summaryrefslogtreecommitdiffstats
path: root/templates
Commit message (Collapse)AuthorAgeFilesLines
* Return to provider if user cancels loginSimo Sorce2014-10-241-1/+5
| | | | | | | | When the cancel button is hit return to the provider and eventually to the original application via return urls. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Make the template directory configurablePatrick Uiterwijk2014-10-241-0/+1
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Show login target on the login screenPatrick Uiterwijk2014-10-241-0/+6
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Drop custom FAS templateSimo Sorce2014-10-241-44/+0
| | | | | | | | The form and fas template are identical so just drop the fas.html template and use the default. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add attribute mapping for user informationSimo Sorce2014-10-241-3/+1
| | | | | | | | | | | | When user information is retrieved we map any wellknown data to a standardized set of names. A ne InfoMapping class takes cares of helping the info modules to map the data they retrieve so that providers can find it in wellknown attribute names for further use. Mapping of attribute names for diplay purposes is also provided. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add OpenIDP ProviderPatrick Uiterwijk2014-10-244-0/+77
| | | | | | | | | | This commit implements all the core functionality needed to expose an OpenID Identity Provider including a framework to dynamycally add extensions. Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Handle lists type options in plugins configurationSimo Sorce2014-10-241-1/+6
| | | | | | | | Autodetect and convert config values based on the options definition. If the option is marked as list split a string on setting the configuration or join the list into a string before saving it to the database. Signed-off-by: Simo Sorce <simo@redhat.com>
* Do not overwrite default plugin optionsSimo Sorce2014-10-241-2/+2
| | | | | | | | | Change the admin plugin to not overwrite the plugin default options, and only use the sanctioned pluginObject interfaces to read/write config values. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add pretty handler for 404Simo Sorce2014-10-071-0/+13
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add transactions db default pathsSimo Sorce2014-10-061-0/+1
| | | | | | | Fixes installation and quickrun Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use transactions throughout the codeSimo Sorce2014-09-242-0/+2
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add Info providers Admin pagesSimo Sorce2014-09-243-1/+57
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow plugins to determine config options orderSimo Sorce2014-09-241-1/+1
| | | | | | | | Ordering may also be partial, for any option not specified they will be appended in lexycographic order. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use an instance specific session id cookie nameSimo Sorce2014-09-241-0/+1
| | | | | | | Avoids issues if multiple instances are used on the same server Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Confine session to the instanceSimo Sorce2014-09-241-0/+1
| | | | | | | Set session path so that the session is sent only for the specific instance Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Rename form login pageSimo Sorce2014-09-241-0/+0
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add FAS login pluginSimo Sorce2014-08-271-0/+43
| | | | | | | | | | This plugin simply take a Fedora username and password and authenticates the user against the FAS Server. FAS returned data is saved as userdata in the 'fas' attribute. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Rework remote_login and remove protect decoratorSimo Sorce2014-08-271-1/+0
| | | | | | | | | | | | The protect decorator was not really being used for anything, remove it. Change the way UserSession's remote_login() works. If called now it either sets a REMOTE_USER (if found) or nukes the current user data in the session. This means this function can be safely called only in a login plugin now. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Strenghten default Security options in IDPSimo Sorce2014-06-172-0/+3
| | | | | | | | Always deny access to the IDP if not using SSL by default. Always turn on secure/httponly cookies by default. Add a switch to disable all security options for testing. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add server install option to turn on debuggingSimo Sorce2014-06-061-2/+2
| | | | | | | Use this in the testsuite so we can get meaningful output in the logs when something fails. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add basic testing infrastructureSimo Sorce2014-06-041-0/+1
| | | | | | | | | | | | | | make test will now run some sanity tests to make sure basic installation procedures work in a sinthetic test environment. Adds: - custom httpd setup for tests - use profiles to driver ipsilon servers and clients installation - starts multiple httpd servers This way we can test interaction between IDP and SP servers Signed-off-by: Simo Sorce <simo@redhat.com>
* Additional parametrization of template filesSimo Sorce2014-06-042-6/+6
| | | | | | To allow for testing in a custom rootdir, and with a custom user. Signed-off-by: Simo Sorce <simo@redhat.com>
* Allow turning off security at install timeSimo Sorce2014-06-041-1/+1
| | | | | | This should be used only for testing purposes Signed-off-by: Simo Sorce <simo@redhat.com>
* Add optional field to allow pasting the metadataSimo Sorce2014-06-041-2/+16
| | | | | | | This way a user can avoid copying the metadata file arund but paste the content straight from a terminal window. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add tooltips to SAML formsSimo Sorce2014-05-293-6/+16
| | | | | | This should make clearer what is expected in each field. Signed-off-by: Simo Sorce <simo@redhat.com>
* Show the Save button only if it usefulSimo Sorce2014-05-291-4/+6
| | | | | | | If the user cannot perform any action there is no reason to show the save button. Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix location nameSimo Sorce2014-05-291-1/+1
| | | | | | Must be the same name wher ethe instance is mounted! Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix handling of SP renamesSimo Sorce2014-05-201-0/+9
| | | | | | Properly replace page self.url Signed-off-by: Simo Sorce <simo@redhat.com>
* WSGI settings incorrectly makes instance globalNathan Kinder2014-05-101-1/+4
| | | | | | | | | | | | | | | The WSGIProcessGroup directive should only apply to the /idp URI. Without wrapping this directive in the Location element, multiple Ipsilon instances or an Ipsilon instance installed on a FreeIPA server will conflict and encounter problems running in the same httpd process. All wsgi processes will end up redirected to the last process grup defined in the configuration in this case and all other instances of wsgi applications will be unreachable. Resolves: https://fedorahosted.org/ipsilon/ticket/1 Signed-off-by: Nathan Kinder <nkinder@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Make it easy to install mutiple server instancesSimo Sorce2014-04-212-8/+8
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Revert incorrect change to template fileSimo Sorce2014-04-181-4/+4
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add missing install fileSimo Sorce2014-04-181-0/+14
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add basic installation script with saml supportSimo Sorce2014-04-111-0/+28
| | | | | | | | | Generates (self signed) certificates and a metdata.xml file. Optionally configures an Apache Httpd server. If the admin does not configure a specific application at install time a default landing page is made available to be able to test that the SP configuration works. Uninstall removes all certificates and metadata file and is irreversible.
* Change provider plugins registration and enablementSimo Sorce2014-04-111-1/+1
| | | | | | | | | | | | | When plugins are not enabled at startup the admin page is not available as it is created only on enablement. Split enablement and registration, so plugins can be registered even when actually disabled. Also rework the way enablement is tracked and make sure enablement status is saved back to the database when it changes so it is kept on restarts. Signed-off-by: Simo Sorce <simo@redhat.com>
* Admin functions to delete Service ProvidersSimo Sorce2014-04-041-0/+2
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Admin functions to add new Service ProvidersSimo Sorce2014-04-042-0/+33
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Admin classes to change SP propertiesSimo Sorce2014-04-042-15/+69
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Saml2 initial admin pageSimo Sorce2014-03-281-0/+23
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add generic support for IdP plugin admin pagesSimo Sorce2014-03-281-0/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Basic Identity providers plugin configurationSimo Sorce2014-03-281-0/+20
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Refactor login plugin enablement codeSimo Sorce2014-03-281-2/+7
| | | | | | | This allows us to finally implement the plugin enable/disable configuration buttons and enable/disable plugins on the fly. Signed-off-by: Simo Sorce <simo@redhat.com>
* Automatically build configuration page menuSimo Sorce2014-03-281-7/+3
| | | | | | Do not hardcode it, rather build it out of the pages tree. Signed-off-by: Simo Sorce <simo@redhat.com>
* Move login plugin configuration to its own moduleSimo Sorce2014-03-265-25/+31
| | | | | | | move also the template, in preparation for handling other configuration data in the main page. Signed-off-by: Simo Sorce <simo@redhat.com>
* Implement plugin ordering configurationSimo Sorce2014-03-242-2/+30
| | | | | | Allows to change the login plugins order from the admin configuration page. Signed-off-by: Simo Sorce <simo@redhat.com>
* Install default configuration filesSimo Sorce2014-03-201-0/+12
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Initial SAML2 providerSimo Sorce2014-02-241-0/+13
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Use cherrypy handlers to render error pagesSimo Sorce2014-02-243-2/+33
| | | | | | | Replaces custom code to render 401 Unauthorized page as well as adds 400 and 500 handlers Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix master-admin template upper left corner hrefSimo Sorce2014-02-241-1/+1
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Apply patternfly to administration pagesPetr Vobornik2014-02-173-78/+106
| | | | | Signed-off-by: Petr Vobornik <pvoborni@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Krb pagePetr Vobornik2014-02-171-20/+7
| | | | | Signed-off-by: Petr Vobornik <pvoborni@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-23 12:48:54 +0000