summaryrefslogtreecommitdiffstats
path: root/auth_mellon.h
Commit message (Collapse)AuthorAgeFilesLines
* Rename am_generate_session_id() to am_generate_id().olavmrk2013-03-061-3/+4
| | | | | | | | Since this function is used for both generating session IDs and for generating POST data identifiers for POST replay, it should have a generic name. git-svn-id: https://modmellon.googlecode.com/svn/trunk@181 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Disable replay of POST request by default.olavmrk2013-03-061-0/+7
| | | | | | | | | Since we are going to disable autocreation of the POST data directory, we will need to disable POST replay by default. This patch adds the MellonPostReplay option, which can be used to enable and disable the POST replay functionality on a per-location basis. git-svn-id: https://modmellon.googlecode.com/svn/trunk@177 a716ebb1-153a-0410-b759-cfb97c6a1b53
* add implementation of g_hash_table_get_keys to compile under Centos 5benjamin.dauvergne2012-10-101-0/+22
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@171 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add configuration directive MellonDoNotVerifyLogoutSignaturebenjamin.dauvergne2012-10-091-0/+2
| | | | | | | This directive allows to list IdP entityID for which the signature of their logout request must not be verified. git-svn-id: https://modmellon.googlecode.com/svn/trunk@168 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add directive MellonSubjectConfirmationDataAddressCheckbenjamin.dauvergne2012-02-171-0/+22
| | | | | | | | | MellonSubjectConfirmationDataAddressCheck allows to block client address checking as given in IdP assertion in the SubjectConfirmationData node, it can be necessary when client and IdP or SP are in a NAT-ed network or when the SP is behind a reverse proxy. git-svn-id: https://modmellon.googlecode.com/svn/trunk@152 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonAutnContextClassRef to configuration directivesolavmrk2011-12-071-0/+4
| | | | | | | | | | | You can list many class refs they will be concatenated inside an array. Beware that in each directory, if there is any MellonAuthnContextClassRef directive, any settings from the previous level is overwritten. Thanks to Benjamin Dauvergne for implementing this. git-svn-id: https://modmellon.googlecode.com/svn/trunk@140 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Honour MellonProbeDiscoveryIdP order when sending probesmanu@netbsd.org2011-12-051-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@139 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for inheriting lasso_server objects.olavmrk2011-05-181-0/+2
| | | | | | | | | | | Change configuration to inherit the lasso_server objects when nothing affecting the lasso_server object changes from the parent configuration object. This should speed up processing of requests where you have request-specific configuration changes, such as access control rules. git-svn-id: https://modmellon.googlecode.com/svn/trunk@130 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for loading federation metadata files.olavmrk2011-05-181-1/+7
| | | | | | Patch originally created by Emmanuel Dreyfus, some changes by me. git-svn-id: https://modmellon.googlecode.com/svn/trunk@129 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Change cfg->idp_metadata_files to an array instead of an hash.olavmrk2011-05-181-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@126 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonCookieDomain and MellonCookiePath directivesbenjamin.dauvergne2011-04-071-0/+2
| | | | | | | | | | These allows respectively to set the domain and the path of the domain of the mellon cookie. Without these the domain defaults to the domain return by ap_get_server_name() (see http://httpd.apache.org/dev/apidoc/apidoc_ap_get_server_name.html) and the path to "/". git-svn-id: https://modmellon.googlecode.com/svn/trunk@120 a716ebb1-153a-0410-b759-cfb97c6a1b53
* New MellonIdPMetadataGlob directive to load mulitple IdP metadatamanu@netbsd.org2011-03-231-0/+2
| | | | | | | using a glob(3) pattern. git-svn-id: https://modmellon.googlecode.com/svn/trunk@117 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Regexp backreference substitution in MellonCond manu@netbsd.org2011-03-221-11/+13
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@116 a716ebb1-153a-0410-b759-cfb97c6a1b53
* New MellonCond directive to enable attribute filtering beyond MellonRequire manu@netbsd.org2011-03-171-1/+25
| | | | | | | | | functionalities. Supports regexp, negations, and attribute name remapping though MellonSetEnv git-svn-id: https://modmellon.googlecode.com/svn/trunk@114 a716ebb1-153a-0410-b759-cfb97c6a1b53
* A /mellon/probeDisco endpoint replaces the builtin:get-metadata IdP manu@netbsd.org2011-03-091-0/+2
| | | | | | | | dicovery URL scheme. It is configured using the MellonProbeDiscoveryTimeout and MellonProbeDiscoveryIdP directives. git-svn-id: https://modmellon.googlecode.com/svn/trunk@113 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Validate received response.olavmrk2010-06-301-0/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@99 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Change return type of am_reconstruct_url to not be const.olavmrk2010-06-301-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@97 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Shibboleth 2 interoperability. This is acchieved by increasing themanu@netbsd.org2010-05-311-2/+4
| | | | | | | | | | | | | storage for attributes, as OID-named attributes sent by the Shibboleth IdP consomes quite some space. There is also a required Destination attribute in AuthnRequest elements. It is done by trunk version of lasso, but not by any currently released version, hence we do if it is not done. git-svn-id: https://modmellon.googlecode.com/svn/trunk@85 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Optionaly ave the remote IdP entityId in the environmentmanu@netbsd.org2010-05-311-0/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@84 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Make sure that redirect URLs doesn't contain control characters.olavmrk2009-11-111-0/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@69 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Support replay of multipart/form-data POST requestsmanu@netbsd.org2009-11-111-0/+10
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@68 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Replay POST requets after been sent to the IdPmanu@netbsd.org2009-11-091-1/+9
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@67 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonOrganization(Name|DisplayName|URL) for filling themanu@netbsd.org2009-06-151-0/+5
| | | | | | | <Organization> element of autogenerated metadata git-svn-id: https://modmellon.googlecode.com/svn/trunk@57 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Strip "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", and anymanu@netbsd.org2009-06-141-0/+1
| | | | | | | | non graphic character (space, CR) from the certificate presented in autogenerated metadata. git-svn-id: https://modmellon.googlecode.com/svn/trunk@55 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add a MellonSamlResponseDump option to dump the SAML authentication response in manu@netbsd.org2009-06-011-2/+6
| | | | | | | the environement git-svn-id: https://modmellon.googlecode.com/svn/trunk@51 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonSessionDump option, to make the session available in the environmentmanu@netbsd.org2009-05-251-1/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@50 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for IdP initiated SOAP single logout.manu@netbsd.org2009-05-151-2/+10
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@49 a716ebb1-153a-0410-b759-cfb97c6a1b53
* - Support for multiple IdPmanu@netbsd.org2009-05-121-4/+8
| | | | | | | | | - IdP discovery service - add a dimple built-in IdP discovery mechanism: send HTTP GET on ProviderID URL. If we get HTTP 200, the IdP is selected git-svn-id: https://modmellon.googlecode.com/svn/trunk@44 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for auto-generating SP metadata.olavmrk2009-05-061-0/+2
| | | | | | Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@43 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add a MellonSecureCookie setting to enforce Secure + HttpOnly flags formanu@netbsd.org2009-03-021-0/+1
| | | | | | | | session cookies. git-svn-id: https://modmellon.googlecode.com/svn/trunk@40 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonDefaultLoginPath option.olavmrk2008-11-111-0/+3
| | | | | | | | | | This option is used to decide which page the user should be redirected to if IdP-initiated SSO is used. Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@36 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Use lasso_server_new_from_buffer if available.olavmrk2008-11-101-0/+3
| | | | | | | | | | | | Recent versions of Lasso supports loading the SP metadata, certificate and private key from memory. This patch changes mod_mellon to use this function if it is available. This makes it possible to store the SP private key readable only from root. Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@35 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for IdP CA certificate and SP certificate.olavmrk2008-10-271-0/+2
| | | | | | | Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@31 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Increased maximum Lasso session size.olavmrk2007-10-261-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@22 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Copy SessionIndex to LogoutRequest.olavmrk2007-09-281-0/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@12 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Initial import of version 0.0.6olavmrk2007-09-241-0/+246
git-svn-id: https://modmellon.googlecode.com/svn/trunk@3 a716ebb1-153a-0410-b759-cfb97c6a1b53
generated by cgit (git 2.34.1) at 2024-05-14 05:25:28 +0000