From 165f8cf313337c809d715ff58f9cb559d8f9587b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Wed, 24 Feb 2021 13:04:49 +0100 Subject: [PATCH 001/312] Add documentation on how test OpenID Connect with command line tools --- doc/sources/admin/index_minihowtos.rst | 1 + doc/sources/admin/testopenidconnect.rst | 132 ++++++++++++++++++++++++ 2 files changed, 133 insertions(+) create mode 100644 doc/sources/admin/testopenidconnect.rst diff --git a/doc/sources/admin/index_minihowtos.rst b/doc/sources/admin/index_minihowtos.rst index acd2cc1a54..724294db82 100644 --- a/doc/sources/admin/index_minihowtos.rst +++ b/doc/sources/admin/index_minihowtos.rst @@ -17,3 +17,4 @@ Mini Howtos renater behindproxyminihowto useoutgoingproxy + testopenidconnect diff --git a/doc/sources/admin/testopenidconnect.rst b/doc/sources/admin/testopenidconnect.rst new file mode 100644 index 0000000000..89d662ac8e --- /dev/null +++ b/doc/sources/admin/testopenidconnect.rst @@ -0,0 +1,132 @@ +Test OpenID Connect with command line tools +=========================================== + +We present here how to test the OpenID Connect protocol (authorization code flow) with commande line tools, like `curl`. + +We use in this example a public OIDC provider based on LL::NG: ``_ + +Authentication +-------------- + +The first step is to obtain a valid SSO session on the portal. Several solutions: + * Use a web browser and log into the portal, then get the value of the SSO cookie + * Use portal REST API, and adapt the `requireToken` configuration to get cookie value in JSON response (see :doc:`REST services`) + +Example of REST service usage, with credentials `dwho`/`dwho`: + +.. code-block:: shell + + curl -X POST -d user=dwho -d password=dwho -H 'Accept: application/json' 'https://oidctest.wsweet.org/oauth2/' + +The session id is displayed in JSON response: + +.. code-block:: javascript + + { + "error" : "0", + "id" : "0640f95827111f00ba7ad5863ba819fe46cfbcecdb18ce525836369fb4c8350b", + "result" : 1 + } + +Authorization code +------------------ + +In the first step of authorization code flow, we request a temporary code, ont the `authorize` end point. + +Parameters needed: + * SSO session id (will be passed in `lemonldap` cookie, adapt the name if needed) + * Client ID: given by your OIDC provider, we use here `private` + * Scope: depends on which information you need, we will use here `openid profile email` + * Redirect URI: shoud match the value registered in your OIDC provider, we will use here `http://localhost` + +The OIDC provide will return the code in the location header, so we just output this reponse header: + +.. code-block:: shell + + curl -s -D - -o /dev/null -b lemonldap=0640f95827111f00ba7ad5863ba819fe46cfbcecdb18ce525836369fb4c8350b 'https://oidctest.wsweet.org/oauth2/authorize?response_type=code&client_id=private&scope=openid+profile+email&redirect_uri=http://localhost' | grep '^location' + +The value of the location header is: + +.. code-block:: shell + + location: http://localhost?code=294b0facd91a0fa92762edc48d18369e99c330ba2b8fb05ab2c45999fcef6e17&session_state=BpB8KRMBEDUs%2B7lAjsz4DRk3E0RJImxgUbMsCFFAUa8%3D.N3dVOFg3a2RpNXVJK3ltSldrYXZjUjhtU0tvd29sWkpuWWJJbll5ZGs5NzhZMnh5bmQwd0IxRmJVWUxJSTlkWDBnSWZ2SWFVZmU0UnRaMkVJVjNUY3c9PQ + + +So we get the code value: `94b0facd91a0fa92762edc48d18369e99c330ba2b8fb05ab2c45999fcef6e17` + +This code has a short lifetime, we will use it to get access token and ID token in the next step + +Tokens +------ + +In this step, we exchange the authorization code against tokens: + * Access token + * ID token + * Refresh token (optional) + +Parameters needed: + * Authorization code: see previous step + * Grant type: we use here `authorization_code` + * Redirect URI: same value as the one used in the previous step + * Client ID and Client Secret: given by your OIDC provider, we use here `private`/`tardis` + +.. code-block:: shell + + curl -X POST -d grant_type=authorization_code -d 'redirect_uri=http://localhost' -d code=94b0facd91a0fa92762edc48d18369e99c330ba2b8fb05ab2c45999fcef6e17 -u 'private:tardis' 'https://oidctest.wsweet.org/oauth2/token' | json_pp + +The JSON response looks like this: + +.. code-block:: javascript + + { + "access_token" : "a88b8dde538719e55c3cb8fbd14d06ed77853c685a62abf6ecb88d86228a9c64", + "expires_in" : 3600, + "id_token" : "eyJhbGciOiJSUzI1NiIsImtpZCI6Im9pZGN0ZXN0IiwidHlwIjoiSldUIn0.eyJhdXRoX3RpbWUiOjE2MTQxNjAwMDYsImlhdCI6MTYxNDE2MzIxOCwiaXNzIjoiaHR0cHM6Ly9vaWRjdGVzdC53c3dlZXQub3JnLyIsImF0X2hhc2giOiJIVGswOVNjSjRObEFua3k5SGFFX2VRIiwiYWNyIjoibG9hLTIiLCJleHAiOjE2MTQxNjY4MTgsInN1YiI6ImR3aG8iLCJhenAiOiJwcml2YXRlIiwiYXVkIjpbInByaXZhdGUiXX0.N3TNufjKLzKM3qiIitA7JHUei4L572XjF6AcVl7UAFB6efdGUCiAL7amlUl0FgjZfzW9bzvulBVDidoYSicIaysIdI4KkjmjpVN0Z3gOSu0ecuk5p8fD1KbX6-tmA3txeR18nzfhdckq-S-6Lx7wrWpPNyrzGx-FImbOaUPN2yeVhKPXhdyHJbzI0RqJETxnBkyW-CLEzAJyq3rCUVX-D8kHADvg6a42QQyPdxvBuGrdBfyDDDb_Py13H1qhn40NnuFknR1wSahsY6U97uUooyk-0_U4J3XJAHySjCtivtSeP0fM_5eblMuh6WdVjrfnUF0xnCTbCa2gYRlTS38BkqcsWY26PXoRAOo31a1cmB5sMSZyPtRF9UZcmGiNBIymMMdFgVAJONb6uliiTS5j9-nkmHOqVC-XJ6tuiU3ZSBQ8nCRyNW2LaCzpJ5c3ytP9yYQtyT8HmhN0VnXob3K1uJEA_Xcu4sADjtrm-LbrGiwaVMkfu-C6YIrbuC9riOW6TneV2gAzAjXPOW_UZeXrCrx66GHIJPsJIq29UfbTN5Pxo9SH2yKw6PSfxevkZhBIhEXCOMaIUHrlWz2jDBBzPIWeiSRbK_MRtejQmdRUs8nqdq-McVwnFiUMDt1KZXxqScTtMDF_Lo9oK2RaCijEJ7MSPEscr_YOyp3KIq2FLVg", + "refresh_token" : "19434440ed4da2803e8ba9d91cb2eabd5b8bd12af2609429bda03ed487e6ef57", + "token_type" : "Bearer" + } + +The access token will be used for the last step, to get information about the user. + +The ID Token is a JWT (JSON Web Token) and can be parsed easily, as this is the concatenation of 3 JSON strings encoded in base 64: `base64(header).base64(payload).base64(signature)`. + +Decoding the payload gives: + +.. code-block:: javascript + + { + "acr" : "loa-2", + "at_hash" : "HTk09ScJ4NlAnky9HaE_eQ", + "aud" : [ + "private" + ], + "auth_time" : 1614160006, + "azp" : "private", + "exp" : 1614166818, + "iat" : 1614163218, + "iss" : "https://oidctest.wsweet.org/", + "sub" : "dwho" + } + +User info +--------- + +This step is optional and allows to fetch user information linked to scopes requested in the first step. + +Parameters needed: + * Access token, used as bearer authorization + +.. code-block:: shell + + curl -H 'Authorization: Bearer a88b8dde538719e55c3cb8fbd14d06ed77853c685a62abf6ecb88d86228a9c64' 'https://oidctest.wsweet.org/oauth2/userinfo' | json_pp + +JSON response: + +.. code-block:: javascript + + { + "email" : "dwho@badwolf.org", + "name" : "Doctor Who", + "preferred_username" : "dwho", + "sub" : "dwho" + } -- GitLab From 2d7f9e34a69c369306db4a077e67812566d567bf Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Feb 2021 11:43:49 +0100 Subject: [PATCH 002/312] OIDC: Return error if multiple client auth used (#2474) --- .../lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm index c0d68515ca..3685935a23 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm @@ -1374,6 +1374,12 @@ sub getEndPointAuthenticationCredentials { split( /:/, decode_base64($1) ); }; $self->logger->error("Bad authentication header: $@") if ($@); + + # Using multiple methods is an error + if ($req->param('client_id')) { + $self->logger->error("Multiple client authentication methods used"); + ( $client_id, $client_secret ) = (undef, undef); + } } elsif ( $req->param('client_id') and $req->param('client_secret') ) { $self->logger->debug("Method client_secret_post used"); -- GitLab From 09d727410cf6e3d26a3e0e51179d5a02b330ad4c Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Feb 2021 11:49:39 +0100 Subject: [PATCH 003/312] Unit test for #2474 --- .../t/32-OIDC-Token-Security.t | 31 ++++++++++++++++--- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/lemonldap-ng-portal/t/32-OIDC-Token-Security.t b/lemonldap-ng-portal/t/32-OIDC-Token-Security.t index 355e5342c7..ccb5355713 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Token-Security.t +++ b/lemonldap-ng-portal/t/32-OIDC-Token-Security.t @@ -126,8 +126,12 @@ count(1); my ($code) = expectRedirection( $res, qr#http://rp2\.com/.*code=([^\&]*)# ); # Play code on RP2 -$query = -"grant_type=authorization_code&code=$code&redirect_uri=http%3A%2F%2Frp2.com%2F"; +$query = buildForm( { + grant_type => 'authorization_code', + code => $code, + redirect_uri => 'http://rp2.com/', + } +); ok( $res = $op->_post( @@ -163,9 +167,16 @@ count(1); ($code) = expectRedirection( $res, qr#http://rp\.com/.*code=([^\&]*)# ); # Play code on RP1 -$query = -"grant_type=authorization_code&code=$code&redirect_uri=http%3A%2F%2Frp.com%2F"; +$query = buildForm( { + grant_type => 'authorization_code', + code => $code, + redirect_uri => 'http://rp.com/', + client_id => 'rpid', + client_secret => 'rpsecret', + } +); +# Authenticated client with two methods at once (#2474) ok( $res = $op->_post( "/oauth2/token", @@ -179,6 +190,18 @@ ok( "Post auth code on correct RP" ); count(1); +expectReject( $res, 400, "invalid_request" ); + +ok( + $res = $op->_post( + "/oauth2/token", + IO::String->new($query), + accept => 'text/html', + length => length($query), + ), + "Post auth code on correct RP" +); +count(1); $res = expectJSON($res); my $token = $res->{access_token}; ok( $token, 'Access token present' ); -- GitLab From 5a8c20584b82b50d637f0dbd9a1ff9985b529c75 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Feb 2021 11:58:53 +0100 Subject: [PATCH 004/312] Fix OIDC message when calling technical endpoints with cookies (#2475) --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index a0c1618fa3..61c9aeef71 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -2028,8 +2028,9 @@ sub checkSession { sub badAuthRequest { my ( $self, $req ) = @_; - return $self->p->sendError( $req, - $req->uri . ' may not be called by an authenticated user', 400 ); + my $desc = + "This endpoint is not supposed to be called by authenticated users"; + return $self->sendOIDCError( $req, 'invalid_request', 400, $desc ); } # Nothing to do here -- GitLab From 4841c7755e15baba88792e7349f0c2201458e133 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Feb 2021 15:11:24 +0100 Subject: [PATCH 005/312] Fix OAuth2 error code when supplying invalid code --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 61c9aeef71..6662af5dec 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1263,7 +1263,7 @@ sub _handleAuthorizationCodeGrant { my $codeSession = $self->getAuthorizationCode($code); unless ($codeSession) { $self->logger->error("Unable to find OIDC session $code"); - return $self->sendOIDCError( $req, 'invalid_request', 400 ); + return $self->sendOIDCError( $req, 'invalid_grant', 400 ); } $codeSession->remove(); -- GitLab From 4f5998029dc9f700ef7e0b352cc6ffe7dc969e2e Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Feb 2021 16:00:11 +0100 Subject: [PATCH 006/312] Fix typo --- lemonldap-ng-manager/site/htdocs/static/languages/fr.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index 8f682c5d18..6c6a068de9 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -653,7 +653,7 @@ "oidcRPMetaDataOptionsAccessTokenJWT":"Format JWT pour les jetons d'accès", "oidcRPMetaDataOptionsAccessTokenClaims":"Publier les attributs dans l'Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Algorithme de signature des Access Token", -"oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Aurotiser le Client Credentials Grant OAuth2.0", +"oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Autoriser le Client Credentials Grant OAuth2.0", "oidcRPMetaDataOptionsAllowPasswordGrant":"Autoriser le Password Grant OAuth2.0", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Expiration des codes d'autorisation", "oidcRPMetaDataOptionsBypassConsent":"Contourner le consentement", -- GitLab From fd3b2d25efef37ee2baf55c51ffddda0ff9a6b65 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Feb 2021 17:47:09 +0100 Subject: [PATCH 007/312] Do not remove sessions/oidc consents from Angular when the XHR fails --- .../site/coffee/sessions.coffee | 6 ++---- .../site/htdocs/static/js/sessions.js | 17 +++++++++-------- .../site/htdocs/static/js/sessions.min.js | 2 +- .../site/htdocs/static/js/sessions.min.js.map | 2 +- 4 files changed, 13 insertions(+), 14 deletions(-) diff --git a/lemonldap-ng-manager/site/coffee/sessions.coffee b/lemonldap-ng-manager/site/coffee/sessions.coffee index 87d454eb49..4ba2fac8d8 100644 --- a/lemonldap-ng-manager/site/coffee/sessions.coffee +++ b/lemonldap-ng-manager/site/coffee/sessions.coffee @@ -177,11 +177,11 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', # Delete RP Consent $scope.deleteOIDCConsent = (rp, epoch) -> items = document.querySelectorAll(".data-#{epoch}") - for e in items - e.remove() $scope.waiting = true $http['delete']("#{scriptname}sessions/OIDCConsent/#{sessionType}/#{$scope.currentSession.id}?rp=#{rp}&epoch=#{epoch}").then (response) -> $scope.waiting = false + for e in items + e.remove() , (resp) -> $scope.waiting = false $scope.showT = false @@ -194,8 +194,6 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', $scope.currentScope.remove() $scope.waiting = false , (resp) -> - $scope.currentSession = null - $scope.currentScope.remove() $scope.waiting = false # Open node diff --git a/lemonldap-ng-manager/site/htdocs/static/js/sessions.js b/lemonldap-ng-manager/site/htdocs/static/js/sessions.js index c5facf4f59..95f5d92da1 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/sessions.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/sessions.js @@ -194,15 +194,18 @@ return $scope.showM = false; }; $scope.deleteOIDCConsent = function(rp, epoch) { - var e, i, items, len; + var items; items = document.querySelectorAll(".data-" + epoch); - for (i = 0, len = items.length; i < len; i++) { - e = items[i]; - e.remove(); - } $scope.waiting = true; $http['delete'](scriptname + "sessions/OIDCConsent/" + sessionType + "/" + $scope.currentSession.id + "?rp=" + rp + "&epoch=" + epoch).then(function(response) { - return $scope.waiting = false; + var e, i, len, results; + $scope.waiting = false; + results = []; + for (i = 0, len = items.length; i < len; i++) { + e = items[i]; + results.push(e.remove()); + } + return results; }, function(resp) { return $scope.waiting = false; }); @@ -215,8 +218,6 @@ $scope.currentScope.remove(); return $scope.waiting = false; }, function(resp) { - $scope.currentSession = null; - $scope.currentScope.remove(); return $scope.waiting = false; }); }; diff --git a/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js b/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js index eb8ae43c0c..7fc954e055 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js @@ -1 +1 @@ -(function(){var M,r,h,_;_={_whatToTrace:[function(e,t){return"groupBy=substr("+e+",1)"},function(e,t){return e+"="+t+"*&groupBy="+e},function(e,t){return e+"="+t}],ipAddr:[function(e,t){return"groupBy=net("+e+",16,1)"},function(e,t){return t.match(/:/)||(t+="."),e+"="+t+"*&groupBy=net("+e+",32,2)"},function(e,t){return t.match(/:/)||(t+="."),e+"="+t+"*&groupBy=net("+e+",48,3)"},function(e,t){return t.match(/:/)||(t+="."),e+"="+t+"*&groupBy=net("+e+",128,4)"},function(e,t){return e+"="+t+"&groupBy=_whatToTrace"},function(e,t,n){return n.replace(/\&groupBy.*$/,"")+"&_whatToTrace="+t}],_startTime:[function(e,t){return"groupBy=substr("+e+",8)"},function(e,t){return e+"="+t+"*&groupBy=substr("+e+",10)"},function(e,t){return e+"="+t+"*&groupBy=substr("+e+",11)"},function(e,t){return e+"="+t+"*&groupBy=substr("+e+",12)"},function(e,t){return e+"="+t+"*&groupBy=_whatToTrace"},function(e,t,n){return console.log(e),console.log(t),console.log(n),n.replace(/\&groupBy.*$/,"")+"&_whatToTrace="+t}],doubleIp:[function(e,t){return e},function(e,t){return"_whatToTrace="+t+"&groupBy=ipAddr"},function(e,t,n){return n.replace(/\&groupBy.*$/,"")+"&ipAddr="+t}],_session_uid:[function(e,t){return"groupBy=substr("+e+",1)"},function(e,t){return e+"="+t+"*&groupBy="+e},function(e,t){return e+"="+t}]},h={_whatToTrace:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),1===n&&t.length>o?e+"="+t+"*&groupBy=substr("+e+","+(n+o+1)+")":null},ipAddr:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),0 level",n,"over",o),3 level",n,"over",o),1===n&&t.length>o?e+"="+t+"*&groupBy=substr("+e+","+(n+o+1)+")":null}},M={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],BrowserID:["_browserIdAnswer","_browserIdAnswerRaw"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token"],sfaTitle:["_2fDevices"],oidcConsents:["_oidcConsents"]},r={session:[{title:"deleteSession",icon:"trash"}],home:[]},angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(H,t,i,e,d){var f,n,o,g;return H.links=links,H.menulinks=menulinks,H.staticPrefix=staticPrefix,H.scriptname=scriptname,H.formPrefix=formPrefix,H.impPrefix=impPrefix,H.sessionTTL=sessionTTL,H.availableLanguages=availableLanguages,H.waiting=!0,H.showM=!1,H.showT=!0,H.data=[],H.currentScope=null,H.currentSession=null,H.menu=r,H.translateP=t.translateP,H.translate=t.translate,H.translateTitle=function(e){return t.translateField(e,"title")},g="global",H.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(H.currentNode,H);break;case"string":H[e.action]();break;default:console.log(typeof e.action)}return H.showM=!1},H.deleteOIDCConsent=function(e,t){var n,o,r;for(n=0,r=(o=document.querySelectorAll(".data-"+t)).length;nt.title?1:e.title real attribute"),b.push(l)):x.push(l);return O=x.concat(b),A.push({title:"__attributesAndMacros__",nodes:O}),{_utime:k,nodes:A}},H.currentScope=e,t=e.$modelValue.session,d.get(scriptname+"sessions/"+g+"/"+t).then(function(e){return H.currentSession=n(e.data),H.currentSession.id=t}),H.showT=!1},H.localeDate=function(e){return new Date(1e3*e).toLocaleString()},H.isValid=function(e,t){var n,o,r;return r=i.path(),o=Date.now()/1e3,console.log("Path",r),console.log("Session epoch",e),console.log("Current date",o),console.log("Session TTL",sessionTTL),n=o-e level",n,"over",o),1===n&&t.length>o?e+"="+t+"*&groupBy=substr("+e+","+(n+o+1)+")":null},ipAddr:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),0 level",n,"over",o),3 level",n,"over",o),1===n&&t.length>o?e+"="+t+"*&groupBy=substr("+e+","+(n+o+1)+")":null}},M={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],BrowserID:["_browserIdAnswer","_browserIdAnswerRaw"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token"],sfaTitle:["_2fDevices"],oidcConsents:["_oidcConsents"]},s={session:[{title:"deleteSession",icon:"trash"}],home:[]},angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(H,t,i,e,o){var d,n,r,f;return H.links=links,H.menulinks=menulinks,H.staticPrefix=staticPrefix,H.scriptname=scriptname,H.formPrefix=formPrefix,H.impPrefix=impPrefix,H.sessionTTL=sessionTTL,H.availableLanguages=availableLanguages,H.waiting=!0,H.showM=!1,H.showT=!0,H.data=[],H.currentScope=null,H.currentSession=null,H.menu=s,H.translateP=t.translateP,H.translate=t.translate,H.translateTitle=function(e){return t.translateField(e,"title")},f="global",H.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(H.currentNode,H);break;case"string":H[e.action]();break;default:console.log(typeof e.action)}return H.showM=!1},H.deleteOIDCConsent=function(e,t){var i;return i=document.querySelectorAll(".data-"+t),H.waiting=!0,o.delete(scriptname+"sessions/OIDCConsent/"+f+"/"+H.currentSession.id+"?rp="+e+"&epoch="+t).then(function(e){var t,n,o,r;for(H.waiting=!1,r=[],n=0,o=i.length;nt.title?1:e.title real attribute"),b.push(l)):x.push(l);return O=x.concat(b),A.push({title:"__attributesAndMacros__",nodes:O}),{_utime:k,nodes:A}},H.currentScope=e,t=e.$modelValue.session,o.get(scriptname+"sessions/"+f+"/"+t).then(function(e){return H.currentSession=n(e.data),H.currentSession.id=t}),H.showT=!1},H.localeDate=function(e){return new Date(1e3*e).toLocaleString()},H.isValid=function(e,t){var n,o,r;return r=i.path(),o=Date.now()/1e3,console.log("Path",r),console.log("Session epoch",e),console.log("Current date",o),console.log("Session TTL",sessionTTL),n=o-e Date: Tue, 2 Mar 2021 07:57:21 +0100 Subject: [PATCH 008/312] Fix vhost regexp (#2477) --- .../lib/Lemonldap/NG/Portal/Main/Process.pm | 7 +++-- .../t/01-Reject-Hashes-in-URL.t | 29 +++++++++++++++++++ 2 files changed, 33 insertions(+), 3 deletions(-) create mode 100644 lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm index b0a3972b9b..3916f85962 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm @@ -57,8 +57,9 @@ sub processHook { $self->logger->debug("Not a code ref: $sub"); } } - if ($err != PE_OK) { - $self->logger->warn("Hook $hookName returned ".portalConsts->{$err}); + if ( $err != PE_OK ) { + $self->logger->warn( + "Hook $hookName returned " . portalConsts->{$err} ); } return $err; } @@ -155,7 +156,7 @@ sub controlUrl { } # Unprotected hosts - my ( $proto, $vhost, $appuri ) = $tmp =~ m#^(https?://)([^/]*)(.*)#; + my ( $proto, $vhost, $appuri ) = $tmp =~ m{^(https?://)([^/#?]*)(.*)}; $vhost =~ s/:\d+$//; # Try to resolve alias diff --git a/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t b/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t new file mode 100644 index 0000000000..cb45007a43 --- /dev/null +++ b/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t @@ -0,0 +1,29 @@ +use Test::More; +use strict; +use IO::String; +use MIME::Base64; + +require 't/test-lib.pm'; + +my $res; + +my $client = LLNG::Manager::Test->new( + { ini => { logLevel => 'debug', useSafeJail => 1 } } ); + +ok( + $res = $client->_get( + '/', + query => 'url=' + . encode_base64( 'http://bad.com#test.example.llng', '' ) + ), + 'Try http://bad.com#test.example.llng' +); +expectReject($res); +ok( $res->[2]->[0] =~ /37/, 'Rejected with PE_BADURL' ) + or print STDERR Dumper( $res->[2]->[0] ); + +count(2); + +clean_sessions(); + +done_testing( count() ); -- GitLab From a422af3038f5a71bd8526b1da9626bd4097b9da6 Mon Sep 17 00:00:00 2001 From: Yadd Date: Tue, 2 Mar 2021 07:58:25 +0100 Subject: [PATCH 009/312] Fix test --- lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t b/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t index cb45007a43..839f882c54 100644 --- a/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t +++ b/lemonldap-ng-portal/t/01-Reject-Hashes-in-URL.t @@ -8,7 +8,7 @@ require 't/test-lib.pm'; my $res; my $client = LLNG::Manager::Test->new( - { ini => { logLevel => 'debug', useSafeJail => 1 } } ); + { ini => { logLevel => 'error', useSafeJail => 1 } } ); ok( $res = $client->_get( -- GitLab From b46259cae994b27e0704fb9b5ef20df60f9219a8 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Tue, 2 Mar 2021 19:20:08 +0100 Subject: [PATCH 010/312] Enable upgradeSession only if required & Append unit test (#2480) --- .../lib/Lemonldap/NG/Handler/Main/Reload.pm | 1 + .../lib/Lemonldap/NG/Handler/Main/Run.pm | 9 ++- lemonldap-ng-portal/MANIFEST | 3 + .../t/62-UpgradeSession-disabled.t | 80 +++++++++++++++++++ lemonldap-ng-portal/t/62-UpgradeSession.t | 2 +- lemonldap-ng-portal/t/test-lib.pm | 12 +++ 6 files changed, 102 insertions(+), 5 deletions(-) create mode 100644 lemonldap-ng-portal/t/62-UpgradeSession-disabled.t diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm index e6660982a8..77ccf23594 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm @@ -204,6 +204,7 @@ sub defaultValuesInit { useSafeJail whatToTrace handlerInternalCache handlerServiceTokenTTL customToTrace lwpOpts lwpSslOpts authChoiceAuthBasic authChoiceParam hiddenAttributes + upgradeSession ) ); diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm index d7e7b7e491..7f9cb9808f 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm @@ -346,7 +346,6 @@ sub grant { return $cond->( $req, $session ) if ($cond); $vhost ||= $class->resolveAlias($req); - my $level = $class->getLevel( $req, $uri ); # Using VH authentification level if exists @@ -356,9 +355,11 @@ sub grant { "User authentication level = $session->{authenticationLevel}"); $class->logger->debug("Required authentication level = $level"); $class->logger->warn( -"User rejected due to insufficient authentication level -> Session upgrade enabled" - ); - $session->{_upgrade} = 1; + 'User rejected due to insufficient authentication level'); + if ( $class->tsv->{upgradeSession} ) { + $class->logger->warn(' -> Session upgrade enabled'); + $session->{_upgrade} = 1; + } return 0; } } diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index 3e46f97004..50bd4596d2 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -663,6 +663,7 @@ t/62-Refresh-plugin.t t/62-SingleSession-with-History.t t/62-SingleSession-with-Rules.t t/62-SingleSession.t +t/62-UpgradeSession-disabled.t t/62-UpgradeSession.t t/63-History.t t/64-StayConnected-with-2F-and-History.t @@ -748,6 +749,8 @@ t/gpghome/openpgp-revocs.d/9482CEFB055809CBAFE6D71AAB2D5542891D1677.rev t/gpghome/private-keys-v1.d/A076B0E7DB141A919271EE8B581CDFA8DA42F333.key t/gpghome/private-keys-v1.d/B7219440BCCD85200121CFB89F94C8D98C0397B3.key t/gpghome/pubring.kbx +t/gpghome/pubring.kbx~ +t/gpghome/tofu.db t/gpghome/trustdb.gpg t/lib/Apache/Session/Timeout.pm t/lib/Lemonldap/NG/Common/Conf/Backends/Timeout.pm diff --git a/lemonldap-ng-portal/t/62-UpgradeSession-disabled.t b/lemonldap-ng-portal/t/62-UpgradeSession-disabled.t new file mode 100644 index 0000000000..6c0fcdeb71 --- /dev/null +++ b/lemonldap-ng-portal/t/62-UpgradeSession-disabled.t @@ -0,0 +1,80 @@ +use Test::More; +use strict; +use IO::String; +use Data::Dumper; + +require 't/test-lib.pm'; +require 't/smtp.pm'; + +use_ok('Lemonldap::NG::Common::FormEncode'); +count(1); + +my $res; +my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + upgradeSession => 0, + authentication => 'Choice', + apacheAuthnLevel => 5, + userDB => 'Same', + 'authChoiceModules' => { + 'strong' => 'Apache;Demo;Null;;;{}', + 'weak' => 'Demo;Demo;Null;;;{}' + }, + 'vhostOptions' => { + 'test1.example.com' => { + 'vhostAuthnLevel' => 3 + }, + }, + "locationRules" => { + "test1.example.com" => { + 'default' => 'accept', + '^/AuthWeak(?#AuthnLevel=2)' => 'deny', + '^/AuthStrong(?#AuthnLevel=5)' => 'deny', + }, + }, + } + } +); + +# Try to authenticate +# ------------------- +ok( + $res = $client->_post( + '/', + IO::String->new('user=dwho&password=dwho&lmAuth=weak'), + length => 35, + accept => 'text/html', + ), + 'Auth query' +); +count(1); +my $id = expectCookie($res); + +ok( + $res = $client->_get( + '/AuthWeak', + accept => 'text/html', + cookie => "lemonldap=$id", + host => 'test1.example.com', + ), + 'GET http://test1.example.com/AuthWeak' +); +count(1); + +ok( + $res = $client->_get( + '/AuthStrong', + accept => 'text/html', + cookie => "lemonldap=$id", + host => 'test1.example.com', + ), + 'GET http://test1.example.com/AuthStrong' +); +count(1); +expectForbidden($res); + +$client->logout($id); +clean_sessions(); +done_testing( count() ); + diff --git a/lemonldap-ng-portal/t/62-UpgradeSession.t b/lemonldap-ng-portal/t/62-UpgradeSession.t index b67934d611..a5194f7a55 100644 --- a/lemonldap-ng-portal/t/62-UpgradeSession.t +++ b/lemonldap-ng-portal/t/62-UpgradeSession.t @@ -151,7 +151,7 @@ ok( count(1); expectOK($res); +$client->logout($id); clean_sessions(); - done_testing( count() ); diff --git a/lemonldap-ng-portal/t/test-lib.pm b/lemonldap-ng-portal/t/test-lib.pm index 027bf21ba2..83d13d5516 100644 --- a/lemonldap-ng-portal/t/test-lib.pm +++ b/lemonldap-ng-portal/t/test-lib.pm @@ -374,6 +374,18 @@ sub expectJSON { return $json; } +=head4 expectForbidden($res) + +Verify that returned code is 403. + +=cut + +sub expectForbidden { + my ($res) = @_; + ok( $res->[0] == 403, ' HTTP code is 403' ) or explain( $res->[0], 403 ); + count(1); +} + =head4 expectBadRequest($res) Verify that returned code is 400. Note that it works only for Ajax request -- GitLab From 534745e5a2db5d4f9d0d7df4a307e0a0b52dc077 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 26 Feb 2021 09:47:32 +0100 Subject: [PATCH 011/312] Use computer scopes in Implicit/Hybrid responses (#2424) --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 6662af5dec..e54a289256 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -739,8 +739,7 @@ sub run { # Store data in access token # Generate access_token $access_token = $self->newAccessToken( - $req, $rp, - $oidc_request->{'scope'}, + $req, $rp, $scope, $req->sessionInfo, { scope => $scope, @@ -836,8 +835,7 @@ sub run { # Generate access_token $access_token = $self->newAccessToken( - $req, $rp, - $oidc_request->{'scope'}, + $req, $rp, $scope, $req->sessionInfo, { scope => $scope, -- GitLab From 6b9670c29d4de24171a8729c9e4ae19f456069b1 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 26 Feb 2021 09:49:39 +0100 Subject: [PATCH 012/312] Use computed scopes to fill claims in ID token (#2424) --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index e54a289256..80b78bfaf7 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -770,7 +770,7 @@ sub run { my $id_token = $self->_generateIDToken( $req, $oidc_request, - $rp, { at_hash => $at_hash } ); + $rp, $scope, { at_hash => $at_hash } ); unless ($id_token) { $self->logger->error("Could not generate ID token"); @@ -865,7 +865,7 @@ sub run { $id_token = $self->_generateIDToken( $req, $oidc_request, - $rp, + $rp, $scope, { at_hash => $at_hash, c_hash => $c_hash, @@ -2316,7 +2316,7 @@ sub _convertOldFormatConsents { } sub _generateIDToken { - my ( $self, $req, $oidc_request, $rp, $extra_claims ) = @_; + my ( $self, $req, $oidc_request, $rp, $scope, $extra_claims ) = @_; my $response_type = $oidc_request->{'response_type'}; my $client_id = $oidc_request->{'client_id'}; @@ -2367,8 +2367,7 @@ sub _generateIDToken { # No access_token # Claims must be set in id_token my $claims = - $self->buildUserInfoResponseFromId( $req, $oidc_request->{'scope'}, - $rp, $req->id ); + $self->buildUserInfoResponseFromId( $req, $scope, $rp, $req->id ); foreach ( keys %$claims ) { $id_token_payload_hash->{$_} = $claims->{$_} -- GitLab From e10d1e291c617ed93a634d50bfbebfe15a06a6d8 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 26 Feb 2021 09:50:34 +0100 Subject: [PATCH 013/312] Return granted scopes if different from requested scopes (#2424) --- .../NG/Portal/Issuer/OpenIDConnect.pm | 52 +++++++++++-------- .../Lemonldap/NG/Portal/Lib/OpenIDConnect.pm | 8 +-- 2 files changed, 36 insertions(+), 24 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 80b78bfaf7..3077ae74e7 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -439,7 +439,8 @@ sub run { } # Compute scopes - my $scope = $self->getScope( $req, $rp, $oidc_request->{'scope'} ); + my $req_scope = $oidc_request->{'scope'}; + my $scope = $self->getScope( $req, $rp, $req_scope ); # Obtain consent my $bypassConsent = $self->conf->{oidcRPMetaDataOptions}->{$rp} @@ -708,6 +709,7 @@ sub run { offline => $offline, redirect_uri => $oidc_request->{'redirect_uri'}, scope => $scope, + req_scope => $req_scope, client_id => $client_id, user_session_id => $req->id, } @@ -788,9 +790,12 @@ sub run { # Build Response my $response_url = $self->buildImplicitAuthnResponse( $oidc_request->{'redirect_uri'}, - $access_token, $id_token, $expires_in, + $access_token, + $id_token, + $expires_in, $oidc_request->{'state'}, - $session_state + $session_state, + ( ( $req_scope ne $scope ) ? $scope : undef ) ); return $self->_redirectToUrl( $req, $response_url ); @@ -887,10 +892,14 @@ sub run { # Build Response my $response_url = $self->buildHybridAuthnResponse( - $oidc_request->{'redirect_uri'}, $code, - $access_token, $id_token, - $expires_in, $oidc_request->{'state'}, - $session_state + $oidc_request->{'redirect_uri'}, + $code, + $access_token, + $id_token, + $expires_in, + $oidc_request->{'state'}, + $session_state, + ( ( $req_scope ne $scope ) ? $scope : undef ) ); return $self->_redirectToUrl( $req, $response_url ); @@ -1067,8 +1076,8 @@ sub _handleClientCredentialsGrant { my $client_id = $self->oidcRPList->{$rp}->{oidcRPMetaDataOptionsClientID}; # Populate minimal session info - my $requested_scope = $req->param('scope') || ''; - my $scope = $self->getScope( $req, $rp, $requested_scope ); + my $req_scope = $req->param('scope') || ''; + my $scope = $self->getScope( $req, $rp, $req_scope ); my $infos = { $self->conf->{whatToTrace} => $client_id, @@ -1117,6 +1126,7 @@ sub _handleClientCredentialsGrant { access_token => $access_token, token_type => 'Bearer', expires_in => $expires_in, + ( ( $req_scope ne $scope ) ? ( scope => $scope ) : () ), }; $self->logger->debug("Send token response"); @@ -1126,12 +1136,10 @@ sub _handleClientCredentialsGrant { sub _handlePasswordGrant { my ( $self, $req, $rp ) = @_; my $client_id = $self->oidcRPList->{$rp}->{oidcRPMetaDataOptionsClientID}; - my $scope = $req->param('scope') || 'openid'; + my $req_scope = $req->param('scope') || 'openid'; my $username = $req->param('username'); my $password = $req->param('password'); - $scope = $self->getScope( $req, $rp, $scope ); - unless ( $username and $password ) { $self->logger->error("Missing username or password"); return $self->sendOIDCError( $req, 'invalid_request', 400 ); @@ -1176,7 +1184,7 @@ sub _handlePasswordGrant { } # Resolve scopes - $scope = $self->getScope( $req, $rp, $scope ); + my $scope = $self->getScope( $req, $rp, $req_scope ); my $user_id = $self->getUserIDForRP( $req, $rp, $req->sessionInfo ); @@ -1240,6 +1248,7 @@ sub _handlePasswordGrant { access_token => $access_token, token_type => 'Bearer', expires_in => $expires_in, + ( ( $scope ne $req_scope ) ? ( scope => $scope ) : () ), ( $refresh_token ? ( refresh_token => $refresh_token ) : () ), }; @@ -1311,10 +1320,12 @@ sub _handleAuthorizationCodeGrant { $self->logger->debug("Found corresponding user: $user_id"); + my $req_scope = $codeSession->{data}->{req_scope}; + my $scope = $codeSession->{data}->{scope}; + # Generate access_token my $access_token = $self->newAccessToken( - $req, $rp, - $codeSession->data->{scope}, + $req, $rp, $scope, $codeSession->data->{user_session_id}, { user_session_id => $apacheSession->id, @@ -1347,7 +1358,7 @@ sub _handleAuthorizationCodeGrant { { %userInfo, redirect_uri => $codeSession->data->{redirect_uri}, - scope => $codeSession->data->{scope}, + scope => $scope, client_id => $client_id, _session_uid => $apacheSession->data->{_user}, auth_time => $apacheSession->data->{_lastAuthnUTime}, @@ -1374,7 +1385,7 @@ sub _handleAuthorizationCodeGrant { $rp, { redirect_uri => $codeSession->data->{redirect_uri}, - scope => $codeSession->data->{scope}, + scope => $scope, client_id => $client_id, user_session_id => $codeSession->data->{user_session_id}, }, @@ -1427,10 +1438,8 @@ sub _handleAuthorizationCodeGrant { $id_token_payload_hash->{'at_hash'} = $at_hash if $at_hash; if ( $self->force_id_claims($rp) ) { - my $claims = $self->buildUserInfoResponseFromId( - $req, $codeSession->data->{'scope'}, - $rp, $codeSession->data->{user_session_id} - ); + my $claims = $self->buildUserInfoResponseFromId( $req, $scope, + $rp, $codeSession->data->{user_session_id} ); foreach ( keys %$claims ) { $id_token_payload_hash->{$_} = $claims->{$_} @@ -1461,6 +1470,7 @@ sub _handleAuthorizationCodeGrant { expires_in => $expires_in, id_token => $id_token, ( $refresh_token ? ( refresh_token => $refresh_token ) : () ), + ( ( $req_scope ne $scope ) ? ( scope => $scope ) : () ), }; my $cRP = $apacheSession->data->{_oidcConnectedRP} || ''; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm index 3685935a23..7df19a3c56 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm @@ -361,7 +361,7 @@ sub buildAuthorizationCodeAuthnResponse { # return String Authentication Response URI sub buildImplicitAuthnResponse { my ( $self, $redirect_uri, $access_token, $id_token, $expires_in, - $state, $session_state ) + $state, $session_state, $scope ) = @_; my $response_url = "$redirect_uri#" @@ -374,6 +374,7 @@ sub buildImplicitAuthnResponse { ), ( $expires_in ? ( expires_in => $expires_in ) : () ), ( $state ? ( state => $state ) : () ), + ( $scope ? ( scope => $scope ) : () ), ( $session_state ? ( session_state => $session_state ) : () ) ); return $response_url; @@ -390,8 +391,8 @@ sub buildImplicitAuthnResponse { # return String Authentication Response URI sub buildHybridAuthnResponse { my ( - $self, $redirect_uri, $code, $access_token, - $id_token, $expires_in, $state, $session_state + $self, $redirect_uri, $code, $access_token, $id_token, + $expires_in, $state, $session_state, $scope ) = @_; my $response_url = "$redirect_uri#" @@ -408,6 +409,7 @@ sub buildHybridAuthnResponse { ), ( $expires_in ? ( expires_in => $expires_in ) : () ), ( $state ? ( state => $state ) : () ), + ( $scope ? ( scope => $scope ) : () ), ( $session_state ? ( session_state => $session_state ) : () ) ); return $response_url; -- GitLab From bb95e681e6a0803b543ccbf379aa3b83bef5bfcb Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 26 Feb 2021 09:50:52 +0100 Subject: [PATCH 014/312] Tidy --- .../lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm index 7df19a3c56..950e06d0b3 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm @@ -1378,9 +1378,9 @@ sub getEndPointAuthenticationCredentials { $self->logger->error("Bad authentication header: $@") if ($@); # Using multiple methods is an error - if ($req->param('client_id')) { + if ( $req->param('client_id') ) { $self->logger->error("Multiple client authentication methods used"); - ( $client_id, $client_secret ) = (undef, undef); + ( $client_id, $client_secret ) = ( undef, undef ); } } elsif ( $req->param('client_id') and $req->param('client_secret') ) { -- GitLab From e3ecddb8c9c3d43d84bde6e70926d48f02ed0906 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 26 Feb 2021 10:04:38 +0100 Subject: [PATCH 015/312] Unit tests for #2424 --- lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t | 3 +++ .../t/32-OIDC-Password-Grant-with-Bruteforce.t | 4 ++++ lemonldap-ng-portal/t/32-OIDC-Token-Introspection.t | 3 +++ 3 files changed, 10 insertions(+) diff --git a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t index e2f5a9e05c..0488696385 100644 --- a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t +++ b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t @@ -139,6 +139,8 @@ my $payload = expectJSON($res); my $access_token = $payload->{access_token}; ok( $access_token, "Access Token found" ); count(1); +my $token_res_scope = $payload->{scope}; +ok ($token_res_scope, "Token response returned scope"); # Get userinfo $res = $op->_post( @@ -172,6 +174,7 @@ ok( $payload = expectJSON($res); like( $payload->{scope}, qr/\bread\b/, "Scope read found" ); like( $payload->{scope}, qr/\balways\b/, "Rule-enforced scope found" ); +is ($token_res_scope, $payload->{scope}, "Token response scope match token scope"); clean_sessions(); done_testing(); diff --git a/lemonldap-ng-portal/t/32-OIDC-Password-Grant-with-Bruteforce.t b/lemonldap-ng-portal/t/32-OIDC-Password-Grant-with-Bruteforce.t index d2be545bf8..721cf451d9 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Password-Grant-with-Bruteforce.t +++ b/lemonldap-ng-portal/t/32-OIDC-Password-Grant-with-Bruteforce.t @@ -130,6 +130,9 @@ my $payload = expectJSON($res); my $access_token = $payload->{access_token}; ok( $access_token, "Access Token found" ); count(1); +my $token_res_scope = $payload->{scope}; +ok( $token_res_scope, "Scope found in token response" ); +count(1); # Get userinfo $res = $op->_post( @@ -169,6 +172,7 @@ unlike( $payload->{scope}, qr/\bread\b/, "Scope read not asked, and thus not found" ); like( $payload->{scope}, qr/\bfrench\b/, "Attribute-based scope found" ); like( $payload->{scope}, qr/\balways\b/, "Rule-enforced scope found" ); +is ($payload->{scope}, $token_res_scope, "Token response scope matches token scope"); clean_sessions(); done_testing(); diff --git a/lemonldap-ng-portal/t/32-OIDC-Token-Introspection.t b/lemonldap-ng-portal/t/32-OIDC-Token-Introspection.t index b05c5993ec..b1523ce4a2 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Token-Introspection.t +++ b/lemonldap-ng-portal/t/32-OIDC-Token-Introspection.t @@ -84,6 +84,8 @@ my $json = expectJSON( codeGrant( $op, "rpid", $code, "http://rp2.com/" ) ); my $token = $json->{access_token}; ok( $token, 'Access token present' ); +my $token_resp_scope = $json->{scope}; +ok ($token_resp_scope, 'Token response returned granted scopes'); my ( $res, $query ); @@ -128,6 +130,7 @@ unlike( $json->{scope}, qr/\bwrite\b/, "Response omits a dynamic scope that ev unlike( $json->{scope}, qr/\bifrequested\b/, "Response omits a dynamic scope that was not requested" ); like( $json->{scope}, qr/\bread\b/, "Response contains a dynamic scope that is sent only when requested" ); like( $json->{scope}, qr/\balways\b/, "Response contains a dynamic scope that is not requested but always sent" ); +is ($token_resp_scope, $json->{scope}, "Token response scope matches token scope"); # Check status after expiration Time::Fake->offset("+2h"); -- GitLab From a70051e3fe062b07f05bc807ea9d46e9ba63a887 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 3 Mar 2021 09:51:19 +0100 Subject: [PATCH 016/312] Remove deprecated base64url implementation All our target distros now have base64url in Mime::Base64 --- .../Lemonldap/NG/Portal/2F/Register/U2F.pm | 5 ++-- .../lib/Lemonldap/NG/Portal/2F/U2F.pm | 3 +- .../Lemonldap/NG/Portal/Lib/OpenIDConnect.pm | 28 ++----------------- .../lib/Lemonldap/NG/Portal/Lib/U2F.pm | 17 ----------- 4 files changed, 7 insertions(+), 46 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm index 5804addf22..46b581c502 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm @@ -4,6 +4,7 @@ package Lemonldap::NG::Portal::2F::Register::U2F; use strict; use Mouse; use JSON qw(from_json to_json); +use MIME::Base64 qw(encode_base64url decode_base64url); our $VERSION = '2.0.10'; @@ -141,7 +142,7 @@ sub run { { type => 'U2F', name => $keyName, - _userKey => $self->encode_base64url( $userKey, '' ), + _userKey => encode_base64url( $userKey, '' ), _keyHandle => $keyHandle, epoch => $epoch }; @@ -347,7 +348,7 @@ sub loadUser { . $_->{_userKey} . "/ _keyHandle = " . $_->{_keyHandle} ); - $_->{_userKey} = $self->decode_base64url( $_->{_userKey} ); + $_->{_userKey} = decode_base64url( $_->{_userKey} ); push @u2fs, $_; } } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm index e9c3d0ce7b..bfb9bc661c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm @@ -7,6 +7,7 @@ package Lemonldap::NG::Portal::2F::U2F; use strict; use Mouse; use JSON qw(from_json to_json); +use MIME::Base64 qw(decode_base64url); use Lemonldap::NG::Portal::Main::Constants qw( PE_OK PE_ERROR @@ -224,7 +225,7 @@ sub loadUser { . $_->{_userKey} . " / _keyHandle = " . $_->{_keyHandle} ); - $_->{_userKey} = $self->decode_base64url( $_->{_userKey} ); + $_->{_userKey} = decode_base64url( $_->{_userKey} ); push @u2fs, $_; } } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm index 950e06d0b3..d8fd72ea5e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm @@ -16,7 +16,8 @@ use Lemonldap::NG::Common::FormEncode; use Lemonldap::NG::Common::UserAgent; use Lemonldap::NG::Common::JWT qw(getAccessTokenSessionId getJWTPayload getJWTHeader getJWTSignature getJWTSignedData); -use MIME::Base64 qw/encode_base64 decode_base64/; +use MIME::Base64 + qw/encode_base64 decode_base64 encode_base64url decode_base64url/; use Mouse; use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_REDIRECT); @@ -1880,31 +1881,6 @@ sub getRequestJWT { return $response->decoded_content; } -### Import encode_base64url and decode_base64url from recent MIME::Base64 module: -sub encode_base64url { - my $e = encode_base64( shift, '' ); - $e =~ s/=+\z//; - $e =~ tr[+/][-_]; - return $e; -} - -sub decode_base64url { - my $s = shift; - $s =~ tr[-_][+/]; - $s .= '=' while length($s) % 4; - return decode_base64($s); -} - -sub encodeBase64url { - my ( $self, $value ) = @_; - return encode_base64url($value); -} - -sub decodeBase64url { - my ( $self, $value ) = @_; - return decode_base64url($value); -} - sub addRouteFromConf { my ( $self, $type, %subs ) = @_; my $adder = "add${type}Route"; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/U2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/U2F.pm index aa25e6c4e7..eea61c5dda 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/U2F.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/U2F.pm @@ -2,7 +2,6 @@ package Lemonldap::NG::Portal::Lib::U2F; use strict; use Mouse; -use MIME::Base64 qw(encode_base64 decode_base64); our $VERSION = '2.0.0'; @@ -44,20 +43,4 @@ sub crypter { ); } -sub encode_base64url { - shift; - my $e = encode_base64( shift, '' ); - $e =~ s/=+\z//; - $e =~ tr[+/][-_]; - return $e; -} - -sub decode_base64url { - shift; - my $s = shift; - $s =~ tr[-_][+/]; - $s .= '=' while length($s) % 4; - return decode_base64($s); -} - 1; -- GitLab From 0f626ad94cf08f8acc1f74fb38a2e234aa9aee95 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 3 Mar 2021 15:29:42 +0100 Subject: [PATCH 017/312] Add expiration time to Client Credential sessions (#2481) --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 3077ae74e7..cf513b87b3 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1084,6 +1084,7 @@ sub _handleClientCredentialsGrant { _clientId => $client_id, _clientConfKey => $rp, _scope => $scope, + _utime => time, }; # Run rule against session info -- GitLab From 41c388b26b0212010afef769836e0ae127bb31e4 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 3 Mar 2021 15:36:01 +0100 Subject: [PATCH 018/312] Fix error handling when OAuth2 session is not found (#2481) --- .../lib/Lemonldap/NG/Handler/Lib/OAuth2.pm | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm index ddcd16ab8b..7db0ea0b00 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm @@ -11,16 +11,16 @@ sub retrieveSession { # Retrieve regular session if this is not an offline access token unless ($offlineId) { - my $data = { - %{ - $class->Lemonldap::NG::Handler::Main::retrieveSession( $req, - $id ) - }, - $class->_getTokenAttributes($req) - }; - - # Update cache - $class->data($data); + my $data = + $class->Lemonldap::NG::Handler::Main::retrieveSession( $req, $id ); + if ( ref($data) eq "HASH" ) { + $data = { %{$data}, $class->_getTokenAttributes($req) }; + + # Update cache + $class->data($data); + } else { + $req->data->{oauth2_error} = 'invalid_token'; + } return $data; } -- GitLab From c7877f1415d465f8d2e854ca5d8137852aa74768 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 3 Mar 2021 16:47:09 +0100 Subject: [PATCH 019/312] Remediation doc for (#2481) --- doc/sources/admin/upgrade_2_0_x.rst | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/doc/sources/admin/upgrade_2_0_x.rst b/doc/sources/admin/upgrade_2_0_x.rst index 7132aa4f65..afeffc69bc 100644 --- a/doc/sources/admin/upgrade_2_0_x.rst +++ b/doc/sources/admin/upgrade_2_0_x.rst @@ -26,6 +26,35 @@ Known regressions in the latest released version None + +2.0.12 +------ + +Client Credential sessions missing expiration time +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If you started using Client Credential grants in 2.0.11, you may have encountered +`issue 2481 `__. + +Because of this bug, the created sessions may never be purged by the `purgeCentralCache` script. + +In order to detect these sessions, you can run the following command: + +:: + lemonldap-ng-sessions search --where _session_kind=SSO --select _session_id --select _utime | \ + jq -r '. | map(select(._utime == null)) | map(._session_id) | join ("\n")' + +This will output a list of SSO sessions with no expiration time. + +Review them manually using :: + + lemonldap-ng-sessions get + +You can then remove them with :: + + lemonldap-ng-sessions delete + + 2.0.11 ------ -- GitLab From f0e90213bb5db2afada27e4368c8d0235c0317bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 4 Mar 2021 15:13:30 +0100 Subject: [PATCH 020/312] (doc) How to overwrite protocol in NextCloud --- doc/sources/admin/applications/nextcloud.rst | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/doc/sources/admin/applications/nextcloud.rst b/doc/sources/admin/applications/nextcloud.rst index 4603f9ae5f..e0b7cfe390 100644 --- a/doc/sources/admin/applications/nextcloud.rst +++ b/doc/sources/admin/applications/nextcloud.rst @@ -30,14 +30,13 @@ software 'nextcloud.example.com', - - + 'overwriteprotocol' => 'https', You also need to enable the "SAML authentication" plugin in your NextCloud. + Apps -> Not enabled -> SAML authentication -- GitLab From 6a3479ea3ca2049433a43440bc191cbce0a0b9b9 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 8 Mar 2021 18:45:13 +0100 Subject: [PATCH 021/312] unit tests: Try to find templateDir in path This change makes running the testsuite from an external directory easier. Which is useful if you want to unit test a custom module --- lemonldap-ng-portal/t/test-lib.pm | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/t/test-lib.pm b/lemonldap-ng-portal/t/test-lib.pm index 83d13d5516..021341628a 100644 --- a/lemonldap-ng-portal/t/test-lib.pm +++ b/lemonldap-ng-portal/t/test-lib.pm @@ -309,6 +309,7 @@ m@]+(?:value="([^"]*?)")?#gs, %fields ); + # Add textarea %fields = ( $res->[2]->[0] =~ @@ -610,6 +611,20 @@ use Mouse; extends 'Lemonldap::NG::Common::PSGI::Cli::Lib'; +# try to find template dir in @INC +my $templateDir = "site/templates"; +unless ( -d $templateDir ) { + for (@INC) { + if ( -d "$_/site/templates" ) { + $templateDir = "$_/site/templates"; + last; + } + } + unless ( -d $templateDir ) { + die "Could not find template dir"; + } +} + our $defaultIni = { configStorage => { type => 'File', @@ -624,7 +639,7 @@ our $defaultIni = { logLevel => 'error', cookieName => 'lemonldap', domain => 'example.com', - templateDir => 'site/templates', + templateDir => $templateDir, staticPrefix => '/static', tokenUseGlobalStorage => 0, securedCookie => 0, @@ -707,7 +722,7 @@ has ini => ( main::ok( $self->{p} = $self->class->new(), 'Portal object' ); main::count(1); unless ( $self->confFailure ) { - main::ok( $self->{p}->init($ini), 'Init' ); + main::ok( $self->{p}->init($ini), 'Init' ); main::ok( $self->{app} = $self->{p}->run(), 'Portal app' ); main::count(2); no warnings 'redefine'; -- GitLab From 2c4d615c2f8f941acb582dabdd57eb215cccaf7d Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 10 Mar 2021 14:02:38 +0100 Subject: [PATCH 022/312] Fix 2F removal when session ids are hidden (#2483) We don't need to hide persistent session IDs because they are not security senstive (hash of login) --- lemonldap-ng-manager/site/coffee/2ndfa.coffee | 3 +-- lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js | 7 +++---- lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js | 2 +- .../site/htdocs/static/js/2ndfa.min.js.map | 2 +- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/lemonldap-ng-manager/site/coffee/2ndfa.coffee b/lemonldap-ng-manager/site/coffee/2ndfa.coffee index 3a82f0ec23..3f721f49b5 100644 --- a/lemonldap-ng-manager/site/coffee/2ndfa.coffee +++ b/lemonldap-ng-manager/site/coffee/2ndfa.coffee @@ -175,7 +175,6 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', title: title nodes: tmp time = session._utime - id = session._session_id # 1. Replace values if needed for key, value of session @@ -236,7 +235,6 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', nodes: subres return { _utime: time - id: id nodes: res } @@ -244,6 +242,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', sessionId = scope.$modelValue.session $http.get("#{scriptname}sfa/#{sessionType}/#{sessionId}").then (response) -> $scope.currentSession = transformSession response.data + $scope.currentSession.id = sessionId $scope.showT = false $scope.localeDate = (s) -> diff --git a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js index 07b7d80b91..4f1190200d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js @@ -150,7 +150,7 @@ $scope.displaySession = function(scope) { var sessionId, transformSession; transformSession = function(session) { - var _insert, _stToStr, array, arrayDate, attr, attrs, category, epoch, i, id, k, key, len, len1, name, pattern, res, sfDevice, subres, time, title, value; + var _insert, _stToStr, array, arrayDate, attr, attrs, category, epoch, i, k, key, len, len1, name, pattern, res, sfDevice, subres, time, title, value; _stToStr = function(s) { return s; }; @@ -176,7 +176,6 @@ } }; time = session._utime; - id = session._session_id; for (key in session) { value = session[key]; if (!value) { @@ -256,14 +255,14 @@ } return { _utime: time, - id: id, nodes: res }; }; $scope.currentScope = scope; sessionId = scope.$modelValue.session; $http.get(scriptname + "sfa/" + sessionType + "/" + sessionId).then(function(response) { - return $scope.currentSession = transformSession(response.data); + $scope.currentSession = transformSession(response.data); + return $scope.currentSession.id = sessionId; }); return $scope.showT = false; }; diff --git a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js index 28a769f75a..b6dc245e1a 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js @@ -1 +1 @@ -(function(){var S,o,f,g,e;e=function(e,t){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning alert-success alert-warning"),$("#color").addClass("message-"+t),"positive"===t&&(t="success"),$("#color").addClass("alert-"+t)},g={_whatToTrace:[function(e,t){return"groupBy=substr("+e+",1)"},function(e,t){return e+"="+t+"*"}]},f={_whatToTrace:function(e,t,n,a){return console.log("overSchema => level",n,"over",a),1===n&&t.length>a?e+"="+t+"*&groupBy=substr("+e+","+(n+a+1)+")":null}},S={dateTitle:["_utime","_startTime","_updateTime"],sfaTitle:["_2fDevices"]},o={home:[]},angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(k,t,e,n,i){var p,a,r,d;return k.links=links,k.menulinks=menulinks,k.staticPrefix=staticPrefix,k.scriptname=scriptname,k.formPrefix=formPrefix,k.availableLanguages=availableLanguages,k.waiting=!0,k.showM=!1,k.showT=!0,k.data=[],k.currentScope=null,k.currentSession=null,k.menu=o,k.searchString="",k.U2FCheck="1",k.TOTPCheck="1",k.UBKCheck="1",k.translateP=t.translateP,k.translate=t.translate,k.translateTitle=function(e){return t.translateField(e,"title")},d="persistent",k.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(k.currentNode,k),k[e.action]();break;case"string":k[e.action]();break;default:console.log(typeof e.action)}return k.showM=!1},k.search2FA=function(e){return e&&(k.searchString=""),k.currentSession=null,k.data=[],k.updateTree2("",k.data,0,0)},k.delete2FA=function(e,t){var n,a,r;for(n=0,r=(a=document.querySelectorAll(".data-"+t)).length;n level",n,"over",r),1===n&&t.length>r?e+"="+t+"*&groupBy=substr("+e+","+(n+r+1)+")":null}},S={dateTitle:["_utime","_startTime","_updateTime"],sfaTitle:["_2fDevices"]},o={home:[]},angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(_,t,e,n,i){var p,r,a,f;return _.links=links,_.menulinks=menulinks,_.staticPrefix=staticPrefix,_.scriptname=scriptname,_.formPrefix=formPrefix,_.availableLanguages=availableLanguages,_.waiting=!0,_.showM=!1,_.showT=!0,_.data=[],_.currentScope=null,_.currentSession=null,_.menu=o,_.searchString="",_.U2FCheck="1",_.TOTPCheck="1",_.UBKCheck="1",_.translateP=t.translateP,_.translate=t.translate,_.translateTitle=function(e){return t.translateField(e,"title")},f="persistent",_.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(_.currentNode,_),_[e.action]();break;case"string":_[e.action]();break;default:console.log(typeof e.action)}return _.showM=!1},_.search2FA=function(e){return e&&(_.searchString=""),_.currentSession=null,_.data=[],_.updateTree2("",_.data,0,0)},_.delete2FA=function(e,t){var n,r,a;for(n=0,a=(r=document.querySelectorAll(".data-"+t)).length;n Date: Wed, 10 Mar 2021 15:47:19 +0100 Subject: [PATCH 023/312] Add hook for client credentials (#2484) --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index cf513b87b3..3b1168469c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1087,6 +1087,10 @@ sub _handleClientCredentialsGrant { _utime => time, }; + my $h = $self->p->processHook( $req, 'oidcGotClientCredentialsGrant', + $infos, $rp ); + return $self->sendOIDCError( $req, 'server_error', 500 ) if ( $h != PE_OK ); + # Run rule against session info if ( my $rule = $self->spRules->{$rp} ) { unless ( $rule->( $req, $infos ) ) { -- GitLab From fc693184dcc3214c8daef1c05d5072d600a56b34 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 10 Mar 2021 15:47:46 +0100 Subject: [PATCH 024/312] Unit test for #2484 --- .../t/32-OIDC-ClientCredentials-Grant.t | 14 +++++++++----- lemonldap-ng-portal/t/OidcHookPlugin.pm | 17 ++++++++++++----- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t index 0488696385..c4c5a452d0 100644 --- a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t +++ b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t @@ -22,10 +22,12 @@ my $op = LLNG::Manager::Test->new( { portal => 'http://auth.op.com', authentication => 'Demo', userDB => 'Same', + customPlugins => 't::OidcHookPlugin', issuerDBOpenIDConnectActivation => 1, oidcRPMetaDataExportedVars => { rp => { - "name" => "mymacro", + "name" => "mymacro", + "preferred_username" => "hooked_username", } }, oidcRPMetaDataMacros => { @@ -140,7 +142,7 @@ my $access_token = $payload->{access_token}; ok( $access_token, "Access Token found" ); count(1); my $token_res_scope = $payload->{scope}; -ok ($token_res_scope, "Token response returned scope"); +ok( $token_res_scope, "Token response returned scope" ); # Get userinfo $res = $op->_post( @@ -155,8 +157,9 @@ $res = $op->_post( $payload = expectJSON($res); -is( $payload->{sub}, 'rpid' ); -is( $payload->{name}, 'foo' ); +is( $payload->{sub}, 'rpid' ); +is( $payload->{name}, 'foo' ); +is( $payload->{preferred_username}, 'hook' ); my $query = "token=$access_token"; ok( @@ -174,7 +177,8 @@ ok( $payload = expectJSON($res); like( $payload->{scope}, qr/\bread\b/, "Scope read found" ); like( $payload->{scope}, qr/\balways\b/, "Rule-enforced scope found" ); -is ($token_res_scope, $payload->{scope}, "Token response scope match token scope"); +is( $token_res_scope, $payload->{scope}, + "Token response scope match token scope" ); clean_sessions(); done_testing(); diff --git a/lemonldap-ng-portal/t/OidcHookPlugin.pm b/lemonldap-ng-portal/t/OidcHookPlugin.pm index d6859f033f..5d01cb6f76 100644 --- a/lemonldap-ng-portal/t/OidcHookPlugin.pm +++ b/lemonldap-ng-portal/t/OidcHookPlugin.pm @@ -8,11 +8,12 @@ use Data::Dumper; use Test::More; use constant hook => { - oidcGenerateIDToken => 'addClaimToIDToken', - oidcGenerateUserInfoResponse => 'addClaimToUserInfo', - oidcGotRequest => 'addScopeToRequest', - oidcResolveScope => 'addHardcodedScope', - oidcGenerateAccessToken => 'addClaimToAccessToken', + oidcGenerateIDToken => 'addClaimToIDToken', + oidcGenerateUserInfoResponse => 'addClaimToUserInfo', + oidcGotRequest => 'addScopeToRequest', + oidcResolveScope => 'addHardcodedScope', + oidcGenerateAccessToken => 'addClaimToAccessToken', + oidcGotClientCredentialsGrant => 'oidcGotClientCredentialsGrant', }; sub init { @@ -52,5 +53,11 @@ sub addClaimToAccessToken { return PE_OK; } +sub oidcGotClientCredentialsGrant { + my ( $self, $req, $payload, $rp ) = @_; + $payload->{"hooked_username"} = "hook"; + return PE_OK; +} + 1; -- GitLab From f260d941e32e232140126c60571a7ccd5be5d008 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 10 Mar 2021 15:54:41 +0100 Subject: [PATCH 025/312] Doc for #2484 --- doc/sources/admin/hooks.rst | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/doc/sources/admin/hooks.rst b/doc/sources/admin/hooks.rst index a9ef27ba6a..091f7b8f2e 100644 --- a/doc/sources/admin/hooks.rst +++ b/doc/sources/admin/hooks.rst @@ -26,6 +26,31 @@ Sample code:: return PE_OK; } +oidcGotClientCredentialsGrant +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. versionadded:: 2.0.12 + +This hook is triggered when LemonLDAP::NG successfully authorized a :ref:`Client Credentials Grant `. + +The hook's parameters are: + +* A hash of the current session info +* the configuration key of the relying party which is being identified + +Sample code:: + + use constant hook => { + oidcGotClientCredentialsGrant => 'addSessionVariable', + }; + + sub addSessionVariable { + my ( $self, $req, $info, $rp ) = @_; + $info->{is_client_credentials} = 1; + + return PE_OK; + } + oidcGenerateUserInfoResponse ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- GitLab From 8cc326adf14ef7aa5af007b95e1b511b1640c159 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 10 Mar 2021 15:55:13 +0100 Subject: [PATCH 026/312] Fix doc --- doc/sources/admin/checkdevops.rst | 7 ++++--- doc/sources/admin/finduser.rst | 13 +++++++------ doc/sources/admin/idpopenidconnect.rst | 2 +- 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/doc/sources/admin/checkdevops.rst b/doc/sources/admin/checkdevops.rst index 1d6c620aff..668bc81747 100644 --- a/doc/sources/admin/checkdevops.rst +++ b/doc/sources/admin/checkdevops.rst @@ -12,8 +12,9 @@ Just enable it in the manager (section “plugins”). - **Activation**: Enable / Disable this plugin - **Download file**: Allow users to download DevOps file from a remote server by - ptroviding an URL (By example: http://myapp.example.com:8080). Plugin will try to - retrieve remote file by sending a request (i.e. http://myapp.example.com:8080/rules.json) + providing an URL (By example: http://myapp.example.com:8080). Plugin will + try to retrieve remote file by sending a request (i.e. + http://myapp.example.com:8080/rules.json) Usage ----- @@ -51,4 +52,4 @@ access rules and headers: Be careful to not display secret attributes. - checkDevOps plugin uses hidden attributes option. \ No newline at end of file + checkDevOps plugin uses hidden attributes option. diff --git a/doc/sources/admin/finduser.rst b/doc/sources/admin/finduser.rst index 320b060070..8eb271ccfb 100644 --- a/doc/sources/admin/finduser.rst +++ b/doc/sources/admin/finduser.rst @@ -25,16 +25,17 @@ Just enable it in the Manager (section “plugins”). Then, set searching attri .. note:: - You can provide a 'multiValuesSeparator' separated list of allowed searching values that will be displayed as an HTML list :: - attribute#placeholder[#empty] => value1; placeholder1; value2; placeholder2 + attribute#placeholder[#empty] => value1; placeholder1; value2; placeholder2 - - By example: - uid#Identity => dwho; Dr Who; rtyler; Rose Tyler; msmith; Mr Smith + For example :: - uid#Identity#1 => dwho; Dr Who; rtyler; Rose Tyler (allow empty value) + uid#Identity => dwho; Dr Who; rtyler; Rose Tyler; msmith; Mr Smith - Entries are sorted by alphabetical order. + uid#Identity#1 => dwho; Dr Who; rtyler; Rose Tyler (allow empty value) + + Entries are sorted by alphabetical order. .. attention:: diff --git a/doc/sources/admin/idpopenidconnect.rst b/doc/sources/admin/idpopenidconnect.rst index f7085e296e..905118b959 100644 --- a/doc/sources/admin/idpopenidconnect.rst +++ b/doc/sources/admin/idpopenidconnect.rst @@ -321,7 +321,7 @@ Options for details. These offline sessions can be administered through the Session Browser. - **Allow OAuth2.0 Password Grant** (since version ``2.0.8``): Allow the use of the :ref:`Resource Owner Password Credentials Grant ` by this client. This feature only works if you have configured a form-based authentication module. - - **Allow OAuth2.0 Client Credentials Grant** (since version ``2.0.11``): Allow the use of the :ref:`Resource Owner Password Credentials Grant ` by this client. + - **Allow OAuth2.0 Client Credentials Grant** (since version ``2.0.11``): Allow the use of the :ref:`Client Credentials Grant ` by this client. - **Authentication Level**: required authentication level to access this application - **Access Rule**: lets you specify a :doc:`Perl rule` to restrict access to this client -- GitLab From 82e7e8456125fb765d8b7ddaef9520702e3ef270 Mon Sep 17 00:00:00 2001 From: atisne Date: Fri, 12 Mar 2021 17:59:37 +0100 Subject: [PATCH 027/312] Give a location to get a prebuild OAuth plugin for Gerrit. --- doc/sources/admin/applications/gerrit.rst | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/doc/sources/admin/applications/gerrit.rst b/doc/sources/admin/applications/gerrit.rst index 0a98162214..f95cf624b6 100644 --- a/doc/sources/admin/applications/gerrit.rst +++ b/doc/sources/admin/applications/gerrit.rst @@ -16,12 +16,7 @@ Configuration Gerrit ------ -`Install `__ the OAuth Provider plugin. - -.. tip:: - - The LemonLDAP::NG support was added on February 23, 2020. - If you can't find a prebuilt package, you can use this `dockerfile `__ to build your own. +`Install `__ the OAuth Provider plugin. A prebuilt package of the plugin can be found on the `Gerrit CI `__. Then, configure Gerrit: -- GitLab From 45aa9a2a713134c66c2943d99f1f51d643f491e1 Mon Sep 17 00:00:00 2001 From: Yadd Date: Sat, 13 Mar 2021 12:35:34 +0100 Subject: [PATCH 028/312] Fix debian update from Buster to Bullseye --- debian/control | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/control b/debian/control index 5de22feeb8..49738d1d50 100644 --- a/debian/control +++ b/debian/control @@ -163,8 +163,8 @@ Recommends: lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uws Suggests: libcache-memcached-perl, libdigest-hmac-perl, libsoap-lite-perl -Breaks: liblemonldap-ng-handler-perl (<< 1.9.1-2~) -Replaces: liblemonldap-ng-handler-perl (<< 1.9.1-2~) +Breaks: liblemonldap-ng-handler-perl (<< 1.9.1-2~), lemonldap-ng-fastcgi-server (<< 2.0.5~) +Replaces: liblemonldap-ng-handler-perl (<< 1.9.1-2~), lemonldap-ng-fastcgi-server (<< 2.0.5~) Description: Lemonldap::NG handler part Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies or directly on application webservers. It can be used in conjunction with -- GitLab From b491ed6413a4a14bf3afaf49e7c908251271e65b Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 10 Mar 2021 16:16:49 +0100 Subject: [PATCH 029/312] Retry CI jobs to avoid transient failures --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 894f6158ac..442e3a7984 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,6 @@ .build_job: stage: build + retry: 1 artifacts: expire_in: 1 hour paths: -- GitLab From c0f8e8f46b32c79eb5677c0cd298d3c7e0941cb9 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Thu, 11 Mar 2021 09:13:16 +0100 Subject: [PATCH 030/312] Skip serializing psgi streams when saving request It can interfere with unit tests in some cases, like #2000 --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Issuer.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Issuer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Issuer.pm index 2c441078df..55a4898552 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Issuer.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Issuer.pm @@ -212,6 +212,8 @@ sub storeRequest { my $info = {}; $info->{content} = $req->content; foreach ( keys %{ $req->env } ) { + next if $_ eq "psgi.errors"; + next if $_ eq "psgi.input"; $info->{$_} = $req->env->{$_} unless ( ref $req->env->{$_} ); } return $self->_ott->createToken($info); -- GitLab From f98710bd3454f4b4b0f26efec05b8a0a2252396a Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 15 Mar 2021 21:17:55 +0100 Subject: [PATCH 031/312] Fix convertSession error reporting (#2487) --- lemonldap-ng-common/scripts/convertSessions | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lemonldap-ng-common/scripts/convertSessions b/lemonldap-ng-common/scripts/convertSessions index cb5c8bfd1a..9aae913b1b 100755 --- a/lemonldap-ng-common/scripts/convertSessions +++ b/lemonldap-ng-common/scripts/convertSessions @@ -91,8 +91,7 @@ for my $section (qw/sessions_from sessions_to/) { if ( $r->{$_} =~ /^[{\[].*[}\]]$/ || $r->{$_} =~ /^sub\s*{.*}$/ ) { eval "\$r->{$_} = $r->{$_}"; if ($@) { - print $@; - return $r; + die "Error evaluating $section/$_: $@"; } } } -- GitLab From 911fc46cbab5d0c931c178541c8e4614d8d1c497 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 15 Mar 2021 22:45:19 +0100 Subject: [PATCH 032/312] Fix convertSession doc --- doc/sources/admin/changesessionbackend.rst | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/doc/sources/admin/changesessionbackend.rst b/doc/sources/admin/changesessionbackend.rst index 4a073b5b19..9c6501145b 100644 --- a/doc/sources/admin/changesessionbackend.rst +++ b/doc/sources/admin/changesessionbackend.rst @@ -19,22 +19,22 @@ configuration file with the following content: # This example migrates psessions from the default File backend to a PostgreSQL database [sessions_from] storageModule = Apache::Session::File - storageModuleOptions = { \\ - 'Directory' => '/var/lib/lemonldap-ng/psessions', \\ - 'LockDirectory' => '/var/lib/lemonldap-ng/psessions/lock', \\ + storageModuleOptions = { \ + 'Directory' => '/var/lib/lemonldap-ng/psessions', \ + 'LockDirectory' => '/var/lib/lemonldap-ng/psessions/lock', \ } # Only convert some session types # sessionKind = Persistent, SSO [sessions_to] storageModule = Apache::Session::Browseable::Postgres - storageModuleOptions = { \\ - 'DataSource' => 'DBI:Pg:database=lemonldapdb;host=pg.example.com', \\ - 'UserName' => 'lemonldaplogin', \\ - 'Password' => 'lemonldappw', \\ - 'Commit' => 1, \\ - 'Index' => 'ipAddr _whatToTrace user', \\ - 'TableName' => 'psessions', \\ + storageModuleOptions = { \ + 'DataSource' => 'DBI:Pg:database=lemonldapdb;host=pg.example.com', \ + 'UserName' => 'lemonldaplogin', \ + 'Password' => 'lemonldappw', \ + 'Commit' => 1, \ + 'Index' => 'ipAddr _whatToTrace user', \ + 'TableName' => 'psessions', \ } Invocation -- GitLab From ca6c98c26c327fa1bc5eff88659cd97a2a52bed5 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 17 Mar 2021 11:29:07 +0100 Subject: [PATCH 033/312] Allow selection of saml ACS during idp initiated (#2488) --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm index 59c3c3c832..e896de3504 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm @@ -247,6 +247,7 @@ sub run { my $idp_initiated = $req->param('IDPInitiated'); my $idp_initiated_sp = $req->param('sp'); my $idp_initiated_spConfKey = $req->param('spConfKey'); + my $idp_initiated_spDest = $req->param('spDest'); # Normalize URL to be tolerant to SAML Path $url = $self->normalize_url( $url, $self->conf->{issuerDBSAMLPath}, @@ -373,6 +374,12 @@ sub run { # Force AllowCreate to TRUE eval { $login->request()->NameIDPolicy()->AllowCreate(1); }; + + # Allow selection the AssertionConsumerServiceURL by the user + if ($idp_initiated_spDest) { + $login->request->AssertionConsumerServiceURL( + $idp_initiated_spDest); + } } # Process authentication request -- GitLab From 9fda75edc576016b0a730bf62686e19b22f44189 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 17 Mar 2021 11:44:32 +0100 Subject: [PATCH 034/312] Unit test for #2488 --- ...-Auth-and-issuer-SAML-POST-IdP-initiated.t | 38 ++++++++++++++++++- lemonldap-ng-portal/t/saml-lib.pm | 3 ++ 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t index aa52da0a97..df310a94d0 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t @@ -11,7 +11,7 @@ BEGIN { require 't/saml-lib.pm'; } -my $maintests = 17; +my $maintests = 19; my $debug = 'error'; my ( $issuer, $sp, $res ); @@ -47,7 +47,41 @@ SKIP: { expectOK($res); my $idpId = expectCookie($res); - # Query IdP to access to SP + # Query IdP to access to SP (override URL) + ok( + $res = $issuer->_get( + '/saml/singleSignOn', + query => buildForm({ + IDPInitiated => 1, + spConfKey => 'sp.com', + spDest => 'http://auth.alternate.com/saml/proxySingleSignOnPost', + }), + cookie => "lemonldap=$idpId", + accept => 'test/html' + ), + 'Query IdP to access to SP' + ); + my ( $host, $url, $query ) = + expectAutoPost( $res, 'auth.alternate.com', '/saml/proxySingleSignOnPost', + 'SAMLResponse' ); + + # Query IdP to access to SP (unrecognized URL) + ok( + $res = $issuer->_get( + '/saml/singleSignOn', + query => buildForm({ + IDPInitiated => 1, + spConfKey => 'sp.com', + spDest => 'http://auth.perdu.com/saml/proxySingleSignOnPost', + }), + cookie => "lemonldap=$idpId", + accept => 'test/html' + ), + 'Query IdP to access to SP' + ); + expectPortalError( $res, 51, "Bad destination" ); + + # Query IdP to access to SP (normal URL) ok( $res = $issuer->_get( '/saml/singleSignOn', diff --git a/lemonldap-ng-portal/t/saml-lib.pm b/lemonldap-ng-portal/t/saml-lib.pm index c0ebfeda9a..62f364e47b 100644 --- a/lemonldap-ng-portal/t/saml-lib.pm +++ b/lemonldap-ng-portal/t/saml-lib.pm @@ -370,6 +370,9 @@ entityID="http://auth.$name.com/saml/metadata"> + -- GitLab From 19f9221707bb246b0bddf0cd8786c6f81ac6869d Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 17 Mar 2021 11:51:32 +0100 Subject: [PATCH 035/312] Documentation for #2488 --- doc/sources/admin/idpsaml.rst | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/doc/sources/admin/idpsaml.rst b/doc/sources/admin/idpsaml.rst index 88ea1876d1..5cb6830115 100644 --- a/doc/sources/admin/idpsaml.rst +++ b/doc/sources/admin/idpsaml.rst @@ -190,15 +190,21 @@ IDP Initiated mode The IDP Initiated URL is the SSO SAML URL with GET parameters: -- IDPInitiated: 1 -- One of: +- ``IDPInitiated``: ``1`` +- One of: - - sp: SP entity ID - - spConfKey: SP configuration key + - ``sp``: Service Provider entity ID + - ``spConfKey``: Service Provider configuration key For example: http://auth.example.com/saml/singleSignOn?IDPInitiated=1&spConfKey=simplesamlphp +- Optionally, if you may also specify, in addition to ``sp`` or ``spConfKey``: + + - ``spDest``: URL of Service Provider's AssertionConsumerService + +The URL specified in ``spDest`` *must* be present in the Service Provider metadata registered in LemonLDAP::NG. This is only useful if your Service Provider is reachable over multiple URLs. + Macros ^^^^^^ -- GitLab From 96a667cf2ee38e1a6809a3ea801d0ebf70a7d4f2 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 17 Mar 2021 14:22:19 +0100 Subject: [PATCH 036/312] clarify REST log messages --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/REST.pm | 2 +- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/REST.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/REST.pm index a72dab5380..8648e7c189 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/REST.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/REST.pm @@ -22,7 +22,7 @@ sub init { # Add warning in log unless ( $self->conf->{restAuthUrl} ) { - $self->logger->error('No Auth REST URL given'); + $self->logger->error('No REST Authentication URL given'); return 0; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm index b62e58bc1c..06ad3db6a1 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm @@ -24,11 +24,11 @@ sub init { # Add warning in log unless ( $self->conf->{restUserDBUrl} ) { - $self->logger->error('User REST URL ids not set'); + $self->logger->error('REST User data URL is not set'); return 0; } if ( !$self->conf->{restFindUserDBUrl} && $self->conf->{findUser} ) { - $self->logger->error('findUser REST URL is not set'); + $self->logger->error('REST User accounts URL is not set'); return 0; } return 1; -- GitLab From abee63b5b6c3552e564a920ce1e9c9c80e29ed14 Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Wed, 17 Mar 2021 16:02:46 +0100 Subject: [PATCH 037/312] BR: make make is not in the default buildroot anymore starting with Fedora 34. --- rpm/lemonldap-ng.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/rpm/lemonldap-ng.spec b/rpm/lemonldap-ng.spec index 398812ee5d..0f403b390e 100644 --- a/rpm/lemonldap-ng.spec +++ b/rpm/lemonldap-ng.spec @@ -35,13 +35,14 @@ #============================================================================== Name: lemonldap-ng Version: 2.0.11 -Release: %{?pre_release:0.}1%{?pre_release:.%{pre_release}}%{?dist} +Release: %{?pre_release:0.}2%{?pre_release:.%{pre_release}}%{?dist} Summary: LemonLDAP-NG WebSSO License: GPLv2+ URL: http://lemonldap-ng.org Source0: https://release.ow2.org/lemonldap/%{name}-%{version}%{?pre_release:~%{pre_release}}.tar.gz BuildArch: noarch +BuildRequires: make BuildRequires: gnupg BuildRequires: which BuildRequires: perl-generators @@ -744,6 +745,9 @@ fi # Changelog #============================================================================== %changelog +* Wed Mar 17 2021 Xavier Bachelot - 2.0.11-2 +- Add BR: make + * Sat Jan 30 2021 Clement Oudot - 2.0.11-1 - Update to 2.0.11 -- GitLab From 02b680df30e1e6aab9a273f822dbf372f1cd4a68 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Fri, 19 Mar 2021 16:45:20 +0100 Subject: [PATCH 038/312] fix #2489 --- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 3b1168469c..4c866fb3ec 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1141,7 +1141,7 @@ sub _handleClientCredentialsGrant { sub _handlePasswordGrant { my ( $self, $req, $rp ) = @_; my $client_id = $self->oidcRPList->{$rp}->{oidcRPMetaDataOptionsClientID}; - my $req_scope = $req->param('scope') || 'openid'; + my $req_scope = $req->param('scope') || ''; my $username = $req->param('username'); my $password = $req->param('password'); -- GitLab From c3213425f9ba89096d20254c3d2a5baf6b223aae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Wed, 24 Mar 2021 16:36:31 +0100 Subject: [PATCH 039/312] Remove swap file --- .../admin/applications/.tomcat.rst +92.swp | Bin 12288 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 doc/sources/admin/applications/.tomcat.rst +92.swp diff --git a/doc/sources/admin/applications/.tomcat.rst +92.swp b/doc/sources/admin/applications/.tomcat.rst +92.swp deleted file mode 100644 index 09c6e784f801432461fddfa5e911dffad29291d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12288 zcmeI%yAFad6oBD_yV0l*fI6CRbJ0gI#!>eICSv3gU~tk$^-&ZAM`9S2zez8&r%lhd zk-FAlv(s0GEkzlYO;xrNkx*UTWA>S8?jsc`?-Vo#)GN2@Kr>0>v+2j4sgmRpcq$L# zC^PdoEQUs!<@#dnd_9Z+1Q2K`(3hoSTji$tY^sk(`E`Tu`^cO8fP X5kLR|1Q0*~0R#|0009IL_!EH_(JUW| -- GitLab From 13e7804ea672a45aea8e0d3a370d855aef8ff701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Wed, 24 Mar 2021 18:25:49 +0100 Subject: [PATCH 040/312] Documentation for i-Parapheur --- doc/sources/admin/applications.rst | 2 + doc/sources/admin/applications/iparapheur.rst | 45 ++++++++++++++++++ .../admin/applications/iparapheur_logo.png | Bin 0 -> 15710 bytes 3 files changed, 47 insertions(+) create mode 100644 doc/sources/admin/applications/iparapheur.rst create mode 100644 doc/sources/admin/applications/iparapheur_logo.png diff --git a/doc/sources/admin/applications.rst b/doc/sources/admin/applications.rst index 26299a3ae9..5c9fbcb80d 100644 --- a/doc/sources/admin/applications.rst +++ b/doc/sources/admin/applications.rst @@ -24,6 +24,7 @@ Applications applications/grr applications/guacamole applications/humhub + applications/iparapheur applications/jitsimeet applications/liferay applications/limesurvey @@ -100,6 +101,7 @@ Application Configuration .. image:: applications/grr_logo.png :doc:`GRR` ✔ .. image:: applications/guacamole.png :doc:`Apache Guacamole` ✔ ✔ ✔ .. image:: applications/humhub_logo.png :doc:`HumHub` ✔ +.. image:: applications/iparapheur_logo.png :doc:`i-Parapheur` ✔ .. image:: applications/logo-jitsimeet.png :doc:`Jitsi Meet` ✔ .. image:: applications/liferay_logo.png :doc:`Liferay` ✔ .. image:: applications/limesurvey_logo.png :doc:`LimeSurvey` ✔ diff --git a/doc/sources/admin/applications/iparapheur.rst b/doc/sources/admin/applications/iparapheur.rst new file mode 100644 index 0000000000..fae2813689 --- /dev/null +++ b/doc/sources/admin/applications/iparapheur.rst @@ -0,0 +1,45 @@ +i-Parapheur +=========== + +|image0| + +Presentation +------------ + +`i-Parapheur `__ is a web application +allowing digital signature on documents. It was built around Alfresco. + +It can use external authentication based on HTTP header. + +Configuration +------------- + +On i-Parapheur +~~~~~~~~~~~~~~ + +Edit ``/opt/iParapheur/tomcat/shared/classes/alfresco-global.properties`` and add: + +.. code-block:: ini + + parapheur.auth.external.header.authorize=true + +Edit ``/opt/iParapheur/tomcat/shared/classes/iparapheur-global.properties`` and add: + +.. code-block:: ini + + parapheur.auth.external.header.name=Auth-User + parapheur.auth.external.header.regexp=.* + +On LemonLDAP::NG +~~~~~~~~~~~~~~~~ + +Go to the Manager and :doc:`create a new virtual host<../configvhost>` for iParapheur. + +Just configure the :ref:`access rules`. + +Create the ``Auth-User`` :ref:`header` to send the user login to iParapheur. + + +.. |image0| image:: /applications/iparapheur_logo.png + :class: align-center + diff --git a/doc/sources/admin/applications/iparapheur_logo.png b/doc/sources/admin/applications/iparapheur_logo.png new file mode 100644 index 0000000000000000000000000000000000000000..3a8d88e707b8e88d9c259774a1ea73613af79e00 GIT binary patch literal 15710 zcmaKTV~l7`(B{~-dB^tLv2EM7ZQHhO+qSJcw#}V)lilR|v73{0pLADFRd>2h>FIDe z8Btg$EGPf~09bJ`Aq4;cK2s3%h23rO^F-IzH*ogm<^z58Mf>&Zgf{m^JU$kw_UxgT zm8Vw!*8S}&2>%7*;U%~8`HQsWCb&oUvrTUyo7ncbmjB-U(+ltZMc@lt{%YC>)_G+1 z;vMf*;O%?nMp#$q`{Cz$6}}<9Si4O=;;ty}^J9|-@y}NXvzzp1G=(G1?tM;gOlraa z8xqoe=h2tj)AuUK7wtIjPCKs&?`W@#56&*}0=|QK@8A7tT_3~=U9z9z*HrA%T*TpB z-+2`XUyYfUm!0iv?%d^Qt#Pw2mnF&PSeUcE@%;tP>U+aaw4Ke5vrlH;&w|5EI^H++ z{7^CF8tA{5^aHRb-8FR(45P@=s~G6P3#K&cm-Zyf6c=P$X62>Q%LW>E>=NmUpO}(v zFIP7{RLs|1z@a03!$75EP(oD4)2rlD1WwWwiazUZQbD;4_h7q-;)ZXX=O)dy_5lXbF@M^SZniBYnyZa^WzJkbLn!=YZW6d+mL zBIgANVxxgziB_$oC=n#WGYJf3%0*1;g|{;usk;mf!&%M^>%s++loI7LbHIit+UIyv zu(_EfDBF`1B9o6L=n6|REX$iUP{&{;Q>xWi8cnuEBxza~EE-odYzs$o`uY|uTX#He z429U*=JzxL55RM$*cYc7r#P%z)=$)$W+y7EI;@(PSJ&)IVWloRtXsEV*!ywg_74?h zxLr2ROtn0&N-}NRpEj&pckdc4b}PQmPVkjzyeiRji=DE*s<3i78u3#h0ul={~F1X^d#>9aa!4 z$2m^5sKyGht5{qx-Wl1-EQyT?qkPZm_}@==Z&c^UUQq4nUN<;=5klrnIHT=7v}l^2 zo{#EGNwm@<@~5{Hl|~QThpvb``s6PR`p%D-=7C8`3N@()ixTIBzWi5hC&wH%YR(XcS|xnVB`V z-*ZDtUD>OM($!)HT4(4#55t6zC`dOBX9}8vGT$9@YFp>TeQ4|B@shG(J2AwYn>}nG zK5FNz@QEbz{Rmc@*L%?_ofZ#GMFa9pvAj@c@>ICP?YL$*Sry5$iH7OTVuTmq>002m zT5H;0depqR6GeCUy^k|QlK)MZpu0YM_$%4O)la8pgz)ia&23_8Z@8FhqJ!D61818f zyTenGo=!Z6`Z8koSyCP-YlD1|lcVEVfXmcbuUOzADYl%z02%Jh?%E3NRALsuZjPVn zRTw(%sanTkx&b?>+7-ScSjF~GvO;2ekIB++_lWfAxL!~?+CYFCGLGXy!&=+S(J6^lb#hBlt<4*X$vQj5N_#l(UujR&0Y&x9p6xC^ zm<3SEgsT=?tVpCsBvA@=2V^s$kVSI!O3(!K?rSw#q6k*(y&upiu|IdGbh+F5rb!ti zhacUtyLmIsI;#aAis_a@7=UUn{*}<7$6!L^W@u@oCem(TUMsXpGEdC;7CM2S$D>lA zCcx7Wh8t@$IxtNBuK-ROQT(72`${nClr$gfDl?If3#yxDYnT(G{mvdJM<*&g7zxMA3l4#i)Ct-<=SVZ7@s1R4MN5zGkb*9OCx{n>QN}iHz7t zA%`tydxs3Sn@o@Y%odno+HE?BAh}EWY?c{Mz}80oHYZP+Rt~r$M+lm=ID7Fv)}Y2g zm5GN&HbI_N00Pd?05pHALF-AnH)l7DfQv|!^h}QmjeS)p5q$cCVdVRaLt4c(FsPk8 zs*mR5Kw@pdRl(mT(+3Ynfl&s!Mi2D2MScU(Q|&|d1tf%^I+%**^Nm~uaMi1luK;GP z<$5hV2T*oI2FMAU(YT=+owyn9s9SM9WJgkggw(zOZL!jKDXSdCfz7?6T5c!V5^x^j zXh1!aGZ}LPJiTwG8}O0WqcoY&S+2y9xyNP+)pn+-#jrdL9g=&vj|$T#zBX zXp}J)R%0^srXAi;4yYCC+zzvtF9O$L&GUUh_?#g-#cTkd4GQBKFy>NhBTdX#jDqse z0+Ha#f`|SiEpd^>0a+un$(Kpw394x`6rj{*w}+fLmfY4S^po2)4cussorqi1xDMM9 zO#IY^fyx&X{wF{#04CnwAbndcyCn;HKHB4c4dp9s(pKk(%jYnWOUMo4;gJYBFRE)T zh!@F+2wZ$3x7+crNzP!(5r|Fjp7N@JuRnrcFe-qZ`VECq@V2Wt%hu2Ywi;x;1$(vU zQAALtK(RTn&)YzNDZCaYYkd{h3dNZxUb7WK0L2ec&>lmJ1y&nQ>}pM}-qF!H2)Nr{ zrbu)?3A~5D2n{?}+)>V=h)^idln@6AvX~w-m1{*TF*G{lXs+Gd=pJ&}M#^|ddIJCj zCj~d5e#*McLP%U;5}2K#TXMOS+QK@)^#!s~P*7W9e{R9Hj-f*(gws*yXhDK2n~%($ z@PphBVKhLIZx)%r&(tFYIq#hhz(m?d%a*$w*ws2KGtekHi9D#50CQHwlftci& zL`a;iNioQF3uvnK5#6B>|M1nqP+tf`^q_7LdH* z3`MxO#)2kuY!t|%NrXkbj-Ji5GRKqA8w?EzkR=87E%=_aa%D4&NC3gcL7`d|O1mF+ zkpVG2kI*;t2zD9F0ONVthL1|t#l{2?fgD02$2XWk`L9U*WfcG~F~HxsN%B%*~`KAb&FN-#zL>yAZc zYP7u(D|#%@ff3sji^#cjlCJa9I+i=aq1$V69@QWd=nEKbU^ij+Uh-vV1J*3F!uBxC zJ|h)&Q7!-Bp$U2{n8JD(H3!KkmnUeL?S|i!TcxI&!NGz!vu zqlsU6Y|4olF&}hAjj8AKc7Zj*ww67!bvL6WbQBK2w;Lx|a=#5JM}P?QKDTOCI&pmz zq70~P4st4eu-S>81R)t%(vAn16(Ei9&LYzYgv>nzaXv6`MZVlO8l|`*7^3Jr6mh6U z9IC&5+Uyeyva#QjJenb}25xhx_TSROlTts#rJH>haf=LVn!?N;6qzL=g5hpzqCvcmnjy!!i|1@j~YHvtK{8O)e z7}kZ;hV%0Tc>^(A%7G(idCur;ecUKxt7TKZoQ}Qp!9peg5k3BZW23U?=pv?AS*76m>!M2Qa1**m}V%7kZk-6@k7uv6L`lS9s=)tci zY`W@Ga5cnY2&Ac?P&#lO9Agqm!RiA7K@&=X!zkekf{CLbJ%4ha`(lIi+!!ZKOiO#> zKUVPyId4$V0xf!fJ;liPas>r|N3;9H-<1|d-K zU=#rSLy-t1+*NdmD(4|`z@Igl$wS3n+MYU~avgBixgC%1-7HuFfU@cN6iAM<5wQ37 zLO2FNG_x%$9Z$u(J!<3)fcdkYs#JZBptliDCdmAUvclIP6ds^%^-TS}z|-11Ut(xh z8f>VKTFZ|Xd~HZuyRkH~c`+akjyLL5BNOqg1vbG$Uh2%kTAQk+$3oQmnJ#^R5n5AhWRA7KV4Aii*tPl z~6Z5ts$W@9U?!L}Mds6sCU*f(m~gd;oj1x@a2jAX3hOj4zPyF?1urP1|dX9KT6;_hC&795Dh4#Vl-LcmB!8;Os*w@Eh)t()Vu^X z2T)nac!$veh--WY0%SMqc)S~;*^l4&v@yrj{c0S*gBD`x?#ONH#VkseK{n^za78Ngpz79-@!o@(1!VFO z11$r+tZ<_6`m8B4l722n`6>DGiL`kZ!+?mkxQA`g?L?n!&ZAhUI6@lUo*}{S+W;0$ zgx?L#$-D<$aBYSh)40t{VP&Yh|B8IDNHmDuNkoGdz`oV6aj=qaEXNo1U=tOWei3Ib2iIS7Jmft?YwAb zz@s#eb2Z}PvzfwA3_I=&q?LjV33Y{kCDzv#9_JlJ=#rcbQd`-~=qiP6^Ev$3z1Hkm zlnC>84Pm)|nN{=&+7)(!ArOp+#IJBZhO4xE$=D*qJGofEWA$-8B=+J;aL-1K*wRcq zglJVzZu7MaTB^QRfx-3+%!%s-^cW2C>&0h_L~aY6{h|pmrPx$edrii*JTCsm+}+@P zV)_9U=NV+@6o_Y|T&n=sK#-^b(%N+ZMgbStp{ehAlG@$=+o1{{RK0 z0b+y$>CgXW1cS^41?9vA1^-V1@Hg$3-vJ{ zdIR9wJ*CuWh$F``DMqp{K-x(OqKn7};(a=rHzegPgOYfQqx*7u_e49=*fsn0*CQ!w z93YpEYtm_uXonzYr^#vNV@O{m31#1LpCOP|>~qX{{fKP_H1vy$$*M^4VMyN~e{RG9 zyRjf2NfuEQRk_g1cf>gO0nM~o%Xr%J9zDciV}fzj9FEvun3_Kb08=?hE+iPE8jFHd zp$Y%x7XGhKycT1-gx;YVA1LLYQTT80-cFW>L}VKUayX}+wdYX?ge_1kmd$UTma7p+ z1UImnrj%XFVB+oU3i`jhXe=^{p8=gESQ0$s1U%B|MshY_7e@#COku%X;}8)G<+`S~$T zu+|<(*zuD9K^Z`V3jsnlgpg3Hj{^l2byjekU00msyu_ZApI4Mtc2p+H2;95-pZwPpR0xG35Dx4BAjcC31VP02MIaCg1c~Vh|BfQ5Ark%0LRLZi*Mq18 z{r3K-ztjH@vTaaAiZ7~tB7=%=ykDwr;Ck<7!%%!5_B%H%AtBHg?SOQuG<4kXU7I^r zKTre$4k^rE&ILi2m7%%9L2g{M-QDjl{AhqgWqugKzQ7L2NS?~gRQmzHY!mHf1(YdJ zJfaC6hE|K@giyKs8$rEA#&ju2=ec}7-AJV~Q0xW&6Kun=ZY7(7zS!&om6rf&fo9B9 z=&2N$w91v$dgK3+kmmE#n&{ytL*4IOZJMujxjPQQA`*2ipFH)P4@QU|=tpRuTPikx zl%1j#*;O^SkQs#j3IS^w%U5q0`2$>y*-LP{IqRe1`L8Vun`mii#nPKd2y3M-Z#qiW z=rOvu&);vE2T+-IrGxsNC(KsKTF#AWKMZ0SBn6`W3+E6yfSLSU-Hja$|DkUvyzudE z6hAf$#axXuwEB4&Px8T&&$lEFy-W=r6jAsa9SU0?JH9SL4q6o7yNNQ(CZ5ji7Bf-{ zBsu~D1+wa&|A7&g?1QenK_Y55Jg)|G*l+`O+|CV}^+*^h(b7N&EH(m8 zwbsMZkij{vW(zfu+@HD-@L&Oc{&XhO5tZQ&GRbeZ$gl7LI+~fYipL7d`DuPcFoC+j zDv7^^5Spz8nk`o0|1ruxC@YKsIwl~pT5kwwwhT^`;Rr8`;fNTHM2A*eI9mey^~SOu zKu>p!q@12P1-9cjdL!$g>u0k_y#58#5Z#vw5^|1kJ7R1NWJGn$MS8?+~csBl!rb|hvs-hE2hpg%HjRfJ@^RbdYdy)KT zQ6>{5jtf;91m)LWF5HUGRZjd-iXE0wobJVvCu4-X5Lo@zo`?+F(}9R8zYhcF5Q!6( zxD+s)+V0dis5F;-OfPy`#|NhVGl*Enz9yioBU;^pJ_+%IM%(%7+09JuTeIV$LgmSB z-a|D~kn;{k=L=`I3Kx4N_s)#~52NDKd?q`4Fby{VPFj}Sh#BxrP{^6H9;Q+w1%+I$#< zw6yfX($b&gQVs8S9AzmM14Napn{ES3gbdyHu zj!2LczI`Qr-YT~Pkj4Dd)`am8)avT!4t>Fy=9Ns^)8qiDKG!ucdwq<&!Gc_1b&&31 zWl>9p9Ko%-xxoG@fDgn#oT|A$J~9FqFY9Cxwpf;_1-%NFzBvvN+wXnA%aObBO{|6ORSXfhWb`EmbkUf_(=1H9x^GL(#ccBT!tSK# z$yhpT;O-UF`eHtMpOe*nR)%R=THpAcm>JfS8ghS_*OmGYq3Za3Cg-giF^aQhR^!;3 z4aYfh>I z?;p&GlVPiYmK733+6CiTR#lpA3Fcm}rM#vtwzQ+g*-LV^lRVM3-4`~nh78TR`3e}@U&6Qc9nq?Te0>hNcxs6MfpM`~YdW4l;@5<+wF?|7|07e>yw<4R@hYFqT7Ax0!;EKihex5g z25Nx+&~)+bkA5&j9>_&eHt%O6abDpR`NFMCvV~53eFFN>tS1Ff)n_%VS)NDWC%aX!iC@@*B7FUg$&)i0rY!WJ1J78F7P%?;# zh(QLdBXQVts9Ve-r&y2-ZZ$Y7j0@~#kU~gwIviP`-UJM zK;{w$1pTj(eqky-1z>+w+zxcBo4-a*t~+l`es_q- z04cx|on9Y79~IBkkiK_sND&T4O0@hkQ8g9@qG|q~(LqL36nwd9h-W9hAvn#}@1d(N z3d=BI%{2Qr_K6#3Zh~^L(FTI+MpHMB7QcdXR+toN$9j1Qs8N2+?ngoCuG@Os@3o=z zJk2Nj(HcG1$Vu!0a0=`(nJ*5Yb~eM)BfhEeJAq4-QTy+vz(5=S>WCfdxl!sc zex4#bB9eh}%KLv_IyG0dcD-oo)3a)olp#i6%%7Sl`c>cedC2M_@OqAqO@aoF^v=zHkQ3^BA3LtDG59Ia ziTnkqd(QK1Aso_+Ut*>Bo=AjKpu0kUQmpn_`DH1vdktHxFVX<1ZEVl{WO}cwvu~$uJ>Ye`oeyR~Z+!gSFcqf(4jU$E7b|OfIv%Y} zP05HLarra_@>SiK?{WKdwdv zhQIO%*pkh2EXHSLiWOvYT{g_mp_ibL^Gj|Nymc44p>&ZiGg}#QV^2lBO6jg430#w) zMTKW`Su9s_!7w&0&Lvt4c>O+|5pHBikrO75KKYD^dl935`1XK}f!eA|OHGwHvVFR@ z=*WnS8Wp4J9uElpe=HOmvlf<@6KT)|e8gmRK)<-gR^Kzo@YCoC*Rv#wTY{&*2p=s? zS1-Mq85qLU>H>Of>LdH8K|Zk9IV@Ff?%yNeW)`ksbM;0=30%Smdqxm;*>6X;&FoBz z6w0?3c>1;XSJf>BN&CIm_p&g@A{JC4D-tA%LE)+q$d;K8?*JR10B;M6vhjLQmVr_j&;Cm?Abj?L`}3DPm-k->Eh-B#JAz ziM>r6yxha^cqvLX-$wUxNWMmW0{6bbkgQK~JZ;>&%Ph*b13X2IxvwedOR%~@U26#I zDIPxq`2;;ZIgdDfhhJE2lt5k@^INJxT&>cszt@K07=~6;9{l^gd2tkybt)nl_A&Nl zRafTeyRq37{vP(i&ry&0Ta(oZO>YAf67>NFgZ3EXU-IR!XzNTYAkE0hoYZW932}T=m|v8 zWBfqX3JR?AS;!|Z>(+r>cEmVrn>Kwl>Co)Ec(uz_xW7(^?Q@-=9OT%R(xr<~>m3st zl~M!0d=WUM_V6zV6ZW-IC%-hl`a1r04qL#!C9C|iEmTGQ;|=J{jVr(idyxY*%(+@3XT-s!?U{ZIBBtoMcF|y zhgbPFD)b>u-iXIlt>Y4Yy>F?6%8ON8$9rpl%4^o;J9;HK7yj(N%JQkAiM>(ZjBojz z`SZJA5bmOTvNMnGw~!tGnpr8*#D(Mwbf-uFHkfAm(HyASvMM7D4NI zlpOu#q8EB@xk<%br9?^c`-z>W8f1hiwxA7p6MtxBzu_~d&sri=2rn!6X0N@aUk$CI z0K2BB%fIB#r!FFha=ut0B>GhYqp$a;urO-P78vEoFnY`9GiDZ&;(7*(gHe1j*31Vs zf=cE(kvvo7juHjV7W2E*-dAhsVg-kjY}b@hj1**PHM5bI66+m==S7KBEX6K&lKX2W8G)g;=} z>nC?1Djp<)IfqWc?@Pqr1%)o&^(4m7+S|FL`95>NR+@QmJ+C2?VX!a5B^7bowNSoi z*MT);x#zW^u6)`V3P+Z7!sPYo0;vBLas}+2)-Ja9M>dkw zF9sB|UjK`96~Pi3i0`Ah*~d|RU4GGHr7DS)El{=Yz8~JF4$+{HzZ7GtK9{L!sBdh>Km)dl?^nvz%d(Kl|E4iC|)5f77315a8S!6P?HC% zQ*uSeqoVyQLwn(+L!XMV59_T_R0aZ6&f7?Z^=+IsC(3(>4sgT~WdN^EQjhtU7FsumbZZTL%1OcuQPuhVkJ$E<;Xtf~ z8CCTqv9db}eTyStElg@N+Y<54zfoLx>lu^Po5zTDP0$q!_31A6%5<`Tsm#&yWk!JD zYr*4c(rg)GBCyw9XOCz!zZV5M)-8L*pI^=ZGqH>8O~Z- zYc_U?z&#zkI7dOOj5~D3Gi9gj;U2k9@~#?By?InbhQ}>{pesyy-uL#r(@HdN{`g*s zd#*U_3Y=xa4K`zDcyVcY{tcHA7p$2V7ofL&0p6^hm~1!CHMG%f3#1wSW~ZI~dbHQA zksp&8{#z$ljiNR!o)#Y}Hq*u-!#k#X&=@qZh9Y5=Z{>vO8HyUYJ7_SZm9D zbUhy3)L`&I_G%v5-#E~rUGw!a1ka>&1hCP$%}Z@q9G9JV(V44qZh_niKD#|Z8n4@Q zIQzAuOLguUk$B1ZIoard#}x z-G?-+rt14v)@N`U;&V;nrq|b~qRPhu!KLYxSF6tF>P`1!wF&CY zub~$strl(NS#h<^y*=#6{o$0KjrBfbn#f-b#;{1gmF^MEwnIrI!Bz=tHhAWGXJ;n^Xe@pR`Z6Wc+PU{z zGS66+AaQ(8%)m12i&fp@dO&tp{^nJDo&o`+;aU-r$~C=@QrN)NC4mJ3p0=;+eV?%9 zuYGxhHP9>pP>F6!Ex`l09u3z|D`La@S$trcKTm1)ceyJ08tD*}V29p7B`wU?1FEJH zr?1mNwC|FU&$Av3{hym>L3r+=c~Si7=PPZntiZ`lz5HAr-)WXrfM>CO3fFHN{~h!` z-iF8aS#KH37~$TQW7lTEo3S}nSw7R3zb9FRfe?4rgd8cED1qcMLdj4(RHrfkamk_PO{ZLDE4Q?sSOTC65o%dyvbUaf%wz%m}Tz%oF-{% z|7dKGd_E8G!Sxa-bkC^zjh#*v~Q27b_0lh{)?@Gbp{!|1&%PaHV z`KrvbPRRZtVc31?YRr@pz|(AFb)IL?#?%IzOzFQHg~yIAk;$e62oAs@6%#Zo) zxz&xX*{?mVNueyUdP3`my^G@5`?KCmWU2H~j?VW@ z^7}TF7iKRN1?1&44quM@lB!dw^Z~SDNzH9FSdA4lT!=LB49g0!>v_X6^wLJbS4#t& zJ`)nIv2ZA!-(lt|FK(w1$TFUboC#g?aRmFz<>xe9#75ik@0foWrAWU-F1#AhgPQQ< z=~borEbmr{EVVgqA4_aNg4omj^)jY(ZK7wH<>{sA{_8SoZ*V8Ipel*_})w3ISg^dyOUkrbtIHU4*z_(j;YFV zO#Jlm?9+jEteUPHx%JBv!x2CPW%M8?A^8aQsqmc2Ca3!;qS=(o{#ZJ$+BZ+2!q&OeR8mq>zD|sBeF@_JtWFM( zsYGA@wfnE*G5J_#3u7BSY<;~je{n^^xY3`)@vyKxvBl1)kyPm8ucyrW?!jW|ATLIo zJdW-r3vdAp-bK@_nHcL_dUklo1*O26zzpO5qzjG@t9dC>#rV7h4XW(yY(`I)6j10b zN05(3#d7snY#aI*T(C>0E@h~UfTNJuWUj8p4gYvcEu87 zlHjNJc+~9sXSTTfv0q+3$JX{E8exC?k zcR?TG^Zwyv)CQG7F({2F+85bMpm6w4Nof|LnMqoXpn8Fx;iWq`Nu|cD;ZoUszrB(s zw4wO1{Fthm6&^L26BNvHAnHF*ZfNteIe_s@XLGotu)4cYEH32t@c5}TiiBA+Q3-uw z2xOtPU^nU>W{^IfIImA}*%E-4ip!N$X;T#i18Kh;4MO;9;LKsVp?GsRoGrF32JPM* z9on<-JWe4q`Ep>>txm8FbU}yalw7LDh5x8nDHj&rnFn}w3x2LEQ5!S9|BV zi|g5!Pt?HZbTd65?gsJg$Q5o8a90_HisL1d?qGzbBk@5>+3Tv}g6^cJ<94PLE^Vxo z^=D0|Zf|=kGqqM%LYbD4qJIkA16r?xa0m9VwrgJ#VuS@{!4G@Gd948D`zqaZ;p+hs zlX&hnYp+}UEgCv4_Sj(?9I~FFZwSw01BUs-!m3`{;ItQXr8b6OS4lO`gykmdveg%M z*tZ?*Ix*%|60b#)9vs-5AA2GJ7>%r{+Vc=%^eJ;aAiFtOnwzf`;U+(6V2$;yCm#w3 z;#OO%+UK|QV_`0VA;rF+eUUGae5|qw5|>Psn$OOLF*SP{`N*QzV-%)ah0+3f$0dir z3^o#c4Kj3q<_vTo1Y3U)>-$pwvgPw}h3bssIL4rfr~UToz`vtu(tvLj)=Pj}g&eLK z7R%xj7OgpqQtK*M9wC0Z<~Z}#r+GsC?*qo;{vXwDr2RMMavMH+o1jb3{o2<@qq*^7 z9>bNjVXOVGpXuN0M9%8M(xN(tN@neT9@<)~lkYf<&i<|6+Xf09atQ$aa|JLRK>G2C z+>#rl+?2kE6=UzaJsPi26CtW`pLLtp|s|UOENNx;Mba=cNQBHr9uh z1<;E$_%c^*#P~&KtY=W{GP8_lBqD&)q|5HDs+#)F;QJPg#<@#yA}EXop_&)`y{=pt zZMtvk`=QyZ(uBJcQgaCAZ=O_~43-eVy`TiOS|Gbl-tcD(q!Ssal#l#n|C$*R*B%e0 z{Sb*bCTyz5BH!@1=9_Uu3u5RiX{E#PJw_G5$8`}f(AY>0nSs4t>>)w`|~ZdP+Qt{74^CP(TyT4Y4edp*zY(02a&N}I^`e9ZCU~iwH7)FV+g3aZ z3KJfh`eV*w`}O3@SSlF}z9_Xbg@C8I!nIUm%L&fg(xD=Fr1+egVeI!_eQ_J4?(!-@ zWvxcP$9Lt*gX=uAouVhyx%in2jXlaJ;K6YM9S`eGR3>k`i)P8FhJR<|=r;|A`@PXh zwPt9=@6MwAmMDkrkG_~Xu)=@T_rmm0QR9@+x_Q_|nAE=-ogn*=$;l64JVHZ1VJ;`- zjHD+_M7yAa~mq99KuOYwR(#=z7Z!y?Xopif3e;yY%GKReX)l zbJcPZ|M!I5qq~)FVI6W=-}82i!k24fBhxj%d{lA1GPi)qi+wmEx7L3>W7Ot)sGsdyS%lfwRKg^AE?ft z=7l51>Bi1p>v5Q?%)L5L`%V+kx&xK_p%r1p8cDcgHt))w2Cw0iaufLnkR3>6UWeZU zMH}>3zMod{(oy1oDz31(S-I8bs!&xk)Aziruuzb|xoFP2n_zS0PTLzL_SHA}s4ag4|kYqJo*V4O2k}tLj!Y=BNuQ|UQ%@|YcXYVWBk7Kf+ zB2P#usoHQqhS$?bPFFHWxKPe}A>fQxcxE}Am?DpT&-I7VxuD;1NOtnq-5k1mUorFQ_{h{zJ*IkL<8%}Ag))_ocOA0!^-JPWyk` zb+(E3uLm!st*(CxMPqB;y=bH|n8Tl+U2J;(juwf_g5)r>)nvH#(c}elk(=gvv%YLS z5Rv7urvyWzJFFY${yVR3L2Kbfs*dH9Pj2xW+E%GUu>JID^gAZ{? z=N+~7B*XGFge#VdF}~d~`B&x^3*O%i6VI0`Dq|>D<#yIm%Zg8+(jPr z2v{X9!>R&bc@LO+h{CTw3C~S0HDfKmzrXLCvhDdX!fD0WQ>vQ8DjFpS?gKo>9AXMX zAAB65XBBkO6lv~k>09uude)JfE`k~Df^pxo&|<@*wVfx@ABp;2ZGnHvc>E^@rfQ|x zy*j6ADfx;kx^GJ5P^i=aJ%d6)4L#a>CDsjKxe5i22l28i8=fL~<@gtk=6=)uy!^L{ zO8)~R><1?jJDnL^nsdI}l0R4Dl{Kikctef9eB_kc2{QBeSKr*^=wFU$4?u>H%WyC@ zUqyAFF|UupYVTIns*YXLdKc-H?ge_$SB~?y$bO9h3wwnLMS2hhWDR%Xp64*wMvC$- zR^$0(p{goR-|u>}`uXn+A{67GN<%p??}MA@m?KqLFcA#-Jl|Z5^VMmN)}|;mAw>&9r)w2UyVOtfwYXcL-aiR~Hsd zeEx48L#CgT-<+?nv0ny@p3wX6~!~1g1HV6wy^135( zCUMqCd@|dPtZ0@i@zZ*i<>a`w9VR}|OJ@zXJ^3>aNf_s7%+;0NcbRxCfPf)RuXQY( zLPoIlCRcS=*0}oScp>1esaq@1=(L zjOgz?HS!1jrWR-Oi?hx8DtL~bW)EmPkgL5>BoN;uuS?`5<>trv?6N-rY)LC0-{Y9qJFLZP#7YBeOv>A%doTd_{qb((1tL593{F^KWpvfX^dV_>!;httA2jp z&z6Fm>G%1WZNe+-7`as3TVJf}O1BHBB4F1|^vCO_ZfR*=w`8{d&1edZJK_-HAGq`P zNdI*maukfe4n{-foi-HbXuN5RU_&7LdAPr6uZ)ZgB4~SEM}VYZM+~2i_d*PlWLggv z;T&?3+Jp`(@?AhBM9$?OJBK^hb!RDM7_{c#&DWuPU#Vh+-%!#eeop$gTu>z1^SYl2 z4mqL>1=dCOyz8r_`df36<^6IRvhD<^+1y_fnB8PyFRLEvj0)%8U0bWv*4D-{SNo{w z%jkXA+`Gg-B!{Dwqa8_;^i`CbXk10&S)@_YIhTtvlt|@Xe90+)HEB!H8Pk}dU2T1!L&@&*aU&z`2gr5DW`wyA+{~_ZH_<@HnSnKY}oV))8-T{aU%Lvs7 H=mq>Q?Ti)~ literal 0 HcmV?d00001 -- GitLab From 55ab4b5a5f1a5cb7d3998cdd84de3f56c4fe8322 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 25 Mar 2021 16:33:48 +0100 Subject: [PATCH 041/312] Fix CAS log message on service ticket validation error (#2494) --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm index 5f81da1435..8f6c9c2f04 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm @@ -7,7 +7,7 @@ use XML::Simple; use Lemonldap::NG::Common::UserAgent; use URI; -our $VERSION = '2.0.8'; +our $VERSION = '2.0.12'; # PROPERTIES @@ -397,7 +397,7 @@ sub validateST { if ( defined $xml->{'cas:authenticationFailure'} ) { $self->logger->error( "Failed to validate Service Ticket $ticket: " - . $xml->{'cas:authenticationFailure'} ); + . $xml->{'cas:authenticationFailure'}->{content} ); return 0; } -- GitLab From 098934682db0849852007aad3b29b6dd1a75c0b5 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Fri, 26 Mar 2021 21:54:21 +0100 Subject: [PATCH 042/312] Fix warning (#2486) --- .../lib/Lemonldap/NG/Manager/Conf/Tests.pm | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm index ad40bce8ac..1fc7b4698a 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm @@ -954,8 +954,8 @@ sub tests { $hasPwdBE ||= 1 unless $mods[2] eq 'Null'; } return ( -1, - 'Password module is enabled without AuthChoice password backend' ) - unless $hasPwdBE; +'Password module is enabled without AuthChoice password backend' + ) unless $hasPwdBE; } return 1; }, @@ -990,7 +990,10 @@ sub tests { # AuthChoice parameters must exist AuthChoiceParams => sub { - return 1 unless %{ $conf->{authChoiceModules} }; + return 1 + unless ( $conf->{authChoiceModules} + and %{ $conf->{authChoiceModules} } + and $conf->{authentication} eq 'Choice' ); foreach (qw(AuthBasic FindUser)) { if ( $conf->{"authChoice$_"} ) { my $test = $conf->{"authChoice$_"}; -- GitLab From c98e5ec763d84d21bf0404cdfa36251408295a4d Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Fri, 26 Mar 2021 22:10:46 +0100 Subject: [PATCH 043/312] Improve doc (#2381) --- doc/sources/admin/configvhost.rst | 5 +++-- doc/sources/admin/portalmenu.rst | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/doc/sources/admin/configvhost.rst b/doc/sources/admin/configvhost.rst index 90e80ecf56..e001206298 100644 --- a/doc/sources/admin/configvhost.rst +++ b/doc/sources/admin/configvhost.rst @@ -505,7 +505,8 @@ Some options are available: rules,...)* - **Access to trace**: can be used for overwriting REMOTE_CUSTOM with a custom function. Provide a comma separated parameters list with custom function path and args. - By example: My::accessToTrace, Doctor, Who + Args can be vars or session attributes, macros, ... + By example: My::accessToTrace, Doctor, Who, _whatToTrace - **Type**: handler type (normal, :doc:`ServiceToken Handler`, :doc:`DevOps Handler`,...) @@ -536,7 +537,7 @@ Some options are available: my $params = $hash->{params}; my $session = $hash->{session}; - return "$custom alias $params->[0]_$params->[1]:$session->{groups}"; + return "$custom alias $params->[0]_$params->[1]:$session->{groups}:$session->{$params->[2]}"; } 1; diff --git a/doc/sources/admin/portalmenu.rst b/doc/sources/admin/portalmenu.rst index 69931494f9..0a653ebb5f 100644 --- a/doc/sources/admin/portalmenu.rst +++ b/doc/sources/admin/portalmenu.rst @@ -38,7 +38,7 @@ Categories and applications --------------------------- :doc:`Configuring the virtual hosts` is not sufficient to -display an application in the menu. Indeed, a virtual host can contain +display an application in the menu. Indeed, a virtual host can serve several applications (http://vhost.example.com/appli1, http://vhost.example.com/appli2). -- GitLab From 2d60af304f126fff787a39b620a75240c1950cd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Mon, 29 Mar 2021 20:54:49 +0200 Subject: [PATCH 044/312] Fix notifications documentation (#2497) --- doc/sources/admin/notifications.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/sources/admin/notifications.rst b/doc/sources/admin/notifications.rst index eb1361f86c..87217ea77f 100644 --- a/doc/sources/admin/notifications.rst +++ b/doc/sources/admin/notifications.rst @@ -20,7 +20,7 @@ Activation To activate notifications system: -Go to Manager ``General Parameters`` » ``Advanced Parameters`` » ``Notifications`` » ``Activation`` +Go to Manager ``General Parameters`` » ``Plugins`` » ``Notifications`` » ``Activation`` or in ``lemonldap-ng.ini`` [portal] section: @@ -34,7 +34,7 @@ Explorer Notifications explorer allows users to see and display theirs accepted notifications. Disable by default, you just have to activate it in the -Manager (``General Parameters`` » ``Advanced Parameters`` » ``Notifications`` » +Manager (``General Parameters`` » ``Plugins`` » ``Notifications`` » ``Explorer``) or in ``lemonldap-ng.ini`` [portal] section: @@ -91,7 +91,7 @@ configuration: You can change default parameters using the "notificationStorage" and "notificationStorageOptions" parameters with the same syntax as configuration storage parameters. To do this in Manager, go in General -Parameters > Advanced Parameters > Notifications. +Parameters > Plugins > Notifications. File ^^^^ @@ -200,7 +200,7 @@ The notifications module uses a wildcard to manage notifications for all users. The default value of this wildcard is ``allusers``, but you can change it if ``allusers`` is a known identifier in your system. -To change it, go in General Parameters > Advanced Parameters > +To change it, go in General Parameters > Plugins > Notifications > Wildcard for all users, and set for example ``alluserscustom``. -- GitLab From 2c8cbbefe6cb859dacea688522616492f1b94f31 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 23 Mar 2021 09:17:51 +0100 Subject: [PATCH 045/312] "xxx is allowed to update 2FA" should be a debug message --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm index fffddd7691..3053ea1fcf 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugin.pm @@ -107,7 +107,7 @@ sub createNotification { sub canUpdateSfa { my ( $self, $req, $action ) = @_; my $user = $req->userData->{ $self->conf->{whatToTrace} }; - my $msg = undef; + my $msg = undef; # Test action if ( $action && $action eq 'delete' ) { @@ -157,7 +157,7 @@ sub canUpdateSfa { $msg = 'notAuthorized'; } } - $self->userLogger->info("$user is allowed to update 2FA") unless $msg; + $self->logger->debug("$user is allowed to update 2FA") unless $msg; return $msg; } -- GitLab From 20e1f9ded0a4414b3e58f199bf7f3cba20ce4012 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 29 Mar 2021 15:12:10 +0200 Subject: [PATCH 046/312] Hash JWT to catch tampering (#2419) This mechanism's only purpose is to make the introsection endpoint fail to verify the token when the JWT itself has been tampered with. --- .../NG/Portal/Issuer/OpenIDConnect.pm | 2 +- .../Lemonldap/NG/Portal/Lib/OpenIDConnect.pm | 157 +++++++++++------- 2 files changed, 95 insertions(+), 64 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 4c866fb3ec..944a3e62de 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1719,7 +1719,7 @@ sub userInfo { unless ($accessTokenSession) { $self->userLogger->error( - "Unable to get access token session for id $access_token"); + "Unable to validate access token $access_token"); return $self->returnBearerError( 'invalid_request', 'Invalid request', 401 ); } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm index d8fd72ea5e..40c1823abe 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm @@ -722,93 +722,100 @@ sub getAuthorizationCode { sub newAccessToken { my ( $self, $req, $rp, $scope, $sessionInfo, $info ) = @_; + my $at_info = { + + scope => $scope, + rp => $rp, + %{$info}, + }; + my $session = $self->getOpenIDConnectSession( undef, "access_token", $self->conf->{oidcRPMetaDataOptions}->{$rp} ->{oidcRPMetaDataOptionsAccessTokenExpiration} || $self->conf->{oidcServiceAccessTokenExpiration}, - { - - scope => $scope, - rp => $rp, - %{$info}, - } + $at_info, ); if ($session) { - return $self->maybeJWT( $req, $rp, $scope, $session->id, $sessionInfo ); + if ( $self->_wantJWT($rp) ) { + my $at_jwt = + $self->makeJWT( $req, $rp, $scope, $session->id, $sessionInfo ); + $at_info->{sha256_hash} = $self->createHash( $at_jwt, 256 ); + $self->updateToken( $session->id, $at_info ); + return $at_jwt; + } + else { + return $session->id; + } } else { return undef; } } -sub maybeJWT { +sub _wantJWT { + my ( $self, $rp ) = @_; + return $self->conf->{oidcRPMetaDataOptions}->{$rp} + ->{oidcRPMetaDataOptionsAccessTokenJWT}; +} + +sub makeJWT { my ( $self, $req, $rp, $scope, $id, $sessionInfo ) = @_; - if ( $self->conf->{oidcRPMetaDataOptions}->{$rp} - ->{oidcRPMetaDataOptionsAccessTokenJWT} ) - { + my $exp = + $self->conf->{oidcRPMetaDataOptions}->{$rp} + ->{oidcRPMetaDataOptionsAccessTokenExpiration} + || $self->conf->{oidcServiceAccessTokenExpiration}; + $exp += time; + my $client_id = $self->oidcRPList->{$rp}->{oidcRPMetaDataOptionsClientID}; - my $exp = - $self->conf->{oidcRPMetaDataOptions}->{$rp} - ->{oidcRPMetaDataOptionsAccessTokenExpiration} - || $self->conf->{oidcServiceAccessTokenExpiration}; - $exp += time; - my $client_id = - $self->oidcRPList->{$rp}->{oidcRPMetaDataOptionsClientID}; - - my $access_token_payload = { - iss => $self->iss, # Issuer Identifier - exp => $exp, # expiration - aud => $self->getAudiences($rp), # Audience - client_id => $client_id, # Client ID - iat => time, # Issued time - jti => $id, # Access Token session ID - scope => $scope, # Scope - }; + my $access_token_payload = { + iss => $self->iss, # Issuer Identifier + exp => $exp, # expiration + aud => $self->getAudiences($rp), # Audience + client_id => $client_id, # Client ID + iat => time, # Issued time + jti => $id, # Access Token session ID + scope => $scope, # Scope + }; - my $claims; - if ( ref($sessionInfo) eq "HASH" ) { - $claims = $self->buildUserInfoResponseFromData( $req, $scope, - $rp, $sessionInfo ); - } - else { - $claims = $self->buildUserInfoResponseFromId( $req, $scope, - $rp, $sessionInfo ); - } + my $claims; + if ( ref($sessionInfo) eq "HASH" ) { + $claims = $self->buildUserInfoResponseFromData( $req, $scope, + $rp, $sessionInfo ); + } + else { + $claims = + $self->buildUserInfoResponseFromId( $req, $scope, $rp, $sessionInfo ); + } - # Release claims, or only sub - if ( $self->conf->{oidcRPMetaDataOptions}->{$rp} - ->{oidcRPMetaDataOptionsAccessTokenClaims} ) - { - foreach ( keys %$claims ) { - $access_token_payload->{$_} = $claims->{$_}; - } - } - else { - $access_token_payload->{sub} = $claims->{sub}; + # Release claims, or only sub + if ( $self->conf->{oidcRPMetaDataOptions}->{$rp} + ->{oidcRPMetaDataOptionsAccessTokenClaims} ) + { + foreach ( keys %$claims ) { + $access_token_payload->{$_} = $claims->{$_}; } + } + else { + $access_token_payload->{sub} = $claims->{sub}; + } - # Call hook to let the user modify payload - my $h = $self->p->processHook( $req, 'oidcGenerateAccessToken', - $access_token_payload, $rp ); - return undef if ( $h != PE_OK ); + # Call hook to let the user modify payload + my $h = $self->p->processHook( $req, 'oidcGenerateAccessToken', + $access_token_payload, $rp ); + return undef if ( $h != PE_OK ); - # Get signature algorithm - my $alg = $self->conf->{oidcRPMetaDataOptions}->{$rp} - ->{oidcRPMetaDataOptionsAccessTokenSignAlg} || "RS256"; - $self->logger->debug("Access Token signature algorithm: $alg"); + # Get signature algorithm + my $alg = $self->conf->{oidcRPMetaDataOptions}->{$rp} + ->{oidcRPMetaDataOptionsAccessTokenSignAlg} || "RS256"; + $self->logger->debug("Access Token signature algorithm: $alg"); - my $jwt = - $self->createJWT( $access_token_payload, $alg, $rp, "at+JWT" ); + my $jwt = $self->createJWT( $access_token_payload, $alg, $rp, "at+JWT" ); - return $jwt; - } - else { - return $id; - } + return $jwt; } # Get an session from the supplied Access Token @@ -820,7 +827,26 @@ sub getAccessToken { my $id = getAccessTokenSessionId($access_token); return unless $id; - return $self->getOpenIDConnectSession( $id, "access_token" ); + my $session = $self->getOpenIDConnectSession( $id, "access_token" ); + return undef unless $session; + + my $stored_hash = $session->{data}->{sha256_hash}; + if ($stored_hash) { + my $incoming_hash = $self->createHash( $access_token, 256 ); + if ( $stored_hash eq $incoming_hash ) { + return $session; + } + else { + $self->logger->error( + "Incoming Access token hash $incoming_hash " + . "does not match stored hash $stored_hash. " + . "The access token might have been tampered with." ); + return undef; + } + } + else { + return $session; + } } # Create a new Refresh Token @@ -851,6 +877,11 @@ sub getRefreshToken { } sub updateRefreshToken { + my $self = shift; + return $self->updateToken($@); +} + +sub updateToken { my ( $self, $id, $infos ) = @_; my %storage = ( -- GitLab From dca8483ec592bc4ebe066bed54462632f3ebb790 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 29 Mar 2021 15:28:17 +0200 Subject: [PATCH 047/312] Relax scope name constraints in manager (#2424) --- lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm | 2 +- .../lib/Lemonldap/NG/Manager/Build/Attributes.pm | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 68f9ab7805..259eeb3fec 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -2443,7 +2443,7 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: 'default' => {}, 'test' => { 'keyMsgFail' => '__badMacroName__', - 'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + 'keyTest' => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, 'test' => sub { return perlExpr(@_); } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 732568b5af..f3212ff66a 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -4338,7 +4338,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: type => 'keyTextContainer', help => 'idpopenidconnect.html#scope-rules', test => { - keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/, + # RFC6749 + keyTest => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, keyMsgFail => '__badMacroName__', test => sub { return perlExpr(@_) }, }, -- GitLab From b4f5ee58c36e5a2b9718c9aa09e329774f4cdefc Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 30 Mar 2021 12:07:09 +0200 Subject: [PATCH 048/312] Fix #2498 --- lemonldap-ng-common/scripts/convertSessions | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/lemonldap-ng-common/scripts/convertSessions b/lemonldap-ng-common/scripts/convertSessions index 9aae913b1b..e76af7a007 100755 --- a/lemonldap-ng-common/scripts/convertSessions +++ b/lemonldap-ng-common/scripts/convertSessions @@ -128,6 +128,17 @@ Lemonldap::NG::Common::Apache::Session->get_key_from_all_sessions( my $entry = shift; my $id = shift; + # If filtering sessionKind + if (@sessionKindOnly) { + + unless ( grep { $_ eq $entry->{_session_kind} } @sessionKindOnly ) { + print "Ignoring session $id with type " + . $entry->{_session_kind} . "\n" + if $debug; + return undef; + } + } + print "Processing session $id\n" if $debug; my $s = Lemonldap::NG::Common::Session->new( { storageModule => $backendTo->{backend}, @@ -138,14 +149,6 @@ Lemonldap::NG::Common::Apache::Session->get_key_from_all_sessions( } ); - # If filtering sessionKind - if (@sessionKindOnly) { - - unless ( grep { $_ eq $entry->{_session_kind} } @sessionKindOnly ) { - return undef; - } - } - if ( $s->error ) { die "Error encountered on session $id" unless $ignore_errors; $nb_error += 1; -- GitLab From 6f9734db92a5e01975f050567c8879ce385271b2 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 30 Mar 2021 12:07:32 +0200 Subject: [PATCH 049/312] convertSession: add option to rename fields (#2499) --- lemonldap-ng-common/scripts/convertSessions | 111 +++++++++++--------- 1 file changed, 64 insertions(+), 47 deletions(-) diff --git a/lemonldap-ng-common/scripts/convertSessions b/lemonldap-ng-common/scripts/convertSessions index e76af7a007..9ba895895d 100755 --- a/lemonldap-ng-common/scripts/convertSessions +++ b/lemonldap-ng-common/scripts/convertSessions @@ -13,62 +13,45 @@ use Lemonldap::NG::Common::Apache::Session; use Lemonldap::NG::Common::Session; use Config::IniFiles; use strict; -use Getopt::Std; -$Getopt::Std::STANDARD_HELP_VERSION = 1; +use Getopt::Long; +use Pod::Usage; our $VERSION = "2.0.6"; # Options # -d: debug mode # -c: configuration file +# -r: configuration file # -i: ignore errors -my $opts = {}; -getopts( 'dic:', $opts ); -my $debug = $opts->{d}; -my $config_file = $opts->{c}; -my $ignore_errors = $opts->{i}; -my $nb_converted = 0; -my $nb_error = 0; - -sub HELP_MESSAGE { - my $OUT = shift; - print $OUT < '/var/lib/lemonldap-ng/sessions', \\ - 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock', \\ -} -# Only convert some session types -# sessionKind = Persistent, SSO - -[sessions_to] -storageModule = Apache::Session::Browseable::Postgres -storageModuleOptions = { \\ - 'DataSource' => 'DBI:Pg:database=lemonldapdb;host=pg.example.com', \\ - 'UserName' => 'lemonldaplogin', \\ - 'Password' => 'lemonldappw', \\ - 'Commit' => 1, \\ - 'Index' => 'ipAddr _whatToTrace user', \\ - 'TableName' => 'sessions', \\ -} - -END_MESSAGE -} +my $debug; +my $config_file; +my $ignore_errors; +my %rename; +my $help; +my $nb_converted = 0; +my $nb_error = 0; + +GetOptions( + 'help|?' => \$help, + 'debug|d' => \$debug, + 'config|c=s' => \$config_file, + 'ignore-errors|i' => \$ignore_errors, + 'rename|r=s' => \%rename, +) or pod2usage(2); +pod2usage( + -exitval => 1, + -verbose => 99, + -sections => "SYNOPSIS|OPTIONS|CONFIGURATION FILE FORMAT" +) if $help; unless ($config_file) { - HELP_MESSAGE( \*STDERR ); - die "You must provide the -c option"; + pod2usage( + -exitval => 2, + -verbose => 99, + -message => "You must provide the -c option\n", + -sections => "SYNOPSIS|OPTIONS|CONFIGURATION FILE FORMAT" + ); } my $inicfg = @@ -139,6 +122,17 @@ Lemonldap::NG::Common::Apache::Session->get_key_from_all_sessions( } } + if (%rename) { + for my $oldkey ( keys %rename ) { + my $newkey = $rename{$oldkey}; + if ( $newkey and $entry->{$oldkey} ) { + print "Renaming $oldkey to $newkey in session $id\n" + if $debug; + $entry->{$newkey} = delete $entry->{$oldkey}; + } + } + } + print "Processing session $id\n" if $debug; my $s = Lemonldap::NG::Common::Session->new( { storageModule => $backendTo->{backend}, @@ -178,7 +172,7 @@ convertSessions - A tool to convert Lemonldap::NG sessions between storage backe =head1 SYNOPSIS - convertSession [-di] -c parameters.ini + convertSession [-di] [-r oldkey=newkey ] -c parameters.ini =head1 DESCRIPTION @@ -194,6 +188,29 @@ destination backend will be kept, unless they have the same session ID as a session in the source backend. In that case, the source will overwrite the destination. +=head1 OPTIONS + +=over + +=item B<--config>,B<-c> + +Specify configuration file + +=item B<--debug>,B<-d> + +Turns on debugging information + +=item B<--ignore-errors>,B<-i> + +Skip to the next session if converting a session fails + +=item B<--rename oldkey=newkey>,B<-r oldkey=newkey> + +Rename key names when migrating from one backend to the next. + +This option can be specified multiple times + +=back =head1 CONFIGURATION FILE FORMAT -- GitLab From 47a3a534a3856c2574ac65eaae37c78cc0110699 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 30 Mar 2021 12:11:08 +0200 Subject: [PATCH 050/312] Doc for #2499 --- doc/sources/admin/changesessionbackend.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/sources/admin/changesessionbackend.rst b/doc/sources/admin/changesessionbackend.rst index 9c6501145b..d14c4e2f6b 100644 --- a/doc/sources/admin/changesessionbackend.rst +++ b/doc/sources/admin/changesessionbackend.rst @@ -45,6 +45,7 @@ Invocation Options: - ``-c``: job configuration file (mandatory) +- ``-r oldkey=newkey``: rename session keys during conversion (optional, can be given multiple times) - ``-i``: ignore errors. By default errors will stop the script execution - ``-d``: print debugging output -- GitLab From 824cd5fb89e428f041f1d18adab999611d326aa5 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 30 Mar 2021 16:30:22 +0200 Subject: [PATCH 051/312] Fix CLI for oidcOPMetaDataJSON (#2439) and oidcOPMetaDataJWKS --- .../lib/Lemonldap/NG/Common/Conf/ReConstants.pm | 2 +- .../lib/Lemonldap/NG/Manager/Attributes.pm | 6 ++++++ lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm | 9 +++++++++ .../lib/Lemonldap/NG/Manager/Build/Attributes.pm | 4 ++-- 4 files changed, 18 insertions(+), 3 deletions(-) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index f512756d87..125e942200 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -22,7 +22,7 @@ our $specialNodeHash = { }; our $doubleHashKeys = 'issuerDBGetParameters'; -our $simpleHashKeys = '(?:(?:c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)|l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|(?:(?:d(?:emo|bi)|webID)E|e)xportedVar|macro)s|o(?:idcS(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))'; +our $simpleHashKeys = '(?:(?:c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)|l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|(?:(?:d(?:emo|bi)|webID)E|e)xportedVar|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|OPMetaDataJ(?:SON|WKS))|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))'; our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s'; our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:(?:UserAttribut|Servic|Rul)e|AuthnLevel)|(?:ExportedVar|Macro)s)'; our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 259eeb3fec..4605961b3f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -2148,9 +2148,15 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: 'type' => 'keyTextContainer' }, 'oidcOPMetaDataJSON' => { + 'keyTest' => sub { + 1; + }, 'type' => 'file' }, 'oidcOPMetaDataJWKS' => { + 'keyTest' => sub { + 1; + }, 'type' => 'file' }, 'oidcOPMetaDataNodes' => { diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm index 16a60b20ca..1cb6cc6a99 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm @@ -694,9 +694,18 @@ sub scanTree { } } } + if ($prefix) { push @cnodesKeys, $leaf; } + + # issue 2439 + # FIXME: in future versions, oidcOPMetaDataJSON and samlIDPMetaDataXML shoud + # behave the same + if ( $leaf =~ /^oidcOPMetaData(?:JSON|JWKS)$/ ) { + push @simpleHashKeys, $leaf; + } + if ( $attr->{type} =~ /^(?:catAndAppList|\w+Container)$/ ) { $jleaf->{cnodes} = $prefix . $leaf; unless ( $prefix or $leaf =~ $reIgnoreKeys ) { diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index f3212ff66a..7668339fc1 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -4152,8 +4152,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: oidcRPMetaDataOptions => { type => 'subContainer', }, # OpenID Connect providers - oidcOPMetaDataJSON => { type => 'file', }, - oidcOPMetaDataJWKS => { type => 'file', }, + oidcOPMetaDataJSON => { type => 'file', keyTest => sub { 1 } }, + oidcOPMetaDataJWKS => { type => 'file', keyTest => sub { 1 } }, oidcOPMetaDataExportedVars => { type => 'keyTextContainer', default => { -- GitLab From 5d649f67f5b05528512a894189626df9368e1091 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Tue, 30 Mar 2021 16:57:05 +0200 Subject: [PATCH 052/312] clarify auth::openidconnect doc (#2500) --- doc/sources/admin/authopenidconnect.rst | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/doc/sources/admin/authopenidconnect.rst b/doc/sources/admin/authopenidconnect.rst index ae8d03e829..baf2e0eb0b 100644 --- a/doc/sources/admin/authopenidconnect.rst +++ b/doc/sources/admin/authopenidconnect.rst @@ -113,22 +113,19 @@ Register LL::NG to an OpenID Connect Provider ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To register LL::NG, you will need to give some information like -application name or logo. One of mandatory information is the redirect -URL (one or many). +application name or logo. -To know this information, just take the portal URL and the Callback GET -parameter, for example: +You will be asked to provide a *Redirect URI* for LemonLDAP::NG, which is constructed by appending the ``openidcallback=1`` parameter to the Portal URL. -- http://auth.example.com/?openidcallback=1 -- http://auth.example.com/index.pl?openidcallback=1 -- http://auth.example.com/?lmAuth=oidc&openidcallback=1 +For example: + +- https://auth.example.com/?openidcallback=1 .. attention:: - If you use the :doc:`choice backend`, you - need to add the choice parameter in redirect URL or - set SameSite cookie value to "Lax" or "None". + If you use the :doc:`choice backend`, + you need to set SameSite cookie value to "Lax" or "None". See :doc:`SSO cookie parameters` After registration, the OP must give you a client ID and a client -- GitLab From 89111859a0afd28e03f7aa1b08ed983d7e7086c8 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Tue, 30 Mar 2021 23:54:06 +0200 Subject: [PATCH 053/312] Typos (#1976) --- .../lib/Lemonldap/NG/Portal/Plugins/FindUser.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm index 67545f88a1..cc24c567f7 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm @@ -5,8 +5,8 @@ use Mouse; use Lemonldap::NG::Portal::Main::Constants qw( PE_OK PE_NOTOKEN - PE_TOKENEXPIRED PE_FIRSTACCESS + PE_TOKENEXPIRED ); our $VERSION = '2.0.12'; @@ -96,7 +96,7 @@ sub retreiveFindUserParams { } else { $self->logger->warn( - "Parameter $key has been reject by findUserControl") + "Parameter $key has been rejected by findUserControl") if $defined; (); } -- GitLab From d6968535569d5855297188a900f921350d3d913e Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 31 Mar 2021 11:42:55 +0200 Subject: [PATCH 054/312] Factor MAIN_LOGO variable in loadMailTemplate (#2495) --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm | 5 ++--- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm | 1 + .../NG/Portal/Plugins/CertificateResetByMail.pm | 9 +++------ .../lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm | 8 +++----- .../lib/Lemonldap/NG/Portal/Plugins/Register.pm | 7 ++----- 5 files changed, 11 insertions(+), 19 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm index 28167430e8..c78e5a3fe2 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm @@ -82,8 +82,6 @@ sub run { } # Build mail content - my %tplPrms; - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{mail2fSubject}; @@ -104,7 +102,8 @@ sub run { $req, 'mail_2fcode', filter => $tr, - params => \%tplPrms + params => { + }, ); $html = 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm index 60462bfd2b..490712059b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm @@ -49,6 +49,7 @@ sub loadMailTemplate { # HTML::Template cache interferes with email translation (#1897) $prm{cache} = 0 unless defined $prm{cache}; $prm{params}->{STATIC_PREFIX} = $self->p->staticPrefix; + $prm{params}->{MAIN_LOGO} = $self->conf->{portalMainLogo}; my %extra = $self->p->can('tplParams') ? $self->p->tplParams($req) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm index d818393aa5..bc7a664377 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm @@ -129,7 +129,7 @@ sub certificateReset { sub _certificateReset { my ( $self, $req ) = @_; - my ( $mailToken, %tplPrms ); + my ($mailToken); # CertificatReset FORM => modifyCertificate() if ( $req->method =~ /^POST$/i @@ -359,7 +359,6 @@ sub _certificateReset { ); # Build mail content - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{certificateResetByMailStep1Subject}; unless ($subject) { @@ -380,7 +379,7 @@ sub _certificateReset { $req, 'mail_certificateConfirm', filter => $tr, - params => \%tplPrms + params => {}, ); $html = 1; } @@ -420,7 +419,6 @@ sub _certificateReset { sub modifyCertificate { my ( $self, $req ) = @_; - my %tplPrms; my $nbio; my $x509; my $notAfter; @@ -539,7 +537,6 @@ sub modifyCertificate { $req->{sessionInfo}->{ $self->conf->{mailSessionKey} } ); # Build mail content - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{certificateResetByMailStep2Subject}; unless ($subject) { @@ -560,7 +557,7 @@ sub modifyCertificate { $req, 'mail_certificateReset', filter => $tr, - params => \%tplPrms + params => {}, ); $html = 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm index 19b2b7d5c0..91b99f0b81 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm @@ -91,7 +91,7 @@ sub resetPwd { sub _reset { my ( $self, $req ) = @_; - my ( $mailToken, %tplPrms ); + my ($mailToken); # PASSWORD CHANGE FORM => changePwd() if ( @@ -323,7 +323,6 @@ sub _reset { ); # Build mail content - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{mailConfirmSubject}; unless ($subject) { @@ -344,7 +343,7 @@ sub _reset { $req, 'mail_confirm', filter => $tr, - params => \%tplPrms + params => {}, ); $html = 1; } @@ -496,7 +495,6 @@ sub changePwd { $req->{sessionInfo}->{ $self->conf->{mailSessionKey} } ); # Build mail content - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{mailSubject}; unless ($subject) { @@ -517,7 +515,7 @@ sub changePwd { $req, 'mail_password', filter => $tr, - params => \%tplPrms + params => {%tplPrms}, ); $html = 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm index acac9f795b..a082552bc3 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm @@ -114,7 +114,6 @@ sub register { # Parameters check sub _register { my ( $self, $req ) = @_; - my %tplPrms; # Check if it's a first access unless ( ( $req->method =~ /^POST$/i and $req->param('mail') ) @@ -301,7 +300,6 @@ sub _register { ); # Build mail content - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{registerConfirmSubject}; unless ($subject) { @@ -316,7 +314,7 @@ sub _register { $req, 'mail_register_confirm', filter => $tr, - params => \%tplPrms + params => {}, ); # Replace variables in body @@ -361,7 +359,6 @@ sub _register { } # Build mail content - $tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo}; my $tr = $self->translate($req); my $subject = $self->conf->{registerDoneSubject}; unless ($subject) { @@ -376,7 +373,7 @@ sub _register { $req, 'mail_register_done', filter => $tr, - params => \%tplPrms + params => {}, ); # Build portal url -- GitLab From 297dc830af7f13f9bd5d3998783295037350e391 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 31 Mar 2021 12:08:24 +0200 Subject: [PATCH 055/312] Update mail templates to no longer use string substitution (#2495) --- .../lib/Lemonldap/NG/Portal/2F/Mail2F.pm | 3 ++ .../Portal/Plugins/CertificateResetByMail.pm | 10 ++++++- .../NG/Portal/Plugins/MailPasswordReset.pm | 17 +++++++++-- .../Lemonldap/NG/Portal/Plugins/Register.pm | 30 +++++++++++++------ .../site/templates/common/mail_2fcode.tpl | 4 +-- .../common/mail_certificateConfirm.tpl | 4 +-- .../common/mail_certificateReset.tpl | 2 +- .../site/templates/common/mail_confirm.tpl | 4 +-- .../site/templates/common/mail_footer.tpl | 2 +- .../site/templates/common/mail_password.tpl | 4 +-- .../common/mail_register_confirm.tpl | 4 +-- .../templates/common/mail_register_done.tpl | 8 ++--- 12 files changed, 63 insertions(+), 29 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm index c78e5a3fe2..72677248e1 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm @@ -103,12 +103,15 @@ sub run { 'mail_2fcode', filter => $tr, params => { + code => $code, }, ); $html = 1; } # Replace variables in body + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$code/$code/g; $body =~ s/\$(\w+)/$req->{sessionInfo}->{$1} || ''/ge; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm index bc7a664377..a9b93402c6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm @@ -379,12 +379,18 @@ sub _certificateReset { $req, 'mail_certificateConfirm', filter => $tr, - params => {}, + params => { + expMailDate => $req->data->{expMailDate}, + expMailTime => $req->data->{expMailTime}, + url => $url, + }, ); $html = 1; } # Replace variables in body + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$expMailDate/$req->data->{expMailDate}/ge; $body =~ s/\$expMailTime/$req->data->{expMailTime}/ge; $body =~ s/\$url/$url/g; @@ -563,6 +569,8 @@ sub modifyCertificate { } # Replace variables in body + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$(\w+)/$req->{sessionInfo}->{$1} || ''/ge; # Send mail diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm index 91b99f0b81..0662e42d25 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm @@ -343,12 +343,18 @@ sub _reset { $req, 'mail_confirm', filter => $tr, - params => {}, + params => { + expMailDate => $req->data->{expMailDate}, + expMailTime => $req->data->{expMailTime}, + url => $url, + }, ); $html = 1; } # Replace variables in body + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$expMailDate/$req->data->{expMailDate}/ge; $body =~ s/\$expMailTime/$req->data->{expMailTime}/ge; $body =~ s/\$url/$url/g; @@ -503,6 +509,8 @@ sub changePwd { } my $body; my $html; + my $password = $req->data->{newpassword}; + if ( $self->conf->{mailBody} ) { # We use a specific text message, no html @@ -515,13 +523,16 @@ sub changePwd { $req, 'mail_password', filter => $tr, - params => {%tplPrms}, + params => { + %tplPrms, password => $password, + }, ); $html = 1; } # Replace variables in body - my $password = $req->data->{newpassword}; + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$password/$password/g; $body =~ s/\$(\w+)/$req->{sessionInfo}->{$1} || ''/ge; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm index a082552bc3..3834a8b99a 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm @@ -314,10 +314,17 @@ sub _register { $req, 'mail_register_confirm', filter => $tr, - params => {}, + params => { + expMailDate => $req->data->{expMailDate}, + expMailTime => $req->data->{expMailTime}, + url => $url, + %{ $req->data->{registerInfo} || {} }, + }, ); # Replace variables in body + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$expMailDate/$req->data->{expMailDate}/g; $body =~ s/\$expMailTime/$req->data->{expMailTime}/g; $body =~ s/\$url/$url/g; @@ -368,14 +375,6 @@ sub _register { my $body; my $html = 1; - # Use HTML template - $body = $self->loadMailTemplate( - $req, - 'mail_register_done', - filter => $tr, - params => {}, - ); - # Build portal url my $url = $self->conf->{portal}; $url =~ s#/*$##; @@ -387,7 +386,20 @@ sub _register { ( $req_url ? ( url => $req_url ) : () ), ); + # Use HTML template + $body = $self->loadMailTemplate( + $req, + 'mail_register_done', + filter => $tr, + params => { + url => $url, + %{ $req->data->{registerInfo} || {} }, + }, + ); + # Replace variables in body + # FIXME: kept for compatibility with 2.0.0 mail templates + # in future versions this should only happen for plaintext emails $body =~ s/\$url/$url/g; $body =~ s/\$(\w+)/$req->data->{registerInfo}->{$1}/ge; diff --git a/lemonldap-ng-portal/site/templates/common/mail_2fcode.tpl b/lemonldap-ng-portal/site/templates/common/mail_2fcode.tpl index b91add9554..d78fa4e312 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_2fcode.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_2fcode.tpl @@ -1,10 +1,10 @@ -Hello $cn,
+Hello ,

Your login code is -$code
+
diff --git a/lemonldap-ng-portal/site/templates/common/mail_certificateConfirm.tpl b/lemonldap-ng-portal/site/templates/common/mail_certificateConfirm.tpl index 871cf16a00..57d23b4d73 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_certificateConfirm.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_certificateConfirm.tpl @@ -1,10 +1,10 @@

-Hello $cn,
+Hello ,

go - +" style="text-decoration:none;color:orange;"> Click here to reset your certificate

diff --git a/lemonldap-ng-portal/site/templates/common/mail_certificateReset.tpl b/lemonldap-ng-portal/site/templates/common/mail_certificateReset.tpl index df463ec7a1..c6cef2b18f 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_certificateReset.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_certificateReset.tpl @@ -1,7 +1,7 @@

-Hello $cn,
+Hello ,

Your certificate has been successfully reset!

diff --git a/lemonldap-ng-portal/site/templates/common/mail_confirm.tpl b/lemonldap-ng-portal/site/templates/common/mail_confirm.tpl index 85a56b30af..383511bb87 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_confirm.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_confirm.tpl @@ -1,10 +1,10 @@

-Hello $cn,
+Hello ,

go - +" style="text-decoration:none;color:orange;"> Click here to reset your password

diff --git a/lemonldap-ng-portal/site/templates/common/mail_footer.tpl b/lemonldap-ng-portal/site/templates/common/mail_footer.tpl index c5cd433dac..d951c79182 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_footer.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_footer.tpl @@ -4,7 +4,7 @@

This mail was sent automatically
The request was issued from IP -$ipAddr +

diff --git a/lemonldap-ng-portal/site/templates/common/mail_password.tpl b/lemonldap-ng-portal/site/templates/common/mail_password.tpl index 19f7b39323..56e85c0a2d 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_password.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_password.tpl @@ -1,12 +1,12 @@

-Hello $cn,
+Hello ,

Your new password is key -$password + Your password has been successfully changed! diff --git a/lemonldap-ng-portal/site/templates/common/mail_register_confirm.tpl b/lemonldap-ng-portal/site/templates/common/mail_register_confirm.tpl index 1a7fdb14a4..954ee1dffc 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_register_confirm.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_register_confirm.tpl @@ -1,10 +1,10 @@

-Hello $firstname $lastname,
+Hello ,

go - +" style="text-decoration:none;color:orange;"> Click here to confirm your account registration

diff --git a/lemonldap-ng-portal/site/templates/common/mail_register_done.tpl b/lemonldap-ng-portal/site/templates/common/mail_register_done.tpl index 5b9326cf84..36b07bc5f8 100644 --- a/lemonldap-ng-portal/site/templates/common/mail_register_done.tpl +++ b/lemonldap-ng-portal/site/templates/common/mail_register_done.tpl @@ -1,19 +1,19 @@

-Hello $firstname $lastname,
+Hello ,

Your account was successfully created.

Your login is go -$login +
Your password is key -$password +

-

Click here to access to portal

+

">Click here to access to portal

-- GitLab From 4da7ca8d131c297ae429c489c130c66e135afa0a Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 11:22:27 +0200 Subject: [PATCH 056/312] Update doc --- doc/sources/admin/configvhost.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/sources/admin/configvhost.rst b/doc/sources/admin/configvhost.rst index e001206298..3d1f3d019f 100644 --- a/doc/sources/admin/configvhost.rst +++ b/doc/sources/admin/configvhost.rst @@ -467,8 +467,8 @@ application by LL::NG. With **Nginx**-based ReverseProxy, header directives can be appended by a LUA script. - To send more than **TEN** headers to protected applications, you have to - edit and modify : + To send more than **15** headers to protected applications, + you have to edit and modify : ``/etc/nginx/nginx-lua-headers.conf`` -- GitLab From 654184dd662b73035cd5740379e3a4a7995e6d4c Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 11:22:46 +0200 Subject: [PATCH 057/312] Fix bad request (#2501) --- .../Lemonldap/NG/Portal/Plugins/Upgrade.pm | 8 +- .../t/78-2F-UpgradeOnly-without-2F.t | 100 ++++++++++++++++++ 2 files changed, 106 insertions(+), 2 deletions(-) create mode 100644 lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm index 63b88c408d..b843a1b9ec 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm @@ -8,7 +8,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_TOKENEXPIRED ); -our $VERSION = '2.0.10'; +our $VERSION = '2.0.12'; extends 'Lemonldap::NG::Portal::Main::Plugin'; @@ -125,7 +125,7 @@ sub confirm { my $res = $self->p->process($req); return $self->p->do( $req, [ sub { $res } ] ) if $res; - if ( $upg or $req->param('confirm') == 1 ) { + if ( $upg or $req->param('confirm') and $req->param('confirm') == 1 ) { $req->data->{noerror} = 1; if ($sfOnly) { @@ -152,7 +152,11 @@ sub confirm { } } else { + # Go to portal + $self->logger->debug("Upgrade session failed -> Go to portal"); + $req->mustRedirect(1); + return $self->p->do( $req, [ sub { PE_OK } ] ); } } diff --git a/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t b/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t new file mode 100644 index 0000000000..376a7b9d3c --- /dev/null +++ b/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t @@ -0,0 +1,100 @@ +use Test::More; +use strict; +use IO::String; +use Data::Dumper; + +require 't/test-lib.pm'; +require 't/smtp.pm'; + +use_ok('Lemonldap::NG::Common::FormEncode'); +count(1); +my $res; + +my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'debug', + sfOnlyUpgrade => 1, + u2fActivation => 1, + u2fAuthnLevel => 5, + authentication => 'Demo', + userDB => 'Same', + 'vhostOptions' => { + 'test1.example.com' => { + 'vhostAuthnLevel' => 3 + }, + }, + } + } +); + +# CASE 1: no 2F available +# ----------------------- +my $query = 'user=rtyler&password=rtyler'; +ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' +); +count(1); + +my $id = expectCookie($res); + +# After attempting to access test1, +# the handler sends up back to /upgradesession +# -------------------------------------------- + +ok( + $res = $client->_get( + '/upgradesession', + query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t', + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Upgrade session query' +); +count(1); + +( my $host, my $url, $query ) = + expectForm( $res, undef, '/upgradesession', 'confirm', 'url' ); + +# Accept session upgrade +# ---------------------- + +ok( + $res = $client->_post( + '/upgradesession', + IO::String->new($query), + length => length($query), + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Accept session upgrade query' +); +count(1); + +my $pdata = expectCookie( $res, 'lemonldappdata' ); + +# A message warns the user that they do not have any 2FA available +expectPortalError( $res, 83 ); + +$query = 'user=rtyler&password=rtyler'; +ok( + $res = $client->_post( + '/upgradesession', + IO::String->new($query), + length => length($query), + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Accept session upgrade query' +); +count(1); +expectRedirection( $res, 'http://auth.example.com/' ); +clean_sessions(); + +done_testing( count() ); + -- GitLab From b67d11c58ac023393e1d5f9da006e5d488347b36 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 14:38:31 +0200 Subject: [PATCH 058/312] Update manifest --- lemonldap-ng-portal/MANIFEST | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index 50bd4596d2..759902197b 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -482,6 +482,7 @@ t/01-AuthDemo.t t/01-CSP-and-CORS-headers.t t/01-Handler-redirection-and-URL-check-by-portal.t t/01-pdata.t +t/01-Reject-Hashes-in-URL.t t/01-Unauth-Logout.t t/02-Password-Demo-Local-noPpolicy.t t/02-Password-Demo-Local-Ppolicy.t @@ -737,6 +738,7 @@ t/77-2F-Mail-with-global-storage.t t/77-2F-Mail.t t/78-2F-Upgrade-Many.t t/78-2F-Upgrade.t +t/78-2F-UpgradeOnly-without-2F.t t/78-2F-UpgradeOnly.t t/79-2F-Yubikey-from-Session.t t/79-2F-Yubikey.t -- GitLab From 6eda19c1124f4a1df4477c11ea5f4eb17e06e513 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 14:38:31 +0200 Subject: [PATCH 059/312] Fix test (#2501) --- .../t/78-2F-UpgradeOnly-without-2F.t | 157 +++++++++--------- 1 file changed, 80 insertions(+), 77 deletions(-) diff --git a/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t b/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t index 376a7b9d3c..40ed69840a 100644 --- a/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t +++ b/lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t @@ -4,96 +4,99 @@ use IO::String; use Data::Dumper; require 't/test-lib.pm'; -require 't/smtp.pm'; +my $maintests = 5; -use_ok('Lemonldap::NG::Common::FormEncode'); -count(1); -my $res; +SKIP: { + eval { require Crypt::U2F::Server; require Authen::U2F::Tester }; + if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) { + skip 'Missing libraries', $maintests; + } + + use_ok('Lemonldap::NG::Common::FormEncode'); + my $res; -my $client = LLNG::Manager::Test->new( { - ini => { - logLevel => 'debug', - sfOnlyUpgrade => 1, - u2fActivation => 1, - u2fAuthnLevel => 5, - authentication => 'Demo', - userDB => 'Same', - 'vhostOptions' => { - 'test1.example.com' => { - 'vhostAuthnLevel' => 3 + my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + sfOnlyUpgrade => 1, + u2fActivation => 1, + u2fAuthnLevel => 5, + authentication => 'Demo', + userDB => 'Same', + 'vhostOptions' => { + 'test1.example.com' => { + 'vhostAuthnLevel' => 3 + }, }, - }, + } } - } -); - -# CASE 1: no 2F available -# ----------------------- -my $query = 'user=rtyler&password=rtyler'; -ok( - $res = $client->_post( - '/', - IO::String->new($query), - length => length($query), - accept => 'text/html', - ), - 'Auth query' -); -count(1); + ); -my $id = expectCookie($res); + # CASE 1: no 2F available + # ----------------------- + my $query = 'user=rtyler&password=rtyler'; + ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' + ); + my $id = expectCookie($res); -# After attempting to access test1, -# the handler sends up back to /upgradesession -# -------------------------------------------- + # After attempting to access test1, + # the handler sends up back to /upgradesession + # -------------------------------------------- + ok( + $res = $client->_get( + '/upgradesession', + query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t', + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Upgrade session query' + ); -ok( - $res = $client->_get( - '/upgradesession', - query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t', - accept => 'text/html', - cookie => "lemonldap=$id", - ), - 'Upgrade session query' -); -count(1); + ( my $host, my $url, $query ) = + expectForm( $res, undef, '/upgradesession', 'confirm', 'url' ); -( my $host, my $url, $query ) = - expectForm( $res, undef, '/upgradesession', 'confirm', 'url' ); + # Accept session upgrade + # ---------------------- -# Accept session upgrade -# ---------------------- + ok( + $res = $client->_post( + '/upgradesession', + IO::String->new($query), + length => length($query), + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Accept session upgrade query' + ); -ok( - $res = $client->_post( - '/upgradesession', - IO::String->new($query), - length => length($query), - accept => 'text/html', - cookie => "lemonldap=$id", - ), - 'Accept session upgrade query' -); -count(1); + expectCookie( $res, 'lemonldappdata' ); -my $pdata = expectCookie( $res, 'lemonldappdata' ); + # A message warns the user that they do not have any 2FA available + expectPortalError( $res, 83 ); -# A message warns the user that they do not have any 2FA available -expectPortalError( $res, 83 ); + $query = 'user=rtyler&password=rtyler'; + ok( + $res = $client->_post( + '/upgradesession', + IO::String->new($query), + length => length($query), + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Accept session upgrade query' + ); + expectRedirection( $res, 'http://auth.example.com/' ); + $client->logout($id); +} -$query = 'user=rtyler&password=rtyler'; -ok( - $res = $client->_post( - '/upgradesession', - IO::String->new($query), - length => length($query), - accept => 'text/html', - cookie => "lemonldap=$id", - ), - 'Accept session upgrade query' -); -count(1); -expectRedirection( $res, 'http://auth.example.com/' ); +count($maintests); clean_sessions(); done_testing( count() ); -- GitLab From b15b358b3e152870a9150e91eb4b24cab5858e70 Mon Sep 17 00:00:00 2001 From: Paul Curie Date: Thu, 1 Apr 2021 21:13:25 +0200 Subject: [PATCH 060/312] wiki.js doc --- doc/sources/admin/applications/wiki.js.svg | 157 +++++++++++++++++++++ doc/sources/admin/applications/wikijs.rst | 58 ++++++++ 2 files changed, 215 insertions(+) create mode 100644 doc/sources/admin/applications/wiki.js.svg create mode 100644 doc/sources/admin/applications/wikijs.rst diff --git a/doc/sources/admin/applications/wiki.js.svg b/doc/sources/admin/applications/wiki.js.svg new file mode 100644 index 0000000000..8a0bfad4bd --- /dev/null +++ b/doc/sources/admin/applications/wiki.js.svg @@ -0,0 +1,157 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/doc/sources/admin/applications/wikijs.rst b/doc/sources/admin/applications/wikijs.rst new file mode 100644 index 0000000000..204ed09752 --- /dev/null +++ b/doc/sources/admin/applications/wikijs.rst @@ -0,0 +1,58 @@ +Wiki.js +===== + +|image0| + +Presentation +------------ + +Wiki.js is an open-source wiki. + +See `the official Wiki.js website `__ for a +complete presentation. + +It feature an OpenID Connect login feature that work with LemonLDAP::NG + +Configuring Wiki.js +----------------- + +Connect to your wiki.js instance with an Admin user, in the admin panel, go to "Authentication". + +Click on "Add Strategy" and Chose "Generic OpenID Connect / OAuth2". + +Choose a Display Name. + +Define a Client ID and a Client Secret. + +* Authorization Endpoint URL : https://auth.example.com/oauth2/authorize +* Token Endpoint URL : https://auth.example.com/oauth2/token +* User info Endpoint URL : https://auth.example.com/oauth2/userinfo +* Issuer : https://auth.example.com +* Logout URL : https://auth.example.com/oauth2/logout + +Make a note of the "Callback URL" and the bottom of the screen and save the configuration. + +Configuring LemonLDAP +~~~~~~~~~~~~~~~~~~~~~ + +We now have to configure LemonLDAP::NG to recognize Wekan as a valid +OAuth2 relaying party and send it the information it needs to recognize +a user. + +Add a :doc:`new OpenID Connect relaying party<..//idpopenidconnect>` +with the following parameters: + +* **Client ID**: the same you set in Wiki.js configuration. +* **Client Secret**: the same you set in Wiki.js configuration. +* **Allowed redirection addresses for login**: The "Callback URL". + +\_Portal with internal CA +^^^^^^^^^^^^^^^^^^ + +.. danger:: + + OIDC login fails when your LemonLDAP portal doesn't use a publicaly recognized certificate (Internal Corporate CA), this is because nodejs use it's own keystore. + You'll need to pass "NODE_EXTRA_CA_CERTS=" to your wiki installation. If done in docker you will have to create a new image from the official one, add your CA certificates into it, and use the env variable to use it in your wiki.js container. + +.. |image0| image:: /applications/wiki.js.svg + :class: align-center -- GitLab From 12ed2e799866b0e60376ef7e76e53793dd74de2a Mon Sep 17 00:00:00 2001 From: Paul Curie Date: Thu, 1 Apr 2021 21:20:06 +0200 Subject: [PATCH 061/312] wiki.js doc, typos --- doc/sources/admin/applications/wikijs.rst | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/doc/sources/admin/applications/wikijs.rst b/doc/sources/admin/applications/wikijs.rst index 204ed09752..dad881e6c3 100644 --- a/doc/sources/admin/applications/wikijs.rst +++ b/doc/sources/admin/applications/wikijs.rst @@ -11,14 +11,14 @@ Wiki.js is an open-source wiki. See `the official Wiki.js website `__ for a complete presentation. -It feature an OpenID Connect login feature that work with LemonLDAP::NG +It feature an OpenID Connect login that work with LemonLDAP::NG. Configuring Wiki.js ----------------- Connect to your wiki.js instance with an Admin user, in the admin panel, go to "Authentication". -Click on "Add Strategy" and Chose "Generic OpenID Connect / OAuth2". +Click on "Add Strategy" and Choose "Generic OpenID Connect / OAuth2". Choose a Display Name. @@ -35,16 +35,14 @@ Make a note of the "Callback URL" and the bottom of the screen and save the conf Configuring LemonLDAP ~~~~~~~~~~~~~~~~~~~~~ -We now have to configure LemonLDAP::NG to recognize Wekan as a valid -OAuth2 relaying party and send it the information it needs to recognize -a user. +We now have to configure LemonLDAP::NG to recognize wiki.js as a valid OIDC relaying party. Add a :doc:`new OpenID Connect relaying party<..//idpopenidconnect>` -with the following parameters: +with the following parameters (Options -> Basic) : * **Client ID**: the same you set in Wiki.js configuration. * **Client Secret**: the same you set in Wiki.js configuration. -* **Allowed redirection addresses for login**: The "Callback URL". +* **Allowed redirection addresses for login**: The "Callback URL" defined in wiki.js. \_Portal with internal CA ^^^^^^^^^^^^^^^^^^ -- GitLab From 4a04e7fb6d986f4de812b1afaea098edf47fe69d Mon Sep 17 00:00:00 2001 From: Paul Curie Date: Thu, 1 Apr 2021 21:32:44 +0200 Subject: [PATCH 062/312] add wiki.js in applications list --- doc/sources/admin/applications.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/sources/admin/applications.rst b/doc/sources/admin/applications.rst index 5c9fbcb80d..4cc7b4b0ab 100644 --- a/doc/sources/admin/applications.rst +++ b/doc/sources/admin/applications.rst @@ -43,6 +43,7 @@ Applications applications/sympa applications/tomcat applications/wekan + applications/wikijs applications/wordpress applications/xwiki applications/zimbra @@ -120,6 +121,7 @@ Application Configuration .. image:: applications/sympa_logo.png :doc:`Sympa` ✔ .. image:: applications/tomcat_logo.png :doc:`Tomcat` ✔ .. image:: applications/wekan-logo.png :doc:`Wekan` ✔ +.. image:: applications/wiki.js.svg :doc:`Wekan` ✔ .. image:: applications/wordpress_logo.png :doc:`Wordpress` ✔ .. image:: applications/xwiki.png :doc:`XWiki` ✔ .. image:: applications/zimbra_logo.png :doc:`Zimbra` ✔ -- GitLab From bcfb075f637f8d8941fb89d646be2bba8ed6a254 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 22:48:02 +0200 Subject: [PATCH 063/312] Be more consistent with REST params & Update doc (#1976) --- doc/sources/admin/finduser.rst | 1 + .../Lemonldap/NG/Common/Conf/ReConstants.pm | 2 +- .../lib/Lemonldap/NG/Manager/Build/Tree.pm | 7 +++--- .../site/htdocs/static/reverseTree.json | 2 +- .../site/htdocs/static/struct.json | 2 +- .../NG/Portal/Plugins/StayConnected.pm | 4 ++-- .../lib/Lemonldap/NG/Portal/UserDB/REST.pm | 23 +++++++++++-------- lemonldap-ng-portal/t/68-FindUser-with-REST.t | 13 ++++++----- 8 files changed, 31 insertions(+), 23 deletions(-) diff --git a/doc/sources/admin/finduser.rst b/doc/sources/admin/finduser.rst index 8eb271ccfb..e7758f2500 100644 --- a/doc/sources/admin/finduser.rst +++ b/doc/sources/admin/finduser.rst @@ -20,6 +20,7 @@ Just enable it in the Manager (section “plugins”). Then, set searching attri - **Activation**: Enable / Disable this plugin - **Character used as wildcard**: Character that can be used by users as wildcard. An empty value disable wildcarded search requests - **Parameters control**: Regular expression used for checking searching values syntax + - **User accounts URL**: User database URL to search on if REST backend is used. Let it blank to use default user data URL. - **Searching attributes**: For each attribute, you have to set a key (attribute as defined in UserBD) and a value that will be display in login form (placeholder). A value can be a multivalued list separated by multiValuesSeparator parameter (General Parameters > Advanced parameters > Separator). See note below. - **Excluding attributes**: You can defined here attributes used for excluding accounts. Set keys corresponding to UserBD attributes and values to exclude. A value can be a multivalued list separated by multiValuesSeparator parameter (General Parameters > Advanced parameters > Separator) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index 125e942200..96d83225c9 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -54,7 +54,7 @@ our $authParameters = { proxyParams => [qw(proxyAuthnLevel proxyAuthService proxySessionService remoteCookieName proxyUseSoap)], radiusParams => [qw(radiusAuthnLevel radiusSecret radiusServer)], remoteParams => [qw(remotePortal remoteCookieName remoteGlobalStorage remoteGlobalStorageOptions)], - restParams => [qw(restAuthnLevel restAuthUrl restUserDBUrl restPwdConfirmUrl restPwdModifyUrl restFindUserDBUrl)], + restParams => [qw(restAuthnLevel restAuthUrl restUserDBUrl restPwdConfirmUrl restPwdModifyUrl)], slaveParams => [qw(slaveAuthnLevel slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent slaveDisplayLogo slaveExportedVars)], sslParams => [qw(SSLAuthnLevel SSLVar SSLVarIf sslByAjax sslHost)], twitterParams => [qw(twitterAuthnLevel twitterKey twitterSecret twitterAppName twitterUserField)], diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm index f5b70d2bd8..3d2a1f01ad 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm @@ -393,9 +393,9 @@ sub tree { help => 'authrest.html', form => 'simpleInputContainer', nodes => [ - 'restAuthnLevel', 'restAuthUrl', - 'restUserDBUrl', 'restPwdConfirmUrl', - 'restPwdModifyUrl', 'restFindUserDBUrl' + 'restAuthnLevel', 'restAuthUrl', + 'restUserDBUrl', 'restPwdConfirmUrl', + 'restPwdModifyUrl' ] }, { @@ -825,6 +825,7 @@ sub tree { 'findUser', 'findUserWildcard', 'findUserControl', + 'restFindUserDBUrl', 'findUserSearchingAttributes', 'findUserExcludingAttributes' ] diff --git a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json index ac4b288c97..57faf9c4b4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json +++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json @@ -1 +1 @@ -{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceFindUser":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","avoidAssignment":"generalParameters/advancedParams/security","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkDevOps":"generalParameters/plugins/devOpsCheck","checkDevOpsDownload":"generalParameters/plugins/devOpsCheck","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayNormalizedHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserHiddenHeaders":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/reloadParams","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","crowdsec":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecAction":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecKey":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecUrl":"generalParameters/advancedParams/security/CrowdSecPlugin","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","displaySessionId":"generalParameters/sessionParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","findUser":"generalParameters/plugins/findUsers","findUserControl":"generalParameters/plugins/findUsers","findUserExcludingAttributes":"generalParameters/plugins/findUsers","findUserSearchingAttributes":"generalParameters/plugins/findUsers","findUserWildcard":"generalParameters/plugins/findUsers","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAllowedDomains":"generalParameters/authParams/kerberosParams","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGetUserBeforePasswordChange":"generalParameters/authParams/ldapParams/ldapPassword","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapIOTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSessionKey":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers/restServices","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers/restServices","restConfigServer":"generalParameters/plugins/portalServers/restServices","restExportSecretKeys":"generalParameters/plugins/portalServers/restServices","restFindUserDBUrl":"generalParameters/authParams/restParams","restPasswordServer":"generalParameters/plugins/portalServers/restServices","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers/restServices","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfManagerRule":"generalParameters/secondFactors","sfOnlyUpgrade":"generalParameters/secondFactors","sfRemovedMsgRule":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfRemovedNotification","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers/soapServices","soapSessionServer":"generalParameters/plugins/portalServers/soapServices","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins/stayConnect","stayConnectedCookieName":"generalParameters/plugins/stayConnect","stayConnectedTimeout":"generalParameters/plugins/stayConnect","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fLabel":"generalParameters/secondFactors/u2f","u2fLogo":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","utotp2fLabel":"generalParameters/secondFactors/utotp2f","utotp2fLogo":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers/soapServices","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"} \ No newline at end of file +{"ADPwdExpireWarning":"generalParameters/authParams/adParams","ADPwdMaxAge":"generalParameters/authParams/adParams","AuthLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","LDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","SMTPAuthPass":"generalParameters/advancedParams/SMTP","SMTPAuthUser":"generalParameters/advancedParams/SMTP","SMTPPort":"generalParameters/advancedParams/SMTP","SMTPServer":"generalParameters/advancedParams/SMTP","SMTPTLS":"generalParameters/advancedParams/SMTP","SMTPTLSOpts":"generalParameters/advancedParams/SMTP","SSLAuthnLevel":"generalParameters/authParams/sslParams","SSLVar":"generalParameters/authParams/sslParams","SSLVarIf":"generalParameters/authParams/sslParams","activeTimer":"generalParameters/advancedParams/forms","adaptativeAuthenticationLevelRules":"generalParameters/plugins","apacheAuthnLevel":"generalParameters/authParams/apacheParams","applicationList":"generalParameters/portalParams/portalMenu","authChoiceAuthBasic":"generalParameters/authParams/choiceParams","authChoiceFindUser":"generalParameters/authParams/choiceParams","authChoiceModules":"generalParameters/authParams/choiceParams","authChoiceParam":"generalParameters/authParams/choiceParams","authentication":"generalParameters/authParams","autoSigninRules":"generalParameters/plugins/autoSignin","avoidAssignment":"generalParameters/advancedParams/security","browsersDontStorePassword":"generalParameters/advancedParams/security","bruteForceProtection":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionIncrementalTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionLockTimes":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionMaxFailed":"generalParameters/advancedParams/security/bruteForceAttackProtection","bruteForceProtectionTempo":"generalParameters/advancedParams/security/bruteForceAttackProtection","captcha_login_enabled":"generalParameters/portalParams/portalCaptcha","captcha_mail_enabled":"generalParameters/portalParams/portalCaptcha","captcha_register_enabled":"generalParameters/portalParams/portalCaptcha","captcha_size":"generalParameters/portalParams/portalCaptcha","casAccessControlPolicy":"casServiceMetadata","casAppMetaDataNodes":"","casAttr":"casServiceMetadata","casAttributes":"casServiceMetadata","casAuthnLevel":"generalParameters/authParams/casParams","casSrvMetaDataNodes":"","casStorage":"casServiceMetadata","casStorageOptions":"casServiceMetadata","cda":"generalParameters/cookieParams","certificateResetByMailCeaAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailCertificateAttribute":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailStep1Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep1Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Body":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailStep2Subject":"generalParameters/plugins/certificateResetByMailManagement/certificateMailContent","certificateResetByMailURL":"generalParameters/plugins/certificateResetByMailManagement/mailOther","certificateResetByMailValidityDelay":"generalParameters/plugins/certificateResetByMailManagement/mailOther","checkDevOps":"generalParameters/plugins/devOpsCheck","checkDevOpsDownload":"generalParameters/plugins/devOpsCheck","checkState":"generalParameters/plugins/stateCheck","checkStateSecret":"generalParameters/plugins/stateCheck","checkUser":"generalParameters/plugins/checkUsers","checkUserDisplayComputedSession":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayEmptyValues":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayNormalizedHeaders":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserDisplayPersistentInfo":"generalParameters/plugins/checkUsers/checkUserDisplay","checkUserHiddenAttributes":"generalParameters/plugins/checkUsers","checkUserHiddenHeaders":"generalParameters/plugins/checkUsers","checkUserIdRule":"generalParameters/plugins/checkUsers","checkUserSearchAttributes":"generalParameters/plugins/checkUsers","checkUserUnrestrictedUsersRule":"generalParameters/plugins/checkUsers","checkXSS":"generalParameters/advancedParams/security","combModules":"generalParameters/authParams/combinationParams","combination":"generalParameters/authParams/combinationParams","compactConf":"generalParameters/reloadParams","confirmFormMethod":"generalParameters/advancedParams/forms","contextSwitchingAllowed2fModifications":"generalParameters/plugins/contextSwitching","contextSwitchingIdRule":"generalParameters/plugins/contextSwitching","contextSwitchingRule":"generalParameters/plugins/contextSwitching","contextSwitchingStopWithLogout":"generalParameters/plugins/contextSwitching","contextSwitchingUnrestrictedUsersRule":"generalParameters/plugins/contextSwitching","cookieExpiration":"generalParameters/cookieParams","cookieName":"generalParameters/cookieParams","corsAllow_Credentials":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Methods":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsAllow_Origin":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsEnabled":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsExpose_Headers":"generalParameters/advancedParams/security/crossOrigineResourceSharing","corsMax_Age":"generalParameters/advancedParams/security/crossOrigineResourceSharing","crowdsec":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecAction":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecKey":"generalParameters/advancedParams/security/CrowdSecPlugin","crowdsecUrl":"generalParameters/advancedParams/security/CrowdSecPlugin","cspConnect":"generalParameters/advancedParams/security/contentSecurityPolicy","cspDefault":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFont":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFormAction":"generalParameters/advancedParams/security/contentSecurityPolicy","cspFrameAncestors":"generalParameters/advancedParams/security/contentSecurityPolicy","cspImg":"generalParameters/advancedParams/security/contentSecurityPolicy","cspScript":"generalParameters/advancedParams/security/contentSecurityPolicy","cspStyle":"generalParameters/advancedParams/security/contentSecurityPolicy","customAddParams":"generalParameters/authParams/customParams","customAuth":"generalParameters/authParams/customParams","customFunctions":"generalParameters/advancedParams","customPassword":"generalParameters/authParams/customParams","customPlugins":"generalParameters/plugins/customPluginsNode","customPluginsParams":"generalParameters/plugins/customPluginsNode","customRegister":"generalParameters/authParams/customParams","customResetCertByMail":"generalParameters/authParams/customParams","customToTrace":"generalParameters/logParams","customUserDB":"generalParameters/authParams/customParams","dbiAuthChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthLoginCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthPasswordCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthPasswordHash":"generalParameters/authParams/dbiParams/dbiPassword","dbiAuthTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiAuthUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionAuth","dbiAuthnLevel":"generalParameters/authParams/dbiParams","dbiDynamicHashEnabled":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashNewPasswordScheme":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSaltedSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiDynamicHashValidSchemes":"generalParameters/authParams/dbiParams/dbiPassword/dbiDynamicHash","dbiExportedVars":"generalParameters/authParams/dbiParams","dbiPasswordMailCol":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserChain":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserPassword":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","dbiUserTable":"generalParameters/authParams/dbiParams/dbiSchema","dbiUserUser":"generalParameters/authParams/dbiParams/dbiConnection/dbiConnectionUser","decryptValueFunctions":"generalParameters/plugins/decryptValue","decryptValueRule":"generalParameters/plugins/decryptValue","demoExportedVars":"generalParameters/authParams/demoParams","disablePersistentStorage":"generalParameters/sessionParams/persistentSessions","displaySessionId":"generalParameters/sessionParams","domain":"generalParameters/cookieParams","exportedAttr":"generalParameters/plugins/portalServers","exportedVars":"variables","ext2FSendCommand":"generalParameters/secondFactors/ext2f","ext2FValidateCommand":"generalParameters/secondFactors/ext2f","ext2fActivation":"generalParameters/secondFactors/ext2f","ext2fAuthnLevel":"generalParameters/secondFactors/ext2f","ext2fCodeActivation":"generalParameters/secondFactors/ext2f","ext2fLabel":"generalParameters/secondFactors/ext2f","ext2fLogo":"generalParameters/secondFactors/ext2f","facebookAppId":"generalParameters/authParams/facebookParams","facebookAppSecret":"generalParameters/authParams/facebookParams","facebookAuthnLevel":"generalParameters/authParams/facebookParams","facebookExportedVars":"generalParameters/authParams/facebookParams","facebookUserField":"generalParameters/authParams/facebookParams","failedLoginNumber":"generalParameters/plugins/loginHistory","findUser":"generalParameters/plugins/findUsers","findUserControl":"generalParameters/plugins/findUsers","findUserExcludingAttributes":"generalParameters/plugins/findUsers","findUserSearchingAttributes":"generalParameters/plugins/findUsers","findUserWildcard":"generalParameters/plugins/findUsers","formTimeout":"generalParameters/advancedParams/security","githubAuthnLevel":"generalParameters/authParams/githubParams","githubClientID":"generalParameters/authParams/githubParams","githubClientSecret":"generalParameters/authParams/githubParams","githubScope":"generalParameters/authParams/githubParams","githubUserField":"generalParameters/authParams/githubParams","globalLogoutCustomParam":"generalParameters/plugins/globalLogout","globalLogoutRule":"generalParameters/plugins/globalLogout","globalLogoutTimer":"generalParameters/plugins/globalLogout","globalStorage":"generalParameters/sessionParams/sessionStorage","globalStorageOptions":"generalParameters/sessionParams/sessionStorage","gpgAuthnLevel":"generalParameters/authParams/gpgParams","gpgDb":"generalParameters/authParams/gpgParams","grantSessionRules":"generalParameters/sessionParams","groups":"variables","groupsBeforeMacros":"generalParameters/advancedParams","hiddenAttributes":"generalParameters/logParams","hideOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","httpOnly":"generalParameters/cookieParams","https":"generalParameters/advancedParams/redirection","impersonationHiddenAttributes":"generalParameters/plugins/impersonation","impersonationIdRule":"generalParameters/plugins/impersonation","impersonationMergeSSOgroups":"generalParameters/plugins/impersonation","impersonationRule":"generalParameters/plugins/impersonation","impersonationSkipEmptyValues":"generalParameters/plugins/impersonation","impersonationUnrestrictedUsersRule":"generalParameters/plugins/impersonation","infoFormMethod":"generalParameters/advancedParams/forms","issuerDBCASActivation":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASPath":"generalParameters/issuerParams/issuerDBCAS","issuerDBCASRule":"generalParameters/issuerParams/issuerDBCAS","issuerDBGetActivation":"generalParameters/issuerParams/issuerDBGet","issuerDBGetParameters":"generalParameters/issuerParams/issuerDBGet","issuerDBGetPath":"generalParameters/issuerParams/issuerDBGet","issuerDBGetRule":"generalParameters/issuerParams/issuerDBGet","issuerDBOpenIDActivation":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDConnectActivation":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectPath":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDConnectRule":"generalParameters/issuerParams/issuerDBOpenIDConnect","issuerDBOpenIDPath":"generalParameters/issuerParams/issuerDBOpenID","issuerDBOpenIDRule":"generalParameters/issuerParams/issuerDBOpenID","issuerDBSAMLActivation":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLPath":"generalParameters/issuerParams/issuerDBSAML","issuerDBSAMLRule":"generalParameters/issuerParams/issuerDBSAML","issuersTimeout":"generalParameters/issuerParams/issuerOptions","jsRedirect":"generalParameters/advancedParams/portalRedirection","key":"generalParameters/advancedParams/security","krbAllowedDomains":"generalParameters/authParams/kerberosParams","krbAuthnLevel":"generalParameters/authParams/kerberosParams","krbByJs":"generalParameters/authParams/kerberosParams","krbKeytab":"generalParameters/authParams/kerberosParams","krbRemoveDomain":"generalParameters/authParams/kerberosParams","ldapAllowResetExpiredPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapAuthnLevel":"generalParameters/authParams/ldapParams","ldapBase":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAFile":"generalParameters/authParams/ldapParams/ldapConnection","ldapCAPath":"generalParameters/authParams/ldapParams/ldapConnection","ldapChangePasswordAsUser":"generalParameters/authParams/ldapParams/ldapPassword","ldapExportedVars":"generalParameters/authParams/ldapParams","ldapGetUserBeforePasswordChange":"generalParameters/authParams/ldapParams/ldapPassword","ldapGroupAttributeName":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameGroup":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameSearch":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupAttributeNameUser":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupBase":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupDecodeSearchedValue":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupObjectClass":"generalParameters/authParams/ldapParams/ldapGroups","ldapGroupRecursive":"generalParameters/authParams/ldapParams/ldapGroups","ldapIOTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapITDS":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapPasswordResetAttributeValue":"generalParameters/authParams/ldapParams/ldapPassword","ldapPort":"generalParameters/authParams/ldapParams/ldapConnection","ldapPpolicyControl":"generalParameters/authParams/ldapParams/ldapPassword","ldapPwdEnc":"generalParameters/authParams/ldapParams/ldapPassword","ldapRaw":"generalParameters/authParams/ldapParams/ldapConnection","ldapSearchDeref":"generalParameters/authParams/ldapParams/ldapFilters","ldapServer":"generalParameters/authParams/ldapParams/ldapConnection","ldapSetPassword":"generalParameters/authParams/ldapParams/ldapPassword","ldapTimeout":"generalParameters/authParams/ldapParams/ldapConnection","ldapUsePasswordResetAttribute":"generalParameters/authParams/ldapParams/ldapPassword","ldapVerify":"generalParameters/authParams/ldapParams/ldapConnection","ldapVersion":"generalParameters/authParams/ldapParams/ldapConnection","linkedInAuthnLevel":"generalParameters/authParams/linkedinParams","linkedInClientID":"generalParameters/authParams/linkedinParams","linkedInClientSecret":"generalParameters/authParams/linkedinParams","linkedInFields":"generalParameters/authParams/linkedinParams","linkedInScope":"generalParameters/authParams/linkedinParams","linkedInUserField":"generalParameters/authParams/linkedinParams","localSessionStorage":"generalParameters/sessionParams/sessionStorage","localSessionStorageOptions":"generalParameters/sessionParams/sessionStorage","loginHistoryEnabled":"generalParameters/plugins/loginHistory","logoutServices":"generalParameters/advancedParams","lwpOpts":"generalParameters/advancedParams/security","lwpSslOpts":"generalParameters/advancedParams/security","macros":"variables","mail2fActivation":"generalParameters/secondFactors/mail2f","mail2fAuthnLevel":"generalParameters/secondFactors/mail2f","mail2fBody":"generalParameters/secondFactors/mail2f","mail2fCodeRegex":"generalParameters/secondFactors/mail2f","mail2fLabel":"generalParameters/secondFactors/mail2f","mail2fLogo":"generalParameters/secondFactors/mail2f","mail2fSessionKey":"generalParameters/secondFactors/mail2f","mail2fSubject":"generalParameters/secondFactors/mail2f","mail2fTimeout":"generalParameters/secondFactors/mail2f","mailBody":"generalParameters/plugins/passwordManagement/mailContent","mailCharset":"generalParameters/advancedParams/SMTP/mailHeaders","mailConfirmBody":"generalParameters/plugins/passwordManagement/mailContent","mailConfirmSubject":"generalParameters/plugins/passwordManagement/mailContent","mailFrom":"generalParameters/advancedParams/SMTP/mailHeaders","mailLDAPFilter":"generalParameters/authParams/ldapParams/ldapFilters","mailOnPasswordChange":"generalParameters/portalParams/portalCustomization/passwordManagement","mailReplyTo":"generalParameters/advancedParams/SMTP/mailHeaders","mailSessionKey":"generalParameters/advancedParams/SMTP","mailSubject":"generalParameters/plugins/passwordManagement/mailContent","mailTimeout":"generalParameters/plugins/passwordManagement/mailOther","mailUrl":"generalParameters/plugins/passwordManagement/mailOther","maintenance":"generalParameters/advancedParams/redirection","managerDn":"generalParameters/authParams/ldapParams/ldapConnection","managerPassword":"generalParameters/authParams/ldapParams/ldapConnection","multiValuesSeparator":"generalParameters/advancedParams","nginxCustomHandlers":"generalParameters/advancedParams","noAjaxHook":"generalParameters/advancedParams/portalRedirection","notification":"generalParameters/plugins/notifications","notificationDefaultCond":"generalParameters/plugins/notifications/serverNotification","notificationServer":"generalParameters/plugins/notifications/serverNotification","notificationServerDELETE":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerGET":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerPOST":"generalParameters/plugins/notifications/serverNotification/notificationServerMethods","notificationServerSentAttributes":"generalParameters/plugins/notifications/serverNotification","notificationStorage":"generalParameters/plugins/notifications","notificationStorageOptions":"generalParameters/plugins/notifications","notificationWildcard":"generalParameters/plugins/notifications","notificationXSLTfile":"generalParameters/plugins/notifications","notificationsExplorer":"generalParameters/plugins/notifications","notifyDeleted":"generalParameters/sessionParams/multipleSessions","notifyOther":"generalParameters/sessionParams/multipleSessions","nullAuthnLevel":"generalParameters/authParams/nullParams","oidcAuthnLevel":"generalParameters/authParams/oidcParams","oidcOPMetaDataNodes":"","oidcRPCallbackGetParam":"generalParameters/authParams/oidcParams","oidcRPMetaDataNodes":"","oidcRPStateTimeout":"generalParameters/authParams/oidcParams","oidcServiceAccessTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowAuthorizationCodeFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowDynamicRegistration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowHybridFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAllowImplicitFlow":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceAuthorizationCodeExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceDynamicRegistrationExportedVars":"oidcServiceMetaData","oidcServiceDynamicRegistrationExtraClaims":"oidcServiceMetaData","oidcServiceIDTokenExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServiceKeyIdSig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServiceMetaDataAuthnContext":"oidcServiceMetaData","oidcServiceMetaDataAuthorizeURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataBackChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataCheckSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataEndSessionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataFrontChannelURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIntrospectionURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataIssuer":"oidcServiceMetaData","oidcServiceMetaDataJWKSURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataRegistrationURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataTokenURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceMetaDataUserInfoURI":"oidcServiceMetaData/oidcServiceMetaDataEndPoints","oidcServiceOfflineSessionExpiration":"oidcServiceMetaData/oidcServiceMetaDataSecurity","oidcServicePrivateKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcServicePublicKeySig":"oidcServiceMetaData/oidcServiceMetaDataSecurity/oidcServiceMetaDataKeys","oidcStorage":"oidcServiceMetaData/oidcServiceMetaDataSessions","oidcStorageOptions":"oidcServiceMetaData/oidcServiceMetaDataSessions","oldNotifFormat":"generalParameters/plugins/notifications","openIdAttr":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdAuthnLevel":"generalParameters/authParams/openidParams","openIdExportedVars":"generalParameters/authParams/openidParams","openIdIDPList":"generalParameters/authParams/openidParams","openIdIssuerSecret":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSPList":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions","openIdSecret":"generalParameters/authParams/openidParams","openIdSreg_country":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_dob":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_email":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_fullname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_gender":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_language":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_nickname":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_postcode":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","openIdSreg_timezone":"generalParameters/issuerParams/issuerDBOpenID/issuerDBOpenIDOptions/openIdSreg","pamAuthnLevel":"generalParameters/authParams/pamParams","pamService":"generalParameters/authParams/pamParams","passwordDB":"generalParameters/authParams","passwordPolicyActivation":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinDigit":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinLower":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSize":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinSpeChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicyMinUpper":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordPolicySpecialChar":"generalParameters/portalParams/portalCustomization/passwordPolicy","passwordResetAllowedRetries":"generalParameters/portalParams/portalCustomization/portalButtons","persistentStorage":"generalParameters/sessionParams/persistentSessions","persistentStorageOptions":"generalParameters/sessionParams/persistentSessions","port":"generalParameters/advancedParams/redirection","portal":"generalParameters/portalParams","portalAntiFrame":"generalParameters/portalParams/portalCustomization/portalOther","portalCheckLogins":"generalParameters/portalParams/portalCustomization/portalButtons","portalCustomCss":"generalParameters/portalParams/portalCustomization","portalDisplayAppslist":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayCertificateResetByMail":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayChangePassword":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayGeneratePassword":"generalParameters/plugins/passwordManagement/mailOther","portalDisplayLoginHistory":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayLogout":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayOidcConsents":"generalParameters/portalParams/portalMenu/portalModules","portalDisplayPasswordPolicy":"generalParameters/portalParams/portalCustomization/passwordPolicy","portalDisplayRefreshMyRights":"generalParameters/portalParams/portalCustomization/portalOther","portalDisplayRegister":"generalParameters/portalParams/portalCustomization/portalButtons","portalDisplayResetPassword":"generalParameters/portalParams/portalCustomization/portalButtons","portalErrorOnExpiredSession":"generalParameters/portalParams/portalCustomization/portalOther","portalErrorOnMailNotFound":"generalParameters/portalParams/portalCustomization/portalOther","portalForceAuthn":"generalParameters/advancedParams/security","portalForceAuthnInterval":"generalParameters/advancedParams/security","portalMainLogo":"generalParameters/portalParams/portalCustomization","portalOpenLinkInNewWindow":"generalParameters/portalParams/portalCustomization/portalOther","portalPingInterval":"generalParameters/portalParams/portalCustomization/portalOther","portalRequireOldPassword":"generalParameters/portalParams/portalCustomization/passwordManagement","portalSkin":"generalParameters/portalParams/portalCustomization","portalSkinBackground":"generalParameters/portalParams/portalCustomization","portalSkinRules":"generalParameters/portalParams/portalCustomization","portalStatus":"generalParameters/plugins","portalUserAttr":"generalParameters/portalParams/portalCustomization/portalOther","proxyAuthService":"generalParameters/authParams/proxyParams","proxyAuthnLevel":"generalParameters/authParams/proxyParams","proxySessionService":"generalParameters/authParams/proxyParams","proxyUseSoap":"generalParameters/authParams/proxyParams","radius2fActivation":"generalParameters/secondFactors/radius2f","radius2fAuthnLevel":"generalParameters/secondFactors/radius2f","radius2fLabel":"generalParameters/secondFactors/radius2f","radius2fLogo":"generalParameters/secondFactors/radius2f","radius2fSecret":"generalParameters/secondFactors/radius2f","radius2fServer":"generalParameters/secondFactors/radius2f","radius2fTimeout":"generalParameters/secondFactors/radius2f","radius2fUsernameSessionKey":"generalParameters/secondFactors/radius2f","radiusAuthnLevel":"generalParameters/authParams/radiusParams","radiusSecret":"generalParameters/authParams/radiusParams","radiusServer":"generalParameters/authParams/radiusParams","randomPasswordRegexp":"generalParameters/plugins/passwordManagement/mailOther","redirectFormMethod":"generalParameters/advancedParams/forms","refreshSessions":"generalParameters/plugins","registerConfirmSubject":"generalParameters/plugins/register","registerDB":"generalParameters/authParams","registerDoneSubject":"generalParameters/plugins/register","registerTimeout":"generalParameters/plugins/register","registerUrl":"generalParameters/plugins/register","reloadTimeout":"generalParameters/reloadParams","reloadUrls":"generalParameters/reloadParams","remoteCookieName":"generalParameters/authParams/remoteParams","remoteGlobalStorage":"generalParameters/authParams/remoteParams","remoteGlobalStorageOptions":"generalParameters/authParams/remoteParams","remotePortal":"generalParameters/authParams/remoteParams","requireToken":"generalParameters/advancedParams/security","rest2fActivation":"generalParameters/secondFactors/rest2f","rest2fAuthnLevel":"generalParameters/secondFactors/rest2f","rest2fInitArgs":"generalParameters/secondFactors/rest2f","rest2fInitUrl":"generalParameters/secondFactors/rest2f","rest2fLabel":"generalParameters/secondFactors/rest2f","rest2fLogo":"generalParameters/secondFactors/rest2f","rest2fVerifyArgs":"generalParameters/secondFactors/rest2f","rest2fVerifyUrl":"generalParameters/secondFactors/rest2f","restAuthServer":"generalParameters/plugins/portalServers/restServices","restAuthUrl":"generalParameters/authParams/restParams","restAuthnLevel":"generalParameters/authParams/restParams","restClockTolerance":"generalParameters/plugins/portalServers/restServices","restConfigServer":"generalParameters/plugins/portalServers/restServices","restExportSecretKeys":"generalParameters/plugins/portalServers/restServices","restFindUserDBUrl":"generalParameters/plugins/findUsers","restPasswordServer":"generalParameters/plugins/portalServers/restServices","restPwdConfirmUrl":"generalParameters/authParams/restParams","restPwdModifyUrl":"generalParameters/authParams/restParams","restSessionServer":"generalParameters/plugins/portalServers/restServices","restUserDBUrl":"generalParameters/authParams/restParams","sameSite":"generalParameters/cookieParams","samlAttributeAuthorityDescriptorAttributeServiceSOAP":"samlServiceMetaData/samlAttributeAuthorityDescriptor/samlAttributeAuthorityDescriptorAttributeService","samlAuthnContextMapKerberos":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPassword":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapPasswordProtectedTransport":"samlServiceMetaData/samlAuthnContextMap","samlAuthnContextMapTLSClient":"samlServiceMetaData/samlAuthnContextMap","samlCommonDomainCookieActivation":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieDomain":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieReader":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlCommonDomainCookieWriter":"samlServiceMetaData/samlAdvanced/samlCommonDomainCookie","samlDiscoveryProtocolActivation":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolIsPassive":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolPolicy":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlDiscoveryProtocolURL":"samlServiceMetaData/samlAdvanced/samlDiscoveryProtocol","samlEntityID":"samlServiceMetaData","samlIDPMetaDataNodes":"","samlIDPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorArtifactResolutionService","samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleLogoutService","samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"samlServiceMetaData/samlIDPSSODescriptor/samlIDPSSODescriptorSingleSignOnService","samlIDPSSODescriptorWantAuthnRequestsSigned":"samlServiceMetaData/samlIDPSSODescriptor","samlMetadataForceUTF8":"samlServiceMetaData/samlAdvanced","samlNameIDFormatMapEmail":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapKerberos":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapWindows":"samlServiceMetaData/samlNameIDFormatMap","samlNameIDFormatMapX509":"samlServiceMetaData/samlNameIDFormatMap","samlOrganizationDisplayName":"samlServiceMetaData/samlOrganization","samlOrganizationName":"samlServiceMetaData/samlOrganization","samlOrganizationURL":"samlServiceMetaData/samlOrganization","samlOverrideIDPEntityID":"samlServiceMetaData/samlAdvanced","samlRelayStateTimeout":"samlServiceMetaData/samlAdvanced","samlSPMetaDataNodes":"","samlSPSSODescriptorArtifactResolutionServiceArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorArtifactResolutionService","samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorAssertionConsumerService","samlSPSSODescriptorAuthnRequestsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlSPSSODescriptorSingleLogoutServiceHTTPPost":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorSingleLogoutServiceSOAP":"samlServiceMetaData/samlSPSSODescriptor/samlSPSSODescriptorSingleLogoutService","samlSPSSODescriptorWantAssertionsSigned":"samlServiceMetaData/samlSPSSODescriptor","samlServicePrivateKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeyEncPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePrivateKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePrivateKeySigPwd":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServicePublicKeyEnc":"samlServiceMetaData/samlServiceSecurity/samlServiceSecurityEnc","samlServicePublicKeySig":"samlServiceMetaData/samlServiceSecurity/samlServiceSecuritySig","samlServiceSignatureMethod":"samlServiceMetaData/samlServiceSecurity","samlServiceUseCertificateInResponse":"samlServiceMetaData/samlServiceSecurity","samlStorage":"samlServiceMetaData/samlAdvanced","samlStorageOptions":"samlServiceMetaData/samlAdvanced","samlUseQueryStringSpecific":"samlServiceMetaData/samlAdvanced","securedCookie":"generalParameters/cookieParams","sessionDataToRemember":"generalParameters/plugins/loginHistory","sfExtra":"generalParameters/secondFactors","sfManagerRule":"generalParameters/secondFactors","sfOnlyUpgrade":"generalParameters/secondFactors","sfRemovedMsgRule":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifMsg":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifRef":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedNotifTitle":"generalParameters/secondFactors/sfRemovedNotification","sfRemovedUseNotif":"generalParameters/secondFactors/sfRemovedNotification","sfRequired":"generalParameters/secondFactors","showLanguages":"generalParameters/portalParams/portalCustomization","singleIP":"generalParameters/sessionParams/multipleSessions","singleSession":"generalParameters/sessionParams/multipleSessions","singleUserByIP":"generalParameters/sessionParams/multipleSessions","skipRenewConfirmation":"generalParameters/advancedParams/portalRedirection","skipUpgradeConfirmation":"generalParameters/advancedParams/portalRedirection","slaveAuthnLevel":"generalParameters/authParams/slaveParams","slaveDisplayLogo":"generalParameters/authParams/slaveParams","slaveExportedVars":"generalParameters/authParams/slaveParams","slaveHeaderContent":"generalParameters/authParams/slaveParams","slaveHeaderName":"generalParameters/authParams/slaveParams","slaveMasterIP":"generalParameters/authParams/slaveParams","slaveUserHeader":"generalParameters/authParams/slaveParams","soapConfigServer":"generalParameters/plugins/portalServers/soapServices","soapSessionServer":"generalParameters/plugins/portalServers/soapServices","sslByAjax":"generalParameters/authParams/sslParams","sslHost":"generalParameters/authParams/sslParams","stayConnected":"generalParameters/plugins/stayConnect","stayConnectedCookieName":"generalParameters/plugins/stayConnect","stayConnectedTimeout":"generalParameters/plugins/stayConnect","storePassword":"generalParameters/sessionParams","successLoginNumber":"generalParameters/plugins/loginHistory","timeout":"generalParameters/sessionParams","timeoutActivity":"generalParameters/sessionParams","timeoutActivityInterval":"generalParameters/sessionParams","tokenUseGlobalStorage":"generalParameters/advancedParams/security","totp2fActivation":"generalParameters/secondFactors/totp2f","totp2fAuthnLevel":"generalParameters/secondFactors/totp2f","totp2fDigits":"generalParameters/secondFactors/totp2f","totp2fDisplayExistingSecret":"generalParameters/secondFactors/totp2f","totp2fInterval":"generalParameters/secondFactors/totp2f","totp2fIssuer":"generalParameters/secondFactors/totp2f","totp2fLabel":"generalParameters/secondFactors/totp2f","totp2fLogo":"generalParameters/secondFactors/totp2f","totp2fRange":"generalParameters/secondFactors/totp2f","totp2fSelfRegistration":"generalParameters/secondFactors/totp2f","totp2fTTL":"generalParameters/secondFactors/totp2f","totp2fUserCanChangeKey":"generalParameters/secondFactors/totp2f","totp2fUserCanRemoveKey":"generalParameters/secondFactors/totp2f","trustedDomains":"generalParameters/advancedParams/security","twitterAppName":"generalParameters/authParams/twitterParams","twitterAuthnLevel":"generalParameters/authParams/twitterParams","twitterKey":"generalParameters/authParams/twitterParams","twitterSecret":"generalParameters/authParams/twitterParams","twitterUserField":"generalParameters/authParams/twitterParams","u2fActivation":"generalParameters/secondFactors/u2f","u2fAuthnLevel":"generalParameters/secondFactors/u2f","u2fLabel":"generalParameters/secondFactors/u2f","u2fLogo":"generalParameters/secondFactors/u2f","u2fSelfRegistration":"generalParameters/secondFactors/u2f","u2fTTL":"generalParameters/secondFactors/u2f","u2fUserCanRemoveKey":"generalParameters/secondFactors/u2f","upgradeSession":"generalParameters/plugins","useRedirectOnError":"generalParameters/advancedParams/redirection","useRedirectOnForbidden":"generalParameters/advancedParams/redirection","useSafeJail":"generalParameters/advancedParams/security","userControl":"generalParameters/advancedParams/security","userDB":"generalParameters/authParams","userPivot":"generalParameters/authParams/dbiParams/dbiSchema","utotp2fActivation":"generalParameters/secondFactors/utotp2f","utotp2fAuthnLevel":"generalParameters/secondFactors/utotp2f","utotp2fLabel":"generalParameters/secondFactors/utotp2f","utotp2fLogo":"generalParameters/secondFactors/utotp2f","virtualHosts":"","webIDAuthnLevel":"generalParameters/authParams/webidParams","webIDExportedVars":"generalParameters/authParams/webidParams","webIDWhitelist":"generalParameters/authParams/webidParams","whatToTrace":"generalParameters/logParams","wsdlServer":"generalParameters/plugins/portalServers/soapServices","yubikey2fActivation":"generalParameters/secondFactors/yubikey2f","yubikey2fAuthnLevel":"generalParameters/secondFactors/yubikey2f","yubikey2fClientID":"generalParameters/secondFactors/yubikey2f","yubikey2fFromSessionAttribute":"generalParameters/secondFactors/yubikey2f","yubikey2fLabel":"generalParameters/secondFactors/yubikey2f","yubikey2fLogo":"generalParameters/secondFactors/yubikey2f","yubikey2fNonce":"generalParameters/secondFactors/yubikey2f","yubikey2fPublicIDSize":"generalParameters/secondFactors/yubikey2f","yubikey2fSecretKey":"generalParameters/secondFactors/yubikey2f","yubikey2fSelfRegistration":"generalParameters/secondFactors/yubikey2f","yubikey2fTTL":"generalParameters/secondFactors/yubikey2f","yubikey2fUrl":"generalParameters/secondFactors/yubikey2f","yubikey2fUserCanRemoveKey":"generalParameters/secondFactors/yubikey2f"} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/struct.json b/lemonldap-ng-manager/site/htdocs/static/struct.json index 2e4251864c..dc24e242ca 100644 --- a/lemonldap-ng-manager/site/htdocs/static/struct.json +++ b/lemonldap-ng-manager/site/htdocs/static/struct.json @@ -1 +1 @@ -[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"id":"portalCustomCss","title":"portalCustomCss"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Combination","v":"combineMods"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"},{"id":"authChoiceFindUser","title":"authChoiceFindUser"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"},{"id":"krbAllowedDomains","title":"krbAllowedDomains"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":10,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":10,"id":"ldapIOTimeout","title":"ldapIOTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapGetUserBeforePasswordChange","title":"ldapGetUserBeforePasswordChange","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"},{"id":"restFindUserDBUrl","title":"restFindUserDBUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":1,"id":"displaySessionId","title":"displaySessionId","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"cnodes":"reloadUrls","help":"configlocation.html#configuration-reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"}],"help":"configlocation.html#configuration-reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"id":"refreshSessions","title":"refreshSessions","type":"bool"},{"cnodes":"adaptativeAuthenticationLevelRules","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":2592000,"id":"stayConnectedTimeout","title":"stayConnectedTimeout","type":"int"},{"default":"llngconnection","id":"stayConnectedCookieName","title":"stayConnectedCookieName"}],"help":"stayconnected.html","id":"stayConnect","title":"stayConnect","type":"simpleInputContainer"},{"_nodes":[{"id":"exportedAttr","title":"exportedAttr"},{"_nodes":[{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"}],"help":"portalservers.html#REST","id":"restServices","title":"restServices","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"}],"help":"portalservers.html#SOAP_(deprecated)","id":"soapServices","title":"soapServices","type":"simpleInputContainer"}],"help":"portalservers.html","id":"portalServers","title":"portalServers"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"certificateMailContent","title":"certificateMailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/certificateReset","id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetcertificate.html","id":"certificateResetByMailManagement","title":"certificateResetByMailManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":"_loginHistory _session_id hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"cnodes":"checkUserHiddenHeaders","id":"checkUserHiddenHeaders","title":"checkUserHiddenHeaders","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayNormalizedHeaders","title":"checkUserDisplayNormalizedHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"}],"help":"checkuser.html#configuration","id":"checkUserDisplay","title":"checkUserDisplay","type":"simpleInputContainer"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers"},{"_nodes":[{"default":0,"id":"checkDevOps","title":"checkDevOps","type":"bool"},{"default":1,"id":"checkDevOpsDownload","title":"checkDevOpsDownload","type":"bool"}],"help":"checkdevops.html","id":"devOpsCheck","title":"devOpsCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"findUser","title":"findUser","type":"bool"},{"default":"*","id":"findUserWildcard","title":"findUserWildcard"},{"default":"^[*\\w]+$","id":"findUserControl","title":"findUserControl"},{"cnodes":"findUserSearchingAttributes","id":"findUserSearchingAttributes","title":"findUserSearchingAttributes","type":"keyTextContainer"},{"cnodes":"findUserExcludingAttributes","id":"findUserExcludingAttributes","title":"findUserExcludingAttributes","type":"keyTextContainer"}],"help":"finduser.html","id":"findUsers","title":"findUsers"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"},{"id":"utotp2fLabel","title":"utotp2fLabel"},{"id":"utotp2fLogo","title":"utotp2fLogo"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fTTL","title":"u2fTTL","type":"int"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"id":"u2fLabel","title":"u2fLabel"},{"id":"u2fLogo","title":"u2fLogo"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"},{"id":"mail2fSessionKey","title":"mail2fSessionKey"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"int"},{"id":"radius2fLogo","title":"radius2fLogo"},{"id":"radius2fLabel","title":"radius2fLabel"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"cnodes":"sfExtra","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":0,"help":"safejail.html","id":"avoidAssignment","title":"avoidAssignment","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"_nodes":[{"id":"crowdsec","title":"crowdsec","type":"bool"},{"default":"reject","id":"crowdsecAction","select":[{"k":"reject","v":"Reject"},{"k":"warn","v":"Warn"}],"title":"crowdsecAction","type":"select"},{"id":"crowdsecUrl","title":"crowdsecUrl"},{"id":"crowdsecKey","title":"crowdsecKey"}],"help":"crowdsec.html","id":"CrowdSecPlugin","title":"CrowdSecPlugin"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"15, 30, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig","oidcServiceKeyIdSig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}] \ No newline at end of file +[{"_nodes":[{"_nodes":[{"default":"http://auth.example.com/","id":"portal","title":"portal"},{"_nodes":[{"_nodes":[{"default":1,"id":"portalDisplayLogout","title":"portalDisplayLogout","type":"boolOrExpr"},{"default":"$_auth =~ /^(LDAP|DBI|Demo)$/","id":"portalDisplayChangePassword","title":"portalDisplayChangePassword","type":"boolOrExpr"},{"default":1,"id":"portalDisplayAppslist","title":"portalDisplayAppslist","type":"boolOrExpr"},{"default":1,"id":"portalDisplayLoginHistory","title":"portalDisplayLoginHistory","type":"boolOrExpr"},{"default":"$_oidcConsents && $_oidcConsents =~ /\\w+/","id":"portalDisplayOidcConsents","title":"portalDisplayOidcConsents","type":"boolOrExpr"}],"id":"portalModules","title":"portalModules","type":"simpleInputContainer"},{"cnodes":"applicationList","default":[{"data":{"catname":"Default category","type":"category"},"id":"applicationList/default","title":"default","type":"catAndAppList"}],"help":"portalmenu.html#categories-and-applications","id":"applicationList","title":"applicationList","type":"catAndAppList"}],"help":"portalmenu.html","id":"portalMenu","title":"portalMenu"},{"_nodes":[{"default":"common/logos/logo_llng_400px.png","id":"portalMainLogo","title":"portalMainLogo"},{"default":1,"id":"showLanguages","title":"showLanguages","type":"bool"},{"id":"portalCustomCss","title":"portalCustomCss"},{"default":"bootstrap","id":"portalSkin","select":[{"k":"bootstrap","v":"Bootstrap"}],"title":"portalSkin","type":"portalskin"},{"id":"portalSkinBackground","select":[{"k":"","v":"None"},{"k":"1280px-Anse_Source_d'Argent_2-La_Digue.jpg","v":"Anse"},{"k":"1280px-Autumn-clear-water-waterfall-landscape_-_Virginia_-_ForestWander.jpg","v":"Waterfall"},{"k":"1280px-BrockenSnowedTrees.jpg","v":"Snowed Trees"},{"k":"1280px-Cedar_Breaks_National_Monument_partially.jpg","v":"National Monument"},{"k":"1280px-Parry_Peak_from_Winter_Park.jpg","v":"Winter"},{"k":"Aletschgletscher_mit_Pinus_cembra1.jpg","v":"Pinus"}],"title":"portalSkinBackground","type":"portalskinbackground"},{"cnodes":"portalSkinRules","help":"portalcustom.html","id":"portalSkinRules","title":"portalSkinRules","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"portalCheckLogins","title":"portalCheckLogins","type":"bool"},{"default":0,"id":"portalDisplayResetPassword","title":"portalDisplayResetPassword","type":"bool"},{"default":3,"id":"passwordResetAllowedRetries","title":"passwordResetAllowedRetries","type":"int"},{"default":1,"id":"portalDisplayRegister","title":"portalDisplayRegister","type":"bool"},{"default":0,"id":"portalDisplayCertificateResetByMail","title":"portalDisplayCertificateResetByMail","type":"bool"}],"help":"portalcustom.html#buttons","id":"portalButtons","title":"portalButtons","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"portalRequireOldPassword","title":"portalRequireOldPassword","type":"boolOrExpr"},{"default":0,"id":"hideOldPassword","title":"hideOldPassword","type":"bool"},{"default":0,"id":"mailOnPasswordChange","title":"mailOnPasswordChange","type":"bool"}],"help":"portalcustom.html#password-management","id":"passwordManagement","title":"passwordManagement","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"passwordPolicyActivation","title":"passwordPolicyActivation","type":"boolOrExpr"},{"default":0,"id":"portalDisplayPasswordPolicy","title":"portalDisplayPasswordPolicy","type":"bool"},{"default":0,"id":"passwordPolicyMinSize","title":"passwordPolicyMinSize","type":"int"},{"default":0,"id":"passwordPolicyMinLower","title":"passwordPolicyMinLower","type":"int"},{"default":0,"id":"passwordPolicyMinUpper","title":"passwordPolicyMinUpper","type":"int"},{"default":0,"id":"passwordPolicyMinDigit","title":"passwordPolicyMinDigit","type":"int"},{"default":0,"id":"passwordPolicyMinSpeChar","title":"passwordPolicyMinSpeChar","type":"int"},{"default":"__ALL__","id":"passwordPolicySpecialChar","title":"passwordPolicySpecialChar"}],"help":"portalcustom.html#password-policy","id":"passwordPolicy","title":"passwordPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":"_user","id":"portalUserAttr","title":"portalUserAttr"},{"default":0,"id":"portalOpenLinkInNewWindow","title":"portalOpenLinkInNewWindow","type":"bool"},{"default":1,"id":"portalAntiFrame","title":"portalAntiFrame","type":"bool"},{"default":60000,"id":"portalPingInterval","title":"portalPingInterval","type":"int"},{"default":1,"id":"portalErrorOnExpiredSession","title":"portalErrorOnExpiredSession","type":"bool"},{"default":0,"id":"portalErrorOnMailNotFound","title":"portalErrorOnMailNotFound","type":"bool"},{"default":1,"id":"portalDisplayRefreshMyRights","title":"portalDisplayRefreshMyRights","type":"bool"}],"help":"portalcustom.html#other-parameters","id":"portalOther","title":"portalOther","type":"simpleInputContainer"}],"help":"portalcustom.html","id":"portalCustomization","title":"portalCustomization"},{"_nodes":[{"default":0,"id":"captcha_login_enabled","title":"captcha_login_enabled","type":"bool"},{"default":1,"id":"captcha_mail_enabled","title":"captcha_mail_enabled","type":"bool"},{"default":1,"id":"captcha_register_enabled","title":"captcha_register_enabled","type":"bool"},{"default":6,"id":"captcha_size","title":"captcha_size","type":"int"}],"help":"captcha.html","id":"portalCaptcha","title":"portalCaptcha","type":"simpleInputContainer"}],"help":"portal.html","id":"portalParams","title":"portalParams"},{"_nodes":[{"default":"Demo","id":"authentication","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"Choice","v":"authChoice"},{"k":"Combination","v":"combineMods"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"authentication","type":"select"},{"default":"Same","id":"userDB","select":[{"k":"Same","v":"Same"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"userDB","type":"select"},{"default":"Demo","id":"passwordDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Choice","v":"authChoice"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Combination","v":"combineMods"},{"k":"Custom","v":"customModule"}],"title":"passwordDB","type":"select"},{"default":"Null","id":"registerDB","select":[{"k":"AD","v":"Active Directory"},{"k":"Demo","v":"Demonstration"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"registerDB","type":"select"}],"_nodes_cond":[{"_nodes":[{"default":0,"id":"ADPwdMaxAge","title":"ADPwdMaxAge","type":"int"},{"default":0,"id":"ADPwdExpireWarning","title":"ADPwdExpireWarning","type":"int"}],"help":"authad.html","id":"adParams","show":false,"title":"adParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lmAuth","id":"authChoiceParam","title":"authChoiceParam"},{"cnodes":"authChoiceModules","id":"authChoiceModules","select":[[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"Facebook","v":"Facebook"},{"k":"LDAP","v":"LDAP"},{"k":"Null","v":"None"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"Proxy","v":"Proxy"},{"k":"REST","v":"REST"},{"k":"Remote","v":"Remote"},{"k":"SAML","v":"SAML v2"},{"k":"Slave","v":"Slave"},{"k":"WebID","v":"WebID"},{"k":"Custom","v":"customModule"}],[{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Demo","v":"Demo"},{"k":"LDAP","v":"LDAP"},{"k":"REST","v":"REST"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}]],"title":"authChoiceModules","type":"authChoiceContainer"},{"id":"authChoiceAuthBasic","title":"authChoiceAuthBasic"},{"id":"authChoiceFindUser","title":"authChoiceFindUser"}],"help":"authchoice.html","id":"choiceParams","show":false,"title":"choiceParams"},{"_nodes":[{"default":3,"id":"apacheAuthnLevel","title":"apacheAuthnLevel","type":"int"}],"help":"authapache.html","id":"apacheParams","show":false,"title":"apacheParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"casAuthnLevel","title":"casAuthnLevel","type":"int"}],"help":"authcas.html","id":"casParams","show":false,"title":"casParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"dbiAuthnLevel","title":"dbiAuthnLevel","type":"int"},{"cnodes":"dbiExportedVars","default":[],"id":"dbiExportedVars","title":"dbiExportedVars","type":"keyTextContainer"},{"_nodes":[{"_nodes":[{"id":"dbiAuthChain","title":"dbiAuthChain"},{"id":"dbiAuthUser","title":"dbiAuthUser"},{"id":"dbiAuthPassword","title":"dbiAuthPassword","type":"password"}],"id":"dbiConnectionAuth","title":"dbiConnectionAuth","type":"simpleInputContainer"},{"_nodes":[{"id":"dbiUserChain","title":"dbiUserChain"},{"id":"dbiUserUser","title":"dbiUserUser"},{"id":"dbiUserPassword","title":"dbiUserPassword","type":"password"}],"id":"dbiConnectionUser","title":"dbiConnectionUser","type":"simpleInputContainer"}],"help":"authdbi.html#connection","id":"dbiConnection","title":"dbiConnection"},{"_nodes":[{"id":"dbiAuthTable","title":"dbiAuthTable"},{"id":"dbiUserTable","title":"dbiUserTable"},{"id":"dbiAuthLoginCol","title":"dbiAuthLoginCol"},{"id":"dbiAuthPasswordCol","title":"dbiAuthPasswordCol"},{"id":"dbiPasswordMailCol","title":"dbiPasswordMailCol"},{"id":"userPivot","title":"userPivot"}],"help":"authdbi.html#schema","id":"dbiSchema","title":"dbiSchema","type":"simpleInputContainer"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiAuthPasswordHash","title":"dbiAuthPasswordHash"},{"_nodes":[{"help":"authdbi.html#password","id":"dbiDynamicHashEnabled","title":"dbiDynamicHashEnabled","type":"bool"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSchemes","title":"dbiDynamicHashValidSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashValidSaltedSchemes","title":"dbiDynamicHashValidSaltedSchemes"},{"help":"authdbi.html#password","id":"dbiDynamicHashNewPasswordScheme","title":"dbiDynamicHashNewPasswordScheme"}],"help":"authdbi.html#password","id":"dbiDynamicHash","title":"dbiDynamicHash","type":"simpleInputContainer"}],"help":"authdbi.html#password","id":"dbiPassword","title":"dbiPassword"}],"help":"authdbi.html","id":"dbiParams","show":false,"title":"dbiParams"},{"_nodes":[{"cnodes":"demoExportedVars","default":[{"data":"cn","id":"demoExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"demoExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"demoExportedVars/uid","title":"uid","type":"keyText"}],"id":"demoExportedVars","title":"demoExportedVars","type":"keyTextContainer"}],"help":"authdemo.html","id":"demoParams","show":false,"title":"demoParams"},{"_nodes":[{"default":1,"id":"facebookAuthnLevel","title":"facebookAuthnLevel","type":"int"},{"cnodes":"facebookExportedVars","default":[],"id":"facebookExportedVars","title":"facebookExportedVars","type":"keyTextContainer"},{"id":"facebookAppId","title":"facebookAppId"},{"id":"facebookAppSecret","title":"facebookAppSecret"},{"default":"id","id":"facebookUserField","title":"facebookUserField"}],"help":"authfacebook.html","id":"facebookParams","show":false,"title":"facebookParams"},{"_nodes":[{"default":3,"id":"krbAuthnLevel","title":"krbAuthnLevel","type":"int"},{"id":"krbKeytab","title":"krbKeytab"},{"default":0,"id":"krbByJs","title":"krbByJs","type":"bool"},{"default":1,"id":"krbRemoveDomain","title":"krbRemoveDomain","type":"bool"},{"id":"krbAllowedDomains","title":"krbAllowedDomains"}],"help":"authkerberos.html","id":"kerberosParams","show":false,"title":"kerberosParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"ldapAuthnLevel","title":"ldapAuthnLevel","type":"int"},{"cnodes":"ldapExportedVars","default":[{"data":"cn","id":"ldapExportedVars/cn","title":"cn","type":"keyText"},{"data":"mail","id":"ldapExportedVars/mail","title":"mail","type":"keyText"},{"data":"uid","id":"ldapExportedVars/uid","title":"uid","type":"keyText"}],"id":"ldapExportedVars","title":"ldapExportedVars","type":"keyTextContainer"},{"_nodes":[{"default":"ldap://localhost","id":"ldapServer","title":"ldapServer"},{"id":"ldapPort","title":"ldapPort","type":"int"},{"default":"require","id":"ldapVerify","select":[{"k":"none","v":"None"},{"k":"optional","v":"Optional"},{"k":"require","v":"Require"}],"title":"ldapVerify","type":"select"},{"default":"dc=example,dc=com","id":"ldapBase","title":"ldapBase"},{"default":"","id":"managerDn","title":"managerDn"},{"default":"","id":"managerPassword","title":"managerPassword","type":"password"},{"default":10,"id":"ldapTimeout","title":"ldapTimeout","type":"int"},{"default":10,"id":"ldapIOTimeout","title":"ldapIOTimeout","type":"int"},{"default":3,"id":"ldapVersion","title":"ldapVersion","type":"int"},{"id":"ldapRaw","title":"ldapRaw"},{"id":"ldapCAFile","title":"ldapCAFile"},{"id":"ldapCAPath","title":"ldapCAPath"}],"help":"authldap.html#connection","id":"ldapConnection","title":"ldapConnection","type":"simpleInputContainer"},{"_nodes":[{"id":"LDAPFilter","title":"LDAPFilter"},{"id":"AuthLDAPFilter","title":"AuthLDAPFilter"},{"id":"mailLDAPFilter","title":"mailLDAPFilter"},{"default":"find","id":"ldapSearchDeref","select":[{"k":"never","v":"never"},{"k":"search","v":"search"},{"k":"find","v":"find"},{"k":"always","v":"always"}],"title":"ldapSearchDeref","type":"select"}],"help":"authldap.html#filters","id":"ldapFilters","title":"ldapFilters","type":"simpleInputContainer"},{"_nodes":[{"id":"ldapGroupBase","title":"ldapGroupBase"},{"default":"groupOfNames","id":"ldapGroupObjectClass","title":"ldapGroupObjectClass"},{"default":"member","id":"ldapGroupAttributeName","title":"ldapGroupAttributeName"},{"default":"dn","id":"ldapGroupAttributeNameUser","title":"ldapGroupAttributeNameUser"},{"default":"cn","id":"ldapGroupAttributeNameSearch","title":"ldapGroupAttributeNameSearch"},{"default":0,"id":"ldapGroupDecodeSearchedValue","title":"ldapGroupDecodeSearchedValue","type":"bool"},{"default":0,"id":"ldapGroupRecursive","title":"ldapGroupRecursive","type":"bool"},{"default":"dn","id":"ldapGroupAttributeNameGroup","title":"ldapGroupAttributeNameGroup"}],"help":"authldap.html#groups","id":"ldapGroups","title":"ldapGroups","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ldapPpolicyControl","title":"ldapPpolicyControl","type":"bool"},{"default":0,"id":"ldapSetPassword","title":"ldapSetPassword","type":"bool"},{"default":0,"id":"ldapChangePasswordAsUser","title":"ldapChangePasswordAsUser","type":"bool"},{"default":"utf-8","id":"ldapPwdEnc","title":"ldapPwdEnc"},{"default":1,"id":"ldapUsePasswordResetAttribute","title":"ldapUsePasswordResetAttribute","type":"bool"},{"default":"pwdReset","id":"ldapPasswordResetAttribute","title":"ldapPasswordResetAttribute"},{"default":"TRUE","id":"ldapPasswordResetAttributeValue","title":"ldapPasswordResetAttributeValue"},{"default":0,"id":"ldapAllowResetExpiredPassword","title":"ldapAllowResetExpiredPassword","type":"bool"},{"default":0,"id":"ldapGetUserBeforePasswordChange","title":"ldapGetUserBeforePasswordChange","type":"bool"},{"default":0,"id":"ldapITDS","title":"ldapITDS","type":"bool"}],"help":"authldap.html#password","id":"ldapPassword","title":"ldapPassword","type":"simpleInputContainer"}],"help":"authldap.html","id":"ldapParams","show":false,"title":"ldapParams"},{"_nodes":[{"default":1,"id":"linkedInAuthnLevel","title":"linkedInAuthnLevel","type":"int"},{"id":"linkedInClientID","title":"linkedInClientID"},{"id":"linkedInClientSecret","title":"linkedInClientSecret","type":"password"},{"default":"id,first-name,last-name,email-address","id":"linkedInFields","title":"linkedInFields"},{"default":"emailAddress","id":"linkedInUserField","title":"linkedInUserField"},{"default":"r_liteprofile r_emailaddress","id":"linkedInScope","title":"linkedInScope"}],"help":"authlinkedin.html","id":"linkedinParams","show":false,"title":"linkedinParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"githubAuthnLevel","title":"githubAuthnLevel","type":"int"},{"id":"githubClientID","title":"githubClientID"},{"id":"githubClientSecret","title":"githubClientSecret","type":"password"},{"default":"login","id":"githubUserField","title":"githubUserField"},{"default":"user:email","id":"githubScope","title":"githubScope"}],"help":"authgithub.html","id":"githubParams","show":false,"title":"githubParams","type":"simpleInputContainer"},{"_nodes":[{"id":"combination","title":"combination"},{"cnodes":"combModules","id":"combModules","select":[{"k":"Apache","v":"Apache"},{"k":"AD","v":"Active Directory"},{"k":"DBI","v":"Database (DBI)"},{"k":"Facebook","v":"Facebook"},{"k":"GitHub","v":"GitHub"},{"k":"GPG","v":"GPG"},{"k":"Kerberos","v":"Kerberos"},{"k":"LDAP","v":"LDAP"},{"k":"LinkedIn","v":"LinkedIn"},{"k":"PAM","v":"PAM"},{"k":"Radius","v":"Radius"},{"k":"REST","v":"REST"},{"k":"SSL","v":"SSL"},{"k":"Twitter","v":"Twitter"},{"k":"WebID","v":"WebID"},{"k":"Demo","v":"Demonstration"},{"k":"CAS","v":"Central Authentication Service (CAS)"},{"k":"OpenID","v":"OpenID"},{"k":"OpenIDConnect","v":"OpenID Connect"},{"k":"SAML","v":"SAML v2"},{"k":"Proxy","v":"Proxy"},{"k":"Remote","v":"Remote"},{"k":"Slave","v":"Slave"},{"k":"Null","v":"None"},{"k":"Custom","v":"customModule"}],"title":"combModules","type":"cmbModuleContainer"}],"help":"authcombination.html","id":"combinationParams","show":false,"title":"combinationParams"},{"_nodes":[{"default":0,"id":"nullAuthnLevel","title":"nullAuthnLevel","type":"int"}],"help":"authnull.html","id":"nullParams","show":false,"title":"nullParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"openIdAuthnLevel","title":"openIdAuthnLevel","type":"int"},{"cnodes":"openIdExportedVars","default":[],"id":"openIdExportedVars","title":"openIdExportedVars","type":"keyTextContainer"},{"id":"openIdSecret","title":"openIdSecret"},{"default":"0;","id":"openIdIDPList","title":"openIdIDPList","type":"blackWhiteList"}],"help":"authopenid.html","id":"openidParams","show":false,"title":"openidParams"},{"_nodes":[{"default":1,"id":"oidcAuthnLevel","title":"oidcAuthnLevel","type":"int"},{"default":"openidconnectcallback","id":"oidcRPCallbackGetParam","title":"oidcRPCallbackGetParam"},{"default":600,"id":"oidcRPStateTimeout","title":"oidcRPStateTimeout","type":"int"}],"help":"authopenidconnect.html","id":"oidcParams","show":false,"title":"oidcParams","type":"simpleInputContainer"},{"_nodes":[{"default":5,"id":"gpgAuthnLevel","title":"gpgAuthnLevel","type":"int"},{"default":"","id":"gpgDb","title":"gpgDb"}],"help":"authgpg.html","id":"gpgParams","show":false,"title":"gpgParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"proxyAuthnLevel","title":"proxyAuthnLevel","type":"int"},{"id":"proxyAuthService","title":"proxyAuthService"},{"id":"proxySessionService","title":"proxySessionService"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":0,"id":"proxyUseSoap","title":"proxyUseSoap","type":"bool"}],"help":"authproxy.html","id":"proxyParams","show":false,"title":"proxyParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"pamAuthnLevel","title":"pamAuthnLevel","type":"int"},{"default":"login","id":"pamService","title":"pamService"}],"help":"authpam.html","id":"pamParams","show":false,"title":"pamParams","type":"simpleInputContainer"},{"_nodes":[{"default":3,"id":"radiusAuthnLevel","title":"radiusAuthnLevel","type":"int"},{"id":"radiusSecret","title":"radiusSecret"},{"id":"radiusServer","title":"radiusServer"}],"help":"authradius.html","id":"radiusParams","show":false,"title":"radiusParams","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"restAuthnLevel","title":"restAuthnLevel","type":"int"},{"id":"restAuthUrl","title":"restAuthUrl"},{"id":"restUserDBUrl","title":"restUserDBUrl"},{"id":"restPwdConfirmUrl","title":"restPwdConfirmUrl"},{"id":"restPwdModifyUrl","title":"restPwdModifyUrl"}],"help":"authrest.html","id":"restParams","show":false,"title":"restParams","type":"simpleInputContainer"},{"_nodes":[{"id":"remotePortal","title":"remotePortal"},{"id":"remoteCookieName","title":"remoteCookieName"},{"default":"Lemonldap::NG::Common::Apache::Session::SOAP","id":"remoteGlobalStorage","title":"remoteGlobalStorage"},{"cnodes":"remoteGlobalStorageOptions","default":[{"data":"http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService","id":"remoteGlobalStorageOptions/ns","title":"ns","type":"keyText"},{"data":"http://auth.example.com/sessions","id":"remoteGlobalStorageOptions/proxy","title":"proxy","type":"keyText"}],"id":"remoteGlobalStorageOptions","title":"remoteGlobalStorageOptions","type":"keyTextContainer"}],"help":"authremote.html","id":"remoteParams","show":false,"title":"remoteParams"},{"_nodes":[{"default":2,"id":"slaveAuthnLevel","title":"slaveAuthnLevel","type":"int"},{"id":"slaveUserHeader","title":"slaveUserHeader"},{"id":"slaveMasterIP","title":"slaveMasterIP"},{"id":"slaveHeaderName","title":"slaveHeaderName"},{"id":"slaveHeaderContent","title":"slaveHeaderContent"},{"default":0,"id":"slaveDisplayLogo","title":"slaveDisplayLogo","type":"bool"},{"cnodes":"slaveExportedVars","default":[],"id":"slaveExportedVars","title":"slaveExportedVars","type":"keyTextContainer"}],"help":"authslave.html","id":"slaveParams","show":false,"title":"slaveParams"},{"_nodes":[{"default":5,"id":"SSLAuthnLevel","title":"SSLAuthnLevel","type":"int"},{"default":"SSL_CLIENT_S_DN_Email","id":"SSLVar","title":"SSLVar"},{"cnodes":"SSLVarIf","default":[],"id":"SSLVarIf","title":"SSLVarIf","type":"keyTextContainer"},{"default":0,"id":"sslByAjax","title":"sslByAjax","type":"bool"},{"id":"sslHost","title":"sslHost"}],"help":"authssl.html","id":"sslParams","show":false,"title":"sslParams"},{"_nodes":[{"default":1,"id":"twitterAuthnLevel","title":"twitterAuthnLevel","type":"int"},{"id":"twitterKey","title":"twitterKey"},{"id":"twitterSecret","title":"twitterSecret"},{"id":"twitterAppName","title":"twitterAppName"},{"default":"screen_name","id":"twitterUserField","title":"twitterUserField"}],"help":"authtwitter.html","id":"twitterParams","show":false,"title":"twitterParams","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"webIDAuthnLevel","title":"webIDAuthnLevel","type":"int"},{"cnodes":"webIDExportedVars","default":[],"id":"webIDExportedVars","title":"webIDExportedVars","type":"keyTextContainer"},{"id":"webIDWhitelist","title":"webIDWhitelist"}],"help":"authwebid.html","id":"webidParams","show":false,"title":"webidParams"},{"_nodes":[{"id":"customAuth","title":"customAuth"},{"id":"customUserDB","title":"customUserDB"},{"id":"customPassword","title":"customPassword"},{"id":"customRegister","title":"customRegister"},{"id":"customResetCertByMail","title":"customResetCertByMail"},{"cnodes":"customAddParams","id":"customAddParams","title":"customAddParams","type":"keyTextContainer"}],"help":"authcustom.html","id":"customParams","show":false,"title":"customParams"}],"_nodes_filter":"authParams","help":"start.html#authentication-users-and-password-databases","id":"authParams","title":"authParams","type":"authParams"},{"_nodes":[{"_nodes":[{"default":0,"id":"issuerDBSAMLActivation","title":"issuerDBSAMLActivation","type":"bool"},{"default":"^/saml/","id":"issuerDBSAMLPath","title":"issuerDBSAMLPath"},{"default":1,"id":"issuerDBSAMLRule","title":"issuerDBSAMLRule","type":"boolOrExpr"}],"help":"idpsaml.html","id":"issuerDBSAML","title":"issuerDBSAML","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBCASActivation","title":"issuerDBCASActivation","type":"bool"},{"default":"^/cas/","id":"issuerDBCASPath","title":"issuerDBCASPath"},{"default":1,"id":"issuerDBCASRule","title":"issuerDBCASRule","type":"boolOrExpr"}],"help":"idpcas.html#enabling-cas","id":"issuerDBCAS","title":"issuerDBCAS","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDActivation","title":"issuerDBOpenIDActivation","type":"bool"},{"default":"^/openidserver/","id":"issuerDBOpenIDPath","title":"issuerDBOpenIDPath"},{"default":1,"id":"issuerDBOpenIDRule","title":"issuerDBOpenIDRule","type":"boolOrExpr"},{"_nodes":[{"id":"openIdIssuerSecret","title":"openIdIssuerSecret"},{"id":"openIdAttr","title":"openIdAttr"},{"default":"0;","id":"openIdSPList","title":"openIdSPList","type":"blackWhiteList"},{"_nodes":[{"default":"cn","id":"openIdSreg_fullname","title":"openIdSreg_fullname"},{"default":"uid","id":"openIdSreg_nickname","title":"openIdSreg_nickname"},{"id":"openIdSreg_language","title":"openIdSreg_language"},{"id":"openIdSreg_postcode","title":"openIdSreg_postcode"},{"default":"_timezone","id":"openIdSreg_timezone","title":"openIdSreg_timezone"},{"id":"openIdSreg_country","title":"openIdSreg_country"},{"id":"openIdSreg_gender","title":"openIdSreg_gender"},{"default":"mail","id":"openIdSreg_email","title":"openIdSreg_email"},{"id":"openIdSreg_dob","title":"openIdSreg_dob"}],"id":"openIdSreg","title":"openIdSreg","type":"simpleInputContainer"}],"id":"issuerDBOpenIDOptions","title":"issuerDBOpenIDOptions"}],"help":"idpopenid.html","id":"issuerDBOpenID","title":"issuerDBOpenID"},{"_nodes":[{"default":0,"id":"issuerDBOpenIDConnectActivation","title":"issuerDBOpenIDConnectActivation","type":"bool"},{"default":"^/oauth2/","id":"issuerDBOpenIDConnectPath","title":"issuerDBOpenIDConnectPath"},{"default":1,"id":"issuerDBOpenIDConnectRule","title":"issuerDBOpenIDConnectRule","type":"boolOrExpr"}],"help":"idpopenidconnect.html","id":"issuerDBOpenIDConnect","title":"issuerDBOpenIDConnect","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"issuerDBGetActivation","title":"issuerDBGetActivation","type":"bool"},{"default":"^/get/","id":"issuerDBGetPath","title":"issuerDBGetPath"},{"default":1,"id":"issuerDBGetRule","title":"issuerDBGetRule","type":"boolOrExpr"},{"default":[],"id":"issuerDBGetParameters","title":"issuerDBGetParameters","type":"doubleHash"}],"help":"issuerdbget.html","id":"issuerDBGet","title":"issuerDBGet"},{"_nodes":[{"default":120,"id":"issuersTimeout","title":"issuersTimeout","type":"int"}],"help":"start.html#options","id":"issuerOptions","title":"issuerOptions","type":"simpleInputContainer"}],"help":"start.html#identity-provider","id":"issuerParams","title":"issuerParams"},{"_nodes":[{"default":"uid","id":"whatToTrace","title":"whatToTrace"},{"id":"customToTrace","title":"customToTrace"},{"default":"_password _2fDevices","id":"hiddenAttributes","title":"hiddenAttributes"}],"help":"logs.html","id":"logParams","title":"logParams","type":"simpleInputContainer"},{"_nodes":[{"default":"lemonldap","id":"cookieName","title":"cookieName"},{"default":"example.com","id":"domain","title":"domain"},{"default":0,"id":"cda","title":"cda","type":"bool"},{"default":0,"id":"securedCookie","select":[{"k":"0","v":"unsecuredCookie"},{"k":"1","v":"securedCookie"},{"k":"2","v":"doubleCookie"},{"k":"3","v":"doubleCookieForSingleSession"}],"title":"securedCookie","type":"select"},{"default":1,"id":"httpOnly","title":"httpOnly","type":"bool"},{"id":"cookieExpiration","title":"cookieExpiration","type":"int"},{"default":"","id":"sameSite","select":[{"k":"","v":""},{"k":"Strict","v":"Strict"},{"k":"Lax","v":"Lax"},{"k":"None","v":"None"}],"title":"sameSite","type":"select"}],"help":"ssocookie.html","id":"cookieParams","title":"cookieParams","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"storePassword","title":"storePassword","type":"bool"},{"default":1,"id":"displaySessionId","title":"displaySessionId","type":"bool"},{"default":72000,"id":"timeout","title":"timeout","type":"int"},{"default":0,"id":"timeoutActivity","title":"timeoutActivity","type":"int"},{"default":60,"id":"timeoutActivityInterval","title":"timeoutActivityInterval","type":"int"},{"cnodes":"grantSessionRules","default":[],"id":"grantSessionRules","title":"grantSessionRules","type":"grantContainer"},{"_nodes":[{"default":"Apache::Session::File","id":"globalStorage","title":"globalStorage"},{"cnodes":"globalStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/sessions/","id":"globalStorageOptions/Directory","title":"Directory","type":"keyText"},{"data":"/var/lib/lemonldap-ng/sessions/lock/","id":"globalStorageOptions/LockDirectory","title":"LockDirectory","type":"keyText"},{"data":"Lemonldap::NG::Common::Apache::Session::Generate::SHA256","id":"globalStorageOptions/generateModule","title":"generateModule","type":"keyText"}],"id":"globalStorageOptions","title":"globalStorageOptions","type":"keyTextContainer"},{"default":"Cache::FileCache","id":"localSessionStorage","title":"localSessionStorage"},{"cnodes":"localSessionStorageOptions","default":[{"data":3,"id":"localSessionStorageOptions/cache_depth","title":"cache_depth","type":"keyText"},{"data":"/var/cache/lemonldap-ng","id":"localSessionStorageOptions/cache_root","title":"cache_root","type":"keyText"},{"data":600,"id":"localSessionStorageOptions/default_expires_in","title":"default_expires_in","type":"keyText"},{"data":"007","id":"localSessionStorageOptions/directory_umask","title":"directory_umask","type":"keyText"},{"data":"lemonldap-ng-sessions","id":"localSessionStorageOptions/namespace","title":"namespace","type":"keyText"}],"id":"localSessionStorageOptions","title":"localSessionStorageOptions","type":"keyTextContainer"}],"help":"start.html#sessions-database","id":"sessionStorage","title":"sessionStorage"},{"_nodes":[{"default":0,"id":"singleSession","title":"singleSession","type":"boolOrExpr"},{"default":0,"id":"singleIP","title":"singleIP","type":"boolOrExpr"},{"default":0,"id":"singleUserByIP","title":"singleUserByIP","type":"boolOrExpr"},{"default":1,"id":"notifyDeleted","title":"notifyDeleted","type":"bool"},{"default":0,"id":"notifyOther","title":"notifyOther","type":"bool"}],"id":"multipleSessions","title":"multipleSessions","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"disablePersistentStorage","title":"disablePersistentStorage","type":"bool"},{"id":"persistentStorage","title":"persistentStorage"},{"cnodes":"persistentStorageOptions","id":"persistentStorageOptions","title":"persistentStorageOptions","type":"keyTextContainer"}],"id":"persistentSessions","title":"persistentSessions"}],"help":"sessions.html","id":"sessionParams","title":"sessionParams"},{"_nodes":[{"default":5,"id":"reloadTimeout","title":"reloadTimeout","type":"int"},{"default":0,"id":"compactConf","title":"compactConf","type":"bool"},{"cnodes":"reloadUrls","help":"configlocation.html#configuration-reload","id":"reloadUrls","title":"reloadUrls","type":"keyTextContainer"}],"help":"configlocation.html#configuration-reload","id":"reloadParams","title":"reloadParams"},{"_nodes":[{"default":0,"help":"status.html","id":"portalStatus","title":"portalStatus","type":"bool"},{"default":1,"id":"upgradeSession","title":"upgradeSession","type":"bool"},{"id":"refreshSessions","title":"refreshSessions","type":"bool"},{"cnodes":"adaptativeAuthenticationLevelRules","id":"adaptativeAuthenticationLevelRules","title":"adaptativeAuthenticationLevelRules","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"stayConnected","title":"stayConnected","type":"bool"},{"default":2592000,"id":"stayConnectedTimeout","title":"stayConnectedTimeout","type":"int"},{"default":"llngconnection","id":"stayConnectedCookieName","title":"stayConnectedCookieName"}],"help":"stayconnected.html","id":"stayConnect","title":"stayConnect","type":"simpleInputContainer"},{"_nodes":[{"id":"exportedAttr","title":"exportedAttr"},{"_nodes":[{"default":0,"id":"restSessionServer","title":"restSessionServer","type":"bool"},{"default":0,"id":"restConfigServer","title":"restConfigServer","type":"bool"},{"default":0,"id":"restAuthServer","title":"restAuthServer","type":"bool"},{"default":0,"id":"restPasswordServer","title":"restPasswordServer","type":"bool"},{"default":0,"id":"restExportSecretKeys","title":"restExportSecretKeys","type":"bool"},{"default":15,"id":"restClockTolerance","title":"restClockTolerance","type":"int"}],"help":"portalservers.html#REST","id":"restServices","title":"restServices","type":"simpleInputContainer"},{"_nodes":[{"default":0,"help":"soapservices.html","id":"soapSessionServer","title":"soapSessionServer","type":"bool"},{"default":0,"help":"soapservices.html","id":"soapConfigServer","title":"soapConfigServer","type":"bool"},{"default":0,"id":"wsdlServer","title":"wsdlServer","type":"bool"}],"help":"portalservers.html#SOAP_(deprecated)","id":"soapServices","title":"soapServices","type":"simpleInputContainer"}],"help":"portalservers.html","id":"portalServers","title":"portalServers"},{"_nodes":[{"default":0,"id":"loginHistoryEnabled","title":"loginHistoryEnabled","type":"bool"},{"default":5,"id":"successLoginNumber","title":"successLoginNumber","type":"int"},{"default":5,"id":"failedLoginNumber","title":"failedLoginNumber","type":"int"},{"cnodes":"sessionDataToRemember","id":"sessionDataToRemember","title":"sessionDataToRemember","type":"keyTextContainer"}],"help":"loginhistory.html","id":"loginHistory","title":"loginHistory"},{"_nodes":[{"default":0,"id":"notification","title":"notification","type":"bool"},{"default":0,"id":"notificationsExplorer","title":"notificationsExplorer","type":"bool"},{"default":"allusers","id":"notificationWildcard","title":"notificationWildcard"},{"default":0,"id":"oldNotifFormat","title":"oldNotifFormat","type":"bool"},{"id":"notificationXSLTfile","title":"notificationXSLTfile"},{"default":"File","id":"notificationStorage","title":"notificationStorage"},{"cnodes":"notificationStorageOptions","default":[{"data":"/var/lib/lemonldap-ng/notifications","id":"notificationStorageOptions/dirName","title":"dirName","type":"keyText"}],"id":"notificationStorageOptions","title":"notificationStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"notificationServer","title":"notificationServer","type":"bool"},{"default":"","id":"notificationDefaultCond","title":"notificationDefaultCond"},{"default":"uid reference date title subtitle text check","id":"notificationServerSentAttributes","title":"notificationServerSentAttributes"},{"_nodes":[{"default":1,"id":"notificationServerPOST","title":"notificationServerPOST","type":"bool"},{"default":0,"id":"notificationServerGET","title":"notificationServerGET","type":"bool"},{"default":0,"id":"notificationServerDELETE","title":"notificationServerDELETE","type":"bool"}],"id":"notificationServerMethods","title":"notificationServerMethods","type":"simpleInputContainer"}],"help":"notifications.html#notification-server","id":"serverNotification","title":"serverNotification"}],"help":"notifications.html","id":"notifications","title":"notifications"},{"_nodes":[{"_nodes":[{"id":"mailSubject","title":"mailSubject"},{"id":"mailBody","title":"mailBody","type":"longtext"},{"id":"mailConfirmSubject","title":"mailConfirmSubject"},{"id":"mailConfirmBody","title":"mailConfirmBody","type":"longtext"}],"id":"mailContent","title":"mailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/resetpwd","id":"mailUrl","title":"mailUrl"},{"default":0,"id":"mailTimeout","title":"mailTimeout","type":"int"},{"default":1,"id":"portalDisplayGeneratePassword","title":"portalDisplayGeneratePassword","type":"bool"},{"default":"[A-Z]{3}[a-z]{5}.\\d{2}","id":"randomPasswordRegexp","title":"randomPasswordRegexp"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetpassword.html","id":"passwordManagement","title":"passwordManagement"},{"_nodes":[{"_nodes":[{"id":"certificateResetByMailStep1Subject","title":"certificateResetByMailStep1Subject"},{"id":"certificateResetByMailStep1Body","title":"certificateResetByMailStep1Body","type":"longtext"},{"id":"certificateResetByMailStep2Subject","title":"certificateResetByMailStep2Subject"},{"id":"certificateResetByMailStep2Body","title":"certificateResetByMailStep2Body","type":"longtext"}],"id":"certificateMailContent","title":"certificateMailContent","type":"simpleInputContainer"},{"_nodes":[{"default":"http://auth.example.com/certificateReset","id":"certificateResetByMailURL","title":"certificateResetByMailURL"},{"default":"description","id":"certificateResetByMailCeaAttribute","title":"certificateResetByMailCeaAttribute"},{"default":"userCertificate;binary","id":"certificateResetByMailCertificateAttribute","title":"certificateResetByMailCertificateAttribute"},{"default":0,"id":"certificateResetByMailValidityDelay","title":"certificateResetByMailValidityDelay","type":"int"}],"id":"mailOther","title":"mailOther","type":"simpleInputContainer"}],"help":"resetcertificate.html","id":"certificateResetByMailManagement","title":"certificateResetByMailManagement"},{"_nodes":[{"default":"http://auth.example.com/register","id":"registerUrl","title":"registerUrl"},{"default":0,"id":"registerTimeout","title":"registerTimeout","type":"int"},{"id":"registerConfirmSubject","title":"registerConfirmSubject"},{"id":"registerDoneSubject","title":"registerDoneSubject"}],"help":"register.html","id":"register","title":"register","type":"simpleInputContainer"},{"_nodes":[{"cnodes":"autoSigninRules","id":"autoSigninRules","title":"autoSigninRules","type":"keyTextContainer"}],"help":"autosignin.html","id":"autoSignin","title":"autoSignin"},{"_nodes":[{"default":0,"id":"globalLogoutRule","title":"globalLogoutRule","type":"boolOrExpr"},{"default":1,"id":"globalLogoutTimer","title":"globalLogoutTimer","type":"bool"},{"id":"globalLogoutCustomParam","title":"globalLogoutCustomParam"}],"help":"globallogout.html","id":"globalLogout","title":"globalLogout","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkState","title":"checkState","type":"bool"},{"id":"checkStateSecret","title":"checkStateSecret"}],"help":"checkstate.html","id":"stateCheck","title":"stateCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"checkUser","title":"checkUser","type":"bool"},{"default":1,"id":"checkUserIdRule","title":"checkUserIdRule"},{"id":"checkUserUnrestrictedUsersRule","title":"checkUserUnrestrictedUsersRule"},{"id":"checkUserSearchAttributes","title":"checkUserSearchAttributes"},{"default":"_loginHistory _session_id hGroups","id":"checkUserHiddenAttributes","title":"checkUserHiddenAttributes"},{"cnodes":"checkUserHiddenHeaders","id":"checkUserHiddenHeaders","title":"checkUserHiddenHeaders","type":"keyTextContainer"},{"_nodes":[{"default":1,"id":"checkUserDisplayComputedSession","title":"checkUserDisplayComputedSession","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayPersistentInfo","title":"checkUserDisplayPersistentInfo","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayNormalizedHeaders","title":"checkUserDisplayNormalizedHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyHeaders","title":"checkUserDisplayEmptyHeaders","type":"boolOrExpr"},{"default":0,"id":"checkUserDisplayEmptyValues","title":"checkUserDisplayEmptyValues","type":"boolOrExpr"}],"help":"checkuser.html#configuration","id":"checkUserDisplay","title":"checkUserDisplay","type":"simpleInputContainer"}],"help":"checkuser.html","id":"checkUsers","title":"checkUsers"},{"_nodes":[{"default":0,"id":"checkDevOps","title":"checkDevOps","type":"bool"},{"default":1,"id":"checkDevOpsDownload","title":"checkDevOpsDownload","type":"bool"}],"help":"checkdevops.html","id":"devOpsCheck","title":"devOpsCheck","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"impersonationRule","title":"impersonationRule","type":"boolOrExpr"},{"default":1,"id":"impersonationIdRule","title":"impersonationIdRule"},{"id":"impersonationUnrestrictedUsersRule","title":"impersonationUnrestrictedUsersRule"},{"default":"_2fDevices _loginHistory","id":"impersonationHiddenAttributes","title":"impersonationHiddenAttributes"},{"default":1,"id":"impersonationSkipEmptyValues","title":"impersonationSkipEmptyValues","type":"bool"},{"default":0,"id":"impersonationMergeSSOgroups","title":"impersonationMergeSSOgroups","type":"boolOrExpr"}],"help":"impersonation.html","id":"impersonation","title":"impersonation","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"findUser","title":"findUser","type":"bool"},{"default":"*","id":"findUserWildcard","title":"findUserWildcard"},{"default":"^[*\\w]+$","id":"findUserControl","title":"findUserControl"},{"id":"restFindUserDBUrl","title":"restFindUserDBUrl"},{"cnodes":"findUserSearchingAttributes","id":"findUserSearchingAttributes","title":"findUserSearchingAttributes","type":"keyTextContainer"},{"cnodes":"findUserExcludingAttributes","id":"findUserExcludingAttributes","title":"findUserExcludingAttributes","type":"keyTextContainer"}],"help":"finduser.html","id":"findUsers","title":"findUsers"},{"_nodes":[{"default":0,"id":"contextSwitchingRule","title":"contextSwitchingRule","type":"boolOrExpr"},{"default":1,"id":"contextSwitchingIdRule","title":"contextSwitchingIdRule"},{"id":"contextSwitchingUnrestrictedUsersRule","title":"contextSwitchingUnrestrictedUsersRule"},{"default":0,"id":"contextSwitchingAllowed2fModifications","title":"contextSwitchingAllowed2fModifications","type":"bool"},{"default":1,"id":"contextSwitchingStopWithLogout","title":"contextSwitchingStopWithLogout","type":"bool"}],"help":"contextswitching.html","id":"contextSwitching","title":"contextSwitching","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"decryptValueRule","title":"decryptValueRule","type":"boolOrExpr"},{"id":"decryptValueFunctions","title":"decryptValueFunctions"}],"help":"decryptvalue.html","id":"decryptValue","title":"decryptValue","type":"simpleInputContainer"},{"_nodes":[{"id":"customPlugins","title":"customPlugins"},{"cnodes":"customPluginsParams","id":"customPluginsParams","title":"customPluginsParams","type":"keyTextContainer"}],"help":"plugincustom.html","id":"customPluginsNode","title":"customPluginsNode"}],"help":"start.html#plugins","id":"plugins","title":"plugins"},{"_nodes":[{"default":1,"help":"secondfactor.html","id":"sfManagerRule","title":"sfManagerRule","type":"boolOrExpr"},{"default":0,"help":"secondfactor.html","id":"sfRequired","title":"sfRequired","type":"boolOrExpr"},{"help":"secondfactor.html","id":"sfOnlyUpgrade","title":"sfOnlyUpgrade","type":"bool"},{"_nodes":[{"default":0,"id":"utotp2fActivation","title":"utotp2fActivation","type":"boolOrExpr"},{"id":"utotp2fAuthnLevel","title":"utotp2fAuthnLevel","type":"int"},{"id":"utotp2fLabel","title":"utotp2fLabel"},{"id":"utotp2fLogo","title":"utotp2fLogo"}],"help":"utotp2f.html","id":"utotp2f","title":"utotp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"totp2fActivation","title":"totp2fActivation","type":"boolOrExpr"},{"default":0,"id":"totp2fSelfRegistration","title":"totp2fSelfRegistration","type":"boolOrExpr"},{"id":"totp2fIssuer","title":"totp2fIssuer"},{"default":30,"id":"totp2fInterval","title":"totp2fInterval","type":"int"},{"default":1,"id":"totp2fRange","title":"totp2fRange","type":"int"},{"default":6,"id":"totp2fDigits","title":"totp2fDigits","type":"int"},{"default":0,"id":"totp2fDisplayExistingSecret","title":"totp2fDisplayExistingSecret","type":"bool"},{"default":0,"id":"totp2fUserCanChangeKey","title":"totp2fUserCanChangeKey","type":"bool"},{"default":1,"id":"totp2fUserCanRemoveKey","title":"totp2fUserCanRemoveKey","type":"bool"},{"id":"totp2fTTL","title":"totp2fTTL","type":"int"},{"id":"totp2fAuthnLevel","title":"totp2fAuthnLevel","type":"int"},{"id":"totp2fLabel","title":"totp2fLabel"},{"id":"totp2fLogo","title":"totp2fLogo"}],"help":"totp2f.html","id":"totp2f","title":"totp2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"u2fActivation","title":"u2fActivation","type":"boolOrExpr"},{"default":0,"id":"u2fSelfRegistration","title":"u2fSelfRegistration","type":"boolOrExpr"},{"default":1,"id":"u2fUserCanRemoveKey","title":"u2fUserCanRemoveKey","type":"bool"},{"id":"u2fTTL","title":"u2fTTL","type":"int"},{"id":"u2fAuthnLevel","title":"u2fAuthnLevel","type":"int"},{"id":"u2fLabel","title":"u2fLabel"},{"id":"u2fLogo","title":"u2fLogo"}],"help":"u2f.html","id":"u2f","title":"u2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"yubikey2fActivation","title":"yubikey2fActivation","type":"boolOrExpr"},{"default":0,"id":"yubikey2fSelfRegistration","title":"yubikey2fSelfRegistration","type":"boolOrExpr"},{"id":"yubikey2fClientID","title":"yubikey2fClientID"},{"id":"yubikey2fSecretKey","title":"yubikey2fSecretKey"},{"id":"yubikey2fNonce","title":"yubikey2fNonce"},{"id":"yubikey2fUrl","title":"yubikey2fUrl"},{"default":12,"id":"yubikey2fPublicIDSize","title":"yubikey2fPublicIDSize","type":"int"},{"default":1,"id":"yubikey2fUserCanRemoveKey","title":"yubikey2fUserCanRemoveKey","type":"bool"},{"id":"yubikey2fFromSessionAttribute","title":"yubikey2fFromSessionAttribute"},{"id":"yubikey2fTTL","title":"yubikey2fTTL","type":"int"},{"id":"yubikey2fAuthnLevel","title":"yubikey2fAuthnLevel","type":"int"},{"id":"yubikey2fLabel","title":"yubikey2fLabel"},{"id":"yubikey2fLogo","title":"yubikey2fLogo"}],"help":"yubikey2f.html","id":"yubikey2f","title":"yubikey2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"mail2fActivation","title":"mail2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"mail2fCodeRegex","title":"mail2fCodeRegex"},{"id":"mail2fTimeout","title":"mail2fTimeout","type":"int"},{"id":"mail2fSubject","title":"mail2fSubject"},{"id":"mail2fBody","title":"mail2fBody","type":"longtext"},{"id":"mail2fAuthnLevel","title":"mail2fAuthnLevel","type":"int"},{"id":"mail2fLabel","title":"mail2fLabel"},{"id":"mail2fLogo","title":"mail2fLogo"},{"id":"mail2fSessionKey","title":"mail2fSessionKey"}],"help":"mail2f.html","id":"mail2f","title":"mail2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"ext2fActivation","title":"ext2fActivation","type":"boolOrExpr"},{"default":"\\d{6}","id":"ext2fCodeActivation","title":"ext2fCodeActivation"},{"id":"ext2FSendCommand","title":"ext2FSendCommand"},{"id":"ext2FValidateCommand","title":"ext2FValidateCommand"},{"id":"ext2fAuthnLevel","title":"ext2fAuthnLevel","type":"int"},{"id":"ext2fLabel","title":"ext2fLabel"},{"id":"ext2fLogo","title":"ext2fLogo"}],"help":"external2f.html","id":"ext2f","title":"ext2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"radius2fActivation","title":"radius2fActivation","type":"boolOrExpr"},{"id":"radius2fServer","title":"radius2fServer"},{"id":"radius2fSecret","title":"radius2fSecret"},{"id":"radius2fUsernameSessionKey","title":"radius2fUsernameSessionKey"},{"default":20,"id":"radius2fTimeout","title":"radius2fTimeout","type":"int"},{"id":"radius2fAuthnLevel","title":"radius2fAuthnLevel","type":"int"},{"id":"radius2fLogo","title":"radius2fLogo"},{"id":"radius2fLabel","title":"radius2fLabel"}],"help":"radius2f.html","id":"radius2f","title":"radius2f","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"rest2fActivation","title":"rest2fActivation","type":"boolOrExpr"},{"id":"rest2fInitUrl","title":"rest2fInitUrl"},{"cnodes":"rest2fInitArgs","id":"rest2fInitArgs","title":"rest2fInitArgs","type":"keyTextContainer"},{"id":"rest2fVerifyUrl","title":"rest2fVerifyUrl"},{"cnodes":"rest2fVerifyArgs","id":"rest2fVerifyArgs","title":"rest2fVerifyArgs","type":"keyTextContainer"},{"id":"rest2fAuthnLevel","title":"rest2fAuthnLevel","type":"int"},{"id":"rest2fLabel","title":"rest2fLabel"},{"id":"rest2fLogo","title":"rest2fLogo"}],"help":"rest2f.html","id":"rest2f","title":"rest2f"},{"cnodes":"sfExtra","id":"sfExtra","select":[{"k":"Mail2F","v":"E-Mail"},{"k":"REST","v":"REST"},{"k":"Ext2F","v":"External"},{"k":"Radius","v":"Radius"}],"title":"sfExtra","type":"sfExtraContainer"},{"_nodes":[{"default":0,"help":"secondfactor.html","id":"sfRemovedMsgRule","title":"sfRemovedMsgRule","type":"boolOrExpr"},{"default":0,"id":"sfRemovedUseNotif","title":"sfRemovedUseNotif","type":"bool"},{"default":"RemoveSF","help":"secondfactor.html","id":"sfRemovedNotifRef","title":"sfRemovedNotifRef"},{"default":"Second factor notification","help":"secondfactor.html","id":"sfRemovedNotifTitle","title":"sfRemovedNotifTitle"},{"default":"_removedSF_ expired second factor(s) has/have been removed!","help":"secondfactor.html","id":"sfRemovedNotifMsg","title":"sfRemovedNotifMsg"}],"help":"secondfactor.html","id":"sfRemovedNotification","title":"sfRemovedNotification","type":"simpleInputContainer"}],"help":"secondfactor.html","id":"secondFactors","title":"secondFactors"},{"_nodes":[{"help":"customfunctions.html","id":"customFunctions","title":"customFunctions"},{"default":"; ","id":"multiValuesSeparator","title":"multiValuesSeparator","type":"authParamsText"},{"default":0,"id":"groupsBeforeMacros","title":"groupsBeforeMacros","type":"bool"},{"_nodes":[{"default":"mail","id":"mailSessionKey","title":"mailSessionKey"},{"default":"","id":"SMTPServer","title":"SMTPServer"},{"id":"SMTPPort","title":"SMTPPort","type":"int"},{"id":"SMTPAuthUser","title":"SMTPAuthUser"},{"id":"SMTPAuthPass","title":"SMTPAuthPass","type":"password"},{"default":"","id":"SMTPTLS","select":[{"k":"","v":"none"},{"k":"starttls","v":"SMTP + STARTTLS"},{"k":"ssl","v":"SMTPS"}],"title":"SMTPTLS","type":"select"},{"cnodes":"SMTPTLSOpts","id":"SMTPTLSOpts","title":"SMTPTLSOpts","type":"keyTextContainer"},{"_nodes":[{"default":"noreply@example.com","id":"mailFrom","title":"mailFrom"},{"id":"mailReplyTo","title":"mailReplyTo"},{"default":"utf-8","id":"mailCharset","title":"mailCharset"}],"id":"mailHeaders","title":"mailHeaders","type":"simpleInputContainer"}],"help":"smtp.html","id":"SMTP","title":"SMTP","type":"SMTP"},{"_nodes":[{"default":"^[\\w\\.\\-@]+$","id":"userControl","title":"userControl"},{"default":0,"id":"browsersDontStorePassword","title":"browsersDontStorePassword","type":"bool"},{"default":0,"help":"forcereauthn.html","id":"portalForceAuthn","title":"portalForceAuthn","type":"bool"},{"default":5,"id":"portalForceAuthnInterval","title":"portalForceAuthnInterval","type":"int"},{"id":"key","title":"key","type":"password"},{"id":"trustedDomains","title":"trustedDomains"},{"default":1,"help":"safejail.html","id":"useSafeJail","title":"useSafeJail","type":"bool"},{"default":0,"help":"safejail.html","id":"avoidAssignment","title":"avoidAssignment","type":"bool"},{"default":1,"id":"checkXSS","title":"checkXSS","type":"bool"},{"default":1,"id":"requireToken","title":"requireToken","type":"boolOrExpr"},{"default":120,"id":"formTimeout","title":"formTimeout","type":"int"},{"default":0,"id":"tokenUseGlobalStorage","title":"tokenUseGlobalStorage","type":"bool"},{"_nodes":[{"id":"crowdsec","title":"crowdsec","type":"bool"},{"default":"reject","id":"crowdsecAction","select":[{"k":"reject","v":"Reject"},{"k":"warn","v":"Warn"}],"title":"crowdsecAction","type":"select"},{"id":"crowdsecUrl","title":"crowdsecUrl"},{"id":"crowdsecKey","title":"crowdsecKey"}],"help":"crowdsec.html","id":"CrowdSecPlugin","title":"CrowdSecPlugin"},{"_nodes":[{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtection","title":"bruteForceProtection","type":"bool"},{"default":30,"id":"bruteForceProtectionTempo","title":"bruteForceProtectionTempo","type":"int"},{"default":3,"id":"bruteForceProtectionMaxFailed","title":"bruteForceProtectionMaxFailed","type":"int"},{"default":0,"help":"bruteforceprotection.html","id":"bruteForceProtectionIncrementalTempo","title":"bruteForceProtectionIncrementalTempo","type":"bool"},{"default":"15, 30, 60, 300, 600","id":"bruteForceProtectionLockTimes","title":"bruteForceProtectionLockTimes"}],"help":"bruteforceprotection.html","id":"bruteForceAttackProtection","title":"bruteForceAttackProtection","type":"simpleInputContainer"},{"cnodes":"lwpOpts","id":"lwpOpts","title":"lwpOpts","type":"keyTextContainer"},{"cnodes":"lwpSslOpts","id":"lwpSslOpts","title":"lwpSslOpts","type":"keyTextContainer"},{"_nodes":[{"default":"'self'","id":"cspDefault","title":"cspDefault"},{"default":"'self' data:","id":"cspImg","title":"cspImg"},{"default":"'self'","id":"cspScript","title":"cspScript"},{"default":"'self'","id":"cspStyle","title":"cspStyle"},{"default":"'self'","id":"cspFont","title":"cspFont"},{"default":"*","id":"cspFormAction","title":"cspFormAction"},{"default":"'self'","id":"cspConnect","title":"cspConnect"},{"default":"","id":"cspFrameAncestors","title":"cspFrameAncestors"}],"help":"security.html#portal","id":"contentSecurityPolicy","title":"contentSecurityPolicy","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"corsEnabled","title":"corsEnabled","type":"bool"},{"default":true,"id":"corsAllow_Credentials","title":"corsAllow_Credentials"},{"default":"*","id":"corsAllow_Headers","title":"corsAllow_Headers"},{"default":"POST,GET","id":"corsAllow_Methods","title":"corsAllow_Methods"},{"default":"*","id":"corsAllow_Origin","title":"corsAllow_Origin"},{"default":"*","id":"corsExpose_Headers","title":"corsExpose_Headers"},{"default":"86400","id":"corsMax_Age","title":"corsMax_Age"}],"help":"security.html#portal","id":"crossOrigineResourceSharing","title":"crossOrigineResourceSharing","type":"simpleInputContainer"}],"help":"security.html#configure-security-settings","id":"security","title":"security"},{"_nodes":[{"default":-1,"id":"https","title":"https","type":"trool"},{"default":-1,"id":"port","title":"port","type":"int"},{"default":0,"id":"useRedirectOnForbidden","title":"useRedirectOnForbidden","type":"bool"},{"default":1,"id":"useRedirectOnError","title":"useRedirectOnError","type":"bool"},{"default":0,"id":"maintenance","title":"maintenance","type":"bool"}],"help":"redirections.html","id":"redirection","title":"redirection","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"jsRedirect","title":"jsRedirect","type":"boolOrExpr"},{"default":0,"id":"noAjaxHook","title":"noAjaxHook","type":"bool"},{"default":0,"id":"skipRenewConfirmation","title":"skipRenewConfirmation","type":"bool"},{"default":0,"id":"skipUpgradeConfirmation","title":"skipUpgradeConfirmation","type":"bool"}],"help":"redirections.html#portal-redirections","id":"portalRedirection","title":"portalRedirection","type":"simpleInputContainer"},{"cnodes":"nginxCustomHandlers","help":"handlerarch.html","id":"nginxCustomHandlers","title":"nginxCustomHandlers","type":"keyTextContainer"},{"cnodes":"logoutServices","default":[],"help":"logoutforward.html","id":"logoutServices","title":"logoutServices","type":"keyTextContainer"},{"_nodes":[{"default":"get","id":"infoFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"infoFormMethod","type":"select"},{"default":"post","id":"confirmFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"confirmFormMethod","type":"select"},{"default":"get","id":"redirectFormMethod","select":[{"k":"get","v":"GET"},{"k":"post","v":"POST"}],"title":"redirectFormMethod","type":"select"},{"default":1,"id":"activeTimer","title":"activeTimer","type":"bool"}],"id":"forms","title":"forms","type":"simpleInputContainer"}],"help":"start.html#advanced-features","id":"advancedParams","title":"advancedParams"}],"id":"generalParameters","title":"generalParameters"},{"_nodes":[{"cnodes":"exportedVars","default":[{"data":"HTTP_USER_AGENT","id":"exportedVars/UA","title":"UA","type":"keyText"}],"help":"exportedvars.html","id":"exportedVars","title":"exportedVars","type":"keyTextContainer"},{"cnodes":"macros","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"macros","title":"macros","type":"keyTextContainer"},{"cnodes":"groups","default":[],"help":"exportedvars.html#extend-variables-using-macros-and-groups","id":"groups","title":"groups","type":"keyTextContainer"}],"help":"variables.html","id":"variables","title":"variables"},{"cnodes":"virtualHosts","help":"configvhost.html","id":"virtualHosts","template":"virtualHost","title":"virtualHosts","type":"virtualHostContainer"},{"_nodes":[{"default":"#PORTAL#/saml/metadata","id":"samlEntityID","title":"samlEntityID"},{"_nodes":[{"get":["samlServicePrivateKeySig","samlServicePrivateKeySigPwd","samlServicePublicKeySig"],"id":"samlServiceSecuritySig","title":"samlServiceSecuritySig","type":"RSACertKey"},{"get":["samlServicePrivateKeyEnc","samlServicePrivateKeyEncPwd","samlServicePublicKeyEnc"],"id":"samlServiceSecurityEnc","title":"samlServiceSecurityEnc","type":"RSACertKey"},{"default":0,"id":"samlServiceUseCertificateInResponse","title":"samlServiceUseCertificateInResponse","type":"bool"},{"default":"RSA_SHA256","id":"samlServiceSignatureMethod","select":[{"k":"RSA_SHA1","v":"RSA SHA1"},{"k":"RSA_SHA256","v":"RSA SHA256"},{"k":"RSA_SHA384","v":"RSA SHA384"},{"k":"RSA_SHA512","v":"RSA SHA512"}],"title":"samlServiceSignatureMethod","type":"select"}],"help":"samlservice.html#security-parameters","id":"samlServiceSecurity","title":"samlServiceSecurity"},{"_nodes":[{"default":"mail","id":"samlNameIDFormatMapEmail","title":"samlNameIDFormatMapEmail"},{"default":"mail","id":"samlNameIDFormatMapX509","title":"samlNameIDFormatMapX509"},{"default":"uid","id":"samlNameIDFormatMapWindows","title":"samlNameIDFormatMapWindows"},{"default":"uid","id":"samlNameIDFormatMapKerberos","title":"samlNameIDFormatMapKerberos"}],"help":"samlservice.html#nameid-formats","id":"samlNameIDFormatMap","title":"samlNameIDFormatMap","type":"simpleInputContainer"},{"_nodes":[{"default":2,"id":"samlAuthnContextMapPassword","title":"samlAuthnContextMapPassword","type":"int"},{"default":3,"id":"samlAuthnContextMapPasswordProtectedTransport","title":"samlAuthnContextMapPasswordProtectedTransport","type":"int"},{"default":5,"id":"samlAuthnContextMapTLSClient","title":"samlAuthnContextMapTLSClient","type":"int"},{"default":4,"id":"samlAuthnContextMapKerberos","title":"samlAuthnContextMapKerberos","type":"int"}],"help":"samlservice.html#authentication-contexts","id":"samlAuthnContextMap","title":"samlAuthnContextMap","type":"simpleInputContainer"},{"_nodes":[{"default":"Example","id":"samlOrganizationDisplayName","title":"samlOrganizationDisplayName"},{"default":"Example","id":"samlOrganizationName","title":"samlOrganizationName"},{"default":"http://www.example.com","id":"samlOrganizationURL","title":"samlOrganizationURL"}],"help":"samlservice.html#organization","id":"samlOrganization","title":"samlOrganization","type":"simpleInputContainer"},{"_nodes":[{"default":1,"id":"samlSPSSODescriptorAuthnRequestsSigned","title":"samlSPSSODescriptorAuthnRequestsSigned","type":"bool"},{"default":1,"id":"samlSPSSODescriptorWantAssertionsSigned","title":"samlSPSSODescriptorWantAssertionsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn","id":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlSPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;","id":"samlSPSSODescriptorSingleLogoutServiceSOAP","title":"samlSPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlSPSSODescriptorSingleLogoutService","title":"samlSPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact","type":"samlAssertion"},{"default":"0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost","id":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","title":"samlSPSSODescriptorAssertionConsumerServiceHTTPPost","type":"samlAssertion"}],"id":"samlSPSSODescriptorAssertionConsumerService","title":"samlSPSSODescriptorAssertionConsumerService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlSPSSODescriptorArtifactResolutionServiceArtifact","title":"samlSPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlSPSSODescriptorArtifactResolutionService","title":"samlSPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#service-provider","id":"samlSPSSODescriptor","title":"samlSPSSODescriptor"},{"_nodes":[{"default":1,"id":"samlIDPSSODescriptorWantAuthnRequestsSigned","title":"samlIDPSSODescriptorWantAuthnRequestsSigned","type":"bool"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;","id":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","title":"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact","type":"samlService"}],"id":"samlIDPSSODescriptorSingleSignOnService","title":"samlIDPSSODescriptorSingleSignOnService"},{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn","id":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","title":"samlIDPSSODescriptorSingleLogoutServiceHTTPPost","type":"samlService"},{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;","id":"samlIDPSSODescriptorSingleLogoutServiceSOAP","title":"samlIDPSSODescriptorSingleLogoutServiceSOAP","type":"samlService"}],"id":"samlIDPSSODescriptorSingleLogoutService","title":"samlIDPSSODescriptorSingleLogoutService"},{"_nodes":[{"default":"1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact","id":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","title":"samlIDPSSODescriptorArtifactResolutionServiceArtifact","type":"samlAssertion"}],"id":"samlIDPSSODescriptorArtifactResolutionService","title":"samlIDPSSODescriptorArtifactResolutionService"}],"help":"samlservice.html#identity-provider","id":"samlIDPSSODescriptor","title":"samlIDPSSODescriptor"},{"_nodes":[{"_nodes":[{"default":"urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;","id":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","title":"samlAttributeAuthorityDescriptorAttributeServiceSOAP","type":"samlService"}],"id":"samlAttributeAuthorityDescriptorAttributeService","title":"samlAttributeAuthorityDescriptorAttributeService"}],"help":"samlservice.html#attribute-authority","id":"samlAttributeAuthorityDescriptor","title":"samlAttributeAuthorityDescriptor"},{"_nodes":[{"default":1,"id":"samlMetadataForceUTF8","title":"samlMetadataForceUTF8","type":"bool"},{"default":600,"id":"samlRelayStateTimeout","title":"samlRelayStateTimeout","type":"int"},{"default":0,"id":"samlUseQueryStringSpecific","title":"samlUseQueryStringSpecific","type":"bool"},{"default":"","id":"samlOverrideIDPEntityID","title":"samlOverrideIDPEntityID"},{"id":"samlStorage","title":"samlStorage"},{"cnodes":"samlStorageOptions","id":"samlStorageOptions","title":"samlStorageOptions","type":"keyTextContainer"},{"_nodes":[{"default":0,"id":"samlCommonDomainCookieActivation","title":"samlCommonDomainCookieActivation","type":"bool"},{"id":"samlCommonDomainCookieDomain","title":"samlCommonDomainCookieDomain"},{"id":"samlCommonDomainCookieReader","title":"samlCommonDomainCookieReader"},{"id":"samlCommonDomainCookieWriter","title":"samlCommonDomainCookieWriter"}],"id":"samlCommonDomainCookie","title":"samlCommonDomainCookie","type":"simpleInputContainer"},{"_nodes":[{"default":0,"id":"samlDiscoveryProtocolActivation","title":"samlDiscoveryProtocolActivation","type":"bool"},{"id":"samlDiscoveryProtocolURL","title":"samlDiscoveryProtocolURL"},{"id":"samlDiscoveryProtocolPolicy","title":"samlDiscoveryProtocolPolicy"},{"default":0,"id":"samlDiscoveryProtocolIsPassive","title":"samlDiscoveryProtocolIsPassive","type":"bool"}],"id":"samlDiscoveryProtocol","title":"samlDiscoveryProtocol","type":"simpleInputContainer"}],"help":"samlservice.html#advanced","id":"samlAdvanced","title":"samlAdvanced"}],"help":"samlservice.html","id":"samlServiceMetaData","title":"samlServiceMetaData"},{"cnodes":"samlIDPMetaDataNodes","help":"authsaml.html","id":"samlIDPMetaDataNodes","template":"samlIDPMetaDataNode","title":"samlIDPMetaDataNodes","type":"samlIDPMetaDataNodeContainer"},{"cnodes":"samlSPMetaDataNodes","help":"idpsaml.html","id":"samlSPMetaDataNodes","template":"samlSPMetaDataNode","title":"samlSPMetaDataNodes","type":"samlSPMetaDataNodeContainer"},{"_nodes":[{"id":"oidcServiceMetaDataIssuer","title":"oidcServiceMetaDataIssuer"},{"_nodes":[{"default":"authorize","id":"oidcServiceMetaDataAuthorizeURI","title":"oidcServiceMetaDataAuthorizeURI"},{"default":"token","id":"oidcServiceMetaDataTokenURI","title":"oidcServiceMetaDataTokenURI"},{"default":"userinfo","id":"oidcServiceMetaDataUserInfoURI","title":"oidcServiceMetaDataUserInfoURI"},{"default":"jwks","id":"oidcServiceMetaDataJWKSURI","title":"oidcServiceMetaDataJWKSURI"},{"default":"register","id":"oidcServiceMetaDataRegistrationURI","title":"oidcServiceMetaDataRegistrationURI"},{"default":"introspect","id":"oidcServiceMetaDataIntrospectionURI","title":"oidcServiceMetaDataIntrospectionURI"},{"default":"logout","id":"oidcServiceMetaDataEndSessionURI","title":"oidcServiceMetaDataEndSessionURI"},{"default":"checksession.html","id":"oidcServiceMetaDataCheckSessionURI","title":"oidcServiceMetaDataCheckSessionURI"},{"default":"flogout","id":"oidcServiceMetaDataFrontChannelURI","title":"oidcServiceMetaDataFrontChannelURI"},{"default":"blogout","id":"oidcServiceMetaDataBackChannelURI","title":"oidcServiceMetaDataBackChannelURI"}],"id":"oidcServiceMetaDataEndPoints","title":"oidcServiceMetaDataEndPoints","type":"simpleInputContainer"},{"cnodes":"oidcServiceMetaDataAuthnContext","default":[{"data":1,"id":"oidcServiceMetaDataAuthnContext/loa-1","title":"loa-1","type":"keyText"},{"data":2,"id":"oidcServiceMetaDataAuthnContext/loa-2","title":"loa-2","type":"keyText"},{"data":3,"id":"oidcServiceMetaDataAuthnContext/loa-3","title":"loa-3","type":"keyText"},{"data":4,"id":"oidcServiceMetaDataAuthnContext/loa-4","title":"loa-4","type":"keyText"},{"data":5,"id":"oidcServiceMetaDataAuthnContext/loa-5","title":"loa-5","type":"keyText"}],"id":"oidcServiceMetaDataAuthnContext","title":"oidcServiceMetaDataAuthnContext","type":"keyTextContainer"},{"_nodes":[{"get":["oidcServicePrivateKeySig","oidcServicePublicKeySig","oidcServiceKeyIdSig"],"id":"oidcServiceMetaDataKeys","title":"oidcServiceMetaDataKeys","type":"RSAKeyNoPassword"},{"default":0,"id":"oidcServiceAllowDynamicRegistration","title":"oidcServiceAllowDynamicRegistration","type":"bool"},{"default":1,"id":"oidcServiceAllowAuthorizationCodeFlow","title":"oidcServiceAllowAuthorizationCodeFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowImplicitFlow","title":"oidcServiceAllowImplicitFlow","type":"bool"},{"default":0,"id":"oidcServiceAllowHybridFlow","title":"oidcServiceAllowHybridFlow","type":"bool"},{"default":60,"id":"oidcServiceAuthorizationCodeExpiration","title":"oidcServiceAuthorizationCodeExpiration","type":"int"},{"default":3600,"id":"oidcServiceAccessTokenExpiration","title":"oidcServiceAccessTokenExpiration","type":"int"},{"default":3600,"id":"oidcServiceIDTokenExpiration","title":"oidcServiceIDTokenExpiration","type":"int"},{"default":2592000,"id":"oidcServiceOfflineSessionExpiration","title":"oidcServiceOfflineSessionExpiration","type":"int"}],"id":"oidcServiceMetaDataSecurity","title":"oidcServiceMetaDataSecurity"},{"_nodes":[{"id":"oidcStorage","title":"oidcStorage"},{"cnodes":"oidcStorageOptions","id":"oidcStorageOptions","title":"oidcStorageOptions","type":"keyTextContainer"}],"id":"oidcServiceMetaDataSessions","title":"oidcServiceMetaDataSessions"},{"cnodes":"oidcServiceDynamicRegistrationExportedVars","id":"oidcServiceDynamicRegistrationExportedVars","title":"oidcServiceDynamicRegistrationExportedVars","type":"keyTextContainer"},{"cnodes":"oidcServiceDynamicRegistrationExtraClaims","id":"oidcServiceDynamicRegistrationExtraClaims","title":"oidcServiceDynamicRegistrationExtraClaims","type":"keyTextContainer"}],"help":"openidconnectservice.html#service-configuration","id":"oidcServiceMetaData","title":"oidcServiceMetaData"},{"cnodes":"oidcOPMetaDataNodes","help":"authopenidconnect.html#declare-the-openid-connect-provider-in-ll-ng","id":"oidcOPMetaDataNodes","title":"oidcOPMetaDataNodes","type":"oidcOPMetaDataNodeContainer"},{"cnodes":"oidcRPMetaDataNodes","help":"idpopenidconnect.html#configuration-of-relying-party-in-ll-ng","id":"oidcRPMetaDataNodes","title":"oidcRPMetaDataNodes","type":"oidcRPMetaDataNodeContainer"},{"_nodes":[{"id":"casAttr","title":"casAttr"},{"default":"none","id":"casAccessControlPolicy","select":[{"k":"none","v":"None"},{"k":"error","v":"Display error on portal"},{"k":"faketicket","v":"Send a fake service ticket"}],"title":"casAccessControlPolicy","type":"select"},{"id":"casStorage","title":"casStorage"},{"cnodes":"casStorageOptions","id":"casStorageOptions","title":"casStorageOptions","type":"keyTextContainer"},{"cnodes":"casAttributes","id":"casAttributes","title":"casAttributes","type":"keyTextContainer"}],"help":"idpcas.html#configuring-the-cas-service","id":"casServiceMetadata","title":"casServiceMetadata"},{"cnodes":"casSrvMetaDataNodes","help":"authcas.html","id":"casSrvMetaDataNodes","template":"casSrvMetaDataNode","title":"casSrvMetaDataNodes","type":"casSrvMetaDataNodeContainer"},{"cnodes":"casAppMetaDataNodes","help":"idpcas.html#configuring-cas-applications","id":"casAppMetaDataNodes","template":"casAppMetaDataNode","title":"casAppMetaDataNodes","type":"casAppMetaDataNodeContainer"}] \ No newline at end of file diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/StayConnected.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/StayConnected.pm index f7320c0dfe..22f658a59f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/StayConnected.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/StayConnected.pm @@ -35,7 +35,7 @@ has cookieName => ( is => 'rw', lazy => 1, default => sub { - $_[0]->{conf}->{stayConnectedCookieName} || 'llngconnection'; + $_[0]->conf->{stayConnectedCookieName} || 'llngconnection'; } ); @@ -44,7 +44,7 @@ has timeout => ( is => 'rw', lazy => 1, default => sub { - $_[0]->{conf}->{stayConnectedTimeout} || 2592000; + $_[0]->conf->{stayConnectedTimeout} || 2592000; } ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm index 06ad3db6a1..1de4f265e2 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/REST.pm @@ -15,22 +15,26 @@ extends qw( Lemonldap::NG::Portal::Lib::REST ); -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; # INITIALIZATION +has findUserDBUrl => ( + is => 'ro', + lazy => 1, + default => sub { + $_[0]->conf->{restFindUserDBUrl} || $_[0]->conf->{restUserDBUrl}; + } +); + sub init { my $self = shift; - # Add warning in log unless ( $self->conf->{restUserDBUrl} ) { $self->logger->error('REST User data URL is not set'); return 0; } - if ( !$self->conf->{restFindUserDBUrl} && $self->conf->{findUser} ) { - $self->logger->error('REST User accounts URL is not set'); - return 0; - } + return 1; } @@ -85,7 +89,7 @@ sub findUser { ]; $res = eval { $self->restCall( - $self->conf->{restFindUserDBUrl}, + $self->findUserDBUrl, { searchingAttributes => to_json($searching), ( @@ -124,11 +128,12 @@ sub setSessionInfo { my ( $self, $req ) = @_; $req->sessionInfo->{$_} = $req->data->{restUserDBInfo}->{$_} foreach ( keys %{ $req->data->{restUserDBInfo} } ); - PE_OK; + + return PE_OK; } sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/t/68-FindUser-with-REST.t b/lemonldap-ng-portal/t/68-FindUser-with-REST.t index 89735a6aeb..b09dc698de 100644 --- a/lemonldap-ng-portal/t/68-FindUser-with-REST.t +++ b/lemonldap-ng-portal/t/68-FindUser-with-REST.t @@ -76,12 +76,13 @@ my $json; my $request; my $client = LLNG::Manager::Test->new( { ini => { - logLevel => 'error', - authentication => 'Null', - userDB => 'REST', - passwordDB => 'Null', - restUserDBUrl => 'http://ws/user', - restFindUserDBUrl => 'http://ws/search', + logLevel => 'debug', + authentication => 'Null', + userDB => 'REST', + passwordDB => 'Null', + restUserDBUrl => 'http://ws/search', + + #restFindUserDBUrl => 'http://ws/search', findUser => 1, impersonationRule => 1, useSafeJail => 1, -- GitLab From c0db322ef07a22a410a89675d602e4697121c669 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 23:07:58 +0200 Subject: [PATCH 064/312] Perl critic --- .../lib/Lemonldap/NG/Portal/Lib/Captcha.pm | 10 ++++++---- .../NG/Portal/Lib/Notifications/JSON.pm | 4 ++-- .../NG/Portal/Lib/Notifications/XML.pm | 4 ++-- .../Lemonldap/NG/Portal/Lib/OneTimeToken.pm | 4 +++- .../lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm | 11 ++++++---- .../lib/Lemonldap/NG/Portal/Lib/SOAPProxy.pm | 12 ++++++----- .../lib/Lemonldap/NG/Portal/Lib/_tokenRule.pm | 4 +++- .../lib/Lemonldap/NG/Portal/Register/Demo.pm | 5 +++-- .../lib/Lemonldap/NG/Portal/UserDB/CAS.pm | 7 ++++--- .../lib/Lemonldap/NG/Portal/UserDB/Demo.pm | 4 ++-- .../Lemonldap/NG/Portal/UserDB/Facebook.pm | 11 +++++----- .../lib/Lemonldap/NG/Portal/UserDB/LDAP.pm | 8 +++++--- .../lib/Lemonldap/NG/Portal/UserDB/Null.pm | 12 +++++------ .../lib/Lemonldap/NG/Portal/UserDB/OpenID.pm | 20 ++++++++++--------- .../NG/Portal/UserDB/OpenIDConnect.pm | 14 +++++++------ .../lib/Lemonldap/NG/Portal/UserDB/Proxy.pm | 4 ++-- .../lib/Lemonldap/NG/Portal/UserDB/Remote.pm | 16 +++++++++------ .../lib/Lemonldap/NG/Portal/UserDB/SAML.pm | 16 +++++++++------ .../lib/Lemonldap/NG/Portal/UserDB/Slave.pm | 12 ++++++----- .../lib/Lemonldap/NG/Portal/UserDB/WebID.pm | 15 +++++++------- 20 files changed, 112 insertions(+), 81 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Captcha.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Captcha.pm index c4ee4ee1be..08b81cef49 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Captcha.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Captcha.pm @@ -1,11 +1,11 @@ package Lemonldap::NG::Portal::Lib::Captcha; use strict; -use GD::SecurityImage use_magick => 1; use Mouse; use MIME::Base64; +use GD::SecurityImage use_magick => 1; -our $VERSION = '2.0.1'; +our $VERSION = '2.0.12'; extends 'Lemonldap::NG::Common::Module'; @@ -60,7 +60,9 @@ has ott => ( } ); -sub init { 1 } +sub init { + return 1; +} # Returns secret + a HTML image src content sub getCaptcha { @@ -76,7 +78,7 @@ sub getCaptcha { $image->random; $image->create( 'normal', 'default', $self->fgColor, $self->bgColor ); my ( $imageData, $mimeType, $rdm ) = $image->out( force => 'png' ); - my $img = 'data:image/png;base64,' . encode_base64( $imageData, '' ); + my $img = 'data:image/png;base64,' . encode_base64( $imageData, '' ); my $token = $self->ott->createToken( { captcha => $rdm } ); return ( $token, $img ); } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/JSON.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/JSON.pm index 9aa79bef44..86af1ef108 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/JSON.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/JSON.pm @@ -5,7 +5,7 @@ use Mouse; use JSON qw(from_json); use POSIX qw(strftime); -our $VERSION = '2.0.9'; +our $VERSION = '2.0.12'; no warnings 'redefine'; @@ -21,7 +21,7 @@ has notifObject => ( is => 'rw' ); # INITIALIZATION sub init { - 1; + return 1; } # Search for notifications and if any, returns HTML fragment. diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm index fbfffa5ba8..9958cdd80d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm @@ -6,7 +6,7 @@ use XML::LibXML; use XML::LibXSLT; use POSIX qw(strftime); -our $VERSION = '2.0.9'; +our $VERSION = '2.0.12'; # Lemonldap::NG::Portal::Main::Plugin provides addAuthRoute() and # addUnauthRoute() methods in addition of Lemonldap::NG::Common::Module. @@ -52,7 +52,7 @@ has server => ( is => 'rw' ); # INITIALIZATION sub init { - 1; + return 1; } # Search for notifications and if any, returns HTML fragment. diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm index fcb9a9ffa3..ade5ca66c6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm @@ -42,7 +42,9 @@ has cache => ( }, ); -sub init { 1 } +sub init { + return 1; +} sub createToken { my ( $self, $infos ) = @_; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm index 742384b591..e73c5b94ca 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm @@ -7,7 +7,7 @@ use Lemonldap::NG::Common::UserAgent; use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_BADCREDENTIALS); use Lemonldap::NG::Common::FormEncode; -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; has ua => ( is => 'rw' ); @@ -61,13 +61,14 @@ sub getUser { $self->logger->debug( 'Store remote cookies in session (' . $req->sessionInfo->{_proxyCookies} . ')' ); - PE_OK; + + return PE_OK; } sub findUser { # Nothing to do here - PE_OK; + return PE_OK; } sub setSessionInfo { @@ -96,7 +97,8 @@ sub setSessionInfo { $req->{sessionInfo}->{$_} ||= $res->{$_} unless (/^_/); } $req->data->{_setSessionInfoDone}++; - PE_OK; + + return PE_OK; } sub authLogout { @@ -111,6 +113,7 @@ sub authLogout { ] ); my $resp = $self->ua->request($q); + return PE_OK; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SOAPProxy.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SOAPProxy.pm index 9141d2c594..661aec8a64 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SOAPProxy.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SOAPProxy.pm @@ -5,7 +5,7 @@ use Mouse; use SOAP::Lite; use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_BADCREDENTIALS); -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; # INITIALIZATION @@ -61,13 +61,14 @@ sub getUser { return PE_ERROR; } $req->data->{_proxyQueryDone}++; - PE_OK; + + return PE_OK; } sub findUser { # Nothing to do here - PE_OK; + return PE_OK; } sub setSessionInfo { @@ -90,11 +91,12 @@ sub setSessionInfo { unless (/^_/); } $req->data->{_setSessionInfoDone}++; - PE_OK; + + return PE_OK; } sub authLogout { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/_tokenRule.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/_tokenRule.pm index e2b679234d..78179fb8a9 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/_tokenRule.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/_tokenRule.pm @@ -21,6 +21,8 @@ has ottRule => ( } ); -sub init { 1 } +sub init { + return 1; +} 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm index 7c64ed37b0..73511fb759 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm @@ -9,10 +9,10 @@ use Lemonldap::NG::Portal::Main::Constants qw( extends 'Lemonldap::NG::Portal::Register::Base'; -our $VERSION = '2.0.10'; +our $VERSION = '2.0.12'; sub init { - 1; + return 1; } # Compute a login from register infos @@ -44,6 +44,7 @@ sub createUser { . $req->data->{registerInfo}->{lastname}, mail => $req->data->{registerInfo}->{login} . '@badwolf.org', }; + return PE_OK; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/CAS.pm index 5fcc3eb4e2..eac13727ae 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/CAS.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/CAS.pm @@ -7,7 +7,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_OK ); -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; extends 'Lemonldap::NG::Common::Module'; @@ -46,12 +46,13 @@ sub setSessionInfo { foreach ( keys %ev ) { $req->{sessionInfo}->{$_} = $req->data->{casAttrs}->{$_}; } - PE_OK; + + return PE_OK; } # Does nothing sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm index dce543ae29..885395ddc1 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm @@ -15,7 +15,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( extends 'Lemonldap::NG::Common::Module'; -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; # Sample accounts from Doctor Who characters our %demoAccounts = ( @@ -45,7 +45,7 @@ our %demoGroups = ( # INITIALIZATION sub init { - 1; + return 1; } # RUNNING METHODS diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Facebook.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Facebook.pm index 70b5a4d962..31934283fb 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Facebook.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Facebook.pm @@ -6,7 +6,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_MISSINGREQATTR); extends 'Lemonldap::NG::Common::Module'; -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; has vars => ( is => 'rw', @@ -30,13 +30,13 @@ sub init { sub getUser { # All is done by Auth::Facebook - PE_OK; + return PE_OK; } sub findUser { # Nothing to do here - PE_OK; + return PE_OK; } sub setSessionInfo { @@ -56,11 +56,12 @@ sub setSessionInfo { return PE_MISSINGREQATTR; } } - PE_OK; + + return PE_OK; } sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm index d83bee477d..69530415a1 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm @@ -7,7 +7,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(PE_OK); extends 'Lemonldap::NG::Portal::Lib::LDAP'; -our $VERSION = '2.0.6'; +our $VERSION = '2.0.12'; has ldapGroupAttributeNameSearch => ( is => 'rw', @@ -50,7 +50,8 @@ sub setSessionInfo { $req->sessionInfo->{$k} = $value; } - PE_OK; + + return PE_OK; } # Load all groups in $groups. @@ -100,7 +101,8 @@ sub setGroups { $req->{sessionInfo}->{groups} = $groups; $req->{sessionInfo}->{hGroups} = $hGroups; - PE_OK; + + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Null.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Null.pm index 7f119510f1..9ec67f6e4d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Null.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Null.pm @@ -6,30 +6,30 @@ use Lemonldap::NG::Portal::Main::Constants; extends 'Lemonldap::NG::Common::Module'; -our $VERSION = '2.0.0'; +our $VERSION = '2.0.12'; # INITIALIZATION sub init { - 1; + return 1; } # RUNNING METHODS sub getUser { - PE_OK; + return PE_OK; } sub findUser { - PE_OK; + return PE_OK; } sub setSessionInfo { - PE_OK; + return PE_OK; } sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenID.pm index ac9eafd2c4..c90a09a89c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenID.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenID.pm @@ -3,30 +3,31 @@ package Lemonldap::NG::Portal::UserDB::OpenID; use strict; use Mouse; use Lemonldap::NG::Portal::Main::Constants qw( - PE_MISSINGREQATTR PE_OK + PE_MISSINGREQATTR ); -our $VERSION = '2.0.0'; +our $VERSION = '2.0.12'; -extends 'Lemonldap::NG::Common::Module', - 'Lemonldap::NG::Portal::Lib::OpenIDConnect'; +extends qw( + Lemonldap::NG::Common::Module + Lemonldap::NG::Portal::Lib::OpenIDConnect +); # INITIALIZATION sub init { - my ($self) = @_; return 1; } # RUNNING METHODS sub getUser { - PE_OK; + return PE_OK; } sub findUser { - PE_OK; + return PE_OK; } sub setSessionInfo { @@ -54,12 +55,13 @@ sub setSessionInfo { ); } } - PE_OK; + + return PE_OK; } # Does nothing sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenIDConnect.pm index 21fb5c9a31..794df1c2f4 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/OpenIDConnect.pm @@ -8,10 +8,12 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_OK ); -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; -extends 'Lemonldap::NG::Common::Module', - 'Lemonldap::NG::Portal::Lib::OpenIDConnect'; +extends qw( + Lemonldap::NG::Common::Module + Lemonldap::NG::Portal::Lib::OpenIDConnect +); # INITIALIZATION @@ -56,7 +58,7 @@ sub getUser { sub findUser { # Nothing to do here - PE_OK; + return PE_OK; } # Get all required attributes @@ -73,12 +75,12 @@ sub setSessionInfo { $req->{sessionInfo}->{$k} = $req->data->{OpenIDConnect_user_info}->{$v}; } - PE_OK; + return PE_OK; } # Does nothing sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Proxy.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Proxy.pm index 8d7e81691f..223f4cac95 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Proxy.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Proxy.pm @@ -6,7 +6,7 @@ use Lemonldap::NG::Portal::Main::Constants 'PE_OK'; extends 'Lemonldap::NG::Common::Module'; -our $VERSION = '2.0.0'; +our $VERSION = '2.0.12'; # INITIALIZATION @@ -26,7 +26,7 @@ sub init { # RUNNING METHODS sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm index 1b5713915e..0d46a325f0 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm @@ -2,11 +2,14 @@ package Lemonldap::NG::Portal::UserDB::Remote; use strict; use Mouse; -use Lemonldap::NG::Portal::Main::Constants qw(PE_OK); +use Lemonldap::NG::Portal::Main::Constants 'PE_OK'; -our $VERSION = '2.0.11'; +our $VERSION = '2.0.12'; -extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::Remote'; +extends qw( + Lemonldap::NG::Common::Module + Lemonldap::NG::Portal::Lib::Remote +); # RUNNING METHODS @@ -15,18 +18,19 @@ extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::Remote'; sub findUser { # Nothing to do here - PE_OK; + return PE_OK; } sub setSessionInfo { my ( $self, $req ) = @_; delete $req->data->{rSessionInfo}->{_session_id}; $req->{sessionInfo} = $req->data->{rSessionInfo}; - PE_OK; + + return PE_OK; } sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/SAML.pm index 7913fa80ca..da5b1d9a06 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/SAML.pm @@ -10,9 +10,12 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_SAML_LOAD_SERVICE_ERROR ); -our $VERSION = '2.0.5'; +our $VERSION = '2.0.12'; -extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::SAML'; +extends qw( + Lemonldap::NG::Common::Module + Lemonldap::NG::Portal::Lib::SAML +); # INITIALIZATION @@ -23,6 +26,7 @@ sub init { $self->lassoServer( $self->p->loadedModules->{'Lemonldap::NG::Portal::Auth::SAML'} ->lassoServer ); + return 1; } @@ -30,11 +34,11 @@ sub init { # Does nothing sub getUser { - PE_OK; + return PE_OK; } sub findUser { - PE_OK; + return PE_OK; } # Get all required attributes @@ -179,12 +183,12 @@ sub setSessionInfo { # Restore current Lasso::Server $self->lassoServer = $current_server; - PE_OK; + return PE_OK; } # Does nothing sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm index 11bbf7f5c8..84d67a324e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm @@ -13,7 +13,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_FORBIDDENIP ); -our $VERSION = '2.0.10'; +our $VERSION = '2.0.12'; extends qw( Lemonldap::NG::Common::Module @@ -22,16 +22,18 @@ extends qw( # INITIALIZATION -sub init { 1 } +sub init { + return 1; +} # RUNNING METHODS sub getUser { - PE_OK; + return PE_OK; } sub findUser { - PE_OK; + return PE_OK; } # Search exportedVars values in HTTP headers. @@ -54,7 +56,7 @@ sub setSessionInfo { } sub setGroups { - PE_OK; + return PE_OK; } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/WebID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/WebID.pm index ccb4792de2..d0cfae642f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/WebID.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/WebID.pm @@ -3,29 +3,29 @@ package Lemonldap::NG::Portal::UserDB::WebID; use strict; use Mouse; use Lemonldap::NG::Portal::Main::Constants qw( + PE_OK PE_ERROR PE_MISSINGREQATTR - PE_OK ); extends 'Lemonldap::NG::Common::Module'; -our $VERSION = '2.0.0'; +our $VERSION = '2.0.12'; # INITIALIZATION sub init { - 1; + return 1; } # RUNNING METHODS sub getUser { - PE_OK; + return PE_OK; } sub findUser { - PE_OK; + return PE_OK; } sub setSessionInfo { @@ -52,11 +52,12 @@ sub setSessionInfo { return PE_MISSINGREQATTR; } } - PE_OK; + + return PE_OK; } sub setGroups { - PE_OK; + return PE_OK; } 1; -- GitLab From 4751427105c59a708de6f7923c21e448e43531cb Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 1 Apr 2021 23:31:48 +0200 Subject: [PATCH 065/312] Fix error level & Improve doc (#1976) --- doc/sources/admin/finduser.rst | 6 +++++- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm | 5 +++-- lemonldap-ng-portal/t/68-FindUser-with-REST.t | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/doc/sources/admin/finduser.rst b/doc/sources/admin/finduser.rst index e7758f2500..cc84c642f6 100644 --- a/doc/sources/admin/finduser.rst +++ b/doc/sources/admin/finduser.rst @@ -38,6 +38,10 @@ Just enable it in the Manager (section “plugins”). Then, set searching attri Entries are sorted by alphabetical order. +.. attention:: + + LDAP filter works only if an objectClass is set. + .. attention:: Searching request is built based on provided parameters value depending on users backend like this: @@ -46,7 +50,7 @@ Just enable it in the Manager (section “plugins”). Then, set searching attri .. danger:: - This plugin works only with a users backend and the searching or excluding attributes must exist. + This plugin works only with a users backend and of course if the searching or excluding attributes are existing. .. danger:: diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm index f8785ffe4a..5ee0a5037f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm @@ -76,8 +76,9 @@ has findUserFilter => ( is => 'ro', lazy => 1, builder => sub { - $_[0]->conf->{AuthLDAPFilter} - || $_[0]->conf->{LDAPFilter} + + # $_[0]->conf->{AuthLDAPFilter} || + $_[0]->conf->{LDAPFilter} || '(&(uid=$user)(objectClass=inetOrgPerson))'; } ); diff --git a/lemonldap-ng-portal/t/68-FindUser-with-REST.t b/lemonldap-ng-portal/t/68-FindUser-with-REST.t index b09dc698de..77514107e3 100644 --- a/lemonldap-ng-portal/t/68-FindUser-with-REST.t +++ b/lemonldap-ng-portal/t/68-FindUser-with-REST.t @@ -76,7 +76,7 @@ my $json; my $request; my $client = LLNG::Manager::Test->new( { ini => { - logLevel => 'debug', + logLevel => 'error', authentication => 'Null', userDB => 'REST', passwordDB => 'Null', -- GitLab From 393331e366fec613e5f9284b20c3aeb2e67eb14b Mon Sep 17 00:00:00 2001 From: Yadd Date: Fri, 2 Apr 2021 12:48:52 +0200 Subject: [PATCH 066/312] Display Debian/Bullseye --- doc/sources/admin/documentation.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/sources/admin/documentation.rst b/doc/sources/admin/documentation.rst index be9171ea52..b93e5dfa22 100644 --- a/doc/sources/admin/documentation.rst +++ b/doc/sources/admin/documentation.rst @@ -63,6 +63,7 @@ Debian dist LLNG version Se \ Stretch-backports-sloppy `2.0.11 `__ |clean| `LLNG Team `__, "best effort" [3]_ Until Debian 11 release [4]_ **10** Buster `2.0.2 `__ |clean| CVE-2019-19791 tagged as minor `Debian Security Team `__ Probably July 2024 \ Buster-backports `2.0.11 `__ |clean| `LLNG Team `__ Until Debian 11 release [4]_ +\ Bullseye `2.0.11 `__ |clean| `Debian Security Team `__ Probably July 2026 **Next** Testing Latest [5]_ |clean| `LLNG Team `__ =========== ======================== ======================================== ===================================================== ============================================================ =============================== ============================================================= -- GitLab From dccb633531dcd94831abd9b717187a6c2aaed050 Mon Sep 17 00:00:00 2001 From: Yadd Date: Fri, 2 Apr 2021 12:50:46 +0200 Subject: [PATCH 067/312] Display Ubuntu/Hirsute --- doc/sources/admin/documentation.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/sources/admin/documentation.rst b/doc/sources/admin/documentation.rst index b93e5dfa22..975d7a6219 100644 --- a/doc/sources/admin/documentation.rst +++ b/doc/sources/admin/documentation.rst @@ -91,6 +91,7 @@ Ubuntu dist LLNG version Secured 19.10 Eoan `2.0.5 `__ |bad| CVE-2019-15941, CVE-2020-24660 None 20.04 Focal [9]_ `2.0.7 `__ |bad| CVE-2020-24660 None 20.10 Groovy `2.0.8 `__ |bad| CVE-2020-24660 None +20.10 Hirsute `2.0.11 `__ |clean| None =========== ============= ================================ ==================================================================== =========== Bug report -- GitLab From 9f77e89f96159cddd4a1a1817568a87440fbd977 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Fri, 2 Apr 2021 23:57:30 +0200 Subject: [PATCH 068/312] Send exported attributes with REST session server & typos (#2503) --- doc/sources/admin/applications.rst | 2 +- doc/sources/admin/applications/alfresco.rst | 2 +- doc/sources/admin/applications/authbasic.rst | 2 +- .../admin/applications/simplesamlphp.rst | 2 +- doc/sources/admin/applications/spring.rst | 2 +- doc/sources/admin/applications/wordpress.rst | 2 +- doc/sources/admin/authcas.rst | 2 +- doc/sources/admin/authopenidconnect.rst | 4 +- .../admin/authopenidconnect_google.rst | 2 +- doc/sources/admin/authremote.rst | 2 +- doc/sources/admin/configlocation.rst | 4 +- doc/sources/admin/idpopenidconnect.rst | 4 +- doc/sources/admin/idpsaml.rst | 2 +- doc/sources/admin/kerberos.rst | 2 +- doc/sources/admin/logoutforward.rst | 2 +- doc/sources/admin/managerprotection.rst | 2 +- doc/sources/admin/oauth2handler.rst | 2 +- doc/sources/admin/openidconnectservice.rst | 2 +- doc/sources/admin/parameterlist.rst | 2 +- doc/sources/admin/portalmenu.rst | 6 +-- doc/sources/admin/portalservers.rst | 2 +- doc/sources/admin/radius2f-inwebo.rst | 2 +- doc/sources/admin/redirections.rst | 2 +- doc/sources/admin/restsessionbackend.rst | 2 +- doc/sources/admin/soapsessionbackend.rst | 2 +- doc/sources/admin/variables.rst | 2 +- .../Lemonldap/NG/Portal/Plugins/RESTServer.pm | 47 ++++++++++++------- 27 files changed, 61 insertions(+), 48 deletions(-) diff --git a/doc/sources/admin/applications.rst b/doc/sources/admin/applications.rst index 4cc7b4b0ab..430499e97d 100644 --- a/doc/sources/admin/applications.rst +++ b/doc/sources/admin/applications.rst @@ -55,7 +55,7 @@ To integrate a Web application in LL::NG, you have the following possibilities: - Protect the application with the Handler, and push user identity - trough HTTP headers. This is how main Access Manager products, like + through HTTP headers. This is how main Access Manager products, like CA SiteMinder, are working. This also how Apache authentication modules are working, so if your application is compatible with Apache authentication (often called "external authentifcation"), then you diff --git a/doc/sources/admin/applications/alfresco.rst b/doc/sources/admin/applications/alfresco.rst index bb5cc03af8..dc7a943f6d 100644 --- a/doc/sources/admin/applications/alfresco.rst +++ b/doc/sources/admin/applications/alfresco.rst @@ -11,7 +11,7 @@ Presentation Since 4.0 release, it offers an easy way to configure SSO thanks to authentication subsystems. -Authentication against LL::NG can be done trough: +Authentication against LL::NG can be done through: - HTTP headers (LL::NG Handler) - SAML 2 (LL::NG as SAML2 IDP) diff --git a/doc/sources/admin/applications/authbasic.rst b/doc/sources/admin/applications/authbasic.rst index 740728ca38..aa7693063e 100644 --- a/doc/sources/admin/applications/authbasic.rst +++ b/doc/sources/admin/applications/authbasic.rst @@ -28,7 +28,7 @@ Little effort is required to translate the encoded string back into the user name and password, and many popular security tools will decode the strings "on the fly". -So HTTP Basic Authentication is managed trough an HTTP header +So HTTP Basic Authentication is managed through an HTTP header (``Authorization``), that can be forged by LL::NG, with this precautions: diff --git a/doc/sources/admin/applications/simplesamlphp.rst b/doc/sources/admin/applications/simplesamlphp.rst index f8e52a307b..bcad6435c4 100644 --- a/doc/sources/admin/applications/simplesamlphp.rst +++ b/doc/sources/admin/applications/simplesamlphp.rst @@ -80,7 +80,7 @@ We suppose you configured LemonLDAP::NG as as Service Provider. In LL::NG Manager, create an new SP and load simpleSAMLphp metadata -trough URL (by default: +through URL (by default: http://localhost/simplesamlphp/module.php/saml/sp/metadata.php/default-sp): |image1| diff --git a/doc/sources/admin/applications/spring.rst b/doc/sources/admin/applications/spring.rst index 3749184b80..ac186a1c31 100644 --- a/doc/sources/admin/applications/spring.rst +++ b/doc/sources/admin/applications/spring.rst @@ -20,7 +20,7 @@ Configuration You can find all suitable information here: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/preauth.html -To summarize, to get the user connected trough the ``Auth-User`` HTTP +To summarize, to get the user connected through the ``Auth-User`` HTTP Header, use this Sping Security configuration: .. code-block:: xml diff --git a/doc/sources/admin/applications/wordpress.rst b/doc/sources/admin/applications/wordpress.rst index 0b66213bf5..3b010b3f21 100644 --- a/doc/sources/admin/applications/wordpress.rst +++ b/doc/sources/admin/applications/wordpress.rst @@ -43,7 +43,7 @@ User Roles Settings You can assign WP Roles depending on values sent by CAS. The rules syntax is quite special, you can use it or you can just define -macros on LL::NG side and send them trough CAS to keep simple rules on +macros on LL::NG side and send them through CAS to keep simple rules on WP side. For example create a macro ``role_wordpress_admin`` which contains ``1`` diff --git a/doc/sources/admin/authcas.rst b/doc/sources/admin/authcas.rst index 8350e1ab3b..cb567ff6ac 100644 --- a/doc/sources/admin/authcas.rst +++ b/doc/sources/admin/authcas.rst @@ -25,7 +25,7 @@ session under the form: ``_casPT`` = **Proxy ticket value** -They can then be forwarded to applications trough +They can then be forwarded to applications through :ref:`HTTP headers`. .. tip:: diff --git a/doc/sources/admin/authopenidconnect.rst b/doc/sources/admin/authopenidconnect.rst index baf2e0eb0b..726c4252fb 100644 --- a/doc/sources/admin/authopenidconnect.rst +++ b/doc/sources/admin/authopenidconnect.rst @@ -17,8 +17,8 @@ Presentation stacks. It is described here: http://openid.net/connect/. LL::NG can act as an OpenID Connect Relying Party (RP) towards multiple -OpenID Connect Providers (OP). It will get the user identity trough an -ID Token, and grab user attributes trough UserInfo endpoint. +OpenID Connect Providers (OP). It will get the user identity through an +ID Token, and grab user attributes through UserInfo endpoint. As an RP, LL::NG supports a lot of OpenID Connect features: diff --git a/doc/sources/admin/authopenidconnect_google.rst b/doc/sources/admin/authopenidconnect_google.rst index 25325c7868..e5f62851fd 100644 --- a/doc/sources/admin/authopenidconnect_google.rst +++ b/doc/sources/admin/authopenidconnect_google.rst @@ -14,7 +14,7 @@ https://developers.google.com/identity/protocols/OpenIDConnect .. attention:: - Google does not support logout trough OpenID Connect. If + Google does not support logout through OpenID Connect. If you close your session on LL::NG side, your Google session will still be open. diff --git a/doc/sources/admin/authremote.rst b/doc/sources/admin/authremote.rst index dd7a7c351c..7459f2302d 100644 --- a/doc/sources/admin/authremote.rst +++ b/doc/sources/admin/authremote.rst @@ -23,7 +23,7 @@ Presentation be rejected). - The portal of the secondary LL::NG structure is configured to delegate authentication to a remote portal. A request to the main - session database is done (trough + session database is done (through :doc:`SOAP session backend`) to be sure that the session exists. - If ``exportedAttr`` is set, only those attributes are copied in the diff --git a/doc/sources/admin/configlocation.rst b/doc/sources/admin/configlocation.rst index fb15ea66b9..e5534ae795 100644 --- a/doc/sources/admin/configlocation.rst +++ b/doc/sources/admin/configlocation.rst @@ -19,7 +19,7 @@ modules to access it. :ref:`here`. By default, configuration is stored in :doc:`files`, so -access trough network is not possible. To allow this, use +access through network is not possible. To allow this, use :doc:`SOAP` for configuration access, or use a network service like :doc:`SQL database` or :doc:`LDAP directory`. @@ -46,7 +46,7 @@ For example, to configure the ``File`` configuration backend: Manager ------- -Most of configuration can be done trough LemonLDAP::NG Manager (by +Most of configuration can be done through LemonLDAP::NG Manager (by default http://manager.example.com). By default, Manager is protected to allow only the demonstration user diff --git a/doc/sources/admin/idpopenidconnect.rst b/doc/sources/admin/idpopenidconnect.rst index 905118b959..2352054f5b 100644 --- a/doc/sources/admin/idpopenidconnect.rst +++ b/doc/sources/admin/idpopenidconnect.rst @@ -11,8 +11,8 @@ Presentation stacks. It is described here: http://openid.net/connect/. LL::NG can act as an OpenID Connect Provider (OP). It will answer to -OpenID Connect requests to give user identity (trough ID Token) and -information (trough User Info end point). +OpenID Connect requests to give user identity (through ID Token) and +information (through User Info end point). As an OP, LL::NG supports a lot of OpenID Connect features: diff --git a/doc/sources/admin/idpsaml.rst b/doc/sources/admin/idpsaml.rst index 5cb6830115..c0cd860579 100644 --- a/doc/sources/admin/idpsaml.rst +++ b/doc/sources/admin/idpsaml.rst @@ -95,7 +95,7 @@ For each attribute, you can set: - **Mandatory**: if set to "On", then this attribute is required to build the SAML response, an error will displayed if there is no value for it. Optional attribute will be sent only if there is a value - associated. Else it just will be sent trough an attribute response, + associated. Else it just will be sent through an attribute response, if explicitly requested in an attribute request. - **Format**: optional, SAML attribute format. diff --git a/doc/sources/admin/kerberos.rst b/doc/sources/admin/kerberos.rst index 7fa8e8e74f..8ccbb8b778 100644 --- a/doc/sources/admin/kerberos.rst +++ b/doc/sources/admin/kerberos.rst @@ -194,7 +194,7 @@ You can close the Kerberos session: kdestroy -Now you can compare the above result with the same request done trough +Now you can compare the above result with the same request done through the keytab file: :: diff --git a/doc/sources/admin/logoutforward.rst b/doc/sources/admin/logoutforward.rst index d10be6e74a..88b1fc89e9 100644 --- a/doc/sources/admin/logoutforward.rst +++ b/doc/sources/admin/logoutforward.rst @@ -4,7 +4,7 @@ Logout forward Presentation ------------ -Even if LL:NG can catch logout URL trough +Even if LL:NG can catch logout URL through :ref:`virtual host rules`, you can have the need to forward a logout to other applications, to close their local sessions. diff --git a/doc/sources/admin/managerprotection.rst b/doc/sources/admin/managerprotection.rst index a886d7c966..951d6e237e 100644 --- a/doc/sources/admin/managerprotection.rst +++ b/doc/sources/admin/managerprotection.rst @@ -89,7 +89,7 @@ Save the configuration and exit the Manager. .. tip:: - The next time you will access Manager, it will be trough + The next time you will access Manager, it will be through LL::NG. Enable protection on Manager, by editing ``lemonldap-ng.ini``: diff --git a/doc/sources/admin/oauth2handler.rst b/doc/sources/admin/oauth2handler.rst index 68071f3866..89e49725e1 100644 --- a/doc/sources/admin/oauth2handler.rst +++ b/doc/sources/admin/oauth2handler.rst @@ -10,7 +10,7 @@ This Handler is able to check an OAuth2 access token to retrieve the user real session and protect a virtual host like a standard Handler (access control and HTTP headers transmission). -This requires to get an OAuth2 access token trough LL::NG Portal (OpenID +This requires to get an OAuth2 access token through LL::NG Portal (OpenID Connect server). This access token can then be used in the ``Authorization`` header to authenticate to the Web Service / API protected by the OAuth2 Handler. diff --git a/doc/sources/admin/openidconnectservice.rst b/doc/sources/admin/openidconnectservice.rst index 57e75e3806..1b0e0a7a53 100644 --- a/doc/sources/admin/openidconnectservice.rst +++ b/doc/sources/admin/openidconnectservice.rst @@ -64,7 +64,7 @@ Dynamic Registration If dynamic registration is enabled, you can configure the following options to define attributes and extra claims when a new relying party -is registered trough the ``/oauth2/register`` endpoint: +is registered through the ``/oauth2/register`` endpoint: - Exported vars for dynamic registration - Extra claims for dynamic registration diff --git a/doc/sources/admin/parameterlist.rst b/doc/sources/admin/parameterlist.rst index b24abaf486..d3de37a447 100644 --- a/doc/sources/admin/parameterlist.rst +++ b/doc/sources/admin/parameterlist.rst @@ -274,7 +274,7 @@ log4perlConfFile Log4Perl logger configur logLevel Log level, must be set in .ini ✔ ✔ ✔ ✔ logger technical logger ✔ ✔ ✔ ✔ loginHistoryEnabled Enable login history ✔ -logoutServices Send logout trough GET request to these services ✔ +logoutServices Send logout through GET request to these services ✔ lwpOpts Options given to LWP::UserAgent ✔ lwpSslOpts SSL options given to LWP::UserAgent ✔ macros Macros ✔ diff --git a/doc/sources/admin/portalmenu.rst b/doc/sources/admin/portalmenu.rst index 0a653ebb5f..0f6504b5bd 100644 --- a/doc/sources/admin/portalmenu.rst +++ b/doc/sources/admin/portalmenu.rst @@ -20,13 +20,13 @@ LemonLDAP::NG portal menu has 4 modules: - **OIDC Consents**: display user's OpenId Connect consents - **Logout**: logout button -Each module can be activated trough a rule, using user session -information. These rules can be set trough Manager: +Each module can be activated through a rule, using user session +information. These rules can be set through Manager: ``General Parameters`` > ``Portal`` > ``Menu`` > ``Modules activation``. You can use ``0`` or ``1`` to disable/enable the module, or use a more complex rule. For example, to display the password change form only for -user authenticated trough LDAP or DBI: +user authenticated through LDAP or DBI: .. code-block:: perl diff --git a/doc/sources/admin/portalservers.rst b/doc/sources/admin/portalservers.rst index 5de9cde13f..9e440156be 100644 --- a/doc/sources/admin/portalservers.rst +++ b/doc/sources/admin/portalservers.rst @@ -16,7 +16,7 @@ Configuration ------------- - **SOAP/REST exported attributes**: list session attributes shared - trough SOAP/REST + through SOAP/REST - Use ``+`` to append to the default list of technical attributes, example: ``+ uid mail`` diff --git a/doc/sources/admin/radius2f-inwebo.rst b/doc/sources/admin/radius2f-inwebo.rst index 8abcb86296..3492f70946 100644 --- a/doc/sources/admin/radius2f-inwebo.rst +++ b/doc/sources/admin/radius2f-inwebo.rst @@ -2,7 +2,7 @@ InWebo Second Factor ==================== `InWebo `_ is a proprietary MFA solution. -You can use is as second factor trough :doc:`Radius 2FA module`. +You can use is as second factor through :doc:`Radius 2FA module`. Configuration ~~~~~~~~~~~~~ diff --git a/doc/sources/admin/redirections.rst b/doc/sources/admin/redirections.rst index 8e2be6e507..d954debeeb 100644 --- a/doc/sources/admin/redirections.rst +++ b/doc/sources/admin/redirections.rst @@ -39,7 +39,7 @@ Handler use the default Apache error code for the following cases: - An error occurs on server side: SERVER_ERROR (500) - The application is in maintenance: HTTP_SERVICE_UNAVAILABLE (503) -These errors can be catch trough Apache ``ErrorDocument`` directive or +These errors can be catch through Apache ``ErrorDocument`` directive or Nginx ``error_page`` directive, to redirect user on a specific page: .. code-block:: apache diff --git a/doc/sources/admin/restsessionbackend.rst b/doc/sources/admin/restsessionbackend.rst index 6d88e1bc68..9e845f7c8a 100644 --- a/doc/sources/admin/restsessionbackend.rst +++ b/doc/sources/admin/restsessionbackend.rst @@ -33,7 +33,7 @@ protected with a firewall that only accepts HTTP flows. Most of the time, REST session backend is used by Handlers installed on external servers. -To configure it, REST session backend will be set trough Manager in +To configure it, REST session backend will be set through Manager in global configuration (used by all Handlers), and the real session backend will be configured for local components in lemonldap-ng.ini. diff --git a/doc/sources/admin/soapsessionbackend.rst b/doc/sources/admin/soapsessionbackend.rst index 52530d0dba..2578d8385b 100644 --- a/doc/sources/admin/soapsessionbackend.rst +++ b/doc/sources/admin/soapsessionbackend.rst @@ -17,7 +17,7 @@ protected with a firewall that only accepts HTTP flows. Most of the time, SOAP session backend is used by Handlers installed on external servers. -To configure it, SOAP session backend will be set trough Manager in +To configure it, SOAP session backend will be set through Manager in global configuration (used by all Hanlders), and the real session backend will be configured for local components in lemonldap-ng.ini. diff --git a/doc/sources/admin/variables.rst b/doc/sources/admin/variables.rst index 41a2abead0..4ae8513607 100644 --- a/doc/sources/admin/variables.rst +++ b/doc/sources/admin/variables.rst @@ -141,7 +141,7 @@ OpenID ================ ============================================= Key Description ================ ============================================= -\_openid\_\ *id* Consent to share attribute *id* trough OpenID +\_openid\_\ *id* Consent to share attribute *id* through OpenID ================ ============================================= OpenID Connect diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm index adb75de83f..9153e20a07 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm @@ -64,7 +64,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_PASSWORD_OK ); -our $VERSION = '2.0.10'; +our $VERSION = '2.0.12'; extends qw( Lemonldap::NG::Portal::Main::Plugin @@ -85,7 +85,7 @@ has exportedAttr => ( default => sub { my $conf = $_[0]->{conf}; if ( $conf->{exportedAttr} and $conf->{exportedAttr} !~ /^\s*\+/ ) { - return [ split /\s+/, $conf->{exportedAttr} ]; + return '[' . join( ',', split /\s+/, $conf->{exportedAttr} ) . ']'; } else { my @attributes = ( @@ -247,6 +247,7 @@ sub init { ); extends @parents if ($add); $self->setTypes( $self->conf ) if ( $self->conf->{restSessionServer} ); + return 1; } @@ -326,9 +327,8 @@ sub newAuthSession { $self->logger->debug( "REST authentication result for $req->{user}: code $req->{error}"); - if ( $req->error > 0 ) { - return $self->p->sendError( $req, 'Bad credentials', 401 ); - } + return $self->p->sendError( $req, 'Bad credentials', 401 ) + if ( $req->error > 0 ); return $self->session( $req, $id ); } @@ -368,11 +368,13 @@ sub delSession { $self->logger->debug("REST request to delete session $id"); my $res = $self->p->_deleteSession( $req, $session ); $self->logger->debug(" Result is $res"); + return $self->p->sendJSONresponse( $req, { result => $res } ); } sub delMySession { my ( $self, $req, $id ) = @_; + return $self->delSession( $req, $req->userData->{_session_id} ); } @@ -380,10 +382,9 @@ sub mysession { my ( $self, $req ) = @_; # 1. whoami - if ( defined $req->param('whoami') ) { - return $self->p->sendJSONresponse( $req, - { result => $req->userData->{ $self->conf->{whatToTrace} } } ); - } + return $self->p->sendJSONresponse( $req, + { result => $req->userData->{ $self->conf->{whatToTrace} } } ) + if defined $req->param('whoami'); if ( defined $req->param('gettoken') ) { return $self->p->sendJSONresponse( $req, @@ -416,6 +417,7 @@ sub mysession { $self->logger->debug(" Result is $res"); return $self->p->sendJSONresponse( $req, { result => $res } ); } + return $self->p->sendError( $req, 'whoami or authorizationfor is required', 400 ); } @@ -423,7 +425,18 @@ sub mysession { sub getMyKey { my ( $self, $req, $key ) = @_; $key ||= ''; - $self->logger->debug("Request to get personal session info -> Key : $key"); + if ($key) { + $self->logger->debug( + "Request to get personal session info -> Key: $key"); + } + else { + my $keys = $self->exportedAttr; + $keys =~ s/(?:\[|\])//g; + $keys =~ s/,/, /g; + $self->logger->debug( + "Request to get exported attributes -> Keys: $keys"); + } + return $self->session( $req, $req->userData->{_session_id}, @@ -435,6 +448,7 @@ sub updateMySession { my ( $self, $req ) = @_; my $res = 0; my $mKeys = []; + if ( my $token = $req->param('token') ) { if ( $self->ott->getToken($token) ) { if ( $req->param('sessionType') eq 'persistent' ) { @@ -469,9 +483,8 @@ sub updateMySession { else { $self->logger->error('Update session request without token'); } - unless ($res) { - return $self->p->sendError( $req, 'Modification refused', 403 ); - } + + return $self->p->sendError( $req, 'Modification refused', 403 ) unless $res; return $self->p->sendJSONresponse( $req, { result => 1, count => $res, modifiedKeys => $mKeys } ); } @@ -482,6 +495,7 @@ sub delKeyInMySession { my $mKeys = []; my $dkey = $req->param('key'); my $sub = $req->param('sub'); + if ( my $token = $req->param('token') ) { if ( $self->ott->getToken($token) ) { if ( $req->param('sessionType') eq 'persistent' ) { @@ -554,9 +568,8 @@ sub delKeyInMySession { else { $self->logger->error('Update session request without token'); } - unless ($res) { - return $self->p->sendError( $req, 'Modification refused', 403 ); - } + + return $self->p->sendError( $req, 'Modification refused', 403 ) unless $res; return $self->p->sendJSONresponse( $req, { result => 1, count => $res, modifiedKeys => $dkey } ); } @@ -765,8 +778,8 @@ sub _checkSecret { $self->logger->error('Bad key, force denied'); } } - return $isValid; + return $isValid; } 1; -- GitLab From 64dffcf4d067e5ccc6f9a3dfd90b5c1dd87c480d Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Sat, 3 Apr 2021 16:46:43 +0200 Subject: [PATCH 069/312] Send only technical and exported attributes (#2503) --- .../lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm | 8 +++++--- .../lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm | 10 ++++++---- .../t/61-AdaptativeAuthenticationLevel.t | 6 +++++- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm index 9153e20a07..e87e5c1e13 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm @@ -78,7 +78,6 @@ has configStorage => ( $_[0]->{p}->HANDLER->localConfig->{configStorage}; } ); - has exportedAttr => ( is => 'rw', lazy => 1, @@ -97,14 +96,17 @@ has exportedAttr => ( if ( my $exportedAttr = $conf->{exportedAttr} ) { $exportedAttr =~ s/^\s*\+\s+//; @attributes = ( @attributes, split( /\s+/, $exportedAttr ) ); + + # Convert @attributes into hash to remove duplicates + my %attributes = map( { $_ => 1 } @attributes ); + return '[' . join( ',', keys %attributes ) . ']'; } - # convert @attributes into hash to remove duplicates + # Convert @attributes into hash to remove duplicates my %attributes = map( { $_ => 1 } @attributes ); %attributes = ( %attributes, %{ $conf->{exportedVars} }, %{ $conf->{macros} }, ); - return '[' . join( ',', keys %attributes ) . ']'; } } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm index 87c4bf6a00..98548dade0 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm @@ -18,7 +18,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( PE_FORMEMPTY ); -our $VERSION = '2.0.10'; +our $VERSION = '2.0.12'; extends qw( Lemonldap::NG::Portal::Main::Plugin @@ -26,7 +26,6 @@ extends qw( ); has server => ( is => 'rw' ); - has configStorage => ( is => 'ro', lazy => 1, @@ -34,7 +33,6 @@ has configStorage => ( $_[0]->{p}->HANDLER->localConfig->{configStorage}; } ); - has exportedAttr => ( is => 'rw', lazy => 1, @@ -53,9 +51,13 @@ has exportedAttr => ( if ( my $exportedAttr = $conf->{exportedAttr} ) { $exportedAttr =~ s/^\s*\+\s+//; @attributes = ( @attributes, split( /\s+/, $exportedAttr ) ); + + # Convert @attributes into hash to remove duplicates + my %attributes = map( { $_ => 1 } @attributes ); + return '[' . join( ',', keys %attributes ) . ']'; } - # convert @attributes into hash to remove duplicates + # Convert @attributes into hash to remove duplicates my %attributes = map( { $_ => 1 } @attributes ); %attributes = ( %attributes, %{ $conf->{exportedVars} }, %{ $conf->{macros} }, diff --git a/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t b/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t index dcacae271c..774ba906d2 100644 --- a/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t +++ b/lemonldap-ng-portal/t/61-AdaptativeAuthenticationLevel.t @@ -21,6 +21,7 @@ my $client = LLNG::Manager::Test->new( { '$uid eq "msmith"' => '=5', }, restSessionServer => 1, + exportedAttr => '+ mail uid _session_id' } } ); @@ -46,8 +47,11 @@ ok( count(1); $json = expectJSON($res); +ok( $json->{uid} eq 'dwho', 'uid found' ) or explain( $json, "uid='dwho'" ); ok( $json->{authenticationLevel} == 3, 'Authentication level upgraded' ); -count(1); +ok( scalar keys %$json == 10, 'Ten exported attributes found' ) + or explain( $json, 'Ten exported attributes' ); +count(3); ok( $client->logout($id), 'Logout' ); count(1); -- GitLab From fc7d907d3e1605fa8ed74c8387b39aab2678132f Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Sat, 3 Apr 2021 16:53:20 +0200 Subject: [PATCH 070/312] Fix doc (#2503) --- doc/sources/admin/applications/wikijs.rst | 6 +++--- doc/sources/admin/portalservers.rst | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/sources/admin/applications/wikijs.rst b/doc/sources/admin/applications/wikijs.rst index dad881e6c3..ab44bdf239 100644 --- a/doc/sources/admin/applications/wikijs.rst +++ b/doc/sources/admin/applications/wikijs.rst @@ -1,5 +1,5 @@ Wiki.js -===== +======= |image0| @@ -14,7 +14,7 @@ complete presentation. It feature an OpenID Connect login that work with LemonLDAP::NG. Configuring Wiki.js ------------------ +------------------- Connect to your wiki.js instance with an Admin user, in the admin panel, go to "Authentication". @@ -45,7 +45,7 @@ with the following parameters (Options -> Basic) : * **Allowed redirection addresses for login**: The "Callback URL" defined in wiki.js. \_Portal with internal CA -^^^^^^^^^^^^^^^^^^ +^^^^^^^^^^^^^^^^^^^^^^^^^ .. danger:: diff --git a/doc/sources/admin/portalservers.rst b/doc/sources/admin/portalservers.rst index 9e440156be..687332fdf7 100644 --- a/doc/sources/admin/portalservers.rst +++ b/doc/sources/admin/portalservers.rst @@ -18,7 +18,7 @@ Configuration - **SOAP/REST exported attributes**: list session attributes shared through SOAP/REST - - Use ``+`` to append to the default list of technical attributes, + - Use ``+`` to append the default list of technical attributes, example: ``+ uid mail`` REST -- GitLab From c25e7e79a932c66e7b42cce243c40b05aef8fbeb Mon Sep 17 00:00:00 2001 From: Yadd Date: Sun, 4 Apr 2021 18:09:20 +0200 Subject: [PATCH 071/312] Fix tip/attention format --- doc/sources/admin/documentation.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/sources/admin/documentation.rst b/doc/sources/admin/documentation.rst index 975d7a6219..38a167d233 100644 --- a/doc/sources/admin/documentation.rst +++ b/doc/sources/admin/documentation.rst @@ -48,9 +48,9 @@ their policy. Debian ^^^^^^ -Following Debian Policy, LLNG packages are never upgraded in -published distributions. However, security patches are backported by -maintenance teams *(except minor ones)*. +.. tip:: + + Following Debian Policy, LLNG packages are never upgraded in published distributions. However, security patches are backported by maintenance teams *(except some inor ones)*. =========== ======================== ======================================== ===================================================== ============================================================ =============================== ============================================================= Debian dist LLNG version Secured Maintenance LTS Limit `Extended LTS `__ Limit @@ -75,9 +75,9 @@ Tracker `__ for more. Ubuntu ^^^^^^ -Ubuntu version are included in "universe" branch [8]_, so -not really security maintained. Prefer to use our repositories or Debian -ones +.. attention:: + + Ubuntu version are included in "universe" branch [8]_, so not really security maintained. Prefer to use our repositories or Debian ones =========== ============= ================================ ==================================================================== =========== Ubuntu dist LLNG version Secured Maintenance -- GitLab From f930e449abee29622763d924f7730d27fbde9a25 Mon Sep 17 00:00:00 2001 From: Yadd Date: Wed, 7 Apr 2021 13:46:32 +0200 Subject: [PATCH 072/312] Order language keys --- .../site/htdocs/static/languages/ar.json | 881 +++++++++-------- .../site/htdocs/static/languages/de.json | 881 +++++++++-------- .../site/htdocs/static/languages/en.json | 899 +++++++++--------- .../site/htdocs/static/languages/es.json | 881 +++++++++-------- .../site/htdocs/static/languages/fr.json | 899 +++++++++--------- .../site/htdocs/static/languages/it.json | 881 +++++++++-------- .../site/htdocs/static/languages/pl.json | 881 +++++++++-------- .../site/htdocs/static/languages/tr.json | 881 +++++++++-------- .../site/htdocs/static/languages/vi.json | 881 +++++++++-------- .../site/htdocs/static/languages/zh.json | 881 +++++++++-------- .../site/htdocs/static/languages/zh_TW.json | 881 +++++++++-------- .../site/htdocs/static/languages/ar.json | 74 +- .../site/htdocs/static/languages/de.json | 74 +- .../site/htdocs/static/languages/en.json | 74 +- .../site/htdocs/static/languages/es.json | 74 +- .../site/htdocs/static/languages/fi.json | 74 +- .../site/htdocs/static/languages/fr.json | 122 +-- .../site/htdocs/static/languages/it.json | 74 +- .../site/htdocs/static/languages/nl.json | 74 +- .../site/htdocs/static/languages/pl.json | 74 +- .../site/htdocs/static/languages/pt.json | 74 +- .../site/htdocs/static/languages/ro.json | 74 +- .../site/htdocs/static/languages/tr.json | 74 +- .../site/htdocs/static/languages/vi.json | 74 +- .../site/htdocs/static/languages/zh.json | 74 +- .../site/htdocs/static/languages/zh_TW.json | 74 +- 26 files changed, 5437 insertions(+), 5448 deletions(-) diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index e2f08561ee..4907383291 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"2ndFA sessions explorer", +"2ndFA":"Second Factors", +"ADPwdExpireWarning":"تحذير انتهاء صلاحية كلمة المرور", +"ADPwdMaxAge":"الحد الأقصى لصلحية كلمة المرور", +"AuthLDAPFilter":"فلتر إثبات الهوية", +"Configuration":"تضبيط", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"فلتر الاعْتيادي", +"OpenIDConnect":"أوبين أيدي كونيكت", +"OptionalTitle":"عنوان الخيارات", +"SMTP":"بروتوكول إرسال البريد SMTP", +"SMTPAuthPass":"كلمة المرور بروتوكول إرسال البريد SMTP", +"SMTPAuthUser":"SMTP المستخدم", +"SMTPPort":"منفذ بروتوكول إرسال البريد SMTP", +"SMTPServer":"خادم بروتوكول إرسال البريد SMTP", +"SMTPTLS":"بروتوكول سسل / تلس", +"SMTPTLSOpts":"خيارات سسل / تلس", +"SSLAuthnLevel":"مستوى إثبات الهوية", +"SSLVar":"حقل الشهادة الرقمية المستخرجة", +"SSLVarIf":"حقل الشهادة الرقمية المستخرجة الشرطية", +"Same":"نفسه", "_auth":"إثبات الهوية", "_authChoice":"طريقة إثبات الهوية", "_idp":"معرف كيان IDP", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"التوقيت الزمني في إثبات الهوية", "_lastSeen":"التوقيت الزمني لآخرنشاط قمت به", "_loginHistory":"سجل تسجيل الدخول", +"_oidc_OP":"مزود المفتاح", "_oidc_access_token":"رمز الدخول", "_oidc_id_token":"هوية التوكن", -"_oidc_OP":"مزود المفتاح", "_password":"كلمه السر", "_passwordDB":"كلمه السر", "_samlToken":"رمز SAML", @@ -20,42 +41,38 @@ "_startTime":"تاريخ الإنشاء", "_timezone":"المنطقة الزمنية", "_updateTime":"تاريخ التحديث", +"_url":"عنوان الموقع الأصلي", "_user":"تسجيل الدخول", "_userDB":"المستخدم", -"_url":"عنوان الموقع الأصلي", "_utime":"التوقيت الزمني للجلسة", -"2faSessions":"2ndFA sessions explorer", -"2ndFA":"Second Factors", -"actives":"مفعلة", "activeTimer":"قبول تلقائي للوقت", +"actives":"مفعلة", +"adParams":"معاييرأكتيف ديريكتوري", "adaptativeAuthenticationLevelRules":"Adaptative authentication rules", "addAppCasPartner":"إضافة تطبيق كاس", "addIDPSamlPartner":"أضف IDP SAML", "addOidcAttribute":"إضافة صفة", "addOidcOp":"إضافة أوبين أيدي كونيكت بروفيدر", "addOidcRp":"إضافة الطرف المعول لي أوبين أيدي كونيكت", -"addSamlAttribute":"إضافة صفة", "addSPSamlPartner":"إضافة SP SAML", +"addSamlAttribute":"إضافة صفة", "addSrvCasPartner":"إضافة سرفر كاس", -"addU2FKey":"Add U2F key", "addTOTPKey":"Add TOTP key", +"addU2FKey":"Add U2F key", "addVhost":"إضافة خادم افتراضي", -"adParams":"معاييرأكتيف ديريكتوري", -"ADPwdExpireWarning":"تحذير انتهاء صلاحية كلمة المرور", -"ADPwdMaxAge":"الحد الأقصى لصلحية كلمة المرور", "advancedParams":"المعايير المتقدمة", "allowedMarkups":"السماح بالترميز:", "always":"Always", -"apacheParams":"معاييرأباتش", "apacheAuthnLevel":"مستوى إثبات الهوية", +"apacheParams":"معاييرأباتش", "application":"تطبيق", "applicationDisplay":"عرض التطبيق", "applicationList":"الاقسام والتطبيقات", "applyResult":"تطبيق النتيجة", "appsInThisCat":"التطبيقات في هذه الفئة", "array":"Array", -"attributesAndMacros":" السمات و الماكرو", "attributeName":"Attribute name", +"attributesAndMacros":" السمات و الماكرو", "authAndUserdb":"الترخيص وقاعدة بيانات المستخدم", "authChain":"سلسلة إثبات الهوية", "authChoice":"اختيار إثبات الهوية", @@ -63,16 +80,15 @@ "authChoiceFindUser":"FindUser plugin parameter", "authChoiceModules":"الوحدات المسموح بها", "authChoiceParam":"معايير URL", +"authOnly":"إثبات الهوية فقط", +"authParams":"معايير إثبات الهوية", "authentication":"وحدة إثبات الهوية", -"authenticationNeeded":"لزوم إثبات الهوية", "authenticationLevel":"مستوى إثبات الهوية", +"authenticationNeeded":"لزوم إثبات الهوية", "authenticationTitle":"إثبات الهوية", -"AuthLDAPFilter":"فلتر إثبات الهوية", -"authOnly":"إثبات الهوية فقط", "author":"المؤلف", "authorIPAddress":"مؤلف عنوان الآي بي", "authorizedValues":"القيم المعتمدة", -"authParams":"معايير إثبات الهوية", "auto":"تلقائي", "autoSignin":"Auto Signin", "autoSigninRules":"القواعد", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Expression containing an assignment. You can use \\x3D to avoid this warning.", "badHeaderName":" حقل الهيدر خاطئ", "badHostname":"اسم الخادم خاطئ", -"badLdapUri":"\n URI LDAP خاطئ", -"badKeyName":"اسم المفتاح خاطئ", "badIPv4Address":"عنوان الآي بي في4 خاطئ", +"badKeyName":"اسم المفتاح خاطئ", +"badLdapUri":"\n URI LDAP خاطئ", "badMacroName":"اسم الماكرو خاطئة", "badMetadataName":"اسم البيانات الوصفية خاطئ", "badPemEncoding":"تشفير بيم خاطئ", @@ -104,17 +120,17 @@ "blackList":"القائمة السوداء", "bool":"Boolean", "browse":"تصفح", -"browsersDontStorePassword":"Avoid browsers to store users password", +"browseTree":"تصفح الهيكل", "browserIdAuthnLevel":"مستوى إثبات الهوية", "browserIdAutoLogin":"تسجيل الدخول التلقائي", "browserIdBackgroundColor":"لون الخلفية", -"browseridParams":"تصفح آي دي المعايير", "browserIdSiteLogo":"شعار الموقع", "browserIdSiteName":"اسم الموقع", "browserIdVerificationURL":"التحقق في اليو آر إل", -"browseTree":"تصفح الهيكل", -"bruteForceProtection":"تفعيل", +"browseridParams":"تصفح آي دي المعايير", +"browsersDontStorePassword":"Avoid browsers to store users password", "bruteForceAttackProtection":"Brute-force attack protection", +"bruteForceProtection":"تفعيل", "bruteForceProtectionIncrementalTempo":"Incremental lock", "bruteForceProtectionLockTimes":"Incremental lock times", "bruteForceProtectionMaxFailed":"Allowed failed logins", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"التفعيل في إعادة تعيين كلمة المرور بواسطة استمارة البريد", "captcha_register_enabled":"التفعيل في استمارة التسجيل", "captcha_size":"حجم", -"casAuthnLevel":"مستوى إثبات الهوية", "casAccessControlPolicy":"سياسة مراقبة الدخول", "casApp":"تطبيق كاس", "casAppMetaDataExportedVars":"السمات المصدرة", +"casAppMetaDataMacros":"ماكرو", "casAppMetaDataNodes":"تطبيق كاس", "casAppMetaDataOptions":"خيارات", -"casAppMetaDataOptionsService":"خدمة أل يو أر ل", "casAppMetaDataOptionsAuthnLevel":"مستوى إثبات الهوية", "casAppMetaDataOptionsRule":"القاعدة", -"casAppMetaDataMacros":"ماكرو", +"casAppMetaDataOptionsService":"خدمة أل يو أر ل", "casAppMetaDataOptionsUserAttribute":"خاصّيّة المستخدم", "casAppName":"اسم التطبيق كاس", "casAttr":"تسجيل الدخول كاس", "casAttributes":"السمات المصدرة لي كاس", +"casAuthnLevel":"مستوى إثبات الهوية", "casParams":"معايير كاس", "casServiceMetadata":"خدمة كاس", "casSrv":"خادم كاس", "casSrvMetaDataExportedVars":"السمات المصدرة", +"casSrvMetaDataNodes":"خوادم كاس", "casSrvMetaDataOptions":"الخيارات", "casSrvMetaDataOptionsDisplay":"عرض", "casSrvMetaDataOptionsDisplayName":"الاسم المطلوب عرضه", "casSrvMetaDataOptionsGateway":"بوابة إثبات الهوية", "casSrvMetaDataOptionsIcon":"مسارالأيقونة", -"casSrvMetaDataOptionsSortNumber":"Order", -"casSrvMetaDataOptionsRenew":"تجديد إثبات الهوية", "casSrvMetaDataOptionsProxiedServices":"خدمات البروكسي", +"casSrvMetaDataOptionsRenew":"تجديد إثبات الهوية", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsUrl":" يو أر ل الخادم", -"casSrvMetaDataNodes":"خوادم كاس", "casSrvName":"اسم خادم كاس", "casStorage":"اسم وحدة جلسات كاس", "casStorageOptions":" خيارات وحدة جلسات كاس", "categoryName":"اسم الفئة", "cda":"نطاقات متعددة", "certificateMailContent":"محتوى البريد", -"certificateResetByMailManagement":"Certificate management", -"certificateResetByMailURL":"Reset page URL", "certificateResetByMailCeaAttribute":" Certificate Exact Assertion attribute name", "certificateResetByMailCertificateAttribute":" Certificate binary content attribute name", -"certificateResetByMailStep1Subject":"Reset mail subject", +"certificateResetByMailManagement":"Certificate management", "certificateResetByMailStep1Body":"Reset mail content", -"certificateResetByMailStep2Subject":"Confirmation mail subject", +"certificateResetByMailStep1Subject":"Reset mail subject", "certificateResetByMailStep2Body":"Confirmation mail content", +"certificateResetByMailStep2Subject":"Confirmation mail subject", +"certificateResetByMailURL":"Reset page URL", "certificateResetByMailValidityDelay":"Minimum duration before expiration", -"contentSecurityPolicy":"السياسة الأمنية للمحتوى", -"contextSwitching":"Switch context another user", -"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", -"contextSwitchingHiddenAttributes":"السمات المخفية", -"contextSwitchingIdRule":"Identities use rule", -"contextSwitchingRule":"استخدام القاعدة", -"contextSwitchingStopWithLogout":"Stop by logout", -"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", -"cspConnect":"وجهات أجاكس", -"cspDefault":"القيمة الاعتيادية ", -"cspFont":" مصدر نوع الخط", -"cspFormAction":"Form destinations", -"cspFrameAncestors":"Frame ancestors URL", -"cspImg":"مصدر الصورة", -"cspScript":"مصدر السكربت", -"cspStyle":"مصدر الأسلوب ", -"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", -"corsEnabled":"تفعيل", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Summary", "cfgVersion":"عملية ضبط الإصدارات", -"checkXSS":"تحقق من هجمات XSS", -"clickHereToForce":"انقر هنا لإجبار", -"claimName":"Claim name", -"checkboxes":"Checkboxes", "checkDevOps":"Activation", "checkDevOpsDownload":"Download file", "checkState":"تفعيل", "checkStateSecret":"سر مشترك", -"checkUsers":"SSO profile check", "checkUser":"تفعيل", "checkUserDisplay":"Display", -"checkUserIdRule":"Identities use rule", -"checkUserHiddenAttributes":"السمات المخفية", -"checkUserUnrestrictedUsersRule":"Unrestricted users rule", "checkUserDisplayComputedSession":"Computed sessions", -"checkUserDisplayPersistentInfo":"Persistent session data", "checkUserDisplayEmptyHeaders":"Empty headers", "checkUserDisplayEmptyValues":"Empty values", "checkUserDisplayNormalizedHeaders":"Normalized headers", +"checkUserDisplayPersistentInfo":"Persistent session data", +"checkUserHiddenAttributes":"السمات المخفية", "checkUserHiddenHeaders":"Hidden headers", +"checkUserIdRule":"Identities use rule", "checkUserSearchAttributes":"Attributes used for searching sessions", +"checkUserUnrestrictedUsersRule":"Unrestricted users rule", +"checkUsers":"SSO profile check", +"checkXSS":"تحقق من هجمات XSS", +"checkboxes":"Checkboxes", "choiceParams":"اختيارالإعدادات", "chooseLogo":"اختيار الشعار", "chooseSkin":"اختيار الغلاف", +"claimName":"Claim name", +"clickHereToForce":"انقر هنا لإجبار", +"combModules":"قائمة الوحدات", "combination":"دمج", "combinationParams":"دمج المعلومات", "combineMods":"دمج الوحدات", -"combModules":"قائمة الوحدات", "comment":"تعليق", "comments":"التعليقات", +"compactConf":"Compact configuration file", "condition":"شرط", "conf":"تضبيط", -"Configuration":"تضبيط", -"confirmFormMethod":"طريقة تأكيد الاستمارة", "confModuledeprecated":"لقد تم إهمال هذه الوحدة، وضع \"forceUpload=1\" في ملف lemonldap-ng.ini لتستخدمها", "confNotChanged":"لم يتم اكتشاف أي تغيير،رفض التسجيل", "confSaved":"تم حفظ الهيئة", "confWasChanged":"تم تغيير الإعدادات", +"confirmFormMethod":"طريقة تأكيد الاستمارة", "connectionTitle":" الاتصال", "content":"محتوى", +"contentSecurityPolicy":"السياسة الأمنية للمحتوى", +"contextSwitching":"Switch context another user", +"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", +"contextSwitchingHiddenAttributes":"السمات المخفية", +"contextSwitchingIdRule":"Identities use rule", +"contextSwitchingRule":"استخدام القاعدة", +"contextSwitchingStopWithLogout":"Stop by logout", +"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", "cookieExpiration":"وقت انتهاء صلاحية ملفات تعريف الارتباط", "cookieName":"اسم ملف تعريف الارتباط", "cookieParams":"ملفات تعريف الارتباط", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"تفعيل", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"أحدث", +"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"API key", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"Base URL of local API", +"cspConnect":"وجهات أجاكس", +"cspDefault":"القيمة الاعتيادية ", +"cspFont":" مصدر نوع الخط", +"cspFormAction":"Form destinations", +"cspFrameAncestors":"Frame ancestors URL", +"cspImg":"مصدر الصورة", +"cspScript":"مصدر السكربت", +"cspStyle":"مصدر الأسلوب ", "currentConfiguration":"الإعدادات الحالية", "customAddParams":"معايير إضافية", "customAuth":"وحدة إثبات الهوية مخصصة", @@ -257,21 +272,23 @@ "customResetCertByMail":"Custom certificateResetByMail module", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"وحدة قاعدة البيانات المخصصة", +"databaseLocked":"قاعدة البيانات مقفلة بواسطة مُعَالَج آخر", "date":"تاريخ", +"dateTitle":"تاريخ", "dbiAuthChain":"سلسلة", "dbiAuthLoginCol":"اسم حقل تسجيل الدخول", -"dbiAuthnLevel":"مستوى إثبات الهوية", "dbiAuthPassword":"كلمة المرور", "dbiAuthPasswordCol":"اسم حقل كلمة المرور", "dbiAuthPasswordHash":"هاش المخطط", -"dbiDynamicHash":"dynamic hashing", -"dbiDynamicHashEnabled":"dynamic hash activation", -"dbiDynamicHashValidSchemes":"Supported non-salted schemes", -"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", -"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", "dbiAuthTable":"جدول إثبات الهوية", "dbiAuthUser":"المستخدم", +"dbiAuthnLevel":"مستوى إثبات الهوية", "dbiConnection":"الاتصال", +"dbiDynamicHash":"dynamic hashing", +"dbiDynamicHashEnabled":"dynamic hash activation", +"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", +"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", +"dbiDynamicHashValidSchemes":"Supported non-salted schemes", "dbiExportedVars":"المتغيرات المصدرة", "dbiParams":"معايير DBI", "dbiPassword":"كلمة المرور ", @@ -283,31 +300,29 @@ "decryptValueRule":"استخدام القاعدة", "default":"الاعْتيادي", "defaultRule":"القاعدة الاعتيادية ", -"demoModeOn":"هذا المدير يعمل في طريقة العرض", "deleteEntry":"حذف", "deleteNotification":"حذف", "deleteSession":"حذف الجلسة", -"deleteU2FKey":"Delete U2F key", "deleteTOTPKey":"Delete TOTP key", +"deleteU2FKey":"Delete U2F key", "demoExportedVars":"المتغيرات المصدرة", +"demoModeOn":"هذا المدير يعمل في طريقة العرض", "demoParams":"إثبات المعايير", "description":"التفاصيل", "dest":"Recipient", -"diffViewer":"المشاهد المختلف", "devOpsCheck":"Check DevOps handler file", +"diffViewer":"المشاهد المختلف", "diffWithPrevious":"الفرق مع السابق", +"disablePersistentStorage":"Disable storage", "disabled":"معطلة", "displaySessionId":"Display session identifier", +"dn":"دي أن", +"domain":"نطاق", "done":"تم", "dones":"تم", -"down":"Move down", "doubleCookie":"ملف تعريف الارتباط مزدوج(إتش تي تي بي و إتش تي تي بي س)", "doubleCookieForSingleSession":"ملف تعريف ارتباط مزدوج لجلسة واحدة", -"databaseLocked":"قاعدة البيانات مقفلة بواسطة مُعَالَج آخر", -"dateTitle":"تاريخ", -"dn":"دي أن", -"domain":"نطاق", -"compactConf":"Compact configuration file", +"down":"Move down", "download":"تحميل", "downloadIt":"نزله", "duplicate":"مكررة", @@ -316,21 +331,20 @@ "emptyConf":"إعدادات فارغة", "emptyValueNotAllowed":"القيمة الفارغة غير مسموح بها", "enabled":"مفعلة", -"disablePersistentStorage":"Disable storage", "enterPassword":"أدخل كلمة المرور (اختياري)", "error":"خطأ", "errors":"ERRORS", "exportedAttr":"SOAP/REST السمات المصدرة", "exportedHeaders":"الهيدر المصدرة", "exportedVars":"المتغيرات المصدرة", +"ext2FSendCommand":"إرسال الأمر", +"ext2FValidateCommand":"التحقق من صحة الأمر", "ext2f":" العامل الثاني الخارجي", "ext2fActivation":"تفعيل", -"ext2fCodeActivation":"Code regex", "ext2fAuthnLevel":"مستوى إثبات الهوية", +"ext2fCodeActivation":"Code regex", "ext2fLabel":"Label", "ext2fLogo":"شعار", -"ext2FSendCommand":"إرسال الأمر", -"ext2FValidateCommand":"التحقق من صحة الأمر", "facebookAppId":"هوية تطبيق فاسيبوك", "facebookAppSecret":"كلمة السرلتطبيق فاسيبوك", "facebookAuthnLevel":"مستوى إثبات الهوية", @@ -340,16 +354,16 @@ "failedLoginNumber":"عدد عمليات تسجيل الدخول الفاشلة المسجلة", "fileToUpload":"الملف الذي ستحمله", "findUser":"Activation", -"findUsers":"Search for user account", "findUserControl":"Parameters control", "findUserExcludingAttributes":"Excluding attributes", "findUserSearchingAttributes":"Searching attributes", "findUserWildcard":"Character used as wildcard", +"findUsers":"Search for user account", "forbidden":"لست مخولا بعرض هذه الصفحة", "forceSave":"فرض الحفظ", -"format":"الصيغة", "formReplay":"استمارة وظيفة replay", "formTimeout":"استمارة المهلة", +"format":"الصيغة", "forms":"إستمارات", "friendlyName":"اسم مألوف", "generalParameters":"المعاييرالعامة", @@ -371,72 +385,73 @@ "grantSessionRules":"ظروف الافتتاح", "groups":"المجموعات", "groupsBeforeMacros":"Compute groups before macros", +"hGroups":"المجموعات (هاش ريف)", "hashkey":"المفتاح", "headers":"هيدر إتش تي تي بي ", -"hGroups":"المجموعات (هاش ريف)", -"hostname":"اسم المضيف", "hiddenAttributes":"السمات المخفية", "hide":"إخفاء", "hideHelp":"إخفاء المساعدة", "hideOldPassword":"إخفاء كلمة المرور القديمة", "hideTree":"إخفاء الشجرة", +"hostname":"اسم المضيف", "httpOnly":"الحماية بواسطة جافا سكريبت", "https":"إتش تي تي بي س", "impersonation":"Impersonation", -"impersonationRule":"استخدام القاعدة", -"impersonationIdRule":"Identities use rule", "impersonationHiddenAttributes":"السمات المخفية", +"impersonationIdRule":"Identities use rule", "impersonationMergeSSOgroups":"Merge spoofed and real SSO groups", +"impersonationRule":"استخدام القاعدة", "impersonationSkipEmptyValues":"Skip empty values", "impersonationUnrestrictedUsersRule":"Unrestricted users rule", "incompleteForm":"الحقول المطلوبة مفقودة", "index":"فهرس", "infoFormMethod":"طريقة للحصول على معلومات الإستمارة", -"invalidSessionData":"بيانات الجلسة غير صحيحة", +"instance":"Instance", "int":"Integer", "internalReference":"المرجع الداخلي", +"invalidSessionData":"بيانات الجلسة غير صحيحة", "ipAddr":"عنوان الأي بي", "ipAddresses":"عناوين الأي بي", +"issuerDBCAS":"كاس", +"issuerDBCASActivation":"تفعيل", +"issuerDBCASOptions":"الخيارات", +"issuerDBCASPath":"مسار", +"issuerDBCASRule":"استخدام القاعدة", "issuerDBGet":"احصل على", "issuerDBGetActivation":"تفعيل", "issuerDBGetParameters":"احصل على المعايير", "issuerDBGetPath":"مسار", "issuerDBGetRule":"استخدام القاعدة", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"تفعيل", -"issuerDBSAMLPath":"مسار", -"issuerDBSAMLRule":"استخدام القاعدة", -"issuerDBCAS":"كاس", -"issuerDBCASActivation":"تفعيل", -"issuerDBCASPath":"مسار", -"issuerDBCASRule":"استخدام القاعدة", -"issuerDBCASOptions":"الخيارات", "issuerDBOpenID":"أوبين أيدي", "issuerDBOpenIDActivation":"تفعيل", -"issuerDBOpenIDPath":"مسار", -"issuerDBOpenIDRule":"استخدام القاعدة", -"issuerDBOpenIDOptions":"الخيارات", "issuerDBOpenIDConnect":"أوبين أيدي كونيكت", "issuerDBOpenIDConnectActivation":"تفعيل", "issuerDBOpenIDConnectPath":"مسار", "issuerDBOpenIDConnectRule":"استخدام القاعدة", +"issuerDBOpenIDOptions":"الخيارات", +"issuerDBOpenIDPath":"مسار", +"issuerDBOpenIDRule":"استخدام القاعدة", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"تفعيل", +"issuerDBSAMLPath":"مسار", +"issuerDBSAMLRule":"استخدام القاعدة", "issuerOptions":"Options", "issuerParams":"وحدات المصدر", "issuersTimeout":"Issuers timeout", -"jsRedirect":"إعادة توجيه الرسالة", "jqueryButtonSelector":"زر التحديد ل جي كويري (اختياري)", "jqueryFormSelector":"تحديد الاستمارة ل جي كويري (اختياري)", "jqueryUrl":"جي كويري يو آر إل (اختياري)", +"jsRedirect":"إعادة توجيه الرسالة", +"kerberosParams":"معايير كيربيروس", "key":"مفتاح التشفير", -"keys":"المفاتيح", -"keyname":"اسم المفتاح", "keyPassword":"مفتاح كلمة المرور", +"keyname":"اسم المفتاح", +"keys":"المفاتيح", +"krbAllowedDomains":"Allowed domains", "krbAuthnLevel":"مستوى مصادقة كيربيروس", "krbByJs":"استخدام طلب أجاكس", "krbKeytab":"كيتاب", "krbRemoveDomain":"Remove domain from Kerberos username", -"krbAllowedDomains":"Allowed domains", -"kerberosParams":"معايير كيربيروس", "label":"Label", "languages":"اللغات", "latest":"الأحدث", @@ -450,7 +465,6 @@ "ldapConnection":"الاتصال", "ldapExportedVars":"المتغيرات المصدرة", "ldapFilters":"فلتر", -"LDAPFilter":"فلتر الاعْتيادي", "ldapGetUserBeforePasswordChange":"Search for user before password change", "ldapGroupAttributeName":"السمات المستهدف", "ldapGroupAttributeNameGroup":"سمات مصدر المجموعة", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"أوبجكت كلاس", "ldapGroupRecursive":"تكراري", "ldapGroups":"المجموعات", +"ldapIOTimeout":"Operation timeout", "ldapITDS":"IBM Tivoli DS support", "ldapParams":"معايير إل‌داب", "ldapPassword":"كلمة المرور", "ldapPasswordResetAttribute":"إعادة تعيين السمة", "ldapPasswordResetAttributeValue":"إعادة ضبط القيمة", -"ldapPpolicyControl":"التحكم في سياسة كلمة المرور", "ldapPort":"منفذ الخادم", +"ldapPpolicyControl":"التحكم في سياسة كلمة المرور", "ldapPwdEnc":"تشفير كلمه مرور إل‌داب", "ldapRaw":"السمات الثنائية", "ldapSearchDeref":"الاسم المستعار", "ldapServer":"مضيف الخادم", "ldapSetPassword":"تعديل كلمة المرور مع عملية موسعة", "ldapTimeout":"Connection timeout", -"ldapIOTimeout":"Operation timeout", "ldapUsePasswordResetAttribute":"استخدام سمة إعادة الضبط", "ldapVerify":"Verify LDAP server certificate", "ldapVersion":"الإصدار", @@ -483,35 +497,34 @@ "linkedInClientID":"معرف العميل", "linkedInClientSecret":"سرالعميل", "linkedInFields":"Searched fields", -"linkedinParams":"معاييرLinkedIn", "linkedInScope":"نطاق", "linkedInUserField":"Field containing user identifier", +"linkedinParams":"معاييرLinkedIn", "load":"حمل", -"loadedConfiguration":"تحميل الإعدادات", "loadFromUrl":"تحميل من أل يو أر ل", +"loadedConfiguration":"تحميل الإعدادات", "localSessionStorage":"وحدة ذاكرة التخزين المؤقت", "localSessionStorageOptions":"خيارات وحدة التخزين المؤقت", "locationRules":"Access rules", +"logParams":"سجلات", "loginHistory":"سجل تسجيل الدخول", "loginHistoryEnabled":"تفعيل", "logo":"شعار", "logout":"تسجيل الخروج", "logoutServices":"تسجيل الخروج الأمامي", -"logParams":"سجلات", "lwpOpts":"خيارات لطلبات الخادم", "lwpSslOpts":"خيارات سسل لطلبات الخادم", -"instance":"Instance", "macros":"ماكرو", "mail2f":"Mail second factor", "mail2fActivation":"تفعيل", -"mail2fCodeRegex":"Code regex", -"mail2fTimeout":"Code timeout", -"mail2fSubject":"نجاح عنوان البريد", -"mail2fBody":"محتوى البريد الناجح", "mail2fAuthnLevel":"مستوى إثبات الهوية", -"mail2fLabel":"Label", +"mail2fBody":"محتوى البريد الناجح", +"mail2fCodeRegex":"Code regex", +"mail2fLabel":"Label", "mail2fLogo":"شعار", "mail2fSessionKey":"مفتاح الجلسة الذي يحتوي على عنوان البريد الإلكتروني", +"mail2fSubject":"نجاح عنوان البريد", +"mail2fTimeout":"Code timeout", "mailBody":"محتوى البريد الناجح", "mailCharset":"charset", "mailConfirmBody":"تأكيد محتوى البريد", @@ -535,22 +548,22 @@ "markAsDone":"تحديد كمنته", "memberOfSSOGroups":"عضو في مجموعات الدخول الموحد", "menu":"القائمة", +"menuCategory":"قائمة الاقسام", "message":"رسالة", "messages":"رسائل", -"menuCategory":"قائمة الاقسام", "modulesTitle":"الوحدات المستخدمة", "multiIp":"عنوان آي بي متعدد", -"multipleSessions":"جلسات متعددة", "multiValuesSeparator":"الفاصل", +"multipleSessions":"جلسات متعددة", "name":"اسم", "needConfirmation":"تتوفر إعدادات جديدة.لإجبار حفظ هذه الإعدادات, انقر على خانة الاختيار بالقرب من زر 'حفظ'", "networkProblem":"مشكلة شبكة الاتصال", "never":"Never", "newApp":"تطبيق جديد", -"newChain":"سلسلة جديدة", "newCat":"فئة جديدة", "newCertificate":"New certificate", "newCfgAvailable":"إعدادات جديد متاح", +"newChain":"سلسلة جديدة", "newCmbMod":"وحدة جديدة", "newCmbOver":"معايير جديدة", "newEntry":"أنتري جديد", @@ -560,41 +573,40 @@ "newPostVar":"متغير جديد", "newRSAKey":"مفاتيح جديدة", "newRule":"قاعدة جديدة", -"newSfOver":"معايير جديدة", "newSfExtra":"New second factor", +"newSfOver":"معايير جديدة", "newValue":"قيمة جديدة", "next":"التالى", "nginxCustomHandlers":"معالجات إنجن إكس المخصصة", "noAjaxHook":"الحفاظ على إعادة توجيه ل أجاكس", "noData":"لا توجد بيانات لعرضها", "notABoolean":"ليس بولياني", -"notAnInteger":"ليس عددا صحيحا", "notAValidPerlExpression":"عبارة بيرل ليست صحيحة", +"notAnInteger":"ليس عددا صحيحا", "notification":"تفعيل", -"notifications":"إشعار", -"notification_s":"إشعار", -"notificationDefaultCond":"Default condition", -"notificationServer":"إشعارالخادم", -"notificationServerDELETE":"DELETE method", -"notificationServerGET":"GET method", -"notificationServerMethods":"HTTP methods", -"notificationServerPOST":"POST method", -"notificationServerSentAttributes":"Notification parameters to send", -"serverNotification":"Server", "notificationCreated":"تم إنشاء إشعار", +"notificationDefaultCond":"Default condition", "notificationDeleted":"Notification has been marked as done", "notificationDone":"انتهى الإشعار", -"notificationsDone":"انتهت الإشعارات", -"notificationsExplorer":"Explorer", "notificationNotCreated":"لم يتم إنشاء الإشعار", "notificationNotDeleted":"لم يتم وضع علامة على الإشعار بأنه تم الاطلاع عليه", "notificationNotFound":"لم يتم العثور على الإشعار", "notificationNotPurged":"لم تتم إزالة الإشعار نهائيا", "notificationPurged":"تم إزالة الإشعار نهائيا", +"notificationServer":"إشعارالخادم", +"notificationServerDELETE":"DELETE method", +"notificationServerGET":"GET method", +"notificationServerMethods":"HTTP methods", +"notificationServerPOST":"POST method", +"notificationServerSentAttributes":"Notification parameters to send", "notificationStorage":"وحدة التخزين", "notificationStorageOptions":"معايير وحدة التخزين", "notificationWildcard":"أحرف البدل لجميع المستخدمين", "notificationXSLTfile":"تخصيص ملف XSLT", +"notification_s":"إشعار", +"notifications":"إشعار", +"notificationsDone":"انتهت الإشعارات", +"notificationsExplorer":"Explorer", "notifyDeleted":"عرض الجلسات المحذوفة", "notifyOther":"عرض جلسات أخرى", "nullAuthnLevel":"مستوى إثبات الهوية", @@ -602,8 +614,6 @@ "number":"رقم", "off":"إيقاف", "offlineSessions":"Offline sessions", -"oldValue":"قيمة قديمة", -"on":"تنشيط", "oidcAttribute":"خاصيات OIDC", "oidcAuthnLevel":"مستوى إثبات الهوية", "oidcConsents":"OpenID Connect Consents", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"البيانات الوصفية", "oidcOPMetaDataJWKS":"بيانات JWKS", "oidcOPMetaDataNode":" أوبين أيدي كونيكت بروفيدر", +"oidcOPMetaDataNodes":" أوبين أيدي كونيكت بروفيدر", "oidcOPMetaDataOptions":"الخيارات", -"oidcRPMetaDataOptionsBasic":"Basic", -"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", -"oidcRPMetaDataOptionsAdvanced":"المتقدمة", -"oidcRPMetaDataOptionsTimeouts":"Timeouts", -"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", +"oidcOPMetaDataOptionsAcrValues":"قيم أل ACR", "oidcOPMetaDataOptionsCheckJWTSignature":"توقيع", "oidcOPMetaDataOptionsClientID":"معرف العميل", "oidcOPMetaDataOptionsClientSecret":"سرالعميل", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"عرض", "oidcOPMetaDataOptionsDisplayName":"عرض الاسم", "oidcOPMetaDataOptionsDisplayParams":"عرض", +"oidcOPMetaDataOptionsIDTokenMaxAge":"الحد الأقصى لعمر تعريف التوكن", "oidcOPMetaDataOptionsIcon":"شعار", -"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"مهلة بيانات JWKS", -"oidcRPMetaDataOptionsLogoutSessionRequired":"جلسة مطلوب", -"oidcRPMetaDataOptionsLogoutType":"نوع", -"oidcRPMetaDataOptionsLogoutUrl":"يو آر إل", +"oidcOPMetaDataOptionsMaxAge":"الحد الأقصى للعمر", +"oidcOPMetaDataOptionsPrompt":"عاجل", "oidcOPMetaDataOptionsProtocol":"بروتوكول", -"oidcRPMetaDataOptionsPublic":"Public client", -"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", -"oidcRPMetaDataOptionsAuthnLevel":"مستوى إثبات الهوية", -"oidcRPMetaDataOptionsRule":"قاعدة الدخول", -"oidcRPMetaDataMacros":"ماكرو", -"oidcRPMetaDataScopeRules":"Scope rules", "oidcOPMetaDataOptionsScope":"نطاق", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsStoreIDToken":"مخزن تعريف التوكن", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"توكن نقطة النهاية لطريقة إثبات الهوية", +"oidcOPMetaDataOptionsUiLocales":"واجهة المستخدم المحلية", +"oidcOPMetaDataOptionsUseNonce":"استخدام نونس", "oidcOPName":"اسم موفرأوبين أيدي كونيكت", "oidcParams":"معاييرأوبين أيدي كونيكت", "oidcRP":"الطرف المعتمد لي أوبين أيدي كونيكت", "oidcRPCallbackGetParam":"استدعاء معايير GET", "oidcRPMetaDataExportedVars":"السمات المصدرة", +"oidcRPMetaDataMacros":"ماكرو", "oidcRPMetaDataNode":"الأطراف المعتمد لي أوبين أيدي كونيكت", +"oidcRPMetaDataNodes":"الأطراف المعتمد لي أوبين أيدي كونيكت", "oidcRPMetaDataOptions":"الخيارات", +"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenExpiration":"انتهاء صلاحية التوكن", "oidcRPMetaDataOptionsAccessTokenJWT":"Use JWT format for Access Token", -"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Access Token signature algorithm", +"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", +"oidcRPMetaDataOptionsAdvanced":"المتقدمة", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Allow OAuth2.0 Client Credentials Grant", +"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", "oidcRPMetaDataOptionsAllowPasswordGrant":"Allow OAuth2.0 Password Grant", +"oidcRPMetaDataOptionsAuthnLevel":"مستوى إثبات الهوية", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcRPMetaDataOptionsBasic":"Basic", "oidcRPMetaDataOptionsBypassConsent":"تخطى الموافقة ", "oidcRPMetaDataOptionsClientID":"معرف العميل", "oidcRPMetaDataOptionsClientSecret":"سرالعميل", "oidcRPMetaDataOptionsDisplay":"عرض", "oidcRPMetaDataOptionsDisplayName":"عرض الاسم", -"oidcRPMetaDataOptionsIcon":"شعار", +"oidcRPMetaDataOptionsExtraClaims":"ادعاءات إضافي", "oidcRPMetaDataOptionsIDTokenExpiration":" انتهاء صلاحية تعريف التوكن", -"oidcRPMetaDataOptionsIDTokenSignAlg":"خوارزمية توقيع آي دي التوكن", "oidcRPMetaDataOptionsIDTokenForceClaims":"Force claims to be returned in ID Token", +"oidcRPMetaDataOptionsIDTokenSignAlg":"خوارزمية توقيع آي دي التوكن", +"oidcRPMetaDataOptionsIcon":"شعار", +"oidcRPMetaDataOptionsLogoutSessionRequired":"جلسة مطلوب", +"oidcRPMetaDataOptionsLogoutType":"نوع", +"oidcRPMetaDataOptionsLogoutUrl":"يو آر إل", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Offline session expiration", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"عناوين إعادة التوجيه المسموح بها للخروج", +"oidcRPMetaDataOptionsPublic":"Public client", +"oidcRPMetaDataOptionsRedirectUris":"عناوين إعادة التوجيه المسموح بها لتسجيل الدخول", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", +"oidcRPMetaDataOptionsRule":"قاعدة الدخول", +"oidcRPMetaDataOptionsTimeouts":"Timeouts", "oidcRPMetaDataOptionsUserIDAttr":"خاصّيّة المستخدم", +"oidcRPMetaDataScopeRules":"Scope rules", "oidcRPName":"اسم أوبين أيدي كونيكت RP", "oidcRPStateTimeout":"حالة مهلة الجلسة", +"oidcServiceAccessTokenExpiration":"انتهاء صلاحية التوكن", +"oidcServiceAllowAuthorizationCodeFlow":"ترخيص كود التدفق", +"oidcServiceAllowDynamicRegistration":"التسجيل الديناميكي", +"oidcServiceAllowHybridFlow":"تدفق هجين", +"oidcServiceAllowImplicitFlow":"التدفق الضمني", +"oidcServiceAllowOffline":"Allow offline access", +"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", +"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", +"oidcServiceIDTokenExpiration":" انتهاء صلاحية تعريف التوكن", +"oidcServiceKeyIdSig":"توقيع على هوية المفتاح ", "oidcServiceMetaData":"خدمة أوبين أيدي كونيكت", +"oidcServiceMetaDataAuthnContext":"سياق إثبات الهوية", "oidcServiceMetaDataAuthorizeURI":"ترخيص", "oidcServiceMetaDataBackChannelURI":"URI قناة الخلفية", +"oidcServiceMetaDataCheckSessionURI":"تحقق من الجلسة", "oidcServiceMetaDataEndPoints":"نقطة النهاية", +"oidcServiceMetaDataEndSessionURI":"نهاية الجلسة", "oidcServiceMetaDataFrontChannelURI":"URI القناة الأمامية", +"oidcServiceMetaDataIntrospectionURI":"Introspection", +"oidcServiceMetaDataIssuer":"تعريف المرسل", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"المفاتيح", "oidcServiceMetaDataRegistrationURI":"التسجيل", -"oidcServiceMetaDataIntrospectionURI":"Introspection", "oidcServiceMetaDataSecurity":"الحماية", -"oidcServiceMetaDataEndSessionURI":"نهاية الجلسة", -"oidcServiceMetaDataAuthnContext":"سياق إثبات الهوية", "oidcServiceMetaDataSessions":"الجلسات", +"oidcServiceMetaDataTokenURI":"التوكن", +"oidcServiceMetaDataUserInfoURI":"معلومات المستخدم", +"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcServicePrivateKeySig":"توقيع على المفتاح الخاص", "oidcServicePublicKeySig":"توقيع على المفتاح العمومي", -"oidcServiceKeyIdSig":"توقيع على هوية المفتاح ", -"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", -"oidcServiceAccessTokenExpiration":"انتهاء صلاحية التوكن", -"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", -"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", -"oidcServiceIDTokenExpiration":" انتهاء صلاحية تعريف التوكن", -"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcStorage":"اسم وحدة الجلسات", "oidcStorageOptions":"خيارات وحدة الجلسات", -"oidcOPMetaDataNodes":" أوبين أيدي كونيكت بروفيدر", -"oidcRPMetaDataNodes":"الأطراف المعتمد لي أوبين أيدي كونيكت", -"oidcOPMetaDataOptionsPrompt":"عاجل", -"oidcOPMetaDataOptionsMaxAge":"الحد الأقصى للعمر", -"oidcOPMetaDataOptionsUiLocales":"واجهة المستخدم المحلية", -"oidcOPMetaDataOptionsAcrValues":"قيم أل ACR", -"oidcOPMetaDataOptionsIDTokenMaxAge":"الحد الأقصى لعمر تعريف التوكن", -"oidcOPMetaDataOptionsUseNonce":"استخدام نونس", -"oidcRPMetaDataOptionsRedirectUris":"عناوين إعادة التوجيه المسموح بها لتسجيل الدخول", -"oidcRPMetaDataOptionsPostLogoutRedirectUris":"عناوين إعادة التوجيه المسموح بها للخروج", -"oidcRPMetaDataOptionsExtraClaims":"ادعاءات إضافي", -"oidcServiceMetaDataIssuer":"تعريف المرسل", -"oidcServiceMetaDataTokenURI":"التوكن", -"oidcServiceMetaDataUserInfoURI":"معلومات المستخدم", -"oidcServiceMetaDataCheckSessionURI":"تحقق من الجلسة", -"oidcServiceAllowDynamicRegistration":"التسجيل الديناميكي", -"oidcServiceAllowAuthorizationCodeFlow":"ترخيص كود التدفق", -"oidcServiceAllowImplicitFlow":"التدفق الضمني", -"oidcServiceAllowHybridFlow":"تدفق هجين", -"oidcServiceAllowOffline":"Allow offline access", "ok":"حسنا", "oldNotifFormat":"استخدام صيغة xml القديمة", +"oldValue":"قيمة قديمة", +"on":"تنشيط", "openIdAttr":"تسجيل الدخول في أوبين أيدي", "openIdAuthnLevel":"مستوى إثبات الهوية", "openIdExportedVars":"المتغيرات المصدرة", "openIdIDPList":"النطاقات المرخص", "openIdIssuerSecret":"التوكن السري", -"openidParams":"معاييرأوبين أيدي", +"openIdSPList":"النطاقات المرخص", "openIdSecret":"التوكن السري", "openIdSreg":"خرائط SREG", +"openIdSreg_country":"البلد", +"openIdSreg_dob":"تاريخ الولادة", +"openIdSreg_email":"البريد الإلكتروني", "openIdSreg_fullname":"الاسم الكامل", -"openIdSreg_nickname":"الإسم المستعار", +"openIdSreg_gender":"الجنس", "openIdSreg_language":"اللغة", +"openIdSreg_nickname":"الإسم المستعار", "openIdSreg_postcode":"الرقم البريدى", "openIdSreg_timezone":"المنطقة الزمنية", -"openIdSreg_country":"البلد", -"openIdSreg_gender":"الجنس", -"openIdSreg_email":"البريد الإلكتروني", -"openIdSreg_dob":"تاريخ الولادة", -"openIdSPList":"النطاقات المرخص", -"OpenIDConnect":"أوبين أيدي كونيكت", -"OptionalTitle":"عنوان الخيارات", +"openidParams":"معاييرأوبين أيدي", "overPrm":"المعلمات الزائد", "pamAuthnLevel":"مستوى إثبات الهوية", "pamParams":"معايير بام", @@ -745,11 +755,11 @@ "passwordManagement":"إدارة كلمة المرور", "passwordPolicy":"Password policy", "passwordPolicyActivation":"تفعيل", -"passwordPolicyMinSize":"Minimal size", -"passwordPolicyMinLower":"Minimal lower characters", -"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicyMinDigit":"Minimal digit characters", +"passwordPolicyMinLower":"Minimal lower characters", +"passwordPolicyMinSize":"Minimal size", "passwordPolicyMinSpeChar":"Minimal special characters", +"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicySpecialChar":"Allowed special characters", "passwordResetAllowedRetries":"Max reset password retries", "persistent":"الثابتة", @@ -771,8 +781,8 @@ "portalDisplayGeneratePassword":"Display generate password box", "portalDisplayLoginHistory":"سجل تسجيل الدخول", "portalDisplayLogout":"تسجيل الخروج", -"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayOidcConsents":"OIDC Consents", +"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayRefreshMyRights":"Display rights refresh link", "portalDisplayRegister":"تسجيل حساب جديد", "portalDisplayResetPassword":"إعادة تعيين كلمة المرور", @@ -780,6 +790,7 @@ "portalErrorOnMailNotFound":"إظهار الخطأ في البريد الغيرالموجود", "portalForceAuthn":"فرض إثبات الهوية", "portalForceAuthnInterval":"فرض الفاصل الزمني لإثبات الهوية", +"portalMainLogo":"Main Logo", "portalMenu":"القائمة", "portalModules":"تنشيط الوحدات", "portalOpenLinkInNewWindow":"نافذة جديدة", @@ -792,31 +803,30 @@ "portalSkin":"الغلاف الاعْتيادي", "portalSkinBackground":"خلفية الغلاف", "portalSkinRules":"عرض قواعد الغلاف", -"portalMainLogo":"Main Logo", "portalStatus":"نشر حالة البوابة", "portalUserAttr":"خاصّيّة المستخدم", "post":"استمارة وظيفة replay", -"postedVars":"متغيرات للنشر", -"postUrl":"استمارة اليو آر إل", "postTargetUrl":"استمارة يو آر إل المستهدف (اختياري)", +"postUrl":"استمارة اليو آر إل", +"postedVars":"متغيرات للنشر", "previous":"السابق", "privateKey":"مفتاح الخاصة", -"proxyAuthnLevel":"مستوى إثبات الهوية", "proxyAuthService":"يو آر إل البوابة الداخلي", -"proxySessionService":"رابط اليورال لخدمة الجلسة", +"proxyAuthnLevel":"مستوى إثبات الهوية", "proxyParams":"معايير البروكسي", +"proxySessionService":"رابط اليورال لخدمة الجلسة", "proxyUseSoap":"استخدام سواب بدلا من ريست", "publicKey":"المفتاح العمومي", "purgeNotification":"حذف الإشعار نهائيا", "radius2f":"Radius second factor", "radius2fActivation":"تفعيل", -"radius2fServer":"اسم الخادم", -"radius2fSecret":"سر مشترك", -"radius2fUsernameSessionKey":"Session key containing login", -"radius2fTimeout":"Authentication timeout", "radius2fAuthnLevel":"مستوى إثبات الهوية", -"radius2fLogo":"شعار", "radius2fLabel":"Label", +"radius2fLogo":"شعار", +"radius2fSecret":"سر مشترك", +"radius2fServer":"اسم الخادم", +"radius2fTimeout":"Authentication timeout", +"radius2fUsernameSessionKey":"Session key containing login", "radiusAuthnLevel":"مستوى إثبات الهوية", "radiusParams":"معايير راديوس", "radiusSecret":"سر مشترك", @@ -845,116 +855,243 @@ "remotePortal":"يو آر إل البوابة", "replaceByFile":"استبدال بواسطة ملف", "requireToken":"يتطلب توكن للإستمارة", -"restAuthnLevel":"مستوى إثبات الهوية", -"restAuthUrl":"يو آر إل إثبات الهوية", -"restConfigServer":"Configuration server", -"restServices":"REST services", -"restore":"استعادة", -"restoreConf":"استعادة التكوين", "rest2f":"REST second factor", "rest2fActivation":"تفعيل", "rest2fAuthnLevel":"مستوى إثبات الهوية", -"rest2fLabel":"Label", "rest2fInitArgs":"Init Arguments", "rest2fInitUrl":"Init URL", +"rest2fLabel":"Label", "rest2fLogo":"شعار", "rest2fVerifyArgs":"Verify Arguments", "rest2fVerifyUrl":"Verify URL", +"restAuthServer":"Authentication server", +"restAuthUrl":"يو آر إل إثبات الهوية", +"restAuthnLevel":"مستوى إثبات الهوية", +"restClockTolerance":"Server clock tolerance", +"restConfigServer":"Configuration server", "restExportSecretKeys":"Export secret attributes", +"restFindUserDBUrl":"User accounts URL", "restParams":"معايير ريست", +"restPasswordServer":"Password reset server", "restPwdConfirmUrl":"عنوان اليو آر إل لتأكيد كلمة المرور", "restPwdModifyUrl":"عنوان اليو آر إل لتغيير كلمة المرور", +"restServices":"REST services", "restSessionServer":"خادم جلسة ريست", -"restAuthServer":"Authentication server", -"restClockTolerance":"Server clock tolerance", -"restFindUserDBUrl":"User accounts URL", -"restPasswordServer":"Password reset server", "restUserDBUrl":"عنوان يو آر إل لبيانات المستخدم", +"restore":"استعادة", +"restoreConf":"استعادة التكوين", "returnUrl":"إرجاع اليو آر إل", "rp":"Relying Party", "rule":"القاعدة", "ruleAuthnLevel":"مستوى إثبات الهوية واجب", "rules":"القواعد", "rulesAuthnLevel":"مستوى إثبات الهوية واجب", -"Same":"نفسه", "sameSite":"Cookie SameSite value", -"save":"حفظ", -"saveReport":"احفظ التقرير", -"savingConfirmation":"حفظ التأكيد", -"scope":"نطاق", -"search":"Search...", -"secondFactors":"Second factors", -"securedCookie":"ملفات تعريف الارتباط المضمونة (سسل)", -"security":"الحماية", -"sendTestMail":"Send test email", -"sendTestMailSuccess":"Test email successfully sent", -"serverError":"خطأ في جهاز الخادم", -"session":"جلسة", -"sessions":"الجلسات", -"session_s":"جلسة( أو جلسات )", -"sessionDataToRemember":"بيانات الجلسة التي سيتم تخزينها", -"sessionDeleted":"تم حذف الجلسة", -"sessionExpired":"The session is expired", -"sessionParams":"الجلسات", -"sessionStartedAt":"بدأت الجلسة", -"sessionStorage":"تخزين الجلسات", -"sessionTitle":"محتوى الجلسة", -"sfaTitle":"Second factors authentication", -"sfExtra":"Additional second factors", -"sfManagerRule":"Display Manager link", -"sfOnlyUpgrade":"Use 2FA for session upgrade", -"sfRequired":"Force 2FA registration at login", -"sfRemovedNotification":"Warn if an expired 2FA is removed", -"sfRemovedMsgRule":"تفعيل", -"sfRemovedUseNotif":"Use Notifications plugin", -"sfRemovedNotifMsg":"Notification message", -"sfRemovedNotifRef":"Notification reference", -"sfRemovedNotifTitle":"Notification title", -"sfRemovedMsg":"Display a message if an expired 2FA is removed", -"show":"عرض", -"showHelp":"عرض المساعدة", -"showLanguages":"Show languages choice", -"singleIP":"One IP address per user", -"singleSession":"One session per user", -"singleUserByIP":"مستخدم واحد لكل عنوان آي بي", -"skipRenewConfirmation":"Skip re-auth confirmation", -"skipUpgradeConfirmation":"Skip upgrade confirmation", -"slaveAuthnLevel":"مستوى إثبات الهوية", -"slaveDisplayLogo":"Display authentication logo", -"slaveExportedVars":"المتغيرات المصدرة", -"slaveMasterIP":"عنوان آي بي الماستر", -"slaveParams":"معاييرالتابع", -"slaveUserHeader":"الهيدر لتسجيل دخول المستخدم", -"slaveHeaderName":"التحكم في إسم الهيدر", -"slaveHeaderContent":"التحكم في محتوى الهيدر", -"SMTP":"بروتوكول إرسال البريد SMTP", -"SMTPAuthPass":"كلمة المرور بروتوكول إرسال البريد SMTP", -"SMTPAuthUser":"SMTP المستخدم", -"SMTPPort":"منفذ بروتوكول إرسال البريد SMTP", -"SMTPServer":"خادم بروتوكول إرسال البريد SMTP", -"SMTPTLS":"بروتوكول سسل / تلس", -"SMTPTLSOpts":"خيارات سسل / تلس", +"saml":"SAML", +"samlAdvanced":"المتقدمة", +"samlAttribute":"خاصيات SAML", +"samlAttributeAuthorityDescriptor":"سمات الهيئة", +"samlAttributeAuthorityDescriptorAttributeService":"سمة الخدمة", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlAuthnContextMap":"سياقات إثبات الهوية", +"samlAuthnContextMapKerberos":"كيربيروس", +"samlAuthnContextMapPassword":"كلمة المرور", +"samlAuthnContextMapPasswordProtectedTransport":"حماية نقل كلمة المرور", +"samlAuthnContextMapTLSClient":"TLS العميل", +"samlCommonDomainCookie":"ملف تعريف ارتباط في المجال المشترك", +"samlCommonDomainCookieActivation":"تفعيل", +"samlCommonDomainCookieDomain":"النطاق المشترك", +"samlCommonDomainCookieReader":"يو آر إل القارئ", +"samlCommonDomainCookieWriter":"يو آر إل الكاتب", +"samlDiscoveryProtocol":"Discovery Protocol", +"samlDiscoveryProtocolActivation":"تفعيل", +"samlDiscoveryProtocolIsPassive":"Is Passive", +"samlDiscoveryProtocolPolicy":"Policy", +"samlDiscoveryProtocolURL":"EndPoint URL", +"samlEntityID":"معرف الكيان", +"samlIDP":"مزود الهوية SAML", +"samlIDPMetaDataExportedAttributes":"السمات المصدرة", +"samlIDPMetaDataNodes":"مزود الهوية SAML", +"samlIDPMetaDataOptions":"الخيارات", +"samlIDPMetaDataOptionsAdaptSessionUtime":"تكييف صلحية الجلسة", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"السماح بتسجيل الدخول من IDP", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"سماح تَوْكِيل إثبات الهوية", +"samlIDPMetaDataOptionsAuthnRequest":"طلب إثبات الهوية", +"samlIDPMetaDataOptionsBinding":"ربط", +"samlIDPMetaDataOptionsCheckAudience":"تحقق من شروط السمع", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"تحقق من توقيع رسالة SLO", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"تحقق من توقيع رسالة الدخول الموحد", +"samlIDPMetaDataOptionsCheckTime":"تحقق من شروط الوقت", +"samlIDPMetaDataOptionsDisplay":"عرض", +"samlIDPMetaDataOptionsDisplayName":"عرض الاسم", +"samlIDPMetaDataOptionsDisplayParams":"عرض", +"samlIDPMetaDataOptionsEncryptionMode":"أسلوب التشفير", +"samlIDPMetaDataOptionsForceAuthn":"فرض إثبات الهوية", +"samlIDPMetaDataOptionsForceUTF8":"فرضUTF-8 ", +"samlIDPMetaDataOptionsIcon":"شعار", +"samlIDPMetaDataOptionsIsPassive":"إثبات الهوية السلبي", +"samlIDPMetaDataOptionsNameIDFormat":"صيغة معرف الاسم", +"samlIDPMetaDataOptionsRelayStateURL":"السماح بعنوان اليو آر إل ك RelayState", +"samlIDPMetaDataOptionsRequestedAuthnContext":"سياقات إثبات الهوية المطلوب", +"samlIDPMetaDataOptionsResolutionRule":"حل القاعدة", +"samlIDPMetaDataOptionsSLOBinding":"ربط ال SLO", +"samlIDPMetaDataOptionsSSOBinding":"جَمْع ال سسو", +"samlIDPMetaDataOptionsSecurity":"الحماية", +"samlIDPMetaDataOptionsSession":"جلسة", +"samlIDPMetaDataOptionsSignSLOMessage":"توقيع رسالة SLO", +"samlIDPMetaDataOptionsSignSSOMessage":"توقيع رسالة الدخول الموحد", +"samlIDPMetaDataOptionsSignature":"توقيع", +"samlIDPMetaDataOptionsSignatureMethod":"Signature method", +"samlIDPMetaDataOptionsSortNumber":"Order", +"samlIDPMetaDataOptionsStoreSAMLToken":"حفظ SAML توكن", +"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", +"samlIDPMetaDataXML":"البيانات الوصفية", +"samlIDPName":"اسم SAML IDP", +"samlIDPSSODescriptor":"موفر الهوية", +"samlIDPSSODescriptorArtifactResolutionService":"آرتيفكت الحل", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"خدمة الأرتيفكت", +"samlIDPSSODescriptorSingleLogoutService":"تسجيل خروج واحد", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"إتش تي تي بي بوست", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"إعادة توجيه إتش تي تي بي", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorSingleSignOnService":"تسجيل الدخول الموحد", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"آداة إتش تي تي بي", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"إتش تي تي بي بوست", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"إعادة توجيه إتش تي تي بي", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"إسْتَلْزم طلب إثبات الهوية الموقعة", +"samlMetadataForceUTF8":"تحويل البيانات الوصفية UTF8", +"samlNameIDFormatMap":"صيغة معرف الاسم", +"samlNameIDFormatMapEmail":"البريد الإلكتروني", +"samlNameIDFormatMapKerberos":"كيربيروس", +"samlNameIDFormatMapWindows":"ويندوز", +"samlNameIDFormatMapX509":"X509", +"samlOrganization":"المنظمة", +"samlOrganizationDisplayName":"عرض الاسم", +"samlOrganizationName":"اسم", +"samlOrganizationURL":"يو آر إل", +"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP", +"samlPartnerName":"اسم شريك SAML ", +"samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ", +"samlSP":"مزود خدمة SAML", +"samlSPMetaDataExportedAttributes":"السمات المصدرة", +"samlSPMetaDataMacros":"ماكرو", +"samlSPMetaDataNodes":"مزود خدمة SAML", +"samlSPMetaDataOptions":"الخيارات", +"samlSPMetaDataOptionsAuthnLevel":"مستوى إثبات الهوية", +"samlSPMetaDataOptionsAuthnResponse":"رد إثبات الهوية", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"تحقق من توقيع رسالة SLO", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"تحقق من توقيع رسالة الدخول الموحد", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"تمكين استخدام عنوان يو آر إل IDP ", +"samlSPMetaDataOptionsEncryptionMode":"أسلوب التشفير", +"samlSPMetaDataOptionsForceUTF8":"فرضUTF-8 ", +"samlSPMetaDataOptionsNameIDFormat":"صيغة معرف الاسم الاعْتيادي", +"samlSPMetaDataOptionsNameIDSessionKey":"فرض اسم المعرف لمفتاح الجلسة", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"ليس على أو بعد المدة", +"samlSPMetaDataOptionsOneTimeUse":"استخدام مرة واحدة", +"samlSPMetaDataOptionsRule":"قاعدة الدخول", +"samlSPMetaDataOptionsSecurity":"الحماية", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"جلسة ليست مع أو بعد المدة", +"samlSPMetaDataOptionsSignSLOMessage":"توقيع رسالة SLO", +"samlSPMetaDataOptionsSignSSOMessage":"توقيع رسالة الدخول الموحد", +"samlSPMetaDataOptionsSignature":"توقيع", +"samlSPMetaDataOptionsSignatureMethod":"Signature method", +"samlSPMetaDataXML":"البيانات الوصفية", +"samlSPName":"اسم مزود خدمة SAML", +"samlSPSSODescriptor":"مزود الخدمة", +"samlSPSSODescriptorArtifactResolutionService":"آرتيفكت الحل", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"خدمة الأرتيفكت", +"samlSPSSODescriptorAssertionConsumerService":"تأكيد المستهلك", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"آداة إتش تي تي بي", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"إتش تي تي بي بوست", +"samlSPSSODescriptorAuthnRequestsSigned":"طلب إثبات الهوية الموقعة", +"samlSPSSODescriptorSingleLogoutService":"تسجيل خروج واحد", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"إتش تي تي بي بوست", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"إعادة توجيه إتش تي تي بي", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorWantAssertionsSigned":"أريد التأكيدات الموقعة", +"samlServiceMetaData":"خدمة 2 SAML", +"samlServicePrivateKeyEnc":"المفتاح الخاص", +"samlServicePrivateKeyEncPwd":"مفتاح كلمة المرور الخاصة", +"samlServicePrivateKeySig":"المفتاح الخاص", +"samlServicePrivateKeySigPwd":"مفتاح كلمة المرور الخاصة", +"samlServicePublicKeyEnc":"المفتاح العام", +"samlServicePublicKeySig":"المفتاح العام", +"samlServiceSecurity":"معاييرالحماية", +"samlServiceSecurityEnc":"التشفير", +"samlServiceSecuritySig":"توقيع", +"samlServiceSignatureMethod":"Signature method", +"samlServiceUseCertificateInResponse":"استخدم الشهادة الرقمية في الردود", +"samlStorage":"اسم وحدة الجلسات SAML", +"samlStorageOptions":"خيارات وحدة جلسات SAML", +"samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين", +"save":"حفظ", +"saveReport":"احفظ التقرير", +"savingConfirmation":"حفظ التأكيد", +"scope":"نطاق", +"search":"Search...", +"secondFactors":"Second factors", +"securedCookie":"ملفات تعريف الارتباط المضمونة (سسل)", +"security":"الحماية", +"sendTestMail":"Send test email", +"sendTestMailSuccess":"Test email successfully sent", +"serverError":"خطأ في جهاز الخادم", +"serverNotification":"Server", +"session":"جلسة", +"sessionDataToRemember":"بيانات الجلسة التي سيتم تخزينها", +"sessionDeleted":"تم حذف الجلسة", +"sessionExpired":"The session is expired", +"sessionParams":"الجلسات", +"sessionStartedAt":"بدأت الجلسة", +"sessionStorage":"تخزين الجلسات", +"sessionTitle":"محتوى الجلسة", +"session_s":"جلسة( أو جلسات )", +"sessions":"الجلسات", +"sfExtra":"Additional second factors", +"sfManagerRule":"Display Manager link", +"sfOnlyUpgrade":"Use 2FA for session upgrade", +"sfRemovedMsg":"Display a message if an expired 2FA is removed", +"sfRemovedMsgRule":"تفعيل", +"sfRemovedNotifMsg":"Notification message", +"sfRemovedNotifRef":"Notification reference", +"sfRemovedNotifTitle":"Notification title", +"sfRemovedNotification":"Warn if an expired 2FA is removed", +"sfRemovedUseNotif":"Use Notifications plugin", +"sfRequired":"Force 2FA registration at login", +"sfaTitle":"Second factors authentication", +"show":"عرض", +"showHelp":"عرض المساعدة", +"showLanguages":"Show languages choice", +"singleIP":"One IP address per user", +"singleSession":"One session per user", +"singleUserByIP":"مستخدم واحد لكل عنوان آي بي", +"skipRenewConfirmation":"Skip re-auth confirmation", +"skipUpgradeConfirmation":"Skip upgrade confirmation", +"slaveAuthnLevel":"مستوى إثبات الهوية", +"slaveDisplayLogo":"Display authentication logo", +"slaveExportedVars":"المتغيرات المصدرة", +"slaveHeaderContent":"التحكم في محتوى الهيدر", +"slaveHeaderName":"التحكم في إسم الهيدر", +"slaveMasterIP":"عنوان آي بي الماستر", +"slaveParams":"معاييرالتابع", +"slaveUserHeader":"الهيدر لتسجيل دخول المستخدم", "soapConfigServer":"Configuration server", "soapServices":"SOAP services", "soapSessionServer":"Session server", "specialRule":"قاعدة خاصة", -"SSLAuthnLevel":"مستوى إثبات الهوية", "sslByAjax":"استخدام طلب أجاكس", "sslHost":"أجاكس سسل يو آر إل", "sslParams":"معايير س س ل ", -"SSLVar":"حقل الشهادة الرقمية المستخرجة", -"SSLVarIf":"حقل الشهادة الرقمية المستخرجة الشرطية", "ssoSessions":"جلسات السسو", "stateCheck":"State Check", "stayConnect":"الاتصالات المستمرة", "stayConnected":"Activation", "stayConnectedCookieName":"اسم ملف تعريف الارتباط", "stayConnectedTimeout":"Expiration time", -"successfullySaved":"تم الحفظ بنجاح", "storePassword":"تخزين كلمة مرور المستخدم في بيانات الجلسة", "string":"String", "subtitle":"Subtitle", "successLoginNumber":"عدد تسجيلات الدخول المسجلة", +"successfullySaved":"تم الحفظ بنجاح", "sympaHandler":"لطيف", "sympaMailKey":"مفتاح جلسة البريد", "sympaSecret":"سر مشترك", @@ -970,12 +1107,12 @@ "totp2f":"TOTP", "totp2fActivation":"تفعيل", "totp2fAuthnLevel":"TOTP authentication level", -"totp2fLabel":"Label", -"totp2fLogo":"شعار", "totp2fDigits":"Number of digits", "totp2fDisplayExistingSecret":"Display existing secret", "totp2fInterval":"Interval", "totp2fIssuer":"TOTP Issuer name", +"totp2fLabel":"Label", +"totp2fLogo":"شعار", "totp2fRange":"Range of attempts", "totp2fSelfRegistration":"التسجيل الذاتي", "totp2fTTL":"Lifetime", @@ -1004,20 +1141,20 @@ "unknownKey":"مفتاح غير معروف", "unsecuredCookie":"ملف تعريف ارتباط غير آمن", "up":"تحرك لأعلى", -"uploadDenied":"تم رفض التحميل", "upgradeSession":"ترقية الجلسة", +"uploadDenied":"تم رفض التحميل", "uri":"URI", "url":"يو آر إل", "use":"استخدم", -"user":"المستخدم", -"users":"المستخدمين", -"userDB":"وحدة المستخدمين", -"userdbOnly":"قاعدة بيانات المستخدم فقط", -"userControl":"التحكم في اسم المستخدم", -"userPivot":"اسم حقل تسجيل الدخول في جدول المستخدم", "useRedirectOnError":"إعادة التوجيه على الخطأ", "useRedirectOnForbidden":"ممنوع إعادة التوجيه ", "useSafeJail":"استخدام السجن الآمن", +"user":"المستخدم", +"userControl":"التحكم في اسم المستخدم", +"userDB":"وحدة المستخدمين", +"userPivot":"اسم حقل تسجيل الدخول في جدول المستخدم", +"userdbOnly":"قاعدة بيانات المستخدم فقط", +"users":"المستخدمين", "utotp2f":"TOTP-or-U2F", "utotp2fActivation":"تفعيل", "utotp2fAuthnLevel":"مستوى إثبات الهوية", @@ -1025,10 +1162,10 @@ "utotp2fLogo":"شعار", "value":"القيمة", "values":"القيم", -"variables":"المتغيرات", "variableName":"Variable name", -"verifyU2FKey":"Verify U2F key", +"variables":"المتغيرات", "verifyTOTPKey":"Verify TOTP key", +"verifyU2FKey":"Verify U2F key", "version":"الإصدار", "vhostAccessToTrace":"Access to trace", "vhostAliases":"اسماء مستعارة", @@ -1044,24 +1181,24 @@ "virtualHost":"المضيف الإفتراضى ", "virtualHostName":"اسم المضيف الافتراضي", "virtualHosts":"المضيفين الإفتراضيين", +"waitOrF5":"انتظر إعادة التوجيه أو اضغط F5", +"waitingForDatas":"في انتظار البيانات", "warning":"تحذير", "warnings":"تحذيرات", -"waitingForDatas":"في انتظار البيانات", "webIDAuthnLevel":"مستوى إثبات الهوية", "webIDExportedVars":"المتغيرات المصدرة", -"webidParams":"معايير ويب أي دي", "webIDWhitelist":"القائمة البيضاء للويب آي دي", -"waitOrF5":"انتظر إعادة التوجيه أو اضغط F5", +"webidParams":"معايير ويب أي دي", "whatToTrace":"المستخدم_البعيد", "whiteList":"القائمة البيضاء", "wsdlServer":"WSDL server", "yubikey2f":"Yubikey", "yubikey2fActivation":"تفعيل", "yubikey2fAuthnLevel":"مستوى إثبات الهوية", -"yubikey2fLabel":"Label", -"yubikey2fLogo":"شعار", "yubikey2fClientID":"API العميل ID", "yubikey2fFromSessionAttribute":"Get Yubikey ID from session attribute", +"yubikey2fLabel":"Label", +"yubikey2fLogo":"شعار", "yubikey2fNonce":"Nonce", "yubikey2fPublicIDSize":"حجم الجزء العام لي OTP آي دي", "yubikey2fSecretKey":"مفتاح سرأل API", @@ -1069,143 +1206,5 @@ "yubikey2fTTL":"Lifetime", "yubikey2fUrl":"خدمة أل يو أر ل", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", -"zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول", - -"saml":"SAML", -"samlAttribute":"خاصيات SAML", -"samlDiscoveryProtocol":"Discovery Protocol", -"samlDiscoveryProtocolActivation":"تفعيل", -"samlDiscoveryProtocolIsPassive":"Is Passive", -"samlDiscoveryProtocolPolicy":"Policy", -"samlDiscoveryProtocolURL":"EndPoint URL", -"samlNameIDFormatMap":"صيغة معرف الاسم", -"samlNameIDFormatMapEmail":"البريد الإلكتروني", -"samlNameIDFormatMapX509":"X509", -"samlNameIDFormatMapWindows":"ويندوز", -"samlNameIDFormatMapKerberos":"كيربيروس", -"samlIDP":"مزود الهوية SAML", -"samlIDPMetaDataNodes":"مزود الهوية SAML", -"samlIDPMetaDataXML":"البيانات الوصفية", -"samlIDPMetaDataExportedAttributes":"السمات المصدرة", -"samlIDPMetaDataOptions":"الخيارات", -"samlIDPMetaDataOptionsNameIDFormat":"صيغة معرف الاسم", -"samlIDPMetaDataOptionsForceAuthn":"فرض إثبات الهوية", -"samlIDPMetaDataOptionsIsPassive":"إثبات الهوية السلبي", -"samlIDPMetaDataOptionsAllowProxiedAuthn":"سماح تَوْكِيل إثبات الهوية", -"samlIDPMetaDataOptionsAllowLoginFromIDP":"السماح بتسجيل الدخول من IDP", -"samlIDPMetaDataOptionsAdaptSessionUtime":"تكييف صلحية الجلسة", -"samlIDPMetaDataOptionsSignSSOMessage":"توقيع رسالة الدخول الموحد", -"samlIDPMetaDataOptionsCheckSSOMessageSignature":"تحقق من توقيع رسالة الدخول الموحد", -"samlIDPMetaDataOptionsSignSLOMessage":"توقيع رسالة SLO", -"samlIDPMetaDataOptionsCheckSLOMessageSignature":"تحقق من توقيع رسالة SLO", -"samlIDPMetaDataOptionsSSOBinding":"جَمْع ال سسو", -"samlIDPMetaDataOptionsSLOBinding":"ربط ال SLO", -"samlIDPMetaDataOptionsResolutionRule":"حل القاعدة", -"samlIDPMetaDataOptionsRequestedAuthnContext":"سياقات إثبات الهوية المطلوب", -"samlIDPMetaDataOptionsForceUTF8":"فرضUTF-8 ", -"samlIDPMetaDataOptionsEncryptionMode":"أسلوب التشفير", -"samlIDPMetaDataOptionsCheckTime":"تحقق من شروط الوقت", -"samlIDPMetaDataOptionsCheckAudience":"تحقق من شروط السمع", -"samlIDPMetaDataOptionsAuthnRequest":"طلب إثبات الهوية", -"samlIDPMetaDataOptionsSession":"جلسة", -"samlIDPMetaDataOptionsSignature":"توقيع", -"samlIDPMetaDataOptionsSignatureMethod":"Signature method", -"samlIDPMetaDataOptionsBinding":"ربط", -"samlIDPMetaDataOptionsDisplay":"عرض", -"samlIDPMetaDataOptionsDisplayName":"عرض الاسم", -"samlIDPMetaDataOptionsDisplayParams":"عرض", -"samlIDPMetaDataOptionsIcon":"شعار", -"samlIDPMetaDataOptionsSecurity":"الحماية", -"samlIDPMetaDataOptionsSortNumber":"Order", -"samlIDPMetaDataOptionsStoreSAMLToken":"حفظ SAML توكن", -"samlIDPMetaDataOptionsRelayStateURL":"السماح بعنوان اليو آر إل ك RelayState", -"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", -"samlSPMetaDataNodes":"مزود خدمة SAML", -"samlSPMetaDataXML":"البيانات الوصفية", -"samlSPMetaDataExportedAttributes":"السمات المصدرة", -"samlSPMetaDataOptions":"الخيارات", -"samlSPMetaDataOptionsNameIDFormat":"صيغة معرف الاسم الاعْتيادي", -"samlSPMetaDataOptionsOneTimeUse":"استخدام مرة واحدة", -"samlSPMetaDataOptionsSignSSOMessage":"توقيع رسالة الدخول الموحد", -"samlSPMetaDataOptionsCheckSSOMessageSignature":"تحقق من توقيع رسالة الدخول الموحد", -"samlSPMetaDataOptionsSignSLOMessage":"توقيع رسالة SLO", -"samlSPMetaDataOptionsCheckSLOMessageSignature":"تحقق من توقيع رسالة SLO", -"samlSPMetaDataOptionsEncryptionMode":"أسلوب التشفير", -"samlSPMetaDataOptionsAuthnResponse":"رد إثبات الهوية", -"samlSPMetaDataOptionsSignature":"توقيع", -"samlSPMetaDataOptionsSignatureMethod":"Signature method", -"samlSPMetaDataOptionsSecurity":"الحماية", -"samlSPMetaDataOptionsEnableIDPInitiatedURL":"تمكين استخدام عنوان يو آر إل IDP ", -"samlSPMetaDataOptionsNameIDSessionKey":"فرض اسم المعرف لمفتاح الجلسة", -"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"جلسة ليست مع أو بعد المدة", -"samlSPMetaDataOptionsNotOnOrAfterTimeout":"ليس على أو بعد المدة", -"samlSPMetaDataOptionsForceUTF8":"فرضUTF-8 ", -"samlSPMetaDataOptionsAuthnLevel":"مستوى إثبات الهوية", -"samlSPMetaDataOptionsRule":"قاعدة الدخول", -"samlSPMetaDataMacros":"ماكرو", -"samlIDPName":"اسم SAML IDP", -"samlServiceMetaData":"خدمة 2 SAML", -"samlEntityID":"معرف الكيان", -"samlOrganization":"المنظمة", -"samlOrganizationDisplayName":"عرض الاسم", -"samlOrganizationName":"اسم", -"samlOrganizationURL":"يو آر إل", -"samlSP":"مزود خدمة SAML", -"samlSPName":"اسم مزود خدمة SAML", -"samlSPSSODescriptor":"مزود الخدمة", -"samlSPSSODescriptorAuthnRequestsSigned":"طلب إثبات الهوية الموقعة", -"samlSPSSODescriptorWantAssertionsSigned":"أريد التأكيدات الموقعة", -"samlSPSSODescriptorSingleLogoutService":"تسجيل خروج واحد", -"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"إعادة توجيه إتش تي تي بي", -"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"إتش تي تي بي بوست", -"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlSPSSODescriptorAssertionConsumerService":"تأكيد المستهلك", -"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"آداة إتش تي تي بي", -"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"إتش تي تي بي بوست", -"samlSPSSODescriptorArtifactResolutionService":"آرتيفكت الحل", -"samlSPSSODescriptorArtifactResolutionServiceArtifact":"خدمة الأرتيفكت", -"samlIDPSSODescriptor":"موفر الهوية", -"samlIDPSSODescriptorWantAuthnRequestsSigned":"إسْتَلْزم طلب إثبات الهوية الموقعة", -"samlIDPSSODescriptorSingleSignOnService":"تسجيل الدخول الموحد", -"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"إعادة توجيه إتش تي تي بي", -"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"إتش تي تي بي بوست", -"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"آداة إتش تي تي بي", -"samlIDPSSODescriptorSingleLogoutService":"تسجيل خروج واحد", -"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"إعادة توجيه إتش تي تي بي", -"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"إتش تي تي بي بوست", -"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlIDPSSODescriptorArtifactResolutionService":"آرتيفكت الحل", -"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"خدمة الأرتيفكت", -"samlAttributeAuthorityDescriptor":"سمات الهيئة", -"samlAttributeAuthorityDescriptorAttributeService":"سمة الخدمة", -"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", -"samlServiceSecurity":"معاييرالحماية", -"samlServiceSecuritySig":"توقيع", -"samlServiceSecurityEnc":"التشفير", -"samlServicePrivateKeySig":"المفتاح الخاص", -"samlServicePrivateKeySigPwd":"مفتاح كلمة المرور الخاصة", -"samlServicePublicKeySig":"المفتاح العام", -"samlServicePrivateKeyEnc":"المفتاح الخاص", -"samlServicePrivateKeyEncPwd":"مفتاح كلمة المرور الخاصة", -"samlServicePublicKeyEnc":"المفتاح العام", -"samlServiceSignatureMethod":"Signature method", -"samlServiceUseCertificateInResponse":"استخدم الشهادة الرقمية في الردود", -"samlAdvanced":"المتقدمة", -"samlPartnerName":"اسم شريك SAML ", -"samlMetadataForceUTF8":"تحويل البيانات الوصفية UTF8", -"samlStorage":"اسم وحدة الجلسات SAML", -"samlStorageOptions":"خيارات وحدة جلسات SAML", -"samlAuthnContextMap":"سياقات إثبات الهوية", -"samlAuthnContextMapPassword":"كلمة المرور", -"samlAuthnContextMapPasswordProtectedTransport":"حماية نقل كلمة المرور", -"samlAuthnContextMapTLSClient":"TLS العميل", -"samlAuthnContextMapKerberos":"كيربيروس", -"samlCommonDomainCookie":"ملف تعريف ارتباط في المجال المشترك", -"samlCommonDomainCookieActivation":"تفعيل", -"samlCommonDomainCookieDomain":"النطاق المشترك", -"samlCommonDomainCookieReader":"يو آر إل القارئ", -"samlCommonDomainCookieWriter":"يو آر إل الكاتب", -"samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ", -"samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين", -"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" +"zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول" } diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json index ca5ee3fd86..5c7e4c86be 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"2ndFA sessions explorer", +"2ndFA":"Second Factors", +"ADPwdExpireWarning":"Passwort - Ablauf Warnung", +"ADPwdMaxAge":"maximales Alter", +"AuthLDAPFilter":"Authentication filter", +"Configuration":"Konfiguration", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"Default filter", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Optional title", +"SMTP":"SMTP", +"SMTPAuthPass":"SMTP password", +"SMTPAuthUser":"SMTP user", +"SMTPPort":"SMTP port", +"SMTPServer":"SMTP Server", +"SMTPTLS":"SSL/TLS protocol", +"SMTPTLSOpts":"SSL/TLS options", +"SSLAuthnLevel":"Authentication level", +"SSLVar":"Extracted certificate field", +"SSLVarIf":"Conditional extracted certificate field", +"Same":"Same", "_auth":"Authentifizierung", "_authChoice":"Authentication choice", "_idp":"IDP EntityID", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"Authentication timestamp", "_lastSeen":"Last activity timestamp", "_loginHistory":"Anmeldeverlauf", +"_oidc_OP":"Provider key", "_oidc_access_token":"Access Token", "_oidc_id_token":"ID Token", -"_oidc_OP":"Provider key", "_password":"Password", "_passwordDB":"Password", "_samlToken":"SAML token", @@ -20,42 +41,38 @@ "_startTime":"Creation date", "_timezone":"Time zone", "_updateTime":"Update date", +"_url":"Origin URL", "_user":"Login", "_userDB":"User", -"_url":"Origin URL", "_utime":"Session timestamp", -"2faSessions":"2ndFA sessions explorer", -"2ndFA":"Second Factors", -"actives":"Enabled", "activeTimer":"Auto accept time", +"actives":"Enabled", +"adParams":"Active Directory einstellungen", "adaptativeAuthenticationLevelRules":"Adaptative authentication rules", "addAppCasPartner":"Add CAS application", "addIDPSamlPartner":"Add SAML IDP", "addOidcAttribute":"Attribut hinzufügen", "addOidcOp":"Add OpenID Connect Provider", "addOidcRp":"Add OpenID Relying Party", -"addSamlAttribute":"Attribut hinzufügen", "addSPSamlPartner":"SAML SP hinzufügen", +"addSamlAttribute":"Attribut hinzufügen", "addSrvCasPartner":"CAS - Server hinzufügen", -"addU2FKey":"U2F - Schlüssel hinzufügen", "addTOTPKey":"TOTP-Schlüssel hinzufügen", +"addU2FKey":"U2F - Schlüssel hinzufügen", "addVhost":"Virtuellen Host hinzufügen", -"adParams":"Active Directory einstellungen", -"ADPwdExpireWarning":"Passwort - Ablauf Warnung", -"ADPwdMaxAge":"maximales Alter", "advancedParams":"Weitere Einstellungen", "allowedMarkups":"Allowed markups:", "always":"Always", -"apacheParams":"Apache parameters", "apacheAuthnLevel":"Authentication level", +"apacheParams":"Apache parameters", "application":"Applikation", "applicationDisplay":"Applikation anzeigen", "applicationList":"Categories and applications", "applyResult":"Apply result", "appsInThisCat":"Applications in this category", "array":"Array", -"attributesAndMacros":"Attributes and Macros", "attributeName":"Attribute name", +"attributesAndMacros":"Attributes and Macros", "authAndUserdb":"Authz and user DB", "authChain":"Authentication chain", "authChoice":"Authentication choice", @@ -63,16 +80,15 @@ "authChoiceFindUser":"FindUser plugin parameter", "authChoiceModules":"Allowed modules", "authChoiceParam":"URL parameter", +"authOnly":"Authentication only", +"authParams":"Authentication parameters", "authentication":"Authentication module", -"authenticationNeeded":"Authentication needed", "authenticationLevel":"Authentication level", +"authenticationNeeded":"Authentication needed", "authenticationTitle":"Authentication", -"AuthLDAPFilter":"Authentication filter", -"authOnly":"Authentication only", "author":"Author", "authorIPAddress":"Author IP address", "authorizedValues":"Authorized values", -"authParams":"Authentication parameters", "auto":"Automatic", "autoSignin":"Auto Signin", "autoSigninRules":"Regeln", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Expression containing an assignment. You can use \\x3D to avoid this warning.", "badHeaderName":"Bad header name", "badHostname":"Ungültiger Hostname", -"badLdapUri":"Bad LDAP URI", -"badKeyName":"Bad key name", "badIPv4Address":"Ungültige IPv4-Adresse", +"badKeyName":"Bad key name", +"badLdapUri":"Bad LDAP URI", "badMacroName":"Bad macro name", "badMetadataName":"Bad metadata name", "badPemEncoding":"Bad PEM encoding", @@ -104,17 +120,17 @@ "blackList":"Black list", "bool":"Boolean", "browse":"Browse", -"browsersDontStorePassword":"Avoid browsers to store users password", +"browseTree":"Browse tree", "browserIdAuthnLevel":"Authentication level", "browserIdAutoLogin":"Automatic login", "browserIdBackgroundColor":"Background color", -"browseridParams":"BrowserIDParams", "browserIdSiteLogo":"Site Logo", "browserIdSiteName":"Site name", "browserIdVerificationURL":"Verification URL", -"browseTree":"Browse tree", -"bruteForceProtection":"Activation", +"browseridParams":"BrowserIDParams", +"browsersDontStorePassword":"Avoid browsers to store users password", "bruteForceAttackProtection":"Brute-force attack protection", +"bruteForceProtection":"Activation", "bruteForceProtectionIncrementalTempo":"Incremental lock", "bruteForceProtectionLockTimes":"Incremental lock times", "bruteForceProtectionMaxFailed":"Allowed failed logins", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"Activation in password reset by mail form", "captcha_register_enabled":"Activation in register form", "captcha_size":"Size", -"casAuthnLevel":"Authentication level", "casAccessControlPolicy":"Access control policy", "casApp":"CAS Applikation", "casAppMetaDataExportedVars":"Exported attributes", +"casAppMetaDataMacros":"Macros", "casAppMetaDataNodes":"CAS Applikationen", "casAppMetaDataOptions":"Optionen", -"casAppMetaDataOptionsService":"Service URL", "casAppMetaDataOptionsAuthnLevel":"Authentication level", "casAppMetaDataOptionsRule":"Regel", -"casAppMetaDataMacros":"Macros", +"casAppMetaDataOptionsService":"Service URL", "casAppMetaDataOptionsUserAttribute":"User attribute", "casAppName":"CAS App Name", "casAttr":"CAS login", "casAttributes":"CAS exported attributes", +"casAuthnLevel":"Authentication level", "casParams":"CAS parameters", "casServiceMetadata":"CAS Service", "casSrv":"CAS Server", "casSrvMetaDataExportedVars":"Exported attributes", +"casSrvMetaDataNodes":"CAS Server", "casSrvMetaDataOptions":"Optionen", "casSrvMetaDataOptionsDisplay":"Display", "casSrvMetaDataOptionsDisplayName":"Angezeigter Name", "casSrvMetaDataOptionsGateway":"Gateway authentication", "casSrvMetaDataOptionsIcon":"Icon path", -"casSrvMetaDataOptionsSortNumber":"Order", -"casSrvMetaDataOptionsRenew":"Renew authentication", "casSrvMetaDataOptionsProxiedServices":"Proxied services", +"casSrvMetaDataOptionsRenew":"Renew authentication", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsUrl":"Server URL", -"casSrvMetaDataNodes":"CAS Server", "casSrvName":"CAS Servername", "casStorage":"CAS sessions module name", "casStorageOptions":"CAS sessions module options", "categoryName":"Category name", "cda":"Mehrere Domains", "certificateMailContent":"Mail content", -"certificateResetByMailManagement":"Certificate management", -"certificateResetByMailURL":"Reset page URL", "certificateResetByMailCeaAttribute":" Certificate Exact Assertion attribute name", "certificateResetByMailCertificateAttribute":" Certificate binary content attribute name", -"certificateResetByMailStep1Subject":"Reset mail subject", +"certificateResetByMailManagement":"Certificate management", "certificateResetByMailStep1Body":"Reset mail content", -"certificateResetByMailStep2Subject":"Confirmation mail subject", +"certificateResetByMailStep1Subject":"Reset mail subject", "certificateResetByMailStep2Body":"Confirmation mail content", +"certificateResetByMailStep2Subject":"Confirmation mail subject", +"certificateResetByMailURL":"Reset page URL", "certificateResetByMailValidityDelay":"Minimum duration before expiration", -"contentSecurityPolicy":"Content security policy", -"contextSwitching":"Switch context another user", -"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", -"contextSwitchingHiddenAttributes":"Hidden attributes", -"contextSwitchingIdRule":"Identities use rule", -"contextSwitchingRule":"Use rule", -"contextSwitchingStopWithLogout":"Stop by logout", -"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", -"cspConnect":"Ajax destinations", -"cspDefault":"Default value", -"cspFont":"Font source", -"cspFormAction":"Form destinations", -"cspFrameAncestors":"Frame ancestors URL", -"cspImg":"Image source", -"cspScript":"Script source", -"cspStyle":"Style source", -"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", -"corsEnabled":"Activation", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Summary", "cfgVersion":"Configuration version", -"checkXSS":"Check XSS attacks", -"clickHereToForce":"Click here to force", -"claimName":"Claim name", -"checkboxes":"Checkboxes", "checkDevOps":"Activation", "checkDevOpsDownload":"Download file", "checkState":"Activation", "checkStateSecret":"Shared secret", -"checkUsers":"SSO profile check", "checkUser":"Activation", "checkUserDisplay":"Display", -"checkUserIdRule":"Identities use rule", -"checkUserHiddenAttributes":"Hidden attributes", -"checkUserUnrestrictedUsersRule":"Unrestricted users rule", "checkUserDisplayComputedSession":"Computed sessions", -"checkUserDisplayPersistentInfo":"Persistent session data", "checkUserDisplayEmptyHeaders":"Empty headers", "checkUserDisplayEmptyValues":"Empty values", "checkUserDisplayNormalizedHeaders":"Normalized headers", +"checkUserDisplayPersistentInfo":"Persistent session data", +"checkUserHiddenAttributes":"Hidden attributes", "checkUserHiddenHeaders":"Hidden headers", +"checkUserIdRule":"Identities use rule", "checkUserSearchAttributes":"Attributes used for searching sessions", +"checkUserUnrestrictedUsersRule":"Unrestricted users rule", +"checkUsers":"SSO profile check", +"checkXSS":"Check XSS attacks", +"checkboxes":"Checkboxes", "choiceParams":"Choice parameters", "chooseLogo":"Choose logo", "chooseSkin":"Choose skin", +"claimName":"Claim name", +"clickHereToForce":"Click here to force", +"combModules":"Module list", "combination":"Combination", "combinationParams":"Combination parameters", "combineMods":"Combination of modules", -"combModules":"Module list", "comment":"Kommentar", "comments":"Kommentare", +"compactConf":"Compact configuration file", "condition":"Condition", "conf":"Konfiguration", -"Configuration":"Konfiguration", -"confirmFormMethod":"Method for confirm form", "confModuledeprecated":"This module has been deprecated, set \"forceUpload=1\" in lemonldap-ng.ini to use it", "confNotChanged":"Nicht gespeichert - keine Änderungen festgestellt.", "confSaved":"Konfiguration gesichert", "confWasChanged":"Konfiguration wurde geändert", +"confirmFormMethod":"Method for confirm form", "connectionTitle":"Verbindung", "content":"Content", +"contentSecurityPolicy":"Content security policy", +"contextSwitching":"Switch context another user", +"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", +"contextSwitchingHiddenAttributes":"Hidden attributes", +"contextSwitchingIdRule":"Identities use rule", +"contextSwitchingRule":"Use rule", +"contextSwitchingStopWithLogout":"Stop by logout", +"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", "cookieExpiration":"Cookie expiration time", "cookieName":"Cookie name", "cookieParams":"Cookies", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"Activation", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"Create", +"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"API key", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"Base URL of local API", +"cspConnect":"Ajax destinations", +"cspDefault":"Default value", +"cspFont":"Font source", +"cspFormAction":"Form destinations", +"cspFrameAncestors":"Frame ancestors URL", +"cspImg":"Image source", +"cspScript":"Script source", +"cspStyle":"Style source", "currentConfiguration":"Current configuration", "customAddParams":"Additional parameters", "customAuth":"Custom authentication module", @@ -257,21 +272,23 @@ "customResetCertByMail":"Custom certificateResetByMail module", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"Custom user DB module", +"databaseLocked":"Database locked by another process", "date":"Datum", +"dateTitle":"Dates", "dbiAuthChain":"Chain", "dbiAuthLoginCol":"Login field name", -"dbiAuthnLevel":"Authentication level", "dbiAuthPassword":"Passwort", "dbiAuthPasswordCol":"Password field name", "dbiAuthPasswordHash":"Hash scheme", -"dbiDynamicHash":"dynamic hashing", -"dbiDynamicHashEnabled":"dynamic hash activation", -"dbiDynamicHashValidSchemes":"Supported non-salted schemes", -"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", -"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", "dbiAuthTable":"Authentication table", "dbiAuthUser":"Benutzer", +"dbiAuthnLevel":"Authentication level", "dbiConnection":"Verbindung", +"dbiDynamicHash":"dynamic hashing", +"dbiDynamicHashEnabled":"dynamic hash activation", +"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", +"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", +"dbiDynamicHashValidSchemes":"Supported non-salted schemes", "dbiExportedVars":"Exported variables", "dbiParams":"DBI parameters", "dbiPassword":"Passwort", @@ -283,31 +300,29 @@ "decryptValueRule":"Use rule", "default":"Default", "defaultRule":"Default rule", -"demoModeOn":"This manager runs in demo mode", "deleteEntry":"Löschen", "deleteNotification":"Löschen", "deleteSession":"Session löschen", -"deleteU2FKey":"Delete U2F key", "deleteTOTPKey":"Delete TOTP key", +"deleteU2FKey":"Delete U2F key", "demoExportedVars":"Exported variables", +"demoModeOn":"This manager runs in demo mode", "demoParams":"Demonstration parameters", "description":"Beschreibung", "dest":"Recipient", -"diffViewer":"Difference viewer", "devOpsCheck":"Check DevOps handler file", +"diffViewer":"Difference viewer", "diffWithPrevious":"difference with previous", +"disablePersistentStorage":"Disable storage", "disabled":"Disabled", "displaySessionId":"Display session identifier", +"dn":"DN", +"domain":"Domain", "done":"done", "dones":"Done", -"down":"Move down", "doubleCookie":"Double cookie (HTTP and HTTPS)", "doubleCookieForSingleSession":"Double cookie for a single session", -"databaseLocked":"Database locked by another process", -"dateTitle":"Dates", -"dn":"DN", -"domain":"Domain", -"compactConf":"Compact configuration file", +"down":"Move down", "download":"Download", "downloadIt":"Download it", "duplicate":"Duplicate", @@ -316,21 +331,20 @@ "emptyConf":"Empty configuration", "emptyValueNotAllowed":"Empty value not allowed", "enabled":"Aktiviert", -"disablePersistentStorage":"Disable storage", "enterPassword":"Enter password (optional)", "error":"Error", "errors":"ERRORS", "exportedAttr":"SOAP/REST exported attributes", "exportedHeaders":"Exported headers", "exportedVars":"Exported Variables", +"ext2FSendCommand":"Send command", +"ext2FValidateCommand":"Validation command", "ext2f":"External second factor", "ext2fActivation":"Activation", -"ext2fCodeActivation":"Code regex", "ext2fAuthnLevel":"Authentication level", +"ext2fCodeActivation":"Code regex", "ext2fLabel":"Label", "ext2fLogo":"Logo", -"ext2FSendCommand":"Send command", -"ext2FValidateCommand":"Validation command", "facebookAppId":"Facebook application ID", "facebookAppSecret":"Facebook application secret", "facebookAuthnLevel":"Authentication level", @@ -340,16 +354,16 @@ "failedLoginNumber":"Number of registered failed logins", "fileToUpload":"File to upload", "findUser":"Activation", -"findUsers":"Search for user account", "findUserControl":"Parameters control", "findUserExcludingAttributes":"Excluding attributes", "findUserSearchingAttributes":"Searching attributes", "findUserWildcard":"Character used as wildcard", +"findUsers":"Search for user account", "forbidden":"You're not authorized to show this page", "forceSave":"Force save", -"format":"Format", "formReplay":"Form replay", "formTimeout":"Form timeout", +"format":"Format", "forms":"Forms", "friendlyName":"Friendly name", "generalParameters":"General Parameters", @@ -371,72 +385,73 @@ "grantSessionRules":"Opening conditions", "groups":"Groups", "groupsBeforeMacros":"Compute groups before macros", +"hGroups":"Groups (HashRef)", "hashkey":"Key", "headers":"HTTP Headers", -"hGroups":"Groups (HashRef)", -"hostname":"Hostname", "hiddenAttributes":"Hidden attributes", "hide":"Hide", "hideHelp":"Hide help", "hideOldPassword":"Hide old password", "hideTree":"Hide tree", +"hostname":"Hostname", "httpOnly":"Javascript protection", "https":"HTTPS", "impersonation":"Impersonation", -"impersonationRule":"Use rule", -"impersonationIdRule":"Identities use rule", "impersonationHiddenAttributes":"Hidden attributes", +"impersonationIdRule":"Identities use rule", "impersonationMergeSSOgroups":"Merge spoofed and real SSO groups", +"impersonationRule":"Use rule", "impersonationSkipEmptyValues":"Skip empty values", "impersonationUnrestrictedUsersRule":"Unrestricted users rule", "incompleteForm":"Required fields are missing", "index":"Index", "infoFormMethod":"Method for info form", -"invalidSessionData":"Invalid session data", +"instance":"Instance", "int":"Integer", "internalReference":"Internal reference", +"invalidSessionData":"Invalid session data", "ipAddr":"IP address", "ipAddresses":"IP addresses", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Activation", +"issuerDBCASOptions":"Options", +"issuerDBCASPath":"Path", +"issuerDBCASRule":"Use rule", "issuerDBGet":"GET", "issuerDBGetActivation":"Activation", "issuerDBGetParameters":"GET parameters", "issuerDBGetPath":"Path", "issuerDBGetRule":"Use rule", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"Activation", -"issuerDBSAMLPath":"Path", -"issuerDBSAMLRule":"Use rule", -"issuerDBCAS":"CAS", -"issuerDBCASActivation":"Activation", -"issuerDBCASPath":"Path", -"issuerDBCASRule":"Use rule", -"issuerDBCASOptions":"Options", "issuerDBOpenID":"OpenID", "issuerDBOpenIDActivation":"Activation", -"issuerDBOpenIDPath":"Path", -"issuerDBOpenIDRule":"Use rule", -"issuerDBOpenIDOptions":"Options", "issuerDBOpenIDConnect":"OpenID Connect", "issuerDBOpenIDConnectActivation":"Activation", "issuerDBOpenIDConnectPath":"Path", "issuerDBOpenIDConnectRule":"Use rule", +"issuerDBOpenIDOptions":"Options", +"issuerDBOpenIDPath":"Path", +"issuerDBOpenIDRule":"Use rule", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Activation", +"issuerDBSAMLPath":"Path", +"issuerDBSAMLRule":"Use rule", "issuerOptions":"Options", "issuerParams":"Issuer modules", "issuersTimeout":"Issuers timeout", -"jsRedirect":"Redirection message", "jqueryButtonSelector":"jQuery button selector (optional)", "jqueryFormSelector":"jQuery form selector (optional)", "jqueryUrl":"jQuery URL (optional)", +"jsRedirect":"Redirection message", +"kerberosParams":"Kerberos parameters", "key":"Encryption key", -"keys":"Keys", -"keyname":"Key name", "keyPassword":"Key password", +"keyname":"Key name", +"keys":"Keys", +"krbAllowedDomains":"Allowed domains", "krbAuthnLevel":"Kerberos authn level", "krbByJs":"Use Ajax request", "krbKeytab":"keytab file", "krbRemoveDomain":"Remove domain from Kerberos username", -"krbAllowedDomains":"Allowed domains", -"kerberosParams":"Kerberos parameters", "label":"Label", "languages":"Languages", "latest":"Latest", @@ -450,7 +465,6 @@ "ldapConnection":"Connection", "ldapExportedVars":"Exported variables", "ldapFilters":"Filters", -"LDAPFilter":"Default filter", "ldapGetUserBeforePasswordChange":"Search for user before password change", "ldapGroupAttributeName":"Target attribute", "ldapGroupAttributeNameGroup":"Group source attribute", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"Object class", "ldapGroupRecursive":"Recursive", "ldapGroups":"Groups", +"ldapIOTimeout":"Operation timeout", "ldapITDS":"IBM Tivoli DS support", "ldapParams":"LDAP parameters", "ldapPassword":"Password", "ldapPasswordResetAttribute":"Reset attribute", "ldapPasswordResetAttributeValue":"Reset value", -"ldapPpolicyControl":"Password policy control", "ldapPort":"Server port", +"ldapPpolicyControl":"Password policy control", "ldapPwdEnc":"LDAP password encoding", "ldapRaw":"Binary attributes", "ldapSearchDeref":"Alias dereference", "ldapServer":"Server host", "ldapSetPassword":"Password modify extended operation", "ldapTimeout":"Connection timeout", -"ldapIOTimeout":"Operation timeout", "ldapUsePasswordResetAttribute":"Use reset attribute", "ldapVerify":"Verify LDAP server certificate", "ldapVersion":"Version", @@ -483,35 +497,34 @@ "linkedInClientID":"Client ID", "linkedInClientSecret":"Client secret", "linkedInFields":"Searched fields", -"linkedinParams":"LinkedIn Parameters", "linkedInScope":"Scope", "linkedInUserField":"Field containing user identifier", +"linkedinParams":"LinkedIn Parameters", "load":"Load", -"loadedConfiguration":"Loaded configuration", "loadFromUrl":"Load from URL", +"loadedConfiguration":"Loaded configuration", "localSessionStorage":"Cache module", "localSessionStorageOptions":"Cache module options", "locationRules":"Access rules", +"logParams":"Logs", "loginHistory":"Login history", "loginHistoryEnabled":"Activation", "logo":"Logo", "logout":"Logout", "logoutServices":"Logout forward", -"logParams":"Logs", "lwpOpts":"Options for server requests", "lwpSslOpts":"SSL options for server requests", -"instance":"Instance", "macros":"Macros", "mail2f":"Mail second factor", "mail2fActivation":"Activation", -"mail2fCodeRegex":"Code regex", -"mail2fTimeout":"Code timeout", -"mail2fSubject":"Mail subject", -"mail2fBody":"Mail body", "mail2fAuthnLevel":"Authentication level", -"mail2fLabel":"Label", +"mail2fBody":"Mail body", +"mail2fCodeRegex":"Code regex", +"mail2fLabel":"Label", "mail2fLogo":"Logo", "mail2fSessionKey":"Session key containing mail address", +"mail2fSubject":"Mail subject", +"mail2fTimeout":"Code timeout", "mailBody":"Success mail content", "mailCharset":"Charset", "mailConfirmBody":"Confirmation mail content", @@ -535,22 +548,22 @@ "markAsDone":"Mark as done", "memberOfSSOGroups":"Member of SSO groups", "menu":"Menu", +"menuCategory":"Menu category", "message":"Message", "messages":"Messages", -"menuCategory":"Menu category", "modulesTitle":"Used modules", "multiIp":"Multi IP", -"multipleSessions":"Multiple sessions", "multiValuesSeparator":"Separator", +"multipleSessions":"Multiple sessions", "name":"Name", "needConfirmation":"A new configuration is available. To force saving this one, click on the check box near the 'save' button", "networkProblem":"Network problem", "never":"Never", "newApp":"New application", -"newChain":"New chain", "newCat":"New category", "newCertificate":"New certificate", "newCfgAvailable":"A new configuration is available", +"newChain":"New chain", "newCmbMod":"New module", "newCmbOver":"New parameter", "newEntry":"New entry", @@ -560,41 +573,40 @@ "newPostVar":"New variable", "newRSAKey":"New keys", "newRule":"New rule", -"newSfOver":"New parameter", "newSfExtra":"New second factor", +"newSfOver":"New parameter", "newValue":"New value", "next":"Next", "nginxCustomHandlers":"Custom Nginx handlers", "noAjaxHook":"Keep redirections for Ajax", "noData":"No data to display", "notABoolean":"Not a boolean", -"notAnInteger":"Not an integer", "notAValidPerlExpression":"Not a valid Perl expression", +"notAnInteger":"Not an integer", "notification":"Activation", -"notifications":"Notifications", -"notification_s":"notification(s)", -"notificationDefaultCond":"Default condition", -"notificationServer":"Notification server", -"notificationServerDELETE":"DELETE method", -"notificationServerGET":"GET method", -"notificationServerMethods":"HTTP methods", -"notificationServerPOST":"POST method", -"notificationServerSentAttributes":"Notification parameters to send", -"serverNotification":"Server", "notificationCreated":"Notification has been created", +"notificationDefaultCond":"Default condition", "notificationDeleted":"Notification has been marked as done", "notificationDone":"Notification done", -"notificationsDone":"Notifications done", -"notificationsExplorer":"Explorer", "notificationNotCreated":"The notification was not created", "notificationNotDeleted":"The notification was not marked as done", "notificationNotFound":"The notification was not found", "notificationNotPurged":"The notification was not definitely removed", "notificationPurged":"Notification has been definitely removed", +"notificationServer":"Notification server", +"notificationServerDELETE":"DELETE method", +"notificationServerGET":"GET method", +"notificationServerMethods":"HTTP methods", +"notificationServerPOST":"POST method", +"notificationServerSentAttributes":"Notification parameters to send", "notificationStorage":"Storage module", "notificationStorageOptions":"Storage module parameters", "notificationWildcard":"Wildcard for all users", "notificationXSLTfile":"Custom XSLT file", +"notification_s":"notification(s)", +"notifications":"Notifications", +"notificationsDone":"Notifications done", +"notificationsExplorer":"Explorer", "notifyDeleted":"Display deleted sessions", "notifyOther":"Display other sessions", "nullAuthnLevel":"Authentication level", @@ -602,8 +614,6 @@ "number":"Number", "off":"Off", "offlineSessions":"Offline sessions", -"oldValue":"Old value", -"on":"On", "oidcAttribute":"OIDC Attribute", "oidcAuthnLevel":"Authentication level", "oidcConsents":"OpenID Connect Consents", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"Metadata", "oidcOPMetaDataJWKS":"JWKS data", "oidcOPMetaDataNode":"OpenID Connect Providers", +"oidcOPMetaDataNodes":"OpenID Connect Providers", "oidcOPMetaDataOptions":"Optionen", -"oidcRPMetaDataOptionsBasic":"Basic", -"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", -"oidcRPMetaDataOptionsAdvanced":"Advanced", -"oidcRPMetaDataOptionsTimeouts":"Timeouts", -"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", +"oidcOPMetaDataOptionsAcrValues":"ACR values", "oidcOPMetaDataOptionsCheckJWTSignature":"Check JWT signature", "oidcOPMetaDataOptionsClientID":"Client ID", "oidcOPMetaDataOptionsClientSecret":"Client secret", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"Display", "oidcOPMetaDataOptionsDisplayName":"Display name", "oidcOPMetaDataOptionsDisplayParams":"Display", +"oidcOPMetaDataOptionsIDTokenMaxAge":"ID Token max age", "oidcOPMetaDataOptionsIcon":"Logo", -"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", -"oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", -"oidcRPMetaDataOptionsLogoutType":"Type", -"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsMaxAge":"Max age", +"oidcOPMetaDataOptionsPrompt":"Prompt", "oidcOPMetaDataOptionsProtocol":"Protocol", -"oidcRPMetaDataOptionsPublic":"Public client", -"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", -"oidcRPMetaDataOptionsAuthnLevel":"Authentication level", -"oidcRPMetaDataOptionsRule":"Access rule", -"oidcRPMetaDataMacros":"Macros", -"oidcRPMetaDataScopeRules":"Scope rules", "oidcOPMetaDataOptionsScope":"Scope", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsStoreIDToken":"Store ID Token", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method", +"oidcOPMetaDataOptionsUiLocales":"Locales UI", +"oidcOPMetaDataOptionsUseNonce":"Use nonce", "oidcOPName":"OpenID Connect Provider Name", "oidcParams":"OpenID Connect parameters", "oidcRP":"OpenID Connect Relying Party", "oidcRPCallbackGetParam":"Callback GET parameter", "oidcRPMetaDataExportedVars":"Exported attributes", +"oidcRPMetaDataMacros":"Macros", "oidcRPMetaDataNode":"OpenID Connect Relying Parties", +"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", "oidcRPMetaDataOptions":"Options", +"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenExpiration":"Access Token expiration", "oidcRPMetaDataOptionsAccessTokenJWT":"Use JWT format for Access Token", -"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Access Token signature algorithm", +"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", +"oidcRPMetaDataOptionsAdvanced":"Advanced", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Allow OAuth2.0 Client Credentials Grant", +"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", "oidcRPMetaDataOptionsAllowPasswordGrant":"Allow OAuth2.0 Password Grant", +"oidcRPMetaDataOptionsAuthnLevel":"Authentication level", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcRPMetaDataOptionsBasic":"Basic", "oidcRPMetaDataOptionsBypassConsent":"Bypass consent", "oidcRPMetaDataOptionsClientID":"Client ID", "oidcRPMetaDataOptionsClientSecret":"Client secret", "oidcRPMetaDataOptionsDisplay":"Display", "oidcRPMetaDataOptionsDisplayName":"Display name", -"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsExtraClaims":"Extra claims", "oidcRPMetaDataOptionsIDTokenExpiration":"ID Token expiration", -"oidcRPMetaDataOptionsIDTokenSignAlg":"ID Token signature algorithm", "oidcRPMetaDataOptionsIDTokenForceClaims":"Force claims to be returned in ID Token", +"oidcRPMetaDataOptionsIDTokenSignAlg":"ID Token signature algorithm", +"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", +"oidcRPMetaDataOptionsLogoutType":"Type", +"oidcRPMetaDataOptionsLogoutUrl":"URL", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Offline session expiration", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", +"oidcRPMetaDataOptionsPublic":"Public client", +"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", +"oidcRPMetaDataOptionsRule":"Access rule", +"oidcRPMetaDataOptionsTimeouts":"Timeouts", "oidcRPMetaDataOptionsUserIDAttr":"User attribute", +"oidcRPMetaDataScopeRules":"Scope rules", "oidcRPName":"OpenID Connect RP Name", "oidcRPStateTimeout":"State session timeout", +"oidcServiceAccessTokenExpiration":"Access Token expiration", +"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", +"oidcServiceAllowDynamicRegistration":"Dynamic Registration", +"oidcServiceAllowHybridFlow":"Hybrid Flow", +"oidcServiceAllowImplicitFlow":"Implicit Flow", +"oidcServiceAllowOffline":"Allow offline access", +"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", +"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", +"oidcServiceIDTokenExpiration":"ID Token expiration", +"oidcServiceKeyIdSig":"Signing key ID", "oidcServiceMetaData":"OpenID Connect Service", +"oidcServiceMetaDataAuthnContext":"Authentication context", "oidcServiceMetaDataAuthorizeURI":"Authorization", "oidcServiceMetaDataBackChannelURI":"Back-Channel URI", +"oidcServiceMetaDataCheckSessionURI":"Check Session", "oidcServiceMetaDataEndPoints":"End points", +"oidcServiceMetaDataEndSessionURI":"End of session", "oidcServiceMetaDataFrontChannelURI":"Front-Channel URI", +"oidcServiceMetaDataIntrospectionURI":"Introspection", +"oidcServiceMetaDataIssuer":"Issuer identifier", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"Keys", "oidcServiceMetaDataRegistrationURI":"Registration", -"oidcServiceMetaDataIntrospectionURI":"Introspection", "oidcServiceMetaDataSecurity":"Security", -"oidcServiceMetaDataEndSessionURI":"End of session", -"oidcServiceMetaDataAuthnContext":"Authentication context", "oidcServiceMetaDataSessions":"Sessions", +"oidcServiceMetaDataTokenURI":"Token", +"oidcServiceMetaDataUserInfoURI":"User Info", +"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcServicePrivateKeySig":"Signing private key", "oidcServicePublicKeySig":"Signing public key", -"oidcServiceKeyIdSig":"Signing key ID", -"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", -"oidcServiceAccessTokenExpiration":"Access Token expiration", -"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", -"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", -"oidcServiceIDTokenExpiration":"ID Token expiration", -"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcStorage":"Sessions module name", "oidcStorageOptions":"Sessions module options", -"oidcOPMetaDataNodes":"OpenID Connect Providers", -"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", -"oidcOPMetaDataOptionsPrompt":"Prompt", -"oidcOPMetaDataOptionsMaxAge":"Max age", -"oidcOPMetaDataOptionsUiLocales":"Locales UI", -"oidcOPMetaDataOptionsAcrValues":"ACR values", -"oidcOPMetaDataOptionsIDTokenMaxAge":"ID Token max age", -"oidcOPMetaDataOptionsUseNonce":"Use nonce", -"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", -"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", -"oidcRPMetaDataOptionsExtraClaims":"Extra claims", -"oidcServiceMetaDataIssuer":"Issuer identifier", -"oidcServiceMetaDataTokenURI":"Token", -"oidcServiceMetaDataUserInfoURI":"User Info", -"oidcServiceMetaDataCheckSessionURI":"Check Session", -"oidcServiceAllowDynamicRegistration":"Dynamic Registration", -"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", -"oidcServiceAllowImplicitFlow":"Implicit Flow", -"oidcServiceAllowHybridFlow":"Hybrid Flow", -"oidcServiceAllowOffline":"Allow offline access", "ok":"OK", "oldNotifFormat":"Use old XML format", +"oldValue":"Old value", +"on":"On", "openIdAttr":"OpenID login", "openIdAuthnLevel":"Authentication level", "openIdExportedVars":"Exported variables", "openIdIDPList":"Authorized domains", "openIdIssuerSecret":"Secret token", -"openidParams":"OpenID parameters", +"openIdSPList":"Authorized domains", "openIdSecret":"Secret token", "openIdSreg":"SREG mapping", +"openIdSreg_country":"Country", +"openIdSreg_dob":"Date of birth", +"openIdSreg_email":"Email", "openIdSreg_fullname":"Full name", -"openIdSreg_nickname":"Nick name", +"openIdSreg_gender":"Gender", "openIdSreg_language":"Language", +"openIdSreg_nickname":"Nick name", "openIdSreg_postcode":"Postal code", "openIdSreg_timezone":"Timezone", -"openIdSreg_country":"Country", -"openIdSreg_gender":"Gender", -"openIdSreg_email":"Email", -"openIdSreg_dob":"Date of birth", -"openIdSPList":"Authorized domains", -"OpenIDConnect":"OpenID Connect", -"OptionalTitle":"Optional title", +"openidParams":"OpenID parameters", "overPrm":"Overloaded parameters", "pamAuthnLevel":"Authentication level", "pamParams":"PAM parameters", @@ -745,11 +755,11 @@ "passwordManagement":"Password management", "passwordPolicy":"Password policy", "passwordPolicyActivation":"Activation", -"passwordPolicyMinSize":"Minimal size", -"passwordPolicyMinLower":"Minimal lower characters", -"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicyMinDigit":"Minimal digit characters", +"passwordPolicyMinLower":"Minimal lower characters", +"passwordPolicyMinSize":"Minimal size", "passwordPolicyMinSpeChar":"Minimal special characters", +"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicySpecialChar":"Allowed special characters", "passwordResetAllowedRetries":"Max reset password retries", "persistent":"Persistent", @@ -771,8 +781,8 @@ "portalDisplayGeneratePassword":"Display generate password box", "portalDisplayLoginHistory":"Login History", "portalDisplayLogout":"Logout", -"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayOidcConsents":"OIDC Consents", +"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayRefreshMyRights":"Display rights refresh link", "portalDisplayRegister":"Register new account", "portalDisplayResetPassword":"Reset password", @@ -780,6 +790,7 @@ "portalErrorOnMailNotFound":"Show error on mail not found", "portalForceAuthn":"Force authentication", "portalForceAuthnInterval":"Force authentication interval", +"portalMainLogo":"Main Logo", "portalMenu":"Menu", "portalModules":"Modules activation", "portalOpenLinkInNewWindow":"New window", @@ -792,31 +803,30 @@ "portalSkin":"Default Skin", "portalSkinBackground":"Skin background", "portalSkinRules":"Skin display rules", -"portalMainLogo":"Main Logo", "portalStatus":"Publish portal status", "portalUserAttr":"User attribute", "post":"Form replay", -"postedVars":"Variables to post", -"postUrl":"Form URL", "postTargetUrl":"Form target URL (optional)", +"postUrl":"Form URL", +"postedVars":"Variables to post", "previous":"Previous", "privateKey":"Private key", -"proxyAuthnLevel":"Authentication level", "proxyAuthService":"Internal portal URL", -"proxySessionService":"Session service URL", +"proxyAuthnLevel":"Authentication level", "proxyParams":"Proxy parameters", +"proxySessionService":"Session service URL", "proxyUseSoap":"Use SOAP instead of REST", "publicKey":"Public key", "purgeNotification":"Delete notification definitely", "radius2f":"Radius second factor", "radius2fActivation":"Activation", -"radius2fServer":"Server hostname", -"radius2fSecret":"Shared secret", -"radius2fUsernameSessionKey":"Session key containing login", -"radius2fTimeout":"Authentication timeout", "radius2fAuthnLevel":"Authentication level", -"radius2fLogo":"Logo", "radius2fLabel":"Label", +"radius2fLogo":"Logo", +"radius2fSecret":"Shared secret", +"radius2fServer":"Server hostname", +"radius2fTimeout":"Authentication timeout", +"radius2fUsernameSessionKey":"Session key containing login", "radiusAuthnLevel":"Authentication level", "radiusParams":"Radius parameters", "radiusSecret":"Shared secret", @@ -845,116 +855,243 @@ "remotePortal":"Portal URL", "replaceByFile":"Replace by file", "requireToken":"Require token for forms", -"restAuthnLevel":"Authentication level", -"restAuthUrl":"Authentication URL", -"restConfigServer":"Configuration server", -"restServices":"REST services", -"restore":"Restore", -"restoreConf":"Restore configuration", "rest2f":"REST second factor", "rest2fActivation":"Activation", "rest2fAuthnLevel":"Authentication level", -"rest2fLabel":"Label", "rest2fInitArgs":"Init Arguments", "rest2fInitUrl":"Init URL", +"rest2fLabel":"Label", "rest2fLogo":"Logo", "rest2fVerifyArgs":"Verify Arguments", "rest2fVerifyUrl":"Verify URL", +"restAuthServer":"Authentication server", +"restAuthUrl":"Authentication URL", +"restAuthnLevel":"Authentication level", +"restClockTolerance":"Server clock tolerance", +"restConfigServer":"Configuration server", "restExportSecretKeys":"Export secret attributes", +"restFindUserDBUrl":"User accounts URL", "restParams":"REST parameters", +"restPasswordServer":"Password reset server", "restPwdConfirmUrl":"Password confirmation URL", "restPwdModifyUrl":"Password change URL", +"restServices":"REST services", "restSessionServer":"Session server", -"restAuthServer":"Authentication server", -"restClockTolerance":"Server clock tolerance", -"restFindUserDBUrl":"User accounts URL", -"restPasswordServer":"Password reset server", "restUserDBUrl":"User data URL", +"restore":"Restore", +"restoreConf":"Restore configuration", "returnUrl":"Return URL", "rp":"Relying Party", "rule":"Rule", "ruleAuthnLevel":"Required authentication level", "rules":"Regeln", "rulesAuthnLevel":"Required auth levels", -"Same":"Same", "sameSite":"Cookie SameSite value", -"save":"Save", -"saveReport":"Save report", -"savingConfirmation":"Saving confirmation", -"scope":"Scope", -"search":"Search...", -"secondFactors":"Second factors", -"securedCookie":"Secured Cookie (SSL)", -"security":"Security", -"sendTestMail":"Send test email", -"sendTestMailSuccess":"Test email successfully sent", -"serverError":"Server error", -"session":"session", -"sessions":"Sessions", -"session_s":"session(s)", -"sessionDataToRemember":"Session data to store", -"sessionDeleted":"The session was deleted", -"sessionExpired":"The session is expired", -"sessionParams":"Sessions", -"sessionStartedAt":"Session started on", -"sessionStorage":"Sessions Storage", -"sessionTitle":"Session content", -"sfaTitle":"Second factors authentication", -"sfExtra":"Additional second factors", -"sfManagerRule":"Display Manager link", -"sfOnlyUpgrade":"Use 2FA for session upgrade", -"sfRequired":"Force 2FA registration at login", -"sfRemovedNotification":"Warn if an expired 2FA is removed", -"sfRemovedMsgRule":"Activation", -"sfRemovedUseNotif":"Use Notifications plugin", -"sfRemovedNotifMsg":"Notification message", -"sfRemovedNotifRef":"Notification reference", -"sfRemovedNotifTitle":"Notification title", -"sfRemovedMsg":"Display a message if an expired 2FA is removed", -"show":"Show", -"showHelp":"Show help", -"showLanguages":"Show languages choice", -"singleIP":"One IP address per user", -"singleSession":"One session per user", -"singleUserByIP":"One user per IP address", -"skipRenewConfirmation":"Skip re-auth confirmation", -"skipUpgradeConfirmation":"Skip upgrade confirmation", -"slaveAuthnLevel":"Authentication level", -"slaveDisplayLogo":"Display authentication logo", -"slaveExportedVars":"Exported variables", -"slaveMasterIP":"Master's IP address", -"slaveParams":"Slave parameters", -"slaveUserHeader":"Header for user login", -"slaveHeaderName":"Control header name", -"slaveHeaderContent":"Control header content", -"SMTP":"SMTP", -"SMTPAuthPass":"SMTP password", -"SMTPAuthUser":"SMTP user", -"SMTPPort":"SMTP port", -"SMTPServer":"SMTP Server", -"SMTPTLS":"SSL/TLS protocol", -"SMTPTLSOpts":"SSL/TLS options", +"saml":"SAML", +"samlAdvanced":"Advanced", +"samlAttribute":"SAML attribute", +"samlAttributeAuthorityDescriptor":"Attribute Authority", +"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlAuthnContextMap":"Authentication contexts", +"samlAuthnContextMapKerberos":"Kerberos", +"samlAuthnContextMapPassword":"Passwort", +"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", +"samlAuthnContextMapTLSClient":"TLS client", +"samlCommonDomainCookie":"Common Domain Cookie", +"samlCommonDomainCookieActivation":"Activation", +"samlCommonDomainCookieDomain":"Common domain", +"samlCommonDomainCookieReader":"Reader URL", +"samlCommonDomainCookieWriter":"Writer URL", +"samlDiscoveryProtocol":"Discovery Protocol", +"samlDiscoveryProtocolActivation":"Activation", +"samlDiscoveryProtocolIsPassive":"Is Passive", +"samlDiscoveryProtocolPolicy":"Policy", +"samlDiscoveryProtocolURL":"EndPoint URL", +"samlEntityID":"Entity Identifier", +"samlIDP":"SAML Identitätsanbieter", +"samlIDPMetaDataExportedAttributes":"Exported attributes", +"samlIDPMetaDataNodes":"SAML Identity Providers", +"samlIDPMetaDataOptions":"Options", +"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", +"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", +"samlIDPMetaDataOptionsBinding":"Binding", +"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlIDPMetaDataOptionsCheckTime":"Check time conditions", +"samlIDPMetaDataOptionsDisplay":"Display", +"samlIDPMetaDataOptionsDisplayName":"Display name", +"samlIDPMetaDataOptionsDisplayParams":"Display", +"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlIDPMetaDataOptionsForceAuthn":"Force authentication", +"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlIDPMetaDataOptionsIcon":"Logo", +"samlIDPMetaDataOptionsIsPassive":"Passive authentication", +"samlIDPMetaDataOptionsNameIDFormat":"NameID format", +"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", +"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", +"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", +"samlIDPMetaDataOptionsSLOBinding":"SLO binding", +"samlIDPMetaDataOptionsSSOBinding":"SSO binding", +"samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSession":"Session", +"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlIDPMetaDataOptionsSignature":"Signature", +"samlIDPMetaDataOptionsSignatureMethod":"Signature method", +"samlIDPMetaDataOptionsSortNumber":"Order", +"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", +"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", +"samlIDPMetaDataXML":"Metadata", +"samlIDPName":"SAML IDP Name", +"samlIDPSSODescriptor":"Identity Provider", +"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlIDPSSODescriptorSingleLogoutService":"Single Logout", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", +"samlMetadataForceUTF8":"UTF8 metadata conversion", +"samlNameIDFormatMap":"NameID formats", +"samlNameIDFormatMapEmail":"Email", +"samlNameIDFormatMapKerberos":"Kerberos", +"samlNameIDFormatMapWindows":"Windows", +"samlNameIDFormatMapX509":"X509", +"samlOrganization":"Organization", +"samlOrganizationDisplayName":"Display Name", +"samlOrganizationName":"Name", +"samlOrganizationURL":"URL", +"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP", +"samlPartnerName":"Name of SAML partner", +"samlRelayStateTimeout":"RelayState session timeout", +"samlSP":"SAML Service Provider", +"samlSPMetaDataExportedAttributes":"Exported attributes", +"samlSPMetaDataMacros":"Macros", +"samlSPMetaDataNodes":"SAML Service Providers", +"samlSPMetaDataOptions":"Options", +"samlSPMetaDataOptionsAuthnLevel":"Authentication level", +"samlSPMetaDataOptionsAuthnResponse":"Authentication response", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", +"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", +"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", +"samlSPMetaDataOptionsOneTimeUse":"One time use", +"samlSPMetaDataOptionsRule":"Access rule", +"samlSPMetaDataOptionsSecurity":"Security", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", +"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlSPMetaDataOptionsSignature":"Signature", +"samlSPMetaDataOptionsSignatureMethod":"Signature method", +"samlSPMetaDataXML":"Metadata", +"samlSPName":"SAML Service Provider Name", +"samlSPSSODescriptor":"Service Provider", +"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", +"samlSPSSODescriptorSingleLogoutService":"Single Logout", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", +"samlServiceMetaData":"SAML2 Service", +"samlServicePrivateKeyEnc":"Private key", +"samlServicePrivateKeyEncPwd":"Private key password", +"samlServicePrivateKeySig":"Private key", +"samlServicePrivateKeySigPwd":"Private key password", +"samlServicePublicKeyEnc":"Public key", +"samlServicePublicKeySig":"Public key", +"samlServiceSecurity":"Security parameters", +"samlServiceSecurityEnc":"Encryption", +"samlServiceSecuritySig":"Signature", +"samlServiceSignatureMethod":"Signature method", +"samlServiceUseCertificateInResponse":"Use certificate in responses", +"samlStorage":"SAML sessions module name", +"samlStorageOptions":"SAML sessions module options", +"samlUseQueryStringSpecific":"Use specific query_string method", +"save":"Save", +"saveReport":"Save report", +"savingConfirmation":"Saving confirmation", +"scope":"Scope", +"search":"Search...", +"secondFactors":"Second factors", +"securedCookie":"Secured Cookie (SSL)", +"security":"Security", +"sendTestMail":"Send test email", +"sendTestMailSuccess":"Test email successfully sent", +"serverError":"Server error", +"serverNotification":"Server", +"session":"session", +"sessionDataToRemember":"Session data to store", +"sessionDeleted":"The session was deleted", +"sessionExpired":"The session is expired", +"sessionParams":"Sessions", +"sessionStartedAt":"Session started on", +"sessionStorage":"Sessions Storage", +"sessionTitle":"Session content", +"session_s":"session(s)", +"sessions":"Sessions", +"sfExtra":"Additional second factors", +"sfManagerRule":"Display Manager link", +"sfOnlyUpgrade":"Use 2FA for session upgrade", +"sfRemovedMsg":"Display a message if an expired 2FA is removed", +"sfRemovedMsgRule":"Activation", +"sfRemovedNotifMsg":"Notification message", +"sfRemovedNotifRef":"Notification reference", +"sfRemovedNotifTitle":"Notification title", +"sfRemovedNotification":"Warn if an expired 2FA is removed", +"sfRemovedUseNotif":"Use Notifications plugin", +"sfRequired":"Force 2FA registration at login", +"sfaTitle":"Second factors authentication", +"show":"Show", +"showHelp":"Show help", +"showLanguages":"Show languages choice", +"singleIP":"One IP address per user", +"singleSession":"One session per user", +"singleUserByIP":"One user per IP address", +"skipRenewConfirmation":"Skip re-auth confirmation", +"skipUpgradeConfirmation":"Skip upgrade confirmation", +"slaveAuthnLevel":"Authentication level", +"slaveDisplayLogo":"Display authentication logo", +"slaveExportedVars":"Exported variables", +"slaveHeaderContent":"Control header content", +"slaveHeaderName":"Control header name", +"slaveMasterIP":"Master's IP address", +"slaveParams":"Slave parameters", +"slaveUserHeader":"Header for user login", "soapConfigServer":"Configuration server", "soapServices":"SOAP services", "soapSessionServer":"Session server", "specialRule":"Special rule", -"SSLAuthnLevel":"Authentication level", "sslByAjax":"Use Ajax request", "sslHost":"Ajax SSL URL", "sslParams":"SSL parameters", -"SSLVar":"Extracted certificate field", -"SSLVarIf":"Conditional extracted certificate field", "ssoSessions":"SSO sessions", "stateCheck":"State Check", "stayConnect":"Persistent connections", "stayConnected":"Activation", "stayConnectedCookieName":"Cookie name", "stayConnectedTimeout":"Expiration time", -"successfullySaved":"Successfully saved", "storePassword":"Store user password in session", "string":"String", "subtitle":"Subtitle", "successLoginNumber":"Number of registered logins", +"successfullySaved":"Successfully saved", "sympaHandler":"Sympa", "sympaMailKey":"Mail session key", "sympaSecret":"Shared secret", @@ -970,12 +1107,12 @@ "totp2f":"TOTP", "totp2fActivation":"Activation", "totp2fAuthnLevel":"TOTP authentication level", -"totp2fLabel":"Label", -"totp2fLogo":"Logo", "totp2fDigits":"Number of digits", "totp2fDisplayExistingSecret":"Display existing secret", "totp2fInterval":"Interval", "totp2fIssuer":"TOTP Issuer name", +"totp2fLabel":"Label", +"totp2fLogo":"Logo", "totp2fRange":"Range of attempts", "totp2fSelfRegistration":"Self registration", "totp2fTTL":"Lifetime", @@ -1004,20 +1141,20 @@ "unknownKey":"Unknown key", "unsecuredCookie":"Unsecured cookie", "up":"Move up", -"uploadDenied":"Upload denied", "upgradeSession":"Session upgrade", +"uploadDenied":"Upload denied", "uri":"URI", "url":"URL", "use":"Use", -"user":"Benutzer", -"users":"Users", -"userDB":"Users module", -"userdbOnly":"User DB only", -"userControl":"Username control", -"userPivot":"Login field name in user table", "useRedirectOnError":"Redirect on error", "useRedirectOnForbidden":"Redirect on forbidden", "useSafeJail":"Use Safe jail", +"user":"Benutzer", +"userControl":"Username control", +"userDB":"Users module", +"userPivot":"Login field name in user table", +"userdbOnly":"User DB only", +"users":"Users", "utotp2f":"TOTP-or-U2F", "utotp2fActivation":"Activation", "utotp2fAuthnLevel":"Authentication level", @@ -1025,10 +1162,10 @@ "utotp2fLogo":"Logo", "value":"Value", "values":"Values", -"variables":"Variables", "variableName":"Variable name", -"verifyU2FKey":"Verify U2F key", +"variables":"Variables", "verifyTOTPKey":"Verify TOTP key", +"verifyU2FKey":"Verify U2F key", "version":"Version", "vhostAccessToTrace":"Access to trace", "vhostAliases":"Aliases", @@ -1044,24 +1181,24 @@ "virtualHost":"Virtual Host", "virtualHostName":"Virtual host hostname", "virtualHosts":"Virtual Hosts", +"waitOrF5":"Wait for redirection or press F5", +"waitingForDatas":"Waiting for datas", "warning":"Warning", "warnings":"Warnings", -"waitingForDatas":"Waiting for datas", "webIDAuthnLevel":"Authentication level", "webIDExportedVars":"Exported variables", -"webidParams":"WebID parameters", "webIDWhitelist":"WebID whitelist", -"waitOrF5":"Wait for redirection or press F5", +"webidParams":"WebID parameters", "whatToTrace":"REMOTE_USER", "whiteList":"White list", "wsdlServer":"WSDL server", "yubikey2f":"Yubikey", "yubikey2fActivation":"Activation", "yubikey2fAuthnLevel":"Authentication level", -"yubikey2fLabel":"Label", -"yubikey2fLogo":"Logo", "yubikey2fClientID":"API client ID", "yubikey2fFromSessionAttribute":"Get Yubikey ID from session attribute", +"yubikey2fLabel":"Label", +"yubikey2fLogo":"Logo", "yubikey2fNonce":"Nonce", "yubikey2fPublicIDSize":"OTP public ID part size", "yubikey2fSecretKey":"API secret key", @@ -1069,143 +1206,5 @@ "yubikey2fTTL":"Lifetime", "yubikey2fUrl":"Service URL", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", -"zeroConfExplanations":"Server has no configuration. Use template to save the first.", - -"saml":"SAML", -"samlAttribute":"SAML attribute", -"samlDiscoveryProtocol":"Discovery Protocol", -"samlDiscoveryProtocolActivation":"Activation", -"samlDiscoveryProtocolIsPassive":"Is Passive", -"samlDiscoveryProtocolPolicy":"Policy", -"samlDiscoveryProtocolURL":"EndPoint URL", -"samlNameIDFormatMap":"NameID formats", -"samlNameIDFormatMapEmail":"Email", -"samlNameIDFormatMapX509":"X509", -"samlNameIDFormatMapWindows":"Windows", -"samlNameIDFormatMapKerberos":"Kerberos", -"samlIDP":"SAML Identitätsanbieter", -"samlIDPMetaDataNodes":"SAML Identity Providers", -"samlIDPMetaDataXML":"Metadata", -"samlIDPMetaDataExportedAttributes":"Exported attributes", -"samlIDPMetaDataOptions":"Options", -"samlIDPMetaDataOptionsNameIDFormat":"NameID format", -"samlIDPMetaDataOptionsForceAuthn":"Force authentication", -"samlIDPMetaDataOptionsIsPassive":"Passive authentication", -"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", -"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", -"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", -"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", -"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", -"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", -"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", -"samlIDPMetaDataOptionsSSOBinding":"SSO binding", -"samlIDPMetaDataOptionsSLOBinding":"SLO binding", -"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", -"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", -"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", -"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", -"samlIDPMetaDataOptionsCheckTime":"Check time conditions", -"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", -"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", -"samlIDPMetaDataOptionsSession":"Session", -"samlIDPMetaDataOptionsSignature":"Signature", -"samlIDPMetaDataOptionsSignatureMethod":"Signature method", -"samlIDPMetaDataOptionsBinding":"Binding", -"samlIDPMetaDataOptionsDisplay":"Display", -"samlIDPMetaDataOptionsDisplayName":"Display name", -"samlIDPMetaDataOptionsDisplayParams":"Display", -"samlIDPMetaDataOptionsIcon":"Logo", -"samlIDPMetaDataOptionsSecurity":"Security", -"samlIDPMetaDataOptionsSortNumber":"Order", -"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", -"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", -"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", -"samlSPMetaDataNodes":"SAML Service Providers", -"samlSPMetaDataXML":"Metadata", -"samlSPMetaDataExportedAttributes":"Exported attributes", -"samlSPMetaDataOptions":"Options", -"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", -"samlSPMetaDataOptionsOneTimeUse":"One time use", -"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", -"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", -"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", -"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", -"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", -"samlSPMetaDataOptionsAuthnResponse":"Authentication response", -"samlSPMetaDataOptionsSignature":"Signature", -"samlSPMetaDataOptionsSignatureMethod":"Signature method", -"samlSPMetaDataOptionsSecurity":"Security", -"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", -"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", -"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", -"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", -"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", -"samlSPMetaDataOptionsAuthnLevel":"Authentication level", -"samlSPMetaDataOptionsRule":"Access rule", -"samlSPMetaDataMacros":"Macros", -"samlIDPName":"SAML IDP Name", -"samlServiceMetaData":"SAML2 Service", -"samlEntityID":"Entity Identifier", -"samlOrganization":"Organization", -"samlOrganizationDisplayName":"Display Name", -"samlOrganizationName":"Name", -"samlOrganizationURL":"URL", -"samlSP":"SAML Service Provider", -"samlSPName":"SAML Service Provider Name", -"samlSPSSODescriptor":"Service Provider", -"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", -"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", -"samlSPSSODescriptorSingleLogoutService":"Single Logout", -"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", -"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", -"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", -"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", -"samlIDPSSODescriptor":"Identity Provider", -"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", -"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", -"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", -"samlIDPSSODescriptorSingleLogoutService":"Single Logout", -"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", -"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", -"samlAttributeAuthorityDescriptor":"Attribute Authority", -"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", -"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", -"samlServiceSecurity":"Security parameters", -"samlServiceSecuritySig":"Signature", -"samlServiceSecurityEnc":"Encryption", -"samlServicePrivateKeySig":"Private key", -"samlServicePrivateKeySigPwd":"Private key password", -"samlServicePublicKeySig":"Public key", -"samlServicePrivateKeyEnc":"Private key", -"samlServicePrivateKeyEncPwd":"Private key password", -"samlServicePublicKeyEnc":"Public key", -"samlServiceSignatureMethod":"Signature method", -"samlServiceUseCertificateInResponse":"Use certificate in responses", -"samlAdvanced":"Advanced", -"samlPartnerName":"Name of SAML partner", -"samlMetadataForceUTF8":"UTF8 metadata conversion", -"samlStorage":"SAML sessions module name", -"samlStorageOptions":"SAML sessions module options", -"samlAuthnContextMap":"Authentication contexts", -"samlAuthnContextMapPassword":"Passwort", -"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", -"samlAuthnContextMapTLSClient":"TLS client", -"samlAuthnContextMapKerberos":"Kerberos", -"samlCommonDomainCookie":"Common Domain Cookie", -"samlCommonDomainCookieActivation":"Activation", -"samlCommonDomainCookieDomain":"Common domain", -"samlCommonDomainCookieReader":"Reader URL", -"samlCommonDomainCookieWriter":"Writer URL", -"samlRelayStateTimeout":"RelayState session timeout", -"samlUseQueryStringSpecific":"Use specific query_string method", -"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" +"zeroConfExplanations":"Server has no configuration. Use template to save the first." } diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index 1b80c616c4..60fb3842ef 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"2ndFA sessions explorer", +"2ndFA":"Second Factors", +"ADPwdExpireWarning":"Password expire warning", +"ADPwdMaxAge":"Password max age", +"AuthLDAPFilter":"Authentication filter", +"Configuration":"Configuration", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"Default filter", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Optional title", +"SMTP":"SMTP", +"SMTPAuthPass":"SMTP password", +"SMTPAuthUser":"SMTP user", +"SMTPPort":"SMTP port", +"SMTPServer":"SMTP server", +"SMTPTLS":"SSL/TLS protocol", +"SMTPTLSOpts":"SSL/TLS options", +"SSLAuthnLevel":"Authentication level", +"SSLVar":"Extracted certificate field", +"SSLVarIf":"Conditional extracted certificate field", +"Same":"Same", "_auth":"Authentication", "_authChoice":"Authentication choice", "_idp":"IDP EntityID", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"Authentication timestamp", "_lastSeen":"Last activity timestamp", "_loginHistory":"Login history", +"_oidc_OP":"Provider key", "_oidc_access_token":"Access Token", "_oidc_id_token":"ID Token", -"_oidc_OP":"Provider key", "_password":"Password", "_passwordDB":"Password", "_samlToken":"SAML token", @@ -20,42 +41,38 @@ "_startTime":"Creation date", "_timezone":"Time zone", "_updateTime":"Update date", +"_url":"Origin URL", "_user":"Login", "_userDB":"User", -"_url":"Origin URL", "_utime":"Session timestamp", -"2faSessions":"2ndFA sessions explorer", -"2ndFA":"Second Factors", -"actives":"Enabled", "activeTimer":"Auto accept time", +"actives":"Enabled", +"adParams":"Active Directory parameters", "adaptativeAuthenticationLevelRules":"Adaptative authentication rules", "addAppCasPartner":"Add CAS application", "addIDPSamlPartner":"Add SAML IDP", "addOidcAttribute":"Add attribute", "addOidcOp":"Add OpenID Connect Provider", "addOidcRp":"Add OpenID Relying Party", -"addSamlAttribute":"Add attribute", "addSPSamlPartner":"Add SAML SP", +"addSamlAttribute":"Add attribute", "addSrvCasPartner":"Add CAS server", -"addU2FKey":"Add U2F key", "addTOTPKey":"Add TOTP key", +"addU2FKey":"Add U2F key", "addVhost":"Add virtualhost", -"adParams":"Active Directory parameters", -"ADPwdExpireWarning":"Password expire warning", -"ADPwdMaxAge":"Password max age", "advancedParams":"Advanced parameters", "allowedMarkups":"Allowed markups:", "always":"Always", -"apacheParams":"Apache parameters", "apacheAuthnLevel":"Authentication level", +"apacheParams":"Apache parameters", "application":"Application", "applicationDisplay":"Display application", "applicationList":"Categories and applications", "applyResult":"Apply result", "appsInThisCat":"Applications in this category", "array":"Array", -"attributesAndMacros":"Attributes and Macros", "attributeName":"Attribute name", +"attributesAndMacros":"Attributes and Macros", "authAndUserdb":"Authz and user DB", "authChain":"Authentication chain", "authChoice":"Authentication choice", @@ -63,16 +80,15 @@ "authChoiceFindUser":"FindUser plugin parameter", "authChoiceModules":"Allowed modules", "authChoiceParam":"URL parameter", +"authOnly":"Authentication only", +"authParams":"Authentication parameters", "authentication":"Authentication module", -"authenticationNeeded":"Authentication needed", "authenticationLevel":"Authentication level", +"authenticationNeeded":"Authentication needed", "authenticationTitle":"Authentication", -"AuthLDAPFilter":"Authentication filter", -"authOnly":"Authentication only", "author":"Author", "authorIPAddress":"Author IP address", "authorizedValues":"Authorized values", -"authParams":"Authentication parameters", "auto":"Automatic", "autoSignin":"Auto Signin", "autoSigninRules":"Rules", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Expression containing an assignment. You can use \\x3D to avoid this warning.", "badHeaderName":"Bad header name", "badHostname":"Bad hostname", -"badLdapUri":"Bad LDAP URI", -"badKeyName":"Bad key name", "badIPv4Address":"Bad IPv4 address", +"badKeyName":"Bad key name", +"badLdapUri":"Bad LDAP URI", "badMacroName":"Bad macro name", "badMetadataName":"Bad metadata name", "badPemEncoding":"Bad PEM encoding", @@ -104,17 +120,17 @@ "blackList":"Black list", "bool":"Boolean", "browse":"Browse", -"browsersDontStorePassword":"Avoid browsers to store users password", +"browseTree":"Browse tree", "browserIdAuthnLevel":"Authentication level", "browserIdAutoLogin":"Automatic login", "browserIdBackgroundColor":"Background color", -"browseridParams":"BrowserIDParams", "browserIdSiteLogo":"Site Logo", "browserIdSiteName":"Site name", "browserIdVerificationURL":"Verification URL", -"browseTree":"Browse tree", -"bruteForceProtection":"Activation", +"browseridParams":"BrowserIDParams", +"browsersDontStorePassword":"Avoid browsers to store users password", "bruteForceAttackProtection":"Brute-force attack protection", +"bruteForceProtection":"Activation", "bruteForceProtectionIncrementalTempo":"Incremental lock", "bruteForceProtectionLockTimes":"Incremental lock times", "bruteForceProtectionMaxFailed":"Allowed failed logins", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"Activation in password reset by mail form", "captcha_register_enabled":"Activation in register form", "captcha_size":"Size", -"casAuthnLevel":"Authentication level", "casAccessControlPolicy":"Access control policy", "casApp":"CAS Application", "casAppMetaDataExportedVars":"Exported attributes", +"casAppMetaDataMacros":"Macros", "casAppMetaDataNodes":"CAS Applications", "casAppMetaDataOptions":"Options", -"casAppMetaDataOptionsService":"Service URL", "casAppMetaDataOptionsAuthnLevel":"Authentication level", "casAppMetaDataOptionsRule":"Rule", -"casAppMetaDataMacros":"Macros", +"casAppMetaDataOptionsService":"Service URL", "casAppMetaDataOptionsUserAttribute":"User attribute", "casAppName":"CAS App Name", "casAttr":"CAS login", "casAttributes":"CAS exported attributes", +"casAuthnLevel":"Authentication level", "casParams":"CAS parameters", "casServiceMetadata":"CAS Service", "casSrv":"CAS Server", "casSrvMetaDataExportedVars":"Exported attributes", +"casSrvMetaDataNodes":"CAS Servers", "casSrvMetaDataOptions":"Options", "casSrvMetaDataOptionsDisplay":"Display", "casSrvMetaDataOptionsDisplayName":"Name to display", "casSrvMetaDataOptionsGateway":"Gateway authentication", "casSrvMetaDataOptionsIcon":"Icon path", -"casSrvMetaDataOptionsSortNumber":"Order", -"casSrvMetaDataOptionsRenew":"Renew authentication", "casSrvMetaDataOptionsProxiedServices":"Proxied services", +"casSrvMetaDataOptionsRenew":"Renew authentication", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsUrl":"Server URL", -"casSrvMetaDataNodes":"CAS Servers", "casSrvName":"CAS Server Name", "casStorage":"CAS sessions module name", "casStorageOptions":"CAS sessions module options", "categoryName":"Category name", "cda":"Multiple domains", "certificateMailContent":"Mail content", -"certificateResetByMailManagement":"Certificate management", -"certificateResetByMailURL":"Reset page URL", "certificateResetByMailCeaAttribute":" Certificate Exact Assertion attribute name", "certificateResetByMailCertificateAttribute":" Certificate binary content attribute name", -"certificateResetByMailStep1Subject":"Reset mail subject", +"certificateResetByMailManagement":"Certificate management", "certificateResetByMailStep1Body":"Reset mail content", -"certificateResetByMailStep2Subject":"Confirmation mail subject", +"certificateResetByMailStep1Subject":"Reset mail subject", "certificateResetByMailStep2Body":"Confirmation mail content", +"certificateResetByMailStep2Subject":"Confirmation mail subject", +"certificateResetByMailURL":"Reset page URL", "certificateResetByMailValidityDelay":"Minimum duration before expiration", -"contentSecurityPolicy":"Content security policy", -"contextSwitching":"Switch context another user", -"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", -"contextSwitchingHiddenAttributes":"Hidden attributes", -"contextSwitchingIdRule":"Identities use rule", -"contextSwitchingRule":"Use rule", -"contextSwitchingStopWithLogout":"Stop by logout", -"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", -"cspConnect":"Ajax destinations", -"cspDefault":"Default value", -"cspFont":"Font source", -"cspFormAction":"Form destinations", -"cspFrameAncestors":"Frame ancestors URL", -"cspImg":"Image source", -"cspScript":"Script source", -"cspStyle":"Style source", -"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", -"corsEnabled":"Activation", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Summary", "cfgVersion":"Configuration version", -"checkXSS":"Check XSS attacks", -"clickHereToForce":"Click here to force", -"claimName":"Claim name", -"checkboxes":"Checkboxes", "checkDevOps":"Activation", "checkDevOpsDownload":"Download file", "checkState":"Activation", "checkStateSecret":"Shared secret", -"checkUsers":"SSO profile check", "checkUser":"Activation", "checkUserDisplay":"Display", -"checkUserIdRule":"Identities use rule", -"checkUserHiddenAttributes":"Hidden attributes", -"checkUserUnrestrictedUsersRule":"Unrestricted users rule", "checkUserDisplayComputedSession":"Computed sessions", -"checkUserDisplayPersistentInfo":"Persistent session data", "checkUserDisplayEmptyHeaders":"Empty headers", "checkUserDisplayEmptyValues":"Empty values", "checkUserDisplayNormalizedHeaders":"Normalized headers", +"checkUserDisplayPersistentInfo":"Persistent session data", +"checkUserHiddenAttributes":"Hidden attributes", "checkUserHiddenHeaders":"Hidden headers", +"checkUserIdRule":"Identities use rule", "checkUserSearchAttributes":"Attributes used for searching sessions", +"checkUserUnrestrictedUsersRule":"Unrestricted users rule", +"checkUsers":"SSO profile check", +"checkXSS":"Check XSS attacks", +"checkboxes":"Checkboxes", "choiceParams":"Choice parameters", "chooseLogo":"Choose logo", "chooseSkin":"Choose skin", +"claimName":"Claim name", +"clickHereToForce":"Click here to force", +"combModules":"Module list", "combination":"Combination", "combinationParams":"Combination parameters", "combineMods":"Combination of modules", -"combModules":"Module list", "comment":"Comment", "comments":"Comments", +"compactConf":"Compact configuration file", "condition":"Condition", "conf":"Configuration", -"Configuration":"Configuration", -"confirmFormMethod":"Method for confirm form", "confModuledeprecated":"This module has been deprecated, set \"forceUpload=1\" in lemonldap-ng.ini to use it", "confNotChanged":"No change detected, saving aborted", "confSaved":"Configuration saved", "confWasChanged":"Configuration has been changed", +"confirmFormMethod":"Method for confirm form", "connectionTitle":"Connection", "content":"Content", +"contentSecurityPolicy":"Content security policy", +"contextSwitching":"Switch context another user", +"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", +"contextSwitchingHiddenAttributes":"Hidden attributes", +"contextSwitchingIdRule":"Identities use rule", +"contextSwitchingRule":"Use rule", +"contextSwitchingStopWithLogout":"Stop by logout", +"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", "cookieExpiration":"Cookie expiration time", "cookieName":"Cookie name", "cookieParams":"Cookies", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"Activation", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"Create", +"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"API key", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"Base URL of local API", +"cspConnect":"Ajax destinations", +"cspDefault":"Default value", +"cspFont":"Font source", +"cspFormAction":"Form destinations", +"cspFrameAncestors":"Frame ancestors URL", +"cspImg":"Image source", +"cspScript":"Script source", +"cspStyle":"Style source", "currentConfiguration":"Current configuration", "customAddParams":"Additional parameters", "customAuth":"Custom authentication module", @@ -257,21 +272,23 @@ "customResetCertByMail":"Custom certificateResetByMail module", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"Custom user DB module", +"databaseLocked":"Database locked by another process", "date":"Date", +"dateTitle":"Dates", "dbiAuthChain":"Chain", "dbiAuthLoginCol":"Login field name", -"dbiAuthnLevel":"Authentication level", "dbiAuthPassword":"Password", "dbiAuthPasswordCol":"Password field name", "dbiAuthPasswordHash":"Hash scheme", -"dbiDynamicHash":"dynamic hashing", -"dbiDynamicHashEnabled":"dynamic hash activation", -"dbiDynamicHashValidSchemes":"Supported non-salted schemes", -"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", -"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", "dbiAuthTable":"Authentication table", "dbiAuthUser":"User", +"dbiAuthnLevel":"Authentication level", "dbiConnection":"Connection", +"dbiDynamicHash":"dynamic hashing", +"dbiDynamicHashEnabled":"dynamic hash activation", +"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", +"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", +"dbiDynamicHashValidSchemes":"Supported non-salted schemes", "dbiExportedVars":"Exported variables", "dbiParams":"DBI parameters", "dbiPassword":"Password", @@ -283,31 +300,29 @@ "decryptValueRule":"Use rule", "default":"Default", "defaultRule":"Default rule", -"demoModeOn":"This manager runs in demo mode", "deleteEntry":"Delete", "deleteNotification":"Delete", "deleteSession":"Delete session", -"deleteU2FKey":"Delete U2F key", "deleteTOTPKey":"Delete TOTP key", +"deleteU2FKey":"Delete U2F key", "demoExportedVars":"Exported variables", +"demoModeOn":"This manager runs in demo mode", "demoParams":"Demonstration parameters", "description":"Description", "dest":"Recipient", "devOpsCheck":"Check DevOps handler file", "diffViewer":"Difference viewer", "diffWithPrevious":"difference with previous", +"disablePersistentStorage":"Disable storage", "disabled":"Disabled", "displaySessionId":"Display session identifier", +"dn":"DN", +"domain":"Domain", "done":"done", "dones":"Done", -"down":"Move down", "doubleCookie":"Double cookie (HTTP and HTTPS)", "doubleCookieForSingleSession":"Double cookie for a single session", -"databaseLocked":"Database locked by another process", -"dateTitle":"Dates", -"dn":"DN", -"domain":"Domain", -"compactConf":"Compact configuration file", +"down":"Move down", "download":"Download", "downloadIt":"Download it", "duplicate":"Duplicate", @@ -316,21 +331,20 @@ "emptyConf":"Empty configuration", "emptyValueNotAllowed":"Empty value not allowed", "enabled":"Enabled", -"disablePersistentStorage":"Disable storage", "enterPassword":"Enter password (optional)", "error":"Error", "errors":"ERRORS", "exportedAttr":"SOAP/REST exported attributes", "exportedHeaders":"Exported headers", "exportedVars":"Exported Variables", +"ext2FSendCommand":"Send command", +"ext2FValidateCommand":"Validation command", "ext2f":"External second factor", "ext2fActivation":"Activation", -"ext2fCodeActivation":"Code regex", "ext2fAuthnLevel":"Authentication level", +"ext2fCodeActivation":"Code regex", "ext2fLabel":"Label", "ext2fLogo":"Logo", -"ext2FSendCommand":"Send command", -"ext2FValidateCommand":"Validation command", "facebookAppId":"Facebook application ID", "facebookAppSecret":"Facebook application secret", "facebookAuthnLevel":"Authentication level", @@ -340,16 +354,16 @@ "failedLoginNumber":"Number of registered failed logins", "fileToUpload":"File to upload", "findUser":"Activation", -"findUsers":"Search for user account", "findUserControl":"Parameters control", "findUserExcludingAttributes":"Excluding attributes", "findUserSearchingAttributes":"Searching attributes", "findUserWildcard":"Character used as wildcard", +"findUsers":"Search for user account", "forbidden":"You're not authorized to show this page", "forceSave":"Force save", -"format":"Format", "formReplay":"Form replay", "formTimeout":"Form timeout", +"format":"Format", "forms":"Forms", "friendlyName":"Friendly name", "generalParameters":"General Parameters", @@ -371,72 +385,73 @@ "grantSessionRules":"Opening conditions", "groups":"Groups", "groupsBeforeMacros":"Compute groups before macros", +"hGroups":"Groups (HashRef)", "hashkey":"Key", "headers":"HTTP Headers", -"hGroups":"Groups (HashRef)", -"hostname":"Hostname", "hiddenAttributes":"Hidden attributes", "hide":"Hide", "hideHelp":"Hide help", "hideOldPassword":"Hide old password", "hideTree":"Hide tree", +"hostname":"Hostname", "httpOnly":"Javascript protection", "https":"HTTPS", "impersonation":"Impersonation", -"impersonationRule":"Use rule", -"impersonationIdRule":"Identities use rule", "impersonationHiddenAttributes":"Hidden attributes", +"impersonationIdRule":"Identities use rule", "impersonationMergeSSOgroups":"Merge spoofed and real SSO groups", +"impersonationRule":"Use rule", "impersonationSkipEmptyValues":"Skip empty values", "impersonationUnrestrictedUsersRule":"Unrestricted users rule", "incompleteForm":"Required fields are missing", "index":"Index", "infoFormMethod":"Method for info form", -"invalidSessionData":"Invalid session data", +"instance":"Instance", "int":"Integer", "internalReference":"Internal reference", +"invalidSessionData":"Invalid session data", "ipAddr":"IP address", "ipAddresses":"IP addresses", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Activation", +"issuerDBCASOptions":"Options", +"issuerDBCASPath":"Path", +"issuerDBCASRule":"Use rule", "issuerDBGet":"GET", "issuerDBGetActivation":"Activation", "issuerDBGetParameters":"GET parameters", "issuerDBGetPath":"Path", "issuerDBGetRule":"Use rule", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"Activation", -"issuerDBSAMLPath":"Path", -"issuerDBSAMLRule":"Use rule", -"issuerDBCAS":"CAS", -"issuerDBCASActivation":"Activation", -"issuerDBCASPath":"Path", -"issuerDBCASRule":"Use rule", -"issuerDBCASOptions":"Options", "issuerDBOpenID":"OpenID", "issuerDBOpenIDActivation":"Activation", -"issuerDBOpenIDPath":"Path", -"issuerDBOpenIDRule":"Use rule", -"issuerDBOpenIDOptions":"Options", "issuerDBOpenIDConnect":"OpenID Connect", "issuerDBOpenIDConnectActivation":"Activation", "issuerDBOpenIDConnectPath":"Path", "issuerDBOpenIDConnectRule":"Use rule", +"issuerDBOpenIDOptions":"Options", +"issuerDBOpenIDPath":"Path", +"issuerDBOpenIDRule":"Use rule", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Activation", +"issuerDBSAMLPath":"Path", +"issuerDBSAMLRule":"Use rule", "issuerOptions":"Options", "issuerParams":"Issuer modules", "issuersTimeout":"Issuers timeout", -"jsRedirect":"Redirection message", "jqueryButtonSelector":"jQuery button selector (optional)", "jqueryFormSelector":"jQuery form selector (optional)", "jqueryUrl":"jQuery URL (optional)", +"jsRedirect":"Redirection message", +"kerberosParams":"Kerberos parameters", "key":"Encryption key", -"keys":"Keys", -"keyname":"Key name", "keyPassword":"Key password", +"keyname":"Key name", +"keys":"Keys", +"krbAllowedDomains":"Allowed domains", "krbAuthnLevel":"Kerberos authn level", "krbByJs":"Use Ajax request", "krbKeytab":"keytab file", "krbRemoveDomain":"Remove domain from Kerberos username", -"krbAllowedDomains":"Allowed domains", -"kerberosParams":"Kerberos parameters", "label":"Label", "languages":"Languages", "latest":"Latest", @@ -444,13 +459,12 @@ "ldapAllowResetExpiredPassword":"Allow to reset an expired password", "ldapAuthnLevel":"Authentication level", "ldapBase":"Users search base", -"ldapCAFile": "CA file path", -"ldapCAPath": "CA directory path", +"ldapCAFile":"CA file path", +"ldapCAPath":"CA directory path", "ldapChangePasswordAsUser":"Change as user", "ldapConnection":"Connection", "ldapExportedVars":"Exported variables", "ldapFilters":"Filters", -"LDAPFilter":"Default filter", "ldapGetUserBeforePasswordChange":"Search for user before password change", "ldapGroupAttributeName":"Target attribute", "ldapGroupAttributeNameGroup":"Group source attribute", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"Object class", "ldapGroupRecursive":"Recursive", "ldapGroups":"Groups", +"ldapIOTimeout":"Operation timeout", "ldapITDS":"IBM Tivoli DS support", "ldapParams":"LDAP parameters", "ldapPassword":"Password", "ldapPasswordResetAttribute":"Reset attribute", "ldapPasswordResetAttributeValue":"Reset value", -"ldapPpolicyControl":"Password policy control", "ldapPort":"Server port", +"ldapPpolicyControl":"Password policy control", "ldapPwdEnc":"LDAP password encoding", "ldapRaw":"Binary attributes", "ldapSearchDeref":"Alias dereference", "ldapServer":"Server host", "ldapSetPassword":"Password modify extended operation", "ldapTimeout":"Connection timeout", -"ldapIOTimeout": "Operation timeout", "ldapUsePasswordResetAttribute":"Use reset attribute", "ldapVerify":"Verify LDAP server certificate", "ldapVersion":"Version", @@ -483,35 +497,34 @@ "linkedInClientID":"Client ID", "linkedInClientSecret":"Client secret", "linkedInFields":"Searched fields", -"linkedinParams":"LinkedIn Parameters", "linkedInScope":"Scope", "linkedInUserField":"Field containing user identifier", +"linkedinParams":"LinkedIn Parameters", "load":"Load", -"loadedConfiguration":"Loaded configuration", "loadFromUrl":"Load from URL", +"loadedConfiguration":"Loaded configuration", "localSessionStorage":"Cache module", "localSessionStorageOptions":"Cache module options", "locationRules":"Access rules", +"logParams":"Logs", "loginHistory":"Login history", "loginHistoryEnabled":"Activation", "logo":"Logo", "logout":"Logout", "logoutServices":"Logout forward", -"logParams":"Logs", "lwpOpts":"Options for server requests", "lwpSslOpts":"SSL options for server requests", -"instance":"Instance", "macros":"Macros", "mail2f":"Mail second factor", "mail2fActivation":"Activation", -"mail2fCodeRegex":"Code regex", -"mail2fTimeout":"Code timeout", -"mail2fSubject":"Mail subject", -"mail2fBody":"Mail body", "mail2fAuthnLevel":"Authentication level", +"mail2fBody":"Mail body", +"mail2fCodeRegex":"Code regex", "mail2fLabel":"Label", "mail2fLogo":"Logo", "mail2fSessionKey":"Session key containing mail address", +"mail2fSubject":"Mail subject", +"mail2fTimeout":"Code timeout", "mailBody":"Success mail content", "mailCharset":"Charset", "mailConfirmBody":"Confirmation mail content", @@ -535,22 +548,22 @@ "markAsDone":"Mark as done", "memberOfSSOGroups":"Member of SSO groups", "menu":"Menu", +"menuCategory":"Menu category", "message":"Message", "messages":"Messages", -"menuCategory":"Menu category", "modulesTitle":"Used modules", "multiIp":"Multi IP", -"multipleSessions":"Multiple sessions", "multiValuesSeparator":"Separator", +"multipleSessions":"Multiple sessions", "name":"Name", "needConfirmation":"A new configuration is available. To force saving this one, click on the check box near the 'save' button", "networkProblem":"Network problem", "never":"Never", "newApp":"New application", -"newChain":"New chain", "newCat":"New category", "newCertificate":"New certificate", "newCfgAvailable":"A new configuration is available", +"newChain":"New chain", "newCmbMod":"New module", "newCmbOver":"New parameter", "newEntry":"New entry", @@ -560,41 +573,40 @@ "newPostVar":"New variable", "newRSAKey":"New keys", "newRule":"New rule", -"newSfOver":"New parameter", "newSfExtra":"New second factor", +"newSfOver":"New parameter", "newValue":"New value", "next":"Next", "nginxCustomHandlers":"Custom Nginx handlers", "noAjaxHook":"Keep redirections for Ajax", "noData":"No data to display", "notABoolean":"Not a boolean", -"notAnInteger":"Not an integer", "notAValidPerlExpression":"Not a valid Perl expression", +"notAnInteger":"Not an integer", "notification":"Activation", -"notifications":"Notifications", -"notification_s":"notification(s)", -"notificationDefaultCond":"Default condition", -"notificationServer":"Notification server", -"notificationServerDELETE":"DELETE method", -"notificationServerGET":"GET method", -"notificationServerMethods":"HTTP methods", -"notificationServerPOST":"POST method", -"notificationServerSentAttributes":"Notification parameters to send", -"serverNotification":"Server", "notificationCreated":"Notification has been created", +"notificationDefaultCond":"Default condition", "notificationDeleted":"Notification has been marked as done", "notificationDone":"Notification done", -"notificationsDone":"Notifications done", -"notificationsExplorer":"Explorer", "notificationNotCreated":"The notification was not created", "notificationNotDeleted":"The notification was not marked as done", "notificationNotFound":"The notification was not found", "notificationNotPurged":"The notification was not definitely removed", "notificationPurged":"Notification has been definitely removed", +"notificationServer":"Notification server", +"notificationServerDELETE":"DELETE method", +"notificationServerGET":"GET method", +"notificationServerMethods":"HTTP methods", +"notificationServerPOST":"POST method", +"notificationServerSentAttributes":"Notification parameters to send", "notificationStorage":"Storage module", "notificationStorageOptions":"Storage module parameters", "notificationWildcard":"Wildcard for all users", "notificationXSLTfile":"Custom XSLT file", +"notification_s":"notification(s)", +"notifications":"Notifications", +"notificationsDone":"Notifications done", +"notificationsExplorer":"Explorer", "notifyDeleted":"Display deleted sessions", "notifyOther":"Display other sessions", "nullAuthnLevel":"Authentication level", @@ -602,8 +614,6 @@ "number":"Number", "off":"Off", "offlineSessions":"Offline sessions", -"oldValue":"Old value", -"on":"On", "oidcAttribute":"OIDC Attribute", "oidcAuthnLevel":"Authentication level", "oidcConsents":"OpenID Connect Consents", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"Metadata", "oidcOPMetaDataJWKS":"JWKS data", "oidcOPMetaDataNode":"OpenID Connect Providers", +"oidcOPMetaDataNodes":"OpenID Connect Providers", "oidcOPMetaDataOptions":"Options", -"oidcRPMetaDataOptionsBasic":"Basic", -"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", -"oidcRPMetaDataOptionsAdvanced":"Advanced", -"oidcRPMetaDataOptionsTimeouts":"Timeouts", -"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", +"oidcOPMetaDataOptionsAcrValues":"ACR values", "oidcOPMetaDataOptionsCheckJWTSignature":"Check JWT signature", "oidcOPMetaDataOptionsClientID":"Client ID", "oidcOPMetaDataOptionsClientSecret":"Client secret", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"Display", "oidcOPMetaDataOptionsDisplayName":"Display name", "oidcOPMetaDataOptionsDisplayParams":"Display", +"oidcOPMetaDataOptionsIDTokenMaxAge":"ID Token max age", "oidcOPMetaDataOptionsIcon":"Logo", -"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", -"oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", -"oidcRPMetaDataOptionsLogoutType":"Type", -"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsMaxAge":"Max age", +"oidcOPMetaDataOptionsPrompt":"Prompt", "oidcOPMetaDataOptionsProtocol":"Protocol", -"oidcRPMetaDataOptionsPublic":"Public client", -"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", -"oidcRPMetaDataOptionsAuthnLevel":"Authentication level", -"oidcRPMetaDataOptionsRule":"Access rule", -"oidcRPMetaDataMacros":"Macros", -"oidcRPMetaDataScopeRules":"Scope rules", "oidcOPMetaDataOptionsScope":"Scope", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsStoreIDToken":"Store ID Token", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method", +"oidcOPMetaDataOptionsUiLocales":"Locales UI", +"oidcOPMetaDataOptionsUseNonce":"Use nonce", "oidcOPName":"OpenID Connect Provider Name", "oidcParams":"OpenID Connect parameters", "oidcRP":"OpenID Connect Relying Party", "oidcRPCallbackGetParam":"Callback GET parameter", "oidcRPMetaDataExportedVars":"Exported attributes", +"oidcRPMetaDataMacros":"Macros", "oidcRPMetaDataNode":"OpenID Connect Relying Parties", +"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", "oidcRPMetaDataOptions":"Options", +"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenExpiration":"Access Token expiration", "oidcRPMetaDataOptionsAccessTokenJWT":"Use JWT format for Access Token", -"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Access Token signature algorithm", +"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", +"oidcRPMetaDataOptionsAdvanced":"Advanced", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Allow OAuth2.0 Client Credentials Grant", +"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", "oidcRPMetaDataOptionsAllowPasswordGrant":"Allow OAuth2.0 Password Grant", +"oidcRPMetaDataOptionsAuthnLevel":"Authentication level", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcRPMetaDataOptionsBasic":"Basic", "oidcRPMetaDataOptionsBypassConsent":"Bypass consent", "oidcRPMetaDataOptionsClientID":"Client ID", "oidcRPMetaDataOptionsClientSecret":"Client secret", "oidcRPMetaDataOptionsDisplay":"Display", "oidcRPMetaDataOptionsDisplayName":"Display name", -"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsExtraClaims":"Extra claims", "oidcRPMetaDataOptionsIDTokenExpiration":"ID Token expiration", -"oidcRPMetaDataOptionsIDTokenSignAlg":"ID Token signature algorithm", "oidcRPMetaDataOptionsIDTokenForceClaims":"Force claims to be returned in ID Token", +"oidcRPMetaDataOptionsIDTokenSignAlg":"ID Token signature algorithm", +"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", +"oidcRPMetaDataOptionsLogoutType":"Type", +"oidcRPMetaDataOptionsLogoutUrl":"URL", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Offline session expiration", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", +"oidcRPMetaDataOptionsPublic":"Public client", +"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", +"oidcRPMetaDataOptionsRule":"Access rule", +"oidcRPMetaDataOptionsTimeouts":"Timeouts", "oidcRPMetaDataOptionsUserIDAttr":"User attribute", +"oidcRPMetaDataScopeRules":"Scope rules", "oidcRPName":"OpenID Connect RP Name", "oidcRPStateTimeout":"State session timeout", +"oidcServiceAccessTokenExpiration":"Access Token expiration", +"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", +"oidcServiceAllowDynamicRegistration":"Dynamic Registration", +"oidcServiceAllowHybridFlow":"Hybrid Flow", +"oidcServiceAllowImplicitFlow":"Implicit Flow", +"oidcServiceAllowOffline":"Allow offline access", +"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", +"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", +"oidcServiceIDTokenExpiration":"ID Token expiration", +"oidcServiceKeyIdSig":"Signing key ID", "oidcServiceMetaData":"OpenID Connect Service", +"oidcServiceMetaDataAuthnContext":"Authentication context", "oidcServiceMetaDataAuthorizeURI":"Authorization", "oidcServiceMetaDataBackChannelURI":"Back-Channel URI", +"oidcServiceMetaDataCheckSessionURI":"Check Session", "oidcServiceMetaDataEndPoints":"End points", +"oidcServiceMetaDataEndSessionURI":"End of session", "oidcServiceMetaDataFrontChannelURI":"Front-Channel URI", +"oidcServiceMetaDataIntrospectionURI":"Introspection", +"oidcServiceMetaDataIssuer":"Issuer identifier", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"Keys", "oidcServiceMetaDataRegistrationURI":"Registration", -"oidcServiceMetaDataIntrospectionURI":"Introspection", "oidcServiceMetaDataSecurity":"Security", -"oidcServiceMetaDataEndSessionURI":"End of session", -"oidcServiceMetaDataAuthnContext":"Authentication context", "oidcServiceMetaDataSessions":"Sessions", +"oidcServiceMetaDataTokenURI":"Token", +"oidcServiceMetaDataUserInfoURI":"User Info", +"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcServicePrivateKeySig":"Signing private key", "oidcServicePublicKeySig":"Signing public key", -"oidcServiceKeyIdSig":"Signing key ID", -"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", -"oidcServiceAccessTokenExpiration":"Access Token expiration", -"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", -"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", -"oidcServiceIDTokenExpiration":"ID Token expiration", -"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcStorage":"Sessions module name", "oidcStorageOptions":"Sessions module options", -"oidcOPMetaDataNodes":"OpenID Connect Providers", -"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", -"oidcOPMetaDataOptionsPrompt":"Prompt", -"oidcOPMetaDataOptionsMaxAge":"Max age", -"oidcOPMetaDataOptionsUiLocales":"Locales UI", -"oidcOPMetaDataOptionsAcrValues":"ACR values", -"oidcOPMetaDataOptionsIDTokenMaxAge":"ID Token max age", -"oidcOPMetaDataOptionsUseNonce":"Use nonce", -"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", -"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", -"oidcRPMetaDataOptionsExtraClaims":"Extra claims", -"oidcServiceMetaDataIssuer":"Issuer identifier", -"oidcServiceMetaDataTokenURI":"Token", -"oidcServiceMetaDataUserInfoURI":"User Info", -"oidcServiceMetaDataCheckSessionURI":"Check Session", -"oidcServiceAllowDynamicRegistration":"Dynamic Registration", -"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", -"oidcServiceAllowImplicitFlow":"Implicit Flow", -"oidcServiceAllowHybridFlow":"Hybrid Flow", -"oidcServiceAllowOffline":"Allow offline access", "ok":"OK", "oldNotifFormat":"Use old XML format", +"oldValue":"Old value", +"on":"On", "openIdAttr":"OpenID login", "openIdAuthnLevel":"Authentication level", "openIdExportedVars":"Exported variables", "openIdIDPList":"Authorized domains", "openIdIssuerSecret":"Secret token", -"openidParams":"OpenID parameters", +"openIdSPList":"Authorized domains", "openIdSecret":"Secret token", "openIdSreg":"SREG mapping", +"openIdSreg_country":"Country", +"openIdSreg_dob":"Date of birth", +"openIdSreg_email":"Email", "openIdSreg_fullname":"Full name", -"openIdSreg_nickname":"Nick name", +"openIdSreg_gender":"Gender", "openIdSreg_language":"Language", +"openIdSreg_nickname":"Nick name", "openIdSreg_postcode":"Postal code", "openIdSreg_timezone":"Timezone", -"openIdSreg_country":"Country", -"openIdSreg_gender":"Gender", -"openIdSreg_email":"Email", -"openIdSreg_dob":"Date of birth", -"openIdSPList":"Authorized domains", -"OpenIDConnect":"OpenID Connect", -"OptionalTitle":"Optional title", +"openidParams":"OpenID parameters", "overPrm":"Overloaded parameters", "pamAuthnLevel":"Authentication level", "pamParams":"PAM parameters", @@ -745,11 +755,11 @@ "passwordManagement":"Password management", "passwordPolicy":"Password policy", "passwordPolicyActivation":"Activation", -"passwordPolicyMinSize": "Minimal size", -"passwordPolicyMinLower": "Minimal lower characters", -"passwordPolicyMinUpper": "Minimal upper characters", -"passwordPolicyMinDigit": "Minimal digit characters", +"passwordPolicyMinDigit":"Minimal digit characters", +"passwordPolicyMinLower":"Minimal lower characters", +"passwordPolicyMinSize":"Minimal size", "passwordPolicyMinSpeChar":"Minimal special characters", +"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicySpecialChar":"Allowed special characters", "passwordResetAllowedRetries":"Max reset password retries", "persistent":"Persistent", @@ -771,15 +781,16 @@ "portalDisplayGeneratePassword":"Display generate password box", "portalDisplayLoginHistory":"Login History", "portalDisplayLogout":"Logout", -"portalDisplayPasswordPolicy": "Display policy in password form", "portalDisplayOidcConsents":"OIDC Consents", -"portalDisplayRefreshMyRights": "Display rights refresh link", +"portalDisplayPasswordPolicy":"Display policy in password form", +"portalDisplayRefreshMyRights":"Display rights refresh link", "portalDisplayRegister":"Register new account", "portalDisplayResetPassword":"Reset password", "portalErrorOnExpiredSession":"Show error on expired session", "portalErrorOnMailNotFound":"Show error on mail not found", "portalForceAuthn":"Force authentication", "portalForceAuthnInterval":"Force authentication interval", +"portalMainLogo":"Main Logo", "portalMenu":"Menu", "portalModules":"Modules activation", "portalOpenLinkInNewWindow":"New window", @@ -792,31 +803,30 @@ "portalSkin":"Default Skin", "portalSkinBackground":"Skin background", "portalSkinRules":"Skin display rules", -"portalMainLogo":"Main Logo", "portalStatus":"Publish portal status", "portalUserAttr":"User attribute", "post":"Form replay", -"postedVars":"Variables to post", -"postUrl":"Form URL", "postTargetUrl":"Form target URL (optional)", +"postUrl":"Form URL", +"postedVars":"Variables to post", "previous":"Previous", "privateKey":"Private key", -"proxyAuthnLevel":"Authentication level", "proxyAuthService":"Internal portal URL", -"proxySessionService":"Session service URL", +"proxyAuthnLevel":"Authentication level", "proxyParams":"Proxy parameters", +"proxySessionService":"Session service URL", "proxyUseSoap":"Use SOAP instead of REST", "publicKey":"Public key", "purgeNotification":"Delete notification definitely", "radius2f":"Radius second factor", "radius2fActivation":"Activation", -"radius2fServer":"Server hostname", -"radius2fSecret":"Shared secret", -"radius2fUsernameSessionKey":"Session key containing login", -"radius2fTimeout":"Authentication timeout", "radius2fAuthnLevel":"Authentication level", -"radius2fLogo":"Logo", "radius2fLabel":"Label", +"radius2fLogo":"Logo", +"radius2fSecret":"Shared secret", +"radius2fServer":"Server hostname", +"radius2fTimeout":"Authentication timeout", +"radius2fUsernameSessionKey":"Session key containing login", "radiusAuthnLevel":"Authentication level", "radiusParams":"Radius parameters", "radiusSecret":"Shared secret", @@ -845,116 +855,243 @@ "remotePortal":"Portal URL", "replaceByFile":"Replace by file", "requireToken":"Require token for forms", -"restAuthnLevel":"Authentication level", -"restAuthUrl":"Authentication URL", -"restConfigServer":"Configuration server", -"restServices":"REST services", -"restore":"Restore", -"restoreConf":"Restore configuration", "rest2f":"REST second factor", "rest2fActivation":"Activation", "rest2fAuthnLevel":"Authentication level", -"rest2fLabel":"Label", "rest2fInitArgs":"Init Arguments", "rest2fInitUrl":"Init URL", +"rest2fLabel":"Label", "rest2fLogo":"Logo", "rest2fVerifyArgs":"Verify Arguments", "rest2fVerifyUrl":"Verify URL", +"restAuthServer":"Authentication server", +"restAuthUrl":"Authentication URL", +"restAuthnLevel":"Authentication level", +"restClockTolerance":"Server clock tolerance", +"restConfigServer":"Configuration server", "restExportSecretKeys":"Export secret attributes", +"restFindUserDBUrl":"User accounts URL", "restParams":"REST parameters", +"restPasswordServer":"Password reset server", "restPwdConfirmUrl":"Password confirmation URL", "restPwdModifyUrl":"Password change URL", +"restServices":"REST services", "restSessionServer":"Session server", -"restAuthServer":"Authentication server", -"restClockTolerance":"Server clock tolerance", -"restFindUserDBUrl":"User accounts URL", -"restPasswordServer":"Password reset server", "restUserDBUrl":"User data URL", +"restore":"Restore", +"restoreConf":"Restore configuration", "returnUrl":"Return URL", "rp":"Relying Party", "rule":"Rule", "ruleAuthnLevel":"Required authentication level", "rules":"Rules", "rulesAuthnLevel":"Required auth levels", -"Same":"Same", "sameSite":"Cookie SameSite value", -"save":"Save", -"saveReport":"Save report", -"savingConfirmation":"Saving confirmation", -"scope":"Scope", -"search":"Search...", -"secondFactors":"Second factors", -"securedCookie":"Secured Cookie (SSL)", -"security":"Security", -"sendTestMail":"Send test email", -"sendTestMailSuccess":"Test email successfully sent", -"serverError":"Server error", -"session":"session", -"sessions":"Sessions", -"session_s":"session(s)", -"sessionDataToRemember":"Session data to store", -"sessionDeleted":"The session was deleted", -"sessionExpired":"The session is expired", -"sessionParams":"Sessions", -"sessionStartedAt":"Session started on", -"sessionStorage":"Sessions Storage", -"sessionTitle":"Session content", -"sfaTitle":"Second factors authentication", -"sfExtra":"Additional second factors", -"sfManagerRule":"Display Manager link", -"sfOnlyUpgrade": "Use 2FA for session upgrade", -"sfRequired":"Force 2FA registration at login", -"sfRemovedNotification":"Warn if an expired 2FA is removed", -"sfRemovedMsgRule":"Activation", -"sfRemovedUseNotif":"Use Notifications plugin", -"sfRemovedNotifMsg":"Notification message", -"sfRemovedNotifRef":"Notification reference", -"sfRemovedNotifTitle":"Notification title", -"sfRemovedMsg":"Display a message if an expired 2FA is removed", -"show":"Show", -"showHelp":"Show help", -"showLanguages":"Show languages choice", -"singleIP":"One IP address per user", -"singleSession":"One session per user", -"singleUserByIP":"One user per IP address", -"skipRenewConfirmation":"Skip re-auth confirmation", -"skipUpgradeConfirmation":"Skip upgrade confirmation", -"slaveAuthnLevel":"Authentication level", -"slaveDisplayLogo":"Display authentication logo", -"slaveExportedVars":"Exported variables", -"slaveMasterIP":"Master's IP address", -"slaveParams":"Slave parameters", -"slaveUserHeader":"Header for user login", -"slaveHeaderName":"Control header name", -"slaveHeaderContent":"Control header content", -"SMTP":"SMTP", -"SMTPAuthPass":"SMTP password", -"SMTPAuthUser":"SMTP user", -"SMTPPort":"SMTP port", -"SMTPServer":"SMTP server", -"SMTPTLS":"SSL/TLS protocol", -"SMTPTLSOpts":"SSL/TLS options", -"soapConfigServer":"Configuration server", -"soapServices":"SOAP services", -"soapSessionServer":"Session server", -"specialRule":"Special rule", -"SSLAuthnLevel":"Authentication level", -"sslByAjax":"Use Ajax request", -"sslHost":"Ajax SSL URL", -"sslParams":"SSL parameters", -"SSLVar":"Extracted certificate field", -"SSLVarIf":"Conditional extracted certificate field", +"saml":"SAML", +"samlAdvanced":"Advanced", +"samlAttribute":"SAML attribute", +"samlAttributeAuthorityDescriptor":"Attribute Authority", +"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlAuthnContextMap":"Authentication contexts", +"samlAuthnContextMapKerberos":"Kerberos", +"samlAuthnContextMapPassword":"Password", +"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", +"samlAuthnContextMapTLSClient":"TLS client", +"samlCommonDomainCookie":"Common Domain Cookie", +"samlCommonDomainCookieActivation":"Activation", +"samlCommonDomainCookieDomain":"Common domain", +"samlCommonDomainCookieReader":"Reader URL", +"samlCommonDomainCookieWriter":"Writer URL", +"samlDiscoveryProtocol":"Discovery Protocol", +"samlDiscoveryProtocolActivation":"Activation", +"samlDiscoveryProtocolIsPassive":"Is Passive", +"samlDiscoveryProtocolPolicy":"Policy", +"samlDiscoveryProtocolURL":"EndPoint URL", +"samlEntityID":"Entity Identifier", +"samlIDP":"SAML identity provider", +"samlIDPMetaDataExportedAttributes":"Exported attributes", +"samlIDPMetaDataNodes":"SAML Identity Providers", +"samlIDPMetaDataOptions":"Options", +"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", +"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", +"samlIDPMetaDataOptionsBinding":"Binding", +"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlIDPMetaDataOptionsCheckTime":"Check time conditions", +"samlIDPMetaDataOptionsDisplay":"Display", +"samlIDPMetaDataOptionsDisplayName":"Display name", +"samlIDPMetaDataOptionsDisplayParams":"Display", +"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlIDPMetaDataOptionsForceAuthn":"Force authentication", +"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlIDPMetaDataOptionsIcon":"Logo", +"samlIDPMetaDataOptionsIsPassive":"Passive authentication", +"samlIDPMetaDataOptionsNameIDFormat":"NameID format", +"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", +"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", +"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", +"samlIDPMetaDataOptionsSLOBinding":"SLO binding", +"samlIDPMetaDataOptionsSSOBinding":"SSO binding", +"samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSession":"Session", +"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlIDPMetaDataOptionsSignature":"Signature", +"samlIDPMetaDataOptionsSignatureMethod":"Signature method", +"samlIDPMetaDataOptionsSortNumber":"Order", +"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", +"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", +"samlIDPMetaDataXML":"Metadata", +"samlIDPName":"SAML IDP Name", +"samlIDPSSODescriptor":"Identity Provider", +"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlIDPSSODescriptorSingleLogoutService":"Single Logout", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", +"samlMetadataForceUTF8":"UTF8 metadata conversion", +"samlNameIDFormatMap":"NameID formats", +"samlNameIDFormatMapEmail":"Email", +"samlNameIDFormatMapKerberos":"Kerberos", +"samlNameIDFormatMapWindows":"Windows", +"samlNameIDFormatMapX509":"X509", +"samlOrganization":"Organization", +"samlOrganizationDisplayName":"Display Name", +"samlOrganizationName":"Name", +"samlOrganizationURL":"URL", +"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP", +"samlPartnerName":"Name of SAML partner", +"samlRelayStateTimeout":"RelayState session timeout", +"samlSP":"SAML Service Provider", +"samlSPMetaDataExportedAttributes":"Exported attributes", +"samlSPMetaDataMacros":"Macros", +"samlSPMetaDataNodes":"SAML Service Providers", +"samlSPMetaDataOptions":"Options", +"samlSPMetaDataOptionsAuthnLevel":"Authentication level", +"samlSPMetaDataOptionsAuthnResponse":"Authentication response", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", +"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", +"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", +"samlSPMetaDataOptionsOneTimeUse":"One time use", +"samlSPMetaDataOptionsRule":"Access rule", +"samlSPMetaDataOptionsSecurity":"Security", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", +"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlSPMetaDataOptionsSignature":"Signature", +"samlSPMetaDataOptionsSignatureMethod":"Signature method", +"samlSPMetaDataXML":"Metadata", +"samlSPName":"SAML Service Provider Name", +"samlSPSSODescriptor":"Service Provider", +"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", +"samlSPSSODescriptorSingleLogoutService":"Single Logout", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", +"samlServiceMetaData":"SAML2 Service", +"samlServicePrivateKeyEnc":"Private key", +"samlServicePrivateKeyEncPwd":"Private key password", +"samlServicePrivateKeySig":"Private key", +"samlServicePrivateKeySigPwd":"Private key password", +"samlServicePublicKeyEnc":"Public key", +"samlServicePublicKeySig":"Public key", +"samlServiceSecurity":"Security parameters", +"samlServiceSecurityEnc":"Encryption", +"samlServiceSecuritySig":"Signature", +"samlServiceSignatureMethod":"Signature method", +"samlServiceUseCertificateInResponse":"Use certificate in responses", +"samlStorage":"SAML sessions module name", +"samlStorageOptions":"SAML sessions module options", +"samlUseQueryStringSpecific":"Use specific query_string method", +"save":"Save", +"saveReport":"Save report", +"savingConfirmation":"Saving confirmation", +"scope":"Scope", +"search":"Search...", +"secondFactors":"Second factors", +"securedCookie":"Secured Cookie (SSL)", +"security":"Security", +"sendTestMail":"Send test email", +"sendTestMailSuccess":"Test email successfully sent", +"serverError":"Server error", +"serverNotification":"Server", +"session":"session", +"sessionDataToRemember":"Session data to store", +"sessionDeleted":"The session was deleted", +"sessionExpired":"The session is expired", +"sessionParams":"Sessions", +"sessionStartedAt":"Session started on", +"sessionStorage":"Sessions Storage", +"sessionTitle":"Session content", +"session_s":"session(s)", +"sessions":"Sessions", +"sfExtra":"Additional second factors", +"sfManagerRule":"Display Manager link", +"sfOnlyUpgrade":"Use 2FA for session upgrade", +"sfRemovedMsg":"Display a message if an expired 2FA is removed", +"sfRemovedMsgRule":"Activation", +"sfRemovedNotifMsg":"Notification message", +"sfRemovedNotifRef":"Notification reference", +"sfRemovedNotifTitle":"Notification title", +"sfRemovedNotification":"Warn if an expired 2FA is removed", +"sfRemovedUseNotif":"Use Notifications plugin", +"sfRequired":"Force 2FA registration at login", +"sfaTitle":"Second factors authentication", +"show":"Show", +"showHelp":"Show help", +"showLanguages":"Show languages choice", +"singleIP":"One IP address per user", +"singleSession":"One session per user", +"singleUserByIP":"One user per IP address", +"skipRenewConfirmation":"Skip re-auth confirmation", +"skipUpgradeConfirmation":"Skip upgrade confirmation", +"slaveAuthnLevel":"Authentication level", +"slaveDisplayLogo":"Display authentication logo", +"slaveExportedVars":"Exported variables", +"slaveHeaderContent":"Control header content", +"slaveHeaderName":"Control header name", +"slaveMasterIP":"Master's IP address", +"slaveParams":"Slave parameters", +"slaveUserHeader":"Header for user login", +"soapConfigServer":"Configuration server", +"soapServices":"SOAP services", +"soapSessionServer":"Session server", +"specialRule":"Special rule", +"sslByAjax":"Use Ajax request", +"sslHost":"Ajax SSL URL", +"sslParams":"SSL parameters", "ssoSessions":"SSO sessions", "stateCheck":"State Check", "stayConnect":"Persistent connections", "stayConnected":"Activation", "stayConnectedCookieName":"Cookie name", "stayConnectedTimeout":"Expiration time", -"successfullySaved":"Successfully saved", "storePassword":"Store user password in session", "string":"String", "subtitle":"Subtitle", "successLoginNumber":"Number of registered logins", +"successfullySaved":"Successfully saved", "sympaHandler":"Sympa", "sympaMailKey":"Mail session key", "sympaSecret":"Shared secret", @@ -970,12 +1107,12 @@ "totp2f":"TOTP", "totp2fActivation":"Activation", "totp2fAuthnLevel":"TOTP authentication level", -"totp2fLabel":"Label", -"totp2fLogo":"Logo", "totp2fDigits":"Number of digits", "totp2fDisplayExistingSecret":"Display existing secret", "totp2fInterval":"Interval", "totp2fIssuer":"TOTP Issuer name", +"totp2fLabel":"Label", +"totp2fLogo":"Logo", "totp2fRange":"Range of attempts", "totp2fSelfRegistration":"Self registration", "totp2fTTL":"Lifetime", @@ -1004,20 +1141,20 @@ "unknownKey":"Unknown key", "unsecuredCookie":"Unsecured cookie", "up":"Move up", -"uploadDenied":"Upload denied", "upgradeSession":"Session upgrade", +"uploadDenied":"Upload denied", "uri":"URI", "url":"URL", "use":"Use", -"user":"user", -"users":"Users", -"userDB":"Users module", -"userdbOnly":"User DB only", -"userControl":"Username control", -"userPivot":"Login field name in user table", "useRedirectOnError":"Redirect on error", "useRedirectOnForbidden":"Redirect on forbidden", "useSafeJail":"Use Safe jail", +"user":"user", +"userControl":"Username control", +"userDB":"Users module", +"userPivot":"Login field name in user table", +"userdbOnly":"User DB only", +"users":"Users", "utotp2f":"TOTP-or-U2F", "utotp2fActivation":"Activation", "utotp2fAuthnLevel":"Authentication level", @@ -1025,10 +1162,10 @@ "utotp2fLogo":"Logo", "value":"Value", "values":"Values", -"variables":"Variables", "variableName":"Variable name", -"verifyU2FKey":"Verify U2F key", +"variables":"Variables", "verifyTOTPKey":"Verify TOTP key", +"verifyU2FKey":"Verify U2F key", "version":"Version", "vhostAccessToTrace":"Access to trace", "vhostAliases":"Aliases", @@ -1044,24 +1181,24 @@ "virtualHost":"Virtual Host", "virtualHostName":"Virtual host hostname", "virtualHosts":"Virtual Hosts", +"waitOrF5":"Wait for redirection or press F5", +"waitingForDatas":"Waiting for datas", "warning":"Warning", "warnings":"Warnings", -"waitingForDatas":"Waiting for datas", "webIDAuthnLevel":"Authentication level", "webIDExportedVars":"Exported variables", -"webidParams":"WebID parameters", "webIDWhitelist":"WebID whitelist", -"waitOrF5":"Wait for redirection or press F5", +"webidParams":"WebID parameters", "whatToTrace":"REMOTE_USER", "whiteList":"White list", "wsdlServer":"WSDL server", "yubikey2f":"Yubikey", "yubikey2fActivation":"Activation", "yubikey2fAuthnLevel":"Authentication level", +"yubikey2fClientID":"API client ID", +"yubikey2fFromSessionAttribute":"Get Yubikey ID from session attribute", "yubikey2fLabel":"Label", "yubikey2fLogo":"Logo", -"yubikey2fClientID":"API client ID", -"yubikey2fFromSessionAttribute": "Get Yubikey ID from session attribute", "yubikey2fNonce":"Nonce", "yubikey2fPublicIDSize":"OTP public ID part size", "yubikey2fSecretKey":"API secret key", @@ -1069,143 +1206,5 @@ "yubikey2fTTL":"Lifetime", "yubikey2fUrl":"Service URL", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", -"zeroConfExplanations":"Server has no configuration. Use template to save the first.", - -"saml":"SAML", -"samlAttribute":"SAML attribute", -"samlDiscoveryProtocol":"Discovery Protocol", -"samlDiscoveryProtocolActivation":"Activation", -"samlDiscoveryProtocolIsPassive":"Is Passive", -"samlDiscoveryProtocolPolicy":"Policy", -"samlDiscoveryProtocolURL":"EndPoint URL", -"samlNameIDFormatMap":"NameID formats", -"samlNameIDFormatMapEmail":"Email", -"samlNameIDFormatMapX509":"X509", -"samlNameIDFormatMapWindows":"Windows", -"samlNameIDFormatMapKerberos":"Kerberos", -"samlIDP":"SAML identity provider", -"samlIDPMetaDataNodes":"SAML Identity Providers", -"samlIDPMetaDataXML":"Metadata", -"samlIDPMetaDataExportedAttributes":"Exported attributes", -"samlIDPMetaDataOptions":"Options", -"samlIDPMetaDataOptionsNameIDFormat":"NameID format", -"samlIDPMetaDataOptionsForceAuthn":"Force authentication", -"samlIDPMetaDataOptionsIsPassive":"Passive authentication", -"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", -"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", -"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", -"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", -"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", -"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", -"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", -"samlIDPMetaDataOptionsSSOBinding":"SSO binding", -"samlIDPMetaDataOptionsSLOBinding":"SLO binding", -"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", -"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", -"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", -"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", -"samlIDPMetaDataOptionsCheckTime":"Check time conditions", -"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", -"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", -"samlIDPMetaDataOptionsSession":"Session", -"samlIDPMetaDataOptionsSignature":"Signature", -"samlIDPMetaDataOptionsSignatureMethod":"Signature method", -"samlIDPMetaDataOptionsBinding":"Binding", -"samlIDPMetaDataOptionsDisplay":"Display", -"samlIDPMetaDataOptionsDisplayName":"Display name", -"samlIDPMetaDataOptionsDisplayParams":"Display", -"samlIDPMetaDataOptionsIcon":"Logo", -"samlIDPMetaDataOptionsSecurity":"Security", -"samlIDPMetaDataOptionsSortNumber":"Order", -"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", -"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", -"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", -"samlSPMetaDataNodes":"SAML Service Providers", -"samlSPMetaDataXML":"Metadata", -"samlSPMetaDataExportedAttributes":"Exported attributes", -"samlSPMetaDataOptions":"Options", -"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", -"samlSPMetaDataOptionsOneTimeUse":"One time use", -"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", -"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", -"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", -"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", -"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", -"samlSPMetaDataOptionsAuthnResponse":"Authentication response", -"samlSPMetaDataOptionsSignature":"Signature", -"samlSPMetaDataOptionsSignatureMethod":"Signature method", -"samlSPMetaDataOptionsSecurity":"Security", -"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", -"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", -"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", -"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", -"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", -"samlSPMetaDataOptionsAuthnLevel":"Authentication level", -"samlSPMetaDataOptionsRule":"Access rule", -"samlSPMetaDataMacros":"Macros", -"samlIDPName":"SAML IDP Name", -"samlServiceMetaData":"SAML2 Service", -"samlEntityID":"Entity Identifier", -"samlOrganization":"Organization", -"samlOrganizationDisplayName":"Display Name", -"samlOrganizationName":"Name", -"samlOrganizationURL":"URL", -"samlSP":"SAML Service Provider", -"samlSPName":"SAML Service Provider Name", -"samlSPSSODescriptor":"Service Provider", -"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", -"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", -"samlSPSSODescriptorSingleLogoutService":"Single Logout", -"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", -"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", -"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", -"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", -"samlIDPSSODescriptor":"Identity Provider", -"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", -"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", -"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", -"samlIDPSSODescriptorSingleLogoutService":"Single Logout", -"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", -"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", -"samlAttributeAuthorityDescriptor":"Attribute Authority", -"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", -"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", -"samlServiceSecurity":"Security parameters", -"samlServiceSecuritySig":"Signature", -"samlServiceSecurityEnc":"Encryption", -"samlServicePrivateKeySig":"Private key", -"samlServicePrivateKeySigPwd":"Private key password", -"samlServicePublicKeySig":"Public key", -"samlServicePrivateKeyEnc":"Private key", -"samlServicePrivateKeyEncPwd":"Private key password", -"samlServicePublicKeyEnc":"Public key", -"samlServiceSignatureMethod":"Signature method", -"samlServiceUseCertificateInResponse":"Use certificate in responses", -"samlAdvanced":"Advanced", -"samlPartnerName":"Name of SAML partner", -"samlMetadataForceUTF8":"UTF8 metadata conversion", -"samlStorage":"SAML sessions module name", -"samlStorageOptions":"SAML sessions module options", -"samlAuthnContextMap":"Authentication contexts", -"samlAuthnContextMapPassword":"Password", -"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", -"samlAuthnContextMapTLSClient":"TLS client", -"samlAuthnContextMapKerberos":"Kerberos", -"samlCommonDomainCookie":"Common Domain Cookie", -"samlCommonDomainCookieActivation":"Activation", -"samlCommonDomainCookieDomain":"Common domain", -"samlCommonDomainCookieReader":"Reader URL", -"samlCommonDomainCookieWriter":"Writer URL", -"samlRelayStateTimeout":"RelayState session timeout", -"samlUseQueryStringSpecific":"Use specific query_string method", -"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" +"zeroConfExplanations":"Server has no configuration. Use template to save the first." } diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/es.json b/lemonldap-ng-manager/site/htdocs/static/languages/es.json index 2f6d5dece8..9a1030dd57 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/es.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"Explorador de sesiones 2snFA", +"2ndFA":"Segundos Factores", +"ADPwdExpireWarning":"Alerta de caducidad de la contraseña", +"ADPwdMaxAge":"Límite temporal de la contraseña", +"AuthLDAPFilter":"Filtro de autentificación", +"Configuration":"Configuración", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"Filtro por defecto", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Título opcional", +"SMTP":"SMTP", +"SMTPAuthPass":"Contraseña SMTP", +"SMTPAuthUser":"Usuario SMTP", +"SMTPPort":"Puerto SMTP", +"SMTPServer":"Servidor SMTP", +"SMTPTLS":"Protocolo SSL/TLS", +"SMTPTLSOpts":"Opciones SSL/TLS", +"SSLAuthnLevel":"Nivel de autentificación", +"SSLVar":"Campo de certificado extraído", +"SSLVarIf":"Campo de certificado condicional extraído", +"Same":"Igual", "_auth":"Autentificación", "_authChoice":"Opción de autentificación", "_idp":"IDP EntityID", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"Sello de tiempo de la autentificación", "_lastSeen":"Sello de tiempo de la última actividad", "_loginHistory":"Historial de accesos", +"_oidc_OP":"Clave del proveedor", "_oidc_access_token":"Ficha de acceso", "_oidc_id_token":"ID ficha", -"_oidc_OP":"Clave del proveedor", "_password":"Contraseña", "_passwordDB":"Contraseña", "_samlToken":"Ficha SAML", @@ -20,42 +41,38 @@ "_startTime":"Fecha de creación", "_timezone":"Huso horario", "_updateTime":"Fecha de actualización", +"_url":"URL origen", "_user":"Conexión", "_userDB":"Usuario", -"_url":"URL origen", "_utime":"Sello de tiempo de la sesión", -"2faSessions":"Explorador de sesiones 2snFA", -"2ndFA":"Segundos Factores", -"actives":"Habilitado", "activeTimer":"Hora de autoaceptación", +"actives":"Habilitado", +"adParams":"Parámetros del Directorio Activo", "adaptativeAuthenticationLevelRules":"Adaptative authentication rules", "addAppCasPartner":"Añadir aplicación CAS", "addIDPSamlPartner":"Añadir IDP SAML", "addOidcAttribute":"Add attribute", "addOidcOp":"Añadir OpenID Connect Provider", "addOidcRp":"Añadir OpenID Relying Party", -"addSamlAttribute":"Añadir atributo", "addSPSamlPartner":"Add SAML SP", +"addSamlAttribute":"Añadir atributo", "addSrvCasPartner":"Añadir servidor CAS", -"addU2FKey":"Añadir clave U2F", "addTOTPKey":"Añadir clave TOTP", +"addU2FKey":"Añadir clave U2F", "addVhost":"Añadir virtualhost", -"adParams":"Parámetros del Directorio Activo", -"ADPwdExpireWarning":"Alerta de caducidad de la contraseña", -"ADPwdMaxAge":"Límite temporal de la contraseña", "advancedParams":"Parámetros avanzados", "allowedMarkups":"Marcas permitidas:", "always":"Always", -"apacheParams":"Parámetros Apache", "apacheAuthnLevel":"Nivel de autentificación", +"apacheParams":"Parámetros Apache", "application":"Aplicación", "applicationDisplay":"Mostrar aplicación", "applicationList":"Categorías y aplicaciones", "applyResult":"Resultado de la solicitud", "appsInThisCat":"Aplicaciones en esta categoría", "array":"Array", -"attributesAndMacros":"Atributos y Macros", "attributeName":"Attribute name", +"attributesAndMacros":"Atributos y Macros", "authAndUserdb":"Authz and user DB", "authChain":"Cadena de autentificación", "authChoice":"Opción de autentificación", @@ -63,16 +80,15 @@ "authChoiceFindUser":"FindUser plugin parameter", "authChoiceModules":"Módulos permitidos", "authChoiceParam":"Parámetro URL", +"authOnly":"Sólo autentificación", +"authParams":"Parámetros de autentificación", "authentication":"Módulo de autentificación", -"authenticationNeeded":"Se necesita autentificación", "authenticationLevel":"Nivel de autentificación", +"authenticationNeeded":"Se necesita autentificación", "authenticationTitle":"Autentificación", -"AuthLDAPFilter":"Filtro de autentificación", -"authOnly":"Sólo autentificación", "author":"Autor", "authorIPAddress":"Dirección IP del autor", "authorizedValues":"Valores autorizados", -"authParams":"Parámetros de autentificación", "auto":"Automático", "autoSignin":"Autofirma", "autoSigninRules":"Reglas", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Expression containing an assignment. You can use \\x3D to avoid this warning.", "badHeaderName":"Nombre de cabecera incorrecto", "badHostname":"Hostname incorrecto", -"badLdapUri":"URI de LDAP incorrecta", -"badKeyName":"Nombre de clave incorrecto", "badIPv4Address":"Dirección IPv4 incorrecta", +"badKeyName":"Nombre de clave incorrecto", +"badLdapUri":"URI de LDAP incorrecta", "badMacroName":"Nombre de macro incorrecto", "badMetadataName":"Nombre de metadato incorrecto", "badPemEncoding":"Codificación PEM incorrecta", @@ -104,17 +120,17 @@ "blackList":"Black list", "bool":"Boolean", "browse":"Navegar", -"browsersDontStorePassword":"Evitar que los navegadores almacenen palabras de paso del usuario", +"browseTree":"Árbol de navegación", "browserIdAuthnLevel":"Nivel de autentificación", "browserIdAutoLogin":"Login automático", "browserIdBackgroundColor":"Color de fondo", -"browseridParams":"BrowserIDParams", "browserIdSiteLogo":"Logo del sitio", "browserIdSiteName":"Nombre del sitio", "browserIdVerificationURL":"URL de verificación", -"browseTree":"Árbol de navegación", -"bruteForceProtection":"Activación", +"browseridParams":"BrowserIDParams", +"browsersDontStorePassword":"Evitar que los navegadores almacenen palabras de paso del usuario", "bruteForceAttackProtection":"Protección contra ataques de fuerza bruta", +"bruteForceProtection":"Activación", "bruteForceProtectionIncrementalTempo":"Incremental lock", "bruteForceProtectionLockTimes":"Incremental lock times", "bruteForceProtectionMaxFailed":"Allowed failed logins", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"Activación en formulario de restauración por correo", "captcha_register_enabled":"Activación en formulario de registro", "captcha_size":"Tamaño", -"casAuthnLevel":"Nivel de autentificación", "casAccessControlPolicy":"Política de control de acceso", "casApp":"Aplicación CAS", "casAppMetaDataExportedVars":"Atributos exportados", +"casAppMetaDataMacros":"Macros", "casAppMetaDataNodes":"Aplicaciones CAS", "casAppMetaDataOptions":"Opciones", -"casAppMetaDataOptionsService":"URL de servicio", "casAppMetaDataOptionsAuthnLevel":"Authentication level", "casAppMetaDataOptionsRule":"Regla", -"casAppMetaDataMacros":"Macros", +"casAppMetaDataOptionsService":"URL de servicio", "casAppMetaDataOptionsUserAttribute":"Atributo de usuario", "casAppName":"Nombre de aplicación CAS", "casAttr":"Login CAS", "casAttributes":"Atributos exportados CAS", +"casAuthnLevel":"Nivel de autentificación", "casParams":"Parámetros CAS", "casServiceMetadata":"Servicio CAS", "casSrv":"Servidor CAS", "casSrvMetaDataExportedVars":"Atributos exportados", +"casSrvMetaDataNodes":"Servidores CAS", "casSrvMetaDataOptions":"Opciones", "casSrvMetaDataOptionsDisplay":"Display", "casSrvMetaDataOptionsDisplayName":"Nombre a mostrar", "casSrvMetaDataOptionsGateway":"Gateway de autentificación", "casSrvMetaDataOptionsIcon":"Icon path", -"casSrvMetaDataOptionsSortNumber":"Orden", -"casSrvMetaDataOptionsRenew":"Renovar autentificación", "casSrvMetaDataOptionsProxiedServices":"Servicios proxificados", +"casSrvMetaDataOptionsRenew":"Renovar autentificación", +"casSrvMetaDataOptionsSortNumber":"Orden", "casSrvMetaDataOptionsUrl":"URL de servicio", -"casSrvMetaDataNodes":"Servidores CAS", "casSrvName":"Nombre de servidor CAS", "casStorage":"CAS sessions module name", "casStorageOptions":"CAS sessions module options", "categoryName":"Nombre de categoría", "cda":"Dominios múltiples", "certificateMailContent":"Contenido de correo", -"certificateResetByMailManagement":"Gestión de certificado", -"certificateResetByMailURL":"Reiniciar página URL", "certificateResetByMailCeaAttribute":" Certificate Exact Assertion attribute name", "certificateResetByMailCertificateAttribute":" Certificate binary content attribute name", -"certificateResetByMailStep1Subject":"Reiniciar subject del correo", +"certificateResetByMailManagement":"Gestión de certificado", "certificateResetByMailStep1Body":"Reiniciar contenido del correo", -"certificateResetByMailStep2Subject":"Confirmación del subject", +"certificateResetByMailStep1Subject":"Reiniciar subject del correo", "certificateResetByMailStep2Body":"Confirmación de contenido del correo", +"certificateResetByMailStep2Subject":"Confirmación del subject", +"certificateResetByMailURL":"Reiniciar página URL", "certificateResetByMailValidityDelay":"Duración mínima antes de la caducidad", -"contentSecurityPolicy":"Política de seguridad de contenido", -"contextSwitching":"Switch context another user", -"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", -"contextSwitchingHiddenAttributes":"Atributos ocultos", -"contextSwitchingIdRule":"Regla de uso de identidades", -"contextSwitchingRule":"Regla de uso", -"contextSwitchingStopWithLogout":"Stop by logout", -"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", -"cspConnect":"Destinos Ajax", -"cspDefault":"Valor por defecto", -"cspFont":"Font source", -"cspFormAction":"Form destinations", -"cspFrameAncestors":"Frame ancestors URL", -"cspImg":"Image source", -"cspScript":"Script source", -"cspStyle":"Style source", -"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", -"corsEnabled":"Activación", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Sumario", "cfgVersion":"Configuration version", -"checkXSS":"Comprobar ataques XSS", -"clickHereToForce":"Haga click aquí para forzar", -"claimName":"Claim name", -"checkboxes":"Checkboxes", "checkDevOps":"Activation", "checkDevOpsDownload":"Download file", "checkState":"Activación", "checkStateSecret":"Secreto compartido", -"checkUsers":"Comprobación de perfil SSO", "checkUser":"Activación", "checkUserDisplay":"Display", -"checkUserIdRule":"Regla de uso de identidades", -"checkUserHiddenAttributes":"Atributos ocultos", -"checkUserUnrestrictedUsersRule":"Unrestricted users rule", "checkUserDisplayComputedSession":"Computed sessions", -"checkUserDisplayPersistentInfo":"Persistent session data", "checkUserDisplayEmptyHeaders":"Empty headers", "checkUserDisplayEmptyValues":"Empty values", "checkUserDisplayNormalizedHeaders":"Normalized headers", +"checkUserDisplayPersistentInfo":"Persistent session data", +"checkUserHiddenAttributes":"Atributos ocultos", "checkUserHiddenHeaders":"Hidden headers", +"checkUserIdRule":"Regla de uso de identidades", "checkUserSearchAttributes":"Atributos usados en la búsqueda de sesiones", +"checkUserUnrestrictedUsersRule":"Unrestricted users rule", +"checkUsers":"Comprobación de perfil SSO", +"checkXSS":"Comprobar ataques XSS", +"checkboxes":"Checkboxes", "choiceParams":"Choice parameters", "chooseLogo":"Elija logotipo", "chooseSkin":"Elija revestimiento", +"claimName":"Claim name", +"clickHereToForce":"Haga click aquí para forzar", +"combModules":"Lista de módulos", "combination":"Combinación", "combinationParams":"Parámetros de combinación", "combineMods":"Combinación de módulos", -"combModules":"Lista de módulos", "comment":"Comentario", "comments":"Comentarios", +"compactConf":"Compact configuration file", "condition":"Condición", "conf":"Configuración", -"Configuration":"Configuración", -"confirmFormMethod":"Método de confirmación de formulario", "confModuledeprecated":"Este módulo está obsoleto. Para utilizarlo, establezca \"forceUpload=1\" in lemonldap-ng.ini", "confNotChanged":"No se han detectado cambios, salvaguarda interrumpida", "confSaved":"Configuración salvada", "confWasChanged":"Se ha cambiado la configuración", +"confirmFormMethod":"Método de confirmación de formulario", "connectionTitle":"Conexión", "content":"Contenido", +"contentSecurityPolicy":"Política de seguridad de contenido", +"contextSwitching":"Switch context another user", +"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", +"contextSwitchingHiddenAttributes":"Atributos ocultos", +"contextSwitchingIdRule":"Regla de uso de identidades", +"contextSwitchingRule":"Regla de uso", +"contextSwitchingStopWithLogout":"Stop by logout", +"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", "cookieExpiration":"Hora de caducidad de la cookie", "cookieName":"Cookie name", "cookieParams":"Cookies", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"Activación", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"Crear", +"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"API key", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"Base URL of local API", +"cspConnect":"Destinos Ajax", +"cspDefault":"Valor por defecto", +"cspFont":"Font source", +"cspFormAction":"Form destinations", +"cspFrameAncestors":"Frame ancestors URL", +"cspImg":"Image source", +"cspScript":"Script source", +"cspStyle":"Style source", "currentConfiguration":"Configuración actual", "customAddParams":"Parámetros adicionales", "customAuth":"Módulo personalizado de autentificación ", @@ -257,21 +272,23 @@ "customResetCertByMail":"Módulo personalizado de certificateResetByMail", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"Módulo personalizado de usuario de BD", +"databaseLocked":"Base de datos bloqueada por otro proceso", "date":"Fecha", +"dateTitle":"Fechas", "dbiAuthChain":"Cadena", "dbiAuthLoginCol":"Nombre del campo de acceso", -"dbiAuthnLevel":"Nivel de autentificación", "dbiAuthPassword":"Contraseña", "dbiAuthPasswordCol":"Nombre de campo password", "dbiAuthPasswordHash":"Función hash", -"dbiDynamicHash":"Visor de diferencias", -"dbiDynamicHashEnabled":"Activación de hash dinámico", -"dbiDynamicHashValidSchemes":"Funciones soportadas (no-salted)", -"dbiDynamicHashValidSaltedSchemes":"Funciones soportadas (salted)", -"dbiDynamicHashNewPasswordScheme":"Esquema de hash dinámico para nuevos passwords", "dbiAuthTable":"Tabla de autentificación", "dbiAuthUser":"Usuario", +"dbiAuthnLevel":"Nivel de autentificación", "dbiConnection":"Conexión", +"dbiDynamicHash":"Visor de diferencias", +"dbiDynamicHashEnabled":"Activación de hash dinámico", +"dbiDynamicHashNewPasswordScheme":"Esquema de hash dinámico para nuevos passwords", +"dbiDynamicHashValidSaltedSchemes":"Funciones soportadas (salted)", +"dbiDynamicHashValidSchemes":"Funciones soportadas (no-salted)", "dbiExportedVars":"Variables exportadas", "dbiParams":"Parámetros DBI", "dbiPassword":"Password", @@ -283,31 +300,29 @@ "decryptValueRule":"Regla de uso", "default":"Valor por defecto", "defaultRule":"Regla por defecto", -"demoModeOn":"Este gestor se ejecuta en modo de pruebas", "deleteEntry":"Borrar", "deleteNotification":"Borrar", "deleteSession":"Borrar sesión", -"deleteU2FKey":"Borrar clave U2F", "deleteTOTPKey":"Borrar clave TOTP", +"deleteU2FKey":"Borrar clave U2F", "demoExportedVars":"Variables exportadas", +"demoModeOn":"Este gestor se ejecuta en modo de pruebas", "demoParams":"Parámetros de prueba", "description":"Descripción", "dest":"Recipient", -"diffViewer":"Visor de diferencias", "devOpsCheck":"Check DevOps handler file", +"diffViewer":"Visor de diferencias", "diffWithPrevious":"Diferencia con anterior", +"disablePersistentStorage":"Deshabilitar almacenamiento", "disabled":"Deshabilitado", "displaySessionId":"Display session identifier", +"dn":"DN", +"domain":"Dominio", "done":"hecho", "dones":"Hecho", -"down":"Move down", "doubleCookie":"Doble cookie (HTTP y HTTPS)", "doubleCookieForSingleSession":"Doble cookie para sesión simple", -"databaseLocked":"Base de datos bloqueada por otro proceso", -"dateTitle":"Fechas", -"dn":"DN", -"domain":"Dominio", -"compactConf":"Compact configuration file", +"down":"Move down", "download":"Descarga", "downloadIt":"Descargarlo", "duplicate":"Duplicar", @@ -316,21 +331,20 @@ "emptyConf":"Configuración vacía", "emptyValueNotAllowed":"Valor vacío no permitido", "enabled":"Habilitado", -"disablePersistentStorage":"Deshabilitar almacenamiento", "enterPassword":"Introduzca password (opcional)", "error":"Error", "errors":"ERRORES", "exportedAttr":"Atributos SOAP/REST exportados", "exportedHeaders":"Cabeceras exportadas", "exportedVars":"Variables exportadas", +"ext2FSendCommand":"Enviar comando", +"ext2FValidateCommand":"Validación de comando", "ext2f":"Segundo factor externo", "ext2fActivation":"Activación", -"ext2fCodeActivation":"Expresión regular", "ext2fAuthnLevel":"Nivel de autentificación", +"ext2fCodeActivation":"Expresión regular", "ext2fLabel":"Etiqueta", "ext2fLogo":"Logo", -"ext2FSendCommand":"Enviar comando", -"ext2FValidateCommand":"Validación de comando", "facebookAppId":"Facebook application ID", "facebookAppSecret":"Facebook application secret", "facebookAuthnLevel":"Nivel de autentificación", @@ -340,16 +354,16 @@ "failedLoginNumber":"Número de fallos en la identificación", "fileToUpload":"Fichero a cargar", "findUser":"Activation", -"findUsers":"Search for user account", "findUserControl":"Parameters control", "findUserExcludingAttributes":"Excluding attributes", "findUserSearchingAttributes":"Searching attributes", "findUserWildcard":"Character used as wildcard", +"findUsers":"Search for user account", "forbidden":"No está autorizado a mostrar esta página", "forceSave":"Forzar salvaguarda", -"format":"Formato", "formReplay":"Repetir formulario", "formTimeout":"Caducidad de formulario", +"format":"Formato", "forms":"Formularios", "friendlyName":"Nombre amigable", "generalParameters":"Parámetros generales", @@ -371,72 +385,73 @@ "grantSessionRules":"Condiciones de apertura", "groups":"Grupos", "groupsBeforeMacros":"Método para formulario de información", +"hGroups":"Groups (HashRef)", "hashkey":"Clave", "headers":"Cabeceras HTTP", -"hGroups":"Groups (HashRef)", -"hostname":"Hostname", "hiddenAttributes":"Atributos ocultos", "hide":"Ocultar", "hideHelp":"Ocultar ayuda", "hideOldPassword":"Ocultar contraseña antigua", "hideTree":"Ocultar árbol", +"hostname":"Hostname", "httpOnly":"Protección javascript", "https":"HTTPS", "impersonation":"Suplantación", -"impersonationRule":"Usar regla", -"impersonationIdRule":"Regla de uso de identidades", "impersonationHiddenAttributes":"Atributos ocultos", +"impersonationIdRule":"Regla de uso de identidades", "impersonationMergeSSOgroups":"Fusionar grupos SSO reales y falsos", +"impersonationRule":"Usar regla", "impersonationSkipEmptyValues":"Saltar valores vacíos", "impersonationUnrestrictedUsersRule":"Unrestricted users rule", "incompleteForm":"Faltan campos obligatorios", "index":"Índice", "infoFormMethod":"Método para formulario de información", -"invalidSessionData":"Datos de sesión inválidos", +"instance":"Instance", "int":"Integer", "internalReference":"Referencia interna", +"invalidSessionData":"Datos de sesión inválidos", "ipAddr":"Dirección IP", "ipAddresses":"Direcciones IP", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Activación", +"issuerDBCASOptions":"Opciones", +"issuerDBCASPath":"Sendero", +"issuerDBCASRule":"Usar regla", "issuerDBGet":"GET", "issuerDBGetActivation":"Activación", "issuerDBGetParameters":"Parámetros GET", "issuerDBGetPath":"Sendero", "issuerDBGetRule":"Usar regla", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"Activación", -"issuerDBSAMLPath":"Sendero", -"issuerDBSAMLRule":"Usar regla", -"issuerDBCAS":"CAS", -"issuerDBCASActivation":"Activación", -"issuerDBCASPath":"Sendero", -"issuerDBCASRule":"Usar regla", -"issuerDBCASOptions":"Opciones", "issuerDBOpenID":"OpenID", "issuerDBOpenIDActivation":"Activación", -"issuerDBOpenIDPath":"Sendero", -"issuerDBOpenIDRule":"Usar regla", -"issuerDBOpenIDOptions":"Opciones", "issuerDBOpenIDConnect":"OpenID Connect", "issuerDBOpenIDConnectActivation":"Activación", "issuerDBOpenIDConnectPath":"Sendero", "issuerDBOpenIDConnectRule":"Usar regla", +"issuerDBOpenIDOptions":"Opciones", +"issuerDBOpenIDPath":"Sendero", +"issuerDBOpenIDRule":"Usar regla", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Activación", +"issuerDBSAMLPath":"Sendero", +"issuerDBSAMLRule":"Usar regla", "issuerOptions":"Opciones", "issuerParams":"Issuer modules", "issuersTimeout":"Issuers timeout", -"jsRedirect":"Mensaje de redireccionamiento", "jqueryButtonSelector":"Botón selector jQuery (opcional)", "jqueryFormSelector":"Formulario selector jQuery (opcional)", "jqueryUrl":"URL JQuery (opcional)", +"jsRedirect":"Mensaje de redireccionamiento", +"kerberosParams":"Paŕametros Kerberos", "key":"Clave de cifrado", -"keys":"Claves", -"keyname":"Nombre de clave", "keyPassword":"Password de clave", +"keyname":"Nombre de clave", +"keys":"Claves", +"krbAllowedDomains":"Allowed domains", "krbAuthnLevel":"Nivel de autentificación Kerberos", "krbByJs":"Utilizar solicitud Ajax", "krbKeytab":"Fichero keytab", "krbRemoveDomain":"Quitar dominio del usuario Kerberos", -"krbAllowedDomains":"Allowed domains", -"kerberosParams":"Paŕametros Kerberos", "label":"Etiqueta", "languages":"Idiomas", "latest":"Último", @@ -450,7 +465,6 @@ "ldapConnection":"Conexión", "ldapExportedVars":"Variables exportadas", "ldapFilters":"Filtros", -"LDAPFilter":"Filtro por defecto", "ldapGetUserBeforePasswordChange":"Search for user before password change", "ldapGroupAttributeName":"Atributo objetivo", "ldapGroupAttributeNameGroup":"Group source attribute", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"Clase objeto", "ldapGroupRecursive":"Recursivo", "ldapGroups":"Grupos", +"ldapIOTimeout":"Operation timeout", "ldapITDS":"Soporte IBM Tivoli DS", "ldapParams":"Parámetros LDAP", "ldapPassword":"Contraseña", "ldapPasswordResetAttribute":"Reiniciar atributo", "ldapPasswordResetAttributeValue":"Reiniciar valor", -"ldapPpolicyControl":"Control de política de contraseña", "ldapPort":"Puerto del servidor", +"ldapPpolicyControl":"Control de política de contraseña", "ldapPwdEnc":"Codificación del password de LDAP", "ldapRaw":"Atributos binarios", "ldapSearchDeref":"Alias dereference", "ldapServer":"Servidor", "ldapSetPassword":"Password modify extended operation", "ldapTimeout":"Connection timeout", -"ldapIOTimeout":"Operation timeout", "ldapUsePasswordResetAttribute":"Usar atributo de reset", "ldapVerify":"Verify LDAP server certificate", "ldapVersion":"Versión", @@ -483,35 +497,34 @@ "linkedInClientID":"ID ciente", "linkedInClientSecret":"Secreto cliente", "linkedInFields":"Searched fields", -"linkedinParams":"Parámetros LinkedIn", "linkedInScope":"Ámbito", "linkedInUserField":"Campo identificador de usuario", +"linkedinParams":"Parámetros LinkedIn", "load":"Cargar", -"loadedConfiguration":"Configuración cargada", "loadFromUrl":"Cargar desde URL", +"loadedConfiguration":"Configuración cargada", "localSessionStorage":"Módulo caché", "localSessionStorageOptions":"Opciones de módulo caché", "locationRules":"Reglas de acceso", +"logParams":"Logs", "loginHistory":"Historial de accesos", "loginHistoryEnabled":"Activación", "logo":"Logotipo", "logout":"Desconexión", "logoutServices":"Logout forward", -"logParams":"Logs", "lwpOpts":"Opciones para solicitudes de servidor", "lwpSslOpts":"Opciones SSL para solicitudes de servidor", -"instance":"Instance", "macros":"Macros", "mail2f":"Correo segundo factor", "mail2fActivation":"Activación", -"mail2fCodeRegex":"Regex", -"mail2fTimeout":"Caducidad de código", -"mail2fSubject":"Subject del correo", -"mail2fBody":"Cuerpo del correo", "mail2fAuthnLevel":"Nivel de autentificación", -"mail2fLabel":"Etiqueta", +"mail2fBody":"Cuerpo del correo", +"mail2fCodeRegex":"Regex", +"mail2fLabel":"Etiqueta", "mail2fLogo":"Logotipo", "mail2fSessionKey":"Session key containing mail address", +"mail2fSubject":"Subject del correo", +"mail2fTimeout":"Caducidad de código", "mailBody":"Success mail content", "mailCharset":"Juego de caracteres", "mailConfirmBody":"Contenido del correo de confirmación", @@ -535,22 +548,22 @@ "markAsDone":"Marcar como realizado", "memberOfSSOGroups":"Miembro de grupos SSO", "menu":"Menú", +"menuCategory":"Categoría de menú", "message":"Mensaje", "messages":"Mensajes", -"menuCategory":"Categoría de menú", "modulesTitle":"Módulos utilizados", "multiIp":"Multi IP", -"multipleSessions":"Múltiples sesiones", "multiValuesSeparator":"Separador", +"multipleSessions":"Múltiples sesiones", "name":"Nombre", "needConfirmation":"Hay una nueva configuración disponible. Para forzar el respaldo de la actual marque el checkbox que hay junto al botón 'Salvar'", "networkProblem":"Problema de red", "never":"Never", "newApp":"Nueva aplicación", -"newChain":"Nueva cadena", "newCat":"Nueva categoría", "newCertificate":"New certificate", "newCfgAvailable":"Hay una nueva configuración disponible", +"newChain":"Nueva cadena", "newCmbMod":"Nuevo módulo", "newCmbOver":"Nuevo parámetro", "newEntry":"Nueva entrada", @@ -560,41 +573,40 @@ "newPostVar":"Nueva variable", "newRSAKey":"Nuevas claves", "newRule":"Nueva regla", -"newSfOver":"Nuevo parámetro", "newSfExtra":"Nuevo segundo factor", +"newSfOver":"Nuevo parámetro", "newValue":"Nuevo valor", "next":"Siguiente", "nginxCustomHandlers":"Handlers personalizados para Nginx", "noAjaxHook":"Mantener redirecciones para Ajax", "noData":"No hay datos que mostrar", "notABoolean":"No es booleano", -"notAnInteger":"No es entero", "notAValidPerlExpression":"No es una expresión Perl válida", +"notAnInteger":"No es entero", "notification":"Activación", -"notifications":"Notificaciones", -"notification_s":"Notificación(es)", -"notificationDefaultCond":"Condición por defecto", -"notificationServer":"Servidor de notificación", -"notificationServerDELETE":"Método DELETE", -"notificationServerGET":"Método GET", -"notificationServerMethods":"Métodos HTTP", -"notificationServerPOST":"Método POST", -"notificationServerSentAttributes":"Parámetros de notificación a enviar", -"serverNotification":"Servidor", "notificationCreated":"Se ha creado notificación", +"notificationDefaultCond":"Condición por defecto", "notificationDeleted":"Notification has been marked as done", "notificationDone":"Notificación hecha", -"notificationsDone":"Notificaciones hechas", -"notificationsExplorer":"Explorador", "notificationNotCreated":"No se creó la notificación", "notificationNotDeleted":"No se marcó la notificación como hecha", "notificationNotFound":"No se encontró la notificación", "notificationNotPurged":"No se ha eliminado definitivamente la notificación", "notificationPurged":"Se ha eliminado definitivamente la notificación", +"notificationServer":"Servidor de notificación", +"notificationServerDELETE":"Método DELETE", +"notificationServerGET":"Método GET", +"notificationServerMethods":"Métodos HTTP", +"notificationServerPOST":"Método POST", +"notificationServerSentAttributes":"Parámetros de notificación a enviar", "notificationStorage":"Módulo de almacenamiento", "notificationStorageOptions":"Parámetros del módulo de almacenamiento", "notificationWildcard":"Carácter comodín para todos los usuarios", "notificationXSLTfile":"Fichero XSLT personalizado", +"notification_s":"Notificación(es)", +"notifications":"Notificaciones", +"notificationsDone":"Notificaciones hechas", +"notificationsExplorer":"Explorador", "notifyDeleted":"Mostrar sesiones borradas", "notifyOther":"Mostrar otras sesiones", "nullAuthnLevel":"Nivel de autentificación", @@ -602,8 +614,6 @@ "number":"Número", "off":"Apagado", "offlineSessions":"Sesiones sin conexión", -"oldValue":"Valor antiguo", -"on":"Conectado", "oidcAttribute":"OIDC Attribute", "oidcAuthnLevel":"Nivel de autentificación", "oidcConsents":"OpenID Connect Consents", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"Metadatos", "oidcOPMetaDataJWKS":"Datos JWKS", "oidcOPMetaDataNode":"OpenID Connect Providers", +"oidcOPMetaDataNodes":"Proveedores de conexión OpenID", "oidcOPMetaDataOptions":"Opciones", -"oidcRPMetaDataOptionsBasic":"Basic", -"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", -"oidcRPMetaDataOptionsAdvanced":"Advanced", -"oidcRPMetaDataOptionsTimeouts":"Timeouts", -"oidcRPMetaDataOptionsAllowOffline":"Permitir acceso sin conexión", +"oidcOPMetaDataOptionsAcrValues":"Valores ACR", "oidcOPMetaDataOptionsCheckJWTSignature":"Comprobar firma JWT", "oidcOPMetaDataOptionsClientID":"ID cliente", "oidcOPMetaDataOptionsClientSecret":"Secreto del cliente", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"Display", "oidcOPMetaDataOptionsDisplayName":"Mostrar nombre", "oidcOPMetaDataOptionsDisplayParams":"Display", +"oidcOPMetaDataOptionsIDTokenMaxAge":"Caducidad de token ID", "oidcOPMetaDataOptionsIcon":"Logotipo", -"oidcOPMetaDataOptionsSortNumber":"Orden", "oidcOPMetaDataOptionsJWKSTimeout":"Caducidad de datos JWKS", -"oidcRPMetaDataOptionsLogoutSessionRequired":"Se requiere sesión", -"oidcRPMetaDataOptionsLogoutType":"Tipo", -"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsMaxAge":"Max age", +"oidcOPMetaDataOptionsPrompt":"Prompt", "oidcOPMetaDataOptionsProtocol":"Protocolo", -"oidcRPMetaDataOptionsPublic":"Cliente público", -"oidcRPMetaDataOptionsRequirePKCE":"Se requiere PKCE", -"oidcRPMetaDataOptionsAuthnLevel":"Authentication level", -"oidcRPMetaDataOptionsRule":"Regla de acceso", -"oidcRPMetaDataMacros":"Macros", -"oidcRPMetaDataScopeRules":"Scope rules", "oidcOPMetaDataOptionsScope":"Ámbito", +"oidcOPMetaDataOptionsSortNumber":"Orden", "oidcOPMetaDataOptionsStoreIDToken":"Guardar token ID", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method", +"oidcOPMetaDataOptionsUiLocales":"Locales UI", +"oidcOPMetaDataOptionsUseNonce":"Use nonce", "oidcOPName":"OpenID Connect Provider Name", "oidcParams":"OpenID Connect parameters", "oidcRP":"OpenID Connect Relying Party", "oidcRPCallbackGetParam":"Callback GET parameter", "oidcRPMetaDataExportedVars":"Atributos exportados", +"oidcRPMetaDataMacros":"Macros", "oidcRPMetaDataNode":"OpenID Connect Relying Parties", +"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", "oidcRPMetaDataOptions":"Opciones", +"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenExpiration":"Caducidad del token de acceso", "oidcRPMetaDataOptionsAccessTokenJWT":"Use JWT format for Access Token", -"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Access Token signature algorithm", +"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", +"oidcRPMetaDataOptionsAdvanced":"Advanced", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Allow OAuth2.0 Client Credentials Grant", +"oidcRPMetaDataOptionsAllowOffline":"Permitir acceso sin conexión", "oidcRPMetaDataOptionsAllowPasswordGrant":"Allow OAuth2.0 Password Grant", +"oidcRPMetaDataOptionsAuthnLevel":"Authentication level", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Caducidad del código de autorización", +"oidcRPMetaDataOptionsBasic":"Basic", "oidcRPMetaDataOptionsBypassConsent":"Bypass consent", "oidcRPMetaDataOptionsClientID":"ID del cliente", "oidcRPMetaDataOptionsClientSecret":"Secreto del cliente", "oidcRPMetaDataOptionsDisplay":"Display", "oidcRPMetaDataOptionsDisplayName":"Mostrar nombre", -"oidcRPMetaDataOptionsIcon":"Logotipo", +"oidcRPMetaDataOptionsExtraClaims":"Extra claims", "oidcRPMetaDataOptionsIDTokenExpiration":"Caducidad del token ID", -"oidcRPMetaDataOptionsIDTokenSignAlg":"Algoritmo de firma del token ID", "oidcRPMetaDataOptionsIDTokenForceClaims":"Force claims to be returned in ID Token", +"oidcRPMetaDataOptionsIDTokenSignAlg":"Algoritmo de firma del token ID", +"oidcRPMetaDataOptionsIcon":"Logotipo", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Se requiere sesión", +"oidcRPMetaDataOptionsLogoutType":"Tipo", +"oidcRPMetaDataOptionsLogoutUrl":"URL", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Caducidad de sesión desconectada", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", +"oidcRPMetaDataOptionsPublic":"Cliente público", +"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRequirePKCE":"Se requiere PKCE", +"oidcRPMetaDataOptionsRule":"Regla de acceso", +"oidcRPMetaDataOptionsTimeouts":"Timeouts", "oidcRPMetaDataOptionsUserIDAttr":"Atributo de usuario", +"oidcRPMetaDataScopeRules":"Scope rules", "oidcRPName":"OpenID Connect RP Name", "oidcRPStateTimeout":"Caducidad de estado de sesión", +"oidcServiceAccessTokenExpiration":"Caducidad del token de acceso", +"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", +"oidcServiceAllowDynamicRegistration":"Registro dinámico", +"oidcServiceAllowHybridFlow":"Flujo híbrido", +"oidcServiceAllowImplicitFlow":"Flujo implícito", +"oidcServiceAllowOffline":"Permitir acceso offline", +"oidcServiceAuthorizationCodeExpiration":"Caducidad del código de autorización", +"oidcServiceDynamicRegistrationExportedVars":"Variables exportadas para registro dinámico", +"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", +"oidcServiceIDTokenExpiration":"Caducidad del token ID", +"oidcServiceKeyIdSig":"ID de la clave firmante", "oidcServiceMetaData":"OpenID Connect Service", +"oidcServiceMetaDataAuthnContext":"Contexto de autentificación", "oidcServiceMetaDataAuthorizeURI":"Autorización", "oidcServiceMetaDataBackChannelURI":"URI de Back-Channel", +"oidcServiceMetaDataCheckSessionURI":"Check Session", "oidcServiceMetaDataEndPoints":"End points", +"oidcServiceMetaDataEndSessionURI":"Fin de sesión", "oidcServiceMetaDataFrontChannelURI":"URI de Front-Channel", +"oidcServiceMetaDataIntrospectionURI":"Instrospección", +"oidcServiceMetaDataIssuer":"Issuer identifier", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"Claves", "oidcServiceMetaDataRegistrationURI":"Registro", -"oidcServiceMetaDataIntrospectionURI":"Instrospección", "oidcServiceMetaDataSecurity":"Seguridad", -"oidcServiceMetaDataEndSessionURI":"Fin de sesión", -"oidcServiceMetaDataAuthnContext":"Contexto de autentificación", "oidcServiceMetaDataSessions":"Sesiones", +"oidcServiceMetaDataTokenURI":"Token", +"oidcServiceMetaDataUserInfoURI":"Información del usuario", +"oidcServiceOfflineSessionExpiration":"Caducidad de la sesión offline", "oidcServicePrivateKeySig":"Clave privada firmante", "oidcServicePublicKeySig":"Clave pública firmante", -"oidcServiceKeyIdSig":"ID de la clave firmante", -"oidcServiceAuthorizationCodeExpiration":"Caducidad del código de autorización", -"oidcServiceAccessTokenExpiration":"Caducidad del token de acceso", -"oidcServiceDynamicRegistrationExportedVars":"Variables exportadas para registro dinámico", -"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", -"oidcServiceIDTokenExpiration":"Caducidad del token ID", -"oidcServiceOfflineSessionExpiration":"Caducidad de la sesión offline", "oidcStorage":"Nombre del módulo de sesiones", "oidcStorageOptions":"Opciones del módulo de sesiones", -"oidcOPMetaDataNodes":"Proveedores de conexión OpenID", -"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", -"oidcOPMetaDataOptionsPrompt":"Prompt", -"oidcOPMetaDataOptionsMaxAge":"Max age", -"oidcOPMetaDataOptionsUiLocales":"Locales UI", -"oidcOPMetaDataOptionsAcrValues":"Valores ACR", -"oidcOPMetaDataOptionsIDTokenMaxAge":"Caducidad de token ID", -"oidcOPMetaDataOptionsUseNonce":"Use nonce", -"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", -"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", -"oidcRPMetaDataOptionsExtraClaims":"Extra claims", -"oidcServiceMetaDataIssuer":"Issuer identifier", -"oidcServiceMetaDataTokenURI":"Token", -"oidcServiceMetaDataUserInfoURI":"Información del usuario", -"oidcServiceMetaDataCheckSessionURI":"Check Session", -"oidcServiceAllowDynamicRegistration":"Registro dinámico", -"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", -"oidcServiceAllowImplicitFlow":"Flujo implícito", -"oidcServiceAllowHybridFlow":"Flujo híbrido", -"oidcServiceAllowOffline":"Permitir acceso offline", "ok":"OK", "oldNotifFormat":"Usa formato XML antiguo", +"oldValue":"Valor antiguo", +"on":"Conectado", "openIdAttr":"Login OpenID", "openIdAuthnLevel":"Nivel de autentificación", "openIdExportedVars":"Variables exportadas", "openIdIDPList":"Dominios autorizados", "openIdIssuerSecret":"Token secreto", -"openidParams":"Parámetros OpenID", +"openIdSPList":"Dominios autorizados", "openIdSecret":"Token secreto", "openIdSreg":"Presentación SREG", +"openIdSreg_country":"País", +"openIdSreg_dob":"Fecha de nacimiento", +"openIdSreg_email":"Email", "openIdSreg_fullname":"Nombre completo", -"openIdSreg_nickname":"Apodo", +"openIdSreg_gender":"Género", "openIdSreg_language":"Idioma", +"openIdSreg_nickname":"Apodo", "openIdSreg_postcode":"Código postal", "openIdSreg_timezone":"Zona horaria", -"openIdSreg_country":"País", -"openIdSreg_gender":"Género", -"openIdSreg_email":"Email", -"openIdSreg_dob":"Fecha de nacimiento", -"openIdSPList":"Dominios autorizados", -"OpenIDConnect":"OpenID Connect", -"OptionalTitle":"Título opcional", +"openidParams":"Parámetros OpenID", "overPrm":"Overloaded parameters", "pamAuthnLevel":"Nivel de autentificación", "pamParams":"Parámetros PAM", @@ -745,11 +755,11 @@ "passwordManagement":"Gestión de contraseña", "passwordPolicy":"Password policy", "passwordPolicyActivation":"Activación", -"passwordPolicyMinSize":"Tamaño mínimo", -"passwordPolicyMinLower":"Mínimo número de letras minúsculas", -"passwordPolicyMinUpper":"Mínimo número de letras mayúsculas", "passwordPolicyMinDigit":"Mínimo número de dígitos", +"passwordPolicyMinLower":"Mínimo número de letras minúsculas", +"passwordPolicyMinSize":"Tamaño mínimo", "passwordPolicyMinSpeChar":"Minimal special characters", +"passwordPolicyMinUpper":"Mínimo número de letras mayúsculas", "passwordPolicySpecialChar":"Allowed special characters", "passwordResetAllowedRetries":"Máximo número de reintentos de restauración de contraseña", "persistent":"Persistente", @@ -771,8 +781,8 @@ "portalDisplayGeneratePassword":"Display generate password box", "portalDisplayLoginHistory":"Historial de accesos", "portalDisplayLogout":"Logout", -"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayOidcConsents":"Consentimientos OIDC", +"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayRefreshMyRights":"Display rights refresh link", "portalDisplayRegister":"Registrar nueva cuenta", "portalDisplayResetPassword":"Reiniciar contraseña", @@ -780,6 +790,7 @@ "portalErrorOnMailNotFound":"Mostrar error cuando no se encuentra el email", "portalForceAuthn":"Forzar autentificación", "portalForceAuthnInterval":"Force authentication interval", +"portalMainLogo":"Logotipo principal", "portalMenu":"Menú", "portalModules":"Activación de módulos", "portalOpenLinkInNewWindow":"Nueva ventana", @@ -792,31 +803,30 @@ "portalSkin":"Revestimiento por defecto", "portalSkinBackground":"Revestimiento del fondo", "portalSkinRules":"Skin display rules", -"portalMainLogo":"Logotipo principal", "portalStatus":"Publish portal status", "portalUserAttr":"User attribute", "post":"Form replay", -"postedVars":"Variables to post", -"postUrl":"Form URL", "postTargetUrl":"Form target URL (optional)", +"postUrl":"Form URL", +"postedVars":"Variables to post", "previous":"Previous", "privateKey":"Clave privada", -"proxyAuthnLevel":"Nivel de autentificación", "proxyAuthService":"URL de portal interno", -"proxySessionService":"Session service URL", +"proxyAuthnLevel":"Nivel de autentificación", "proxyParams":"Parámetros del proxy", +"proxySessionService":"Session service URL", "proxyUseSoap":"Utilizar SOAP en lugar de REST", "publicKey":"Clave pública", "purgeNotification":"Borrar definitivamente la notificación", "radius2f":"Segundo factor RADIUS", "radius2fActivation":"Activación", -"radius2fServer":"Nombre del servidor", -"radius2fSecret":"Secreto compartido", -"radius2fUsernameSessionKey":"Clave de sesión que contiene el login", -"radius2fTimeout":"Autentificación caducada", "radius2fAuthnLevel":"Nivel de autentificación", -"radius2fLogo":"Logotipo", "radius2fLabel":"Etiqueta", +"radius2fLogo":"Logotipo", +"radius2fSecret":"Secreto compartido", +"radius2fServer":"Nombre del servidor", +"radius2fTimeout":"Autentificación caducada", +"radius2fUsernameSessionKey":"Clave de sesión que contiene el login", "radiusAuthnLevel":"Nivel de autentificación", "radiusParams":"Parámetros RADIUS", "radiusSecret":"Secreto compartido", @@ -845,116 +855,243 @@ "remotePortal":"URL del portal", "replaceByFile":"Reemplazar por fichero", "requireToken":"Require token for forms", -"restAuthnLevel":"Nivel de autentificación", -"restAuthUrl":"URL de autentificación", -"restConfigServer":"Servidor de configuración REST", -"restServices":"REST services", -"restore":"Restaurar", -"restoreConf":"Restaurar configuración", "rest2f":"Previo", "rest2fActivation":"Activación", "rest2fAuthnLevel":"Nivel de autentificación", -"rest2fLabel":"Etiqueta", "rest2fInitArgs":"Argumentos de inicio", "rest2fInitUrl":"URL de inicio", +"rest2fLabel":"Etiqueta", "rest2fLogo":"Logotipo", "rest2fVerifyArgs":"Verificar argumentos", "rest2fVerifyUrl":"Verificar URL", +"restAuthServer":"Authentication server", +"restAuthUrl":"URL de autentificación", +"restAuthnLevel":"Nivel de autentificación", +"restClockTolerance":"Tolerancia del reloj del servidor", +"restConfigServer":"Servidor de configuración REST", "restExportSecretKeys":"Exportar atributos secretos", +"restFindUserDBUrl":"User accounts URL", "restParams":"Parámetros REST", +"restPasswordServer":"Password reset server", "restPwdConfirmUrl":"URL de confirmación de contraseña", "restPwdModifyUrl":"URL de cambio de contraseña", +"restServices":"REST services", "restSessionServer":"Servidor de sesión", -"restAuthServer":"Authentication server", -"restClockTolerance":"Tolerancia del reloj del servidor", -"restFindUserDBUrl":"User accounts URL", -"restPasswordServer":"Password reset server", "restUserDBUrl":"URL de datos de usuario", +"restore":"Restaurar", +"restoreConf":"Restaurar configuración", "returnUrl":"URL de retorno", "rp":"Relying Party", "rule":"Regla", "ruleAuthnLevel":"Nivel de autentificación requerido", "rules":"Reglas", "rulesAuthnLevel":"Niveles de autentificación requeridos", -"Same":"Igual", "sameSite":"Cookie SameSite value", -"save":"Salvar", -"saveReport":"Salvar informe", -"savingConfirmation":"Salvando confirmación", -"scope":"Ámbito", -"search":"Buscar...", -"secondFactors":"Segundos factores", -"securedCookie":"Cookie segura (SSL)", -"security":"Seguridad", -"sendTestMail":"Send test email", -"sendTestMailSuccess":"Test email successfully sent", -"serverError":"Error de servidor", -"session":"sesión", -"sessions":"Sesiones", -"session_s":"sesión(es)", -"sessionDataToRemember":"Datos de sesión a almacenar", -"sessionDeleted":"La sesión se borró", -"sessionExpired":"La sesión expiró", -"sessionParams":"Sesiones", -"sessionStartedAt":"Session started on", -"sessionStorage":"Almacenamiento de sesiones", -"sessionTitle":"Contenido de sesión", -"sfaTitle":"Autentificación de segundo factor", -"sfExtra":"Segundos factores adicionales", -"sfManagerRule":"Display Manager link", -"sfOnlyUpgrade":"Use 2FA for session upgrade", -"sfRequired":"Force 2FA registration at login", -"sfRemovedNotification":"Warn if an expired 2FA is removed", -"sfRemovedMsgRule":"Activación", -"sfRemovedUseNotif":"Usar plugin de Notificacionees", -"sfRemovedNotifMsg":"Mensaje de notificación", -"sfRemovedNotifRef":"Referencia de notificación", -"sfRemovedNotifTitle":"Título de notificación", -"sfRemovedMsg":"Display a message if an expired 2FA is removed", -"show":"Mostrar", -"showHelp":"Mostrar ayuda", -"showLanguages":"Mostrar opciones de idiomas", -"singleIP":"One IP address per user", -"singleSession":"One session per user", -"singleUserByIP":"One user per IP address", -"skipRenewConfirmation":"Saltar confirmación de reautorización", -"skipUpgradeConfirmation":"Skip upgrade confirmation", -"slaveAuthnLevel":"Nivel de autentificación", -"slaveDisplayLogo":"Mostrar logotipo de autentificación", -"slaveExportedVars":"Variables exportadas", -"slaveMasterIP":"Dirección IP maestra", -"slaveParams":"Parámetros esclavos", -"slaveUserHeader":"Cabecera para login de usuario", -"slaveHeaderName":"Nombre de cabecera de control", -"slaveHeaderContent":"Contenido de cabecera de control", -"SMTP":"SMTP", -"SMTPAuthPass":"Contraseña SMTP", -"SMTPAuthUser":"Usuario SMTP", -"SMTPPort":"Puerto SMTP", -"SMTPServer":"Servidor SMTP", -"SMTPTLS":"Protocolo SSL/TLS", -"SMTPTLSOpts":"Opciones SSL/TLS", +"saml":"SAML", +"samlAdvanced":"Advanced", +"samlAttribute":"SAML attribute", +"samlAttributeAuthorityDescriptor":"Attribute Authority", +"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlAuthnContextMap":"Authentication contexts", +"samlAuthnContextMapKerberos":"Kerberos", +"samlAuthnContextMapPassword":"Password", +"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", +"samlAuthnContextMapTLSClient":"TLS client", +"samlCommonDomainCookie":"Common Domain Cookie", +"samlCommonDomainCookieActivation":"Activación", +"samlCommonDomainCookieDomain":"Common domain", +"samlCommonDomainCookieReader":"Reader URL", +"samlCommonDomainCookieWriter":"Writer URL", +"samlDiscoveryProtocol":"Discovery Protocol", +"samlDiscoveryProtocolActivation":"Activación", +"samlDiscoveryProtocolIsPassive":"Is Passive", +"samlDiscoveryProtocolPolicy":"Policy", +"samlDiscoveryProtocolURL":"EndPoint URL", +"samlEntityID":"Entity Identifier", +"samlIDP":"SAML identity provider", +"samlIDPMetaDataExportedAttributes":"Exported attributes", +"samlIDPMetaDataNodes":"SAML Identity Providers", +"samlIDPMetaDataOptions":"Options", +"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", +"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", +"samlIDPMetaDataOptionsBinding":"Binding", +"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlIDPMetaDataOptionsCheckTime":"Check time conditions", +"samlIDPMetaDataOptionsDisplay":"Display", +"samlIDPMetaDataOptionsDisplayName":"Display name", +"samlIDPMetaDataOptionsDisplayParams":"Display", +"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlIDPMetaDataOptionsForceAuthn":"Force authentication", +"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlIDPMetaDataOptionsIcon":"Logo", +"samlIDPMetaDataOptionsIsPassive":"Passive authentication", +"samlIDPMetaDataOptionsNameIDFormat":"NameID format", +"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", +"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", +"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", +"samlIDPMetaDataOptionsSLOBinding":"SLO binding", +"samlIDPMetaDataOptionsSSOBinding":"SSO binding", +"samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSession":"Session", +"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlIDPMetaDataOptionsSignature":"Signature", +"samlIDPMetaDataOptionsSignatureMethod":"Signature method", +"samlIDPMetaDataOptionsSortNumber":"Order", +"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", +"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", +"samlIDPMetaDataXML":"Metadata", +"samlIDPName":"SAML IDP Name", +"samlIDPSSODescriptor":"Identity Provider", +"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlIDPSSODescriptorSingleLogoutService":"Single Logout", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", +"samlMetadataForceUTF8":"UTF8 metadata conversion", +"samlNameIDFormatMap":"NameID formats", +"samlNameIDFormatMapEmail":"Email", +"samlNameIDFormatMapKerberos":"Kerberos", +"samlNameIDFormatMapWindows":"Windows", +"samlNameIDFormatMapX509":"X509", +"samlOrganization":"Organization", +"samlOrganizationDisplayName":"Display Name", +"samlOrganizationName":"Name", +"samlOrganizationURL":"URL", +"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP", +"samlPartnerName":"Name of SAML partner", +"samlRelayStateTimeout":"RelayState session timeout", +"samlSP":"SAML Service Provider", +"samlSPMetaDataExportedAttributes":"Exported attributes", +"samlSPMetaDataMacros":"Macros", +"samlSPMetaDataNodes":"SAML Service Providers", +"samlSPMetaDataOptions":"Options", +"samlSPMetaDataOptionsAuthnLevel":"Authentication level", +"samlSPMetaDataOptionsAuthnResponse":"Authentication response", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", +"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", +"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", +"samlSPMetaDataOptionsOneTimeUse":"One time use", +"samlSPMetaDataOptionsRule":"Access rule", +"samlSPMetaDataOptionsSecurity":"Security", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", +"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlSPMetaDataOptionsSignature":"Signature", +"samlSPMetaDataOptionsSignatureMethod":"Signature method", +"samlSPMetaDataXML":"Metadata", +"samlSPName":"SAML Service Provider Name", +"samlSPSSODescriptor":"Service Provider", +"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", +"samlSPSSODescriptorSingleLogoutService":"Single Logout", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", +"samlServiceMetaData":"SAML2 Service", +"samlServicePrivateKeyEnc":"Private key", +"samlServicePrivateKeyEncPwd":"Private key password", +"samlServicePrivateKeySig":"Private key", +"samlServicePrivateKeySigPwd":"Private key password", +"samlServicePublicKeyEnc":"Public key", +"samlServicePublicKeySig":"Public key", +"samlServiceSecurity":"Security parameters", +"samlServiceSecurityEnc":"Encryption", +"samlServiceSecuritySig":"Signature", +"samlServiceSignatureMethod":"Signature method", +"samlServiceUseCertificateInResponse":"Use certificate in responses", +"samlStorage":"SAML sessions module name", +"samlStorageOptions":"SAML sessions module options", +"samlUseQueryStringSpecific":"Use specific query_string method", +"save":"Salvar", +"saveReport":"Salvar informe", +"savingConfirmation":"Salvando confirmación", +"scope":"Ámbito", +"search":"Buscar...", +"secondFactors":"Segundos factores", +"securedCookie":"Cookie segura (SSL)", +"security":"Seguridad", +"sendTestMail":"Send test email", +"sendTestMailSuccess":"Test email successfully sent", +"serverError":"Error de servidor", +"serverNotification":"Servidor", +"session":"sesión", +"sessionDataToRemember":"Datos de sesión a almacenar", +"sessionDeleted":"La sesión se borró", +"sessionExpired":"La sesión expiró", +"sessionParams":"Sesiones", +"sessionStartedAt":"Session started on", +"sessionStorage":"Almacenamiento de sesiones", +"sessionTitle":"Contenido de sesión", +"session_s":"sesión(es)", +"sessions":"Sesiones", +"sfExtra":"Segundos factores adicionales", +"sfManagerRule":"Display Manager link", +"sfOnlyUpgrade":"Use 2FA for session upgrade", +"sfRemovedMsg":"Display a message if an expired 2FA is removed", +"sfRemovedMsgRule":"Activación", +"sfRemovedNotifMsg":"Mensaje de notificación", +"sfRemovedNotifRef":"Referencia de notificación", +"sfRemovedNotifTitle":"Título de notificación", +"sfRemovedNotification":"Warn if an expired 2FA is removed", +"sfRemovedUseNotif":"Usar plugin de Notificacionees", +"sfRequired":"Force 2FA registration at login", +"sfaTitle":"Autentificación de segundo factor", +"show":"Mostrar", +"showHelp":"Mostrar ayuda", +"showLanguages":"Mostrar opciones de idiomas", +"singleIP":"One IP address per user", +"singleSession":"One session per user", +"singleUserByIP":"One user per IP address", +"skipRenewConfirmation":"Saltar confirmación de reautorización", +"skipUpgradeConfirmation":"Skip upgrade confirmation", +"slaveAuthnLevel":"Nivel de autentificación", +"slaveDisplayLogo":"Mostrar logotipo de autentificación", +"slaveExportedVars":"Variables exportadas", +"slaveHeaderContent":"Contenido de cabecera de control", +"slaveHeaderName":"Nombre de cabecera de control", +"slaveMasterIP":"Dirección IP maestra", +"slaveParams":"Parámetros esclavos", +"slaveUserHeader":"Cabecera para login de usuario", "soapConfigServer":"Servidor de configuración", "soapServices":"SOAP services", "soapSessionServer":"Servidor de sesión", "specialRule":"Regla especial", -"SSLAuthnLevel":"Nivel de autentificación", "sslByAjax":"Usar solicitud Ajax", "sslHost":"URL SSL Ajax", "sslParams":"Parámetros SSL", -"SSLVar":"Campo de certificado extraído", -"SSLVarIf":"Campo de certificado condicional extraído", "ssoSessions":"Sesiones SSO", "stateCheck":"Comprobación de estado", "stayConnect":"Persistent connections", "stayConnected":"Activation", "stayConnectedCookieName":"Cookie name", "stayConnectedTimeout":"Expiration time", -"successfullySaved":"Salvado con éxito", "storePassword":"Almacenar contraseña de usuario en la sesión", "string":"String", "subtitle":"Subtítulo", "successLoginNumber":"Número de login registrados", +"successfullySaved":"Salvado con éxito", "sympaHandler":"Sympa", "sympaMailKey":"Clave de sesión de correo", "sympaSecret":"Secreto compartido", @@ -970,12 +1107,12 @@ "totp2f":"TOTP", "totp2fActivation":"Activación", "totp2fAuthnLevel":"Nivel de autentificación TOTP", -"totp2fLabel":"Etiqueta", -"totp2fLogo":"Logotipo", "totp2fDigits":"Cantidad de dígitos", "totp2fDisplayExistingSecret":"Mostrar secreto existente", "totp2fInterval":"Intervalo", "totp2fIssuer":"Nombre de emisor TOTP", +"totp2fLabel":"Etiqueta", +"totp2fLogo":"Logotipo", "totp2fRange":"Rango de intentos", "totp2fSelfRegistration":"Autoregistro", "totp2fTTL":"Tiempo de vida", @@ -1004,20 +1141,20 @@ "unknownKey":"Clave desconocida", "unsecuredCookie":"Cookie insegura", "up":"Arriba", -"uploadDenied":"Carga denegada", "upgradeSession":"Actualización de sesión", +"uploadDenied":"Carga denegada", "uri":"URI", "url":"URL", "use":"Use", -"user":"Usuario", -"users":"Usuarios", -"userDB":"Módulo de usuarios", -"userdbOnly":"User DB only", -"userControl":"Username control", -"userPivot":"Login field name in user table", "useRedirectOnError":"Redirect on error", "useRedirectOnForbidden":"Redirect on forbidden", "useSafeJail":"Use Safe jail", +"user":"Usuario", +"userControl":"Username control", +"userDB":"Módulo de usuarios", +"userPivot":"Login field name in user table", +"userdbOnly":"User DB only", +"users":"Usuarios", "utotp2f":"TOTP-or-U2F", "utotp2fActivation":"Activación", "utotp2fAuthnLevel":"Nivel de autentificación", @@ -1025,10 +1162,10 @@ "utotp2fLogo":"Logo", "value":"Value", "values":"Values", -"variables":"Variables", "variableName":"Variable name", -"verifyU2FKey":"Verify U2F key", +"variables":"Variables", "verifyTOTPKey":"Verify TOTP key", +"verifyU2FKey":"Verify U2F key", "version":"Version", "vhostAccessToTrace":"Access to trace", "vhostAliases":"Aliases", @@ -1044,24 +1181,24 @@ "virtualHost":"Virtual Host", "virtualHostName":"Virtual host hostname", "virtualHosts":"Virtual Hosts", +"waitOrF5":"Wait for redirection or press F5", +"waitingForDatas":"Waiting for datas", "warning":"Warning", "warnings":"Warnings", -"waitingForDatas":"Waiting for datas", "webIDAuthnLevel":"Nivel de autentificación", "webIDExportedVars":"Exported variables", -"webidParams":"WebID parameters", "webIDWhitelist":"WebID whitelist", -"waitOrF5":"Wait for redirection or press F5", +"webidParams":"WebID parameters", "whatToTrace":"REMOTE_USER", "whiteList":"White list", "wsdlServer":"WSDL server", "yubikey2f":"Yubikey", "yubikey2fActivation":"Activación", "yubikey2fAuthnLevel":"Nivel de autentificación", -"yubikey2fLabel":"Label", -"yubikey2fLogo":"Logo", "yubikey2fClientID":"API client ID", "yubikey2fFromSessionAttribute":"Get Yubikey ID from session attribute", +"yubikey2fLabel":"Label", +"yubikey2fLogo":"Logo", "yubikey2fNonce":"Nonce", "yubikey2fPublicIDSize":"OTP public ID part size", "yubikey2fSecretKey":"API secret key", @@ -1069,143 +1206,5 @@ "yubikey2fTTL":"Lifetime", "yubikey2fUrl":"Service URL", "yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey", -"zeroConfExplanations":"Server has no configuration. Use template to save the first.", - -"saml":"SAML", -"samlAttribute":"SAML attribute", -"samlDiscoveryProtocol":"Discovery Protocol", -"samlDiscoveryProtocolActivation":"Activación", -"samlDiscoveryProtocolIsPassive":"Is Passive", -"samlDiscoveryProtocolPolicy":"Policy", -"samlDiscoveryProtocolURL":"EndPoint URL", -"samlNameIDFormatMap":"NameID formats", -"samlNameIDFormatMapEmail":"Email", -"samlNameIDFormatMapX509":"X509", -"samlNameIDFormatMapWindows":"Windows", -"samlNameIDFormatMapKerberos":"Kerberos", -"samlIDP":"SAML identity provider", -"samlIDPMetaDataNodes":"SAML Identity Providers", -"samlIDPMetaDataXML":"Metadata", -"samlIDPMetaDataExportedAttributes":"Exported attributes", -"samlIDPMetaDataOptions":"Options", -"samlIDPMetaDataOptionsNameIDFormat":"NameID format", -"samlIDPMetaDataOptionsForceAuthn":"Force authentication", -"samlIDPMetaDataOptionsIsPassive":"Passive authentication", -"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", -"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", -"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", -"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", -"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", -"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", -"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", -"samlIDPMetaDataOptionsSSOBinding":"SSO binding", -"samlIDPMetaDataOptionsSLOBinding":"SLO binding", -"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", -"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", -"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", -"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", -"samlIDPMetaDataOptionsCheckTime":"Check time conditions", -"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", -"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", -"samlIDPMetaDataOptionsSession":"Session", -"samlIDPMetaDataOptionsSignature":"Signature", -"samlIDPMetaDataOptionsSignatureMethod":"Signature method", -"samlIDPMetaDataOptionsBinding":"Binding", -"samlIDPMetaDataOptionsDisplay":"Display", -"samlIDPMetaDataOptionsDisplayName":"Display name", -"samlIDPMetaDataOptionsDisplayParams":"Display", -"samlIDPMetaDataOptionsIcon":"Logo", -"samlIDPMetaDataOptionsSecurity":"Security", -"samlIDPMetaDataOptionsSortNumber":"Order", -"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", -"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", -"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", -"samlSPMetaDataNodes":"SAML Service Providers", -"samlSPMetaDataXML":"Metadata", -"samlSPMetaDataExportedAttributes":"Exported attributes", -"samlSPMetaDataOptions":"Options", -"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", -"samlSPMetaDataOptionsOneTimeUse":"One time use", -"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", -"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", -"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", -"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", -"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", -"samlSPMetaDataOptionsAuthnResponse":"Authentication response", -"samlSPMetaDataOptionsSignature":"Signature", -"samlSPMetaDataOptionsSignatureMethod":"Signature method", -"samlSPMetaDataOptionsSecurity":"Security", -"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", -"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", -"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", -"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", -"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", -"samlSPMetaDataOptionsAuthnLevel":"Authentication level", -"samlSPMetaDataOptionsRule":"Access rule", -"samlSPMetaDataMacros":"Macros", -"samlIDPName":"SAML IDP Name", -"samlServiceMetaData":"SAML2 Service", -"samlEntityID":"Entity Identifier", -"samlOrganization":"Organization", -"samlOrganizationDisplayName":"Display Name", -"samlOrganizationName":"Name", -"samlOrganizationURL":"URL", -"samlSP":"SAML Service Provider", -"samlSPName":"SAML Service Provider Name", -"samlSPSSODescriptor":"Service Provider", -"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", -"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", -"samlSPSSODescriptorSingleLogoutService":"Single Logout", -"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", -"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", -"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", -"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", -"samlIDPSSODescriptor":"Identity Provider", -"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", -"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", -"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", -"samlIDPSSODescriptorSingleLogoutService":"Single Logout", -"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", -"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", -"samlAttributeAuthorityDescriptor":"Attribute Authority", -"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", -"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", -"samlServiceSecurity":"Security parameters", -"samlServiceSecuritySig":"Signature", -"samlServiceSecurityEnc":"Encryption", -"samlServicePrivateKeySig":"Private key", -"samlServicePrivateKeySigPwd":"Private key password", -"samlServicePublicKeySig":"Public key", -"samlServicePrivateKeyEnc":"Private key", -"samlServicePrivateKeyEncPwd":"Private key password", -"samlServicePublicKeyEnc":"Public key", -"samlServiceSignatureMethod":"Signature method", -"samlServiceUseCertificateInResponse":"Use certificate in responses", -"samlAdvanced":"Advanced", -"samlPartnerName":"Name of SAML partner", -"samlMetadataForceUTF8":"UTF8 metadata conversion", -"samlStorage":"SAML sessions module name", -"samlStorageOptions":"SAML sessions module options", -"samlAuthnContextMap":"Authentication contexts", -"samlAuthnContextMapPassword":"Password", -"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", -"samlAuthnContextMapTLSClient":"TLS client", -"samlAuthnContextMapKerberos":"Kerberos", -"samlCommonDomainCookie":"Common Domain Cookie", -"samlCommonDomainCookieActivation":"Activación", -"samlCommonDomainCookieDomain":"Common domain", -"samlCommonDomainCookieReader":"Reader URL", -"samlCommonDomainCookieWriter":"Writer URL", -"samlRelayStateTimeout":"RelayState session timeout", -"samlUseQueryStringSpecific":"Use specific query_string method", -"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" +"zeroConfExplanations":"Server has no configuration. Use template to save the first." } diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index 6c6a068de9..65e91fa841 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"Explorateur sessions 2ndFA", +"2ndFA":"Seconds Facteurs", +"ADPwdExpireWarning":"Avertissement avant expiration du mot de passe", +"ADPwdMaxAge":"Âge maximal du mot de passe", +"AuthLDAPFilter":"Filtre d'authentification", +"Configuration":"Configuration", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"Filtre par défaut", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Titre optionnel", +"SMTP":"SMTP", +"SMTPAuthPass":"Mot de passe SMTP", +"SMTPAuthUser":"Utilisateur SMTP", +"SMTPPort":"Port SMTP", +"SMTPServer":"Serveur SMTP", +"SMTPTLS":"Protocole SSL/TLS", +"SMTPTLSOpts":"Options SSL/TLS", +"SSLAuthnLevel":"Niveau d'authentification", +"SSLVar":"Champ extrait du certificat", +"SSLVarIf":"Champ conditionnel extrait du certificat", +"Same":"Identique", "_auth":"Authentification", "_authChoice":"Choix d'authentification", "_idp":"Identifiant d'entité de l'IDP", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"Tampon d'authentification ", "_lastSeen":"Tampon de dernière activité", "_loginHistory":"Historique des connexions", +"_oidc_OP":"Clef du fournisseur", "_oidc_access_token":"Jeton d'accès", "_oidc_id_token":"Jeton d'identité", -"_oidc_OP":"Clef du fournisseur", "_password":"Mot de passe", "_passwordDB":"Mot de passe", "_samlToken":" Jeton SAML ", @@ -20,42 +41,38 @@ "_startTime":"Date de création", "_timezone":"Zone horaire", "_updateTime":"Date de mise à jour", +"_url":"URL d'origine", "_user":"Identifiant", "_userDB":"Utilisateur", -"_url":"URL d'origine", "_utime":"Tampon de la session", -"2faSessions":"Explorateur sessions 2ndFA", -"2ndFA":"Seconds Facteurs", -"actives":"Actives", "activeTimer":"Délai d'acceptation automatique", +"actives":"Actives", +"adParams":"Paramètres Active Directory", "adaptativeAuthenticationLevelRules":"Règles d'authentification adaptative", "addAppCasPartner":"Ajouter une application CAS", "addIDPSamlPartner":"Ajouter un FI SAML", "addOidcAttribute":"Ajouter un attribut", "addOidcOp":"Ajouter un fournisseur OpenID Connect", "addOidcRp":"Ajouter un client OpenID Connect", -"addSamlAttribute":"Ajouter un attribut", "addSPSamlPartner":"Ajouter un FS SAML", +"addSamlAttribute":"Ajouter un attribut", "addSrvCasPartner":"Ajouter un serveur CAS", -"addU2FKey":"Ajouter une clef U2F", "addTOTPKey":"Ajouter une clef TOTP", +"addU2FKey":"Ajouter une clef U2F", "addVhost":"Ajouter un hôte virtuel", -"adParams":"Paramètres Active Directory", -"ADPwdExpireWarning":"Avertissement avant expiration du mot de passe", -"ADPwdMaxAge":"Âge maximal du mot de passe", "advancedParams":"Paramètres avancés", "allowedMarkups":"Balises autorisées :", "always":"Toujours", -"apacheParams":"Paramètres Apache", "apacheAuthnLevel":"Niveau d'authentification", +"apacheParams":"Paramètres Apache", "application":"Application", "applicationDisplay":"Affichage de l'application", "applicationList":"Catégories et applications", "applyResult":"Résultat de l'application", "appsInThisCat":"Applications dans cette catégorie", "array":"Tableau", -"attributesAndMacros":"Attributs et Macros", "attributeName":"Nom de l'attribut", +"attributesAndMacros":"Attributs et Macros", "authAndUserdb":"Authent. et BD utilisateurs", "authChain":"Chaîne d'authentification", "authChoice":"Choix d'authentification", @@ -63,16 +80,15 @@ "authChoiceFindUser":"Paramètre de recherche de compte", "authChoiceModules":"Modules autorisés", "authChoiceParam":"Paramètre de l'URL", +"authOnly":"Authentification seulement", +"authParams":"Paramètres d'authentification", "authentication":"Module d'authentification", -"authenticationNeeded":"Authentification exigée", "authenticationLevel":"Niveau d'authentification", +"authenticationNeeded":"Authentification exigée", "authenticationTitle":"Authentification", -"AuthLDAPFilter":"Filtre d'authentification", -"authOnly":"Authentification seulement", "author":"Auteur", "authorIPAddress":"Adresse IP de l'auteur", "authorizedValues":"Valeurs autorisées", -"authParams":"Paramètres d'authentification", "auto":"Automatique", "autoSignin":"Connexion automatique", "autoSigninRules":"Règles", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Expression contenant une affectation. Vous pouvez utliser \\x3D pour éviter cet avertissement.", "badHeaderName":"Mauvais nom d'en-tête", "badHostname":"Mauvais nom d'hôte", -"badLdapUri":"Mauvaise URI LDAP", -"badKeyName":"Mauvais nom de clef", "badIPv4Address":"Mauvaise adresse IPv4", +"badKeyName":"Mauvais nom de clef", +"badLdapUri":"Mauvaise URI LDAP", "badMacroName":"Mauvais nom de macro", "badMetadataName":"Mauvais nom de métadonnée", "badPemEncoding":"Encodage PEM incorrect", @@ -102,19 +118,19 @@ "badValue":"Mauvaise valeur", "badVariableName":"Mauvais nom de variable", "blackList":"Liste noire", -"browse":"Naviguer", "bool":"Booléen", -"browsersDontStorePassword":"Interdire aux navigateurs de sauvegarder le mot de passe", +"browse":"Naviguer", +"browseTree":"Parcourir l'arbre", "browserIdAuthnLevel":"Niveau d'authentification", "browserIdAutoLogin":"Authentification automatique", "browserIdBackgroundColor":"Couleur d'arrière plan", -"browseridParams":"Paramètres BrowserID", "browserIdSiteLogo":"Logo du site", "browserIdSiteName":"Nom du site", "browserIdVerificationURL":"Adresse de vérification", -"browseTree":"Parcourir l'arbre", -"bruteForceProtection":"Activation", +"browseridParams":"Paramètres BrowserID", +"browsersDontStorePassword":"Interdire aux navigateurs de sauvegarder le mot de passe", "bruteForceAttackProtection":"Protection contre les attaques par force brute", +"bruteForceProtection":"Activation", "bruteForceProtectionIncrementalTempo":"Verrouillage incrémentiel", "bruteForceProtectionLockTimes":"Temps de verrouillage incrémentiel", "bruteForceProtectionMaxFailed":"Nombre d'échecs de connexion autorisés", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"Activation dans le formulaire de réinitialisation par mail", "captcha_register_enabled":"Activation dans le formulaire de création de compte", "captcha_size":"Taille", -"casAuthnLevel":"Niveau d'authentification", "casAccessControlPolicy":"Politique de contrôle d'accès", "casApp":"Application CAS", "casAppMetaDataExportedVars":"Attributs exportés", +"casAppMetaDataMacros":"Macros", "casAppMetaDataNodes":"Applications CAS", "casAppMetaDataOptions":"Options", -"casAppMetaDataOptionsService":"URL du service", "casAppMetaDataOptionsAuthnLevel":"Niveau d'authentification", "casAppMetaDataOptionsRule":"Règle", -"casAppMetaDataMacros":"Macros", +"casAppMetaDataOptionsService":"URL du service", "casAppMetaDataOptionsUserAttribute":"Attribut de l'utilisateur", "casAppName":"Nom de l'application CAS", "casAttr":"Identifiant CAS", "casAttributes":"Attributs CAS", +"casAuthnLevel":"Niveau d'authentification", "casParams":"Paramètres CAS", "casServiceMetadata":"Service CAS", "casSrv":"Serveur CAS", "casSrvMetaDataExportedVars":"Attributs exportés", +"casSrvMetaDataNodes":"Serveurs CAS", "casSrvMetaDataOptions":"Options", "casSrvMetaDataOptionsDisplay":"Affichage", "casSrvMetaDataOptionsDisplayName":"Nom à afficher", "casSrvMetaDataOptionsGateway":"Authentification transparente", "casSrvMetaDataOptionsIcon":"Chemin de l'icône", -"casSrvMetaDataOptionsSortNumber":"Ordre", -"casSrvMetaDataOptionsRenew":"Renouveler l'authentification", "casSrvMetaDataOptionsProxiedServices":"Services mandatés", +"casSrvMetaDataOptionsRenew":"Renouveler l'authentification", +"casSrvMetaDataOptionsSortNumber":"Ordre", "casSrvMetaDataOptionsUrl":"URL du serveur", -"casSrvMetaDataNodes":"Serveurs CAS", "casSrvName":"Nom du serveur CAS", "casStorage":"Nom du module des sessions CAS", "casStorageOptions":"Options du module des sessions CAS", "categoryName":"Nom de la catégorie", "cda":"Domaines multiples", "certificateMailContent":"Contenu du mail", -"certificateResetByMailManagement":"Gestion des certificats", -"certificateResetByMailURL":"URL de la page de réinitialisation", "certificateResetByMailCeaAttribute":"Attribut pour le Certificate Exact Assertion", "certificateResetByMailCertificateAttribute":"Attribut pour le contenu binaire du certificat", -"certificateResetByMailStep1Subject":"Sujet du message de réinitialisation", +"certificateResetByMailManagement":"Gestion des certificats", "certificateResetByMailStep1Body":"Contenu du message de réinitialisation", -"certificateResetByMailStep2Subject":"Sujet du message de confirmation", +"certificateResetByMailStep1Subject":"Sujet du message de réinitialisation", "certificateResetByMailStep2Body":"Contenu du message de confirmation", +"certificateResetByMailStep2Subject":"Sujet du message de confirmation", +"certificateResetByMailURL":"URL de la page de réinitialisation", "certificateResetByMailValidityDelay":"Durée minimun avant expiration", -"contentSecurityPolicy":"Politique de sécurité de contenu", -"contextSwitching":"Endossement d'identité", -"contextSwitchingAllowed2fModifications":"Autoriser les modifications des SF", -"contextSwitchingHiddenAttributes":"Attributs masqués", -"contextSwitchingIdRule":"Règle d'utilisation des identités", -"contextSwitchingRule":"Règle d'utilisation", -"contextSwitchingStopWithLogout":"Arrêt par déconnexion", -"contextSwitchingUnrestrictedUsersRule":"Règle des utilisateurs non restreints", -"cspConnect":"Destinations des requêtes AJAX", -"cspDefault":"Valeur par défaut", -"cspFont":"Sources des polices", -"cspFormAction":"Destinations des formulaires", -"cspFrameAncestors":"URL parentes des iFrames", -"cspImg":"Sources des images", -"cspScript":"Sources des scripts", -"cspStyle":"Sources des styles", -"crossOrigineResourceSharing":"Partage des ressources entre origines multiples", -"corsEnabled":"Activation", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Résumé", "cfgVersion":"Version de la configuration", -"checkXSS":"Contrôler les attaques XSS", -"clickHereToForce":"Cliquer ici pour forcer", -"claimName":"Nom de la revendication", -"checkboxes":"Cases à cocher", "checkDevOps":"Activation", "checkDevOpsDownload":"Télécharger un fichier", "checkState":"Activation", "checkStateSecret":"Secret partagé", -"checkUsers":"Vérification des profils SSO", "checkUser":"Activation", "checkUserDisplay":"Afficher", -"checkUserIdRule":"Règle d'utilisation des identités", -"checkUserHiddenAttributes":"Attributs masqués", -"checkUserUnrestrictedUsersRule":"Règle des utilisateurs non restreints", "checkUserDisplayComputedSession":"Sessions évaluées", -"checkUserDisplayPersistentInfo":"Données de session persistante", "checkUserDisplayEmptyHeaders":"Entêtes nuls", "checkUserDisplayEmptyValues":"Valeurs nulles", "checkUserDisplayNormalizedHeaders":"Entêtes normalisés", +"checkUserDisplayPersistentInfo":"Données de session persistante", +"checkUserHiddenAttributes":"Attributs masqués", "checkUserHiddenHeaders":"Entêtes masqués", +"checkUserIdRule":"Règle d'utilisation des identités", "checkUserSearchAttributes":"Attributs utilisés pour rechercher les sessions", +"checkUserUnrestrictedUsersRule":"Règle des utilisateurs non restreints", +"checkUsers":"Vérification des profils SSO", +"checkXSS":"Contrôler les attaques XSS", +"checkboxes":"Cases à cocher", "choiceParams":"Paramètres des choix", "chooseLogo":"Choisir le logo", "chooseSkin":"Choisir le thème", +"claimName":"Nom de la revendication", +"clickHereToForce":"Cliquer ici pour forcer", +"combModules":"Liste des modules", "combination":"Combinaison", "combinationParams":"Paramètres de combinaison", "combineMods":"Combinaison de modules", -"combModules":"Liste des modules", "comment":"Commentaire", "comments":"Commentaires", +"compactConf":"Compacter le fichier de configuration", "condition":"Condition", "conf":"Configuration", -"Configuration":"Configuration", -"confirmFormMethod":"Méthode du formulaire de confirmation", "confModuledeprecated":"Ce module est obsolète, indiquez «forceUpload=1» dans le fichier lemonldap-ng.ini pour l'utiliser", "confNotChanged":"Aucun changement détecté, sauvegarde abandonnée", "confSaved":"Configuration sauvegardée", "confWasChanged":"Configuration modifiée entre-temps", +"confirmFormMethod":"Méthode du formulaire de confirmation", "connectionTitle":"Connexion", "content":"Contenu", +"contentSecurityPolicy":"Politique de sécurité de contenu", +"contextSwitching":"Endossement d'identité", +"contextSwitchingAllowed2fModifications":"Autoriser les modifications des SF", +"contextSwitchingHiddenAttributes":"Attributs masqués", +"contextSwitchingIdRule":"Règle d'utilisation des identités", +"contextSwitchingRule":"Règle d'utilisation", +"contextSwitchingStopWithLogout":"Arrêt par déconnexion", +"contextSwitchingUnrestrictedUsersRule":"Règle des utilisateurs non restreints", "cookieExpiration":"Durée de vie du cookie", "cookieName":"Nom du cookie", "cookieParams":"Cookies", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"Activation", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"Créer", +"crossOrigineResourceSharing":"Partage des ressources entre origines multiples", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"Clef de l'API", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"URL de base de l'API locale", +"cspConnect":"Destinations des requêtes AJAX", +"cspDefault":"Valeur par défaut", +"cspFont":"Sources des polices", +"cspFormAction":"Destinations des formulaires", +"cspFrameAncestors":"URL parentes des iFrames", +"cspImg":"Sources des images", +"cspScript":"Sources des scripts", +"cspStyle":"Sources des styles", "currentConfiguration":"Configuration actuelle", "customAddParams":"Paramètres additionnels", "customAuth":"Module d'authentification personnalisé", @@ -257,21 +272,23 @@ "customResetCertByMail":"Module de réinitialisation des certificats personalisé", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"Module BD utilisateurs personnalisé", +"databaseLocked":"Base de donnée verrouillée par un autre processus", "date":"Date", +"dateTitle":"Dates", "dbiAuthChain":"Chaîne", "dbiAuthLoginCol":"Champ identifiant", -"dbiAuthnLevel":"Niveau d'authentification", "dbiAuthPassword":"Mot de passe", "dbiAuthPasswordCol":"Champ mot de passe", "dbiAuthPasswordHash":"Schéma de hachage", -"dbiDynamicHash":"Hashage dynamique", -"dbiDynamicHashEnabled":"Activation des hashes dynamiques", -"dbiDynamicHashValidSchemes":"Schémas non salés supportés", -"dbiDynamicHashValidSaltedSchemes":"Schémas salés supportés", -"dbiDynamicHashNewPasswordScheme":"Schéma de hashage dynamique pour la création de mots de passe", "dbiAuthTable":"Table authentification", "dbiAuthUser":"Utilisateur", +"dbiAuthnLevel":"Niveau d'authentification", "dbiConnection":"Connexion", +"dbiDynamicHash":"Hashage dynamique", +"dbiDynamicHashEnabled":"Activation des hashes dynamiques", +"dbiDynamicHashNewPasswordScheme":"Schéma de hashage dynamique pour la création de mots de passe", +"dbiDynamicHashValidSaltedSchemes":"Schémas salés supportés", +"dbiDynamicHashValidSchemes":"Schémas non salés supportés", "dbiExportedVars":"Variables exportées", "dbiParams":"Paramètres DBI", "dbiPassword":"Mot de passe", @@ -283,31 +300,29 @@ "decryptValueRule":"Règle d'utilisation", "default":"Défaut", "defaultRule":"Règle par défaut", -"demoModeOn":"Ce manager fonctionne en mode Demo", "deleteEntry":"Supprimer", "deleteNotification":"Effacer", "deleteSession":"Effacer la session", -"deleteU2FKey":"Supprimer la clef U2F", "deleteTOTPKey":"Supprimer la clef TOTP", +"deleteU2FKey":"Supprimer la clef U2F", "demoExportedVars":"Variables exportées", +"demoModeOn":"Ce manager fonctionne en mode Demo", "demoParams":"Paramètres démonstration", "description":"Description", "dest":"Destinataire", "devOpsCheck":"Vérification des fichiers DevOps", "diffViewer":"Visualisateur de différence", "diffWithPrevious":"différence avec la précédente", +"disablePersistentStorage":"Désactiver le stockage", "disabled":"Désactivé", "displaySessionId":"Afficher l'identifiant de session", +"dn":"DN", +"domain":"Domaine", "done":"validée", "dones":"Validées", -"down":"Descendre", "doubleCookie":"Double cookie (HTTP et HTTPS)", "doubleCookieForSingleSession":"Double cookie pour une seule session", -"databaseLocked":"Base de donnée verrouillée par un autre processus", -"dateTitle":"Dates", -"dn":"DN", -"domain":"Domaine", -"compactConf":"Compacter le fichier de configuration", +"down":"Descendre", "download":"Télécharger", "downloadIt":"Télécharger", "duplicate":"Dupliquer", @@ -316,21 +331,20 @@ "emptyConf":"Configuration vide", "emptyValueNotAllowed":"Valeur nulle non accordé", "enabled":"Activé", -"disablePersistentStorage":"Désactiver le stockage", "enterPassword":"Entrer le mot de passe (optionnel)", "error":"Erreur", "errors":"ERREURS", "exportedAttr":"Attributs exportés par le portail (SOAP/REST)", "exportedHeaders":"En-têtes exportés", "exportedVars":"Attributs à exporter", +"ext2FSendCommand":"Commande pour l'envoi", +"ext2FValidateCommand":"Commande pour la validation", "ext2f":"Second facteur externe", "ext2fActivation":"Activation", -"ext2fCodeActivation":"Expression régulière pour la génération du code", "ext2fAuthnLevel":"Niveau de l'authentification", +"ext2fCodeActivation":"Expression régulière pour la génération du code", "ext2fLabel":"Label", "ext2fLogo":"Logo", -"ext2FSendCommand":"Commande pour l'envoi", -"ext2FValidateCommand":"Commande pour la validation", "facebookAppId":"ID de l'application Facebook", "facebookAppSecret":"Secret de l'application Facebook", "facebookAuthnLevel":"Niveau d'authentification", @@ -340,16 +354,16 @@ "failedLoginNumber":"Nombre d'échecs de connexion mémorisés", "fileToUpload":"Fichier à télécharger", "findUser":"Activation", -"findUsers":"Recherche de compte", "findUserControl":"Contrôle des paramètres", "findUserExcludingAttributes":"Attributs d'exclusion", "findUserSearchingAttributes":"Attributs de recherche", "findUserWildcard":"Caractère utilisé comme joker", +"findUsers":"Recherche de compte", "forbidden":"Vous n'êtes pas autorisé à visualiser cette page", "forceSave":"Forcer la sauvegarde", -"format":"Format", "formReplay":"Rejeu de formulaires", "formTimeout":"Délai de validation pour les formulaires", +"format":"Format", "forms":"Formulaires", "friendlyName":"Nom alternatif", "generalParameters":"Paramètres généraux", @@ -371,72 +385,73 @@ "grantSessionRules":"Conditions d'ouverture", "groups":"Groupes", "groupsBeforeMacros":"Calculer les groupes avant les macros", +"hGroups":"Groupes (HashRef)", "hashkey":"Clef", "headers":"En-têtes HTTP", -"hGroups":"Groupes (HashRef)", -"hostname":"Nom d'hôte", "hiddenAttributes":"Attributs masqués", "hide":"Masquer", "hideHelp":"Masquer l'aide", "hideOldPassword":"Masquer l'ancien mot de passe", "hideTree":"Masquer l'arbre", +"hostname":"Nom d'hôte", "httpOnly":"Protection contre javascript", "https":"HTTPS", "impersonation":"Simulation d'identité", -"impersonationRule":"Règle d'utilisation", -"impersonationIdRule":"Règle d'utilisation des identités", "impersonationHiddenAttributes":"Attributs masqués", +"impersonationIdRule":"Règle d'utilisation des identités", "impersonationMergeSSOgroups":"Fusionner les groupes SSO réels et usurpés", +"impersonationRule":"Règle d'utilisation", "impersonationSkipEmptyValues":"Ignorer les valeurs nulles", "impersonationUnrestrictedUsersRule":"Règle des utilisateurs non restreints", "incompleteForm":"Des champs requis sont manquants", "index":"Index", "infoFormMethod":"Méthode du formulaire d'information", -"invalidSessionData":"Donnée de session invalide", +"instance":"Instance", "int":"Entier", "internalReference":"Référence interne ", +"invalidSessionData":"Donnée de session invalide", "ipAddr":"Adresse IP", "ipAddresses":"Adresses IP", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Activation", +"issuerDBCASOptions":"Options", +"issuerDBCASPath":"Chemin", +"issuerDBCASRule":"Règle d'utilisation", "issuerDBGet":"GET", "issuerDBGetActivation":"Activation", "issuerDBGetParameters":"Paramètres GET", "issuerDBGetPath":"Chemin", "issuerDBGetRule":"Règle d'utilisation", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"Activation", -"issuerDBSAMLPath":"Chemin", -"issuerDBSAMLRule":"Règle d'utilisation", -"issuerDBCAS":"CAS", -"issuerDBCASActivation":"Activation", -"issuerDBCASPath":"Chemin", -"issuerDBCASRule":"Règle d'utilisation", -"issuerDBCASOptions":"Options", "issuerDBOpenID":"OpenID", "issuerDBOpenIDActivation":"Activation", -"issuerDBOpenIDPath":"Chemin", -"issuerDBOpenIDRule":"Règle d'utilisation", -"issuerDBOpenIDOptions":"Options", "issuerDBOpenIDConnect":"OpenID Connect", "issuerDBOpenIDConnectActivation":"Activation", "issuerDBOpenIDConnectPath":"Chemin", "issuerDBOpenIDConnectRule":"Règle d'utilisation", +"issuerDBOpenIDOptions":"Options", +"issuerDBOpenIDPath":"Chemin", +"issuerDBOpenIDRule":"Règle d'utilisation", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Activation", +"issuerDBSAMLPath":"Chemin", +"issuerDBSAMLRule":"Règle d'utilisation", "issuerOptions":"Options", "issuerParams":"Modules fournisseur", "issuersTimeout":"Délai de validation pour les fournisseurs", -"jsRedirect":"Message de redirection", "jqueryButtonSelector":"Sélecteur jQuery du bouton (optionnel)", "jqueryFormSelector":"Sélecteur jQuery du formulaire (optionnel)", "jqueryUrl":"URL jQuery (optionnel)", +"jsRedirect":"Message de redirection", +"kerberosParams":"Paramètres Kerberos", "key":"Clef de chiffrement", -"keys":"Clefs", -"keyname":"Nom de clef", "keyPassword":"Mot de passe de la clef", +"keyname":"Nom de clef", +"keys":"Clefs", +"krbAllowedDomains":"Domaines autorisés", "krbAuthnLevel":"Niveau d'authentification Kerberos", "krbByJs":"Utilise une requête Ajax", "krbKeytab":"Fichier keytab", "krbRemoveDomain":"Supprimer le domaine du nom d'utilisateur", -"krbAllowedDomains":"Domaines autorisés", -"kerberosParams":"Paramètres Kerberos", "label":"Label", "languages":"Langues", "latest":"Dernière", @@ -444,13 +459,12 @@ "ldapAllowResetExpiredPassword":"Autoriser le changement de mot de passe expiré", "ldapAuthnLevel":"Niveau d'authentification", "ldapBase":"Base de recherche des utilisateurs", -"ldapCAFile": "Autorité de certification (fichier)", -"ldapCAPath": "Autorité de certification (répertoire)", +"ldapCAFile":"Autorité de certification (fichier)", +"ldapCAPath":"Autorité de certification (répertoire)", "ldapChangePasswordAsUser":"Changement en tant qu'utilisateur", "ldapConnection":"Connexion", "ldapExportedVars":"Variables exportées", "ldapFilters":"Filtres", -"LDAPFilter":"Filtre par défaut", "ldapGetUserBeforePasswordChange":"Rechercher l'utilisateur avant le changement de mot de passe", "ldapGroupAttributeName":"Attribut cible", "ldapGroupAttributeNameGroup":"Attribut source groupe", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"Classe d'objet", "ldapGroupRecursive":"Récursif", "ldapGroups":"Groupes", +"ldapIOTimeout":"Délai maximum d'opération", "ldapITDS":"Support IBM Tivoli DS", "ldapParams":"Paramètres LDAP", "ldapPassword":"Mot de passe", "ldapPasswordResetAttribute":"Attribut de réinitialisation", "ldapPasswordResetAttributeValue":"Valeur de réinitialisation", -"ldapPpolicyControl":"Contrôle password policy", "ldapPort":"Port", +"ldapPpolicyControl":"Contrôle password policy", "ldapPwdEnc":"Encodage des mots de passe LDAP", "ldapRaw":"Attributs binaires", "ldapSearchDeref":"Déréférence des alias", "ldapServer":"Hôte", "ldapSetPassword":"Opération étendue password modify", "ldapTimeout":"Délai maximum de connexion", -"ldapIOTimeout": "Délai maximum d'opération", "ldapUsePasswordResetAttribute":"Utiliser l'attribut de réinitialisation", "ldapVerify":"Vérifier le certificat du serveur LDAP", "ldapVersion":"Version", @@ -483,36 +497,35 @@ "linkedInClientID":"Identifiant", "linkedInClientSecret":"Mot de passe", "linkedInFields":"Champs recherchés", -"linkedinParams":"Paramètres LinkedIn", "linkedInScope":"Scope", "linkedInUserField":"Champ contenant l'identifiant de l'utilisateur", +"linkedinParams":"Paramètres LinkedIn", "load":"Charger", -"loadedConfiguration":"Configuration chargée", "loadFromUrl":"Charger depuis une URL", +"loadedConfiguration":"Configuration chargée", "localSessionStorage":"Module de cache", "localSessionStorageOptions":"Paramètres du module de cache", "locationRules":"Règles d'accès", +"logParams":"Journalisation", "loginHistory":"Historique des connexions", "loginHistoryEnabled":"Activation", "logo":"Logo", "logout":"Déconnexion", "logoutServices":"Transfert de la déconnexion", -"logParams":"Journalisation", "lwpOpts":"Options pour les requêtes serveur", "lwpSslOpts":"Options SSL pour les requêtes serveur", -"instance":"Instance", "macros":"Macros", "mail2f":"Second facteur par mail", "mail2fActivation":"Activation", -"mail2fCodeRegex":"Expression régulière pour la génération du code", -"mail2fTimeout":"Délai d'expiration du code", -"mail2fSubject":"Sujet du message d'envoi du code", -"mail2fBody":"Contenu du message d'envoi du code", "mail2fAuthnLevel":"Niveau de l'authentification", +"mail2fBody":"Contenu du message d'envoi du code", +"mail2fCodeRegex":"Expression régulière pour la génération du code", "mail2fLabel":"Label", "mail2fLogo":"Logo", "mail2fSessionKey":"Clef de session contenant l'adresse email", -"mailBody":"Contenu du message de succès", +"mail2fSubject":"Sujet du message d'envoi du code", +"mail2fTimeout":"Délai d'expiration du code", +"mailBody":"Contenu du message de succès", "mailCharset":"Charset", "mailConfirmBody":"Contenu du message de confirmation", "mailConfirmSubject":"Sujet du message de confirmation", @@ -535,22 +548,22 @@ "markAsDone":"Marquer comme validée", "memberOfSSOGroups":"Membre des groupes SSO", "menu":"Menu", +"menuCategory":"Catégorie du menu", "message":"Message", "messages":"Messages", -"menuCategory":"Catégorie du menu", "modulesTitle":"Modules utilisés", "multiIp":"Multiples IP", -"multipleSessions":"Sessions multiples", "multiValuesSeparator":"Séparateur", +"multipleSessions":"Sessions multiples", "name":"Nom", "needConfirmation":"Une nouvelle configuration est disponible. Pour sauvegarder celle-ci, cocher la case à côté du bouton 'sauver'", "networkProblem":"Problème de réseau", "never":"Jamais", "newApp":"Nouvelle application", -"newChain":"Nouvelle chaîne", "newCat":"Nouvelle catégorie", "newCertificate":"Nouveau certificat", "newCfgAvailable":"Une nouvelle configuration est disponible", +"newChain":"Nouvelle chaîne", "newCmbMod":"Nouveau module", "newCmbOver":"Nouveau paramètre", "newEntry":"Nouvelle entrée", @@ -560,41 +573,40 @@ "newPostVar":"Nouvelle variable", "newRSAKey":"Nouvelles clefs", "newRule":"Nouvelle règle", -"newSfOver":"Nouveau paramètre", "newSfExtra":"Nouveau second facteur", +"newSfOver":"Nouveau paramètre", "newValue":"Nouvelle valeur", "next":"Suivante", "nginxCustomHandlers":"Handlers Nginx personnalisés", "noAjaxHook":"Conserver les redirections pour Ajax", "noData":"Aucune donnée à afficher", "notABoolean":"Pas un booléen", -"notAnInteger":"Pas un nombre entier", "notAValidPerlExpression":"Pas une expression Perl valide", +"notAnInteger":"Pas un nombre entier", "notification":"Activation", -"notifications":"Notifications", -"notification_s":"notification(s)", -"notificationDefaultCond":"Condition par défaut", -"notificationServer":"Serveur de notifications", -"notificationServerDELETE":"Méthode DELETE", -"notificationServerGET":"Méthode GET", -"notificationServerMethods":"Méthodes HTTP", -"notificationServerPOST":"Méthode POST", -"notificationServerSentAttributes":"Paramètres de notification à transmettre", -"serverNotification":"Serveur", "notificationCreated":"La notification a été créée", +"notificationDefaultCond":"Condition par défaut", "notificationDeleted":"La notification a été marquée comme lue", "notificationDone":"Notification validée", -"notificationsDone":"Notifications validées", -"notificationsExplorer":"Explorateur", "notificationNotCreated":"La notification n'a pas été créée", "notificationNotDeleted":"La notification n'a pas été marquée comme lue", "notificationNotFound":"La notification n'a pas été trouvée", "notificationNotPurged":"La notification n'a pas été définitivement supprimée", "notificationPurged":"La notification a été définitivement supprimée", +"notificationServer":"Serveur de notifications", +"notificationServerDELETE":"Méthode DELETE", +"notificationServerGET":"Méthode GET", +"notificationServerMethods":"Méthodes HTTP", +"notificationServerPOST":"Méthode POST", +"notificationServerSentAttributes":"Paramètres de notification à transmettre", "notificationStorage":"Module de stockage", "notificationStorageOptions":"Paramètres du module de stockage", "notificationWildcard":"Identifiant pour tous les utilisateurs", "notificationXSLTfile":"Fichier XSLT personnalisé", +"notification_s":"notification(s)", +"notifications":"Notifications", +"notificationsDone":"Notifications validées", +"notificationsExplorer":"Explorateur", "notifyDeleted":"Affiche les sessions effacées", "notifyOther":"Affiche les autres sessions", "nullAuthnLevel":"Niveau d'authentification", @@ -602,8 +614,6 @@ "number":"Numéro", "off":"Désactivé", "offlineSessions":"Sessions hors ligne", -"oldValue":"Ancienne valeur", -"on":"Activé", "oidcAttribute":"Attribut OIDC", "oidcAuthnLevel":"Niveau d'authentification", "oidcConsents":"Consentements OpenID Connect", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"Metadonnées", "oidcOPMetaDataJWKS":"Données JWKS", "oidcOPMetaDataNode":"Fournisseurs OpenID Connect", +"oidcOPMetaDataNodes":"Fournisseurs OpenID Connect", "oidcOPMetaDataOptions":"Options", -"oidcRPMetaDataOptionsBasic":"Basiques", -"oidcRPMetaDataOptionsAdvanced":"Avancées", -"oidcRPMetaDataOptionsAdditionalAudiences":"Audiences supplémentaires", -"oidcRPMetaDataOptionsTimeouts":"Expiration", -"oidcRPMetaDataOptionsAllowOffline":"Autoriser l'accès hors ligne", +"oidcOPMetaDataOptionsAcrValues":"Valeurs ACR", "oidcOPMetaDataOptionsCheckJWTSignature":"Vérifier la signature des jetons", "oidcOPMetaDataOptionsClientID":"ID client", "oidcOPMetaDataOptionsClientSecret":"Secret client", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"Affichage", "oidcOPMetaDataOptionsDisplayName":"Nom d'affichage", "oidcOPMetaDataOptionsDisplayParams":"Affichage", +"oidcOPMetaDataOptionsIDTokenMaxAge":"Âge maximum du jeton ID", "oidcOPMetaDataOptionsIcon":"Logo", -"oidcOPMetaDataOptionsSortNumber":"Ordre", "oidcOPMetaDataOptionsJWKSTimeout":"Durée de vie des données JWKS", -"oidcRPMetaDataOptionsLogoutSessionRequired":"Session requise", -"oidcRPMetaDataOptionsLogoutType":"Type", -"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsMaxAge":"Âge maximum", +"oidcOPMetaDataOptionsPrompt":"Interaction", "oidcOPMetaDataOptionsProtocol":"Protocole", -"oidcRPMetaDataOptionsPublic":"Client public", -"oidcRPMetaDataOptionsRequirePKCE":"PKCE requis", -"oidcRPMetaDataOptionsAuthnLevel":"Niveau d'authentification", -"oidcRPMetaDataOptionsRule":"Règle d'accès", -"oidcRPMetaDataMacros":"Macros", -"oidcRPMetaDataScopeRules":"Règles de scope", "oidcOPMetaDataOptionsScope":"Scope", +"oidcOPMetaDataOptionsSortNumber":"Ordre", "oidcOPMetaDataOptionsStoreIDToken":"Conserver le jeton d'identité", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Méthode d'authentification pour l'accès aux jetons", +"oidcOPMetaDataOptionsUiLocales":"UI locales", +"oidcOPMetaDataOptionsUseNonce":"Utilisation du nonce", "oidcOPName":"Nom du fournisseur OpenID Connect", "oidcParams":"Paramètres OpenID Connect", "oidcRP":"Client OpenID Connect", "oidcRPCallbackGetParam":"Paramètre GET callback", "oidcRPMetaDataExportedVars":"Attributs exportés", +"oidcRPMetaDataMacros":"Macros", "oidcRPMetaDataNode":"Clients OpenID Connect", +"oidcRPMetaDataNodes":"Clients OpenID Connect", "oidcRPMetaDataOptions":"Options", +"oidcRPMetaDataOptionsAccessTokenClaims":"Publier les attributs dans l'Access Token", "oidcRPMetaDataOptionsAccessTokenExpiration":"Expiration des jetons d'accès", "oidcRPMetaDataOptionsAccessTokenJWT":"Format JWT pour les jetons d'accès", -"oidcRPMetaDataOptionsAccessTokenClaims":"Publier les attributs dans l'Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Algorithme de signature des Access Token", +"oidcRPMetaDataOptionsAdditionalAudiences":"Audiences supplémentaires", +"oidcRPMetaDataOptionsAdvanced":"Avancées", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Autoriser le Client Credentials Grant OAuth2.0", +"oidcRPMetaDataOptionsAllowOffline":"Autoriser l'accès hors ligne", "oidcRPMetaDataOptionsAllowPasswordGrant":"Autoriser le Password Grant OAuth2.0", +"oidcRPMetaDataOptionsAuthnLevel":"Niveau d'authentification", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Expiration des codes d'autorisation", +"oidcRPMetaDataOptionsBasic":"Basiques", "oidcRPMetaDataOptionsBypassConsent":"Contourner le consentement", "oidcRPMetaDataOptionsClientID":"ID client", "oidcRPMetaDataOptionsClientSecret":"Secret client", "oidcRPMetaDataOptionsDisplay":"Affichage", "oidcRPMetaDataOptionsDisplayName":"Nom d'affichage", -"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsExtraClaims":"Déclarations (scopes/claims)", "oidcRPMetaDataOptionsIDTokenExpiration":"Expiration des jetons d'identité", -"oidcRPMetaDataOptionsIDTokenSignAlg":"Algorithme de signature des jetons d'identité", "oidcRPMetaDataOptionsIDTokenForceClaims":"Forcer la publication des attributs dans l'ID Token", +"oidcRPMetaDataOptionsIDTokenSignAlg":"Algorithme de signature des jetons d'identité", +"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Session requise", +"oidcRPMetaDataOptionsLogoutType":"Type", +"oidcRPMetaDataOptionsLogoutUrl":"URL", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Expiration des sessions hors-ligne", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Adresses de redirection autorisées pour la déconnexion", +"oidcRPMetaDataOptionsPublic":"Client public", +"oidcRPMetaDataOptionsRedirectUris":"Adresses de redirection autorisées pour la connexion", "oidcRPMetaDataOptionsRefreshToken":"Utiliser les refresh tokens", +"oidcRPMetaDataOptionsRequirePKCE":"PKCE requis", +"oidcRPMetaDataOptionsRule":"Règle d'accès", +"oidcRPMetaDataOptionsTimeouts":"Expiration", "oidcRPMetaDataOptionsUserIDAttr":"Attribut de l'utilisateur", +"oidcRPMetaDataScopeRules":"Règles de scope", "oidcRPName":"Nom du client OpenID Connect", "oidcRPStateTimeout":"Durée d'une session state", +"oidcServiceAccessTokenExpiration":"Expiration des jetons d'accès", +"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", +"oidcServiceAllowDynamicRegistration":"Enregistrement dynamique", +"oidcServiceAllowHybridFlow":"Hybrid Flow", +"oidcServiceAllowImplicitFlow":"Implicit Flow", +"oidcServiceAllowOffline":"Autoriser l'accès hors ligne", +"oidcServiceAuthorizationCodeExpiration":"Expiration des codes d'autorisation", +"oidcServiceDynamicRegistrationExportedVars":"Variables exportées pour l'enregistrement dynamique", +"oidcServiceDynamicRegistrationExtraClaims":"Claims supplémentaires pour l'enregistrement dynamique", +"oidcServiceIDTokenExpiration":"Expiration des jetons d'identité", +"oidcServiceKeyIdSig":"Identifiant de clef de signature", "oidcServiceMetaData":"Service OpenID Connect", +"oidcServiceMetaDataAuthnContext":"Contexte d'authentification", "oidcServiceMetaDataAuthorizeURI":"Autorisation", "oidcServiceMetaDataBackChannelURI":"URI du canal caché", +"oidcServiceMetaDataCheckSessionURI":"Vérification de session", "oidcServiceMetaDataEndPoints":"Points d'accès", +"oidcServiceMetaDataEndSessionURI":"Fin de session", "oidcServiceMetaDataFrontChannelURI":"URI du canal frontal", +"oidcServiceMetaDataIntrospectionURI":"Introspection", +"oidcServiceMetaDataIssuer":"Identifiant du fournisseur", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"Clefs", "oidcServiceMetaDataRegistrationURI":"Enregistrement", -"oidcServiceMetaDataIntrospectionURI":"Introspection", "oidcServiceMetaDataSecurity":"Sécurité", -"oidcServiceMetaDataEndSessionURI":"Fin de session", -"oidcServiceMetaDataAuthnContext":"Contexte d'authentification", "oidcServiceMetaDataSessions":"Sessions", +"oidcServiceMetaDataTokenURI":"Jeton", +"oidcServiceMetaDataUserInfoURI":"Informations Utilisateur", +"oidcServiceOfflineSessionExpiration":"Expiration des sessions hors-ligne", "oidcServicePrivateKeySig":"Clef privée de signature", "oidcServicePublicKeySig":"Clef publique de signature", -"oidcServiceKeyIdSig":"Identifiant de clef de signature", -"oidcServiceAuthorizationCodeExpiration":"Expiration des codes d'autorisation", -"oidcServiceAccessTokenExpiration":"Expiration des jetons d'accès", -"oidcServiceDynamicRegistrationExportedVars":"Variables exportées pour l'enregistrement dynamique", -"oidcServiceDynamicRegistrationExtraClaims":"Claims supplémentaires pour l'enregistrement dynamique", -"oidcServiceIDTokenExpiration":"Expiration des jetons d'identité", -"oidcServiceOfflineSessionExpiration":"Expiration des sessions hors-ligne", "oidcStorage":"Nom du module des sessions", "oidcStorageOptions":"Options du module des sessions", -"oidcOPMetaDataNodes":"Fournisseurs OpenID Connect", -"oidcRPMetaDataNodes":"Clients OpenID Connect", -"oidcOPMetaDataOptionsPrompt":"Interaction", -"oidcOPMetaDataOptionsMaxAge":"Âge maximum", -"oidcOPMetaDataOptionsUiLocales":"UI locales", -"oidcOPMetaDataOptionsAcrValues":"Valeurs ACR", -"oidcOPMetaDataOptionsIDTokenMaxAge":"Âge maximum du jeton ID", -"oidcOPMetaDataOptionsUseNonce":"Utilisation du nonce", -"oidcRPMetaDataOptionsRedirectUris":"Adresses de redirection autorisées pour la connexion", -"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Adresses de redirection autorisées pour la déconnexion", -"oidcRPMetaDataOptionsExtraClaims":"Déclarations (scopes/claims)", -"oidcServiceMetaDataIssuer":"Identifiant du fournisseur", -"oidcServiceMetaDataTokenURI":"Jeton", -"oidcServiceMetaDataUserInfoURI":"Informations Utilisateur", -"oidcServiceMetaDataCheckSessionURI":"Vérification de session", -"oidcServiceAllowDynamicRegistration":"Enregistrement dynamique", -"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", -"oidcServiceAllowImplicitFlow":"Implicit Flow", -"oidcServiceAllowHybridFlow":"Hybrid Flow", -"oidcServiceAllowOffline":"Autoriser l'accès hors ligne", "ok":"OK", "oldNotifFormat":"Utiliser l'ancien format XML", +"oldValue":"Ancienne valeur", +"on":"Activé", "openIdAttr":"Identifiant OpenID", "openIdAuthnLevel":"Niveau d'authentification", "openIdExportedVars":"Variables exportées", "openIdIDPList":"Domaines autorisés", "openIdIssuerSecret":"Jeton secret", -"openidParams":"Paramètres OpenID", +"openIdSPList":"Domaines autorisés", "openIdSecret":"Jeton secret", "openIdSreg":"Associations SREG", +"openIdSreg_country":"Pays", +"openIdSreg_dob":"Date de naissance", +"openIdSreg_email":"Email", "openIdSreg_fullname":"Nom complet", -"openIdSreg_nickname":"Surnom", +"openIdSreg_gender":"Genre", "openIdSreg_language":"Langage", +"openIdSreg_nickname":"Surnom", "openIdSreg_postcode":"Code postal", "openIdSreg_timezone":"Zone horaire", -"openIdSreg_country":"Pays", -"openIdSreg_gender":"Genre", -"openIdSreg_email":"Email", -"openIdSreg_dob":"Date de naissance", -"openIdSPList":"Domaines autorisés", -"OpenIDConnect":"OpenID Connect", -"OptionalTitle":"Titre optionnel", +"openidParams":"Paramètres OpenID", "overPrm":"Paramètres surchargés", "pamAuthnLevel":"Niveau d'authentification", "pamParams":"Paramètres PAM", @@ -745,11 +755,11 @@ "passwordManagement":"Gestion des mots de passe", "passwordPolicy":"Politique des mots de passe", "passwordPolicyActivation":"Activation", -"passwordPolicyMinSize": "Taille minimale", -"passwordPolicyMinLower": "Minimum de minuscules", -"passwordPolicyMinUpper": "Minimum de majuscules", -"passwordPolicyMinDigit": "Minimum de chiffres", +"passwordPolicyMinDigit":"Minimum de chiffres", +"passwordPolicyMinLower":"Minimum de minuscules", +"passwordPolicyMinSize":"Taille minimale", "passwordPolicyMinSpeChar":"Minimum de caractètes spéciaux", +"passwordPolicyMinUpper":"Minimum de majuscules", "passwordPolicySpecialChar":"Caractètes spéciaux autorisés", "passwordResetAllowedRetries":"Nombre d'essais pour réinitialiser le mot de passe", "persistent":"Persistantes", @@ -771,15 +781,16 @@ "portalDisplayGeneratePassword":"Afficher la boite de génération du mot de passe", "portalDisplayLoginHistory":"Historique des connexions", "portalDisplayLogout":"Déconnexion", -"portalDisplayPasswordPolicy": "Afficher la politique dans le formulaire de mot de passe", "portalDisplayOidcConsents":"Accords OIDC", -"portalDisplayRefreshMyRights": "Afficher le lien de rafraichissement des droits", +"portalDisplayPasswordPolicy":"Afficher la politique dans le formulaire de mot de passe", +"portalDisplayRefreshMyRights":"Afficher le lien de rafraichissement des droits", "portalDisplayRegister":"Création d'un nouveau compte", "portalDisplayResetPassword":"Réinitialisation de mot de passe", "portalErrorOnExpiredSession":"Affiche une erreur si la session est expirée", "portalErrorOnMailNotFound":"Affiche une erreur si le mail n'est pas trouvé", "portalForceAuthn":"Authentification forcée", "portalForceAuthnInterval":"Intervalle d'authentification forcée", +"portalMainLogo":"Logo principal", "portalMenu":"Menu", "portalModules":"Modules", "portalOpenLinkInNewWindow":"Nouvelle fenêtre", @@ -791,32 +802,31 @@ "portalServers":"Serveurs du portail", "portalSkin":"Thème visuel par défaut", "portalSkinBackground":"Image de fond", -"portalMainLogo":"Logo principal", "portalSkinRules":"Règles d'affichage du thème visuel", "portalStatus":"Publie le statut du portail", "portalUserAttr":"Attribut de l'utilisateur", "post":"Rejeu de formulaires", -"postedVars":"Variables à poster", -"postUrl":"URL du formulaire", "postTargetUrl":"URL cible du formulaire (optionnel)", +"postUrl":"URL du formulaire", +"postedVars":"Variables à poster", "previous":"Précédente", "privateKey":"Clef privée", -"proxyAuthnLevel":"Niveau d'authentification", "proxyAuthService":"URL du portail interne", -"proxySessionService":"URL du service de session", +"proxyAuthnLevel":"Niveau d'authentification", "proxyParams":"Paramètres Proxy", +"proxySessionService":"URL du service de session", "proxyUseSoap":"Utiliser SOAP au lieu de REST", "publicKey":"Clef publique", "purgeNotification":"Supprimer définitivement la notification", "radius2f":"Second facteur Radius", "radius2fActivation":"Activation", -"radius2fServer":"Nom d'hôte du serveur", -"radius2fSecret":"Secret partagé", -"radius2fUsernameSessionKey":"Clef de session contenant le login", -"radius2fTimeout":"Délai maximum d'authentification", "radius2fAuthnLevel":"Niveau d'authentification", -"radius2fLogo":"Logo", "radius2fLabel":"Label", +"radius2fLogo":"Logo", +"radius2fSecret":"Secret partagé", +"radius2fServer":"Nom d'hôte du serveur", +"radius2fTimeout":"Délai maximum d'authentification", +"radius2fUsernameSessionKey":"Clef de session contenant le login", "radiusAuthnLevel":"Niveau d'authentification", "radiusParams":"Paramètres Radius", "radiusSecret":"Secret partagé", @@ -845,116 +855,243 @@ "remotePortal":"URL du portail", "replaceByFile":"Remplacer par le fichier", "requireToken":"Exiger un jeton pour les formulaires", -"restAuthnLevel":"Niveau d'authentification", -"restAuthUrl":"URL d'authentification", -"restServices":"Services REST", -"restConfigServer":"Serveur de configurations", -"restore":"Restaurer", -"restoreConf":"Restaurer la configuration", "rest2f":"Second facteur REST", "rest2fActivation":"Activation", "rest2fAuthnLevel":"Niveau d'authentification", -"rest2fLabel":"Label", "rest2fInitArgs":"Arguments d'initialisation", "rest2fInitUrl":"URL d'initialisation", +"rest2fLabel":"Label", "rest2fLogo":"Logo", "rest2fVerifyArgs":"Arguments de vérification", "rest2fVerifyUrl":"URL de vérification", +"restAuthServer":"Serveur d'authentification", +"restAuthUrl":"URL d'authentification", +"restAuthnLevel":"Niveau d'authentification", +"restClockTolerance":"Tolérance aux écarts d'horloge", +"restConfigServer":"Serveur de configurations", "restExportSecretKeys":"Exporter les attributs secrets", +"restFindUserDBUrl":"URL des comptes utilisateurs", "restParams":"Paramètres REST", +"restPasswordServer":"Serveur de réinitialisation de mdp", "restPwdConfirmUrl":"URL de confirmation de mot-de-passe", "restPwdModifyUrl":"URL de modification de mot-de-passe", +"restServices":"Services REST", "restSessionServer":"Serveur de sessions", -"restAuthServer":"Serveur d'authentification", -"restFindUserDBUrl":"URL des comptes utilisateurs", -"restClockTolerance":"Tolérance aux écarts d'horloge", -"restPasswordServer":"Serveur de réinitialisation de mdp", "restUserDBUrl":"URL de données utilisateurs", +"restore":"Restaurer", +"restoreConf":"Restaurer la configuration", "returnUrl":"URL de retour", "rp":"Client", "rule":"Règle", "ruleAuthnLevel":"Niveau d'authentication requis", "rules":"Règles", "rulesAuthnLevel":"Niveaux auth requis", -"Same":"Identique", "sameSite":"Valeur SameSite du cookie", -"save":"Sauver", -"saveReport":"Rapport de sauvegarde", -"savingConfirmation":"Confirmation de sauvegarde", -"scope":"Scope", -"search":"Rechercher ...", -"secondFactors":"Seconds facteurs", -"securedCookie":"Cookie sécurisé (HTTPS)", -"security":"Sécurité", -"sendTestMail":"Test envoi de mail", -"sendTestMailSuccess":"Envoi du mail de test réussi", -"serverError":"Erreur du serveur", -"session":"session", -"sessions":"Sessions", -"session_s":"session(s)", -"sessionDataToRemember":"Données de session à conserver", -"sessionDeleted":"La session a été supprimée", -"sessionExpired":"La session est expirée", -"sessionParams":"Sessions", -"sessionStartedAt":"Session démarrée le ", -"sessionStorage":"Stockage des sessions", -"sessionTitle":"Contenu de la session", -"sfaTitle":"Seconds facteurs d'authentification", -"sfExtra":"Seconds facteurs additionnels", -"sfManagerRule":"Afficher le lien du Gestionnaire", -"sfOnlyUpgrade": "Utiliser le SF pour augmenter le niveau d'authentification", -"sfRequired":"Exiger l'enrôlement d'un SF à l'authentification", -"sfRemovedNotification":"Avertir si un SF expiré est supprimé", -"sfRemovedMsgRule":"Activation", -"sfRemovedUseNotif":"Utiliser les notifications", -"sfRemovedNotifMsg":"Message de la notification", -"sfRemovedNotifRef":"Référence de la notification", -"sfRemovedNotifTitle":"Titre de la notification", -"sfRemovedMsg":"Afficher un message si un SF expiré est supprimé", -"show":"Montrer", -"showHelp":"Montrer l'aide", -"showLanguages":"Afficher le choix des langues", -"singleIP":"Une seule adresse IP par utilisateur", -"singleSession":"Une seule session par utilisateur", -"singleUserByIP":"Un seul utilisateur par adresse IP", -"skipRenewConfirmation":"Éviter la confirmation de ré-authentification", -"skipUpgradeConfirmation":"Éviter la confirmation d'élévation du niveau d'authentification", -"slaveAuthnLevel":"Niveau d'authentification", -"slaveDisplayLogo":"Afficher le logo d'authentification", -"slaveExportedVars":"Variables exportées", -"slaveMasterIP":"IP accréditées", -"slaveParams":"Paramètres Slave", -"slaveUserHeader":"En-tête identifiant l'utilisateur", -"slaveHeaderName":"Nom de l'en-tête de contrôle", -"slaveHeaderContent":"Contenu de l'en-tête de contrôle", -"SMTP":"SMTP", -"SMTPAuthPass":"Mot de passe SMTP", -"SMTPAuthUser":"Utilisateur SMTP", -"SMTPPort":"Port SMTP", -"SMTPServer":"Serveur SMTP", -"SMTPTLS":"Protocole SSL/TLS", -"SMTPTLSOpts":"Options SSL/TLS", -"soapConfigServer":"Serveur de configurations", -"soapServices":"Services SOAP", -"soapSessionServer":"Serveur de sessions", -"specialRule":"Règle spécifique", -"SSLAuthnLevel":"Niveau d'authentification", -"sslByAjax":"Utiliser une requête Ajax", +"saml":"SAML", +"samlAdvanced":"Avancé", +"samlAttribute":"Attribut SAML", +"samlAttributeAuthorityDescriptor":"Autorité d'attributs", +"samlAttributeAuthorityDescriptorAttributeService":"Service d'attributs", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlAuthnContextMap":"Contextes d'authentification", +"samlAuthnContextMapKerberos":"Kerberos", +"samlAuthnContextMapPassword":"Mot de passe", +"samlAuthnContextMapPasswordProtectedTransport":"Mot de passe protégé", +"samlAuthnContextMapTLSClient":"Client TLS", +"samlCommonDomainCookie":"Cookie de Domaine Commun", +"samlCommonDomainCookieActivation":"Activation", +"samlCommonDomainCookieDomain":"Domaine commun", +"samlCommonDomainCookieReader":"URL de lecture", +"samlCommonDomainCookieWriter":"URL d'écriture", +"samlDiscoveryProtocol":"Protocole de découverte", +"samlDiscoveryProtocolActivation":"Activation", +"samlDiscoveryProtocolIsPassive":"Est passif", +"samlDiscoveryProtocolPolicy":"Politique", +"samlDiscoveryProtocolURL":"Adresse du point d'accès", +"samlEntityID":"Identifiant d'entité", +"samlIDP":"Fournisseur d'identité SAML", +"samlIDPMetaDataExportedAttributes":"Attributs exportés", +"samlIDPMetaDataNodes":"Fournisseurs d'identité SAML", +"samlIDPMetaDataOptions":"Options", +"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapatation de la durée de vie de la session", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"Authentification depuis le fournisseur autorisée", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"Authentification proxy autorisée", +"samlIDPMetaDataOptionsAuthnRequest":"Requête d'authentification", +"samlIDPMetaDataOptionsBinding":"Méthode", +"samlIDPMetaDataOptionsCheckAudience":"Vérifier les conditions d'audience", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Vérification de la signature des messages SLO", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Vérification de la signature des messages SSO", +"samlIDPMetaDataOptionsCheckTime":"Vérifier les conditions de temps", +"samlIDPMetaDataOptionsDisplay":"Affichage", +"samlIDPMetaDataOptionsDisplayName":"Nom d'affichage", +"samlIDPMetaDataOptionsDisplayParams":"Affichage", +"samlIDPMetaDataOptionsEncryptionMode":"Mode de chiffrement", +"samlIDPMetaDataOptionsForceAuthn":"Authentification forcée", +"samlIDPMetaDataOptionsForceUTF8":"Forcer l'UTF-8", +"samlIDPMetaDataOptionsIcon":"Logo", +"samlIDPMetaDataOptionsIsPassive":"Authentification passive", +"samlIDPMetaDataOptionsNameIDFormat":"Format du NameID", +"samlIDPMetaDataOptionsRelayStateURL":"Permettre une URL dans le RelayState", +"samlIDPMetaDataOptionsRequestedAuthnContext":"Contexte d'authentification demandé", +"samlIDPMetaDataOptionsResolutionRule":"Règle de résolution", +"samlIDPMetaDataOptionsSLOBinding":"Méthode SLO", +"samlIDPMetaDataOptionsSSOBinding":"Méthode SSO", +"samlIDPMetaDataOptionsSecurity":"Sécurité", +"samlIDPMetaDataOptionsSession":"Session", +"samlIDPMetaDataOptionsSignSLOMessage":"Signature des messages SLO", +"samlIDPMetaDataOptionsSignSSOMessage":"Signature des messages SSO", +"samlIDPMetaDataOptionsSignature":"Signature", +"samlIDPMetaDataOptionsSignatureMethod":"Méthode pour la signature", +"samlIDPMetaDataOptionsSortNumber":"Ordre", +"samlIDPMetaDataOptionsStoreSAMLToken":"Conserver le jeton SAML", +"samlIDPMetaDataOptionsUserAttribute":"Attribut contenant l'identité de l'utilisateur", +"samlIDPMetaDataXML":"Metadonnées", +"samlIDPName":"Nom du fournisseur d'identité SAML", +"samlIDPSSODescriptor":"Fournisseur d'identité", +"samlIDPSSODescriptorArtifactResolutionService":"Résolution d'Artifact", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Service Artifact", +"samlIDPSSODescriptorSingleLogoutService":"Single Logout", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"POST HTTP", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"Redirection HTTP", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"POST HTTP", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"Redirection HTTP", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"Exiger des requêtes d'authentification signées", +"samlMetadataForceUTF8":"Conversion des métadonnées en UTF8", +"samlNameIDFormatMap":"Formats de NameID", +"samlNameIDFormatMapEmail":"Email", +"samlNameIDFormatMapKerberos":"Kerberos", +"samlNameIDFormatMapWindows":"Windows", +"samlNameIDFormatMapX509":"X509", +"samlOrganization":"Organisation", +"samlOrganizationDisplayName":"Nom affiché", +"samlOrganizationName":"Nom", +"samlOrganizationURL":"URL", +"samlOverrideIDPEntityID":"Valeur de l'Entity ID en mode IDP", +"samlPartnerName":"Nom du partenaire SAML", +"samlRelayStateTimeout":"Durée de vie d'une session RelayState", +"samlSP":"Fournisseur de service SAML", +"samlSPMetaDataExportedAttributes":"Attributs exportés", +"samlSPMetaDataMacros":"Macros", +"samlSPMetaDataNodes":"Fournisseurs de service SAML", +"samlSPMetaDataOptions":"Options", +"samlSPMetaDataOptionsAuthnLevel":"Niveau d'authentification", +"samlSPMetaDataOptionsAuthnResponse":"Réponse d'authentification", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"Vérification de la signature des messages SLO", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"Vérification de la signature des messages SSO", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Autoriser l'utilisation d'URL SSO initié par l'IDP", +"samlSPMetaDataOptionsEncryptionMode":"Mode de chiffrement", +"samlSPMetaDataOptionsForceUTF8":"Forcer l'UTF-8", +"samlSPMetaDataOptionsNameIDFormat":"Format par défaut du NameID", +"samlSPMetaDataOptionsNameIDSessionKey":"Forcer la clef de session NameID", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durée notOnOrAfter", +"samlSPMetaDataOptionsOneTimeUse":"Utilisation unique", +"samlSPMetaDataOptionsRule":"Règle d'accès", +"samlSPMetaDataOptionsSecurity":"Sécurité", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"Durée sessionNotOnOrAfter", +"samlSPMetaDataOptionsSignSLOMessage":"Signature des messages SLO", +"samlSPMetaDataOptionsSignSSOMessage":"Signature des messages SSO", +"samlSPMetaDataOptionsSignature":"Signature", +"samlSPMetaDataOptionsSignatureMethod":"Méthode pour la signature", +"samlSPMetaDataXML":"Metadonnées", +"samlSPName":"Nom du fournisseur de service SAML", +"samlSPSSODescriptor":"Fournisseur de service", +"samlSPSSODescriptorArtifactResolutionService":"Résolution d'Artifact", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Service Artifact", +"samlSPSSODescriptorAssertionConsumerService":"Assertions", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"POST HTTP", +"samlSPSSODescriptorAuthnRequestsSigned":"Requêtes d'authentification signées", +"samlSPSSODescriptorSingleLogoutService":"Single Logout", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"POST HTTP", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"Redirection HTTP", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorWantAssertionsSigned":"Exiger des assertions signées", +"samlServiceMetaData":"Service SAML 2", +"samlServicePrivateKeyEnc":"Clef privée", +"samlServicePrivateKeyEncPwd":"Mot de passe de la clef privée", +"samlServicePrivateKeySig":"Clef privée", +"samlServicePrivateKeySigPwd":"Mot de passe de la clef privée", +"samlServicePublicKeyEnc":"Clef publique", +"samlServicePublicKeySig":"Clef publique", +"samlServiceSecurity":"Paramètres de sécurité", +"samlServiceSecurityEnc":"Chiffrement", +"samlServiceSecuritySig":"Signature", +"samlServiceSignatureMethod":"Méthode pour la signature", +"samlServiceUseCertificateInResponse":"Utilisation du certificat dans les réponses", +"samlStorage":"Nom du module des sessions SAML", +"samlStorageOptions":"Options du module des sessions SAML", +"samlUseQueryStringSpecific":"Utilisation d'une fonction spécifique pour query_string", +"save":"Sauver", +"saveReport":"Rapport de sauvegarde", +"savingConfirmation":"Confirmation de sauvegarde", +"scope":"Scope", +"search":"Rechercher ...", +"secondFactors":"Seconds facteurs", +"securedCookie":"Cookie sécurisé (HTTPS)", +"security":"Sécurité", +"sendTestMail":"Test envoi de mail", +"sendTestMailSuccess":"Envoi du mail de test réussi", +"serverError":"Erreur du serveur", +"serverNotification":"Serveur", +"session":"session", +"sessionDataToRemember":"Données de session à conserver", +"sessionDeleted":"La session a été supprimée", +"sessionExpired":"La session est expirée", +"sessionParams":"Sessions", +"sessionStartedAt":"Session démarrée le ", +"sessionStorage":"Stockage des sessions", +"sessionTitle":"Contenu de la session", +"session_s":"session(s)", +"sessions":"Sessions", +"sfExtra":"Seconds facteurs additionnels", +"sfManagerRule":"Afficher le lien du Gestionnaire", +"sfOnlyUpgrade":"Utiliser le SF pour augmenter le niveau d'authentification", +"sfRemovedMsg":"Afficher un message si un SF expiré est supprimé", +"sfRemovedMsgRule":"Activation", +"sfRemovedNotifMsg":"Message de la notification", +"sfRemovedNotifRef":"Référence de la notification", +"sfRemovedNotifTitle":"Titre de la notification", +"sfRemovedNotification":"Avertir si un SF expiré est supprimé", +"sfRemovedUseNotif":"Utiliser les notifications", +"sfRequired":"Exiger l'enrôlement d'un SF à l'authentification", +"sfaTitle":"Seconds facteurs d'authentification", +"show":"Montrer", +"showHelp":"Montrer l'aide", +"showLanguages":"Afficher le choix des langues", +"singleIP":"Une seule adresse IP par utilisateur", +"singleSession":"Une seule session par utilisateur", +"singleUserByIP":"Un seul utilisateur par adresse IP", +"skipRenewConfirmation":"Éviter la confirmation de ré-authentification", +"skipUpgradeConfirmation":"Éviter la confirmation d'élévation du niveau d'authentification", +"slaveAuthnLevel":"Niveau d'authentification", +"slaveDisplayLogo":"Afficher le logo d'authentification", +"slaveExportedVars":"Variables exportées", +"slaveHeaderContent":"Contenu de l'en-tête de contrôle", +"slaveHeaderName":"Nom de l'en-tête de contrôle", +"slaveMasterIP":"IP accréditées", +"slaveParams":"Paramètres Slave", +"slaveUserHeader":"En-tête identifiant l'utilisateur", +"soapConfigServer":"Serveur de configurations", +"soapServices":"Services SOAP", +"soapSessionServer":"Serveur de sessions", +"specialRule":"Règle spécifique", +"sslByAjax":"Utiliser une requête Ajax", "sslHost":"URL SSL pour Ajax", "sslParams":"Paramètres SSL", -"SSLVar":"Champ extrait du certificat", -"SSLVarIf":"Champ conditionnel extrait du certificat", "ssoSessions":"Sessions SSO", "stateCheck":"Vérification de l'état", "stayConnect":"Connexions persistantes", "stayConnected":"Activation", "stayConnectedCookieName":"Nom du cookie", "stayConnectedTimeout":"Durée de validité", -"successfullySaved":"Sauvegarde effectuée", "storePassword":"Stocke le mot de passe de l'utilisateur en session", "string":"Chaîne", "subtitle":"Sous-titre", "successLoginNumber":"Nombre de connexions mémorisées", +"successfullySaved":"Sauvegarde effectuée", "sympaHandler":"Sympa", "sympaMailKey":"Clef de session pour le mail", "sympaSecret":"Secret partagé", @@ -970,12 +1107,12 @@ "totp2f":"TOTP", "totp2fActivation":"Activation", "totp2fAuthnLevel":"Niveau d'authentification TOTP", -"totp2fLabel":"Label", -"totp2fLogo":"Logo", "totp2fDigits":"Nombre de chiffres", "totp2fDisplayExistingSecret":"Afficher la clef existante", "totp2fInterval":"Intervalle", "totp2fIssuer":"Nom du fournisseur TOTP", +"totp2fLabel":"Label", +"totp2fLogo":"Logo", "totp2fRange":"Nombre d'intervalles à tester", "totp2fSelfRegistration":"Auto-enregistrement", "totp2fTTL":"Durée de vie", @@ -1004,20 +1141,20 @@ "unknownKey":"Clef inconnue", "unsecuredCookie":"Cookie non sécurisé", "up":"Monter", -"uploadDenied":"Téléchargement refusé", "upgradeSession":"Ré-authentification", +"uploadDenied":"Téléchargement refusé", "uri":"URI", "url":"URL", "use":"Usage", -"user":"utilisateur", -"users":"Utilisateurs", -"userDB":"Module d'utilisateurs", -"userdbOnly":"BD utilisateurs seulement", -"userControl":"Contrôle du nom d'utilisateur", -"userPivot":"Champ identifiant dans la table des utilisateurs", "useRedirectOnError":"Redirection pour les erreurs", "useRedirectOnForbidden":"Redirection pour les accès interdits", "useSafeJail":"Utiliser la cage Safe", +"user":"utilisateur", +"userControl":"Contrôle du nom d'utilisateur", +"userDB":"Module d'utilisateurs", +"userPivot":"Champ identifiant dans la table des utilisateurs", +"userdbOnly":"BD utilisateurs seulement", +"users":"Utilisateurs", "utotp2f":"TOTP-ou-U2F", "utotp2fActivation":"Activation", "utotp2fAuthnLevel":"Niveau d'authentification", @@ -1025,10 +1162,10 @@ "utotp2fLogo":"Logo", "value":"Valeur", "values":"Valeurs", -"variables":"Variables", "variableName":"Nom de la variable", -"verifyU2FKey":"Vérifier la clef U2F", +"variables":"Variables", "verifyTOTPKey":"Vérifier la clef TOTP", +"verifyU2FKey":"Vérifier la clef U2F", "version":"Version", "vhostAccessToTrace":"Accès à tracer", "vhostAliases":"Alias", @@ -1044,24 +1181,24 @@ "virtualHost":"Hôte virtuel", "virtualHostName":"Nom de l'hôte virtuel", "virtualHosts":"Hôtes virtuels", +"waitOrF5":"Attendez la redirection ou appuyez sur F5", +"waitingForDatas":"En attente de données", "warning":"Attention", "warnings":"Avertissements", -"waitingForDatas":"En attente de données", "webIDAuthnLevel":"Niveau d'authentification", "webIDExportedVars":"Variables exportées", -"webidParams":"Paramètres WebID", "webIDWhitelist":"Liste blanche WebID", -"waitOrF5":"Attendez la redirection ou appuyez sur F5", +"webidParams":"Paramètres WebID", "whatToTrace":"REMOTE_USER", "whiteList":"Liste blanche", "wsdlServer":"Serveur WSDL", "yubikey2f":"Yubikey", "yubikey2fActivation":"Activation", "yubikey2fAuthnLevel":"Niveau d'authentification", +"yubikey2fClientID":"Identifiant client de l'API", +"yubikey2fFromSessionAttribute":"Provisionner depuis un attribut de session", "yubikey2fLabel":"Label", "yubikey2fLogo":"Logo", -"yubikey2fClientID":"Identifiant client de l'API", -"yubikey2fFromSessionAttribute": "Provisionner depuis un attribut de session", "yubikey2fNonce":"Nonce", "yubikey2fPublicIDSize":"Taille de la partie publique de l'OTP", "yubikey2fSecretKey":"Clef secrète de l'API", @@ -1069,143 +1206,5 @@ "yubikey2fTTL":"Durée de vie", "yubikey2fUrl":"URL du service", "yubikey2fUserCanRemoveKey":"Autoriser les utilisateurs à effacer leur Yubikey", -"zeroConfExplanations":"Le serveur ne dispose pas de configuration. Cette configuration de base vous permet d'en initialiser une.", - -"saml":"SAML", -"samlAttribute":"Attribut SAML", -"samlDiscoveryProtocol":"Protocole de découverte", -"samlDiscoveryProtocolActivation":"Activation", -"samlDiscoveryProtocolIsPassive":"Est passif", -"samlDiscoveryProtocolPolicy":"Politique", -"samlDiscoveryProtocolURL":"Adresse du point d'accès", -"samlNameIDFormatMap":"Formats de NameID", -"samlNameIDFormatMapEmail":"Email", -"samlNameIDFormatMapX509":"X509", -"samlNameIDFormatMapWindows":"Windows", -"samlNameIDFormatMapKerberos":"Kerberos", -"samlIDP":"Fournisseur d'identité SAML", -"samlIDPMetaDataNodes":"Fournisseurs d'identité SAML", -"samlIDPMetaDataXML":"Metadonnées", -"samlIDPMetaDataExportedAttributes":"Attributs exportés", -"samlIDPMetaDataOptions":"Options", -"samlIDPMetaDataOptionsNameIDFormat":"Format du NameID", -"samlIDPMetaDataOptionsForceAuthn":"Authentification forcée", -"samlIDPMetaDataOptionsIsPassive":"Authentification passive", -"samlIDPMetaDataOptionsAllowProxiedAuthn":"Authentification proxy autorisée", -"samlIDPMetaDataOptionsAllowLoginFromIDP":"Authentification depuis le fournisseur autorisée", -"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapatation de la durée de vie de la session", -"samlIDPMetaDataOptionsSignSSOMessage":"Signature des messages SSO", -"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Vérification de la signature des messages SSO", -"samlIDPMetaDataOptionsSignSLOMessage":"Signature des messages SLO", -"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Vérification de la signature des messages SLO", -"samlIDPMetaDataOptionsSSOBinding":"Méthode SSO", -"samlIDPMetaDataOptionsSLOBinding":"Méthode SLO", -"samlIDPMetaDataOptionsResolutionRule":"Règle de résolution", -"samlIDPMetaDataOptionsRequestedAuthnContext":"Contexte d'authentification demandé", -"samlIDPMetaDataOptionsForceUTF8":"Forcer l'UTF-8", -"samlIDPMetaDataOptionsEncryptionMode":"Mode de chiffrement", -"samlIDPMetaDataOptionsCheckTime":"Vérifier les conditions de temps", -"samlIDPMetaDataOptionsCheckAudience":"Vérifier les conditions d'audience", -"samlIDPMetaDataOptionsAuthnRequest":"Requête d'authentification", -"samlIDPMetaDataOptionsSession":"Session", -"samlIDPMetaDataOptionsSignature":"Signature", -"samlIDPMetaDataOptionsSignatureMethod":"Méthode pour la signature", -"samlIDPMetaDataOptionsBinding":"Méthode", -"samlIDPMetaDataOptionsDisplay":"Affichage", -"samlIDPMetaDataOptionsDisplayName":"Nom d'affichage", -"samlIDPMetaDataOptionsDisplayParams":"Affichage", -"samlIDPMetaDataOptionsIcon":"Logo", -"samlIDPMetaDataOptionsSecurity":"Sécurité", -"samlIDPMetaDataOptionsSortNumber":"Ordre", -"samlIDPMetaDataOptionsStoreSAMLToken":"Conserver le jeton SAML", -"samlIDPMetaDataOptionsRelayStateURL":"Permettre une URL dans le RelayState", -"samlIDPMetaDataOptionsUserAttribute":"Attribut contenant l'identité de l'utilisateur", -"samlSPMetaDataNodes":"Fournisseurs de service SAML", -"samlSPMetaDataXML":"Metadonnées", -"samlSPMetaDataExportedAttributes":"Attributs exportés", -"samlSPMetaDataOptions":"Options", -"samlSPMetaDataOptionsNameIDFormat":"Format par défaut du NameID", -"samlSPMetaDataOptionsOneTimeUse":"Utilisation unique", -"samlSPMetaDataOptionsSignSSOMessage":"Signature des messages SSO", -"samlSPMetaDataOptionsCheckSSOMessageSignature":"Vérification de la signature des messages SSO", -"samlSPMetaDataOptionsSignSLOMessage":"Signature des messages SLO", -"samlSPMetaDataOptionsCheckSLOMessageSignature":"Vérification de la signature des messages SLO", -"samlSPMetaDataOptionsEncryptionMode":"Mode de chiffrement", -"samlSPMetaDataOptionsAuthnResponse":"Réponse d'authentification", -"samlSPMetaDataOptionsSignature":"Signature", -"samlSPMetaDataOptionsSignatureMethod":"Méthode pour la signature", -"samlSPMetaDataOptionsSecurity":"Sécurité", -"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Autoriser l'utilisation d'URL SSO initié par l'IDP", -"samlSPMetaDataOptionsNameIDSessionKey":"Forcer la clef de session NameID", -"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"Durée sessionNotOnOrAfter", -"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durée notOnOrAfter", -"samlSPMetaDataOptionsForceUTF8":"Forcer l'UTF-8", -"samlSPMetaDataOptionsAuthnLevel":"Niveau d'authentification", -"samlSPMetaDataOptionsRule":"Règle d'accès", -"samlSPMetaDataMacros":"Macros", -"samlIDPName":"Nom du fournisseur d'identité SAML", -"samlServiceMetaData":"Service SAML 2", -"samlEntityID":"Identifiant d'entité", -"samlOrganization":"Organisation", -"samlOrganizationDisplayName":"Nom affiché", -"samlOrganizationName":"Nom", -"samlOrganizationURL":"URL", -"samlSP":"Fournisseur de service SAML", -"samlSPName":"Nom du fournisseur de service SAML", -"samlSPSSODescriptor":"Fournisseur de service", -"samlSPSSODescriptorAuthnRequestsSigned":"Requêtes d'authentification signées", -"samlSPSSODescriptorWantAssertionsSigned":"Exiger des assertions signées", -"samlSPSSODescriptorSingleLogoutService":"Single Logout", -"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"Redirection HTTP", -"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"POST HTTP", -"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlSPSSODescriptorAssertionConsumerService":"Assertions", -"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", -"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"POST HTTP", -"samlSPSSODescriptorArtifactResolutionService":"Résolution d'Artifact", -"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Service Artifact", -"samlIDPSSODescriptor":"Fournisseur d'identité", -"samlIDPSSODescriptorWantAuthnRequestsSigned":"Exiger des requêtes d'authentification signées", -"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", -"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"Redirection HTTP", -"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"POST HTTP", -"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", -"samlIDPSSODescriptorSingleLogoutService":"Single Logout", -"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"Redirection HTTP", -"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"POST HTTP", -"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlIDPSSODescriptorArtifactResolutionService":"Résolution d'Artifact", -"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Service Artifact", -"samlAttributeAuthorityDescriptor":"Autorité d'attributs", -"samlAttributeAuthorityDescriptorAttributeService":"Service d'attributs", -"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", -"samlServiceSecurity":"Paramètres de sécurité", -"samlServiceSecuritySig":"Signature", -"samlServiceSecurityEnc":"Chiffrement", -"samlServicePrivateKeySig":"Clef privée", -"samlServicePrivateKeySigPwd":"Mot de passe de la clef privée", -"samlServicePublicKeySig":"Clef publique", -"samlServicePrivateKeyEnc":"Clef privée", -"samlServicePrivateKeyEncPwd":"Mot de passe de la clef privée", -"samlServicePublicKeyEnc":"Clef publique", -"samlServiceSignatureMethod":"Méthode pour la signature", -"samlServiceUseCertificateInResponse":"Utilisation du certificat dans les réponses", -"samlAdvanced":"Avancé", -"samlPartnerName":"Nom du partenaire SAML", -"samlMetadataForceUTF8":"Conversion des métadonnées en UTF8", -"samlStorage":"Nom du module des sessions SAML", -"samlStorageOptions":"Options du module des sessions SAML", -"samlAuthnContextMap":"Contextes d'authentification", -"samlAuthnContextMapPassword":"Mot de passe", -"samlAuthnContextMapPasswordProtectedTransport":"Mot de passe protégé", -"samlAuthnContextMapTLSClient":"Client TLS", -"samlAuthnContextMapKerberos":"Kerberos", -"samlCommonDomainCookie":"Cookie de Domaine Commun", -"samlCommonDomainCookieActivation":"Activation", -"samlCommonDomainCookieDomain":"Domaine commun", -"samlCommonDomainCookieReader":"URL de lecture", -"samlCommonDomainCookieWriter":"URL d'écriture", -"samlRelayStateTimeout":"Durée de vie d'une session RelayState", -"samlUseQueryStringSpecific":"Utilisation d'une fonction spécifique pour query_string", -"samlOverrideIDPEntityID":"Valeur de l'Entity ID en mode IDP" +"zeroConfExplanations":"Le serveur ne dispose pas de configuration. Cette configuration de base vous permet d'en initialiser une." } diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 6ac3b248fc..35ae375cef 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"Esploratore di sessioni 2ndFA", +"2ndFA":"Secondi fattori", +"ADPwdExpireWarning":"Avviso di scadenza password", +"ADPwdMaxAge":"Età massima della password", +"AuthLDAPFilter":"Filtro di autenticazione", +"Configuration":"Configurazione", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"Filtro predefinito", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Titolo facoltativo", +"SMTP":"SMTP", +"SMTPAuthPass":"Password SMTP", +"SMTPAuthUser":"Utente SMTP", +"SMTPPort":"Porta SMTP", +"SMTPServer":"Server SMTP", +"SMTPTLS":"Protocollo SSL/TLS", +"SMTPTLSOpts":"Opzioni SSL/TLS", +"SSLAuthnLevel":"Livello di autenticazione", +"SSLVar":"Campo certificato estratto", +"SSLVarIf":"Campo di certificato estratto condizionale", +"Same":"Stesso", "_auth":"Autenticazione", "_authChoice":"Scelta di autenticazione", "_idp":"IDP EntityID", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"Timestamp di autenticazione", "_lastSeen":"Ultima attività timestamp", "_loginHistory":"Cronologia dei login", +"_oidc_OP":"Chiave provider", "_oidc_access_token":"Token di accesso", "_oidc_id_token":"ID Token", -"_oidc_OP":"Chiave provider", "_password":"Password", "_passwordDB":"Password", "_samlToken":"SAML token", @@ -20,42 +41,38 @@ "_startTime":"Data di creazione", "_timezone":"Fuso orario", "_updateTime":"Aggiorna data", +"_url":"URL di origine", "_user":"Login", "_userDB":"Utente", -"_url":"URL di origine", "_utime":"Sessione timestamp", -"2faSessions":"Esploratore di sessioni 2ndFA", -"2ndFA":"Secondi fattori", -"actives":"Attivi", "activeTimer":"Auto accettazione tempo", +"actives":"Attivi", +"adParams":"Parametri di Active Directory", "adaptativeAuthenticationLevelRules":"Adaptative authentication rules", "addAppCasPartner":"Aggiungi applicazione CAS", "addIDPSamlPartner":"Aggiungi SAML IDP", "addOidcAttribute":"Aggiungi attributo", "addOidcOp":"Aggiungere OpenID Connect Provider", "addOidcRp":"Aggiungi parte basata su OpenID ", -"addSamlAttribute":"Aggiungi attributo", "addSPSamlPartner":"Aggiungi SAML SP", +"addSamlAttribute":"Aggiungi attributo", "addSrvCasPartner":"Aggiungi server CAS", -"addU2FKey":"Aggiungi chiave U2F", "addTOTPKey":"Aggiungi chiave TOTP", +"addU2FKey":"Aggiungi chiave U2F", "addVhost":"Aggiungi virtualhost", -"adParams":"Parametri di Active Directory", -"ADPwdExpireWarning":"Avviso di scadenza password", -"ADPwdMaxAge":"Età massima della password", "advancedParams":"Parametri avanzati", "allowedMarkups":"Marcature consentite:", "always":"Always", -"apacheParams":"Parametri Apache", "apacheAuthnLevel":"Livello di autenticazione", +"apacheParams":"Parametri Apache", "application":"Applicazione", "applicationDisplay":"Visualizza applicazione", "applicationList":"Categorie e applicazioni", "applyResult":"Applica risultato", "appsInThisCat":"Applicazioni in questa categoria", "array":"Array", -"attributesAndMacros":"Attributi e Macro", "attributeName":"Attribute name", +"attributesAndMacros":"Attributi e Macro", "authAndUserdb":"Authz e utente DB", "authChain":"Catena di autenticazione", "authChoice":"Scelta di autenticazione", @@ -63,16 +80,15 @@ "authChoiceFindUser":"FindUser plugin parameter", "authChoiceModules":"Moduli consentiti", "authChoiceParam":"Parametri URL", +"authOnly":"Solo autenticazione", +"authParams":"Parametri di autenticazione", "authentication":"Modulo di autenticazione", -"authenticationNeeded":"È necessaria l'autenticazione", "authenticationLevel":"Livello di autenticazione", +"authenticationNeeded":"È necessaria l'autenticazione", "authenticationTitle":"Autenticazione", -"AuthLDAPFilter":"Filtro di autenticazione", -"authOnly":"Solo autenticazione", "author":"Autore", "authorIPAddress":"Indirizzo IP dell'autore", "authorizedValues":"Valori autorizzati", -"authParams":"Parametri di autenticazione", "auto":"Automatico", "autoSignin":"Accesso automatico", "autoSigninRules":"Regole", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Expression containing an assignment. You can use \\x3D to avoid this warning.", "badHeaderName":"Nome intestazione errato", "badHostname":"Hostname errato", -"badLdapUri":"LDAP URI errata", -"badKeyName":"Nome di chiave sbagliato", "badIPv4Address":"Indirizzo IPv4 sbagliato", +"badKeyName":"Nome di chiave sbagliato", +"badLdapUri":"LDAP URI errata", "badMacroName":"Nome macro errato", "badMetadataName":"Nome metadata errato", "badPemEncoding":"Codifica errata PEM", @@ -104,17 +120,17 @@ "blackList":"Black list", "bool":"Boolean", "browse":"Naviga", -"browsersDontStorePassword":"Avoid browsers to store users password", +"browseTree":"Naviga albero", "browserIdAuthnLevel":"Livello di autenticazione", "browserIdAutoLogin":"Login automatico", "browserIdBackgroundColor":"Colore di sfondo", -"browseridParams":"BrowserIDParams", "browserIdSiteLogo":"Logo del sito", "browserIdSiteName":"Nome del sito", "browserIdVerificationURL":"URL di verifica", -"browseTree":"Naviga albero", -"bruteForceProtection":"Attivazione", +"browseridParams":"BrowserIDParams", +"browsersDontStorePassword":"Avoid browsers to store users password", "bruteForceAttackProtection":"Brute-force attack protection", +"bruteForceProtection":"Attivazione", "bruteForceProtectionIncrementalTempo":"Incremental lock", "bruteForceProtectionLockTimes":"Incremental lock times", "bruteForceProtectionMaxFailed":"Allowed failed logins", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"Attivazione della reimpostazione della password tramite modulo di posta", "captcha_register_enabled":"Attivazione nel formulario di registro", "captcha_size":"Dimensione", -"casAuthnLevel":"Livello di autenticazione", "casAccessControlPolicy":"Politica di controllo degli accessi", "casApp":"Applicazione CAS", "casAppMetaDataExportedVars":"Attributi esportati", +"casAppMetaDataMacros":"Macro", "casAppMetaDataNodes":"Applicazioni CAS", "casAppMetaDataOptions":"Opzioni", -"casAppMetaDataOptionsService":"URL del servizio", "casAppMetaDataOptionsAuthnLevel":"Livello di autenticazione", "casAppMetaDataOptionsRule":"Regola", -"casAppMetaDataMacros":"Macro", +"casAppMetaDataOptionsService":"URL del servizio", "casAppMetaDataOptionsUserAttribute":"Attributo utente", "casAppName":"Nome App CAS", "casAttr":"Login CAS", "casAttributes":"Attributi CAS esportati", +"casAuthnLevel":"Livello di autenticazione", "casParams":"Parametri di CAS", "casServiceMetadata":"Servizio CAS", "casSrv":"Server CAS ", "casSrvMetaDataExportedVars":"Attributi esportati", +"casSrvMetaDataNodes":"Server CAS", "casSrvMetaDataOptions":"Opzioni", "casSrvMetaDataOptionsDisplay":"Visualizza ", "casSrvMetaDataOptionsDisplayName":"Nome da visualizzare", "casSrvMetaDataOptionsGateway":"Autenticazione gateway", "casSrvMetaDataOptionsIcon":"Path icona", -"casSrvMetaDataOptionsSortNumber":"Ordine", -"casSrvMetaDataOptionsRenew":"Rinnova l'autenticazione", "casSrvMetaDataOptionsProxiedServices":"Servizi Proxied", +"casSrvMetaDataOptionsRenew":"Rinnova l'autenticazione", +"casSrvMetaDataOptionsSortNumber":"Ordine", "casSrvMetaDataOptionsUrl":"URL del server", -"casSrvMetaDataNodes":"Server CAS", "casSrvName":"NOme del Server CAS", "casStorage":"Nome del modulo sessioni CAS", "casStorageOptions":"Opzioni del modulo sessioni CAS", "categoryName":"Nome della categoria", "cda":"Domini multipli", "certificateMailContent":"Contenuto della mail", -"certificateResetByMailManagement":"Certificate management", -"certificateResetByMailURL":"Reset page URL", "certificateResetByMailCeaAttribute":" Certificate Exact Assertion attribute name", "certificateResetByMailCertificateAttribute":" Certificate binary content attribute name", -"certificateResetByMailStep1Subject":"Reset mail subject", +"certificateResetByMailManagement":"Certificate management", "certificateResetByMailStep1Body":"Reset mail content", -"certificateResetByMailStep2Subject":"Soggetto della mail di conferma", +"certificateResetByMailStep1Subject":"Reset mail subject", "certificateResetByMailStep2Body":"Confirmation mail content", +"certificateResetByMailStep2Subject":"Soggetto della mail di conferma", +"certificateResetByMailURL":"Reset page URL", "certificateResetByMailValidityDelay":"Minimum duration before expiration", -"contentSecurityPolicy":"Politica di protezione dei contenuti", -"contextSwitching":"Switch context another user", -"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", -"contextSwitchingHiddenAttributes":"Attributi nascosti", -"contextSwitchingIdRule":"Le identità usano la regola", -"contextSwitchingRule":"Utilizza la regola", -"contextSwitchingStopWithLogout":"Stop by logout", -"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", -"cspConnect":"Destinazioni Ajax", -"cspDefault":"Valore di default", -"cspFont":"Origine carattere", -"cspFormAction":"Formare le destinazioni", -"cspFrameAncestors":"Frame ancestors URL", -"cspImg":"Origine immagine", -"cspScript":"Origine script", -"cspStyle":"Origine di stile", -"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", -"corsEnabled":"Attivazione", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Summary", "cfgVersion":"Versione configurazione", -"checkXSS":"Verifica attacchi XSS", -"clickHereToForce":"Clicca qui per forzare", -"claimName":"Claim name", -"checkboxes":"Checkboxes", "checkDevOps":"Activation", "checkDevOpsDownload":"Download file", "checkState":"Attivazione", "checkStateSecret":"Segreto condiviso", -"checkUsers":"Controllo del profilo SSO", "checkUser":"Attivazione", "checkUserDisplay":"Display", -"checkUserIdRule":"Uso della regola delle identità", -"checkUserHiddenAttributes":"Attributi nascosti", -"checkUserUnrestrictedUsersRule":"Unrestricted users rule", "checkUserDisplayComputedSession":"Computed sessions", -"checkUserDisplayPersistentInfo":"Persistent session data", "checkUserDisplayEmptyHeaders":"Empty headers", "checkUserDisplayEmptyValues":"Empty values", "checkUserDisplayNormalizedHeaders":"Normalized headers", +"checkUserDisplayPersistentInfo":"Persistent session data", +"checkUserHiddenAttributes":"Attributi nascosti", "checkUserHiddenHeaders":"Hidden headers", +"checkUserIdRule":"Uso della regola delle identità", "checkUserSearchAttributes":"Attributes used for searching sessions", +"checkUserUnrestrictedUsersRule":"Unrestricted users rule", +"checkUsers":"Controllo del profilo SSO", +"checkXSS":"Verifica attacchi XSS", +"checkboxes":"Checkboxes", "choiceParams":"Scelta parametri", "chooseLogo":"Scegli logo", "chooseSkin":"Scegli interfaccia", +"claimName":"Claim name", +"clickHereToForce":"Clicca qui per forzare", +"combModules":"Elenco dei moduli", "combination":"Combinazione", "combinationParams":"Parametri di combinazione", "combineMods":"Combinazione di moduli", -"combModules":"Elenco dei moduli", "comment":"Commento", "comments":"Commenti", +"compactConf":"Compact configuration file", "condition":"Condizione", "conf":"Configurazione", -"Configuration":"Configurazione", -"confirmFormMethod":"Metodo per modulo di conferma", "confModuledeprecated":"Questo modulo è stato deprecato, impostare \"forceUpload = 1\" in limonldap-ng.ini per utilizzarlo", "confNotChanged":"Nessuna modifica è stata rilevata, salvataggio interrotto", "confSaved":"Configurazione salvata", "confWasChanged":"La configurazione é stata modificata", +"confirmFormMethod":"Metodo per modulo di conferma", "connectionTitle":"Connessione", "content":"Contenuto", +"contentSecurityPolicy":"Politica di protezione dei contenuti", +"contextSwitching":"Switch context another user", +"contextSwitchingAllowed2fModifications":"Allow 2FA modifications", +"contextSwitchingHiddenAttributes":"Attributi nascosti", +"contextSwitchingIdRule":"Le identità usano la regola", +"contextSwitchingRule":"Utilizza la regola", +"contextSwitchingStopWithLogout":"Stop by logout", +"contextSwitchingUnrestrictedUsersRule":"Unrestricted users rule", "cookieExpiration":"Tempo di scadenza del cookie", "cookieName":"Nome del cookie", "cookieParams":"Cookie", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"Attivazione", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"Crea", +"crossOrigineResourceSharing":"Cross-Origin Resource Sharing", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"API key", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"Base URL of local API", +"cspConnect":"Destinazioni Ajax", +"cspDefault":"Valore di default", +"cspFont":"Origine carattere", +"cspFormAction":"Formare le destinazioni", +"cspFrameAncestors":"Frame ancestors URL", +"cspImg":"Origine immagine", +"cspScript":"Origine script", +"cspStyle":"Origine di stile", "currentConfiguration":"Configurazione attuale", "customAddParams":"Parametri aggiuntivi", "customAuth":"Personalizza modulo di autenticazione", @@ -257,21 +272,23 @@ "customResetCertByMail":"Custom certificateResetByMail module", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"Personalizza modulo utente DB", +"databaseLocked":"Database bloccato da un altro processo", "date":"Data", +"dateTitle":"Date", "dbiAuthChain":"Catena", "dbiAuthLoginCol":"Nome campo di accesso", -"dbiAuthnLevel":"Livello di autenticazione", "dbiAuthPassword":"Password", "dbiAuthPasswordCol":"Nome del campo password", "dbiAuthPasswordHash":"Schema Hash", -"dbiDynamicHash":"hashing dinamico", -"dbiDynamicHashEnabled":"attivazione hash dinamica", -"dbiDynamicHashValidSchemes":"Schemi non-salted supportati", -"dbiDynamicHashValidSaltedSchemes":"Schemi salted supportati", -"dbiDynamicHashNewPasswordScheme":"Schema hash dinamico per nuove password", "dbiAuthTable":"Tabella di autenticazione", "dbiAuthUser":"Utente", +"dbiAuthnLevel":"Livello di autenticazione", "dbiConnection":"Connessione", +"dbiDynamicHash":"hashing dinamico", +"dbiDynamicHashEnabled":"attivazione hash dinamica", +"dbiDynamicHashNewPasswordScheme":"Schema hash dinamico per nuove password", +"dbiDynamicHashValidSaltedSchemes":"Schemi salted supportati", +"dbiDynamicHashValidSchemes":"Schemi non-salted supportati", "dbiExportedVars":"Variabili esportate", "dbiParams":"Parametri DBI", "dbiPassword":"Password", @@ -283,31 +300,29 @@ "decryptValueRule":"Utilizza la regola", "default":"Predefinito", "defaultRule":"Regola predefinita", -"demoModeOn":"Questo gestore viene eseguito in modalità demo", "deleteEntry":"Elimina", "deleteNotification":"Elimina", "deleteSession":"Elimina sessione", -"deleteU2FKey":"Elimina la chiave U2F", "deleteTOTPKey":"Elimina la chiave TOTP", +"deleteU2FKey":"Elimina la chiave U2F", "demoExportedVars":"Variabili esportate", +"demoModeOn":"Questo gestore viene eseguito in modalità demo", "demoParams":"Parametri di dimostrazione", "description":"Descrizione", "dest":"Recipient", -"diffViewer":"Visualizzatore di differenza", "devOpsCheck":"Check DevOps handler file", +"diffViewer":"Visualizzatore di differenza", "diffWithPrevious":"differenza con il precedente", +"disablePersistentStorage":"Disable storage", "disabled":"Disabilitato", "displaySessionId":"Display session identifier", +"dn":"DN", +"domain":"Dominio", "done":"fatto", "dones":"Fatto", -"down":"Move down", "doubleCookie":"Doppio cookie (HTTP e HTTPS)", "doubleCookieForSingleSession":"Doppio cookie per una sessione singola", -"databaseLocked":"Database bloccato da un altro processo", -"dateTitle":"Date", -"dn":"DN", -"domain":"Dominio", -"compactConf":"Compact configuration file", +"down":"Move down", "download":"Scarica", "downloadIt":"Scaricalo", "duplicate":"Duplicato", @@ -316,21 +331,20 @@ "emptyConf":"Configurazione vuota", "emptyValueNotAllowed":"Valore vuoto non consentito", "enabled":"Abilitato", -"disablePersistentStorage":"Disable storage", "enterPassword":"Inserisci password (opzionale)", "error":"Errore", "errors":"ERRORI", "exportedAttr":"Attributi di SOAP/REST esportati", "exportedHeaders":"Intestazioni esportate", "exportedVars":"Variabili esportate", +"ext2FSendCommand":"Invia comando", +"ext2FValidateCommand":"Comando di convalida", "ext2f":"2° fattore esterno", "ext2fActivation":"Attivazione", -"ext2fCodeActivation":"Codice regex", "ext2fAuthnLevel":"Livello di autenticazione", +"ext2fCodeActivation":"Codice regex", "ext2fLabel":"Label", "ext2fLogo":"Logo", -"ext2FSendCommand":"Invia comando", -"ext2FValidateCommand":"Comando di convalida", "facebookAppId":"ID dell'applicazione Facebook", "facebookAppSecret":"Segreto dell'applicazione Facebook", "facebookAuthnLevel":"Livello di autenticazione", @@ -340,16 +354,16 @@ "failedLoginNumber":"Numero di login registrati non riusciti", "fileToUpload":"File da caricare", "findUser":"Activation", -"findUsers":"Search for user account", "findUserControl":"Parameters control", "findUserExcludingAttributes":"Excluding attributes", "findUserSearchingAttributes":"Searching attributes", "findUserWildcard":"Character used as wildcard", +"findUsers":"Search for user account", "forbidden":"Non sei autorizzato a mostrare questa pagina", "forceSave":"Forza salvataggio", -"format":"Formato", "formReplay":"Ripetizione del modulo", "formTimeout":"Timeout del modulo", +"format":"Formato", "forms":"Moduli", "friendlyName":"Nome amichevole", "generalParameters":"Parametri generali", @@ -371,72 +385,73 @@ "grantSessionRules":"Condizioni di apertura", "groups":"Gruppi", "groupsBeforeMacros":"Compute groups before macros", +"hGroups":"Gruppi (HashRef)", "hashkey":"Chiave", "headers":"Intestazioni HTTP", -"hGroups":"Gruppi (HashRef)", -"hostname":"Hostname", "hiddenAttributes":"Attributi nascosti", "hide":"Nascondi", "hideHelp":"Nascondi aiuto", "hideOldPassword":"Nascondi la vecchia password", "hideTree":"Nascondi l'albero", +"hostname":"Hostname", "httpOnly":"Protezione Javascript", "https":"HTTPS", "impersonation":"Imitazione", -"impersonationRule":"Usa la regola", -"impersonationIdRule":"Le identità usano la regola", "impersonationHiddenAttributes":"Attributi nascosti", +"impersonationIdRule":"Le identità usano la regola", "impersonationMergeSSOgroups":"Unisci gruppi SSO usurpati e reali", +"impersonationRule":"Usa la regola", "impersonationSkipEmptyValues":"Salta valori vuoti", "impersonationUnrestrictedUsersRule":"Unrestricted users rule", "incompleteForm":"Mancano campi obbligatori", "index":"Indice", "infoFormMethod":"Metodo per il modulo informazioni", -"invalidSessionData":"Dati di sessione non validi", +"instance":"Instance", "int":"Integer", "internalReference":"Riferimento interno", +"invalidSessionData":"Dati di sessione non validi", "ipAddr":"Indirizzo IP", "ipAddresses":"Indirizzi IP", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Attivazione", +"issuerDBCASOptions":"Opzioni", +"issuerDBCASPath":"Path", +"issuerDBCASRule":"Utilizza la regola", "issuerDBGet":"GET", "issuerDBGetActivation":"Attivazione", "issuerDBGetParameters":"Parametri GET", "issuerDBGetPath":"Path", "issuerDBGetRule":"Utilizza la regola", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"Attivazione", -"issuerDBSAMLPath":"Path", -"issuerDBSAMLRule":"Utilizza la regola", -"issuerDBCAS":"CAS", -"issuerDBCASActivation":"Attivazione", -"issuerDBCASPath":"Path", -"issuerDBCASRule":"Utilizza la regola", -"issuerDBCASOptions":"Opzioni", "issuerDBOpenID":"OpenID", "issuerDBOpenIDActivation":"Attivazione", -"issuerDBOpenIDPath":"Path", -"issuerDBOpenIDRule":"Utilizza la regola", -"issuerDBOpenIDOptions":"Opzioni", "issuerDBOpenIDConnect":"OpenID Connect", "issuerDBOpenIDConnectActivation":"Attivazione", "issuerDBOpenIDConnectPath":"Path", "issuerDBOpenIDConnectRule":"Utilizza la regola", +"issuerDBOpenIDOptions":"Opzioni", +"issuerDBOpenIDPath":"Path", +"issuerDBOpenIDRule":"Utilizza la regola", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Attivazione", +"issuerDBSAMLPath":"Path", +"issuerDBSAMLRule":"Utilizza la regola", "issuerOptions":"Opzioni", "issuerParams":"Moduli emittenti", "issuersTimeout":"Issuers timeout", -"jsRedirect":"Messaggio di reindirizzamento", "jqueryButtonSelector":"Selettore del pulsante jQuery (opzionale)", "jqueryFormSelector":"Selettore modulo jQuery (opzionale)", "jqueryUrl":"URL jQuery (opzionale)", +"jsRedirect":"Messaggio di reindirizzamento", +"kerberosParams":"Parametri di Kerberos", "key":"Chiave crittografica", -"keys":"Chiavi", -"keyname":"Nome della chiave", "keyPassword":"Chiave password", +"keyname":"Nome della chiave", +"keys":"Chiavi", +"krbAllowedDomains":"Allowed domains", "krbAuthnLevel":"Livello Kerberos authn", "krbByJs":"Utilizzare la richiesta Ajax", "krbKeytab":"File keytab", "krbRemoveDomain":"Rimuovi dominio dal nome utente Kerberos", -"krbAllowedDomains":"Allowed domains", -"kerberosParams":"Parametri di Kerberos", "label":"Label", "languages":"Lingue", "latest":"Più recente", @@ -450,7 +465,6 @@ "ldapConnection":"Connessione", "ldapExportedVars":"Variabili esportate", "ldapFilters":"Filtri", -"LDAPFilter":"Filtro predefinito", "ldapGetUserBeforePasswordChange":"Search for user before password change", "ldapGroupAttributeName":"Attributo target", "ldapGroupAttributeNameGroup":"Attributo del gruppo sorgente", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"Classe oggetto", "ldapGroupRecursive":"Ricorsivo", "ldapGroups":"Gruppi", +"ldapIOTimeout":"Operation timeout", "ldapITDS":"IBM Tivoli DS support", "ldapParams":"Parametri LDAP", "ldapPassword":"Password", "ldapPasswordResetAttribute":"Reset attributo", "ldapPasswordResetAttributeValue":"Reimposta il valore", -"ldapPpolicyControl":"Controllo delle politiche di password", "ldapPort":"Port del server", +"ldapPpolicyControl":"Controllo delle politiche di password", "ldapPwdEnc":"Codifica password LDAP", "ldapRaw":"Attributi binari", "ldapSearchDeref":"Alias dereference", "ldapServer":"Host del server", "ldapSetPassword":"Operazione prolungata di modifica password", "ldapTimeout":"Connection timeout", -"ldapIOTimeout":"Operation timeout", "ldapUsePasswordResetAttribute":"Utilizza l'attributo di ripristino", "ldapVerify":"Verify LDAP server certificate", "ldapVersion":"Versione", @@ -483,35 +497,34 @@ "linkedInClientID":"Client ID", "linkedInClientSecret":"Client segreto", "linkedInFields":"Campi ricercati", -"linkedinParams":"Parametri LinkedIn", "linkedInScope":"Scopo", "linkedInUserField":"Campo contenente l'identificatore dell'utente", +"linkedinParams":"Parametri LinkedIn", "load":"Carica", -"loadedConfiguration":"Configurazione caricata", "loadFromUrl":"Carica a partire dall'URL", +"loadedConfiguration":"Configurazione caricata", "localSessionStorage":"Modulo cache", "localSessionStorageOptions":"Opzioni modulo cache", "locationRules":"Regole di accesso", +"logParams":"Logs", "loginHistory":"Cronologia dei login", "loginHistoryEnabled":"Attivazione", "logo":"Logo", "logout":"Logout", "logoutServices":"Trasmissione logout", -"logParams":"Logs", "lwpOpts":"Opzioni per le richieste del server", "lwpSslOpts":"Opzioni SSL per le richieste del server", -"instance":"Instance", "macros":"Macro", "mail2f":"Mail secondo fattore", "mail2fActivation":"Attivazione", -"mail2fCodeRegex":"Codice regex", -"mail2fTimeout":"Codice timeout", -"mail2fSubject":"Oggetto della mail", -"mail2fBody":"Corpo del messaggio", "mail2fAuthnLevel":"Livello di autenticazione", -"mail2fLabel":"Label", +"mail2fBody":"Corpo del messaggio", +"mail2fCodeRegex":"Codice regex", +"mail2fLabel":"Label", "mail2fLogo":"Logo", "mail2fSessionKey":"Chiave di sessione contenente l'indirizzo di posta", +"mail2fSubject":"Oggetto della mail", +"mail2fTimeout":"Codice timeout", "mailBody":"Successo contenuto di posta", "mailCharset":"Charset", "mailConfirmBody":"Contenuto della mail di conferma", @@ -535,22 +548,22 @@ "markAsDone":"Segna come fatto", "memberOfSSOGroups":"Membro di gruppi SSO", "menu":"Menu", +"menuCategory":"Categoria del menu", "message":"Messaggio", "messages":"Messaggi", -"menuCategory":"Categoria del menu", "modulesTitle":"Moduli usati", "multiIp":"Multi IP", -"multipleSessions":"Sessioni multiple", "multiValuesSeparator":"Separatore", +"multipleSessions":"Sessioni multiple", "name":"Nome", "needConfirmation":"È disponibile una nuova configurazione. Per forzarne il salvataggio, fai clic sulla casella di controllo vicino al pulsante 'salva'", "networkProblem":"Problema di rete", "never":"Never", "newApp":"Nuova applicazione", -"newChain":"Nuova catena", "newCat":"NUova categoria", "newCertificate":"New certificate", "newCfgAvailable":"É disponibile una nuova configurazione", +"newChain":"Nuova catena", "newCmbMod":"Nuovo modulo", "newCmbOver":"Nuovo parametro", "newEntry":"Nuova entrata", @@ -560,41 +573,40 @@ "newPostVar":"Nuova variabile", "newRSAKey":"Nuove chiavi", "newRule":"Nuova regola", -"newSfOver":"Nuovo parametro", "newSfExtra":"New second factor", +"newSfOver":"Nuovo parametro", "newValue":"Nuovo valore", "next":"Seguente", "nginxCustomHandlers":"Gestori Custom Nginx", "noAjaxHook":"Tenere i reindirizzamenti per Ajax", "noData":"Nessun dato da visualizzare", "notABoolean":"Non un booleano", -"notAnInteger":"Non un numero intero", "notAValidPerlExpression":"Non una valida espressione Perl", +"notAnInteger":"Non un numero intero", "notification":"Attivazione", -"notifications":"Notifiche", -"notification_s":"notification(s)", -"notificationDefaultCond":"Default condition", -"notificationServer":"Server di notifica", -"notificationServerDELETE":"DELETE method", -"notificationServerGET":"GET method", -"notificationServerMethods":"HTTP methods", -"notificationServerPOST":"POST method", -"notificationServerSentAttributes":"Notification parameters to send", -"serverNotification":"Server", "notificationCreated":"La notifica è stata creata", +"notificationDefaultCond":"Default condition", "notificationDeleted":"Notification has been marked as done", "notificationDone":"La notifica è stata effettuata", -"notificationsDone":"Notifiche effettuate", -"notificationsExplorer":"Explorer", "notificationNotCreated":"La notifica non è stata creata", "notificationNotDeleted":"La notifica non è stata contrassegnata come eseguita", "notificationNotFound":"La notifica non é stata trovata", "notificationNotPurged":"La notifica non è stata rimossa definitivamente", "notificationPurged":"La notifica è stata rimossa definitivamente", +"notificationServer":"Server di notifica", +"notificationServerDELETE":"DELETE method", +"notificationServerGET":"GET method", +"notificationServerMethods":"HTTP methods", +"notificationServerPOST":"POST method", +"notificationServerSentAttributes":"Notification parameters to send", "notificationStorage":"Modulo di memoria", "notificationStorageOptions":"Parametri modulo di memoria", "notificationWildcard":"Carattere jolly per tutti gli utenti", "notificationXSLTfile":"File XSLT personalizzato", +"notification_s":"notification(s)", +"notifications":"Notifiche", +"notificationsDone":"Notifiche effettuate", +"notificationsExplorer":"Explorer", "notifyDeleted":"Mostra le sessioni cancellate", "notifyOther":"Visualizza altre sessioni", "nullAuthnLevel":"Livello di autenticazione", @@ -602,8 +614,6 @@ "number":"Numero", "off":"Off", "offlineSessions":"Offline sessions", -"oldValue":"Vecchio valore", -"on":"On", "oidcAttribute":"Attributo OIDC", "oidcAuthnLevel":"Livello di autenticazione", "oidcConsents":"OpenID Connect Consents", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"Metadata", "oidcOPMetaDataJWKS":"Dati di JWKS", "oidcOPMetaDataNode":"Provider di OpenID Connect", +"oidcOPMetaDataNodes":"Provider di OpenID Connect", "oidcOPMetaDataOptions":"Opzioni", -"oidcRPMetaDataOptionsBasic":"Basic", -"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", -"oidcRPMetaDataOptionsAdvanced":"Advanced", -"oidcRPMetaDataOptionsTimeouts":"Timeouts", -"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", +"oidcOPMetaDataOptionsAcrValues":"Valori ACR", "oidcOPMetaDataOptionsCheckJWTSignature":"Controllare la firma JWT", "oidcOPMetaDataOptionsClientID":"ID Client", "oidcOPMetaDataOptionsClientSecret":"Segreto Client", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"Visualizza", "oidcOPMetaDataOptionsDisplayName":"Visualizza nome", "oidcOPMetaDataOptionsDisplayParams":"Visualizza", +"oidcOPMetaDataOptionsIDTokenMaxAge":"Eta massima dell'ID della Token", "oidcOPMetaDataOptionsIcon":"Logo", -"oidcOPMetaDataOptionsSortNumber":"Ordine", "oidcOPMetaDataOptionsJWKSTimeout":"Timeout dei dati di JWKS", -"oidcRPMetaDataOptionsLogoutSessionRequired":"Sessione necessaria", -"oidcRPMetaDataOptionsLogoutType":"Tipo", -"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsMaxAge":"Età massima", +"oidcOPMetaDataOptionsPrompt":"Richiesta", "oidcOPMetaDataOptionsProtocol":"Protocollo", -"oidcRPMetaDataOptionsPublic":"Cliente pubblico", -"oidcRPMetaDataOptionsRequirePKCE":"Richiedi PKCE", -"oidcRPMetaDataOptionsAuthnLevel":"Livello di autenticazione", -"oidcRPMetaDataOptionsRule":"Regola di accesso", -"oidcRPMetaDataMacros":"Macro", -"oidcRPMetaDataScopeRules":"Scope rules", "oidcOPMetaDataOptionsScope":"Scopo", +"oidcOPMetaDataOptionsSortNumber":"Ordine", "oidcOPMetaDataOptionsStoreIDToken":"Immagazzina ID Token", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Metodo di autenticazione degli endpoint di token", +"oidcOPMetaDataOptionsUiLocales":"Locales UI", +"oidcOPMetaDataOptionsUseNonce":"Usare nonce", "oidcOPName":"Nome del Provider di OpenID Connect", "oidcParams":"Parametri di OpenID Connect", "oidcRP":"Parte basata su OpenID Connect", "oidcRPCallbackGetParam":"Parametri Callback GET", "oidcRPMetaDataExportedVars":"Attributi esportati", +"oidcRPMetaDataMacros":"Macro", "oidcRPMetaDataNode":"Parti basate su OpenID Connect", +"oidcRPMetaDataNodes":"Parti basate su OpenID Connect", "oidcRPMetaDataOptions":"Opzioni", +"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenExpiration":"Scadenza accesso token", "oidcRPMetaDataOptionsAccessTokenJWT":"Use JWT format for Access Token", -"oidcRPMetaDataOptionsAccessTokenClaims":"Release claims in Access Token", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Access Token signature algorithm", +"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences", +"oidcRPMetaDataOptionsAdvanced":"Advanced", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Allow OAuth2.0 Client Credentials Grant", +"oidcRPMetaDataOptionsAllowOffline":"Allow offline access", "oidcRPMetaDataOptionsAllowPasswordGrant":"Allow OAuth2.0 Password Grant", +"oidcRPMetaDataOptionsAuthnLevel":"Livello di autenticazione", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcRPMetaDataOptionsBasic":"Basic", "oidcRPMetaDataOptionsBypassConsent":"Consenso di bypass", "oidcRPMetaDataOptionsClientID":"ID Client", "oidcRPMetaDataOptionsClientSecret":"Segreto Client", "oidcRPMetaDataOptionsDisplay":"Visualizza", "oidcRPMetaDataOptionsDisplayName":"Mostra nome", -"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsExtraClaims":"Richieste supplementari", "oidcRPMetaDataOptionsIDTokenExpiration":"Scadenza ID Token", -"oidcRPMetaDataOptionsIDTokenSignAlg":"Algoritmo di firma di identificazione di Token", "oidcRPMetaDataOptionsIDTokenForceClaims":"Force claims to be returned in ID Token", +"oidcRPMetaDataOptionsIDTokenSignAlg":"Algoritmo di firma di identificazione di Token", +"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Sessione necessaria", +"oidcRPMetaDataOptionsLogoutType":"Tipo", +"oidcRPMetaDataOptionsLogoutUrl":"URL", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Offline session expiration", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Indirizzi di reindirizzazione consentiti per il logout", +"oidcRPMetaDataOptionsPublic":"Cliente pubblico", +"oidcRPMetaDataOptionsRedirectUris":"Indirizzi di reindirizzazione consentiti per l'accesso", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRequirePKCE":"Richiedi PKCE", +"oidcRPMetaDataOptionsRule":"Regola di accesso", +"oidcRPMetaDataOptionsTimeouts":"Timeouts", "oidcRPMetaDataOptionsUserIDAttr":"Attributo utente", +"oidcRPMetaDataScopeRules":"Scope rules", "oidcRPName":"Nome di OpenID Connect RP", "oidcRPStateTimeout":"Durata della sessione stato", +"oidcServiceAccessTokenExpiration":"Scadenza accesso token", +"oidcServiceAllowAuthorizationCodeFlow":"Flusso del codice di autorizzazione", +"oidcServiceAllowDynamicRegistration":"Registrazione dinamica", +"oidcServiceAllowHybridFlow":"Flusso ibrido", +"oidcServiceAllowImplicitFlow":"Flusso implicito", +"oidcServiceAllowOffline":"Allow offline access", +"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", +"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", +"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", +"oidcServiceIDTokenExpiration":"Scadenza ID Token", +"oidcServiceKeyIdSig":"ID del codice di accesso", "oidcServiceMetaData":"Servizio di OpenID Connect", +"oidcServiceMetaDataAuthnContext":"Contesto di autenticazione", "oidcServiceMetaDataAuthorizeURI":"Autorizzazione", "oidcServiceMetaDataBackChannelURI":"URI Back-Channel", +"oidcServiceMetaDataCheckSessionURI":"Controlla sessione", "oidcServiceMetaDataEndPoints":"Endpoint", +"oidcServiceMetaDataEndSessionURI":"Fine sessione", "oidcServiceMetaDataFrontChannelURI":"URI Front-Channel ", +"oidcServiceMetaDataIntrospectionURI":"Introspection", +"oidcServiceMetaDataIssuer":"Identificatore dell'emittente", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"Chiavi", "oidcServiceMetaDataRegistrationURI":"Registrazione", -"oidcServiceMetaDataIntrospectionURI":"Introspection", "oidcServiceMetaDataSecurity":"Sicurezza", -"oidcServiceMetaDataEndSessionURI":"Fine sessione", -"oidcServiceMetaDataAuthnContext":"Contesto di autenticazione", "oidcServiceMetaDataSessions":"Sessioni", +"oidcServiceMetaDataTokenURI":"Token", +"oidcServiceMetaDataUserInfoURI":"Informazioni utente", +"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcServicePrivateKeySig":"Firma della chiave privata", "oidcServicePublicKeySig":"Firma della chiave pubblica", -"oidcServiceKeyIdSig":"ID del codice di accesso", -"oidcServiceAuthorizationCodeExpiration":"Authorization Code expiration", -"oidcServiceAccessTokenExpiration":"Scadenza accesso token", -"oidcServiceDynamicRegistrationExportedVars":"Exported vars for dynamic registration", -"oidcServiceDynamicRegistrationExtraClaims":"Extra claims for dynamic registration", -"oidcServiceIDTokenExpiration":"Scadenza ID Token", -"oidcServiceOfflineSessionExpiration":"Offline session expiration", "oidcStorage":"Nome del modulo Sessioni", "oidcStorageOptions":"Opzioni del modulo Sessioni", -"oidcOPMetaDataNodes":"Provider di OpenID Connect", -"oidcRPMetaDataNodes":"Parti basate su OpenID Connect", -"oidcOPMetaDataOptionsPrompt":"Richiesta", -"oidcOPMetaDataOptionsMaxAge":"Età massima", -"oidcOPMetaDataOptionsUiLocales":"Locales UI", -"oidcOPMetaDataOptionsAcrValues":"Valori ACR", -"oidcOPMetaDataOptionsIDTokenMaxAge":"Eta massima dell'ID della Token", -"oidcOPMetaDataOptionsUseNonce":"Usare nonce", -"oidcRPMetaDataOptionsRedirectUris":"Indirizzi di reindirizzazione consentiti per l'accesso", -"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Indirizzi di reindirizzazione consentiti per il logout", -"oidcRPMetaDataOptionsExtraClaims":"Richieste supplementari", -"oidcServiceMetaDataIssuer":"Identificatore dell'emittente", -"oidcServiceMetaDataTokenURI":"Token", -"oidcServiceMetaDataUserInfoURI":"Informazioni utente", -"oidcServiceMetaDataCheckSessionURI":"Controlla sessione", -"oidcServiceAllowDynamicRegistration":"Registrazione dinamica", -"oidcServiceAllowAuthorizationCodeFlow":"Flusso del codice di autorizzazione", -"oidcServiceAllowImplicitFlow":"Flusso implicito", -"oidcServiceAllowHybridFlow":"Flusso ibrido", -"oidcServiceAllowOffline":"Allow offline access", "ok":"OK", "oldNotifFormat":"Utilizza il vecchio formato XML", +"oldValue":"Vecchio valore", +"on":"On", "openIdAttr":"Login OpenID", "openIdAuthnLevel":"Livello di autenticazione", "openIdExportedVars":"Variabili esportate", "openIdIDPList":"Domini autorizzati", "openIdIssuerSecret":"Token segreta", -"openidParams":"Parametri OpenID", +"openIdSPList":"Domini autorizzati", "openIdSecret":"Token segreta", "openIdSreg":"Mapping SREG", +"openIdSreg_country":"Paese", +"openIdSreg_dob":"Data di nascita", +"openIdSreg_email":"E-mail", "openIdSreg_fullname":"Nome e cognome", -"openIdSreg_nickname":"Nomignolo", +"openIdSreg_gender":"Genere", "openIdSreg_language":"Lingua", +"openIdSreg_nickname":"Nomignolo", "openIdSreg_postcode":"CAP", "openIdSreg_timezone":"Fuso orario", -"openIdSreg_country":"Paese", -"openIdSreg_gender":"Genere", -"openIdSreg_email":"E-mail", -"openIdSreg_dob":"Data di nascita", -"openIdSPList":"Domini autorizzati", -"OpenIDConnect":"OpenID Connect", -"OptionalTitle":"Titolo facoltativo", +"openidParams":"Parametri OpenID", "overPrm":"Parametri sovraccaricati", "pamAuthnLevel":"Livello di autenticazione", "pamParams":"Parametri PAM", @@ -745,11 +755,11 @@ "passwordManagement":"Gestione password", "passwordPolicy":"Password policy", "passwordPolicyActivation":"Attivazione", -"passwordPolicyMinSize":"Minimal size", -"passwordPolicyMinLower":"Minimal lower characters", -"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicyMinDigit":"Minimal digit characters", +"passwordPolicyMinLower":"Minimal lower characters", +"passwordPolicyMinSize":"Minimal size", "passwordPolicyMinSpeChar":"Minimal special characters", +"passwordPolicyMinUpper":"Minimal upper characters", "passwordPolicySpecialChar":"Allowed special characters", "passwordResetAllowedRetries":"Max tentativi di reimpostazione della password", "persistent":"Persistente", @@ -771,8 +781,8 @@ "portalDisplayGeneratePassword":"Display generate password box", "portalDisplayLoginHistory":"Cronologia login", "portalDisplayLogout":"Logout", -"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayOidcConsents":"Consensi OIDC", +"portalDisplayPasswordPolicy":"Display policy in password form", "portalDisplayRefreshMyRights":"Display rights refresh link", "portalDisplayRegister":"Registra nuovo account", "portalDisplayResetPassword":"Reimposta password", @@ -780,6 +790,7 @@ "portalErrorOnMailNotFound":"Mostra errore sulla posta non trovata", "portalForceAuthn":"Forza l'autenticazione", "portalForceAuthnInterval":"Forza intervallo di autenticazione", +"portalMainLogo":"Logo principale", "portalMenu":"Menu", "portalModules":"Attivazione moduli", "portalOpenLinkInNewWindow":"Nuova finestra", @@ -792,31 +803,30 @@ "portalSkin":"Interfaccia predefinita", "portalSkinBackground":"Sfondo dell'interfaccia", "portalSkinRules":"Regole di visualizzazione dell'interfaccia", -"portalMainLogo":"Logo principale", "portalStatus":"Pubblica lo stato del portale", "portalUserAttr":"Attributo utente", "post":"Ripetizione del modulo", -"postedVars":"Variabili da inviare", -"postUrl":"URL del modulo", "postTargetUrl":"URL di destinazione dell'oggetto (facoltativo)", +"postUrl":"URL del modulo", +"postedVars":"Variabili da inviare", "previous":"Precedente", "privateKey":"Chiave privata", -"proxyAuthnLevel":"Livello di autenticazione", "proxyAuthService":"URL del portale interno", -"proxySessionService":"URL del servizio di sessione", +"proxyAuthnLevel":"Livello di autenticazione", "proxyParams":"Parametri Proxy", +"proxySessionService":"URL del servizio di sessione", "proxyUseSoap":"Usa SOAP invece di REST", "publicKey":"Chiave pubblica", "purgeNotification":"Elimina definitivamente la notifica", "radius2f":"Radius secondo fattore", "radius2fActivation":"Attivazione", -"radius2fServer":"Nome host del server", -"radius2fSecret":"Segreto condiviso", -"radius2fUsernameSessionKey":"Session key containing login", -"radius2fTimeout":"Timeout di autenticazione", "radius2fAuthnLevel":"Livello di autenticazione", -"radius2fLogo":"Logo", "radius2fLabel":"Label", +"radius2fLogo":"Logo", +"radius2fSecret":"Segreto condiviso", +"radius2fServer":"Nome host del server", +"radius2fTimeout":"Timeout di autenticazione", +"radius2fUsernameSessionKey":"Session key containing login", "radiusAuthnLevel":"Livello di autenticazione", "radiusParams":"Parametri di Radius", "radiusSecret":"Segreto condiviso", @@ -845,116 +855,243 @@ "remotePortal":"URL del portale", "replaceByFile":"Sostituire con il file", "requireToken":"Richiede il token per i moduli", -"restAuthnLevel":"Livello di autenticazione", -"restAuthUrl":"URL di autenticazione", -"restConfigServer":"Server di configurazione", -"restServices":"REST services", -"restore":"Ristabilire", -"restoreConf":"Ripristinare la configurazione", "rest2f":"REST secondo fattore", "rest2fActivation":"Attivazione", "rest2fAuthnLevel":"Livello di autenticazione", -"rest2fLabel":"Label", "rest2fInitArgs":"Argomenti di init", "rest2fInitUrl":"URL iniziale", +"rest2fLabel":"Label", "rest2fLogo":"Logo", "rest2fVerifyArgs":"Verifica Argomenti", "rest2fVerifyUrl":"Verifica UR", +"restAuthServer":"Authentication server", +"restAuthUrl":"URL di autenticazione", +"restAuthnLevel":"Livello di autenticazione", +"restClockTolerance":"Server clock tolerance", +"restConfigServer":"Server di configurazione", "restExportSecretKeys":"Export secret attributes", +"restFindUserDBUrl":"User accounts URL", "restParams":"Parametri REST", +"restPasswordServer":"Password reset server", "restPwdConfirmUrl":"URL di conferma password", "restPwdModifyUrl":"URL di modifica password", +"restServices":"REST services", "restSessionServer":"Server di sessione", -"restAuthServer":"Authentication server", -"restClockTolerance":"Server clock tolerance", -"restFindUserDBUrl":"User accounts URL", -"restPasswordServer":"Password reset server", "restUserDBUrl":"URL dei dati utente", +"restore":"Ristabilire", +"restoreConf":"Ripristinare la configurazione", "returnUrl":"URL di ritorno", "rp":"Parte facente affidamento", "rule":"Regola", "ruleAuthnLevel":"Livello di autenticazione richiesto", "rules":"Regole", "rulesAuthnLevel":"Required auth levels", -"Same":"Stesso", "sameSite":"Cookie SameSite value", -"save":"Salva", -"saveReport":"Salva report", -"savingConfirmation":"Salvataggio della conferma", -"scope":"Ambito", -"search":"Cerca...", -"secondFactors":"Secondi fattori", -"securedCookie":"Cookie protetti (SSL)", -"security":"Sicurezza", -"sendTestMail":"Send test email", -"sendTestMailSuccess":"Test email successfully sent", -"serverError":"Errore del server", -"session":"sessione", -"sessions":"Sessioni", -"session_s":"sessione(i)", -"sessionDataToRemember":"Dati di sessione da memorizzare", -"sessionDeleted":"La sessione è stata rimossa", -"sessionExpired":"La sessione è scaduta", -"sessionParams":"Sessioni", -"sessionStartedAt":"La sessione è stata avviata", -"sessionStorage":"Conservazione di sessioni", -"sessionTitle":"Contenuto della sessione", -"sfaTitle":"Autenticazione a due fattori", -"sfExtra":"Additional second factors", -"sfManagerRule":"Display Manager link", -"sfOnlyUpgrade":"Use 2FA for session upgrade", -"sfRequired":"Force 2FA registration at login", -"sfRemovedNotification":"Warn if an expired 2FA is removed", -"sfRemovedMsgRule":"Attivazione", -"sfRemovedUseNotif":"Use Notifications plugin", -"sfRemovedNotifMsg":"Notification message", -"sfRemovedNotifRef":"Notification reference", -"sfRemovedNotifTitle":"Notification title", -"sfRemovedMsg":"Display a message if an expired 2FA is removed", -"show":"Mostra", -"showHelp":"Mostra aiuto", -"showLanguages":"Mostra la scelta delle lingue", -"singleIP":"One IP address per user", -"singleSession":"One session per user", -"singleUserByIP":"One user per IP address", -"skipRenewConfirmation":"Salta la conferma di re-auth", -"skipUpgradeConfirmation":"Skip upgrade confirmation", -"slaveAuthnLevel":"Livello di autenticazione", -"slaveDisplayLogo":"Display authentication logo", -"slaveExportedVars":"Variabili esportate", -"slaveMasterIP":"Indirizzo IP del master", -"slaveParams":"Parametri di slave", -"slaveUserHeader":"Intestazione per login utente", -"slaveHeaderName":"Nome dell'intestazione di controllo", -"slaveHeaderContent":"Contenuto dell'intestazione di controllo", -"SMTP":"SMTP", -"SMTPAuthPass":"Password SMTP", -"SMTPAuthUser":"Utente SMTP", -"SMTPPort":"Porta SMTP", -"SMTPServer":"Server SMTP", -"SMTPTLS":"Protocollo SSL/TLS", -"SMTPTLSOpts":"Opzioni SSL/TLS", +"saml":"SAML", +"samlAdvanced":"Avanzato", +"samlAttribute":"Attributo SAML", +"samlAttributeAuthorityDescriptor":"Autorità di attributo", +"samlAttributeAuthorityDescriptorAttributeService":"Servizio di attributo", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlAuthnContextMap":"Contesti di autenticazione", +"samlAuthnContextMapKerberos":"Kerberos", +"samlAuthnContextMapPassword":"Password", +"samlAuthnContextMapPasswordProtectedTransport":"Trasporto protetto da password", +"samlAuthnContextMapTLSClient":"Client TLS", +"samlCommonDomainCookie":"Dominio Cookie Comune", +"samlCommonDomainCookieActivation":"Attivazione", +"samlCommonDomainCookieDomain":"Dominio comune", +"samlCommonDomainCookieReader":"URL del lettore", +"samlCommonDomainCookieWriter":"URL dell'autore", +"samlDiscoveryProtocol":"Protocollo di scoperta", +"samlDiscoveryProtocolActivation":"Attivazione", +"samlDiscoveryProtocolIsPassive":"È passivo", +"samlDiscoveryProtocolPolicy":"Policy", +"samlDiscoveryProtocolURL":"URL EndPoint ", +"samlEntityID":"Identificatore dell'entità", +"samlIDP":"Provider di identità SAML", +"samlIDPMetaDataExportedAttributes":"Attributi esportati", +"samlIDPMetaDataNodes":"Provider di identità SAML", +"samlIDPMetaDataOptions":"Opzioni", +"samlIDPMetaDataOptionsAdaptSessionUtime":"Adatta la durata della sessione", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"Consenti l'accesso da IDP", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"Consenti l'autenticazione proxied", +"samlIDPMetaDataOptionsAuthnRequest":"Richiesta di autenticazione", +"samlIDPMetaDataOptionsBinding":"Vincolante", +"samlIDPMetaDataOptionsCheckAudience":"Controllare le condizioni del pubblico", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Controllare la firma del messaggio SLO", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Controllare la firma del messaggio SSO", +"samlIDPMetaDataOptionsCheckTime":"Controllare le condizioni del tempo", +"samlIDPMetaDataOptionsDisplay":" Visualizza ", +"samlIDPMetaDataOptionsDisplayName":"Nome da visualizzare", +"samlIDPMetaDataOptionsDisplayParams":" Visualizza ", +"samlIDPMetaDataOptionsEncryptionMode":"Modalità di crittografia", +"samlIDPMetaDataOptionsForceAuthn":"Forza l'autenticazione", +"samlIDPMetaDataOptionsForceUTF8":"Forza UTF-8", +"samlIDPMetaDataOptionsIcon":"Logo", +"samlIDPMetaDataOptionsIsPassive":"Autenticazione passiva", +"samlIDPMetaDataOptionsNameIDFormat":"Formato NameID", +"samlIDPMetaDataOptionsRelayStateURL":"Consenti l'URL come RelayState", +"samlIDPMetaDataOptionsRequestedAuthnContext":"Contesto di autenticazione richiesto", +"samlIDPMetaDataOptionsResolutionRule":"Regola di risoluzione", +"samlIDPMetaDataOptionsSLOBinding":"SLO vincolante", +"samlIDPMetaDataOptionsSSOBinding":"SSO vincolante", +"samlIDPMetaDataOptionsSecurity":"Sicurezza", +"samlIDPMetaDataOptionsSession":"Sessioni", +"samlIDPMetaDataOptionsSignSLOMessage":"Firma il messaggio SLO", +"samlIDPMetaDataOptionsSignSSOMessage":"Adatta la durata della sessione", +"samlIDPMetaDataOptionsSignature":"Firma", +"samlIDPMetaDataOptionsSignatureMethod":"Metodo di firma", +"samlIDPMetaDataOptionsSortNumber":"Ordine", +"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", +"samlIDPMetaDataOptionsUserAttribute":"Attributo che contiene l'identificatore dell'utente", +"samlIDPMetaDataXML":"Metadati", +"samlIDPName":"Nome di SAML IDP ", +"samlIDPSSODescriptor":"Provider di identità", +"samlIDPSSODescriptorArtifactResolutionService":"Risoluzione Artifact", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Servizio Artifact", +"samlIDPSSODescriptorSingleLogoutService":"Logout singolo", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorSingleSignOnService":"Singolo Sign On", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"Si desidera la richiesta di autenticazione firmata", +"samlMetadataForceUTF8":"Conversione metadati UTF8", +"samlNameIDFormatMap":"Formati NameID", +"samlNameIDFormatMapEmail":"E-mail", +"samlNameIDFormatMapKerberos":"Kerberos", +"samlNameIDFormatMapWindows":"Windows", +"samlNameIDFormatMapX509":"X509", +"samlOrganization":"Organizzazione", +"samlOrganizationDisplayName":"Visualizza nome", +"samlOrganizationName":"Nome", +"samlOrganizationURL":"URL", +"samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP", +"samlPartnerName":"Nome del partner SAML", +"samlRelayStateTimeout":"Timeout di sessione di RelayState", +"samlSP":"Provider del servizio SAML", +"samlSPMetaDataExportedAttributes":"Attributi esportati", +"samlSPMetaDataMacros":"Macro", +"samlSPMetaDataNodes":"Provider di servizi SAML", +"samlSPMetaDataOptions":"Opzioni", +"samlSPMetaDataOptionsAuthnLevel":"Livello di autenticazione", +"samlSPMetaDataOptionsAuthnResponse":"Risposta di autenticazione", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"Controllare la firma del messaggio SLO", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"Controllare la firma del messaggio SSO", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Abilitare l'utilizzo dell'URL IDP avviata ", +"samlSPMetaDataOptionsEncryptionMode":"Modalità di crittografia", +"samlSPMetaDataOptionsForceUTF8":"Forza UTF-8", +"samlSPMetaDataOptionsNameIDFormat":"Formato predefinito NameID", +"samlSPMetaDataOptionsNameIDSessionKey":"Forza la chiave di sessione NameID", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durata di notOnOrAfter ", +"samlSPMetaDataOptionsOneTimeUse":"Utilizzo unico", +"samlSPMetaDataOptionsRule":"Regola di accesso", +"samlSPMetaDataOptionsSecurity":"Sicurezza", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"Durata sessionNotOnOrAfter ", +"samlSPMetaDataOptionsSignSLOMessage":"Firma il messaggio SLO", +"samlSPMetaDataOptionsSignSSOMessage":"Firma il messaggio SSO", +"samlSPMetaDataOptionsSignature":"Firma", +"samlSPMetaDataOptionsSignatureMethod":"Metodo di firma", +"samlSPMetaDataXML":"Metadati", +"samlSPName":"Nome del provider del servizio SAML", +"samlSPSSODescriptor":"Fornitore di servizi", +"samlSPSSODescriptorArtifactResolutionService":"Risoluzione Artifact", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Servizio Artifact", +"samlSPSSODescriptorAssertionConsumerService":"Consumatore di asserzione", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorAuthnRequestsSigned":"Richiesta di autenticazione firmata", +"samlSPSSODescriptorSingleLogoutService":"Logout singolo", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorWantAssertionsSigned":"Si desiderano assertazioni firmate", +"samlServiceMetaData":"Servizio SAML 2", +"samlServicePrivateKeyEnc":"Chiave privata", +"samlServicePrivateKeyEncPwd":"Password chiave privata", +"samlServicePrivateKeySig":"Chiave privata", +"samlServicePrivateKeySigPwd":"Password della chiave privata", +"samlServicePublicKeyEnc":"Chiave pubblica", +"samlServicePublicKeySig":"Chiave pubblica", +"samlServiceSecurity":"Parametri di sicurezza", +"samlServiceSecurityEnc":"Crittografia", +"samlServiceSecuritySig":"Firma", +"samlServiceSignatureMethod":"Metodo di firma", +"samlServiceUseCertificateInResponse":"Utilizza il certificato nelle risposte", +"samlStorage":"Nome del modulo di sessioni SAML", +"samlStorageOptions":"Opzioni del modulo sessioni SAML", +"samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string", +"save":"Salva", +"saveReport":"Salva report", +"savingConfirmation":"Salvataggio della conferma", +"scope":"Ambito", +"search":"Cerca...", +"secondFactors":"Secondi fattori", +"securedCookie":"Cookie protetti (SSL)", +"security":"Sicurezza", +"sendTestMail":"Send test email", +"sendTestMailSuccess":"Test email successfully sent", +"serverError":"Errore del server", +"serverNotification":"Server", +"session":"sessione", +"sessionDataToRemember":"Dati di sessione da memorizzare", +"sessionDeleted":"La sessione è stata rimossa", +"sessionExpired":"La sessione è scaduta", +"sessionParams":"Sessioni", +"sessionStartedAt":"La sessione è stata avviata", +"sessionStorage":"Conservazione di sessioni", +"sessionTitle":"Contenuto della sessione", +"session_s":"sessione(i)", +"sessions":"Sessioni", +"sfExtra":"Additional second factors", +"sfManagerRule":"Display Manager link", +"sfOnlyUpgrade":"Use 2FA for session upgrade", +"sfRemovedMsg":"Display a message if an expired 2FA is removed", +"sfRemovedMsgRule":"Attivazione", +"sfRemovedNotifMsg":"Notification message", +"sfRemovedNotifRef":"Notification reference", +"sfRemovedNotifTitle":"Notification title", +"sfRemovedNotification":"Warn if an expired 2FA is removed", +"sfRemovedUseNotif":"Use Notifications plugin", +"sfRequired":"Force 2FA registration at login", +"sfaTitle":"Autenticazione a due fattori", +"show":"Mostra", +"showHelp":"Mostra aiuto", +"showLanguages":"Mostra la scelta delle lingue", +"singleIP":"One IP address per user", +"singleSession":"One session per user", +"singleUserByIP":"One user per IP address", +"skipRenewConfirmation":"Salta la conferma di re-auth", +"skipUpgradeConfirmation":"Skip upgrade confirmation", +"slaveAuthnLevel":"Livello di autenticazione", +"slaveDisplayLogo":"Display authentication logo", +"slaveExportedVars":"Variabili esportate", +"slaveHeaderContent":"Contenuto dell'intestazione di controllo", +"slaveHeaderName":"Nome dell'intestazione di controllo", +"slaveMasterIP":"Indirizzo IP del master", +"slaveParams":"Parametri di slave", +"slaveUserHeader":"Intestazione per login utente", "soapConfigServer":"Server di configurazione", "soapServices":"SOAP services", "soapSessionServer":"Server di sessione", "specialRule":"Regola speciale", -"SSLAuthnLevel":"Livello di autenticazione", "sslByAjax":"Utilizzare la richiesta Ajax", "sslHost":"URL di Ajax SSL", "sslParams":"Parametri SSL", -"SSLVar":"Campo certificato estratto", -"SSLVarIf":"Campo di certificato estratto condizionale", "ssoSessions":"Sessioni SSO", "stateCheck":"Controllo dello stato", "stayConnect":"Connessioni persistenti", "stayConnected":"Activation", "stayConnectedCookieName":"Nome del cookie", "stayConnectedTimeout":"Expiration time", -"successfullySaved":"Salvato con successo", "storePassword":"Memorizzare la password dell'utente nei dati di sessione", "string":"String", "subtitle":"Subtitle", "successLoginNumber":"Numero di login registrati", +"successfullySaved":"Salvato con successo", "sympaHandler":"Sympa", "sympaMailKey":"Chiave della sessione di posta", "sympaSecret":"Segreto condiviso", @@ -970,12 +1107,12 @@ "totp2f":"TOTP", "totp2fActivation":"Attivazione", "totp2fAuthnLevel":"Livello di autenticazione TOTP", -"totp2fLabel":"Label", -"totp2fLogo":"Logo", "totp2fDigits":"Numero di cifre", "totp2fDisplayExistingSecret":"Mostra segreto esistente", "totp2fInterval":"Intervallo", "totp2fIssuer":"Nome dell'emittente TOTP", +"totp2fLabel":"Label", +"totp2fLogo":"Logo", "totp2fRange":"Gamma di tentativi", "totp2fSelfRegistration":"Auto-registrazione", "totp2fTTL":"Lifetime", @@ -1004,20 +1141,20 @@ "unknownKey":"Chiave sconosciuta", "unsecuredCookie":"Cookie non protetto", "up":"Vai avanti", -"uploadDenied":"Carica negata", "upgradeSession":"Aggiornamento sessione", +"uploadDenied":"Carica negata", "uri":"URI", "url":"URL", "use":"Uso", -"user":"utente", -"users":"Utenti", -"userDB":"Modulo utenti", -"userdbOnly":"Solo DB utente", -"userControl":"Controllo nome utente", -"userPivot":"Nome campo di accesso nella tabella utente", "useRedirectOnError":"Redirect su errore", "useRedirectOnForbidden":"Redirect su proibito", "useSafeJail":"Utilizza Safe jail", +"user":"utente", +"userControl":"Controllo nome utente", +"userDB":"Modulo utenti", +"userPivot":"Nome campo di accesso nella tabella utente", +"userdbOnly":"Solo DB utente", +"users":"Utenti", "utotp2f":"TOTP-or-U2F", "utotp2fActivation":"Attivazione", "utotp2fAuthnLevel":"Livello di autenticazione", @@ -1025,10 +1162,10 @@ "utotp2fLogo":"Logo", "value":"Valore", "values":"Valori", -"variables":"Variabili", "variableName":"Variable name", -"verifyU2FKey":"Verifica la chiave U2F", +"variables":"Variabili", "verifyTOTPKey":"Verifica la chiave TOTP", +"verifyU2FKey":"Verifica la chiave U2F", "version":"Versioni", "vhostAccessToTrace":"Access to trace", "vhostAliases":"Alias", @@ -1044,24 +1181,24 @@ "virtualHost":"Virtual Host", "virtualHostName":"Hostname di Virtual host", "virtualHosts":"Virtual Hosts", +"waitOrF5":"Attendere reindirizzamento o premere F5", +"waitingForDatas":"In attesa di dati", "warning":"Avvertimento", "warnings":"Avvertimenti", -"waitingForDatas":"In attesa di dati", "webIDAuthnLevel":"Livello di autenticazione", "webIDExportedVars":"Variabili esportate", -"webidParams":"Parametri di WebID", "webIDWhitelist":"Whitelist WebID", -"waitOrF5":"Attendere reindirizzamento o premere F5", +"webidParams":"Parametri di WebID", "whatToTrace":"\nREMOTE_USER", "whiteList":"Lista bianca", "wsdlServer":"Server WSDL", "yubikey2f":"Yubikey", "yubikey2fActivation":"Attivazione", "yubikey2fAuthnLevel":"Livello di autenticazione", -"yubikey2fLabel":"Label", -"yubikey2fLogo":"Logo", "yubikey2fClientID":"ID client API", "yubikey2fFromSessionAttribute":"Get Yubikey ID from session attribute", +"yubikey2fLabel":"Label", +"yubikey2fLogo":"Logo", "yubikey2fNonce":"Nonce", "yubikey2fPublicIDSize":"Dimensione della parte ID OTP pubblica", "yubikey2fSecretKey":"Chiave segreta API", @@ -1069,143 +1206,5 @@ "yubikey2fTTL":"Lifetime", "yubikey2fUrl":"URL del servizio", "yubikey2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la Yubikey", -"zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo.", - -"saml":"SAML", -"samlAttribute":"Attributo SAML", -"samlDiscoveryProtocol":"Protocollo di scoperta", -"samlDiscoveryProtocolActivation":"Attivazione", -"samlDiscoveryProtocolIsPassive":"È passivo", -"samlDiscoveryProtocolPolicy":"Policy", -"samlDiscoveryProtocolURL":"URL EndPoint ", -"samlNameIDFormatMap":"Formati NameID", -"samlNameIDFormatMapEmail":"E-mail", -"samlNameIDFormatMapX509":"X509", -"samlNameIDFormatMapWindows":"Windows", -"samlNameIDFormatMapKerberos":"Kerberos", -"samlIDP":"Provider di identità SAML", -"samlIDPMetaDataNodes":"Provider di identità SAML", -"samlIDPMetaDataXML":"Metadati", -"samlIDPMetaDataExportedAttributes":"Attributi esportati", -"samlIDPMetaDataOptions":"Opzioni", -"samlIDPMetaDataOptionsNameIDFormat":"Formato NameID", -"samlIDPMetaDataOptionsForceAuthn":"Forza l'autenticazione", -"samlIDPMetaDataOptionsIsPassive":"Autenticazione passiva", -"samlIDPMetaDataOptionsAllowProxiedAuthn":"Consenti l'autenticazione proxied", -"samlIDPMetaDataOptionsAllowLoginFromIDP":"Consenti l'accesso da IDP", -"samlIDPMetaDataOptionsAdaptSessionUtime":"Adatta la durata della sessione", -"samlIDPMetaDataOptionsSignSSOMessage":"Adatta la durata della sessione", -"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Controllare la firma del messaggio SSO", -"samlIDPMetaDataOptionsSignSLOMessage":"Firma il messaggio SLO", -"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Controllare la firma del messaggio SLO", -"samlIDPMetaDataOptionsSSOBinding":"SSO vincolante", -"samlIDPMetaDataOptionsSLOBinding":"SLO vincolante", -"samlIDPMetaDataOptionsResolutionRule":"Regola di risoluzione", -"samlIDPMetaDataOptionsRequestedAuthnContext":"Contesto di autenticazione richiesto", -"samlIDPMetaDataOptionsForceUTF8":"Forza UTF-8", -"samlIDPMetaDataOptionsEncryptionMode":"Modalità di crittografia", -"samlIDPMetaDataOptionsCheckTime":"Controllare le condizioni del tempo", -"samlIDPMetaDataOptionsCheckAudience":"Controllare le condizioni del pubblico", -"samlIDPMetaDataOptionsAuthnRequest":"Richiesta di autenticazione", -"samlIDPMetaDataOptionsSession":"Sessioni", -"samlIDPMetaDataOptionsSignature":"Firma", -"samlIDPMetaDataOptionsSignatureMethod":"Metodo di firma", -"samlIDPMetaDataOptionsBinding":"Vincolante", -"samlIDPMetaDataOptionsDisplay":" Visualizza ", -"samlIDPMetaDataOptionsDisplayName":"Nome da visualizzare", -"samlIDPMetaDataOptionsDisplayParams":" Visualizza ", -"samlIDPMetaDataOptionsIcon":"Logo", -"samlIDPMetaDataOptionsSecurity":"Sicurezza", -"samlIDPMetaDataOptionsSortNumber":"Ordine", -"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", -"samlIDPMetaDataOptionsRelayStateURL":"Consenti l'URL come RelayState", -"samlIDPMetaDataOptionsUserAttribute":"Attributo che contiene l'identificatore dell'utente", -"samlSPMetaDataNodes":"Provider di servizi SAML", -"samlSPMetaDataXML":"Metadati", -"samlSPMetaDataExportedAttributes":"Attributi esportati", -"samlSPMetaDataOptions":"Opzioni", -"samlSPMetaDataOptionsNameIDFormat":"Formato predefinito NameID", -"samlSPMetaDataOptionsOneTimeUse":"Utilizzo unico", -"samlSPMetaDataOptionsSignSSOMessage":"Firma il messaggio SSO", -"samlSPMetaDataOptionsCheckSSOMessageSignature":"Controllare la firma del messaggio SSO", -"samlSPMetaDataOptionsSignSLOMessage":"Firma il messaggio SLO", -"samlSPMetaDataOptionsCheckSLOMessageSignature":"Controllare la firma del messaggio SLO", -"samlSPMetaDataOptionsEncryptionMode":"Modalità di crittografia", -"samlSPMetaDataOptionsAuthnResponse":"Risposta di autenticazione", -"samlSPMetaDataOptionsSignature":"Firma", -"samlSPMetaDataOptionsSignatureMethod":"Metodo di firma", -"samlSPMetaDataOptionsSecurity":"Sicurezza", -"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Abilitare l'utilizzo dell'URL IDP avviata ", -"samlSPMetaDataOptionsNameIDSessionKey":"Forza la chiave di sessione NameID", -"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"Durata sessionNotOnOrAfter ", -"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durata di notOnOrAfter ", -"samlSPMetaDataOptionsForceUTF8":"Forza UTF-8", -"samlSPMetaDataOptionsAuthnLevel":"Livello di autenticazione", -"samlSPMetaDataOptionsRule":"Regola di accesso", -"samlSPMetaDataMacros":"Macro", -"samlIDPName":"Nome di SAML IDP ", -"samlServiceMetaData":"Servizio SAML 2", -"samlEntityID":"Identificatore dell'entità", -"samlOrganization":"Organizzazione", -"samlOrganizationDisplayName":"Visualizza nome", -"samlOrganizationName":"Nome", -"samlOrganizationURL":"URL", -"samlSP":"Provider del servizio SAML", -"samlSPName":"Nome del provider del servizio SAML", -"samlSPSSODescriptor":"Fornitore di servizi", -"samlSPSSODescriptorAuthnRequestsSigned":"Richiesta di autenticazione firmata", -"samlSPSSODescriptorWantAssertionsSigned":"Si desiderano assertazioni firmate", -"samlSPSSODescriptorSingleLogoutService":"Logout singolo", -"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlSPSSODescriptorAssertionConsumerService":"Consumatore di asserzione", -"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", -"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", -"samlSPSSODescriptorArtifactResolutionService":"Risoluzione Artifact", -"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Servizio Artifact", -"samlIDPSSODescriptor":"Provider di identità", -"samlIDPSSODescriptorWantAuthnRequestsSigned":"Si desidera la richiesta di autenticazione firmata", -"samlIDPSSODescriptorSingleSignOnService":"Singolo Sign On", -"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", -"samlIDPSSODescriptorSingleLogoutService":"Logout singolo", -"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", -"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", -"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", -"samlIDPSSODescriptorArtifactResolutionService":"Risoluzione Artifact", -"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Servizio Artifact", -"samlAttributeAuthorityDescriptor":"Autorità di attributo", -"samlAttributeAuthorityDescriptorAttributeService":"Servizio di attributo", -"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", -"samlServiceSecurity":"Parametri di sicurezza", -"samlServiceSecuritySig":"Firma", -"samlServiceSecurityEnc":"Crittografia", -"samlServicePrivateKeySig":"Chiave privata", -"samlServicePrivateKeySigPwd":"Password della chiave privata", -"samlServicePublicKeySig":"Chiave pubblica", -"samlServicePrivateKeyEnc":"Chiave privata", -"samlServicePrivateKeyEncPwd":"Password chiave privata", -"samlServicePublicKeyEnc":"Chiave pubblica", -"samlServiceSignatureMethod":"Metodo di firma", -"samlServiceUseCertificateInResponse":"Utilizza il certificato nelle risposte", -"samlAdvanced":"Avanzato", -"samlPartnerName":"Nome del partner SAML", -"samlMetadataForceUTF8":"Conversione metadati UTF8", -"samlStorage":"Nome del modulo di sessioni SAML", -"samlStorageOptions":"Opzioni del modulo sessioni SAML", -"samlAuthnContextMap":"Contesti di autenticazione", -"samlAuthnContextMapPassword":"Password", -"samlAuthnContextMapPasswordProtectedTransport":"Trasporto protetto da password", -"samlAuthnContextMapTLSClient":"Client TLS", -"samlAuthnContextMapKerberos":"Kerberos", -"samlCommonDomainCookie":"Dominio Cookie Comune", -"samlCommonDomainCookieActivation":"Attivazione", -"samlCommonDomainCookieDomain":"Dominio comune", -"samlCommonDomainCookieReader":"URL del lettore", -"samlCommonDomainCookieWriter":"URL dell'autore", -"samlRelayStateTimeout":"Timeout di sessione di RelayState", -"samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string", -"samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP" +"zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo." } diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json index 3df7534d01..156633445f 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json @@ -1,5 +1,26 @@ { "/doc/":"/doc/", +"2faSessions":"Eksplorator sesji 2ndFA", +"2ndFA":"Drugie czynniki", +"ADPwdExpireWarning":"Ostrzeżenie o wygaśnięciu hasła", +"ADPwdMaxAge":"Maksymalny czas ważności hasła", +"AuthLDAPFilter":"Filtr uwierzytelnienia", +"Configuration":"Konfiguracja", +"CrowdSecPlugin":"CrowdSec Bouncer", +"LDAPFilter":"Domyślny filtr", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Opcjonalny tytuł", +"SMTP":"SMTP", +"SMTPAuthPass":"Hasło SMTP", +"SMTPAuthUser":"Użytkownik SMTP", +"SMTPPort":"Port SMTP", +"SMTPServer":"Serwer SMTP", +"SMTPTLS":"Protokół SSL/TLS", +"SMTPTLSOpts":"Opcje SSL/TLS", +"SSLAuthnLevel":"Poziom uwierzytelnienia", +"SSLVar":"Wyodrębnione pole certyfikatu", +"SSLVarIf":"Warunkowe wyodrębnione pole certyfikatu", +"Same":"Podobnie", "_auth":"Uwierzytelnianie", "_authChoice":"Wybór uwierzytelnienia", "_idp":"IDP EntityID", @@ -10,9 +31,9 @@ "_lastAuthnUTime":"Znacznik czasu uwierzytelnienia", "_lastSeen":"Znacznik czasu ostatniej aktywności", "_loginHistory":"Historia logowania", +"_oidc_OP":"Klucz dostawcy", "_oidc_access_token":"Token dostępowy", "_oidc_id_token":"Token identyfikacyjny", -"_oidc_OP":"Klucz dostawcy", "_password":"Hasło", "_passwordDB":"Hasło", "_samlToken":"Token SAML", @@ -20,42 +41,38 @@ "_startTime":"Data utworzenia", "_timezone":"Strefa czasowa", "_updateTime":"Data aktualizacji", +"_url":"Adres URL pochodzenia", "_user":"Zaloguj się", "_userDB":"Użytkownik", -"_url":"Adres URL pochodzenia", "_utime":"Sygnatura czasowa sesji", -"2faSessions":"Eksplorator sesji 2ndFA", -"2ndFA":"Drugie czynniki", -"actives":"Włączone", "activeTimer":"Czas automatycznej akceptacji", +"actives":"Włączone", +"adParams":"Parametry usługi Active Directory", "adaptativeAuthenticationLevelRules":"Adaptacyjne reguły uwierzytelniania", "addAppCasPartner":"Dodaj aplikację CAS", "addIDPSamlPartner":"Dodaj SAML IDP", "addOidcAttribute":"Dodaj atrybut", "addOidcOp":"Dodaj dostawcę OpenID Connect", "addOidcRp":"Dodaj stronę zależną OpenID", -"addSamlAttribute":"Dodaj atrybut", "addSPSamlPartner":"Dodaj SAML SP", +"addSamlAttribute":"Dodaj atrybut", "addSrvCasPartner":"Dodaj serwer CAS", -"addU2FKey":"Dodaj klucz U2F", "addTOTPKey":"Dodaj klucz TOTP", +"addU2FKey":"Dodaj klucz U2F", "addVhost":"Dodaj virtualhost", -"adParams":"Parametry usługi Active Directory", -"ADPwdExpireWarning":"Ostrzeżenie o wygaśnięciu hasła", -"ADPwdMaxAge":"Maksymalny czas ważności hasła", "advancedParams":"Zaawansowane parametry", "allowedMarkups":"Dozwolone znaczniki:", "always":"Zawsze", -"apacheParams":"Parametry Apache", "apacheAuthnLevel":"Poziom uwierzytelnienia", +"apacheParams":"Parametry Apache", "application":"Aplikacja", "applicationDisplay":"Wyświetlanie aplikacji", "applicationList":"Kategorie i aplikacje", "applyResult":"Zastosuj wynik", "appsInThisCat":"Aplikacje w tej kategorii", "array":"Tablica", -"attributesAndMacros":"Atrybuty i Makra", "attributeName":"Nazwa atrybutu", +"attributesAndMacros":"Atrybuty i Makra", "authAndUserdb":"Authz i baza danych użytkownika", "authChain":"Łańcuch uwierzytelnienia", "authChoice":"Wybór uwierzytelnienia", @@ -63,16 +80,15 @@ "authChoiceFindUser":"Parametr wtyczki FindUser", "authChoiceModules":"Dozwolone moduły", "authChoiceParam":"Parametr adresu URL", +"authOnly":"Tylko uwierzytelnianie", +"authParams":"Parametry uwierzytelnienia", "authentication":"Moduł uwierzytelnienia", -"authenticationNeeded":"Wymagane uwierzytelnienie", "authenticationLevel":"Poziom uwierzytelnienia", +"authenticationNeeded":"Wymagane uwierzytelnienie", "authenticationTitle":"Uwierzytelnianie", -"AuthLDAPFilter":"Filtr uwierzytelnienia", -"authOnly":"Tylko uwierzytelnianie", "author":"Autor", "authorIPAddress":"Adres IP autora", "authorizedValues":"Dopuszczalne wartości", -"authParams":"Parametry uwierzytelnienia", "auto":"Automatycznie", "autoSignin":"Zaloguj się automatycznie", "autoSigninRules":"Zasady", @@ -88,9 +104,9 @@ "badExpressionAssignment":"Wyrażenie zawierające przypisanie. Możesz użyć \\ x3D, aby uniknąć tego ostrzeżenia.", "badHeaderName":"Błędna nazwa nagłówka", "badHostname":"Błędna nazwa hosta", -"badLdapUri":"Błędny identyfikator URI LDAP", -"badKeyName":"Błędna nazwa klucza", "badIPv4Address":"Błędny adres IPv4", +"badKeyName":"Błędna nazwa klucza", +"badLdapUri":"Błędny identyfikator URI LDAP", "badMacroName":"Błędna nazwa makra", "badMetadataName":"Błędna nazwa metadanych", "badPemEncoding":"Błędne kodowanie PEM", @@ -104,17 +120,17 @@ "blackList":"Czarna lista", "bool":"Boolean", "browse":"Przeglądaj", -"browsersDontStorePassword":"Zabroń przeglądarkom przechowywać hasła użytkowników", +"browseTree":"Przeglądaj drzewo", "browserIdAuthnLevel":"Poziom uwierzytelnienia", "browserIdAutoLogin":"Automatyczne logowanie", "browserIdBackgroundColor":"Kolor tła", -"browseridParams":"BrowserIDParams", "browserIdSiteLogo":"Logo serwisu", "browserIdSiteName":"Nazwa serwisu", "browserIdVerificationURL":"Weryfikacyjny adres URL", -"browseTree":"Przeglądaj drzewo", -"bruteForceProtection":"Aktywacja", +"browseridParams":"BrowserIDParams", +"browsersDontStorePassword":"Zabroń przeglądarkom przechowywać hasła użytkowników", "bruteForceAttackProtection":"Ochrona przed atakiem siłowym", +"bruteForceProtection":"Aktywacja", "bruteForceProtectionIncrementalTempo":"Blokada przyrostowa", "bruteForceProtectionLockTimes":"Przyrostowe czasy blokady", "bruteForceProtectionMaxFailed":"Dozwolone nieudane logowania", @@ -124,124 +140,123 @@ "captcha_mail_enabled":"Aktywacja przy resetowaniu hasła za pomocą formularza pocztowego", "captcha_register_enabled":"Aktywacja w formularzu rejestracji", "captcha_size":"Rozmiar", -"casAuthnLevel":"Poziom uwierzytelnienia", "casAccessControlPolicy":"Polityka kontroli dostępu", "casApp":"Aplikacja CAS", "casAppMetaDataExportedVars":"Wyeksportowane atrybuty", +"casAppMetaDataMacros":"Makra", "casAppMetaDataNodes":"Aplikacje CAS", "casAppMetaDataOptions":"Opcje", -"casAppMetaDataOptionsService":"URL usługi", "casAppMetaDataOptionsAuthnLevel":"Poziom uwierzytelnienia", "casAppMetaDataOptionsRule":"Reguła", -"casAppMetaDataMacros":"Makra", +"casAppMetaDataOptionsService":"URL usługi", "casAppMetaDataOptionsUserAttribute":"Atrybut użytkownika", "casAppName":"Nazwa aplikacji CAS", "casAttr":"Login CAS", "casAttributes":"Wyeksportowane atrybuty CAS", +"casAuthnLevel":"Poziom uwierzytelnienia", "casParams":"Parametry CAS", "casServiceMetadata":"Usługa CAS", "casSrv":"Serwer CAS", "casSrvMetaDataExportedVars":"Wyeksportowane atrybuty", +"casSrvMetaDataNodes":"Serwery CAS", "casSrvMetaDataOptions":"Opcje", "casSrvMetaDataOptionsDisplay":"Wyświetl", "casSrvMetaDataOptionsDisplayName":"Nazwa do wyświetlenia", "casSrvMetaDataOptionsGateway":"Uwierzytelnianie bramy", "casSrvMetaDataOptionsIcon":"Ścieżka ikony", -"casSrvMetaDataOptionsSortNumber":"Kolejność", -"casSrvMetaDataOptionsRenew":"Odnów uwierzytelnianie", "casSrvMetaDataOptionsProxiedServices":"Usługi proxy", +"casSrvMetaDataOptionsRenew":"Odnów uwierzytelnianie", +"casSrvMetaDataOptionsSortNumber":"Kolejność", "casSrvMetaDataOptionsUrl":"URL serwera", -"casSrvMetaDataNodes":"Serwery CAS", "casSrvName":"Nazwa serwera CAS", "casStorage":"Nazwa modułu sesji CAS", "casStorageOptions":"Opcje modułu sesji CAS", "categoryName":"Nazwa Kategorii", "cda":"Wiele domen", "certificateMailContent":"Treść wiadomości", -"certificateResetByMailManagement":"Zarządzanie certyfikatami", -"certificateResetByMailURL":"Zresetuj adres URL strony", "certificateResetByMailCeaAttribute":"Nazwa atrybutu Dokładne potwierdzenie certyfikatu", "certificateResetByMailCertificateAttribute":"Nazwa atrybutu treści binarnej certyfikatu", -"certificateResetByMailStep1Subject":"Zresetuj temat wiadomości", +"certificateResetByMailManagement":"Zarządzanie certyfikatami", "certificateResetByMailStep1Body":"Zresetuj zawartość poczty", -"certificateResetByMailStep2Subject":"Temat wiadomości potwierdzającej", +"certificateResetByMailStep1Subject":"Zresetuj temat wiadomości", "certificateResetByMailStep2Body":"Treść wiadomości potwierdzającej", +"certificateResetByMailStep2Subject":"Temat wiadomości potwierdzającej", +"certificateResetByMailURL":"Zresetuj adres URL strony", "certificateResetByMailValidityDelay":"Minimalny czas do wygaśnięcia", -"contentSecurityPolicy":"Polityka bezpieczeństwa treści", -"contextSwitching":"Przełącz kontekst innego użytkownika", -"contextSwitchingAllowed2fModifications":"Zezwalaj na modyfikacje 2FA", -"contextSwitchingHiddenAttributes":"Ukryte atrybuty", -"contextSwitchingIdRule":"Reguła korzystania z tożsamości", -"contextSwitchingRule":"Użyj reguły", -"contextSwitchingStopWithLogout":"Zatrzymaj przez wylogowanie", -"contextSwitchingUnrestrictedUsersRule":"Reguła nieograniczonych użytkowników", -"cspConnect":"Miejsca docelowe Ajax", -"cspDefault":"Domyślna wartość", -"cspFont":"Źródło czcionek", -"cspFormAction":"Formularz miejsc docelowych", -"cspFrameAncestors":"Adres URL przodków ramki", -"cspImg":"Źródło obrazu", -"cspScript":"Źródło skryptu", -"cspStyle":"Źródło stylu", -"crossOrigineResourceSharing":"Udostępnianie zasobów między źródłami", -"corsEnabled":"Aktywacja", -"corsAllow_Credentials":"Access-Control-Allow-Credentials", -"corsAllow_Headers":"Access-Control-Allow-Headers", -"corsAllow_Methods":"Access-Control-Allow-Methods", -"corsAllow_Origin":"Access-Control-Allow-Origin", -"corsExpose_Headers":"Access-Control-Expose-Headers", -"corsMax_Age":"Access-Control-Max-Age", "cfgLog":"Podsumowanie", "cfgVersion":"Wersja konfiguracji", -"checkXSS":"Sprawdź ataki XSS", -"clickHereToForce":"Kliknij tutaj, aby wymusić", -"claimName":"Nazwa roszczenia", -"checkboxes":"Pola wyboru", "checkDevOps":"Activation", "checkDevOpsDownload":"Download file", "checkState":"Aktywacja", "checkStateSecret":"Współdzielony sekret", -"checkUsers":"Sprawdź Profil SSO", "checkUser":"Aktywacja", "checkUserDisplay":"Wyświetl", -"checkUserIdRule":"Reguła korzystania z tożsamości", -"checkUserHiddenAttributes":"Ukryte atrybuty", -"checkUserUnrestrictedUsersRule":"Reguła nieograniczonych użytkowników", "checkUserDisplayComputedSession":"Sesje obliczane", -"checkUserDisplayPersistentInfo":"Trwałe dane sesji", "checkUserDisplayEmptyHeaders":"Puste nagłówki", "checkUserDisplayEmptyValues":"Puste wartości", "checkUserDisplayNormalizedHeaders":"Znormalizowane nagłówki", +"checkUserDisplayPersistentInfo":"Trwałe dane sesji", +"checkUserHiddenAttributes":"Ukryte atrybuty", "checkUserHiddenHeaders":"Ukryte nagłówki", +"checkUserIdRule":"Reguła korzystania z tożsamości", "checkUserSearchAttributes":"Atrybuty używane do wyszukiwania sesji", +"checkUserUnrestrictedUsersRule":"Reguła nieograniczonych użytkowników", +"checkUsers":"Sprawdź Profil SSO", +"checkXSS":"Sprawdź ataki XSS", +"checkboxes":"Pola wyboru", "choiceParams":"Parametry wyboru", "chooseLogo":"Wybierz logo", "chooseSkin":"Wybierz skórkę", +"claimName":"Nazwa roszczenia", +"clickHereToForce":"Kliknij tutaj, aby wymusić", +"combModules":"Lista modułów", "combination":"Kombinacja", "combinationParams":"Parametry kombinacji", "combineMods":"Kombinacja modułów", -"combModules":"Lista modułów", "comment":"Komentarz", "comments":"Komentarze", +"compactConf":"Kompaktuj plik konfiguracyjny", "condition":"Warunek", "conf":"Konfiguracja", -"Configuration":"Konfiguracja", -"confirmFormMethod":"Metoda potwierdzenia formularza", "confModuledeprecated":"Ten moduł jest przestarzały, ustaw „forceUpload=1” w lemonldap-ng.ini, aby go używać", "confNotChanged":"Nie wykryto żadnych zmian, zapisywanie przerwane", "confSaved":"Konfiguracja zapisana", "confWasChanged":"Konfiguracja została zmieniona", +"confirmFormMethod":"Metoda potwierdzenia formularza", "connectionTitle":"Połączenie", "content":"Zawartość", +"contentSecurityPolicy":"Polityka bezpieczeństwa treści", +"contextSwitching":"Przełącz kontekst innego użytkownika", +"contextSwitchingAllowed2fModifications":"Zezwalaj na modyfikacje 2FA", +"contextSwitchingHiddenAttributes":"Ukryte atrybuty", +"contextSwitchingIdRule":"Reguła korzystania z tożsamości", +"contextSwitchingRule":"Użyj reguły", +"contextSwitchingStopWithLogout":"Zatrzymaj przez wylogowanie", +"contextSwitchingUnrestrictedUsersRule":"Reguła nieograniczonych użytkowników", "cookieExpiration":"Czas ważności pliku cookie", "cookieName":"Nazwa ciasteczka", "cookieParams":"Pliki cookie", +"corsAllow_Credentials":"Access-Control-Allow-Credentials", +"corsAllow_Headers":"Access-Control-Allow-Headers", +"corsAllow_Methods":"Access-Control-Allow-Methods", +"corsAllow_Origin":"Access-Control-Allow-Origin", +"corsEnabled":"Aktywacja", +"corsExpose_Headers":"Access-Control-Expose-Headers", +"corsMax_Age":"Access-Control-Max-Age", "create":"Stwórz", +"crossOrigineResourceSharing":"Udostępnianie zasobów między źródłami", "crowdsec":"Activation", "crowdsecAction":"Action", "crowdsecKey":"API key", -"CrowdSecPlugin":"CrowdSec Bouncer", "crowdsecUrl":"Base URL of local API", +"cspConnect":"Miejsca docelowe Ajax", +"cspDefault":"Domyślna wartość", +"cspFont":"Źródło czcionek", +"cspFormAction":"Formularz miejsc docelowych", +"cspFrameAncestors":"Adres URL przodków ramki", +"cspImg":"Źródło obrazu", +"cspScript":"Źródło skryptu", +"cspStyle":"Źródło stylu", "currentConfiguration":"Aktualna konfiguracja", "customAddParams":"Dodatkowe parametry", "customAuth":"Niestandardowy moduł uwierzytelniania", @@ -257,21 +272,23 @@ "customResetCertByMail":"Niestandardowy moduł CertificateResetByMail", "customToTrace":"REMOTE_CUSTOM", "customUserDB":"Niestandardowy moduł DB użytkownika", +"databaseLocked":"Baza danych zablokowana przez inny proces", "date":"Data", +"dateTitle":"Daty", "dbiAuthChain":"Łańcuch", "dbiAuthLoginCol":"Nazwa pola logowania", -"dbiAuthnLevel":"Poziom uwierzytelnienia", "dbiAuthPassword":"Hasło", "dbiAuthPasswordCol":"Nazwa pola hasła", "dbiAuthPasswordHash":"Schemat haszowania", -"dbiDynamicHash":"dynamiczne haszowanie", -"dbiDynamicHashEnabled":"aktywacja dynamicznego haszowania", -"dbiDynamicHashValidSchemes":"Obsługiwane niesolone schematy", -"dbiDynamicHashValidSaltedSchemes":"Obsługiwane solone schematy", -"dbiDynamicHashNewPasswordScheme":"Dynamiczny schemat haszowania dla nowych haseł", "dbiAuthTable":"Tabela uwierzytelniania", "dbiAuthUser":"Użytkownik", +"dbiAuthnLevel":"Poziom uwierzytelnienia", "dbiConnection":"Połączenie", +"dbiDynamicHash":"dynamiczne haszowanie", +"dbiDynamicHashEnabled":"aktywacja dynamicznego haszowania", +"dbiDynamicHashNewPasswordScheme":"Dynamiczny schemat haszowania dla nowych haseł", +"dbiDynamicHashValidSaltedSchemes":"Obsługiwane solone schematy", +"dbiDynamicHashValidSchemes":"Obsługiwane niesolone schematy", "dbiExportedVars":"Wyeksportowane zmienne", "dbiParams":"Parametry DBI", "dbiPassword":"Hasło", @@ -283,31 +300,29 @@ "decryptValueRule":"Użyj reguły", "default":"Domyślnie", "defaultRule":"Domyślna reguła", -"demoModeOn":"Ten menedżer działa w trybie demonstracyjnym", "deleteEntry":"Usuń", "deleteNotification":"Usuń", "deleteSession":"Usuń sesję", -"deleteU2FKey":"Usuń klucz U2F", "deleteTOTPKey":"Usuń klucz TOTP", +"deleteU2FKey":"Usuń klucz U2F", "demoExportedVars":"Wyeksportowane zmienne", +"demoModeOn":"Ten menedżer działa w trybie demonstracyjnym", "demoParams":"Parametry demonstracyjne", "description":"Opis", "dest":"Odbiorca", -"diffViewer":"Przeglądarka różnic", "devOpsCheck":"Check DevOps handler file", +"diffViewer":"Przeglądarka różnic", "diffWithPrevious":"różnica w stosunku do poprzednich", +"disablePersistentStorage":"Wyłącz przechowywanie", "disabled":"Wyłączone", "displaySessionId":"Wyświetl identyfikator sesji", +"dn":"DN", +"domain":"Domena", "done":"wykonane", "dones":"Wykonane", -"down":"Przejdź w dół", "doubleCookie":"Podwójne ciasteczko (HTTP i HTTPS)", "doubleCookieForSingleSession":"Podwójne ciasteczko dla jednej sesji", -"databaseLocked":"Baza danych zablokowana przez inny proces", -"dateTitle":"Daty", -"dn":"DN", -"domain":"Domena", -"compactConf":"Kompaktuj plik konfiguracyjny", +"down":"Przejdź w dół", "download":"Pobieranie", "downloadIt":"Pobierz to", "duplicate":"Zduplikuj", @@ -316,21 +331,20 @@ "emptyConf":"Pusta konfiguracja", "emptyValueNotAllowed":"Pusta wartość jest niedozwolona", "enabled":"Włączone", -"disablePersistentStorage":"Wyłącz przechowywanie", "enterPassword":"Wpisz hasło (opcjonalnie)", "error":"Błąd", "errors":"BŁĘDY", "exportedAttr":"Wyeksportowane atrybuty SOAP/REST", "exportedHeaders":"Wyeksportowane nagłówki", "exportedVars":"Wyeksportowane zmienne", +"ext2FSendCommand":"Wyślij polecenie", +"ext2FValidateCommand":"Komenda sprawdzania poprawności", "ext2f":"Zewnętrzny drugi czynnik", "ext2fActivation":"Aktywacja", -"ext2fCodeActivation":"Wyrażenie regularne kodu", "ext2fAuthnLevel":"Poziom uwierzytelnienia", +"ext2fCodeActivation":"Wyrażenie regularne kodu", "ext2fLabel":"Etykieta", "ext2fLogo":"Logo", -"ext2FSendCommand":"Wyślij polecenie", -"ext2FValidateCommand":"Komenda sprawdzania poprawności", "facebookAppId":"Identyfikator aplikacji na Facebooku", "facebookAppSecret":"Sekret aplikacji na Facebooku", "facebookAuthnLevel":"Poziom uwierzytelnienia", @@ -340,16 +354,16 @@ "failedLoginNumber":"Liczba zarejestrowanych nieudanych prób logowania", "fileToUpload":"Plik do przesłania", "findUser":"Aktywacja", -"findUsers":"Wyszukaj konto użytkownika", "findUserControl":"Kontrola parametrów", "findUserExcludingAttributes":"Z wyłączeniem atrybutów", "findUserSearchingAttributes":"Wyszukiwanie atrybutów", "findUserWildcard":"Znak używany jako symbol wieloznaczny", +"findUsers":"Wyszukaj konto użytkownika", "forbidden":"Nie masz uprawnień do wyświetlania tej strony", "forceSave":"Wymuś zapis", -"format":"Format", "formReplay":"Powtórzenie formularza", "formTimeout":"Limit czasu formularza", +"format":"Format", "forms":"Formularze", "friendlyName":"Przyjazna nazwa", "generalParameters":"Ogólne parametry", @@ -371,72 +385,73 @@ "grantSessionRules":"Warunki otwarcia", "groups":"Grupy", "groupsBeforeMacros":"Oblicz grupy przed makrami", +"hGroups":"Grupy (HashRef)", "hashkey":"Klucz", "headers":"Nagłówki HTTP", -"hGroups":"Grupy (HashRef)", -"hostname":"Nazwa hosta", "hiddenAttributes":"Ukryte atrybuty", "hide":"Ukryj", "hideHelp":"Ukryj pomoc", "hideOldPassword":"Ukryj stare hasło", "hideTree":"Ukryj drzewo", +"hostname":"Nazwa hosta", "httpOnly":"Ochrona JavaScript", "https":"HTTPS", "impersonation":"Personifikacja", -"impersonationRule":"Użyj reguły", -"impersonationIdRule":"Reguła korzystania z tożsamości", "impersonationHiddenAttributes":"Ukryte atrybuty", +"impersonationIdRule":"Reguła korzystania z tożsamości", "impersonationMergeSSOgroups":"Scal sfałszowane i prawdziwe grupy jednokrotnego logowania", +"impersonationRule":"Użyj reguły", "impersonationSkipEmptyValues":"Pomiń puste wartości", "impersonationUnrestrictedUsersRule":"Reguła nieograniczonych użytkowników", "incompleteForm":"Brak wymaganych pól", "index":"Indeks", "infoFormMethod":"Metoda dla formularza informacyjnego", -"invalidSessionData":"Nieprawidłowe dane sesji", +"instance":"Instancja", "int":"Liczba całkowita", "internalReference":"Referencja wewnętrzna", +"invalidSessionData":"Nieprawidłowe dane sesji", "ipAddr":"Adres IP", "ipAddresses":"Adresy IP", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Aktywacja", +"issuerDBCASOptions":"Opcje", +"issuerDBCASPath":"Ścieżka", +"issuerDBCASRule":"Użyj reguły", "issuerDBGet":"GET", "issuerDBGetActivation":"Aktywacja", "issuerDBGetParameters":"Parametry GET", "issuerDBGetPath":"Ścieżka", "issuerDBGetRule":"Użyj reguły", -"issuerDBSAML":"SAML", -"issuerDBSAMLActivation":"Aktywacja", -"issuerDBSAMLPath":"Ścieżka", -"issuerDBSAMLRule":"Użyj reguły", -"issuerDBCAS":"CAS", -"issuerDBCASActivation":"Aktywacja", -"issuerDBCASPath":"Ścieżka", -"issuerDBCASRule":"Użyj reguły", -"issuerDBCASOptions":"Opcje", "issuerDBOpenID":"OpenID", "issuerDBOpenIDActivation":"Aktywacja", -"issuerDBOpenIDPath":"Ścieżka", -"issuerDBOpenIDRule":"Użyj reguły", -"issuerDBOpenIDOptions":"Opcje", "issuerDBOpenIDConnect":"OpenID Connect", "issuerDBOpenIDConnectActivation":"Aktywacja", "issuerDBOpenIDConnectPath":"Ścieżka", "issuerDBOpenIDConnectRule":"Użyj reguły", +"issuerDBOpenIDOptions":"Opcje", +"issuerDBOpenIDPath":"Ścieżka", +"issuerDBOpenIDRule":"Użyj reguły", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Aktywacja", +"issuerDBSAMLPath":"Ścieżka", +"issuerDBSAMLRule":"Użyj reguły", "issuerOptions":"Opcje", "issuerParams":"Moduły wystawcy", "issuersTimeout":"Limit czasu wystawców", -"jsRedirect":"Komunikat o przekierowaniu", "jqueryButtonSelector":"Przycisk wyboru jQuery (opcjonalnie)", "jqueryFormSelector":"Selektor formularzy jQuery (opcjonalnie)", "jqueryUrl":"jQuery URL (opcjonalnie)", +"jsRedirect":"Komunikat o przekierowaniu", +"kerberosParams":"Parametry Kerberos", "key":"Klucz szyfrujący", -"keys":"Klucze", -"keyname":"Nazwa klucza", "keyPassword":"Hasło klucza", +"keyname":"Nazwa klucza", +"keys":"Klucze", +"krbAllowedDomains":"Dozwolone domeny", "krbAuthnLevel":"Poziom uwierzytelniania Kerberos", "krbByJs":"Użyj żądania Ajax", "krbKeytab":"plik keytab", "krbRemoveDomain":"Usuń domenę z nazwy użytkownika Kerberos", -"krbAllowedDomains":"Dozwolone domeny", -"kerberosParams":"Parametry Kerberos", "label":"Etykieta", "languages":"Języki", "latest":"Najnowszy", @@ -450,7 +465,6 @@ "ldapConnection":"Połączenie", "ldapExportedVars":"Wyeksportowane zmienne", "ldapFilters":"Filtry", -"LDAPFilter":"Domyślny filtr", "ldapGetUserBeforePasswordChange":"Wyszukaj użytkownika przed zmianą hasła", "ldapGroupAttributeName":"Atrybut docelowy", "ldapGroupAttributeNameGroup":"Atrybut źródła grupy", @@ -461,20 +475,20 @@ "ldapGroupObjectClass":"Klasa obiektowa", "ldapGroupRecursive":"Rekurencyjne", "ldapGroups":"Grupy", +"ldapIOTimeout":"Limit czasu operacji", "ldapITDS":"Obsługa IBM Tivoli DS", "ldapParams":"Parametry LDAP", "ldapPassword":"Hasło", "ldapPasswordResetAttribute":"Zresetuj atrybut", "ldapPasswordResetAttributeValue":"Resetuj wartość", -"ldapPpolicyControl":"Kontrola polityki haseł", "ldapPort":"Port serwera", +"ldapPpolicyControl":"Kontrola polityki haseł", "ldapPwdEnc":"Kodowanie hasła LDAP", "ldapRaw":"Atrybuty binarne", "ldapSearchDeref":"Dereferencja aliasu", "ldapServer":"Host serwera", "ldapSetPassword":"Rozszerzona operacja modyfikacji hasła", "ldapTimeout":"Czas połączenia minął", -"ldapIOTimeout":"Limit czasu operacji", "ldapUsePasswordResetAttribute":"Użyj atrybutu reset", "ldapVerify":"Zweryfikuj certyfikat serwera LDAP", "ldapVersion":"Wersja", @@ -483,35 +497,34 @@ "linkedInClientID":"Identyfikator klienta", "linkedInClientSecret":"Sekret klienta", "linkedInFields":"Szukane pola", -"linkedinParams":"Parametry LinkedIn", "linkedInScope":"Zakres", "linkedInUserField":"Pole zawierające identyfikator użytkownika", +"linkedinParams":"Parametry LinkedIn", "load":"Załaduj", -"loadedConfiguration":"Załadowana konfiguracja", "loadFromUrl":"Załaduj z adresu URL", +"loadedConfiguration":"Załadowana konfiguracja", "localSessionStorage":"Moduł pamięci podręcznej", "localSessionStorageOptions":"Opcje modułu pamięci podręcznej", "locationRules":"Zasady dostępu", +"logParams":"Dzienniki", "loginHistory":"Historia logowania", "loginHistoryEnabled":"Aktywacja", "logo":"Logo", "logout":"Wyloguj", "logoutServices":"Przekazywanie wylogowania", -"logParams":"Dzienniki", "lwpOpts":"Opcje żądań serwera", "lwpSslOpts":"Opcje SSL dla żądań serwera", -"instance":"Instancja", "macros":"Makra", "mail2f":"Drugi czynnik e-mail", "mail2fActivation":"Aktywacja", -"mail2fCodeRegex":"Wyrażenie regularne kodu", -"mail2fTimeout":"Limit czasu kodu", -"mail2fSubject":"Temat wiadomości", -"mail2fBody":"Treść wiadomości", "mail2fAuthnLevel":"Poziom uwierzytelnienia", -"mail2fLabel":"Etykieta", +"mail2fBody":"Treść wiadomości", +"mail2fCodeRegex":"Wyrażenie regularne kodu", +"mail2fLabel":"Etykieta", "mail2fLogo":"Logo", "mail2fSessionKey":"Klucz sesji zawierający adres e-mail", +"mail2fSubject":"Temat wiadomości", +"mail2fTimeout":"Limit czasu kodu", "mailBody":"Treść wiadomości o powodzeniu", "mailCharset":"Zestaw znaków", "mailConfirmBody":"Treść wiadomości potwierdzającej", @@ -535,22 +548,22 @@ "markAsDone":"Oznacz jako wykonane", "memberOfSSOGroups":"Członek grup jednokrotnego logowania", "menu":"Menu", +"menuCategory":"Kategoria menu", "message":"Wiadomość", "messages":"Wiadomości", -"menuCategory":"Kategoria menu", "modulesTitle":"Użyte moduły", "multiIp":"Multi IP", -"multipleSessions":"Wiele sesji", "multiValuesSeparator":"Separator", +"multipleSessions":"Wiele sesji", "name":"Nazwa", "needConfirmation":"Dostępna jest nowa konfiguracja. Aby wymusić zapisanie aktualnej, kliknij pole wyboru obok przycisku „zapisz”", "networkProblem":"Problem z siecią", "never":"Nigdy", "newApp":"Nowa aplikacja", -"newChain":"Nowy łańcuch", "newCat":"Nowa kategoria", "newCertificate":"Nowy certyfikat", "newCfgAvailable":"Dostępna jest nowa konfiguracja", +"newChain":"Nowy łańcuch", "newCmbMod":"Nowy moduł", "newCmbOver":"Nowy parametr", "newEntry":"Nowy wpis", @@ -560,41 +573,40 @@ "newPostVar":"Nowa zmienna", "newRSAKey":"Nowe klucze", "newRule":"Nowa zasada", -"newSfOver":"Nowy parametr", "newSfExtra":"Nowy drugi czynnik", +"newSfOver":"Nowy parametr", "newValue":"Nowa wartość", "next":"Następny", "nginxCustomHandlers":"Niestandardowe programy obsługi Nginx", "noAjaxHook":"Zachowaj przekierowania dla Ajax", "noData":"Brak danych do wyświetlenia", "notABoolean":"Nie jest typu boolean", -"notAnInteger":"Nie jest liczbą całkowitą", "notAValidPerlExpression":"Niepoprawne wyrażenie Perla", +"notAnInteger":"Nie jest liczbą całkowitą", "notification":"Aktywacja", -"notifications":"Powiadomienia", -"notification_s":"powiadomienie/a", -"notificationDefaultCond":"Domyślny warunek", -"notificationServer":"Serwer powiadomień", -"notificationServerDELETE":"Metoda DELETE", -"notificationServerGET":"Metoda GET", -"notificationServerMethods":"Metody HTTP", -"notificationServerPOST":"Metoda POST", -"notificationServerSentAttributes":"Parametry powiadomienia do wysłania", -"serverNotification":"Serwer", "notificationCreated":"Powiadomienie zostało utworzone", +"notificationDefaultCond":"Domyślny warunek", "notificationDeleted":"Powiadomienie zostało oznaczone jako gotowe", "notificationDone":"Powiadomienie wykonane", -"notificationsDone":"Powiadomienia wykonane", -"notificationsExplorer":"Explorer", "notificationNotCreated":"Powiadomienie nie zostało utworzone", "notificationNotDeleted":"Powiadomienie nie zostało oznaczone jako wykonane", "notificationNotFound":"Powiadomienie nie zostało znalezione", "notificationNotPurged":"Powiadomienie nie zostało całkowicie usunięte", "notificationPurged":"Powiadomienie zostało całkowicie usunięte", +"notificationServer":"Serwer powiadomień", +"notificationServerDELETE":"Metoda DELETE", +"notificationServerGET":"Metoda GET", +"notificationServerMethods":"Metody HTTP", +"notificationServerPOST":"Metoda POST", +"notificationServerSentAttributes":"Parametry powiadomienia do wysłania", "notificationStorage":"Moduł pamięci", "notificationStorageOptions":"Parametry modułu pamięci", "notificationWildcard":"Symbol wieloznaczny dla wszystkich użytkowników", "notificationXSLTfile":"Niestandardowy plik XSLT", +"notification_s":"powiadomienie/a", +"notifications":"Powiadomienia", +"notificationsDone":"Powiadomienia wykonane", +"notificationsExplorer":"Explorer", "notifyDeleted":"Wyświetl usunięte sesje", "notifyOther":"Wyświetl inne sesje", "nullAuthnLevel":"Poziom uwierzytelnienia", @@ -602,8 +614,6 @@ "number":"Numer", "off":"Wyłączone", "offlineSessions":"Sesje offline", -"oldValue":"Stara wartość", -"on":"Włączone", "oidcAttribute":"Atrybut OIDC", "oidcAuthnLevel":"Poziom uwierzytelnienia", "oidcConsents":"Zgoda na OpenID Connect", @@ -612,12 +622,9 @@ "oidcOPMetaDataJSON":"Metadane", "oidcOPMetaDataJWKS":"Dane JWKS", "oidcOPMetaDataNode":"Dostawcy OpenID Connect", +"oidcOPMetaDataNodes":"Dostawcy OpenID Connect", "oidcOPMetaDataOptions":"Opcje", -"oidcRPMetaDataOptionsBasic":"Podstawowy", -"oidcRPMetaDataOptionsAdditionalAudiences":"Dodatkowi odbiorcy", -"oidcRPMetaDataOptionsAdvanced":"Zaawansowane", -"oidcRPMetaDataOptionsTimeouts":"Limit czasu", -"oidcRPMetaDataOptionsAllowOffline":"Zezwalaj na dostęp offline", +"oidcOPMetaDataOptionsAcrValues":"Wartości ACR", "oidcOPMetaDataOptionsCheckJWTSignature":"Sprawdź podpis JWT", "oidcOPMetaDataOptionsClientID":"Identyfikator klienta", "oidcOPMetaDataOptionsClientSecret":"Sekret klienta", @@ -626,116 +633,119 @@ "oidcOPMetaDataOptionsDisplay":"Wyświetlanie", "oidcOPMetaDataOptionsDisplayName":"Wyświetlana nazwa", "oidcOPMetaDataOptionsDisplayParams":"Wyświetlanie", +"oidcOPMetaDataOptionsIDTokenMaxAge":"Maksymalny czas ważności tokena identyfikacyjnego", "oidcOPMetaDataOptionsIcon":"Logo", -"oidcOPMetaDataOptionsSortNumber":"Kolejność", "oidcOPMetaDataOptionsJWKSTimeout":"Limit czasu danych JWKS", -"oidcRPMetaDataOptionsLogoutSessionRequired":"Wymagana sesja", -"oidcRPMetaDataOptionsLogoutType":"Rodzaj", -"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsMaxAge":"Maksymalny czas ważności", +"oidcOPMetaDataOptionsPrompt":"Prompt", "oidcOPMetaDataOptionsProtocol":"Protokół", -"oidcRPMetaDataOptionsPublic":"Klient publiczny", -"oidcRPMetaDataOptionsRequirePKCE":"Wymagaj PKCE", -"oidcRPMetaDataOptionsAuthnLevel":"Poziom uwierzytelnienia", -"oidcRPMetaDataOptionsRule":"Reguła dostępu", -"oidcRPMetaDataMacros":"Makra", -"oidcRPMetaDataScopeRules":"Zasady dotyczące zakresu", "oidcOPMetaDataOptionsScope":"Zakres", +"oidcOPMetaDataOptionsSortNumber":"Kolejność", "oidcOPMetaDataOptionsStoreIDToken":"Przechowuj token identyfikacyjny", "oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Metoda uwierzytelniania tokena punktu końcowego", +"oidcOPMetaDataOptionsUiLocales":"Interfejs użytkownika Locales", +"oidcOPMetaDataOptionsUseNonce":"Użyj nonce", "oidcOPName":"Nazwa dostawcy OpenID Connect", "oidcParams":"Parametry OpenID Connect", "oidcRP":"Strona zależna od OpenID Connect", "oidcRPCallbackGetParam":"Parametr GET wywołania zwrotnego", "oidcRPMetaDataExportedVars":"Wyeksportowane atrybuty", +"oidcRPMetaDataMacros":"Makra", "oidcRPMetaDataNode":"Strony zależne od OpenID Connect", +"oidcRPMetaDataNodes":"Strony zależne od OpenID Connect", "oidcRPMetaDataOptions":"Opcje", +"oidcRPMetaDataOptionsAccessTokenClaims":"Zwolnij oświadczenia w tokenie dostępu", "oidcRPMetaDataOptionsAccessTokenExpiration":"Wygaśnięcie tokena dostępu", "oidcRPMetaDataOptionsAccessTokenJWT":"Użyj formatu JWT dla tokenu dostępu", -"oidcRPMetaDataOptionsAccessTokenClaims":"Zwolnij oświadczenia w tokenie dostępu", "oidcRPMetaDataOptionsAccessTokenSignAlg":"Algorytm podpisu tokena dostępu", +"oidcRPMetaDataOptionsAdditionalAudiences":"Dodatkowi odbiorcy", +"oidcRPMetaDataOptionsAdvanced":"Zaawansowane", "oidcRPMetaDataOptionsAllowClientCredentialsGrant":"Zezwalaj na przyznanie poświadczeń klienta OAuth2.0", +"oidcRPMetaDataOptionsAllowOffline":"Zezwalaj na dostęp offline", "oidcRPMetaDataOptionsAllowPasswordGrant":"Zezwól na przyznanie hasła OAuth2.0", +"oidcRPMetaDataOptionsAuthnLevel":"Poziom uwierzytelnienia", "oidcRPMetaDataOptionsAuthorizationCodeExpiration":"Wygaśnięcie kodu autoryzacji", +"oidcRPMetaDataOptionsBasic":"Podstawowy", "oidcRPMetaDataOptionsBypassConsent":"Obejdź zgodę", "oidcRPMetaDataOptionsClientID":"Identyfikator klienta", "oidcRPMetaDataOptionsClientSecret":"Sekret klienta", "oidcRPMetaDataOptionsDisplay":"Wyświetlanie", "oidcRPMetaDataOptionsDisplayName":"Wyświetlana nazwa", -"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsExtraClaims":"Dodatkowe roszczenia", "oidcRPMetaDataOptionsIDTokenExpiration":"Data ważności tokena identyfikacyjnego", -"oidcRPMetaDataOptionsIDTokenSignAlg":"Algorytm podpisu tokena identyfikacyjnego", "oidcRPMetaDataOptionsIDTokenForceClaims":"Wymuś zwrot roszczeń w tokenie identyfikacyjnym", +"oidcRPMetaDataOptionsIDTokenSignAlg":"Algorytm podpisu tokena identyfikacyjnego", +"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Wymagana sesja", +"oidcRPMetaDataOptionsLogoutType":"Rodzaj", +"oidcRPMetaDataOptionsLogoutUrl":"URL", "oidcRPMetaDataOptionsOfflineSessionExpiration":"Wygaśnięcie sesji offline", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Dozwolone adresy przekierowań dla wylogowania", +"oidcRPMetaDataOptionsPublic":"Klient publiczny", +"oidcRPMetaDataOptionsRedirectUris":"Dozwolone adresy przekierowań dla logowania", "oidcRPMetaDataOptionsRefreshToken":"Użyj tokenów odświeżających", +"oidcRPMetaDataOptionsRequirePKCE":"Wymagaj PKCE", +"oidcRPMetaDataOptionsRule":"Reguła dostępu", +"oidcRPMetaDataOptionsTimeouts":"Limit czasu", "oidcRPMetaDataOptionsUserIDAttr":"Atrybut użytkownika", +"oidcRPMetaDataScopeRules":"Zasady dotyczące zakresu", "oidcRPName":"Nazwa RP OpenID Connect", "oidcRPStateTimeout":"Limit czasu sesji stanowej", +"oidcServiceAccessTokenExpiration":"Wygaśnięcie tokena dostępu", +"oidcServiceAllowAuthorizationCodeFlow":"Przepływ kodu autoryzacji", +"oidcServiceAllowDynamicRegistration":"Rejestracja dynamiczna", +"oidcServiceAllowHybridFlow":"Przepływ hybrydowy", +"oidcServiceAllowImplicitFlow":"Implikowany przepływ", +"oidcServiceAllowOffline":"Zezwalaj na dostęp offline", +"oidcServiceAuthorizationCodeExpiration":"Wygaśnięcie kodu autoryzacji", +"oidcServiceDynamicRegistrationExportedVars":"Zmienne wyeksportowane do dynamicznej rejestracji", +"oidcServiceDynamicRegistrationExtraClaims":"Dodatkowe roszczenia dotyczące rejestracji dynamicznej", +"oidcServiceIDTokenExpiration":"Data ważności tokena identyfikacyjnego", +"oidcServiceKeyIdSig":"Identyfikator klucza podpisu", "oidcServiceMetaData":"Usługa OpenID Connect", +"oidcServiceMetaDataAuthnContext":"Kontekst uwierzytelnienia", "oidcServiceMetaDataAuthorizeURI":"Autoryzacja", "oidcServiceMetaDataBackChannelURI":"Identyfikator URI kanału zwrotnego", +"oidcServiceMetaDataCheckSessionURI":"Sprawdź sesję", "oidcServiceMetaDataEndPoints":"Punkty końcowe", +"oidcServiceMetaDataEndSessionURI":"Koniec sesji", "oidcServiceMetaDataFrontChannelURI":"Identyfikator URI kanału przedniego", +"oidcServiceMetaDataIntrospectionURI":"Introspekcja", +"oidcServiceMetaDataIssuer":"Identyfikator wystawcy", "oidcServiceMetaDataJWKSURI":"JWKS", "oidcServiceMetaDataKeys":"Klucze", "oidcServiceMetaDataRegistrationURI":"Rejestracja", -"oidcServiceMetaDataIntrospectionURI":"Introspekcja", "oidcServiceMetaDataSecurity":"Bezpieczeństwo", -"oidcServiceMetaDataEndSessionURI":"Koniec sesji", -"oidcServiceMetaDataAuthnContext":"Kontekst uwierzytelnienia", "oidcServiceMetaDataSessions":"Sesje", +"oidcServiceMetaDataTokenURI":"Token", +"oidcServiceMetaDataUserInfoURI":"Informacja o użytkowniku", +"oidcServiceOfflineSessionExpiration":"Wygaśnięcie sesji offline", "oidcServicePrivateKeySig":"Klucz prywatny podpisu", "oidcServicePublicKeySig":"Klucz publiczny podpisu", -"oidcServiceKeyIdSig":"Identyfikator klucza podpisu", -"oidcServiceAuthorizationCodeExpiration":"Wygaśnięcie kodu autoryzacji", -"oidcServiceAccessTokenExpiration":"Wygaśnięcie tokena dostępu", -"oidcServiceDynamicRegistrationExportedVars":"Zmienne wyeksportowane do dynamicznej rejestracji", -"oidcServiceDynamicRegistrationExtraClaims":"Dodatkowe roszczenia dotyczące rejest