Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
Xavier Bachelot
lemonldap-ng
Commits
568eb70e
Commit
568eb70e
authored
Mar 13, 2017
by
Yadd
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update macros (#595)
parent
3f3ac6d7
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
227 additions
and
201 deletions
+227
-201
_example/conf/lmConf-1.json
_example/conf/lmConf-1.json
+162
-162
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
+1
-0
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
...p-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+63
-38
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm
+1
-1
No files found.
_example/conf/lmConf-1.json
View file @
568eb70e
{
"applicationList"
:
{
"1sample"
:
{
"catname"
:
"Sample applications"
,
"test1"
:
{
"options"
:
{
"description"
:
"A simple application displaying authenticated user"
,
"display"
:
"auto"
,
"logo"
:
"demo.png"
,
"name"
:
"Application Test 1"
,
"uri"
:
"http://test1.__DNSDOMAIN__/"
},
"type"
:
"application"
"applicationList"
:
{
"1sample"
:
{
"catname"
:
"Sample applications"
,
"test1"
:
{
"options"
:
{
"description"
:
"A simple application displaying authenticated user"
,
"display"
:
"auto"
,
"logo"
:
"demo.png"
,
"name"
:
"Application Test 1"
,
"uri"
:
"http://test1.__DNSDOMAIN__/"
},
"type"
:
"application"
},
"test2"
:
{
"options"
:
{
"description"
:
"The same simple application displaying authenticated user"
,
"display"
:
"auto"
,
"logo"
:
"thumbnail.png"
,
"name"
:
"Application Test 2"
,
"uri"
:
"http://test2.__DNSDOMAIN__/"
},
"type"
:
"application"
},
"type"
:
"category"
},
"test2"
:
{
"options"
:
{
"description"
:
"The same simple application displaying authenticated user"
,
"display"
:
"auto"
,
"logo"
:
"thumbnail.png"
,
"name"
:
"Application Test 2"
,
"uri"
:
"http://test2.__DNSDOMAIN__/"
},
"type"
:
"application"
"2administration"
:
{
"catname"
:
"Administration"
,
"manager"
:
{
"options"
:
{
"description"
:
"Configure LemonLDAP::NG WebSSO"
,
"display"
:
"auto"
,
"logo"
:
"configure.png"
,
"name"
:
"WebSSO Manager"
,
"uri"
:
"http://manager.__DNSDOMAIN__/manager.html"
},
"type"
:
"application"
},
"notifications"
:
{
"options"
:
{
"description"
:
"Explore WebSSO notifications"
,
"display"
:
"auto"
,
"logo"
:
"database.png"
,
"name"
:
"Notifications explorer"
,
"uri"
:
"http://manager.__DNSDOMAIN__/notifications.html"
},
"type"
:
"application"
},
"sessions"
:
{
"options"
:
{
"description"
:
"Explore WebSSO sessions"
,
"display"
:
"auto"
,
"logo"
:
"database.png"
,
"name"
:
"Sessions explorer"
,
"uri"
:
"http://manager.__DNSDOMAIN__/sessions.html"
},
"type"
:
"application"
},
"type"
:
"category"
},
"type"
:
"category"
},
"2administration"
:
{
"catname"
:
"Administration"
,
"manager"
:
{
"options"
:
{
"description"
:
"Configure LemonLDAP::NG WebSSO"
,
"display"
:
"auto"
,
"logo"
:
"configure.png"
,
"name"
:
"WebSSO Manager"
,
"uri"
:
"http://manager.__DNSDOMAIN__/manager.html"
},
"type"
:
"application"
"3documentation"
:
{
"catname"
:
"Documentation"
,
"localdoc"
:
{
"options"
:
{
"description"
:
"Documentation supplied with LemonLDAP::NG"
,
"display"
:
"on"
,
"logo"
:
"help.png"
,
"name"
:
"Local documentation"
,
"uri"
:
"http://manager.__DNSDOMAIN__/doc/"
},
"type"
:
"application"
},
"officialwebsite"
:
{
"options"
:
{
"description"
:
"Official LemonLDAP::NG Website"
,
"display"
:
"on"
,
"logo"
:
"network.png"
,
"name"
:
"Offical Website"
,
"uri"
:
"http://lemonldap-ng.org/"
},
"type"
:
"application"
},
"type"
:
"category"
}
},
"authentication"
:
"Demo"
,
"cfgAuthor"
:
"The LemonLDAP::NG team"
,
"cfgNum"
:
1
,
"cfgVersion"
:
"2.0.0"
,
"cookieName"
:
"lemonldap"
,
"demoExportedVars"
:
{
"cn"
:
"cn"
,
"mail"
:
"mail"
,
"uid"
:
"uid"
},
"domain"
:
"__DNSDOMAIN__"
,
"exportedHeaders"
:
{
"test1.__DNSDOMAIN__"
:
{
"Auth-User"
:
"$uid"
},
"notifications"
:
{
"options"
:
{
"description"
:
"Explore WebSSO notifications"
,
"display"
:
"auto"
,
"logo"
:
"database.png"
,
"name"
:
"Notifications explorer"
,
"uri"
:
"http://manager.__DNSDOMAIN__/notifications.html"
},
"type"
:
"application"
"test2.__DNSDOMAIN__"
:
{
"Auth-User"
:
"$uid"
}
},
"exportedVars"
:
{
"UA"
:
"HTTP_USER_AGENT"
},
"globalStorage"
:
"Apache::Session::File"
,
"globalStorageOptions"
:
{
"Directory"
:
"__SESSIONDIR__"
,
"LockDirectory"
:
"__SESSIONDIR__/lock"
,
"generateModule"
:
"Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
},
"groups"
:
{},
"localSessionStorage"
:
"Cache::FileCache"
,
"localSessionStorageOptions"
:
{
"cache_depth"
:
3
,
"cache_root"
:
"/tmp"
,
"default_expires_in"
:
600
,
"directory_umask"
:
"007"
,
"namespace"
:
"lemonldap-ng-sessions"
},
"locationRules"
:
{
"manager.__DNSDOMAIN__"
:
{
"(?#Configuration)^/(manager\\.html|conf/)"
:
"$uid eq
\"
dwho
\"
"
,
"(?#Notifications)/notifications"
:
"$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
,
"(?#Sessions)/sessions"
:
"$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
,
"default"
:
"$uid eq
\"
dwho
\"
"
},
"sessions"
:
{
"options"
:
{
"description"
:
"Explore WebSSO sessions"
,
"display"
:
"auto"
,
"logo"
:
"database.png"
,
"name"
:
"Sessions explorer"
,
"uri"
:
"http://manager.__DNSDOMAIN__/sessions.html"
},
"type"
:
"application"
"test1.__DNSDOMAIN__"
:
{
"^/logout"
:
"logout_sso"
,
"default"
:
"accept"
},
"type"
:
"category"
},
"3documentation"
:
{
"catname"
:
"Documentation"
,
"localdoc"
:
{
"options"
:
{
"description"
:
"Documentation supplied with LemonLDAP::NG"
,
"display"
:
"on"
,
"logo"
:
"help.png"
,
"name"
:
"Local documentation"
,
"uri"
:
"http://manager.__DNSDOMAIN__/doc/"
},
"type"
:
"application"
},
"officialwebsite"
:
{
"options"
:
{
"description"
:
"Official LemonLDAP::NG Website"
,
"display"
:
"on"
,
"logo"
:
"network.png"
,
"name"
:
"Offical Website"
,
"uri"
:
"http://lemonldap-ng.org/"
},
"type"
:
"application"
},
"type"
:
"category"
}
},
"authentication"
:
"Demo"
,
"cfgAuthor"
:
"The LemonLDAP::NG team"
,
"cfgNum"
:
1
,
"cfgVersion"
:
"2.0.0"
,
"cookieName"
:
"lemonldap"
,
"demoExportedVars"
:
{
"cn"
:
"cn"
,
"mail"
:
"mail"
,
"uid"
:
"uid"
},
"domain"
:
"__DNSDOMAIN__"
,
"exportedHeaders"
:
{
"test1.__DNSDOMAIN__"
:
{
"Auth-User"
:
"$uid"
},
"test2.__DNSDOMAIN__"
:
{
"Auth-User"
:
"$uid"
}
},
"exportedVars"
:
{
"UA"
:
"HTTP_USER_AGENT"
},
"globalStorage"
:
"Apache::Session::File"
,
"globalStorageOptions"
:
{
"Directory"
:
"__SESSIONDIR__"
,
"LockDirectory"
:
"__SESSIONDIR__/lock"
,
"generateModule"
:
"Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
},
"groups"
:
{},
"localSessionStorage"
:
"Cache::FileCache"
,
"localSessionStorageOptions"
:
{
"cache_depth"
:
3
,
"cache_root"
:
"/tmp"
,
"default_expires_in"
:
600
,
"directory_umask"
:
"007"
,
"namespace"
:
"lemonldap-ng-sessions"
},
"locationRules"
:
{
"manager.__DNSDOMAIN__"
:
{
"(?#Configuration)^/(manager\\.html|conf/)"
:
"$uid eq
\"
dwho
\"
"
,
"(?#Notifications)^/notifications"
:
"$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
,
"(?#Sessions)^/sessions"
:
"$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
,
"default"
:
"$uid eq
\"
dwho
\"
"
},
"test1.__DNSDOMAIN__"
:
{
"^/logout"
:
"logout_sso"
,
"default"
:
"accept"
},
"test2.__DNSDOMAIN__"
:
{
"^/logout"
:
"logout_sso"
,
"default"
:
"accept"
}
},
"loginHistoryEnabled"
:
1
,
"macros"
:
{
"_whatToTrace"
:
"$_auth eq 'SAML' ?
\"
$_user
\\
@$_idpConfKey
\"
:
\"
$_user
\"
"
},
"mailUrl"
:
"http://auth.__DNSDOMAIN__/resetpwd"
,
"notification"
:
1
,
"notificationStorage"
:
"File"
,
"notificationStorageOptions"
:
{
"dirName"
:
"__NOTIFICATIONDIR__"
},
"passwordDB"
:
"Demo"
,
"persistentStorage"
:
"Apache::Session::File"
,
"persistentStorageOptions"
:
{
"Directory"
:
"__PSESSIONDIR__"
,
"LockDirectory"
:
"__PSESSIONDIR__/lock"
},
"portal"
:
"http://auth.__DNSDOMAIN__/"
,
"portalSkin"
:
"bootstrap"
,
"portalSkinBackground"
:
"1280px-Cedar_Breaks_National_Monument_partially.jpg"
,
"registerDB"
:
"Demo"
,
"registerUrl"
:
"http://auth.__DNSDOMAIN__/register"
,
"reloadUrls"
:
{
"reload.__DNSDOMAIN__"
:
"http://reload.__DNSDOMAIN__/reload"
},
"securedCookie"
:
0
,
"sessionDataToRemember"
:
{},
"timeout"
:
72000
,
"userDB"
:
"Same"
,
"whatToTrace"
:
"_whatToTrace"
}
\ No newline at end of file
"test2.__DNSDOMAIN__"
:
{
"^/logout"
:
"logout_sso"
,
"default"
:
"accept"
}
},
"loginHistoryEnabled"
:
1
,
"macros"
:
{
"_whatToTrace"
:
"$_auth eq 'SAML' ?
\"
$_user
\\
@$_idpConfKey
\"
: $_auth eq 'OpenIDConnect' ?
\"
$_user
\\
@$_oidcConnectedRP
\"
:
\"
$_user
\"
"
},
"mailUrl"
:
"http://auth.__DNSDOMAIN__/resetpwd"
,
"notification"
:
1
,
"notificationStorage"
:
"File"
,
"notificationStorageOptions"
:
{
"dirName"
:
"__NOTIFICATIONDIR__"
},
"passwordDB"
:
"Demo"
,
"persistentStorage"
:
"Apache::Session::File"
,
"persistentStorageOptions"
:
{
"Directory"
:
"__PSESSIONDIR__"
,
"LockDirectory"
:
"__PSESSIONDIR__/lock"
},
"portal"
:
"http://auth.__DNSDOMAIN__/"
,
"portalSkin"
:
"bootstrap"
,
"portalSkinBackground"
:
"1280px-Cedar_Breaks_National_Monument_partially.jpg"
,
"registerDB"
:
"Demo"
,
"registerUrl"
:
"http://auth.__DNSDOMAIN__/register"
,
"reloadUrls"
:
{
"reload.__DNSDOMAIN__"
:
"http://reload.__DNSDOMAIN__/reload"
},
"securedCookie"
:
0
,
"sessionDataToRemember"
:
{},
"timeout"
:
72000
,
"userDB"
:
"Same"
,
"whatToTrace"
:
"_whatToTrace"
}
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
View file @
568eb70e
...
...
@@ -495,6 +495,7 @@ sub scanTree {
push
@sessionTypes
,
$
1
if
(
$leaf
=~
/^(.*)(?<!notification)StorageOptions$/
);
my
$attr
=
$attributes
->
{
$leaf
}
or
die
("
Missing attribute
$leaf
");
print
STDERR
"
|
$attr
->{documentation} |
$leaf
|
\n
";
$jleaf
=
{
id
=>
"
$prefix$leaf
",
title
=>
$leaf
};
unless
(
$attr
->
{
type
}
)
{
print
STDERR
"
Fatal: no type:
$leaf
\n
";
...
...
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View file @
568eb70e
...
...
@@ -265,7 +265,7 @@ sub attributes {
default
=>
'
get
',
documentation
=>
'
HTTP method for info page form
',
},
port
=>
{
type
=>
'
int
',
},
port
=>
{
type
=>
'
int
',
documentation
=>
'
Force port in redirection
'
},
jsRedirect
=>
{
type
=>
'
boolOrExpr
',
default
=>
0
,
...
...
@@ -287,6 +287,7 @@ sub attributes {
keyTest
=>
qr/^\w+$/
,
test
=>
qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/
,
msgFail
=>
'
__badPerlPackageName__
',
documentation
=>
'
Custom Nginx handler (deprecated)
',
},
noAjaxHook
=>
{
default
=>
0
,
...
...
@@ -318,11 +319,12 @@ sub attributes {
documentation
=>
'
HTTP method for redirect page form
',
},
reloadUrls
=>
{
type
=>
'
keyTextContainer
',
help
=>
'
configlocation.html#configuration_reload
',
keyTest
=>
qr/^$Regexp::Common::URI::RFC2396::host(?::\d+)?$/
,
test
=>
$url
,
msgFail
=>
'
__badUrl__
'
type
=>
'
keyTextContainer
',
help
=>
'
configlocation.html#configuration_reload
',
keyTest
=>
qr/^$Regexp::Common::URI::RFC2396::host(?::\d+)?$/
,
test
=>
$url
,
msgFail
=>
'
__badUrl__
',
documentation
=>
'
URL to call on reload
',
},
staticPrefix
=>
{
type
=>
'
text
',
...
...
@@ -411,12 +413,13 @@ sub attributes {
],
},
portalSkinRules
=>
{
type
=>
'
keyTextContainer
',
help
=>
'
portalcustom.html
',
keyTest
=>
$perlExpr
,
keyMsgFail
=>
'
__badSkinRule__
',
test
=>
qr/^\w+$/
,
msgFail
=>
'
__badValue__
',
type
=>
'
keyTextContainer
',
help
=>
'
portalcustom.html
',
keyTest
=>
$perlExpr
,
keyMsgFail
=>
'
__badSkinRule__
',
test
=>
qr/^\w+$/
,
msgFail
=>
'
__badValue__
',
documentation
=>
'
Rules to choose portal skin
',
},
# Security
...
...
@@ -446,9 +449,10 @@ sub attributes {
documentation
=>
'
Check XSS
',
},
grantSessionRules
=>
{
type
=>
'
grantContainer
',
keyTest
=>
$perlExpr
,
test
=>
sub
{
1
},
type
=>
'
grantContainer
',
keyTest
=>
$perlExpr
,
test
=>
sub
{
1
},
documentation
=>
'
Rules to grant sessions
',
},
hiddenAttributes
=>
{
type
=>
'
text
',
...
...
@@ -517,8 +521,9 @@ sub attributes {
default
=>
'
[A-Z]{3}[a-z]{5}.\d{2}
',
documentation
=>
'
Regular expression to create a random password
',
},
trustedDomains
=>
{
type
=>
'
text
',
},
storePassword
=>
{
trustedDomains
=>
{
type
=>
'
text
',
documentation
=>
'
Trusted domains
',
},
storePassword
=>
{
default
=>
0
,
type
=>
'
bool
',
documentation
=>
'
Store password in session
',
...
...
@@ -631,8 +636,9 @@ sub attributes {
},
# Cookies
cookieExpiration
=>
{
type
=>
'
text
',
},
cookieName
=>
{
cookieExpiration
=>
{
type
=>
'
text
',
documentation
=>
'
Cookie expiration
',
},
cookieName
=>
{
type
=>
'
text
',
test
=>
qr/^[a-zA-Z][a-zA-Z0-9_-]*$/
,
msgFail
=>
'
__badCookieName__
',
...
...
@@ -667,15 +673,18 @@ sub attributes {
oldNotifFormat
=>
{
type
=>
'
bool
',
default
=>
0
,
documentation
=>
'
Use old XML format
',
documentation
=>
'
Use old XML format
for notifications
',
},
notificationWildcard
=>
{
type
=>
'
text
',
default
=>
'
allusers
',
documentation
=>
'
Notification string to match all users
',
},
notificationXSLTfile
=>
{
type
=>
'
text
',
},
notification
=>
{
notificationXSLTfile
=>
{
type
=>
'
text
',
documentation
=>
'
Custom XSLT document for notifications
',
},
notification
=>
{
default
=>
0
,
type
=>
'
bool
',
documentation
=>
'
Notification activation
',
...
...
@@ -765,9 +774,9 @@ sub attributes {
documentation
=>
'
Session backend module options
',
},
localSessionStorage
=>
{
type
=>
'
PerlModule
',
default
=>
'
Cache::FileCache
',
,
documentation
=>
'
Sessions cache module
',
type
=>
'
PerlModule
',
default
=>
'
Cache::FileCache
',
documentation
=>
'
Sessions cache module
',
},
localSessionStorageOptions
=>
{
type
=>
'
keyTextContainer
',
...
...
@@ -782,12 +791,19 @@ sub attributes {
},
# Persistent storage
persistentStorage
=>
{
type
=>
'
PerlModule
',
},
persistentStorageOptions
=>
{
type
=>
'
keyTextContainer
',
},
sessionDataToRemember
=>
{
type
=>
'
keyTextContainer
',
keyTest
=>
qr/^[_a-zA-Z][a-zA-Z0-9_]*$/
,
keyMsgFail
=>
'
__invalidSessionData__
',
persistentStorage
=>
{
type
=>
'
PerlModule
',
documentation
=>
'
Storage module for persistent sessions
'
},
persistentStorageOptions
=>
{
type
=>
'
keyTextContainer
',
documentation
=>
'
Options for persistent sessions storage module
'
},
sessionDataToRemember
=>
{
type
=>
'
keyTextContainer
',
keyTest
=>
qr/^[_a-zA-Z][a-zA-Z0-9_]*$/
,
keyMsgFail
=>
'
__invalidSessionData__
',
documentation
=>
'
Data to remember in login history
',
},
# SAML issuer
...
...
@@ -882,13 +898,15 @@ sub attributes {
},
# Mails
mailBody
=>
{
type
=>
'
longtext
',
},
mailBody
=>
{
type
=>
'
longtext
',
documentation
=>
'
Custom mail body
',
},
mailCharset
=>
{
type
=>
'
text
',
default
=>
'
utf-8
',
documentation
=>
'
Mail charset
',
},
mailConfirmBody
=>
{
type
=>
'
longtext
',
},
mailConfirmBody
=>
{
type
=>
'
longtext
',
documentation
=>
'
Custom confirm mail body
',
},
mailConfirmSubject
=>
{
type
=>
'
text
',
documentation
=>
'
Mail subject for reset confirmation
',
...
...
@@ -898,7 +916,7 @@ sub attributes {
default
=>
'
noreply@example.com
',
documentation
=>
'
Sender email
',
},
mailReplyTo
=>
{
type
=>
'
text
',
},
mailReplyTo
=>
{
type
=>
'
text
',
documentation
=>
'
Reply-To address
'
},
mailSessionKey
=>
{
type
=>
'
text
',
default
=>
'
mail
',
...
...
@@ -924,8 +942,14 @@ sub attributes {
test
=>
qr/^(?:$Regexp::Common::URI::RFC2396::host(?::\d+)?)?$/
,
documentation
=>
'
SMTP Server
',
},
SMTPAuthUser
=>
{
type
=>
'
text
',
},
SMTPAuthPass
=>
{
type
=>
'
password
',
},
SMTPAuthUser
=>
{
type
=>
'
text
',
documentation
=>
'
Login to use to send mails
',
},
SMTPAuthPass
=>
{
type
=>
'
password
',
documentation
=>
'
Password to use to send mails
',
},
# Registration
registerConfirmSubject
=>
{
...
...
@@ -993,8 +1017,9 @@ sub attributes {
documentation
=>
'
Allow only one session per IP
',
},
singleUserByIP
=>
{
default
=>
0
,
type
=>
'
bool
',
default
=>
0
,
type
=>
'
bool
',
documentation
=>
'
Allow only one user per IP
',
},
singleSessionUserByIP
=>
{
default
=>
0
,
...
...
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm
View file @
568eb70e
...
...
@@ -108,7 +108,7 @@ sub zeroConf {
},
'
macros
'
=>
{
'
_whatToTrace
'
=>
'
$_auth eq
\'
SAML
\'
? "$_user
\\
@$_idpConfKey" : "$_user"
'
'
$_auth eq
\'
SAML
\'
? "$_user
\\
@$_idpConfKey" :
$_auth eq
\'
OpenIDConnect
\'
? "$_user
\\
@$_oidcConnectedRP" :
"$_user"
'
},
'
notificationStorageOptions
'
=>
{
'
dirName
'
=>
$notificationDir
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment