| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Since this function is used for both generating session IDs and for
generating POST data identifiers for POST replay, it should have a
generic name.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@181 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
| |
Since we are going to disable autocreation of the POST data directory,
we will need to disable POST replay by default. This patch adds the
MellonPostReplay option, which can be used to enable and disable the
POST replay functionality on a per-location basis.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@177 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@171 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
| |
This directive allows to list IdP entityID for which the signature of
their logout request must not be verified.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@168 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
| |
MellonSubjectConfirmationDataAddressCheck allows to block client address
checking as given in IdP assertion in the SubjectConfirmationData node,
it can be necessary when client and IdP or SP are in a NAT-ed network or
when the SP is behind a reverse proxy.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@152 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
|
|
| |
You can list many class refs they will be concatenated inside an array.
Beware that in each directory, if there is any
MellonAuthnContextClassRef directive, any settings from the previous
level is overwritten.
Thanks to Benjamin Dauvergne for implementing this.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@140 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@139 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
|
|
| |
Change configuration to inherit the lasso_server objects when nothing
affecting the lasso_server object changes from the parent configuration
object.
This should speed up processing of requests where you have
request-specific configuration changes, such as access control rules.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@130 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
| |
Patch originally created by Emmanuel Dreyfus, some changes by me.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@129 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@126 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
|
| |
These allows respectively to set the domain and the path of the domain
of the mellon cookie. Without these the domain defaults to the domain
return by ap_get_server_name() (see
http://httpd.apache.org/dev/apidoc/apidoc_ap_get_server_name.html)
and the path to "/".
git-svn-id: https://modmellon.googlecode.com/svn/trunk@120 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
| |
using a glob(3) pattern.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@117 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@116 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
| |
functionalities. Supports regexp, negations, and attribute name remapping
though MellonSetEnv
git-svn-id: https://modmellon.googlecode.com/svn/trunk@114 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
| |
dicovery URL scheme. It is configured using the MellonProbeDiscoveryTimeout
and MellonProbeDiscoveryIdP directives.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@113 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@99 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@97 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
storage for attributes, as OID-named attributes sent by the Shibboleth
IdP consomes quite some space.
There is also a required Destination attribute in AuthnRequest elements.
It is done by trunk version of lasso, but not by any currently released
version, hence we do if it is not done.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@85 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@84 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@69 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@68 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@67 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
| |
<Organization> element of autogenerated metadata
git-svn-id: https://modmellon.googlecode.com/svn/trunk@57 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
| |
non graphic character (space, CR) from the certificate presented in
autogenerated metadata.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@55 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
| |
the environement
git-svn-id: https://modmellon.googlecode.com/svn/trunk@51 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@50 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@49 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
| |
- IdP discovery service
- add a dimple built-in IdP discovery mechanism: send HTTP GET on ProviderID
URL. If we get HTTP 200, the IdP is selected
git-svn-id: https://modmellon.googlecode.com/svn/trunk@44 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
| |
Thanks to Emmanuel Dreyfus for this patch.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@43 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
| |
session cookies.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@40 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
|
| |
This option is used to decide which page the user should be
redirected to if IdP-initiated SSO is used.
Thanks to Emmanuel Dreyfus for this patch.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@36 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent versions of Lasso supports loading the SP metadata,
certificate and private key from memory. This patch changes mod_mellon
to use this function if it is available. This makes it possible to store
the SP private key readable only from root.
Thanks to Emmanuel Dreyfus for this patch.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@35 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
|
|
|
| |
Thanks to Emmanuel Dreyfus for this patch.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@31 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@22 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
|
|
| |
git-svn-id: https://modmellon.googlecode.com/svn/trunk@12 a716ebb1-153a-0410-b759-cfb97c6a1b53
|
|
git-svn-id: https://modmellon.googlecode.com/svn/trunk@3 a716ebb1-153a-0410-b759-cfb97c6a1b53
|