summaryrefslogtreecommitdiffstats
path: root/auth_mellon_handler.c
Commit message (Collapse)AuthorAgeFilesLines
...
* login endpointolavmrk2010-06-181-0/+70
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@94 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Refactor out am_send_authn_request from am_auth_new_ticket.olavmrk2010-06-181-62/+80
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@93 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix memory leak on no-cookie error during response processing.olavmrk2010-06-171-0/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@90 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Set the MellonIDP variable to the IdP that we got a response from.olavmrk2010-06-171-11/+16
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@89 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add missing session unlock in am_check_uid.olavmrk2010-06-171-0/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@88 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Display proper error when missing MellonSPMetadataFile.olavmrk2010-06-171-6/+11
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@87 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Shibboleth 2 interoperability. This is acchieved by increasing themanu@netbsd.org2010-05-311-0/+13
| | | | | | | | | | | | | storage for attributes, as OID-named attributes sent by the Shibboleth IdP consomes quite some space. There is also a required Destination attribute in AuthnRequest elements. It is done by trunk version of lasso, but not by any currently released version, hence we do if it is not done. git-svn-id: https://modmellon.googlecode.com/svn/trunk@85 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Optionaly ave the remote IdP entityId in the environmentmanu@netbsd.org2010-05-311-0/+10
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@84 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix warning about unused variable in am_handle_metadata.olavmrk2009-12-211-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@77 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix uninitialized variable in repost handler.olavmrk2009-12-211-1/+1
| | | | | | | | This bug could lead to XSS or remote DOS, depending on the compiler. Thanks to Benjamin Dauvergne for reporting this bug. git-svn-id: https://modmellon.googlecode.com/svn/trunk@75 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Require a session for accessing the repost endpointmanu@netbsd.org2009-11-131-0/+6
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@72 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Make sure that redirect URLs doesn't contain control characters.olavmrk2009-11-111-0/+18
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@69 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Support replay of multipart/form-data POST requestsmanu@netbsd.org2009-11-111-41/+185
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@68 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Replay POST requets after been sent to the IdPmanu@netbsd.org2009-11-091-62/+173
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@67 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Disable local session when logout starts.olavmrk2009-08-101-0/+8
| | | | | | | Mark the local session as logged out as soon as logout starts, in case the IdP doesn't respond for some reason. git-svn-id: https://modmellon.googlecode.com/svn/trunk@64 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Properly calculate session expiration.olavmrk2009-08-071-23/+22
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@61 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonOrganization(Name|DisplayName|URL) for filling themanu@netbsd.org2009-06-151-1/+74
| | | | | | | <Organization> element of autogenerated metadata git-svn-id: https://modmellon.googlecode.com/svn/trunk@57 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Strip "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", and anymanu@netbsd.org2009-06-141-2/+12
| | | | | | | | non graphic character (space, CR) from the certificate presented in autogenerated metadata. git-svn-id: https://modmellon.googlecode.com/svn/trunk@55 a716ebb1-153a-0410-b759-cfb97c6a1b53
* When generating metadata, strip leading and trailing content around themanu@netbsd.org2009-06-061-3/+24
| | | | | | | certificate, as it will confuse XML parsers if it contains [<>&]. git-svn-id: https://modmellon.googlecode.com/svn/trunk@54 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add a MellonSamlResponseDump option to dump the SAML authentication response in manu@netbsd.org2009-06-011-6/+11
| | | | | | | the environement git-svn-id: https://modmellon.googlecode.com/svn/trunk@51 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for IdP initiated SOAP single logout.manu@netbsd.org2009-05-151-14/+50
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@49 a716ebb1-153a-0410-b759-cfb97c6a1b53
* - Support for multiple IdPmanu@netbsd.org2009-05-121-59/+300
| | | | | | | | | - IdP discovery service - add a dimple built-in IdP discovery mechanism: send HTTP GET on ProviderID URL. If we get HTTP 200, the IdP is selected git-svn-id: https://modmellon.googlecode.com/svn/trunk@44 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for auto-generating SP metadata.olavmrk2009-05-061-0/+184
| | | | | | Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@43 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Handle logout-request while logged out.olavmrk2009-03-061-1/+4
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@41 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add MellonDefaultLoginPath option.olavmrk2008-11-111-4/+4
| | | | | | | | | | This option is used to decide which page the user should be redirected to if IdP-initiated SSO is used. Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@36 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Use lasso_server_new_from_buffer if available.olavmrk2008-11-101-4/+11
| | | | | | | | | | | | Recent versions of Lasso supports loading the SP metadata, certificate and private key from memory. This patch changes mod_mellon to use this function if it is available. This makes it possible to store the SP private key readable only from root. Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@35 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add IdP initiated SSO support.olavmrk2008-11-101-47/+48
| | | | | | | | This patch adds support for IdP initiated SSO, and also creates more resistance to DOS attacks. git-svn-id: https://modmellon.googlecode.com/svn/trunk@34 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Adjust log level of two messagesolavmrk2008-10-271-2/+2
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@32 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Add support for IdP CA certificate and SP certificate.olavmrk2008-10-271-2/+4
| | | | | | | Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@31 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Give a more helpful error message if the there is a problem with SP metadata.olavmrk2008-10-201-0/+7
| | | | | | | Thanks to Emmanuel Dreyfus for this patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@29 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Handle errors when locking session mutex.olavmrk2008-10-201-1/+8
| | | | | | | | | | | In some cases it is possible that the mutex lock operation fails. This makes the server return a 500 Internal Server Error in those cases, instead of crashing. Thanks to Emmanuel Dreyfus for the patch. git-svn-id: https://modmellon.googlecode.com/svn/trunk@28 a716ebb1-153a-0410-b759-cfb97c6a1b53
* urldecode ReturnTo url in SP initiated logout.olavmrk2008-07-011-0/+7
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@25 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fixed handling of multiple AttributeValue elements in response.olavmrk2007-12-111-1/+1
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@23 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fixed a memory leak in am_auth_new_ticket.olavmrk2007-10-011-3/+0
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@21 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Make the ReturnTo parameter to the SP initiated logout handler mandatory.olavmrk2007-10-011-15/+28
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@17 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Added RedirectTo parameter to logout response.olavmrk2007-09-281-4/+43
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@13 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Copy SessionIndex to LogoutRequest.olavmrk2007-09-281-0/+44
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@12 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Fix bug which made the logout handler the handler for unknown/misspelled ↵olavmrk2007-09-281-1/+1
| | | | | | endpoints. git-svn-id: https://modmellon.googlecode.com/svn/trunk@11 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Initial logout response handler.olavmrk2007-09-281-3/+22
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@10 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Implementation of am_init_logout_request.olavmrk2007-09-281-3/+40
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@9 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Skeleton for SP initiated logout.olavmrk2007-09-281-6/+47
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@8 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Split logout handling into am_handle_logout and am_handle_logout_request.olavmrk2007-09-281-21/+56
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@7 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Renamed logout endpoint from logoutRequest to logout.olavmrk2007-09-281-1/+5
| | | | git-svn-id: https://modmellon.googlecode.com/svn/trunk@6 a716ebb1-153a-0410-b759-cfb97c6a1b53
* Initial import of version 0.0.6olavmrk2007-09-241-0/+1283
git-svn-id: https://modmellon.googlecode.com/svn/trunk@3 a716ebb1-153a-0410-b759-cfb97c6a1b53
generated by cgit (git 2.34.1) at 2024-06-08 03:11:38 +0000