lemonldap-ng issueshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues2018-05-19T19:41:51Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1325Configuration of registerUrl2018-05-19T19:41:51ZClément OUDOTConfiguration of registerUrlThe 'registerUrl' parameter is no more defined in Manager.
It is defined in ZeroConf, but we lost it at first save (because it is not in the configuration attributes).
Without it, the link on the register button on portal is broken.The 'registerUrl' parameter is no more defined in Manager.
It is defined in ZeroConf, but we lost it at first save (because it is not in the configuration attributes).
Without it, the link on the register button on portal is broken.2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1322Get user attributes in Auth module for external authentication2018-06-23T06:33:23ZClément OUDOTGet user attributes in Auth module for external authenticationWhen we use social login (Twitter/FB/LinkedIn/...), we need to get user attributes at authentication phase, to be able to map one of these to UserDB backend.
This is already done for LinkedIn, and must be generalized to other modules.When we use social login (Twitter/FB/LinkedIn/...), we need to get user attributes at authentication phase, to be able to map one of these to UserDB backend.
This is already done for LinkedIn, and must be generalized to other modules.2.0.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1321Choice/renew conflict2018-06-12T14:10:49ZYaddChoice/renew conflict2.0.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1320CAS conflict with logout (url parameter)2018-05-19T19:41:51ZYaddCAS conflict with logout (url parameter)Proposition : replace our "url" param by another name or import 1.9 patch (exception for CAS)Proposition : replace our "url" param by another name or import 1.9 patch (exception for CAS)2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1319Consents given not saved2018-05-19T19:41:51ZYaddConsents given not saved2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1317Wildcard in virtualhost names2020-02-20T16:21:59ZFrédéric MASSOTWildcard in virtualhost namesHi,
The DNS zone and Apache with the vhost_alias module and the VirtualDocumentRoot directive handle addresses with a wildcard like: *.projects.domain.com
In Apache you can configure a virtual host with:
ServerAlias *.projects.dom...Hi,
The DNS zone and Apache with the vhost_alias module and the VirtualDocumentRoot directive handle addresses with a wildcard like: *.projects.domain.com
In Apache you can configure a virtual host with:
ServerAlias *.projects.domain.com
VirtualDocumentRoot "/var/www/projects/%1"
Unfortunately we can not protect these addresses with LemonLDAP, if we add an address with a wildcard in the manager we have the error:
exportedHeaders/*.projects.domain.com: Bad hostname
locationRules/*.projects.domain.com: Bad hostname
Can you add support for wildcard addresses in LemonLDAP, please?
Regards.2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1313History not display during login2018-05-19T19:41:51ZYaddHistory not display during loginHistory is well displayed in menu but not during login (if asked)History is well displayed in menu but not during login (if asked)2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1312errors using saml post sso2018-05-19T19:41:51Zdcoutadeur dcoutadeurerrors using saml post ssoHere is the use case:
- LemonLDAP 2.0 SAML IdP, authentication = combination (Kerberos, LDAP)
- LemonLDAP SAML SP
On the IdP, I get the following errors, which lead to a 500 internal error
```
Use of uninitialized value $encryp...Here is the use case:
- LemonLDAP 2.0 SAML IdP, authentication = combination (Kerberos, LDAP)
- LemonLDAP SAML SP
On the IdP, I get the following errors, which lead to a 500 internal error
```
Use of uninitialized value $encryption_mode in pattern match (m//) at /usr/local/share/perl5/Lemonldap/NG/Portal/Lib/SAML.pm line 2888.
Use of uninitialized value $encryption_mode in pattern match (m//) at /usr/local/share/perl5/Lemonldap/NG/Portal/Lib/SAML.pm line 2890.
Use of uninitialized value $encryption_mode in concatenation (.) or string at /usr/local/share/perl5/Lemonldap/NG/Portal/Lib/SAML.pm line 362.
[warn] No IDP found in configuration
Argument "Lasso::Constants::LOGIN_PROTOCOL_PROFILE_BRWS_ART" isn't numeric in numeric eq (==) at /usr/local/share/perl5/Lemonldap/NG/Portal/Issuer/SAML.pm line 726.
Argument "Lasso::Constants::LOGIN_PROTOCOL_PROFILE_BRWS_ART" isn't numeric in numeric eq (==) at /usr/local/share/perl5/Lemonldap/NG/Portal/Issuer/SAML.pm line 743.
mod_fcgid: stderr: Attribute (storageModule) does not pass the type constraint because: Validation failed for 'Str' with value undef at /usr/lib64/perl5/vendor_perl/Mouse/Util.pm line 383., referer: https://www.auth.example.com/
mod_fcgid: stderr: \tMouse::Util::throw_error('Mouse::Meta::Attribute=HASH(0x198c3e8)', 'Attribute (storageModule) does not pass the type constraint b...', 'data', undef, 'depth', -1) called at /usr/local/share/perl5/Lemonldap/NG/Portal/Lib/SAML.pm line 2778, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Lib::SAML::getSamlSession('Lemonldap::NG::Portal::Issuer::SAML=HASH(0x2, referer: https://www.auth.example.com/
mod_fcgid: stderr: 1a10a0)', undef, 'HASH(0x3ea8bd8)') called at /usr/local/share/perl5/Lemonldap/NG/Portal/Issuer/SAML.pm line 809, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Issuer::SAML::run('Lemonldap::NG::Portal::Issuer::SAML=HASH(0x21a10a0)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)', 'singleSignOn') called at /usr/local/share/perl5/Lemonldap/NG/Portal/Main/Issuer.pm line 123, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Main::Issuer::__ANON__('Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)') called at /usr/local/share/perl5/Lemonldap, referer: https://www.auth.example.com/
mod_fcgid: stderr: /NG/Portal/Main/Process.pm line 25, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Main::process('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)') called at /usr/local/share/perl5/Lemonldap/NG/Portal/Main/Run.pm line 162, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Main::do('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)', 'ARRAY(0x3ea2660)') called at /usr/local/share/perl5/Lemonldap/NG/Portal/Main/Issuer.pm line 125, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Porta, referer: https://www.auth.example.com/
mod_fcgid: stderr: l::Main::Issuer::_forAuthUser('Lemonldap::NG::Portal::Issuer::SAML=HASH(0x21a10a0)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)', 'singleSignOn') called at /usr/local/share/perl5/Lemonldap/NG/Portal/Main/Plugin.pm line 45, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Main::Plugin::__ANON__('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)', 'singleSignOn') called at /usr/local/share/perl5/Lemonldap/NG/Common/PSGI/Router.pm line 145, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Common::PSGI, referer: https://www.auth.example.com/
mod_fcgid: stderr: ::Router::followPath('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)', 'HASH(0x28b6900)', 'ARRAY(0x1908c18)') called at /usr/local/share/perl5/Lemonldap/NG/Common/PSGI/Router.pm line 141, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Common::PSGI::Router::followPath('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)', 'HASH(0xafa820)', 'ARRAY(0x1908c18)') called at /usr/local/share/perl5/Lemonldap/NG/Common/PSGI/Router.pm line 1, referer: https://www.auth.example.com/
mod_fcgid: stderr: 29, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Common::PSGI::Router::handler('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)') called at /usr/local/share/perl5/Lemonldap/NG/Portal/Main/Run.pm line 36, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Portal::Main::handler('Lemonldap::NG::Portal::Main=HASH(0x1631c20)', 'Lemonldap::NG::Portal::Main::Request=HASH(0x3e6db80)') called at /usr/local/share/perl5/Lemonldap/NG/Handler/PSGI/Try.pm line 71, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tLemonldap::NG::Handler::PSGI::Try::__ANON__('HASH(0x3e5faa0)') , referer: https://www.auth.example.com/
mod_fcgid: stderr: called at /usr/share/perl5/vendor_perl/Plack/Util.pm line 142, referer: https://www.auth.example.com/
mod_fcgid: stderr: \teval {...} called at /usr/share/perl5/vendor_perl/Plack/Util.pm line 142, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tPlack::Util::run_app('CODE(0x3e5d178)', 'HASH(0x3e5faa0)') called at /usr/share/perl5/vendor_perl/Plack/Handler/FCGI.pm line 134, referer: https://www.auth.example.com/
mod_fcgid: stderr: \tPlack::Handler::FCGI::run('Plack::Handler::FCGI=HASH(0xadfc48)', 'CODE(0x3e5d178)') called at /usr/local/lemonldap-ng/htdocs/portal/htdocs/index.fcgi line 8, referer: https://www.auth.example.com/
```
It seems some Lasso variables are not loaded. The other errors may be only consequences...2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1309Custom functions can't be evaluated when the portal is on Apache2018-05-19T19:41:51ZValérie BaucheCustom functions can't be evaluated when the portal is on ApacheWhen portal is deployed with Apache, we cannot set custom function file :
PerlRequire won't work with fcgi
llng-fastcgi-server is only for nginx
So when a custom function needs to be evaluated on the portal it fails (Undefined subro...When portal is deployed with Apache, we cannot set custom function file :
PerlRequire won't work with fcgi
llng-fastcgi-server is only for nginx
So when a custom function needs to be evaluated on the portal it fails (Undefined subroutine)2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1305Logout fails when SAML issuer is enabled2018-05-19T19:41:51ZRick JongbloedLogout fails when SAML issuer is enabledWhen logging out an error is displayed "Internal server error". This occurs both in Apache and NGINX.
I've atached the Apache2 logging as this logging is more verbose, but the same error occurs. I haven't yet had the time to troublesh...When logging out an error is displayed "Internal server error". This occurs both in Apache and NGINX.
I've atached the Apache2 logging as this logging is more verbose, but the same error occurs. I haven't yet had the time to troubleshoot the file Session.pm
[debug] Get session b9ae5cce84b7d6ad9d0736812a86f92be519e84118afb4c76504831c3c3b7882 from Handler internal cache
[debug] removing cookie
[debug] User adminuser was granted to access to /?logout=1
[debug] Start routing default route
[debug] Processing importHandlerDatas
[debug] Processing controlUrl
[debug] Processing checkLogout
[debug] Processing code ref
[debug] Processing code ref
[debug] Processing code ref
[Sat Sep 23 18:01:54.244076 2017] [fcgid:warn] [pid 6501] [client 192.168.1.19:42089] mod_fcgid: stderr: Can't call method "can" on an undefined value at /usr/local/share/perl/5.24.1/Lemonldap/NG/Common/Apache/Session.pm line 22., referer: https://auth.artificialcreature.com:20443/
[Sat Sep 23 18:01:54.244838 2017] [deflate:debug] [pid 6501] mod_deflate.c(853): [client 192.168.1.19:42089] AH01384: Zlib: Compressed 21 to 23 : URL /index.fcgi, referer: https://auth.artificialcreature.com:20443/
if you need more information, please let me know as i've got both NGINX and Apache2 setup.2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1302Move all HTML fragments into templates2018-05-19T19:41:51ZYaddMove all HTML fragments into templatesThe following files generate HTML fragment inside Perl code. The idea is to move HTML strings into template files.
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/AD.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm
* l...The following files generate HTML fragment inside Perl code. The idea is to move HTML strings into template files.
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/AD.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Menu.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/History.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SingleSession.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenID/SREG.pm
* lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1300Improve "reload Urls" restrictions2018-05-19T19:41:50ZYaddImprove "reload Urls" restrictionsA workaround has been found for ##1297 (1.9.12) but should be improved for 2.0.A workaround has been found for ##1297 (1.9.12) but should be improved for 2.0.2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1292Menu categories order is not correctly saved/loaded2018-05-19T19:41:50ZClément OUDOTMenu categories order is not correctly saved/loadedWhen changing order of categories in menu, we see that they are saved:
```
[debug] User dwho was granted to access to /mysession/persistent
[debug] Start routing mysession
[debug] Update dwho persistent session
auth.example.com:80 ...When changing order of categories in menu, we see that they are saved:
```
[debug] User dwho was granted to access to /mysession/persistent
[debug] Start routing mysession
[debug] Update dwho persistent session
auth.example.com:80 127.0.0.1 - - [04/Sep/2017:14:56:24 +0200] "PUT /mysession/persistent HTTP/1.1" 200 390 "http://auth.example.com:19876/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:54.0) Gecko/20100101 Firefox/54.0"
{code}
But when reconnecting the order is not correctly loaded, values seems buggy:
{code}
[debug] Store sort_,sort_,sort_ in session key _appsListOrder
```2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1290Server error when REST/SOAP servers enabled2018-05-19T19:41:50ZClément OUDOTServer error when REST/SOAP servers enabledWhen enabling REST/SOAP servers and reloading portal page, we have this error:
```
[info] Loading configuration 2 for process 30641
[debug] Process 30641 calls defaultValuesInit
[debug] Process 30641 calls jailInit
[debug] Custom f...When enabling REST/SOAP servers and reloading portal page, we have this error:
```
[info] Loading configuration 2 for process 30641
[debug] Process 30641 calls defaultValuesInit
[debug] Process 30641 calls jailInit
[debug] Custom function : My::hello
[debug] Custom function : My::get_additional_arg
[debug] Process 30641 calls portalInit
[debug] Process 30641 calls locationRulesInit
[info] Rules logout_app and logout_app_sso require Apache>=2
[info] Rules logout_app and logout_app_sso require Apache>=2
[debug] Process 30641 calls sessionStorageInit
[debug] Process 30641 calls headersInit
[debug] Process 30641 calls postUrlInit
[debug] Compiling POST data for /form.html
[debug] Process 30641 calls aliasInit
[debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[debug] Launching Lemonldap::NG::Portal::Main->reloadConf(conf)
[debug] Module Lemonldap::NG::Portal::Auth::Demo loaded
[warn] Using demonstration mode, go to Manager to edit the configuration
[debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
[debug] Plugin ::Auth::Demo initializated
[debug] Module Lemonldap::NG::Portal::UserDB::Demo loaded
[debug] Plugin ::UserDB::Demo initializated
[debug] Vhost test1.example.com added in trusted domains
[debug] Vhost manager.example.com added in trusted domains
[debug] Vhost test2.example.com added in trusted domains
[debug] Module Lemonldap::NG::Portal::Main::Menu loaded
[debug] Plugin ::Main::Menu initializated
[debug] Module Lemonldap::NG::Portal::Plugins::History loaded
[debug] Found afterDatas entry point:
[debug] -> run
[debug] Plugin ::Plugins::History initializated
[debug] Module Lemonldap::NG::Portal::Plugins::Upgrade loaded
[debug] Declaring auth route
[debug] Add GET route:
[debug] route upgradesession added
[debug] Declaring auth route
[debug] Add POST route:
[debug] route upgradesession added
[debug] Plugin ::Plugins::Upgrade initializated
[debug] Module Lemonldap::NG::Portal::Plugins::SOAPServer loaded
[debug] Declaring unauth route
[debug] Add POST route:
[debug] route sessions added
[debug] Declaring unauth route
[debug] Add POST route:
[debug] route adminSessions added
[debug] Declaring auth route
[debug] Add POST route:
[debug] route sessions added
[debug] Declaring auth route
[debug] Add POST route:
[debug] route adminSessions added
[debug] Declaring unauth route
[debug] Add POST route:
[debug] route config added
[debug] Declaring auth route
[debug] Add POST route:
[debug] route config added
[debug] Plugin ::Plugins::SOAPServer initializated
[debug] Module Lemonldap::NG::Portal::Plugins::RESTServer loaded
[debug] Declaring unauth route
[debug] Add GET route:
[debug] route virtualHosts added
[debug] route samlIDPMetaDataNodes added
[debug] route samlSPMetaDataNodes added
[debug] route applicationList added
[debug] route oidcOPMetaDataNodes added
[debug] route oidcRPMetaDataNodes added
[debug] route authChoiceModules added
[debug] route grantSessionRules added
[debug] route : added
[debug] route confs added
[debug] Declaring unauth route
[debug] Add GET route:
[debug] route * added
[debug] route : added
[debug] route confs added
[debug] Declaring unauth route
[debug] Add GET route:
[debug] route : added
[debug] route sessions added
[debug] Declaring unauth route
[debug] Add POST route:
Not a HASH reference at /home/clement/dev/lemonldap/trunk/lemonldap-ng-common/blib/lib/Lemonldap/NG/Common/PSGI/Router.pm line 41, <FILE> line 1.
[Wed Aug 30 18:50:46.506860 2017] [fcgid:warn] [pid 30613:tid 140497117656832] (104)Connexion ré-initialisée par le correspondant: [client 127.0.0.1:45846] mod_fcgid: error reading data from FastCGI server, referer: http://manager.example.com:19876/manager.html
[Wed Aug 30 18:50:46.507060 2017] [core:error] [pid 30613:tid 140497117656832] [client 127.0.0.1:45846] End of script output before headers: index.fcgi, referer: http://manager.example.com:19876/manager.html
auth.example.com:80 127.0.0.1 - - [30/Aug/2017:18:50:46 +0200] "GET / HTTP/1.1" 302 506 "http://manager.example.com:19876/manager.html" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:54.0) Gecko/20100101 Firefox/54.0"
```2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1273Can't call method "logger" on an undefined value2018-05-19T19:41:49ZMathieu Lecompte-melançonCan't call method "logger" on an undefined valueWith "COMBI" mode between LDAP and DEMO, i can't login with my user ldap to LDAP backend
2017/07/17 15:05:16 [error] 2340#2340: *1636 FastCGI sent in stderr: "Can't call method "logger" on an undefined value at /usr/share/perl5/vendor...With "COMBI" mode between LDAP and DEMO, i can't login with my user ldap to LDAP backend
2017/07/17 15:05:16 [error] 2340#2340: *1636 FastCGI sent in stderr: "Can't call method "logger" on an undefined value at /usr/share/perl5/vendor_perl/Lemonldap/NG/Portal/Lib/Net/LDAP.pm line 591" while reading response header from upstream, client: 10.193.11.11, server: auth.beta.urgences-sante.qc.ca, request: "POST / HTTP/1.1", upstream: "fastcgi://unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock:", host: "auth.beta.urgences-sante.qc.ca", referrer: "http://auth.beta.urgences-sante.qc.ca/"2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1271Bad behaviour with static content2018-05-19T19:41:49ZMathieu Lecompte-melançonBad behaviour with static contentIn test page, ther some js reference to portal js like:
http://auth.beta.urgences-sante.qc.ca/skins/bootstrap/js/bootstrap.js
But apparently when i load manually the link i obtain the portal web page note the JSIn test page, ther some js reference to portal js like:
http://auth.beta.urgences-sante.qc.ca/skins/bootstrap/js/bootstrap.js
But apparently when i load manually the link i obtain the portal web page note the JS2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1267Allow custom regexp for vhost display2018-05-19T19:41:49ZMathieu ParentAllow custom regexp for vhost displayCurrently "Display application" has 3 possibilities : yes/no/auto (auto means use location rules).
We need a fourth possibility to have an application visible in the portal to a group while being accessible by a more broad group.
P...Currently "Display application" has 3 possibilities : yes/no/auto (auto means use location rules).
We need a fourth possibility to have an application visible in the portal to a group while being accessible by a more broad group.
Proposal : accept an expression like in location rules.2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1258no successful password notification message2018-05-19T19:41:49Zdcoutadeur dcoutadeurno successful password notification messageWhen changing password on the portal, the user never gets a successful notification message.When changing password on the portal, the user never gets a successful notification message.2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1252Bad URL in OIDC authentication flow when first authentication2018-05-19T19:41:48ZClément OUDOTBad URL in OIDC authentication flow when first authenticationWhen testing OIDC authentication from RP without being authenticated on OP, the flow ends with a "Bad URL" error after login+consent screen:
```
[debug] Get session 8faa76011d8e811799d0c1af8c754e70a0448801040170684b2e219fe473892b
[debug...When testing OIDC authentication from RP without being authenticated on OP, the flow ends with a "Bad URL" error after login+consent screen:
```
[debug] Get session 8faa76011d8e811799d0c1af8c754e70a0448801040170684b2e219fe473892b
[debug] removing cookie
[debug] User dwho was granted to access to /oauth2/authorize?response_type=code&client_id=lemonldap&scope=openid%20profile%20address%20email%20phone&redirect_uri=http%3A%2F%2Fauth.example.com%2Foauth2.pl%3Fopenidconnectcallback%3D1&state=ABCDEFGHIJKLMNOPQRSTUVWXXZ&nonce=1234567890&display=popup&prompt=consent&ui_locales=fr-CA%20en-GB%20en%20fr-FR%20fr
[debug] Start routing oauth2
[debug] Processing _forAuthUser
[notice] Bad (or expired) token 1497288803_7661
[debug] Processing importHandlerDatas
[debug] Processing controlUrl
[debug] Confirm parameter accepted 1
[error] Value must be in BASE64 (param: url | value: http://auth.example.com:19876/oauth2/authorize?issuerRequestoauth2=1497288803_7661)
[debug] Returned error: 37
Status: Unknown command line : dwho => /oauth2/authorize?response_type=code&client_id=lemonldap&scope=openid profile address email phone&redirect_uri=http:/auth.example.com/oauth2.pl?openidconnectcallback=1&state=ABCDEFGHIJKLMNOPQRSTUVWXXZ&nonce=1234567890&display=popup&prompt=consent&ui_locales=fr-CA en-GB en fr-FR fr 37
[debug] Skin returned: error
[debug] Calling sendHtml with template error
[debug] Starting HTML generation using /home/clement/dev/lemonldap/trunk/lemonldap-ng-portal/site/templates/bootstrap/error.tpl
```2.0.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1251Internal Server error if no OIDC session storage defined2018-05-19T19:41:48ZClément OUDOTInternal Server error if no OIDC session storage definedIn a simple OIDC configuration, we may not need to define a specific session stroage for OIDC technical sessions.
But in this case we have this error:
```
[Tue Jun 13 15:15:05.678223 2017] [fcgid:warn] [pid 21088:tid 139656070940416] [...In a simple OIDC configuration, we may not need to define a specific session stroage for OIDC technical sessions.
But in this case we have this error:
```
[Tue Jun 13 15:15:05.678223 2017] [fcgid:warn] [pid 21088:tid 139656070940416] [client 127.0.0.1:39570] mod_fcgid: stderr: Attribute (storageModule) does not pass the type constraint because: Validation failed for 'Str' with value undef at /usr/lib/x86_64-linux-gnu/perl5/5.22/Mouse/Util.pm line 386., referer: http://auth.example.com:19876/oauth2/authorize?response_type=code&client_id=lemonldap&scope=openid%20profile%20address%20email%20phone&redirect_uri=http%3A%2F%2Fauth.example.com%2Foauth2.pl%3Fopenidconnectcallback%3D1&state=ABCDEFGHIJKLMNOPQRSTUVWXXZ&nonce=1234567890&display=popup&prompt=consent&ui_locales=fr-CA%20en-GB%20en%20fr-FR%20fr
[Tue Jun 13 15:15:05.678261 2017] [fcgid:warn] [pid 21088:tid 139656070940416] [client 127.0.0.1:39570] mod_fcgid: stderr: \tMouse::Util::throw_error(Mouse::Meta::Attribute=HASH(0x559b3f4c8500), "Attribute (storageModule) does not pass the type constraint b"..., "data", undef, "depth", -1) called at /home/clement/dev/lemonldap/trunk/lemonldap-ng-portal/blib/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm line 652, referer: http://auth.example.com:19876/oauth2/authorize?response_type=code&client_id=lemonldap&scope=openid%20profile%20address%20email%20phone&redirect_uri=http%3A%2F%2Fauth.example.com%2Foauth2.pl%3Fopenidconnectcallback%3D1&state=ABCDEFGHIJKLMNOPQRSTUVWXXZ&nonce=1234567890&display=popup&prompt=consent&ui_locales=fr-CA%20en-GB%20en%20fr-FR%20fr
```
All technical session storage should use the default one if not configured.
2.0.0YaddYadd