","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":"_loginHistory, _session_id, hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"cnodes":"checkUserHiddenHeaders","id":"checkUserHiddenHeaders","title":"checkUserHiddenHeaders","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayNormalizedHeaders","title":"checkUserDisplayNormalizedHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHiddenAttributes","title":"checkUserDisplayHiddenAttributes","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHistory","title":"checkUserDisplayHistory","type":"boolOrExpr"}],"help":"checkuser.html#configuration","id":"checkUserDisplay","title":"checkUserDisplay","type":"simpleInputContainer"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers"},{"_nodes":[{"default":0,"id":"checkDevOps","title":"checkDevOps","type":"bool"},{"default":1,"id":"checkDevOpsDownload","title":"checkDevOpsDownload","type":"bool"},{"default":1,"id":"checkDevOpsDisplayNormalizedHeaders","title":"checkDevOpsDisplayNormalizedHeaders","type":"bool"},{"default":1,"id":"checkDevOpsCheckSessionAttributes","title":"checkDevOpsCheckSessionAttributes","type":"bool"}],"help":"checkdevops.html","id":"devOpsCheck","title":"devOpsCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices, _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"findUser","title":"findUser","type":"bool"},{"default":"*","id":"findUserWildcard","title":"findUserWildcard"},{"default":"^[*\\w]+$","id":"findUserControl","title":"findUserControl"},{"id":"restFindUserDBUrl","title":"restFindUserDBUrl"},{"cnodes":"findUserSearchingAttributes","id":"findUserSearchingAttributes","title":"findUserSearchingAttributes","type":"keyTextContainer"},{"cnodes":"findUserExcludingAttributes","id":"findUserExcludingAttributes","title":"findUserExcludingAttributes","type":"keyTextContainer"}],"help":"finduser.html","id":"findUsers","title":"findUsers"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"initializePasswordReset","title":"initializePasswordReset","type":"bool"},{"id":"initializePasswordResetSecret","title":"initializePasswordResetSecret","type":"password"}],"help":"initializePasswordReset.html","id":"initializePasswordResetLabel","title":"initializePasswordResetLabel","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"id":"sfLoginTimeout","title":"sfLoginTimeout","type":"intOrNull"},{"id":"sfRegisterTimeout","title":"sfRegisterTimeout","type":"intOrNull"},{"id":"sfRetries","title":"sfRetries","type":"intOrNull"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"sfOptions","title":"sfOptions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fEncryptSecret","title":"totp2fEncryptSecret","type":"bool"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"intOrNull"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"},{"id":"totp2fTTL","title":"totp2fTTL","type":"intOrNull"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"webauthn2fActivation","title":"webauthn2fActivation","type":"boolOrExpr"},{"default":0,"id":"webauthn2fSelfRegistration","title":"webauthn2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"webauthn2fUserCanRemoveKey","title":"webauthn2fUserCanRemoveKey","type":"bool"},{"default":"preferred","id":"webauthn2fUserVerification","select":[{"k":"discouraged","v":"Discouraged"},{"k":"preferred","v":"Preferred"},{"k":"required","v":"Required"}],"title":"webauthn2fUserVerification","type":"select"},{"id":"webauthn2fResidentKey","select":[{"k":"","v":""},{"k":"discouraged","v":"Discouraged"},{"k":"preferred","v":"Preferred"},{"k":"required","v":"Required"}],"title":"webauthn2fResidentKey","type":"select"},{"default":"none","id":"webauthn2fAttestation","select":[{"k":"none","v":"None"},{"k":"direct","v":"Direct"},{"k":"indirect","v":"Indirect"},{"k":"enterprise","v":"Enterprise"}],"title":"webauthn2fAttestation","type":"select"},{"id":"webauthn2fAttestationTrust","title":"webauthn2fAttestationTrust","type":"file"},{"id":"webauthnRpName","title":"webauthnRpName"},{"id":"webauthnRpId","title":"webauthnRpId"},{"default":1,"id":"webauthnAppId","title":"webauthnAppId","type":"bool"},{"id":"webauthnDisplayNameAttr","title":"webauthnDisplayNameAttr"},{"id":"webauthn2fAuthnLevel","title":"webauthn2fAuthnLevel","type":"intOrNull"},{"id":"webauthn2fLabel","title":"webauthn2fLabel"},{"id":"webauthn2fLogo","title":"webauthn2fLogo"}],"help":"webauthn2f.html","id":"webauthn2f","title":"webauthn2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"intOrNull"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"intOrNull"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"password2fActivation","title":"password2fActivation","type":"boolOrExpr"},{"default":0,"id":"password2fSelfRegistration","title":"password2fSelfRegistration","type":"boolOrExpr"},{"id":"password2fAuthnLevel","title":"password2fAuthnLevel","type":"intOrNull"},{"id":"password2fLabel","title":"password2fLabel"},{"id":"password2fLogo","title":"password2fLogo"},{"default":1,"id":"password2fUserCanRemoveKey","title":"password2fUserCanRemoveKey","type":"bool"},{"id":"password2fTTL","title":"password2fTTL","type":"intOrNull"}],"help":"password2f.html","id":"password2f","title":"password2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"intOrNull"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fSessionKey","title":"mail2fSessionKey"},{"id":"mail2fResendInterval","title":"mail2fResendInterval"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"intOrNull"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fResendInterval","title":"ext2fResendInterval"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"intOrNull"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"okta2fActivation","title":"okta2fActivation","type":"boolOrExpr"},{"id":"okta2fAdminURL","title":"okta2fAdminURL"},{"id":"okta2fApiKey","title":"okta2fApiKey"},{"id":"okta2fLoginAttribute","title":"okta2fLoginAttribute"},{"id":"okta2fAuthnLevel","title":"okta2fAuthnLevel","type":"intOrNull"},{"id":"okta2fLabel","title":"okta2fLabel"},{"id":"okta2fLogo","title":"okta2fLogo"}],"help":"okta2f.html","id":"okta2f","title":"okta2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fDictionaryFile","title":"radius2fDictionaryFile"},{"cnodes":"radius2fRequestAttributes","default":[],"id":"radius2fRequestAttributes","title":"radius2fRequestAttributes","type":"keyTextContainer"},{"default":0,"id":"radius2fSendInitialRequest","title":"radius2fSendInitialRequest","type":"bool"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"intOrNull"},{"id":"radius2fLabel","title":"radius2fLabel"},{"id":"radius2fLogo","title":"radius2fLogo"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fCodeActivation","title":"rest2fCodeActivation"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fResendInterval","title":"rest2fResendInterval"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"intOrNull"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f","type":"simpleInputContainer"},{"cnodes":"sfExtra","help":"sfextra.html","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":0,"help":"safejail.html","id":"avoidAssignment","title":"avoidAssignment","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"id":"strictTransportSecurityMax_Age","title":"strictTransportSecurityMax_Age"},{"default":0,"id":"hashedSessionStore","title":"hashedSessionStore","type":"bool"},{"_nodes":[{"id":"crowdsec","title":"crowdsec","type":"bool"},{"default":"reject","id":"crowdsecAction","select":[{"k":"reject","v":"Reject"},{"k":"warn","v":"Warn"}],"title":"crowdsecAction","type":"select"},{"id":"crowdsecUrl","title":"crowdsecUrl"},{"id":"crowdsecKey","title":"crowdsecKey"},{"id":"crowdsecIgnoreFailures","title":"crowdsecIgnoreFailures","type":"bool"}],"help":"crowdsec.html","id":"CrowdSecPlugin","title":"CrowdSecPlugin","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkHIBP","title":"checkHIBP","type":"bool"},{"default":"https://api.pwnedpasswords.com/range/","id":"checkHIBPURL","title":"checkHIBPURL"},{"default":1,"id":"checkHIBPRequired","title":"checkHIBPRequired","type":"bool"}],"help":"checkhibp.html","id":"HIBPcheck","title":"HIBPcheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkEntropy","title":"checkEntropy","type":"bool"},{"default":0,"id":"checkEntropyRequired","title":"checkEntropyRequired","type":"bool"},{"id":"checkEntropyRequiredLevel","title":"checkEntropyRequiredLevel","type":"int"}],"help":"checkentropy.html","id":"Entropycheck","title":"Entropycheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"newLocationWarning","title":"newLocationWarning","type":"bool"},{"default":"ipAddr","id":"newLocationWarningLocationAttribute","title":"newLocationWarningLocationAttribute"},{"default":"","id":"newLocationWarningLocationDisplayAttribute","title":"newLocationWarningLocationDisplayAttribute"},{"default":"0","id":"newLocationWarningMaxValues","title":"newLocationWarningMaxValues","type":"int"},{"id":"newLocationWarningMailAttribute","title":"newLocationWarningMailAttribute"},{"id":"newLocationWarningMailSubject","title":"newLocationWarningMailSubject"},{"id":"newLocationWarningMailBody","title":"newLocationWarningMailBody","type":"longtext"}],"help":"newlocationwarning.html","id":"newLocationWarnings","title":"newLocationWarnings","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"15, 30, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"},{"default":900,"id":"bruteForceProtectionMaxLockTime","title":"bruteForceProtectionMaxLockTime","type":"int"},{"default":300,"id":"bruteForceProtectionMaxAge","title":"bruteForceProtectionMaxAge","type":"int"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","default":[{"data":10,"id":"lwpOpts/timeout","title":"timeout","type":"keyText"}],"id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"},{"_nodes":[{"id":"messageBroker","select":[{"k":"","v":""},{"k":"::Redis","v":"Redis"},{"k":"::Pg","v":"PostgreSQL"},{"k":"::MQTT","v":"MQTT"}],"title":"messageBroker","type":"select"},{"cnodes":"messageBrokerOptions","default":[],"id":"messageBrokerOptions","title":"messageBrokerOptions","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"cnodes":"reloadUrls","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"default":"llng_events","id":"eventQueueName","title":"eventQueueName"}],"help":"eventsmanagement.html","id":"eventsManagement","title":"eventsManagement"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"id":"samlFederationFiles","title":"samlFederationFiles"}],"id":"samlFederation","title":"samlFederation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData","type":"displaySamlMetadata"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"help":"openidconnectservice.html#endpoints","id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"help":"openidconnectservice.html#dynamic-registration","id":"oidcServiceDynamicRegistration","title":"oidcServiceDynamicRegistration"},{"_nodes":[{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig","oidcServiceKeyIdSig","oidcServiceKeyTypeSig","oidcServiceOldPrivateKeySig","oidcServiceOldPublicKeySig","oidcServiceOldKeyIdSig","oidcServiceOldKeyTypeSig","oidcServiceNewPrivateKeySig","oidcServiceNewPublicKeySig","oidcServiceNewKeyIdSig","oidcServiceNewKeyTypeSig"],"id":"oidcServiceMetaDataSigKeys","title":"oidcServiceMetaDataSigKeys","type":"OidcKey"},{"get":["oidcServicePrivateKeyEnc","oidcServicePublicKeyEnc","oidcServiceKeyIdEnc","oidcServiceKeyTypeEnc","oidcServiceOldPrivateKeyEnc","oidcServiceOldPublicKeyEnc","oidcServiceOldKeyIdEnc","oidcServiceOldKeyTypeEnc"],"id":"oidcServiceMetaDataEncKeys","title":"oidcServiceMetaDataEncKeys","type":"OidcKey"}],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":0,"id":"oidcServiceIgnoreScopeForClaims","title":"oidcServiceIgnoreScopeForClaims","type":"bool"},{"default":0,"id":"oidcServiceAllowOnlyDeclaredScopes","title":"oidcServiceAllowOnlyDeclaredScopes","type":"bool"},{"id":"oidcDropCspHeaders","title":"oidcDropCspHeaders","type":"bool"},{"default":"RSA-OAEP","id":"oidcServiceEncAlgorithmAlg","select":[{"k":"RSA-OAEP","v":"RSA-OAEP"},{"k":"RSA-OAEP-256","v":"RSA-OAEP-256"},{"k":"RSA1_5","v":"RSA1_5"},{"k":"ECDH-ES","v":"ECDH-ES"},{"k":"ECDH-ES+A128KW","v":"ECDH-ES+A128KW"},{"k":"ECDH-ES+A192KW","v":"ECDH-ES+A192KW"},{"k":"ECDH-ES+A256KW","v":"ECDH-ES+A256KW"}],"title":"oidcServiceEncAlgorithmAlg","type":"select"},{"default":"A256GCM","id":"oidcServiceEncAlgorithmEnc","select":[{"k":"A256CBC-HS512","v":"A256CBC-HS512"},{"k":"A256GCM","v":"A256GCM"},{"k":"A192CBC-HS384","v":"A192CBC-HS384"},{"k":"A192GCM","v":"A192GCM"},{"k":"A128CBC-HS256","v":"A128CBC-HS256"},{"k":"A128GCM","v":"A128GCM"}],"title":"oidcServiceEncAlgorithmEnc","type":"select"},{"id":"oidcServiceHideMetadata","title":"oidcServiceHideMetadata","type":"bool"}],"help":"openidconnectservice.html#security","id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"help":"openidconnectservice.html#timeouts","id":"oidcServiceMetaDataTimeouts","title":"oidcServiceMetaDataTimeouts","type":"simpleInputContainer"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"help":"openidconnectservice.html#sessions","id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData","type":"displayOidcMetadata"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"default":0,"id":"casStrictMatching","title":"casStrictMatching","type":"bool"},{"default":0,"id":"casTicketExpiration","title":"casTicketExpiration","type":"int"},{"default":0,"id":"casBackChannelSingleLogout","title":"casBackChannelSingleLogout","type":"bool"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}] \ No newline at end of file +[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"Appslist ChangePassword LoginHistory OidcConsents Logout","id":"portalDisplayOrder","title":"portalDisplayOrder"}],"help":"portalmenu.html#menu-modules","id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":"common/favicon.ico","id":"portalFavicon","title":"portalFavicon"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"default":400,"id":"scrollTop","title":"scrollTop","type":"int"},{"id":"portalCustomCss","title":"portalCustomCss"},{"id":"portalCustomJs","title":"portalCustomJs"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"portalEnablePasswordDisplay","title":"portalEnablePasswordDisplay","type":"bool"},{"default":1,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMaxSize","title":"passwordPolicyMaxSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"boolOrExpr"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"boolOrExpr"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"boolOrExpr"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"},{"_nodes":[{"id":"captcha","title":"captcha"},{"cnodes":"captchaOptions","id":"captchaOptions","title":"captchaOptions","type":"keyTextContainer"}],"help":"captcha.html#configuration","id":"captchaCustom","title":"captchaCustom"}],"help":"captcha.html#configuration","id":"portalCaptcha","title":"portalCaptcha"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"WebAuthn","v":"WebAuthn"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Combination","v":"combineMods"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"WebAuthn","v":"WebAuthn"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"},{"id":"authChoiceFindUser","title":"authChoiceFindUser"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"},{"id":"krbAllowedDomains","title":"krbAllowedDomains"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"webauthnAuthnLevel","title":"webauthnAuthnLevel","type":"int"}],"help":"authwebauthn.html","id":"webauthnParams","show":false,"title":"webauthnParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"intOrNull"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":10,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":10,"id":"ldapIOTimeout","title":"ldapIOTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"id":"groupLDAPFilter","title":"groupLDAPFilter"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapGetUserBeforePasswordChange","title":"ldapGetUserBeforePasswordChange","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"WebAuthn","v":"WebAuthn"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"},{"_nodes":[{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"default":"lmAuth","id":"proxyAuthServiceChoiceParam","title":"proxyAuthServiceChoiceParam"},{"id":"proxyAuthServiceChoiceValue","title":"proxyAuthServiceChoiceValue"},{"id":"proxyCookieName","title":"proxyCookieName"},{"default":0,"id":"proxyAuthServiceImpersonation","title":"proxyAuthServiceImpersonation","type":"bool"}],"id":"proxyInternalPortal","title":"proxyInternalPortal","type":"simpleInputContainer"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"},{"id":"radiusTimeout","title":"radiusTimeout","type":"intOrNull"},{"cnodes":"radiusExportedVars","default":[],"id":"radiusExportedVars","title":"radiusExportedVars","type":"keyTextContainer"},{"id":"radiusDictionaryFile","title":"radiusDictionaryFile"},{"cnodes":"radiusRequestAttributes","default":[],"id":"radiusRequestAttributes","title":"radiusRequestAttributes","type":"keyTextContainer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"default":"SSL_CLIENT_I_DN","id":"SSLIssuerVar","title":"SSLIssuerVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":0,"id":"issuerDBJitsiMeetTokensActivation","title":"issuerDBJitsiMeetTokensActivation","type":"bool"},{"default":"^/jitsi/","id":"issuerDBJitsiMeetTokensPath","title":"issuerDBJitsiMeetTokensPath"},{"default":1,"id":"issuerDBJitsiMeetTokensRule","title":"issuerDBJitsiMeetTokensRule","type":"boolOrExpr"},{"_nodes":[{"id":"jitsiDefaultServer","title":"jitsiDefaultServer"},{"id":"jitsiAppId","title":"jitsiAppId"},{"id":"jitsiAppSecret","title":"jitsiAppSecret"},{"default":"RS256","id":"jitsiSigningAlg","select":[{"k":"HS256","v":"HS256"},{"k":"HS384","v":"HS384"},{"k":"HS512","v":"HS512"},{"k":"RS256","v":"RS256"},{"k":"RS384","v":"RS384"},{"k":"RS512","v":"RS512"},{"k":"PS256","v":"PS256"},{"k":"PS384","v":"PS384"},{"k":"PS512","v":"PS512"},{"k":"ES256","v":"ES256"},{"k":"ES384","v":"ES384"},{"k":"ES512","v":"ES512"},{"k":"EdDSA","v":"EdDSA"}],"title":"jitsiSigningAlg","type":"select"},{"default":"300","id":"jitsiExpiration","title":"jitsiExpiration","type":"int"},{"_nodes":[{"id":"jitsiIdAttribute","title":"jitsiIdAttribute"},{"id":"jitsiNameAttribute","title":"jitsiNameAttribute"},{"id":"jitsiMailAttribute","title":"jitsiMailAttribute"}],"id":"jitsiAttributes","title":"jitsiAttributes","type":"simpleInputContainer"}],"id":"jitsiOptions","title":"jitsiOptions"}],"help":"idpjitsimeettokens.html","id":"issuerDBJitsiMeetTokens","title":"issuerDBJitsiMeetTokens"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"},{"id":"cookieExpiration","title":"cookieExpiration","type":"intOrNull"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":0,"id":"storePasswordEncrypted","title":"storePasswordEncrypted","type":"bool"},{"default":1,"id":"displaySessionId","title":"displaySessionId","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"help":"refreshsessionapi.html","id":"refreshSessions","title":"refreshSessions","type":"bool"},{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"id":"exportedAttr","title":"exportedAttr"},{"_nodes":[{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"}],"help":"portalservers.html#REST","id":"restServices","title":"restServices","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"}],"help":"portalservers.html#SOAP_(deprecated)","id":"soapServices","title":"soapServices","type":"simpleInputContainer"}],"help":"portalservers.html","id":"portalServers","title":"portalServers"},{"_nodes":[{"_nodes":[{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerConfirmBody","title":"registerConfirmBody","type":"longtext"},{"id":"registerDoneSubject","title":"registerDoneSubject"},{"id":"registerDoneBody","title":"registerDoneBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"register.html","id":"register","title":"register"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetcertificate.html","id":"certificateResetByMailManagement","title":"certificateResetByMailManagement"},{"cnodes":"adaptativeAuthenticationLevelRules","help":"adaptativeauthenticationlevel.html","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"cnodes":"autoSigninRules","help":"autosignin.html","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"trustedBrowserRule","title":"trustedBrowserRule","type":"boolOrExpr"},{"default":0,"id":"stayConnected","title":"stayConnected","type":"boolOrExpr"},{"default":0,"id":"stayConnectedBypassFG","title":"stayConnectedBypassFG","type":"bool"},{"default":2592000,"id":"stayConnectedTimeout","title":"stayConnectedTimeout","type":"int"},{"default":"llngconnection","id":"stayConnectedCookieName","title":"stayConnectedCookieName"},{"default":0,"id":"stayConnectedSingleSession","title":"stayConnectedSingleSession","type":"bool"}],"help":"trustedbrowser.html","id":"stayConnect","title":"stayConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rememberAuthChoiceRule","title":"rememberAuthChoiceRule","type":"boolOrExpr"},{"default":"llngrememberauthchoice","id":"rememberCookieName","title":"rememberCookieName"},{"default":31536000,"id":"rememberCookieTimeout","title":"rememberCookieTimeout","type":"int"},{"default":0,"id":"rememberDefaultChecked","title":"rememberDefaultChecked","type":"bool"},{"default":5,"id":"rememberTimer","title":"rememberTimer","type":"int"}],"help":"rememberauthchoice.html","id":"rememberAuthChoice","title":"rememberAuthChoice","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"locationDetect","title":"locationDetect","type":"bool"},{"id":"locationDetectGeoIpDatabase","title":"locationDetectGeoIpDatabase"},{"default":"en, fr","id":"locationDetectGeoIpLanguages","title":"locationDetectGeoIpLanguages"},{"id":"locationDetectIpDetail","title":"locationDetectIpDetail"},{"id":"locationDetectUaDetail","title":"locationDetectUaDetail"}],"help":"locationdetect.html","id":"locationDetectPlugin","title":"locationDetectPlugin","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":"_loginHistory, _session_id, hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"cnodes":"checkUserHiddenHeaders","id":"checkUserHiddenHeaders","title":"checkUserHiddenHeaders","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayNormalizedHeaders","title":"checkUserDisplayNormalizedHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHiddenAttributes","title":"checkUserDisplayHiddenAttributes","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayHistory","title":"checkUserDisplayHistory","type":"boolOrExpr"}],"help":"checkuser.html#configuration","id":"checkUserDisplay","title":"checkUserDisplay","type":"simpleInputContainer"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers"},{"_nodes":[{"default":0,"id":"checkDevOps","title":"checkDevOps","type":"bool"},{"default":1,"id":"checkDevOpsDownload","title":"checkDevOpsDownload","type":"bool"},{"default":1,"id":"checkDevOpsDisplayNormalizedHeaders","title":"checkDevOpsDisplayNormalizedHeaders","type":"bool"},{"default":1,"id":"checkDevOpsCheckSessionAttributes","title":"checkDevOpsCheckSessionAttributes","type":"bool"}],"help":"checkdevops.html","id":"devOpsCheck","title":"devOpsCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices, _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"findUser","title":"findUser","type":"bool"},{"default":"*","id":"findUserWildcard","title":"findUserWildcard"},{"default":"^[*\\w]+$","id":"findUserControl","title":"findUserControl"},{"id":"restFindUserDBUrl","title":"restFindUserDBUrl"},{"cnodes":"findUserSearchingAttributes","id":"findUserSearchingAttributes","title":"findUserSearchingAttributes","type":"keyTextContainer"},{"cnodes":"findUserExcludingAttributes","id":"findUserExcludingAttributes","title":"findUserExcludingAttributes","type":"keyTextContainer"}],"help":"finduser.html","id":"findUsers","title":"findUsers"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"initializePasswordReset","title":"initializePasswordReset","type":"bool"},{"id":"initializePasswordResetSecret","title":"initializePasswordResetSecret","type":"password"}],"help":"initializePasswordReset.html","id":"initializePasswordResetLabel","title":"initializePasswordResetLabel","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"id":"sfLoginTimeout","title":"sfLoginTimeout","type":"intOrNull"},{"id":"sfRegisterTimeout","title":"sfRegisterTimeout","type":"intOrNull"},{"id":"sfRetries","title":"sfRetries","type":"intOrNull"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"sfOptions","title":"sfOptions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fEncryptSecret","title":"totp2fEncryptSecret","type":"bool"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"intOrNull"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"},{"id":"totp2fTTL","title":"totp2fTTL","type":"intOrNull"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"webauthn2fActivation","title":"webauthn2fActivation","type":"boolOrExpr"},{"default":0,"id":"webauthn2fSelfRegistration","title":"webauthn2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"webauthn2fUserCanRemoveKey","title":"webauthn2fUserCanRemoveKey","type":"bool"},{"default":"preferred","id":"webauthn2fUserVerification","select":[{"k":"discouraged","v":"Discouraged"},{"k":"preferred","v":"Preferred"},{"k":"required","v":"Required"}],"title":"webauthn2fUserVerification","type":"select"},{"id":"webauthn2fResidentKey","select":[{"k":"","v":""},{"k":"discouraged","v":"Discouraged"},{"k":"preferred","v":"Preferred"},{"k":"required","v":"Required"}],"title":"webauthn2fResidentKey","type":"select"},{"default":"none","id":"webauthn2fAttestation","select":[{"k":"none","v":"None"},{"k":"direct","v":"Direct"},{"k":"indirect","v":"Indirect"},{"k":"enterprise","v":"Enterprise"}],"title":"webauthn2fAttestation","type":"select"},{"id":"webauthn2fAttestationTrust","title":"webauthn2fAttestationTrust","type":"file"},{"id":"webauthnRpName","title":"webauthnRpName"},{"id":"webauthnRpId","title":"webauthnRpId"},{"default":1,"id":"webauthnAppId","title":"webauthnAppId","type":"bool"},{"id":"webauthnDisplayNameAttr","title":"webauthnDisplayNameAttr"},{"id":"webauthn2fAuthnLevel","title":"webauthn2fAuthnLevel","type":"intOrNull"},{"id":"webauthn2fLabel","title":"webauthn2fLabel"},{"id":"webauthn2fLogo","title":"webauthn2fLogo"}],"help":"webauthn2f.html","id":"webauthn2f","title":"webauthn2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"intOrNull"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"intOrNull"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"password2fActivation","title":"password2fActivation","type":"boolOrExpr"},{"default":0,"id":"password2fSelfRegistration","title":"password2fSelfRegistration","type":"boolOrExpr"},{"id":"password2fAuthnLevel","title":"password2fAuthnLevel","type":"intOrNull"},{"id":"password2fLabel","title":"password2fLabel"},{"id":"password2fLogo","title":"password2fLogo"},{"default":1,"id":"password2fUserCanRemoveKey","title":"password2fUserCanRemoveKey","type":"bool"},{"id":"password2fTTL","title":"password2fTTL","type":"intOrNull"}],"help":"password2f.html","id":"password2f","title":"password2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"intOrNull"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fSessionKey","title":"mail2fSessionKey"},{"id":"mail2fResendInterval","title":"mail2fResendInterval"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"intOrNull"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fResendInterval","title":"ext2fResendInterval"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"intOrNull"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"okta2fActivation","title":"okta2fActivation","type":"boolOrExpr"},{"id":"okta2fAdminURL","title":"okta2fAdminURL"},{"id":"okta2fApiKey","title":"okta2fApiKey"},{"id":"okta2fLoginAttribute","title":"okta2fLoginAttribute"},{"id":"okta2fAuthnLevel","title":"okta2fAuthnLevel","type":"intOrNull"},{"id":"okta2fLabel","title":"okta2fLabel"},{"id":"okta2fLogo","title":"okta2fLogo"}],"help":"okta2f.html","id":"okta2f","title":"okta2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fDictionaryFile","title":"radius2fDictionaryFile"},{"cnodes":"radius2fRequestAttributes","default":[],"id":"radius2fRequestAttributes","title":"radius2fRequestAttributes","type":"keyTextContainer"},{"default":0,"id":"radius2fSendInitialRequest","title":"radius2fSendInitialRequest","type":"bool"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"intOrNull"},{"id":"radius2fLabel","title":"radius2fLabel"},{"id":"radius2fLogo","title":"radius2fLogo"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fCodeActivation","title":"rest2fCodeActivation"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fResendInterval","title":"rest2fResendInterval"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"intOrNull"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f","type":"simpleInputContainer"},{"cnodes":"sfExtra","help":"sfextra.html","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":0,"help":"safejail.html","id":"avoidAssignment","title":"avoidAssignment","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"id":"strictTransportSecurityMax_Age","title":"strictTransportSecurityMax_Age"},{"default":0,"id":"hashedSessionStore","title":"hashedSessionStore","type":"bool"},{"_nodes":[{"id":"crowdsec","title":"crowdsec","type":"bool"},{"default":"reject","id":"crowdsecAction","select":[{"k":"reject","v":"Reject"},{"k":"warn","v":"Warn"}],"title":"crowdsecAction","type":"select"},{"id":"crowdsecUrl","title":"crowdsecUrl"},{"id":"crowdsecKey","title":"crowdsecKey"},{"id":"crowdsecIgnoreFailures","title":"crowdsecIgnoreFailures","type":"bool"}],"help":"crowdsec.html","id":"CrowdSecPlugin","title":"CrowdSecPlugin","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkHIBP","title":"checkHIBP","type":"bool"},{"default":"https://api.pwnedpasswords.com/range/","id":"checkHIBPURL","title":"checkHIBPURL"},{"default":1,"id":"checkHIBPRequired","title":"checkHIBPRequired","type":"bool"}],"help":"checkhibp.html","id":"HIBPcheck","title":"HIBPcheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkEntropy","title":"checkEntropy","type":"bool"},{"default":0,"id":"checkEntropyRequired","title":"checkEntropyRequired","type":"bool"},{"id":"checkEntropyRequiredLevel","title":"checkEntropyRequiredLevel","type":"int"}],"help":"checkentropy.html","id":"Entropycheck","title":"Entropycheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"newLocationWarning","title":"newLocationWarning","type":"bool"},{"default":"ipAddr","id":"newLocationWarningLocationAttribute","title":"newLocationWarningLocationAttribute"},{"default":"","id":"newLocationWarningLocationDisplayAttribute","title":"newLocationWarningLocationDisplayAttribute"},{"default":"0","id":"newLocationWarningMaxValues","title":"newLocationWarningMaxValues","type":"int"},{"id":"newLocationWarningMailAttribute","title":"newLocationWarningMailAttribute"},{"id":"newLocationWarningMailSubject","title":"newLocationWarningMailSubject"},{"id":"newLocationWarningMailBody","title":"newLocationWarningMailBody","type":"longtext"}],"help":"newlocationwarning.html","id":"newLocationWarnings","title":"newLocationWarnings","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"15, 30, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"},{"default":900,"id":"bruteForceProtectionMaxLockTime","title":"bruteForceProtectionMaxLockTime","type":"int"},{"default":300,"id":"bruteForceProtectionMaxAge","title":"bruteForceProtectionMaxAge","type":"int"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","default":[{"data":10,"id":"lwpOpts/timeout","title":"timeout","type":"keyText"}],"id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"},{"_nodes":[{"id":"messageBroker","select":[{"k":"","v":""},{"k":"::Redis","v":"Redis"},{"k":"::Pg","v":"PostgreSQL"},{"k":"::MQTT","v":"MQTT"}],"title":"messageBroker","type":"select"},{"cnodes":"messageBrokerOptions","default":[],"id":"messageBrokerOptions","title":"messageBrokerOptions","type":"keyTextContainer"},{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"cnodes":"reloadUrls","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"default":"llng_events","id":"eventQueueName","title":"eventQueueName"}],"help":"eventsmanagement.html","id":"eventsManagement","title":"eventsManagement"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"id":"samlFederationFiles","title":"samlFederationFiles"}],"id":"samlFederation","title":"samlFederation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData","type":"displaySamlMetadata"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"help":"openidconnectservice.html#endpoints","id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"help":"openidconnectservice.html#dynamic-registration","id":"oidcServiceDynamicRegistration","title":"oidcServiceDynamicRegistration"},{"_nodes":[{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig","oidcServiceKeyIdSig","oidcServiceKeyTypeSig","oidcServiceOldPrivateKeySig","oidcServiceOldPublicKeySig","oidcServiceOldKeyIdSig","oidcServiceOldKeyTypeSig","oidcServiceNewPrivateKeySig","oidcServiceNewPublicKeySig","oidcServiceNewKeyIdSig","oidcServiceNewKeyTypeSig"],"id":"oidcServiceMetaDataSigKeys","title":"oidcServiceMetaDataSigKeys","type":"OidcKey"},{"get":["oidcServicePrivateKeyEnc","oidcServicePublicKeyEnc","oidcServiceKeyIdEnc","oidcServiceKeyTypeEnc","oidcServiceOldPrivateKeyEnc","oidcServiceOldPublicKeyEnc","oidcServiceOldKeyIdEnc","oidcServiceOldKeyTypeEnc"],"id":"oidcServiceMetaDataEncKeys","title":"oidcServiceMetaDataEncKeys","type":"OidcKey"}],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":0,"id":"oidcServiceIgnoreScopeForClaims","title":"oidcServiceIgnoreScopeForClaims","type":"bool"},{"default":0,"id":"oidcServiceAllowOnlyDeclaredScopes","title":"oidcServiceAllowOnlyDeclaredScopes","type":"bool"},{"id":"oidcDropCspHeaders","title":"oidcDropCspHeaders","type":"bool"},{"default":"RSA-OAEP","id":"oidcServiceEncAlgorithmAlg","select":[{"k":"RSA-OAEP","v":"RSA-OAEP"},{"k":"RSA-OAEP-256","v":"RSA-OAEP-256"},{"k":"RSA1_5","v":"RSA1_5"},{"k":"ECDH-ES","v":"ECDH-ES"},{"k":"ECDH-ES+A128KW","v":"ECDH-ES+A128KW"},{"k":"ECDH-ES+A192KW","v":"ECDH-ES+A192KW"},{"k":"ECDH-ES+A256KW","v":"ECDH-ES+A256KW"}],"title":"oidcServiceEncAlgorithmAlg","type":"select"},{"default":"A256GCM","id":"oidcServiceEncAlgorithmEnc","select":[{"k":"A256CBC-HS512","v":"A256CBC-HS512"},{"k":"A256GCM","v":"A256GCM"},{"k":"A192CBC-HS384","v":"A192CBC-HS384"},{"k":"A192GCM","v":"A192GCM"},{"k":"A128CBC-HS256","v":"A128CBC-HS256"},{"k":"A128GCM","v":"A128GCM"}],"title":"oidcServiceEncAlgorithmEnc","type":"select"},{"id":"oidcServiceHideMetadata","title":"oidcServiceHideMetadata","type":"bool"}],"help":"openidconnectservice.html#security","id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"help":"openidconnectservice.html#timeouts","id":"oidcServiceMetaDataTimeouts","title":"oidcServiceMetaDataTimeouts","type":"simpleInputContainer"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"help":"openidconnectservice.html#sessions","id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData","type":"displayOidcMetadata"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"default":0,"id":"casStrictMatching","title":"casStrictMatching","type":"bool"},{"default":0,"id":"casTicketExpiration","title":"casTicketExpiration","type":"int"},{"default":0,"id":"casBackChannelSingleLogout","title":"casBackChannelSingleLogout","type":"bool"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}] \ No newline at end of file -- GitLab From 14d0a75d8fbbf698b28ad1a8f494e9a68379ca11 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 20 May 2024 18:31:04 +0200 Subject: [PATCH 05/15] Update webauthn js script to work with login form (#3035) --- lemonldap-ng-portal/site/coffee/webauthncheck.coffee | 3 ++- .../site/htdocs/static/common/js/webauthncheck.js | 5 +++-- .../site/htdocs/static/common/js/webauthncheck.min.js | 2 +- .../site/htdocs/static/common/js/webauthncheck.min.js.map | 2 +- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/lemonldap-ng-portal/site/coffee/webauthncheck.coffee b/lemonldap-ng-portal/site/coffee/webauthncheck.coffee index 889e17824d..e54818e9f1 100644 --- a/lemonldap-ng-portal/site/coffee/webauthncheck.coffee +++ b/lemonldap-ng-portal/site/coffee/webauthncheck.coffee @@ -26,7 +26,7 @@ check = -> $(document).trigger e, [ response ] if !e.isDefaultPrevented() $('#credential').val JSON.stringify response - $('#verify-form').submit() + $('#credential').closest('form').submit() . catch (error) -> e = jQuery.Event( "webauthnFailure" ) $(document).trigger e, [ error ] @@ -36,3 +36,4 @@ check = -> $(document).ready -> setTimeout check, 1000 $('#retrybutton').on 'click', check + $('.webauthnclick').on 'click', check diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js index cf02720e34..e6f55a7551 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js @@ -36,7 +36,7 @@ LemonLDAP::NG WebAuthn verify script $(document).trigger(e, [response]); if (!e.isDefaultPrevented()) { $('#credential').val(JSON.stringify(response)); - return $('#verify-form').submit(); + return $('#credential').closest('form').submit(); } })["catch"](function(error) { e = jQuery.Event("webauthnFailure"); @@ -50,7 +50,8 @@ LemonLDAP::NG WebAuthn verify script $(document).ready(function() { setTimeout(check, 1000); - return $('#retrybutton').on('click', check); + $('#retrybutton').on('click', check); + return $('.webauthnclick').on('click', check); }); }).call(this); diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js index 58a16c3e2b..d3d1b00dfd 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js @@ -1 +1 @@ -!function(){var r=function(e,t){return $("#msg").attr("trspan",e),$("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},e=function(){var t,e;if(webauthnJSON.supported())return t=jQuery.Event("webauthnAttempt"),$(document).trigger(t),t.isDefaultPrevented()?void 0:(r("webAuthnBrowserInProgress","warning"),e={publicKey:window.datas.request},webauthnJSON.get(e).then(function(e){if(t=jQuery.Event("webauthnSuccess"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#verify-form").submit()}).catch(function(e){if(t=jQuery.Event("webauthnFailure"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return r("webAuthnBrowserFailed","danger")}));r("webAuthnUnsupported","warning")};$(document).ready(function(){return setTimeout(e,1e3),$("#retrybutton").on("click",e)})}.call(this); \ No newline at end of file +!function(){var n=function(e,t){return $("#msg").attr("trspan",e),$("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},e=function(){var t,e;if(webauthnJSON.supported())return t=jQuery.Event("webauthnAttempt"),$(document).trigger(t),t.isDefaultPrevented()?void 0:(n("webAuthnBrowserInProgress","warning"),e={publicKey:window.datas.request},webauthnJSON.get(e).then(function(e){if(t=jQuery.Event("webauthnSuccess"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#credential").closest("form").submit()}).catch(function(e){if(t=jQuery.Event("webauthnFailure"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return n("webAuthnBrowserFailed","danger")}));n("webAuthnUnsupported","warning")};$(document).ready(function(){return setTimeout(e,1e3),$("#retrybutton").on("click",e),$(".webauthnclick").on("click",e)})}.call(this); \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map index ab8db8b122..62f98e2e43 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["webauthncheck.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","check","e","request","webauthnJSON","supported","jQuery","Event","document","trigger","isDefaultPrevented","publicKey","datas","get","then","response","val","JSON","stringify","submit","error","ready","setTimeout","on","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAQrB,OAPAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,CAC9C,EAEAQ,EAAQ,WACN,IAAIC,EAAGC,EACP,GAAKC,aAAaC,UAAU,EAM5B,OAFAH,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,CAAC,EAChBA,EAAEQ,mBAAmB,EAA1B,KAAA,GACEnB,EAAO,4BAA6B,SAAS,EAC7CY,EAAU,CACRQ,UAAWd,OAAOe,MAAMT,OAC1B,EACOC,aAAaS,IAAIV,CAAO,EAAEW,KAAK,SAASC,GAG7C,GAFAb,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACa,EAAS,EAC7B,CAACb,EAAEQ,mBAAmB,EAExB,OADAhB,EAAE,aAAa,EAAEsB,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCrB,EAAE,cAAc,EAAEyB,OAAO,CAEpC,CAAC,EAAS,MAAE,SAASC,GAGnB,GAFAlB,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACkB,EAAM,EAC1B,CAAClB,EAAEQ,mBAAmB,EACxB,OAAOnB,EAAO,wBAAyB,QAAQ,CAEnD,CAAC,GAvBDA,EAAO,sBAAuB,SAAS,CAyB3C,EAEAG,EAAEc,QAAQ,EAAEa,MAAM,WAEhB,OADAC,WAAWrB,EAAO,GAAI,EACfP,EAAE,cAAc,EAAE6B,GAAG,QAAStB,CAAK,CAC5C,CAAC,CAEF,EAAEuB,KAAKC,IAAI"} \ No newline at end of file +{"version":3,"sources":["webauthncheck.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","check","e","request","webauthnJSON","supported","jQuery","Event","document","trigger","isDefaultPrevented","publicKey","datas","get","then","response","val","JSON","stringify","closest","submit","error","ready","setTimeout","on","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAQrB,OAPAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,CAC9C,EAEAQ,EAAQ,WACN,IAAIC,EAAGC,EACP,GAAKC,aAAaC,UAAU,EAM5B,OAFAH,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,CAAC,EAChBA,EAAEQ,mBAAmB,EAA1B,KAAA,GACEnB,EAAO,4BAA6B,SAAS,EAC7CY,EAAU,CACRQ,UAAWd,OAAOe,MAAMT,OAC1B,EACOC,aAAaS,IAAIV,CAAO,EAAEW,KAAK,SAASC,GAG7C,GAFAb,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACa,EAAS,EAC7B,CAACb,EAAEQ,mBAAmB,EAExB,OADAhB,EAAE,aAAa,EAAEsB,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCrB,EAAE,aAAa,EAAEyB,QAAQ,MAAM,EAAEC,OAAO,CAEnD,CAAC,EAAS,MAAE,SAASC,GAGnB,GAFAnB,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACmB,EAAM,EAC1B,CAACnB,EAAEQ,mBAAmB,EACxB,OAAOnB,EAAO,wBAAyB,QAAQ,CAEnD,CAAC,GAvBDA,EAAO,sBAAuB,SAAS,CAyB3C,EAEAG,EAAEc,QAAQ,EAAEc,MAAM,WAGhB,OAFAC,WAAWtB,EAAO,GAAI,EACtBP,EAAE,cAAc,EAAE8B,GAAG,QAASvB,CAAK,EAC5BP,EAAE,gBAAgB,EAAE8B,GAAG,QAASvB,CAAK,CAC9C,CAAC,CAEF,EAAEwB,KAAKC,IAAI"} \ No newline at end of file -- GitLab From 342f690813d734f95b3f6c87593be5233af786fc Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 2 Feb 2024 10:19:36 +0100 Subject: [PATCH 06/15] Unit tests for #3035 --- lemonldap-ng-portal/MANIFEST | 2 + lemonldap-ng-portal/t/01-WebAuthn.t | 2 + .../t/29-AuthWebAuthn-Choice.t | 127 ++++++++++++++++++ lemonldap-ng-portal/t/29-AuthWebAuthn.t | 118 ++++++++++++++++ 4 files changed, 249 insertions(+) create mode 100644 lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t create mode 100644 lemonldap-ng-portal/t/29-AuthWebAuthn.t diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index f1efac88e4..75591e5b81 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -622,6 +622,8 @@ t/28-AuthChoice-with-rules.t t/28-AuthChoice-with-token.t t/29-AuthGPG.t t/29-AuthSSL.t +t/29-AuthWebAuthn-Choice.t +t/29-AuthWebAuthn.t t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t t/30-Auth-and-issuer-SAML-Federation.t diff --git a/lemonldap-ng-portal/t/01-WebAuthn.t b/lemonldap-ng-portal/t/01-WebAuthn.t index 492836124e..fc9b68ee94 100644 --- a/lemonldap-ng-portal/t/01-WebAuthn.t +++ b/lemonldap-ng-portal/t/01-WebAuthn.t @@ -83,6 +83,8 @@ ENDKEY my ( $host, $url, $query ) = expectForm( $res, "", '/webauthn2fcheck', 'token', 'credential' ); + is( getJsVars($res)->{webauthn_autostart}, + "1", "WebAuthn set to autostart" ); ok( my $request = getJsVars($res)->{request}, "Found WebAuthn request" ); my $challenge = $request->{challenge}; diff --git a/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t b/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t new file mode 100644 index 0000000000..8bc682fae3 --- /dev/null +++ b/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t @@ -0,0 +1,127 @@ +use warnings; +use Test::More; +use IO::String; +use URI; +use JSON; +use Lemonldap::NG::Portal::Main::Constants ':all'; +use strict; + +require 't/test-lib.pm'; + +SKIP: { + eval "use Authen::WebAuthn::Test; use Authen::WebAuthn;"; + if ($@) { + skip 'Authen::WebAuthn not found'; + } + + my $ecdsa_key = <new( + origin => "http://auth.example.com", + rp_id => "auth.example.com", + credential_id => $credential_id_1, + aaguid => "00000000-0000-0000-0000-000000000000", + key => $ecdsa_key, + sign_count => 6, + ); + my $res; + + my $client = LLNG::Manager::Test->new( { + ini => { + authentication => 'Choice', + restSessionServer => 1, + requireToken => 1, + userDB => 'Same', + 'authChoiceModules' => { + '1_WebAuthn' => 'WebAuthn;Demo;Null;;;{}', + '2_Demo' => 'Demo;Demo;Null;;;{}' + }, + } + } + ); + + ok( + $res = $client->_get( + '/', accept => 'text/html' + ), + 'Try to login' + ); + + expectPortalError( $res, 9, "Prompted to authenticate" ); + + my $info = { + '_2fDevices' => to_json( [ { + '_credentialId' => 'bFpZbHRQOU10b1JOdVhLOGY4dFdm', + '_credentialPublicKey' => +'pQECAyYgASFYIM_oQXEUzjPwEhM4gWmIbCuOXc4Ja8jPDKxbQaZckal7Ilgg_9a693_nkf7flk1S9AV2tjrtJPF6kg8TCGbFKoeD9Wc', + '_signCount' => 5, + 'epoch' => '1704384566', + 'name' => 'MyFirstDevice', + 'type' => 'WebAuthn' + }, + ] + ), + '_webAuthnUserHandle' => "xxx", + '_session_id' => 'cb3c92b07fb624c9975186b57c627ae0', + '_session_kind' => 'Persistent', + '_session_uid' => 'dwho', + '_updateTime' => '20240102142212', + '_utime' => '1704201732' + }; + $client->p->getPersistentSession( "dwho", $info ); + + my $js_vars = getJsVars($res); + my $request = $js_vars->{request}; + my $challenge = $request->{challenge}; + + ok( $challenge, "Found challenge" ); + is( $js_vars->{webauthn_autostart}, "0", "WebAuthn is set to auto start" ); + + my ( $host, $url, $query ) = + expectForm( $res, "#", undef, 'token', 'credential' ); + + my $credential = $webauthn_tester->get_assertion_response( { + request => $request, + }, + { response => { userHandle => "xxx" } } + ); + + $credential = $webauthn_tester->encode_credential($credential); + + my $urlencoded_credential = buildForm( { + credential => $credential + } + ); + + $query =~ s/credential=/$urlencoded_credential/; + $query =~ s/lmAuth=\w*/lmAuth=1_WebAuthn/; + + ok( + $res = $client->_post( + "/", + IO::String->new($query), + length => length($query), + ), + 'Auth query' + ); + + my $id = expectCookie($res); + expectSessionAttributes( $client, $id, uid => "dwho", _auth => "WebAuthn" ); + +} + +done_testing(); diff --git a/lemonldap-ng-portal/t/29-AuthWebAuthn.t b/lemonldap-ng-portal/t/29-AuthWebAuthn.t new file mode 100644 index 0000000000..97629bbe9c --- /dev/null +++ b/lemonldap-ng-portal/t/29-AuthWebAuthn.t @@ -0,0 +1,118 @@ +use warnings; +use Test::More; +use IO::String; +use URI; +use JSON; +use Lemonldap::NG::Portal::Main::Constants ':all'; +use strict; + +require 't/test-lib.pm'; + +SKIP: { + eval "use Authen::WebAuthn::Test; use Authen::WebAuthn;"; + if ($@) { + skip 'Authen::WebAuthn not found'; + } + + my $ecdsa_key = <new( + origin => "http://auth.example.com", + rp_id => "auth.example.com", + credential_id => $credential_id_1, + aaguid => "00000000-0000-0000-0000-000000000000", + key => $ecdsa_key, + sign_count => 6, + ); + my $res; + + my $client = LLNG::Manager::Test->new( { + ini => { + authentication => 'WebAuthn', + restSessionServer => 1, + userDB => 'Demo', + } + } + ); + + ok( + $res = $client->_get( + '/', accept => 'text/html' + ), + 'Try to login' + ); + + my $info = { + '_2fDevices' => to_json( [ { + '_credentialId' => 'bFpZbHRQOU10b1JOdVhLOGY4dFdm', + '_credentialPublicKey' => +'pQECAyYgASFYIM_oQXEUzjPwEhM4gWmIbCuOXc4Ja8jPDKxbQaZckal7Ilgg_9a693_nkf7flk1S9AV2tjrtJPF6kg8TCGbFKoeD9Wc', + '_signCount' => 5, + 'epoch' => '1704384566', + 'name' => 'MyFirstDevice', + 'type' => 'WebAuthn' + }, + ] + ), + '_webAuthnUserHandle' => "xxx", + '_session_id' => 'cb3c92b07fb624c9975186b57c627ae0', + '_session_kind' => 'Persistent', + '_session_uid' => 'dwho', + '_updateTime' => '20240102142212', + '_utime' => '1704201732' + }; + $client->p->getPersistentSession( "dwho", $info ); + + my ( $host, $url, $query ) = + expectForm( $res, "#", undef, 'token', 'credential' ); + + my $js_vars = getJsVars($res); + my $request = $js_vars->{request}; + my $challenge = $request->{challenge}; + + ok( $challenge, "Found challenge" ); + is( $js_vars->{webauthn_autostart}, "0", "WebAuthn is set to auto start" ); + + my $credential = $webauthn_tester->get_assertion_response( { + request => $request, + }, + { response => { userHandle => "xxx" } } + ); + + $credential = $webauthn_tester->encode_credential($credential); + + my $urlencoded_credential = buildForm( { + credential => $credential + } + ); + + $query =~ s/credential=/$urlencoded_credential/; + ok( + $res = $client->_post( + "/", + IO::String->new($query), + length => length($query), + ), + 'Auth query' + ); + + my $id = expectCookie($res); + expectSessionAttributes( $client, $id, uid => "dwho", _auth => "WebAuthn" ); + +} + +done_testing(); -- GitLab From 68587fe5622a714e95fd208a0abfcd63e96e1918 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 10 Jun 2024 11:07:17 +0200 Subject: [PATCH 07/15] Do not trigger WebAuthn as 2FA if it was used as 1FA (#3035) --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm index 01508bc89f..874469fb04 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm @@ -33,7 +33,8 @@ sub init { # If "activation" is just set to "enabled", # replace the rule to detect if user has registered its key - $self->conf->{webauthn2fActivation} = 'has2f("WebAuthn")' + $self->conf->{webauthn2fActivation} = + 'has2f("WebAuthn") and $_auth ne "WebAuthn"' if $self->conf->{webauthn2fActivation} eq '1'; return $self->SUPER::init() ? 1 : 0; -- GitLab From 6eb1647ccb4b28b3b25989be9389dddea84eb1d8 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 10 Jun 2024 11:18:14 +0200 Subject: [PATCH 08/15] Autostart WebAuthn in 2FA code (#3035) --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm index 874469fb04..d960989cf6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/WebAuthn.pm @@ -64,8 +64,9 @@ EOF $req, 'webauthn2fcheck', params => { - DATA => to_json( { request => $request } ), - TOKEN => $token, + DATA => + to_json( { request => $request, webauthn_autostart => \1 } ), + TOKEN => $token, CUSTOM_SCRIPT => $req->data->{customScript}, $self->get2fTplParams($req), } -- GitLab From ecc00e3b2ab6d8242a085230485a8beeb8b5c9e9 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 10 Jun 2024 11:18:30 +0200 Subject: [PATCH 09/15] JS support for webauthn autostart (#3035) --- lemonldap-ng-portal/site/coffee/webauthncheck.coffee | 10 ++++++---- .../common/js/generic2fregistration.min.js.map | 2 +- .../common/js/password2fregistration.min.js.map | 2 +- .../site/htdocs/static/common/js/webauthncheck.js | 12 ++++++++---- .../htdocs/static/common/js/webauthncheck.min.js | 2 +- .../htdocs/static/common/js/webauthncheck.min.js.map | 2 +- 6 files changed, 18 insertions(+), 12 deletions(-) diff --git a/lemonldap-ng-portal/site/coffee/webauthncheck.coffee b/lemonldap-ng-portal/site/coffee/webauthncheck.coffee index e54818e9f1..7a4f652a18 100644 --- a/lemonldap-ng-portal/site/coffee/webauthncheck.coffee +++ b/lemonldap-ng-portal/site/coffee/webauthncheck.coffee @@ -33,7 +33,9 @@ check = -> if !e.isDefaultPrevented() setMsg 'webAuthnBrowserFailed', 'danger' -$(document).ready -> - setTimeout check, 1000 - $('#retrybutton').on 'click', check - $('.webauthnclick').on 'click', check +$(document).on "portalLoaded", { }, ( event, info ) -> + $(document).ready -> + $('#retrybutton').on 'click', check + $('.webauthnclick').on 'click', check + if window.datas.webauthn_autostart + setTimeout check, 1000 diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/generic2fregistration.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/generic2fregistration.min.js.map index d8d843f327..d002e50433 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/generic2fregistration.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/generic2fregistration.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["generic2fregistration.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","displayError","j","status","err","console","log","res","JSON","parse","responseText","error","replace","verify","generic","val","prefix","datas","ajax","type","url","portal","dataType","data","success","match","token","focus","register","genericname","genericcode","e","jQuery","Event","document","trigger","isDefaultPrevented","location","href","ready","on","call","this"],"mappings":"CAMA,WACE,IAEAA,EAAS,SAASC,EAAKC,GASrB,OARAC,EAAE,QAAQC,KAAK,SAAUH,GACzBE,EAAE,QAAQE,KAAKC,OAAOC,UAAUN,IAChCE,EAAE,UAAUK,YAAY,4FACxBL,EAAE,UAAUM,SAAS,WAAaP,GACpB,aAAVA,IACFA,EAAQ,WAEVC,EAAE,UAAUM,SAAS,SAAWP,GACzBC,EAAE,QAAQC,KAAK,OAAmB,WAAVF,EAAqB,QAAU,WAGhEQ,EAAe,SAASC,EAAGC,EAAQC,GAIjC,GAFAC,QAAQC,IAAI,QAASF,IACrBG,EAAMC,KAAKC,MAAMP,EAAEQ,gBACRH,EAAII,MAGb,OAFAJ,EAAMA,EAAII,MAAMC,QAAQ,MAAO,IAC/BP,QAAQC,IAAI,iBAAkBC,GACvBhB,EAAOgB,EAAK,YAIvBM,EAAS,WACP,IACAC,EAAUpB,EAAE,YAAYqB,MACxBC,EAASnB,OAAOoB,MAAMD,OACtB,OAAKF,EAIIpB,EAAEwB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,eAAiBL,EAAS,YACxCM,SAAU,OACVC,KAAM,CACJT,QAASA,GAEXH,MAAOV,EACPuB,QAAS,SAASD,GAChB,OAAIA,EAAKZ,MACHY,EAAKZ,MAAMc,MAAM,QACZlC,EAAOgC,EAAKZ,MAAO,WAEnBpB,EAAOgC,EAAKZ,MAAO,WAG5BjB,EAAE,UAAUqB,IAAIQ,EAAKG,OACdnC,EAAO,mBAAoB,gBApBxCA,EAAO,OAAQ,WACRG,EAAE,YAAYiC,UA0BzBC,EAAW,WACT,IACAd,EAAUpB,EAAE,YAAYqB,MACxBc,EAAcnC,EAAE,gBAAgBqB,MAChCe,EAAcpC,EAAE,SAASqB,MACzBC,EAASnB,OAAOoB,MAAMD,OACtBU,EAAQhC,EAAE,UAAUqB,MACpB,OAAKD,EAIIpB,EAAEwB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,eAAiBL,EAAS,UACxCM,SAAU,OACVC,KAAM,CACJT,QAASA,EACTe,YAAaA,EACbC,YAAaA,EACbJ,MAAOA,GAETf,MAAOV,EACPuB,QAAS,SAASD,GAEhB,OAAIA,EAAKZ,MACHY,EAAKZ,MAAMc,MAAM,eACZlC,EAAOgC,EAAKZ,MAAO,WAEnBpB,EAAOgC,EAAKZ,MAAO,WAG5BoB,EAAIC,OAAOC,MAAM,YACjBvC,EAAEwC,UAAUC,QAAQJ,EAAG,CACrB,CACEZ,KAAQH,KAGPe,EAAEK,0BAAP,EACSvC,OAAOwC,SAASC,KAAOzC,OAAOwB,OAAS,8BA9BtD9B,EAAO,OAAQ,WACRG,EAAE,YAAYiC,UAqCzBjC,EAAEwC,UAAUK,MAAM,WAEhB,OADA7C,EAAE,WAAW8C,GAAG,QAAS3B,GAClBnB,EAAE,aAAa8C,GAAG,QAASZ,MAGnCa,KAAKC"} \ No newline at end of file +{"version":3,"sources":["generic2fregistration.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","displayError","j","status","err","console","log","res","JSON","parse","responseText","error","replace","verify","generic","val","prefix","datas","ajax","type","url","portal","dataType","data","success","match","token","focus","register","genericname","genericcode","e","jQuery","Event","document","trigger","isDefaultPrevented","location","href","ready","on","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GASrB,OARAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEVC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,EAC9BC,EAAE,MAAM,EAAEC,KAAK,OAAmB,WAAVF,EAAqB,QAAU,QAAS,CACzE,EAEAQ,EAAe,SAASC,EAAGC,EAAQC,GAIjC,GAFAC,QAAQC,IAAI,QAASF,CAAG,GACxBG,EAAMC,KAAKC,MAAMP,EAAEQ,YAAY,IACpBH,EAAII,MAGb,OAFAJ,EAAMA,EAAII,MAAMC,QAAQ,MAAO,EAAE,EACjCP,QAAQC,IAAI,iBAAkBC,CAAG,EAC1BhB,EAAOgB,EAAK,SAAS,CAEhC,EAEAM,EAAS,WACP,IACAC,EAAUpB,EAAE,UAAU,EAAEqB,IAAI,EAC5BC,EAASnB,OAAOoB,MAAMD,OACtB,OAAKF,EAIIpB,EAAEwB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,eAAiBL,EAAS,YACxCM,SAAU,OACVC,KAAM,CACJT,QAASA,CACX,EACAH,MAAOV,EACPuB,QAAS,SAASD,GAChB,OAAIA,EAAKZ,MACHY,EAAKZ,MAAMc,MAAM,MAAM,EAClBlC,EAAOgC,EAAKZ,MAAO,SAAS,EAE5BpB,EAAOgC,EAAKZ,MAAO,QAAQ,GAGpCjB,EAAE,QAAQ,EAAEqB,IAAIQ,EAAKG,KAAK,EACnBnC,EAAO,mBAAoB,SAAS,EAE/C,CACF,CAAC,GAvBDA,EAAO,OAAQ,SAAS,EACjBG,EAAE,UAAU,EAAEiC,MAAM,EAwB/B,EAEAC,EAAW,WACT,IACAd,EAAUpB,EAAE,UAAU,EAAEqB,IAAI,EAC5Bc,EAAcnC,EAAE,cAAc,EAAEqB,IAAI,EACpCe,EAAcpC,EAAE,OAAO,EAAEqB,IAAI,EAC7BC,EAASnB,OAAOoB,MAAMD,OACtBU,EAAQhC,EAAE,QAAQ,EAAEqB,IAAI,EACxB,OAAKD,EAIIpB,EAAEwB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,eAAiBL,EAAS,UACxCM,SAAU,OACVC,KAAM,CACJT,QAASA,EACTe,YAAaA,EACbC,YAAaA,EACbJ,MAAOA,CACT,EACAf,MAAOV,EACPuB,QAAS,SAASD,GAEhB,OAAIA,EAAKZ,MACHY,EAAKZ,MAAMc,MAAM,aAAa,EACzBlC,EAAOgC,EAAKZ,MAAO,SAAS,EAE5BpB,EAAOgC,EAAKZ,MAAO,QAAQ,GAGpCoB,EAAIC,OAAOC,MAAM,UAAU,EAC3BvC,EAAEwC,QAAQ,EAAEC,QAAQJ,EAAG,CACrB,CACEZ,KAAQH,CACV,EACD,EACIe,EAAEK,mBAAmB,EAA1B,KAAA,EACSvC,OAAOwC,SAASC,KAAOzC,OAAOwB,OAAS,yBAGpD,CACF,CAAC,GAlCD9B,EAAO,OAAQ,SAAS,EACjBG,EAAE,UAAU,EAAEiC,MAAM,EAmC/B,EAEAjC,EAAEwC,QAAQ,EAAEK,MAAM,WAEhB,OADA7C,EAAE,SAAS,EAAE8C,GAAG,QAAS3B,CAAM,EACxBnB,EAAE,WAAW,EAAE8C,GAAG,QAASZ,CAAQ,CAC5C,CAAC,CAEF,EAAEa,KAAKC,IAAI"} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/password2fregistration.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/password2fregistration.min.js.map index e22dd7a4f6..7f7bb9cb22 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/password2fregistration.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/password2fregistration.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["password2fregistration.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","displayError","j","status","err","console","log","res","JSON","parse","responseText","error","replace","register","password","val","passwordverify","ajax","type","url","portal","dataType","data","success","match","e","jQuery","Event","document","trigger","isDefaultPrevented","location","href","focus","ready","on","call","this"],"mappings":"CAMA,WACE,IAEAA,EAAS,SAASC,EAAKC,GASrB,OARAC,EAAE,QAAQC,KAAK,SAAUH,GACzBE,EAAE,QAAQE,KAAKC,OAAOC,UAAUN,IAChCE,EAAE,UAAUK,YAAY,4FACxBL,EAAE,UAAUM,SAAS,WAAaP,GACpB,aAAVA,IACFA,EAAQ,WAEVC,EAAE,UAAUM,SAAS,SAAWP,GACzBC,EAAE,QAAQC,KAAK,OAAmB,WAAVF,EAAqB,QAAU,WAGhEQ,EAAe,SAASC,EAAGC,EAAQC,GAIjC,GAFAC,QAAQC,IAAI,QAASF,IACrBG,EAAMC,KAAKC,MAAMP,EAAEQ,gBACRH,EAAII,MAGb,OAFAJ,EAAMA,EAAII,MAAMC,QAAQ,MAAO,IAC/BP,QAAQC,IAAI,iBAAkBC,GACvBhB,EAAOgB,EAAK,YAIvBM,EAAW,WACT,IACAC,EAAWpB,EAAE,eAAeqB,MAC5BC,EAAiBtB,EAAE,qBAAqBqB,MACxC,OAAKD,EAIIpB,EAAEuB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,8BACdC,SAAU,OACVC,KAAM,CACJR,SAAUA,EACVE,eAAgBA,GAElBL,MAAOV,EACPsB,QAAS,SAASD,GAEhB,OAAIA,EAAKX,MACHW,EAAKX,MAAMa,MAAM,QACZjC,EAAO+B,EAAKX,MAAO,WAEnBpB,EAAO+B,EAAKX,MAAO,WAG5Bc,EAAIC,OAAOC,MAAM,YACjBjC,EAAEkC,UAAUC,QAAQJ,EAAG,CACrB,CACEP,KAAQ,cAGPO,EAAEK,0BAAP,EACSjC,OAAOkC,SAASC,KAAOnC,OAAOuB,OAAS,8BA5BtD7B,EAAO,OAAQ,WACRG,EAAE,aAAauC,UAmC1BvC,EAAEkC,UAAUM,MAAM,WAChB,OAAOxC,EAAE,aAAayC,GAAG,QAAStB,MAGnCuB,KAAKC"} \ No newline at end of file +{"version":3,"sources":["password2fregistration.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","displayError","j","status","err","console","log","res","JSON","parse","responseText","error","replace","register","password","val","passwordverify","ajax","type","url","portal","dataType","data","success","match","e","jQuery","Event","document","trigger","isDefaultPrevented","location","href","focus","ready","on","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GASrB,OARAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEVC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,EAC9BC,EAAE,MAAM,EAAEC,KAAK,OAAmB,WAAVF,EAAqB,QAAU,QAAS,CACzE,EAEAQ,EAAe,SAASC,EAAGC,EAAQC,GAIjC,GAFAC,QAAQC,IAAI,QAASF,CAAG,GACxBG,EAAMC,KAAKC,MAAMP,EAAEQ,YAAY,IACpBH,EAAII,MAGb,OAFAJ,EAAMA,EAAII,MAAMC,QAAQ,MAAO,EAAE,EACjCP,QAAQC,IAAI,iBAAkBC,CAAG,EAC1BhB,EAAOgB,EAAK,SAAS,CAEhC,EAEAM,EAAW,WACT,IACAC,EAAWpB,EAAE,aAAa,EAAEqB,IAAI,EAChCC,EAAiBtB,EAAE,mBAAmB,EAAEqB,IAAI,EAC5C,OAAKD,EAIIpB,EAAEuB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,8BACdC,SAAU,OACVC,KAAM,CACJR,SAAUA,EACVE,eAAgBA,CAClB,EACAL,MAAOV,EACPsB,QAAS,SAASD,GAEhB,OAAIA,EAAKX,MACHW,EAAKX,MAAMa,MAAM,MAAM,EAClBjC,EAAO+B,EAAKX,MAAO,SAAS,EAE5BpB,EAAO+B,EAAKX,MAAO,QAAQ,GAGpCc,EAAIC,OAAOC,MAAM,UAAU,EAC3BjC,EAAEkC,QAAQ,EAAEC,QAAQJ,EAAG,CACrB,CACEP,KAAQ,UACV,EACD,EACIO,EAAEK,mBAAmB,EAA1B,KAAA,EACSjC,OAAOkC,SAASC,KAAOnC,OAAOuB,OAAS,yBAGpD,CACF,CAAC,GAhCD7B,EAAO,OAAQ,SAAS,EACjBG,EAAE,WAAW,EAAEuC,MAAM,EAiChC,EAEAvC,EAAEkC,QAAQ,EAAEM,MAAM,WAChB,OAAOxC,EAAE,WAAW,EAAEyC,GAAG,QAAStB,CAAQ,CAC5C,CAAC,CAEF,EAAEuB,KAAKC,IAAI"} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js index e6f55a7551..299dd3b27c 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js @@ -48,10 +48,14 @@ LemonLDAP::NG WebAuthn verify script } }; - $(document).ready(function() { - setTimeout(check, 1000); - $('#retrybutton').on('click', check); - return $('.webauthnclick').on('click', check); + $(document).on("portalLoaded", {}, function(event, info) { + return $(document).ready(function() { + $('#retrybutton').on('click', check); + $('.webauthnclick').on('click', check); + if (window.datas.webauthn_autostart) { + return setTimeout(check, 1000); + } + }); }); }).call(this); diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js index d3d1b00dfd..2d64bd1bf3 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js @@ -1 +1 @@ -!function(){var n=function(e,t){return $("#msg").attr("trspan",e),$("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},e=function(){var t,e;if(webauthnJSON.supported())return t=jQuery.Event("webauthnAttempt"),$(document).trigger(t),t.isDefaultPrevented()?void 0:(n("webAuthnBrowserInProgress","warning"),e={publicKey:window.datas.request},webauthnJSON.get(e).then(function(e){if(t=jQuery.Event("webauthnSuccess"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#credential").closest("form").submit()}).catch(function(e){if(t=jQuery.Event("webauthnFailure"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return n("webAuthnBrowserFailed","danger")}));n("webAuthnUnsupported","warning")};$(document).ready(function(){return setTimeout(e,1e3),$("#retrybutton").on("click",e),$(".webauthnclick").on("click",e)})}.call(this); \ No newline at end of file +!function(){var n=function(e,t){return $("#msg").attr("trspan",e),$("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},r=function(){var t,e;if(webauthnJSON.supported())return t=jQuery.Event("webauthnAttempt"),$(document).trigger(t),t.isDefaultPrevented()?void 0:(n("webAuthnBrowserInProgress","warning"),e={publicKey:window.datas.request},webauthnJSON.get(e).then(function(e){if(t=jQuery.Event("webauthnSuccess"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#credential").closest("form").submit()}).catch(function(e){if(t=jQuery.Event("webauthnFailure"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return n("webAuthnBrowserFailed","danger")}));n("webAuthnUnsupported","warning")};$(document).on("portalLoaded",{},function(e,t){return $(document).ready(function(){if($("#retrybutton").on("click",r),$(".webauthnclick").on("click",r),window.datas.webauthn_autostart)return setTimeout(r,1e3)})})}.call(this); \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map index 62f98e2e43..a0255db31c 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["webauthncheck.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","check","e","request","webauthnJSON","supported","jQuery","Event","document","trigger","isDefaultPrevented","publicKey","datas","get","then","response","val","JSON","stringify","closest","submit","error","ready","setTimeout","on","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAQrB,OAPAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,CAC9C,EAEAQ,EAAQ,WACN,IAAIC,EAAGC,EACP,GAAKC,aAAaC,UAAU,EAM5B,OAFAH,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,CAAC,EAChBA,EAAEQ,mBAAmB,EAA1B,KAAA,GACEnB,EAAO,4BAA6B,SAAS,EAC7CY,EAAU,CACRQ,UAAWd,OAAOe,MAAMT,OAC1B,EACOC,aAAaS,IAAIV,CAAO,EAAEW,KAAK,SAASC,GAG7C,GAFAb,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACa,EAAS,EAC7B,CAACb,EAAEQ,mBAAmB,EAExB,OADAhB,EAAE,aAAa,EAAEsB,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCrB,EAAE,aAAa,EAAEyB,QAAQ,MAAM,EAAEC,OAAO,CAEnD,CAAC,EAAS,MAAE,SAASC,GAGnB,GAFAnB,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACmB,EAAM,EAC1B,CAACnB,EAAEQ,mBAAmB,EACxB,OAAOnB,EAAO,wBAAyB,QAAQ,CAEnD,CAAC,GAvBDA,EAAO,sBAAuB,SAAS,CAyB3C,EAEAG,EAAEc,QAAQ,EAAEc,MAAM,WAGhB,OAFAC,WAAWtB,EAAO,GAAI,EACtBP,EAAE,cAAc,EAAE8B,GAAG,QAASvB,CAAK,EAC5BP,EAAE,gBAAgB,EAAE8B,GAAG,QAASvB,CAAK,CAC9C,CAAC,CAEF,EAAEwB,KAAKC,IAAI"} \ No newline at end of file +{"version":3,"sources":["webauthncheck.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","check","e","request","webauthnJSON","supported","jQuery","Event","document","trigger","isDefaultPrevented","publicKey","datas","get","then","response","val","JSON","stringify","closest","submit","error","on","event","info","ready","webauthn_autostart","setTimeout","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAQrB,OAPAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,CAC9C,EAEAQ,EAAQ,WACN,IAAIC,EAAGC,EACP,GAAKC,aAAaC,UAAU,EAM5B,OAFAH,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,CAAC,EAChBA,EAAEQ,mBAAmB,EAA1B,KAAA,GACEnB,EAAO,4BAA6B,SAAS,EAC7CY,EAAU,CACRQ,UAAWd,OAAOe,MAAMT,OAC1B,EACOC,aAAaS,IAAIV,CAAO,EAAEW,KAAK,SAASC,GAG7C,GAFAb,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACa,EAAS,EAC7B,CAACb,EAAEQ,mBAAmB,EAExB,OADAhB,EAAE,aAAa,EAAEsB,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCrB,EAAE,aAAa,EAAEyB,QAAQ,MAAM,EAAEC,OAAO,CAEnD,CAAC,EAAS,MAAE,SAASC,GAGnB,GAFAnB,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACmB,EAAM,EAC1B,CAACnB,EAAEQ,mBAAmB,EACxB,OAAOnB,EAAO,wBAAyB,QAAQ,CAEnD,CAAC,GAvBDA,EAAO,sBAAuB,SAAS,CAyB3C,EAEAG,EAAEc,QAAQ,EAAEc,GAAG,eAAgB,GAAI,SAASC,EAAOC,GACjD,OAAO9B,EAAEc,QAAQ,EAAEiB,MAAM,WAGvB,GAFA/B,EAAE,cAAc,EAAE4B,GAAG,QAASrB,CAAK,EACnCP,EAAE,gBAAgB,EAAE4B,GAAG,QAASrB,CAAK,EACjCJ,OAAOe,MAAMc,mBACf,OAAOC,WAAW1B,EAAO,GAAI,CAEjC,CAAC,CACH,CAAC,CAEF,EAAE2B,KAAKC,IAAI"} \ No newline at end of file -- GitLab From 0aa0177973cb0d541a74f9822be8f7b9a7681705 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 10 Jun 2024 17:38:39 +0200 Subject: [PATCH 10/15] Documentation for #3035 --- doc/sources/admin/authwebauthn.rst | 51 ++++++++++++++++++++++++++++++ doc/sources/admin/index_authdb.rst | 1 + doc/sources/admin/start.rst | 1 + 3 files changed, 53 insertions(+) create mode 100644 doc/sources/admin/authwebauthn.rst diff --git a/doc/sources/admin/authwebauthn.rst b/doc/sources/admin/authwebauthn.rst new file mode 100644 index 0000000000..0fab8b4a39 --- /dev/null +++ b/doc/sources/admin/authwebauthn.rst @@ -0,0 +1,51 @@ +Passkeys / WebAuthn +=================== + +============== ===== ======== +Authentication Users Password +============== ===== ======== +✔ +============== ===== ======== + +.. versionadded:: 2.20.0 + +|beta| + +.. |beta| image:: /documentation/beta.png + +Presentation +------------ + +This mode allow you to authenticate to LemonLDAP::NG using nothing but your FIDO2 credential. + +Requirements +------------ + +As of version 2.20.0, authenticating with Passkeys requires enabling :doc:`webauthn2f` + +.. important:: + + Passkeys require the *Use discoverable credential* option to be set to *preferred* or *required* + + Non-discoverable credentials can only be used as second factors + +Configuring passkeys as an alternate authentication method +---------------------------------------------------------- + +The simplest way to use Passkeys is to enable :doc:`authchoice` and add a new authentication choice using the *WebAuthn* module and your usual LDAP/AD/etc. user backend, in addition to another (LDAP/AD/etc.) authentication backend that users can use on their first login to register their passwordless credential. + +Passwordless credentials have to be registered in the portal's *Second factor manager* at the moment. + +Tips +---- + +Custom second factor activation rule +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If you used custom rule to trigger *WebAuthn* second factors, you may notice that *WebAuthn* is asked *twice* in order to authenticate with passkeys. In order to prevent this, add :: + + and $_auth ne "WebAuthn" + +to the *WebAuthn* activation rule. + +You should also add this rule if you have enabled other 2FA types and want to skip them after authenticating with WebAuthn diff --git a/doc/sources/admin/index_authdb.rst b/doc/sources/admin/index_authdb.rst index 85e3a9cf0b..3891971f22 100644 --- a/doc/sources/admin/index_authdb.rst +++ b/doc/sources/admin/index_authdb.rst @@ -33,6 +33,7 @@ Authentication, users and password databases authmulti authopenid authremote + authwebauthn totp2f mail2f external2f diff --git a/doc/sources/admin/start.rst b/doc/sources/admin/start.rst index d731f8126f..b289acc28b 100644 --- a/doc/sources/admin/start.rst +++ b/doc/sources/admin/start.rst @@ -144,6 +144,7 @@ Official Backends Authenticat :doc:`SSL` ✔ :doc:`Twitter` ✔ :doc:`WebID` ✔ ✔ +:doc:`Passkeys` |beta| ✔ :doc:`Yubico OTP` |deprecated| *Replaced by* :doc:`yubikey2f` :doc:`Custom modules` |new| ✔ ✔ ✔ ==================================================================== =============================================== ======== ======== -- GitLab From c982053df209b57b28164020c3c47246c577c72c Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Thu, 1 Aug 2024 17:46:24 +0200 Subject: [PATCH 11/15] Make sure webauthn js code is injected (#3035) --- lemonldap-ng-portal/t/01-WebAuthn-Registration.t | 6 ++++++ lemonldap-ng-portal/t/01-WebAuthn.t | 11 +++++++++++ lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t | 5 +++++ lemonldap-ng-portal/t/29-AuthWebAuthn.t | 5 +++++ 4 files changed, 27 insertions(+) diff --git a/lemonldap-ng-portal/t/01-WebAuthn-Registration.t b/lemonldap-ng-portal/t/01-WebAuthn-Registration.t index 0dbec504b2..ea7ed560cc 100644 --- a/lemonldap-ng-portal/t/01-WebAuthn-Registration.t +++ b/lemonldap-ng-portal/t/01-WebAuthn-Registration.t @@ -102,6 +102,12 @@ ENDKEY 'Show WebAuthn registration' ); + expectXpath( $res, + '//script[@src="/static/common/js/' + . 'webauthn-json.browser-global.min.js"]' ); + expectXpath( $res, + '//script[@src="/static/common/js/webauthnregistration.min.js"]' ); + like( $res->[2]->[0], qr%{webauthn_autostart}, "1", "WebAuthn set to autostart" ); ok( my $request = getJsVars($res)->{request}, @@ -159,6 +164,12 @@ ENDKEY my ( $host, $url, $query ) = expectForm( $res, "", '/webauthn2fcheck', 'token', 'credential' ); + expectXpath( $res, + '//script[@src="/static/common/js/' + . 'webauthn-json.browser-global.min.js"]' ); + expectXpath( $res, + '//script[@src="/static/common/js/webauthncheck.min.js"]' ); + ok( my $request = getJsVars($res)->{request}, "Found WebAuthn request" ); my $challenge = $request->{challenge}; diff --git a/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t b/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t index 8bc682fae3..c364bb144c 100644 --- a/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t +++ b/lemonldap-ng-portal/t/29-AuthWebAuthn-Choice.t @@ -84,6 +84,11 @@ ENDKEY }; $client->p->getPersistentSession( "dwho", $info ); + expectXpath( $res, + '//script[@src="/static/common/js/webauthn-json.browser-global.min.js"]' + ); + expectXpath( $res, + '//script[@src="/static/common/js/webauthncheck.min.js"]' ); my $js_vars = getJsVars($res); my $request = $js_vars->{request}; my $challenge = $request->{challenge}; diff --git a/lemonldap-ng-portal/t/29-AuthWebAuthn.t b/lemonldap-ng-portal/t/29-AuthWebAuthn.t index 97629bbe9c..8dc98204f1 100644 --- a/lemonldap-ng-portal/t/29-AuthWebAuthn.t +++ b/lemonldap-ng-portal/t/29-AuthWebAuthn.t @@ -80,6 +80,11 @@ ENDKEY my ( $host, $url, $query ) = expectForm( $res, "#", undef, 'token', 'credential' ); + expectXpath( $res, + '//script[@src="/static/common/js/webauthn-json.browser-global.min.js"]' + ); + expectXpath( $res, + '//script[@src="/static/common/js/webauthncheck.min.js"]' ); my $js_vars = getJsVars($res); my $request = $js_vars->{request}; my $challenge = $request->{challenge}; -- GitLab From 403fcc5eb5f02f55f89e697ee499240c623503ab Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 2 Aug 2024 15:49:03 +0200 Subject: [PATCH 12/15] update JS code for WebAuthn conditional mediation (#3035) --- .../site/coffee/webauthncheck.coffee | 30 ++++++++++++ .../htdocs/static/common/js/webauthncheck.js | 47 ++++++++++++++++++- .../static/common/js/webauthncheck.min.js | 2 +- .../static/common/js/webauthncheck.min.js.map | 2 +- 4 files changed, 77 insertions(+), 4 deletions(-) diff --git a/lemonldap-ng-portal/site/coffee/webauthncheck.coffee b/lemonldap-ng-portal/site/coffee/webauthncheck.coffee index 7a4f652a18..41606fb1c0 100644 --- a/lemonldap-ng-portal/site/coffee/webauthncheck.coffee +++ b/lemonldap-ng-portal/site/coffee/webauthncheck.coffee @@ -15,6 +15,9 @@ check = -> setMsg 'webAuthnUnsupported', 'warning' return + if window.webauthnAbort + console.log("Aborting conditional mediation") + window.webauthnAbort.abort() e = jQuery.Event( "webauthnAttempt" ) $(document).trigger e if !e.isDefaultPrevented() @@ -32,10 +35,37 @@ check = -> $(document).trigger e, [ error ] if !e.isDefaultPrevented() setMsg 'webAuthnBrowserFailed', 'danger' + trySetupConditional() + +trySetupConditional = -> + if PublicKeyCredential.isConditionalMediationAvailable + PublicKeyCredential.isConditionalMediationAvailable().then (result) -> + if result + setupConditional() + +setupConditional = -> + console.log("Setting up conditional mediation"); + window.webauthnAbort = new AbortController() + request = { publicKey: window.datas.request, mediation: "conditional", signal: window.webauthnAbort.signal } + webauthnJSON.get request + . then (response) -> + e = jQuery.Event( "webauthnSuccess" ) + $(document).trigger e, [ response ] + if !e.isDefaultPrevented() + $('#credential').val JSON.stringify response + $('#credential').closest('form').submit() + . catch (error) -> + e = jQuery.Event( "webauthnFailure" ) + $(document).trigger e, [ error ] + if !e.isDefaultPrevented() + # do nothing ? + true + $(document).on "portalLoaded", { }, ( event, info ) -> $(document).ready -> $('#retrybutton').on 'click', check $('.webauthnclick').on 'click', check + trySetupConditional() if window.datas.webauthn_autostart setTimeout check, 1000 diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js index 299dd3b27c..3b393718c0 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.js @@ -5,7 +5,7 @@ LemonLDAP::NG WebAuthn verify script */ (function() { - var check, setMsg; + var check, setMsg, setupConditional, trySetupConditional; setMsg = function(msg, level) { $('#msg').attr('trspan', msg); @@ -24,6 +24,10 @@ LemonLDAP::NG WebAuthn verify script setMsg('webAuthnUnsupported', 'warning'); return; } + if (window.webauthnAbort) { + console.log("Aborting conditional mediation"); + window.webauthnAbort.abort(); + } e = jQuery.Event("webauthnAttempt"); $(document).trigger(e); if (!e.isDefaultPrevented()) { @@ -42,16 +46,55 @@ LemonLDAP::NG WebAuthn verify script e = jQuery.Event("webauthnFailure"); $(document).trigger(e, [error]); if (!e.isDefaultPrevented()) { - return setMsg('webAuthnBrowserFailed', 'danger'); + setMsg('webAuthnBrowserFailed', 'danger'); + } + return trySetupConditional(); + }); + } + }; + + trySetupConditional = function() { + if (PublicKeyCredential.isConditionalMediationAvailable) { + return PublicKeyCredential.isConditionalMediationAvailable().then(function(result) { + if (result) { + return setupConditional(); } }); } }; + setupConditional = function() { + var request; + console.log("Setting up conditional mediation"); + window.webauthnAbort = new AbortController(); + request = { + publicKey: window.datas.request, + mediation: "conditional", + signal: window.webauthnAbort.signal + }; + return webauthnJSON.get(request).then(function(response) { + var e; + e = jQuery.Event("webauthnSuccess"); + $(document).trigger(e, [response]); + if (!e.isDefaultPrevented()) { + $('#credential').val(JSON.stringify(response)); + return $('#credential').closest('form').submit(); + } + })["catch"](function(error) { + var e; + e = jQuery.Event("webauthnFailure"); + $(document).trigger(e, [error]); + if (!e.isDefaultPrevented()) { + return true; + } + }); + }; + $(document).on("portalLoaded", {}, function(event, info) { return $(document).ready(function() { $('#retrybutton').on('click', check); $('.webauthnclick').on('click', check); + trySetupConditional(); if (window.datas.webauthn_autostart) { return setTimeout(check, 1000); } diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js index 2d64bd1bf3..4797261492 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js @@ -1 +1 @@ -!function(){var n=function(e,t){return $("#msg").attr("trspan",e),$("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},r=function(){var t,e;if(webauthnJSON.supported())return t=jQuery.Event("webauthnAttempt"),$(document).trigger(t),t.isDefaultPrevented()?void 0:(n("webAuthnBrowserInProgress","warning"),e={publicKey:window.datas.request},webauthnJSON.get(e).then(function(e){if(t=jQuery.Event("webauthnSuccess"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#credential").closest("form").submit()}).catch(function(e){if(t=jQuery.Event("webauthnFailure"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return n("webAuthnBrowserFailed","danger")}));n("webAuthnUnsupported","warning")};$(document).on("portalLoaded",{},function(e,t){return $(document).ready(function(){if($("#retrybutton").on("click",r),$(".webauthnclick").on("click",r),window.datas.webauthn_autostart)return setTimeout(r,1e3)})})}.call(this); \ No newline at end of file +!function(){var n=function(e,t){return $("#msg").attr("trspan",e),$("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},r=function(){var t,e;if(webauthnJSON.supported())return window.webauthnAbort&&(console.log("Aborting conditional mediation"),window.webauthnAbort.abort()),t=jQuery.Event("webauthnAttempt"),$(document).trigger(t),t.isDefaultPrevented()?void 0:(n("webAuthnBrowserInProgress","warning"),e={publicKey:window.datas.request},webauthnJSON.get(e).then(function(e){if(t=jQuery.Event("webauthnSuccess"),$(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#credential").closest("form").submit()}).catch(function(e){return t=jQuery.Event("webauthnFailure"),$(document).trigger(t,[e]),t.isDefaultPrevented()||n("webAuthnBrowserFailed","danger"),i()}));n("webAuthnUnsupported","warning")},i=function(){if(PublicKeyCredential.isConditionalMediationAvailable)return PublicKeyCredential.isConditionalMediationAvailable().then(function(e){if(e)return t()})},t=function(){var e;return console.log("Setting up conditional mediation"),window.webauthnAbort=new AbortController,e={publicKey:window.datas.request,mediation:"conditional",signal:window.webauthnAbort.signal},webauthnJSON.get(e).then(function(e){var t=jQuery.Event("webauthnSuccess");if($(document).trigger(t,[e]),!t.isDefaultPrevented())return $("#credential").val(JSON.stringify(e)),$("#credential").closest("form").submit()}).catch(function(e){var t=jQuery.Event("webauthnFailure");if($(document).trigger(t,[e]),!t.isDefaultPrevented())return!0})};$(document).on("portalLoaded",{},function(e,t){return $(document).ready(function(){if($("#retrybutton").on("click",r),$(".webauthnclick").on("click",r),i(),window.datas.webauthn_autostart)return setTimeout(r,1e3)})})}.call(this); \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map index a0255db31c..dcc6e78e8f 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/webauthncheck.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["webauthncheck.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","check","e","request","webauthnJSON","supported","jQuery","Event","document","trigger","isDefaultPrevented","publicKey","datas","get","then","response","val","JSON","stringify","closest","submit","error","on","event","info","ready","webauthn_autostart","setTimeout","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAQrB,OAPAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,CAC9C,EAEAQ,EAAQ,WACN,IAAIC,EAAGC,EACP,GAAKC,aAAaC,UAAU,EAM5B,OAFAH,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,CAAC,EAChBA,EAAEQ,mBAAmB,EAA1B,KAAA,GACEnB,EAAO,4BAA6B,SAAS,EAC7CY,EAAU,CACRQ,UAAWd,OAAOe,MAAMT,OAC1B,EACOC,aAAaS,IAAIV,CAAO,EAAEW,KAAK,SAASC,GAG7C,GAFAb,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACa,EAAS,EAC7B,CAACb,EAAEQ,mBAAmB,EAExB,OADAhB,EAAE,aAAa,EAAEsB,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCrB,EAAE,aAAa,EAAEyB,QAAQ,MAAM,EAAEC,OAAO,CAEnD,CAAC,EAAS,MAAE,SAASC,GAGnB,GAFAnB,EAAII,OAAOC,MAAM,iBAAiB,EAClCb,EAAEc,QAAQ,EAAEC,QAAQP,EAAG,CAACmB,EAAM,EAC1B,CAACnB,EAAEQ,mBAAmB,EACxB,OAAOnB,EAAO,wBAAyB,QAAQ,CAEnD,CAAC,GAvBDA,EAAO,sBAAuB,SAAS,CAyB3C,EAEAG,EAAEc,QAAQ,EAAEc,GAAG,eAAgB,GAAI,SAASC,EAAOC,GACjD,OAAO9B,EAAEc,QAAQ,EAAEiB,MAAM,WAGvB,GAFA/B,EAAE,cAAc,EAAE4B,GAAG,QAASrB,CAAK,EACnCP,EAAE,gBAAgB,EAAE4B,GAAG,QAASrB,CAAK,EACjCJ,OAAOe,MAAMc,mBACf,OAAOC,WAAW1B,EAAO,GAAI,CAEjC,CAAC,CACH,CAAC,CAEF,EAAE2B,KAAKC,IAAI"} \ No newline at end of file +{"version":3,"sources":["webauthncheck.js"],"names":["setMsg","msg","level","$","attr","html","window","translate","removeClass","addClass","check","e","request","webauthnJSON","supported","webauthnAbort","console","log","abort","jQuery","Event","document","trigger","isDefaultPrevented","publicKey","datas","get","then","response","val","JSON","stringify","closest","submit","error","trySetupConditional","PublicKeyCredential","isConditionalMediationAvailable","result","setupConditional","AbortController","mediation","signal","on","event","info","ready","webauthn_autostart","setTimeout","call","this"],"mappings":"AAMA,CAAA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAQrB,OAPAC,EAAE,MAAM,EAAEC,KAAK,SAAUH,CAAG,EAC5BE,EAAE,MAAM,EAAEE,KAAKC,OAAOC,UAAUN,CAAG,CAAC,EACpCE,EAAE,QAAQ,EAAEK,YAAY,0FAA0F,EAClHL,EAAE,QAAQ,EAAEM,SAAS,WAAaP,CAAK,EACzB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,QAAQ,EAAEM,SAAS,SAAWP,CAAK,CAC9C,EAEAQ,EAAQ,WACN,IAAIC,EAAGC,EACP,GAAKC,aAAaC,UAAU,EAU5B,OANIR,OAAOS,gBACTC,QAAQC,IAAI,gCAAgC,EAC5CX,OAAOS,cAAcG,MAAM,GAE7BP,EAAIQ,OAAOC,MAAM,iBAAiB,EAClCjB,EAAEkB,QAAQ,EAAEC,QAAQX,CAAC,EAChBA,EAAEY,mBAAmB,EAA1B,KAAA,GACEvB,EAAO,4BAA6B,SAAS,EAC7CY,EAAU,CACRY,UAAWlB,OAAOmB,MAAMb,OAC1B,EACOC,aAAaa,IAAId,CAAO,EAAEe,KAAK,SAASC,GAG7C,GAFAjB,EAAIQ,OAAOC,MAAM,iBAAiB,EAClCjB,EAAEkB,QAAQ,EAAEC,QAAQX,EAAG,CAACiB,EAAS,EAC7B,CAACjB,EAAEY,mBAAmB,EAExB,OADApB,EAAE,aAAa,EAAE0B,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCzB,EAAE,aAAa,EAAE6B,QAAQ,MAAM,EAAEC,OAAO,CAEnD,CAAC,EAAS,MAAE,SAASC,GAMnB,OALAvB,EAAIQ,OAAOC,MAAM,iBAAiB,EAClCjB,EAAEkB,QAAQ,EAAEC,QAAQX,EAAG,CAACuB,EAAM,EACzBvB,EAAEY,mBAAmB,GACxBvB,EAAO,wBAAyB,QAAQ,EAEnCmC,EAAoB,CAC7B,CAAC,GA5BDnC,EAAO,sBAAuB,SAAS,CA8B3C,EAEAmC,EAAsB,WACpB,GAAIC,oBAAoBC,gCACtB,OAAOD,oBAAoBC,gCAAgC,EAAEV,KAAK,SAASW,GACzE,GAAIA,EACF,OAAOC,EAAiB,CAE5B,CAAC,CAEL,EAEAA,EAAmB,WACjB,IAAI3B,EAQJ,OAPAI,QAAQC,IAAI,kCAAkC,EAC9CX,OAAOS,cAAgB,IAAIyB,gBAC3B5B,EAAU,CACRY,UAAWlB,OAAOmB,MAAMb,QACxB6B,UAAW,cACXC,OAAQpC,OAAOS,cAAc2B,MAC/B,EACO7B,aAAaa,IAAId,CAAO,EAAEe,KAAK,SAASC,GAC7C,IACAjB,EAAIQ,OAAOC,MAAM,iBAAiB,EAElC,GADAjB,EAAEkB,QAAQ,EAAEC,QAAQX,EAAG,CAACiB,EAAS,EAC7B,CAACjB,EAAEY,mBAAmB,EAExB,OADApB,EAAE,aAAa,EAAE0B,IAAIC,KAAKC,UAAUH,CAAQ,CAAC,EACtCzB,EAAE,aAAa,EAAE6B,QAAQ,MAAM,EAAEC,OAAO,CAEnD,CAAC,EAAS,MAAE,SAASC,GACnB,IACAvB,EAAIQ,OAAOC,MAAM,iBAAiB,EAElC,GADAjB,EAAEkB,QAAQ,EAAEC,QAAQX,EAAG,CAACuB,EAAM,EAC1B,CAACvB,EAAEY,mBAAmB,EACxB,MAAO,CAAA,CAEX,CAAC,CACH,EAEApB,EAAEkB,QAAQ,EAAEsB,GAAG,eAAgB,GAAI,SAASC,EAAOC,GACjD,OAAO1C,EAAEkB,QAAQ,EAAEyB,MAAM,WAIvB,GAHA3C,EAAE,cAAc,EAAEwC,GAAG,QAASjC,CAAK,EACnCP,EAAE,gBAAgB,EAAEwC,GAAG,QAASjC,CAAK,EACrCyB,EAAoB,EAChB7B,OAAOmB,MAAMsB,mBACf,OAAOC,WAAWtC,EAAO,GAAI,CAEjC,CAAC,CACH,CAAC,CAEF,EAAEuC,KAAKC,IAAI"} \ No newline at end of file -- GitLab From 76d3fe0950917965f3abd91291bdc2f3b226adeb Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 2 Aug 2024 15:49:17 +0200 Subject: [PATCH 13/15] Update template for WebAuthn conditional mediation (#3035) --- lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl b/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl index c6af847451..81ce95c3dd 100644 --- a/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl @@ -10,7 +10,8 @@
- " trplaceholder="login" required aria-required="true"/> + " + trplaceholder="login" required aria-required="true" autocomplete="webauthn"/>
-- GitLab From 4bd2d40f470892d493d5f323c168f6b8473bd1e5 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 5 Aug 2024 15:20:32 +0200 Subject: [PATCH 14/15] Update changelog for conditional mediation (#3035) --- doc/sources/admin/upgrade_2_x.rst | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/doc/sources/admin/upgrade_2_x.rst b/doc/sources/admin/upgrade_2_x.rst index 2b971fa653..2d1da46521 100644 --- a/doc/sources/admin/upgrade_2_x.rst +++ b/doc/sources/admin/upgrade_2_x.rst @@ -113,6 +113,28 @@ from both templates. - +Passwordless WebAuthn +^^^^^^^^^^^^^^^^^^^^^ + +In order to support autocompletion of WebAuthn credentials on supported web browsers, update `standardlogin.tpl` + +.. code:: diff + + diff --git a/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl b/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl + index c6af84745..81ce95c3d 100644 + --- a/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl + +++ b/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl + @@ -10,7 +10,8 @@ +
+ +
+ - " trplaceholder="login" required aria-required="true"/> + + " + + trplaceholder="login" required aria-required="true" autocomplete="webauthn"/> +
+
+
+ Also update `2fregisters.tpl` to that resident credentials are properly show to the user -- GitLab From c467f9ffc6a6ca95c216c0e442e67484cb277e69 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Thu, 8 Aug 2024 10:35:16 +0200 Subject: [PATCH 15/15] Document new psession index (#3035) --- doc/sources/admin/browseablesessionbackend.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/doc/sources/admin/browseablesessionbackend.rst b/doc/sources/admin/browseablesessionbackend.rst index 27f33b95fc..37652dfa61 100644 --- a/doc/sources/admin/browseablesessionbackend.rst +++ b/doc/sources/admin/browseablesessionbackend.rst @@ -27,10 +27,10 @@ List of fields to index by session type * - Session Type - Fields to index - * - Sessions (global) [1]_ - - \_whatToTrace \_session_kind \_utime ipAddr \_httpSessionType user mail \_session_uid + * - Sessions (global) + - \_whatToTrace \_session_kind \_utime ipAddr \_httpSessionType user [#]_ mail [#]_ \_session_uid [#]_ * - Persistent sessions - - \_session\_kind \_httpSessionType \_session\_uid ipAddr \_whatToTrace + - \_session\_kind \_httpSessionType \_session\_uid ipAddr \_whatToTrace \_webAuthnUserHandle [#]_ * - CAS sessions - \_session_kind \_utime \_cas\_id pgtIou * - SAML sessions @@ -38,10 +38,10 @@ List of fields to index by session type * - OIDC sessions - \_session_kind \_utime \_oidc_sid \_oidc_sub -.. [1] - - ``user`` is used by :doc:`resetpassword`. - - ``mail`` is used by :doc:`register`. - - ``_session_uid`` is used by :doc:`trustedbrowser`. +.. [#] ``user`` is used by :doc:`resetpassword`. +.. [#] ``mail`` is used by :doc:`register`. +.. [#] ``_session_uid`` is used by :doc:`trustedbrowser`. +.. [#] ``_webAuthnUserHandle`` is used by :doc:`authwebauthn`. .. note:: -- GitLab