remove authsaml2, it's reborn as plugin authentic2-auth-saml2
This commit is contained in:
parent
833191a3df
commit
2e0e3e6567
|
@ -15,7 +15,6 @@ recursive-include authentic2/auth2_auth/auth2_ssl/templates *.html *.txt *.xml
|
|||
recursive-include authentic2/auth2_auth/templates *.html *.txt *.xml
|
||||
recursive-include authentic2/auth2_auth/auth2_oath/templates *.html *.txt *.xml
|
||||
recursive-include authentic2/auth2_auth/auth2_openid/templates *.html *.txt *.xml
|
||||
recursive-include authentic2/authsaml2/templates *.html *.txt *.xml
|
||||
|
||||
recursive-include authentic2/vendor/totp_js/js *.js
|
||||
recursive-include authentic2/saml/fixtures *.json
|
||||
|
@ -27,7 +26,6 @@ recursive-include authentic2/auth2_auth/locale *.po *.mo
|
|||
recursive-include authentic2/auth2_auth/auth2_ssl/locale *.po *.mo
|
||||
recursive-include authentic2/auth2_auth/auth2_oath/locale *.po *.mo
|
||||
recursive-include authentic2/auth2_auth/auth2_openid/locale *.po *.mo
|
||||
recursive-include authentic2/authsaml2/locale *.po *.mo
|
||||
recursive-include authentic2/attribute_aggregator/locale *.po *.mo
|
||||
recursive-include authentic2/disco_service/locale *.po *.mo
|
||||
recursive-include authentic2 README xrds.xml *.txt yadis.xrdf
|
||||
|
|
|
@ -1,110 +0,0 @@
|
|||
= Add to settings =
|
||||
|
||||
SAML_SIGNATURE_PRIVATE_KEY = *your_key*
|
||||
INSTALLED_APPS += ('*project*.authsaml2', '*project*.authsaml2.saml',)
|
||||
AUTHENTICATION_BACKENDS = (
|
||||
'django.contrib.auth.backends.ModelBackend',
|
||||
'*project*.authsaml2.backends.SAML2AuthBackend',
|
||||
)
|
||||
|
||||
When login_required() with registration and you want to add on the login page the login with a federated account:
|
||||
- the template is directly called: use a context processor to pass a variable
|
||||
TEMPLATE_CONTEXT_PROCESSORS += (
|
||||
'spsaml.views.idp_list',
|
||||
)
|
||||
spsaml.views.idp_list:
|
||||
def idp_list(request):
|
||||
return {'providers_list': authsaml2.saml.common.get_idp_list()}
|
||||
- modify LOGIN_URL
|
||||
LOGIN_URL = '/login/'
|
||||
url(r'^login/', spsaml.views.login)
|
||||
Pass {'providers_list': authsaml2.saml.common.get_idp_list()} to the template
|
||||
|
||||
Then configure in the admin part your SP
|
||||
|
||||
= Target URL =
|
||||
|
||||
After logout, the parameter 'Back url' is used. If empty, authsaml2 returns to the root.
|
||||
|
||||
After login, authsaml2 will redirect in a parameter you have to register,
|
||||
authsaml2 returns to the root of the site.
|
||||
To register a url, if a fonction is called with the next parameter in the url,
|
||||
as it is the case usually with a login page, just call:
|
||||
authsaml2.saml2_endpoints.register_next_target(request)
|
||||
If there is no next parameter call this function giving the target url
|
||||
authsaml2.saml2_endpoints.register_next_target(request, target_url)
|
||||
|
||||
After defederation, by default the local session is not sesion is not ended
|
||||
and the back url is the one of calling of the defederation function.
|
||||
|
||||
= Call AuthSAML2 from your login page =
|
||||
|
||||
* Views:
|
||||
from django.shortcuts import render_to_response
|
||||
from django.template import RequestContext
|
||||
from django.contrib.auth import views as auth_views
|
||||
import authentic2.authsaml2.saml2_endpoints
|
||||
|
||||
def login(request):
|
||||
authsaml2.saml2_endpoints.register_next_target(request)
|
||||
return auth_views.login(request)
|
||||
|
||||
* Template:
|
||||
|
||||
{% if providers_list %}
|
||||
{% trans "Log in with a federated account?" %}
|
||||
<ul>
|
||||
{% for p in providers_list %}
|
||||
<li><a href="/authsaml2/sso?entity_id={{ p.entity_id }}" >{{ p.entity_id }}</a></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
{% endif %}
|
||||
|
||||
= Call AuthSAML2 into the application for user account management =
|
||||
|
||||
* Views:
|
||||
from django.shortcuts import render_to_response
|
||||
from django.template import RequestContext
|
||||
from django.contrib.auth import views as auth_views
|
||||
import authentic2.authsaml2.saml2_endpoints
|
||||
import authentic2.authsaml2.saml.common
|
||||
|
||||
def inside(request):
|
||||
authsaml2.saml2_endpoints.register_next_target(request, '/in')
|
||||
return render_to_response('in.html', {'providers_list_federated': authsaml2.saml.common.get_idp_user_federated_list(request),
|
||||
'providers_list_not_federated': authsaml2.saml.common.get_idp_user_not_federated_list(request),
|
||||
'provider_active_session': authsaml2.saml.common.get_provider_of_active_session(request)},
|
||||
context_instance=RequestContext(request))
|
||||
|
||||
* Template:
|
||||
{% if providers_list_not_federated %}
|
||||
{% trans "Federate your identity" %}
|
||||
<ul>
|
||||
{% for p in providers_list_not_federated %}
|
||||
<li><a href="/authsaml2/sso?entity_id={{ p.entity_id }}/">{{ p.entity_id }}</a></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
{% endif %}
|
||||
{% if providers_list_federated %}
|
||||
{% trans "Defederate your identity" %}
|
||||
<ul>
|
||||
{% for p in providers_list_not_federated %}
|
||||
<li><a href="/authsaml2/defederate/{{ p.entity_id }}/">{{ p.entity_id }}</a></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
{% endif %}
|
||||
{% if provider_active_session %}
|
||||
{% trans "Logout" %}
|
||||
<ul>
|
||||
<li>{% trans "Global Logout: " %}<a href="/authsaml2/logout/{{ provider_active_session.entity_id }}/">{{ provider_active_session.entity_id }}</a></li>
|
||||
<li><p><a href="{% url 'auth_logout' %}">{% trans "Local log out" %}</a></p></li>
|
||||
</ul>
|
||||
{% else %}
|
||||
<a href="{% url 'auth_logout' %}">{% trans "Log out" %}</a>
|
||||
{% endif %}
|
||||
|
||||
Now in idp/__init__.py
|
||||
|
||||
tpl_parameters['providers_list_federated'] = authentic.saml.common.get_idp_user_federated_list(request)
|
||||
tpl_parameters['providers_list_not_federated'] = authentic.saml.common.get_idp_user_not_federated_list(request)
|
||||
|
|
@ -1,135 +0,0 @@
|
|||
import string
|
||||
import random
|
||||
import logging
|
||||
import lasso
|
||||
|
||||
from django.db import transaction
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.utils.translation import ugettext as _
|
||||
|
||||
from authentic2.compat import get_user_model
|
||||
from authentic2.saml.common import \
|
||||
lookup_federation_by_name_id_and_provider_id, add_federation, \
|
||||
get_idp_options_policy
|
||||
from authentic2.saml.models import LIBERTY_SESSION_DUMP_KIND_SP, \
|
||||
LibertySessionDump, LibertyProvider
|
||||
from authentic2.authsaml2.models import SAML2TransientUser
|
||||
|
||||
logger = logging.getLogger('authentic2.authsaml2.backends')
|
||||
|
||||
|
||||
class AuthenticationError(Exception):
|
||||
pass
|
||||
|
||||
|
||||
class AuthSAML2Backend:
|
||||
def logout_list(self, request):
|
||||
pid = None
|
||||
q = LibertySessionDump. \
|
||||
objects.filter(django_session_key=request.session.session_key,
|
||||
kind=LIBERTY_SESSION_DUMP_KIND_SP)
|
||||
if not q:
|
||||
logger.debug('logout_list: no LibertySessionDump found')
|
||||
return []
|
||||
'''
|
||||
We deal with a single IdP session
|
||||
'''
|
||||
try:
|
||||
provider_id = lasso.Session(). \
|
||||
newFromDump(q[0].session_dump.encode('utf-8')). \
|
||||
get_assertions().keys()[0]
|
||||
except:
|
||||
return []
|
||||
if not provider_id:
|
||||
return []
|
||||
logger.debug('logout_list: Found session for %s' % provider_id)
|
||||
name = provider_id
|
||||
provider = None
|
||||
try:
|
||||
provider = LibertyProvider.objects.get(entity_id=provider_id)
|
||||
name = provider.name
|
||||
except LibertyProvider.DoesNotExist:
|
||||
logger.error('logout_list: session found for unknown provider %s' \
|
||||
% provider_id)
|
||||
return []
|
||||
|
||||
policy = get_idp_options_policy(provider)
|
||||
if not policy:
|
||||
logger.error('logout_list: No policy found for %s' % provider_id)
|
||||
return []
|
||||
elif not policy.forward_slo:
|
||||
logger.info('logout_list: %s configured to not reveive slo' \
|
||||
% provider_id)
|
||||
return []
|
||||
else:
|
||||
import saml2_endpoints
|
||||
code = '<div>'
|
||||
code += _('Sending logout to %(pid)s....') % { 'pid': name or provider_id }
|
||||
code += '''<iframe src="%s?provider_id=%s" marginwidth="0" marginheight="0" \
|
||||
scrolling="no" style="border: none" width="16" height="16" onload="window.iframe_count -= 1; console.log(window.location.href + ' decrement iframe_count');"></iframe></div>''' \
|
||||
% (reverse(saml2_endpoints.sp_slo,
|
||||
args=[provider_id]), provider_id)
|
||||
return [ code ]
|
||||
|
||||
|
||||
class AuthSAML2PersistentBackend:
|
||||
supports_object_permissions = False
|
||||
supports_anonymous_user = False
|
||||
|
||||
def authenticate(self, name_id=None, provider_id=None):
|
||||
'''Authenticate persistent NameID'''
|
||||
if not name_id or not provider_id:# or not name_id.nameQualifier:
|
||||
return None
|
||||
#fed = lookup_federation_by_name_identifier(name_id=name_id)
|
||||
fed = lookup_federation_by_name_id_and_provider_id(name_id, provider_id)
|
||||
if fed is None:
|
||||
return None
|
||||
fed.user.backend = '%s.%s' % (__name__, self.__class__.__name__)
|
||||
return fed.user
|
||||
|
||||
def get_user(self, user_id):
|
||||
User = get_user_model()
|
||||
try:
|
||||
return User.objects.get(id=user_id)
|
||||
except User.DoesNotExist:
|
||||
return None
|
||||
|
||||
@transaction.commit_on_success
|
||||
def create_user(self, username=None, name_id=None, provider_id=None):
|
||||
'''Create a new user mapping to the given NameID'''
|
||||
if not name_id or \
|
||||
name_id.format != \
|
||||
lasso.SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT or \
|
||||
not name_id.nameQualifier:
|
||||
raise ValueError('Invalid NameID')
|
||||
if not username:
|
||||
# FIXME: maybe keep more information in the forged username
|
||||
username = 'saml2-%s' % ''. \
|
||||
join([random.SystemRandom().choice(string.letters) for x in range(10)])
|
||||
User = get_user_model()
|
||||
user = User()
|
||||
user.username = username
|
||||
if hasattr(User, 'set_unusable_password'):
|
||||
user.set_unusable_password()
|
||||
user.is_active = True
|
||||
user.save()
|
||||
add_federation(user, name_id=name_id, provider_id=provider_id)
|
||||
return user
|
||||
|
||||
class AuthSAML2TransientBackend:
|
||||
supports_object_permissions = False
|
||||
supports_anonymous_user = False
|
||||
|
||||
def authenticate(self, name_id=None):
|
||||
'''Create temporary user for transient NameID'''
|
||||
if not name_id or \
|
||||
name_id.format != \
|
||||
lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT or \
|
||||
not name_id.content:
|
||||
return None
|
||||
user = SAML2TransientUser(id=name_id.content)
|
||||
return user
|
||||
|
||||
def get_user(self, user_id):
|
||||
'''Create temporary user for transient NameID'''
|
||||
return SAML2TransientUser(id=user_id)
|
|
@ -1,54 +0,0 @@
|
|||
import urllib
|
||||
import functools
|
||||
import django.forms as forms
|
||||
import authentic2.saml.common as saml_common
|
||||
|
||||
from django.utils.translation import gettext_noop
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.contrib.auth import REDIRECT_FIELD_NAME
|
||||
from django.utils.translation import ugettext as _
|
||||
|
||||
from . import saml2_endpoints
|
||||
|
||||
class AuthSAML2Form(forms.Form):
|
||||
def __init__(self, *args, **kwargs):
|
||||
idp_list = kwargs.pop('idp_list')
|
||||
super(AuthSAML2Form, self).__init__(*args, **kwargs)
|
||||
self.fields['provider_id'].choices = \
|
||||
[(p['entity_id'], p['name']) for p in idp_list]
|
||||
|
||||
provider_id = forms.ChoiceField(label=_('Choose your identity provider'),
|
||||
choices=())
|
||||
|
||||
class AuthSAML2Frontend(object):
|
||||
def __init__(self):
|
||||
self.idp_list = saml_common.get_idp_list_sorted()
|
||||
|
||||
def enabled(self):
|
||||
return bool(self.idp_list)
|
||||
|
||||
def id(self):
|
||||
return 'saml2'
|
||||
|
||||
def name(self):
|
||||
return gettext_noop('SAML 2.0')
|
||||
|
||||
def form(self):
|
||||
return functools.partial(AuthSAML2Form, idp_list=self.idp_list)
|
||||
|
||||
def post(self, request, form, nonce, next):
|
||||
provider_id = form.cleaned_data['provider_id']
|
||||
return HttpResponseRedirect('/authsaml2/sso?entity_id=%s&%s=%s' %
|
||||
(urllib.quote(provider_id),
|
||||
REDIRECT_FIELD_NAME,
|
||||
urllib.quote(next)))
|
||||
|
||||
def get_context(self):
|
||||
'''Specific context variable used by the specific template'''
|
||||
return { 'idp_providers': self.idp_list }
|
||||
|
||||
def template(self):
|
||||
return 'auth/saml2/login_form.html'
|
||||
|
||||
def profile(self, request):
|
||||
return saml2_endpoints.profile(request)
|
|
@ -1,410 +0,0 @@
|
|||
# French translation of Authentic
|
||||
# Copyright (C) 2010, 2011 Entr'ouvert
|
||||
# This file is distributed under the same license as the Authentic package.
|
||||
# Frederic Peters <fpeters@entrouvert.com>, 2010.
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: Authentic\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2013-07-23 16:39+0200\n"
|
||||
"PO-Revision-Date: 2013-07-23 16:39+0200\n"
|
||||
"Last-Translator: Mikaël Ates <mates@entrouvert.com>\n"
|
||||
"Language-Team: None\n"
|
||||
"Language: fr\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=n>1;\n"
|
||||
|
||||
#: backends.py:67
|
||||
#, python-format
|
||||
msgid "Sending logout to %(pid)s...."
|
||||
msgstr "Envoi de la deconnesion a %(pid)s...."
|
||||
|
||||
#: frontend.py:20
|
||||
msgid "Choose your identity provider"
|
||||
msgstr "Choisissez votre fournisseur d'identité"
|
||||
|
||||
#: frontend.py:34
|
||||
msgid "SAML 2.0"
|
||||
msgstr "SAML 2.0"
|
||||
|
||||
#: models.py:90
|
||||
msgid "Anonymous"
|
||||
msgstr "Anonyme"
|
||||
|
||||
#: saml2_endpoints.py:128
|
||||
msgid "redirect_to_disco: unable to build disco request"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:135
|
||||
#, python-format
|
||||
msgid "disco_response: HTTP request not supported %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:176 saml2_endpoints.py:182
|
||||
msgid "sso: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:188
|
||||
msgid "sso: No SAML2 identity provider selected"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:196
|
||||
msgid "sso: The provider does not exist"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:201
|
||||
msgid "sso: Unable to create Login object"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:210
|
||||
#, python-format
|
||||
msgid "sso: %s does not have any supported SingleSignOn endpoint"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:216
|
||||
#, python-format
|
||||
msgid "sso: initAuthnRequest %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:222
|
||||
msgid "sso: No IdP policy defined"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:228
|
||||
#, python-format
|
||||
msgid "SSO: buildAuthnRequestMsg %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:255
|
||||
msgid "singleSignOnArtifact: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:273
|
||||
msgid "singleSignOnArtifact: Unable to create Login object"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:279
|
||||
msgid "singleSignOnArtifact: No message given."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:300
|
||||
#, python-format
|
||||
msgid "singleSignOnArtifact: provider %r unknown"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:309
|
||||
#, python-format
|
||||
msgid "singleSignOnArtifact: initRequest %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:317
|
||||
#, python-format
|
||||
msgid "singleSignOnArtifact: buildRequestMsg %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:329
|
||||
#, python-format
|
||||
msgid ""
|
||||
"singleSignOnArtifact: Failure to communicate with artifact "
|
||||
"resolver %r"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:334
|
||||
#, python-format
|
||||
msgid ""
|
||||
"singleSignOnArtifact: Artifact resolver at %r returned an empty "
|
||||
"response"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:350
|
||||
#, python-format
|
||||
msgid "singleSignOnArtifact: processResponseMsg raised %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:365
|
||||
msgid "singleSignOnPost: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:371
|
||||
msgid "singleSignOnPost: Unable to create Login object"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:380
|
||||
msgid "singleSignOnPost: No message given."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:407
|
||||
#, python-format
|
||||
msgid "singleSignOnPost: provider %r unknown"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:418
|
||||
#, python-format
|
||||
msgid "singleSignOnPost: %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:441
|
||||
msgid "sso_after_response: error checking authn response"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:447
|
||||
#, python-format
|
||||
msgid "sso_after_response: acceptSso raised %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:583
|
||||
msgid "sso_after_response: No IdP policy defined"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:632
|
||||
msgid ""
|
||||
"sso_after_response: No backend for temporary federation "
|
||||
"is configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:653
|
||||
msgid ""
|
||||
"sso_after_response: Transient access policy: Configuration error"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:703
|
||||
msgid ""
|
||||
"sso_after_response: You were not asked your consent for "
|
||||
"account linking"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:720
|
||||
msgid ""
|
||||
"sso_after_response: Persistent Account policy: Configuration "
|
||||
"error"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:724
|
||||
msgid ""
|
||||
"sso_after_response: Transient access policy: NameId format not "
|
||||
"supported"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:747
|
||||
msgid "finish_federation: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:753
|
||||
msgid "finish_federation: Unable to create Login object"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:760
|
||||
msgid "finish_federation: Error loading session."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:777
|
||||
msgid ""
|
||||
"SSO/finish_federation: Error adding new federation for "
|
||||
"this user"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:816
|
||||
msgid "finish_federation: Unable to perform federation"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:958
|
||||
msgid "logout: not a logged in user"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:963
|
||||
msgid "logout: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:968
|
||||
msgid "logout: Unable to create Login object"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:976
|
||||
msgid "logout: No session for global logout."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:984
|
||||
msgid "logout: Session malformed."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:990
|
||||
msgid "logout: Error loading provider."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1018
|
||||
msgid "logout: SOAP error - Only local logout performed."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1066
|
||||
msgid "logout: Unknown HTTP method."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1076
|
||||
#, python-format
|
||||
msgid ""
|
||||
"localLogout: SOAP error with %s - Only local logout performed."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1080
|
||||
#, python-format
|
||||
msgid "localLogout: %s - Only local logout performed."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1092
|
||||
msgid "singleLogoutReturn: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1098
|
||||
msgid ""
|
||||
"singleLogoutReturn: Unable to handle Single Logout by Redirect "
|
||||
"without request"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1105
|
||||
msgid "singleLogoutReturn: Unable to create Login object"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1391
|
||||
#, python-format
|
||||
msgid "singleLogout: provider %r unknown"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1469
|
||||
msgid "fedTerm/SP UI: No provider for defederation"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1474
|
||||
msgid "fedTerm/SP UI: Unable to defederate a not logged user!"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1480
|
||||
msgid "fedTerm/SP UI: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1487
|
||||
msgid "fedTerm/SP UI: No such identity provider."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1497
|
||||
msgid "fedTerm/SP UI: Not a valid federation"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1513
|
||||
#, python-format
|
||||
msgid "fedTerm/SP UI: %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1521 saml2_endpoints.py:1552
|
||||
#, python-format
|
||||
msgid "fedTerm/SP SOAP: %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1530
|
||||
msgid ""
|
||||
"fedTerm/SP SOAP: Unable to perform SOAP defederation "
|
||||
"request"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1539 saml2_endpoints.py:1573
|
||||
#, python-format
|
||||
msgid "fedTerm/SP Redirect: %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1561
|
||||
msgid ""
|
||||
"fedTerm/SP SOAP: Unable to perform SOAP defederation request"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1578
|
||||
msgid "Unknown HTTP method."
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1591
|
||||
msgid "fedTerm/SP Redirect: Service provider not configured"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1599
|
||||
msgid "fedTerm/SP Redirect: Error managing manage dump"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1614
|
||||
msgid "fedTerm/SP Redirect: Defederation failed"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1640
|
||||
#, python-format
|
||||
msgid "fedTerm/Return: provider %r unknown"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1647
|
||||
#, python-format
|
||||
msgid "fedTerm/manage_name_id_return: %s"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1695
|
||||
#, python-format
|
||||
msgid "fedTerm/SOAP: provider %r unknown"
|
||||
msgstr ""
|
||||
|
||||
#: saml2_endpoints.py:1888
|
||||
msgid "Successful federation deletion."
|
||||
msgstr ""
|
||||
|
||||
#: utils.py:42
|
||||
#, python-format
|
||||
msgid "An error happened. Report this %s to the administrator."
|
||||
msgstr ""
|
||||
|
||||
#: templates/error_authsaml2.html:8
|
||||
msgid "Back"
|
||||
msgstr "Retour"
|
||||
|
||||
#: templates/profile.html:3
|
||||
msgid "SAML2 Federations"
|
||||
msgstr "Fédérations SAML2"
|
||||
|
||||
#: templates/profile.html:9
|
||||
msgid "Delete a federation?"
|
||||
msgstr "Supprimer une fédération ?"
|
||||
|
||||
#: templates/profile.html:15
|
||||
msgid "Delete"
|
||||
msgstr "Supprimer"
|
||||
|
||||
#: templates/profile.html:23
|
||||
msgid "Add a federation?"
|
||||
msgstr "Ajouter une fédération ?"
|
||||
|
||||
#: templates/profile.html:27 templates/auth/saml2/account_linking.html:32
|
||||
#: templates/auth/saml2/login_form.html:6
|
||||
msgid "Log in"
|
||||
msgstr "S'identifier"
|
||||
|
||||
#: templates/auth/saml2/account_linking.html:5
|
||||
msgid "Log in to link your account"
|
||||
msgstr "Connectez-vous pour lier vos comptes"
|
||||
|
||||
#: templates/auth/saml2/account_linking.html:9
|
||||
msgid "Log in to link with your existing account"
|
||||
msgstr "Connectez-vous pour lier avec un compte existant"
|
||||
|
||||
#: templates/auth/saml2/account_linking.html:17
|
||||
#: templates/auth/saml2/account_linking.html:24
|
||||
msgid "Username:"
|
||||
msgstr "Nom d'utilisateur :"
|
||||
|
||||
#: templates/auth/saml2/account_linking.html:20
|
||||
#: templates/auth/saml2/account_linking.html:28
|
||||
msgid "Password:"
|
||||
msgstr "Mot de passe :"
|
||||
|
||||
#: templates/auth/saml2/logout.html:5
|
||||
msgid "Logout"
|
||||
msgstr "Déconnexion"
|
||||
|
||||
#: templates/auth/saml2/logout.html:18
|
||||
msgid "Continue logout"
|
||||
msgstr "Continuer la déconnexion"
|
|
@ -1,122 +0,0 @@
|
|||
# encoding: utf-8
|
||||
import datetime
|
||||
from south.db import db
|
||||
from south.v2 import SchemaMigration
|
||||
from django.db import models
|
||||
|
||||
class Migration(SchemaMigration):
|
||||
|
||||
def forwards(self, orm):
|
||||
|
||||
# Adding model 'AuthorizationAttributeMap'
|
||||
db.create_table('authsaml2_authorizationattributemap', (
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('name', self.gf('django.db.models.fields.CharField')(unique=True, max_length=40)),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['AuthorizationAttributeMap'])
|
||||
|
||||
# Adding model 'AttributeMapping'
|
||||
db.create_table('authsaml2_attributemapping', (
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('source_attribute_name', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('attribute_value_format', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('attribute_name', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('attribute_value', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('map', self.gf('django.db.models.fields.related.ForeignKey')(to=orm['authsaml2.AuthorizationAttributeMap'])),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['AttributeMapping'])
|
||||
|
||||
# Adding model 'IdPOptionsPolicy'
|
||||
db.create_table('authsaml2_idpoptionspolicy', (
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('name', self.gf('django.db.models.fields.CharField')(unique=True, max_length=80)),
|
||||
('enabled', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('no_nameid_policy', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('requested_name_id_format', self.gf('django.db.models.fields.CharField')(default='none', max_length=20)),
|
||||
('transient_is_persistent', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('allow_create', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('enable_binding_for_sso_response', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('binding_for_sso_response', self.gf('django.db.models.fields.CharField')(default='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact', max_length=60)),
|
||||
('enable_http_method_for_slo_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('http_method_for_slo_request', self.gf('django.db.models.fields.IntegerField')(default=4, max_length=60)),
|
||||
('enable_http_method_for_defederation_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('http_method_for_defederation_request', self.gf('django.db.models.fields.IntegerField')(default=5, max_length=60)),
|
||||
('user_consent', self.gf('django.db.models.fields.CharField')(default='urn:oasis:names:tc:SAML:2.0:consent:current-implicit', max_length=60)),
|
||||
('want_force_authn_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('want_is_passive_authn_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('want_authn_request_signed', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('attribute_map', self.gf('django.db.models.fields.related.ForeignKey')(blank=True, related_name='authorization_attributes', null=True, to=orm['authsaml2.AuthorizationAttributeMap'])),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['IdPOptionsPolicy'])
|
||||
|
||||
# Adding model 'MyServiceProvider'
|
||||
db.create_table('authsaml2_myserviceprovider', (
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('handle_persistent', self.gf('django.db.models.fields.CharField')(max_length=80)),
|
||||
('handle_transient', self.gf('django.db.models.fields.CharField')(max_length=80)),
|
||||
('back_url', self.gf('django.db.models.fields.CharField')(max_length=80)),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['MyServiceProvider'])
|
||||
|
||||
|
||||
def backwards(self, orm):
|
||||
|
||||
# Deleting model 'AuthorizationAttributeMap'
|
||||
db.delete_table('authsaml2_authorizationattributemap')
|
||||
|
||||
# Deleting model 'AttributeMapping'
|
||||
db.delete_table('authsaml2_attributemapping')
|
||||
|
||||
# Deleting model 'IdPOptionsPolicy'
|
||||
db.delete_table('authsaml2_idpoptionspolicy')
|
||||
|
||||
# Deleting model 'MyServiceProvider'
|
||||
db.delete_table('authsaml2_myserviceprovider')
|
||||
|
||||
|
||||
models = {
|
||||
'authsaml2.attributemapping': {
|
||||
'Meta': {'object_name': 'AttributeMapping'},
|
||||
'attribute_name': ('django.db.models.fields.CharField', [], {'max_length': '40'}),
|
||||
'attribute_value': ('django.db.models.fields.CharField', [], {'max_length': '40'}),
|
||||
'attribute_value_format': ('django.db.models.fields.CharField', [], {'max_length': '40'}),
|
||||
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'map': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['authsaml2.AuthorizationAttributeMap']"}),
|
||||
'source_attribute_name': ('django.db.models.fields.CharField', [], {'max_length': '40'})
|
||||
},
|
||||
'authsaml2.authorizationattributemap': {
|
||||
'Meta': {'object_name': 'AuthorizationAttributeMap'},
|
||||
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '40'})
|
||||
},
|
||||
'authsaml2.idpoptionspolicy': {
|
||||
'Meta': {'object_name': 'IdPOptionsPolicy'},
|
||||
'allow_create': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'attribute_map': ('django.db.models.fields.related.ForeignKey', [], {'blank': 'True', 'related_name': "'authorization_attributes'", 'null': 'True', 'to': "orm['authsaml2.AuthorizationAttributeMap']"}),
|
||||
'binding_for_sso_response': ('django.db.models.fields.CharField', [], {'default': "'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'", 'max_length': '60'}),
|
||||
'enable_binding_for_sso_response': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'enable_http_method_for_defederation_request': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'enable_http_method_for_slo_request': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'enabled': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'http_method_for_defederation_request': ('django.db.models.fields.IntegerField', [], {'default': '5', 'max_length': '60'}),
|
||||
'http_method_for_slo_request': ('django.db.models.fields.IntegerField', [], {'default': '4', 'max_length': '60'}),
|
||||
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
|
||||
'no_nameid_policy': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'requested_name_id_format': ('django.db.models.fields.CharField', [], {'default': "'none'", 'max_length': '20'}),
|
||||
'transient_is_persistent': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'user_consent': ('django.db.models.fields.CharField', [], {'default': "'urn:oasis:names:tc:SAML:2.0:consent:current-implicit'", 'max_length': '60'}),
|
||||
'want_authn_request_signed': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'want_force_authn_request': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'want_is_passive_authn_request': ('django.db.models.fields.BooleanField', [], {'default': 'False'})
|
||||
},
|
||||
'authsaml2.myserviceprovider': {
|
||||
'Meta': {'object_name': 'MyServiceProvider'},
|
||||
'back_url': ('django.db.models.fields.CharField', [], {'max_length': '80'}),
|
||||
'handle_persistent': ('django.db.models.fields.CharField', [], {'max_length': '80'}),
|
||||
'handle_transient': ('django.db.models.fields.CharField', [], {'max_length': '80'}),
|
||||
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'})
|
||||
}
|
||||
}
|
||||
|
||||
complete_apps = ['authsaml2']
|
|
@ -1,75 +0,0 @@
|
|||
# encoding: utf-8
|
||||
import datetime
|
||||
from south.db import db
|
||||
from south.v2 import SchemaMigration
|
||||
from django.db import models
|
||||
|
||||
class Migration(SchemaMigration):
|
||||
|
||||
def forwards(self, orm):
|
||||
|
||||
# Deleting model 'AuthorizationAttributeMap'
|
||||
db.delete_table('authsaml2_authorizationattributemap')
|
||||
|
||||
# Deleting model 'IdPOptionsPolicy'
|
||||
db.delete_table('authsaml2_idpoptionspolicy')
|
||||
|
||||
# Deleting model 'AttributeMapping'
|
||||
db.delete_table('authsaml2_attributemapping')
|
||||
|
||||
|
||||
def backwards(self, orm):
|
||||
|
||||
# Adding model 'AuthorizationAttributeMap'
|
||||
db.create_table('authsaml2_authorizationattributemap', (
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('name', self.gf('django.db.models.fields.CharField')(max_length=40, unique=True)),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['AuthorizationAttributeMap'])
|
||||
|
||||
# Adding model 'IdPOptionsPolicy'
|
||||
db.create_table('authsaml2_idpoptionspolicy', (
|
||||
('enable_http_method_for_defederation_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('name', self.gf('django.db.models.fields.CharField')(max_length=80, unique=True)),
|
||||
('http_method_for_defederation_request', self.gf('django.db.models.fields.IntegerField')(default=5, max_length=60)),
|
||||
('binding_for_sso_response', self.gf('django.db.models.fields.CharField')(default='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact', max_length=60)),
|
||||
('enabled', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('allow_create', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('enable_http_method_for_slo_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('http_method_for_slo_request', self.gf('django.db.models.fields.IntegerField')(default=4, max_length=60)),
|
||||
('requested_name_id_format', self.gf('django.db.models.fields.CharField')(default='none', max_length=20)),
|
||||
('attribute_map', self.gf('django.db.models.fields.related.ForeignKey')(related_name='authorization_attributes', null=True, to=orm['authsaml2.AuthorizationAttributeMap'], blank=True)),
|
||||
('user_consent', self.gf('django.db.models.fields.CharField')(default='urn:oasis:names:tc:SAML:2.0:consent:current-implicit', max_length=60)),
|
||||
('no_nameid_policy', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('transient_is_persistent', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('want_authn_request_signed', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('want_is_passive_authn_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('enable_binding_for_sso_response', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('want_force_authn_request', self.gf('django.db.models.fields.BooleanField')(default=False)),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['IdPOptionsPolicy'])
|
||||
|
||||
# Adding model 'AttributeMapping'
|
||||
db.create_table('authsaml2_attributemapping', (
|
||||
('map', self.gf('django.db.models.fields.related.ForeignKey')(to=orm['authsaml2.AuthorizationAttributeMap'])),
|
||||
('attribute_name', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('source_attribute_name', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('attribute_value_format', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('attribute_value', self.gf('django.db.models.fields.CharField')(max_length=40)),
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['AttributeMapping'])
|
||||
|
||||
|
||||
models = {
|
||||
'authsaml2.myserviceprovider': {
|
||||
'Meta': {'object_name': 'MyServiceProvider'},
|
||||
'back_url': ('django.db.models.fields.CharField', [], {'max_length': '80'}),
|
||||
'handle_persistent': ('django.db.models.fields.CharField', [], {'max_length': '80'}),
|
||||
'handle_transient': ('django.db.models.fields.CharField', [], {'max_length': '80'}),
|
||||
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'})
|
||||
}
|
||||
}
|
||||
|
||||
complete_apps = ['authsaml2']
|
|
@ -1,31 +0,0 @@
|
|||
# encoding: utf-8
|
||||
import datetime
|
||||
from south.db import db
|
||||
from south.v2 import SchemaMigration
|
||||
from django.db import models
|
||||
|
||||
class Migration(SchemaMigration):
|
||||
|
||||
def forwards(self, orm):
|
||||
|
||||
# Deleting model 'MyServiceProvider'
|
||||
db.delete_table('authsaml2_myserviceprovider')
|
||||
|
||||
|
||||
def backwards(self, orm):
|
||||
|
||||
# Adding model 'MyServiceProvider'
|
||||
db.create_table('authsaml2_myserviceprovider', (
|
||||
('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('handle_persistent', self.gf('django.db.models.fields.CharField')(max_length=80)),
|
||||
('handle_transient', self.gf('django.db.models.fields.CharField')(max_length=80)),
|
||||
('back_url', self.gf('django.db.models.fields.CharField')(max_length=80)),
|
||||
))
|
||||
db.send_create_signal('authsaml2', ['MyServiceProvider'])
|
||||
|
||||
|
||||
models = {
|
||||
|
||||
}
|
||||
|
||||
complete_apps = ['authsaml2']
|
|
@ -1,92 +0,0 @@
|
|||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.db.models.manager import EmptyManager
|
||||
from django.contrib.auth.models import _user_get_all_permissions, _user_has_perm, _user_has_module_perms
|
||||
|
||||
|
||||
class FakePk:
|
||||
name = 'pk'
|
||||
|
||||
class FakeMeta:
|
||||
pk = FakePk()
|
||||
|
||||
class SAML2TransientUser(object):
|
||||
'''Class compatible with django.contrib.auth.models.User
|
||||
which represent an user authenticated using a Transient
|
||||
federation'''
|
||||
id = None
|
||||
pk = None
|
||||
is_staff = False
|
||||
is_active = False
|
||||
is_superuser = False
|
||||
_groups = EmptyManager()
|
||||
_user_permissions = EmptyManager()
|
||||
_meta = FakeMeta()
|
||||
|
||||
def __init__(self, id):
|
||||
self.id = id
|
||||
self.pk = id
|
||||
|
||||
def __unicode__(self):
|
||||
return 'AnonymousUser'
|
||||
|
||||
def __str__(self):
|
||||
return unicode(self).encode('utf-8')
|
||||
|
||||
def __eq__(self, other):
|
||||
return isinstance(other, self.__class__)
|
||||
|
||||
def __ne__(self, other):
|
||||
return not self.__eq__(other)
|
||||
|
||||
def __hash__(self):
|
||||
return 1 # instances always return the same hash value
|
||||
|
||||
def save(self, **kwargs):
|
||||
pass
|
||||
|
||||
def delete(self):
|
||||
raise NotImplementedError
|
||||
|
||||
def set_password(self, raw_password):
|
||||
raise NotImplementedError
|
||||
|
||||
def check_password(self, raw_password):
|
||||
raise NotImplementedError
|
||||
|
||||
def _get_groups(self):
|
||||
return self._groups
|
||||
groups = property(_get_groups)
|
||||
|
||||
def _get_user_permissions(self):
|
||||
return self._user_permissions
|
||||
user_permissions = property(_get_user_permissions)
|
||||
|
||||
def get_group_permissions(self, obj=None):
|
||||
return set()
|
||||
|
||||
def get_all_permissions(self, obj=None):
|
||||
return _user_get_all_permissions(self, obj=obj)
|
||||
|
||||
def has_perm(self, perm, obj=None):
|
||||
return _user_has_perm(self, perm, obj=obj)
|
||||
|
||||
def has_perms(self, perm_list, obj=None):
|
||||
for perm in perm_list:
|
||||
if not self.has_perm(perm, obj):
|
||||
return False
|
||||
return True
|
||||
|
||||
def has_module_perms(self, module):
|
||||
return _user_has_module_perms(self, module)
|
||||
|
||||
def is_anonymous(self):
|
||||
#XXX: Should return True
|
||||
return False
|
||||
|
||||
def is_authenticated(self):
|
||||
return True
|
||||
|
||||
def get_username(self):
|
||||
return _('Anonymous')
|
||||
username = property(get_username)
|
File diff suppressed because it is too large
Load Diff
|
@ -1,10 +0,0 @@
|
|||
from django.dispatch import Signal
|
||||
|
||||
#authz_decision
|
||||
authz_decision = Signal(providing_args = ["request","attributes","provider"])
|
||||
|
||||
#user login
|
||||
auth_login = Signal(providing_args = ["request","attributes"])
|
||||
|
||||
#user logout
|
||||
auth_logout = Signal(providing_args = ["user"])
|
|
@ -1,39 +0,0 @@
|
|||
{% extends "base.html" %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block title %}
|
||||
{% trans "Log in to link your account" %}
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<p>* {% trans "Log in to link with your existing account" %}</p>
|
||||
<div id="login-actions">
|
||||
<form id="login-form" method="post" action="./finish_federation">
|
||||
<ul class="errorlist">
|
||||
{% for error in form.non_field_errors %}
|
||||
<li>{{ error|escape }}</li>
|
||||
{% endfor %}
|
||||
{% for error in form.username.errors %}
|
||||
<li>{% trans "Username:" %} {{ error|escape }}</li>
|
||||
{% endfor %}
|
||||
{% for error in form.password.errors %}
|
||||
<li>{% trans "Password:" %} {{ error|escape }}</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
<p>
|
||||
<label for="id_username">{% trans "Username:" %}</label>
|
||||
<input id="id_username" type="text" name="username" maxlength="30" />
|
||||
</p>
|
||||
<p>
|
||||
<label for="id_password">{% trans "Password:" %}</label>
|
||||
<input type="password" name="password" id="id_password" />
|
||||
</p>
|
||||
|
||||
<input type="submit" value="{% trans 'Log in' %}" class="submit" />
|
||||
<input type="hidden" name="next" value="{{ next }}" />
|
||||
</form>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
document.getElementById('id_username').focus();
|
||||
</script>
|
||||
{% endblock %}
|
|
@ -1,8 +0,0 @@
|
|||
{% load i18n %}
|
||||
<div>
|
||||
<form method="post" action="">
|
||||
{% csrf_token %}
|
||||
{{ form.as_p }}
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Log in" %}"/>
|
||||
</form>
|
||||
</div>
|
|
@ -1,20 +0,0 @@
|
|||
{% extends "base.html" %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block title %}
|
||||
{% trans "Logout" %}
|
||||
{% endblock %}
|
||||
{% block bodyargs %}onload="setTimeout(function () { window.location='{{ next_page }}' }, {{ redir_timeout }})"{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
<h1>{% trans message %}</h1>
|
||||
<ul class="logout-list">
|
||||
{% for fragment in logout_list %}
|
||||
{{ fragment|safe }}
|
||||
{% endfor %}
|
||||
</ul>
|
||||
|
||||
<div id="continue-link"><a href="{{ next_page }}">{% trans "Continue logout" %}</div>
|
||||
|
||||
{% endblock %}
|
|
@ -1,9 +0,0 @@
|
|||
{% extends "base.html" %}
|
||||
{% load i18n %}
|
||||
{% block bodyargs %}onload="setTimeout(function () { window.location='{{ next_page }}' }, {{ redir_timeout }})"{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<h1>{{ title }}</h1>
|
||||
|
||||
<p><a href="{{ back }}">{% trans "Back" %}<a/></p>
|
||||
{% endblock %}
|
|
@ -1,32 +0,0 @@
|
|||
{% load i18n %}
|
||||
{% if form or federations %}
|
||||
<h4>{% trans "SAML2 Federations" %}</h4>
|
||||
|
||||
<div>
|
||||
|
||||
{% if federations %}
|
||||
<p>
|
||||
<h5>{% trans "Delete a federation?" %}</h5>
|
||||
{% for f in federations %}
|
||||
<form action="{% url 'authsaml2-delete-federation' %}" method="post">
|
||||
<label for="id_del_fed">{{ f }}</label>
|
||||
<input type="hidden" name="fed" value="{{ f }}" />
|
||||
<input type="hidden" name="next" value="/profile" />
|
||||
<input type="submit" class="submit-link" value="{% trans "Delete" %}">
|
||||
</form>
|
||||
{% endfor %}
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if form %}
|
||||
<p>
|
||||
<h5>{% trans "Add a federation?" %}</h5>
|
||||
<form method="post" action="">
|
||||
{% csrf_token %}
|
||||
{{ form.as_p }}
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Log in" %}"/>
|
||||
</form>
|
||||
</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endif %}
|
|
@ -1,50 +0,0 @@
|
|||
from django.conf import settings
|
||||
|
||||
from django.conf.urls import patterns, url
|
||||
|
||||
from authentic2.authsaml2.saml2_endpoints import metadata, sso, finish_federation, \
|
||||
singleSignOnArtifact, singleSignOnPost, sp_slo, singleLogoutReturn, \
|
||||
singleLogoutSOAP, singleLogout, federationTermination, manageNameIdReturn, \
|
||||
manageNameIdSOAP, manageNameId, delete_federation, redirect_to_disco, \
|
||||
disco_response, finish_slo
|
||||
|
||||
urlpatterns = patterns('',
|
||||
(r'^metadata$', metadata),
|
||||
# Receive request from user interface
|
||||
(r'^sso$', sso),
|
||||
(r'^finish_federation$', finish_federation),
|
||||
(r'^singleSignOnArtifact$', singleSignOnArtifact),
|
||||
(r'^singleSignOnPost$', singleSignOnPost),
|
||||
# Receive request from functions
|
||||
(r'^sp_slo/(.*)$', sp_slo),
|
||||
# Receive response from Redirect SP initiated
|
||||
(r'^singleLogoutReturn$', singleLogoutReturn),
|
||||
# Receive request from SOAP IdP initiated
|
||||
(r'^singleLogoutSOAP$', singleLogoutSOAP),
|
||||
# Receive request from Redirect IdP initiated
|
||||
(r'^singleLogout$', singleLogout),
|
||||
# Back of SLO treatment by the IdP Side
|
||||
(r'^finish_slo$', finish_slo),
|
||||
# Receive request from user interface
|
||||
(r'^federationTermination$', federationTermination),
|
||||
# Receive response from Redirect SP initiated
|
||||
(r'^manageNameIdReturn$', manageNameIdReturn),
|
||||
# Receive request from SOAP IdP initiated
|
||||
(r'^manageNameIdSOAP$', manageNameIdSOAP),
|
||||
# Receive request from Redirect IdP initiated
|
||||
(r'^manageNameId$', manageNameId),
|
||||
# Receive request from Redirect IdP initiated
|
||||
url(r'^delete_federation/$', delete_federation,
|
||||
name='authsaml2-delete-federation'),
|
||||
)
|
||||
|
||||
try:
|
||||
if settings.USE_DISCO_SERVICE:
|
||||
urlpatterns += patterns('',
|
||||
#Send idp discovery request
|
||||
(r'^redirect_to_disco$', redirect_to_disco),
|
||||
#receive idp discovery response
|
||||
(r'^discoveryReturn$', disco_response),
|
||||
)
|
||||
except:
|
||||
pass
|
|
@ -1,78 +0,0 @@
|
|||
import re
|
||||
import time
|
||||
import logging
|
||||
|
||||
from django.template import RequestContext
|
||||
from django.contrib.auth import REDIRECT_FIELD_NAME
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.shortcuts import render_to_response
|
||||
from django.contrib import messages
|
||||
from django.conf import settings
|
||||
|
||||
__redirection_timeout = 1600
|
||||
|
||||
__root_refererer_re = re.compile('^(https?://[^/]*/?)')
|
||||
def error_page(request, message=None, back=None, logger=None,
|
||||
default_message=True, timer=False):
|
||||
'''View that show a simple error page to the user with a back link.
|
||||
|
||||
back - url for the back link, if None, return to root of the referer
|
||||
or the local root.
|
||||
'''
|
||||
if logger:
|
||||
logger.error('Showing message %r on an error page' % message)
|
||||
else:
|
||||
logging.error('Showing message %r on an error page' % message)
|
||||
if back is None:
|
||||
referer = request.META.get('HTTP_REFERER')
|
||||
if referer:
|
||||
root_referer = __root_refererer_re.match(referer)
|
||||
if root_referer:
|
||||
back = root_referer.group(1)
|
||||
if back is None:
|
||||
back = '/'
|
||||
global __redirection_timeout
|
||||
context = RequestContext(request)
|
||||
if timer:
|
||||
context['redir_timeout'] = __redirection_timeout
|
||||
context['next_page'] = back
|
||||
display_message = getattr(settings, 'DISPLAY_MESSAGE_ERROR_PAGE', ())
|
||||
if default_message and not display_message:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('An error happened. Report this %s to the administrator.') % \
|
||||
time.strftime("[%Y-%m-%d %a %H:%M:%S]", time.localtime()))
|
||||
elif message:
|
||||
messages.add_message(request, messages.ERROR, message)
|
||||
return render_to_response('error_authsaml2.html', {'back': back},
|
||||
context_instance=context)
|
||||
|
||||
# Used to register requested url during SAML redirections
|
||||
def register_next_target(request, url=None):
|
||||
if url:
|
||||
next = url
|
||||
else:
|
||||
next = request.GET.get(REDIRECT_FIELD_NAME)
|
||||
if not next:
|
||||
next = '/'
|
||||
request.session['next'] = next
|
||||
|
||||
def get_registered_url(request):
|
||||
if 'next' in request.session:
|
||||
return request.session['next']
|
||||
return None
|
||||
|
||||
def register_request_id(request, request_id):
|
||||
request.session['saml_request_id'] = request_id
|
||||
|
||||
# Used for account linking
|
||||
def save_federation_temp(request, login, attributes=None):
|
||||
if login and login.identity:
|
||||
request.session['identity_dump'] = login.identity.dump()
|
||||
request.session['remoteProviderId'] = login.remoteProviderId
|
||||
request.session['nameId'] = login.nameIdentifier
|
||||
if attributes:
|
||||
request.session['attributes'] = attributes
|
||||
|
||||
def load_federation_temp(request, login):
|
||||
if 'identity_dump' in request.session:
|
||||
login.setIdentityFromDump(request.session['identity_dump'])
|
|
@ -2,12 +2,10 @@ from django.contrib.auth.decorators import login_required
|
|||
from django.http import HttpResponseRedirect
|
||||
from functools import wraps
|
||||
|
||||
from authentic2.authsaml2.models import SAML2TransientUser
|
||||
|
||||
TRANSIENT_USER_TYPES = (SAML2TransientUser, )
|
||||
TRANSIENT_USER_TYPES = []
|
||||
|
||||
def is_transient_user(user):
|
||||
return isinstance(user, TRANSIENT_USER_TYPES)
|
||||
return isinstance(user, tuple(TRANSIENT_USER_TYPES))
|
||||
|
||||
def prevent_access_to_transient_users(view_func):
|
||||
def _wrapped_view(request, *args, **kwargs):
|
||||
|
|
|
@ -72,9 +72,9 @@ from authentic2.constants import NONCE_FIELD_NAME
|
|||
from authentic2.idp import signals as idp_signals
|
||||
# from authentic2.idp.models import *
|
||||
|
||||
from authentic2.authsaml2.models import SAML2TransientUser
|
||||
from authentic2.utils import (cache_and_validate, get_backends as
|
||||
get_idp_backends, get_username)
|
||||
from authentic2.decorators import is_transient_user
|
||||
|
||||
logger = logging.getLogger('authentic2.idp.saml')
|
||||
|
||||
|
@ -252,13 +252,6 @@ def build_assertion(request, login, nid_format='transient', attributes=None):
|
|||
authn_context = lasso.SAML2_AUTHN_CONTEXT_PASSWORD
|
||||
elif backend == 'authentic2.auth2_auth.auth2_ssl.backend.SSLBackend':
|
||||
authn_context = lasso.SAML2_AUTHN_CONTEXT_X509
|
||||
# XXX: grab context from the assertion received
|
||||
elif backend == \
|
||||
'authentic2.authsaml2.backends.AuthSAML2PersistentBackend':
|
||||
authn_context = lasso.SAML2_AUTHN_CONTEXT_UNSPECIFIED
|
||||
elif backend == \
|
||||
'authentic2.authsaml2.backends.AuthSAML2TransientBackend':
|
||||
authn_context = lasso.SAML2_AUTHN_CONTEXT_UNSPECIFIED
|
||||
else:
|
||||
backend = load_backend(backend)
|
||||
if hasattr(backend, 'get_saml2_authn_context'):
|
||||
|
@ -581,8 +574,7 @@ def sso_after_process_request(request, login, consent_obtained=False,
|
|||
#Deal with transient users
|
||||
transient_user = False
|
||||
# XXX: Deal with all kind of transient users
|
||||
type(SAML2TransientUser)
|
||||
if isinstance(request.user, SAML2TransientUser):
|
||||
if is_transient_user(request.user):
|
||||
logger.debug('the user is transient')
|
||||
transient_user = True
|
||||
if transient_user and login.request.nameIdPolicy.format == \
|
||||
|
@ -1285,52 +1277,6 @@ def slo_soap(request):
|
|||
logger.exception('slo, relaying to %s failed ' %
|
||||
lib_session.provider_id)
|
||||
|
||||
#Send SLO to IdP
|
||||
pid = None
|
||||
q = LibertySessionDump. \
|
||||
objects.filter(django_session_key__in=django_session_keys,
|
||||
kind=LIBERTY_SESSION_DUMP_KIND_SP)
|
||||
if not q:
|
||||
logger.info('No session found for a third IdP')
|
||||
else:
|
||||
from authentic2.authsaml2 import saml2_endpoints
|
||||
server = saml2_endpoints.create_server(request)
|
||||
logout2 = lasso.Logout(server)
|
||||
for s in q:
|
||||
logger.debug('IdP session found %s' % s.session_dump)
|
||||
try:
|
||||
lib_session = lasso.Session().newFromDump(s.session_dump.encode('utf-8'))
|
||||
except lasso.Error:
|
||||
logger.debug('Unable to load session %s' % s.session_dump)
|
||||
else:
|
||||
try:
|
||||
pid = lib_session.get_assertions().keys()[0]
|
||||
logger.debug('SLO to %s' % pid)
|
||||
logout2.setSessionFromDump(s.session_dump.encode('utf8'))
|
||||
provider = load_provider(request, pid,
|
||||
server=server, sp_or_idp='idp')
|
||||
policy = get_idp_options_policy(provider)
|
||||
if not policy:
|
||||
logger.error('No policy found for %s'\
|
||||
% provider)
|
||||
elif not policy.forward_slo:
|
||||
logger.info('%s configured to not receive \
|
||||
slo' % provider)
|
||||
else:
|
||||
'''
|
||||
As we are in a synchronous binding,
|
||||
we need SOAP support
|
||||
'''
|
||||
logout2.initRequest(None, lasso.HTTP_METHOD_SOAP)
|
||||
logout2.buildRequestMsg()
|
||||
soap_response = send_soap_request(request, logout2)
|
||||
logout2.processResponseMsg(soap_response)
|
||||
logger.info('successful SLO with %s' \
|
||||
% pid)
|
||||
except Exception, e:
|
||||
logger.error('error treating SLO with IdP %s' \
|
||||
% str(e))
|
||||
|
||||
'''
|
||||
Respond to the SP initiating SLO
|
||||
'''
|
||||
|
|
|
@ -26,7 +26,6 @@ from authentic2.saml.models import LibertyFederation, LibertyProvider, \
|
|||
from authentic2.saml import models
|
||||
from authentic2.saml import saml2utils
|
||||
|
||||
from authentic2.authsaml2 import signals
|
||||
from authentic2.http_utils import get_url
|
||||
from .. import nonce
|
||||
|
||||
|
@ -438,31 +437,6 @@ def lookup_federation_by_user(user, qualifier):
|
|||
return None
|
||||
return fed[0]
|
||||
|
||||
# List Idp providers - Use from display in templates
|
||||
# WARNING: No way for multiple federation by user with a single IdP (is it a problem??)
|
||||
def get_idp_list():
|
||||
return LibertyProvider.objects.exclude(identity_provider=None) \
|
||||
.values('entity_id','name')
|
||||
|
||||
def get_idp_list_sorted():
|
||||
return LibertyProvider.objects.exclude(identity_provider=None) \
|
||||
.order_by('name').values('entity_id','name')
|
||||
|
||||
def get_idp_user_federated_list(request):
|
||||
user = request.user
|
||||
if request.user.is_anonymous():
|
||||
return None
|
||||
return [p for p in get_idp_list() \
|
||||
if lookup_federation_by_user(user, p.entity_id)]
|
||||
|
||||
def get_idp_user_not_federated_list(request):
|
||||
user = request.user
|
||||
if request.user.is_anonymous():
|
||||
return None
|
||||
return [p for p in get_idp_list() \
|
||||
if not lookup_federation_by_user(user, p.entity_id)]
|
||||
|
||||
|
||||
# The session_index is the "session on the IdP" identifiers
|
||||
# One identifier is dedicated for each sp for each user session
|
||||
# to not be a factor of linkability between sp
|
||||
|
@ -724,9 +698,6 @@ def authz_decision_cb(sender, request=None, attributes={},
|
|||
_('Your access is denied. At least one attribute does not match.')
|
||||
return dic
|
||||
|
||||
signals.authz_decision.connect(authz_decision_cb,
|
||||
dispatch_uid='authz_decision_on_attributes')
|
||||
|
||||
def get_session_not_on_or_after(assertion):
|
||||
'''Extract the minimal value for the SessionNotOnOrAfter found in the given
|
||||
assertion AuthenticationStatement(s).
|
||||
|
|
|
@ -213,7 +213,6 @@ DISCO_USE_OF_METADATA = 'DISCO_USE_OF_METADATA' in os.environ
|
|||
DISCO_SERVICE_NAME = os.environ.get('DISCO_SERVICE_NAME', "http://www.identity-hub.com/disco_service/disco")
|
||||
DISCO_RETURN_ID_PARAM = "entityID"
|
||||
SHOW_DISCO_IN_MD = 'SHOW_DISCO_IN_MD' in os.environ
|
||||
USE_DISCO_SERVICE = 'USE_DISCO_SERVICE' in os.environ
|
||||
|
||||
###########################
|
||||
# Authentication settings
|
||||
|
@ -339,7 +338,6 @@ ADMIN_TOOLS_INDEX_DASHBOARD = 'authentic2.dashboard.CustomIndexDashboard'
|
|||
ADMIN_TOOLS_APP_INDEX_DASHBOARD = 'authentic2.dashboard.CustomAppIndexDashboard'
|
||||
ADMIN_TOOLS_MENU = 'authentic2.menu.CustomMenu'
|
||||
|
||||
AUTH_SAML2 = 'AUTH_SAML2' in os.environ
|
||||
AUTH_OPENID = 'AUTH_OPENID' in os.environ
|
||||
AUTH_SSL = 'AUTH_SSL' in os.environ
|
||||
IDP_SAML2 = 'IDP_SAML2' in os.environ
|
||||
|
@ -435,15 +433,6 @@ if USE_DEBUG_TOOLBAR:
|
|||
except ImportError:
|
||||
print "Debug toolbar missing, not loaded"
|
||||
|
||||
if AUTH_SAML2:
|
||||
INSTALLED_APPS += ('authentic2.authsaml2',)
|
||||
AUTHENTICATION_BACKENDS += (
|
||||
'authentic2.authsaml2.backends.AuthSAML2PersistentBackend',
|
||||
'authentic2.authsaml2.backends.AuthSAML2TransientBackend')
|
||||
AUTH_FRONTENDS += ('authentic2.authsaml2.frontend.AuthSAML2Frontend',)
|
||||
IDP_BACKENDS += ('authentic2.authsaml2.backends.AuthSAML2Backend',)
|
||||
DISPLAY_MESSAGE_ERROR_PAGE = True
|
||||
|
||||
if AUTH_OPENID:
|
||||
INSTALLED_APPS += ('authentic2.auth2_auth.auth2_openid', 'django_authopenid',)
|
||||
AUTH_FRONTENDS += ('authentic2.auth2_auth.auth2_openid.backend.OpenIDFrontend',)
|
||||
|
|
|
@ -1,54 +0,0 @@
|
|||
{% extends "base.html" %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block title %}
|
||||
{% trans "Log in" %}
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<form id="login-form" method="post" action=".">
|
||||
{% csrf_token %}
|
||||
{{ form.as_p }}
|
||||
|
||||
<input type="submit" value="{% trans 'Log in' %}" class="submit" />
|
||||
<input type="hidden" name="next" value="{{ next }}" />
|
||||
</form>
|
||||
|
||||
<div class="login-actions">
|
||||
<p>→ {% trans "Forgot password?" %} <a href="{% url 'auth_password_reset' %}">{% trans "Reset it!" %}</a></p>
|
||||
<p>→ {% trans "Not a member?" %} <a href="{% url 'registration_register' %}">{% trans "Register!" %}</a></p>
|
||||
</div>
|
||||
|
||||
<div id="alt-methods">
|
||||
{% for method in alt_methods %}
|
||||
<p><a class="{{ method.class }}" href="{{ method.url }}">{% trans method.caption %}</a></p>
|
||||
{% endfor %}
|
||||
</div>
|
||||
|
||||
{% if providers_list %}
|
||||
<div id="login-actions">
|
||||
{% trans "Log in with a federated account?" %}
|
||||
</div>
|
||||
<div>
|
||||
<form>
|
||||
{% csrf_token %}
|
||||
<select name="list_providers" size="1" onChange="redirect_from_list(this.form)">
|
||||
<option selected="selected">{% trans "Tell me where!" %}</option>
|
||||
{% for p in providers_list %}
|
||||
<option><a href="/authsaml2/selectProvider/{{ p.entity_id }}" >{{ p.entity_id }}</a></option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</form>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<script type="text/javascript">
|
||||
document.getElementById('id_username').focus();
|
||||
</script>
|
||||
|
||||
{% endblock %}
|
||||
|
||||
{% block extra_scripts %}
|
||||
<script type="text/javascript" src="{{ STATIC_URL }}jquery/js/jquery.js"></script>
|
||||
<script type="text/javascript" src="{{ STATIC_URL }}jquery/js/jquery-ui.js"></script>
|
||||
{% endblock %}
|
|
@ -37,10 +37,6 @@ if settings.AUTH_SSL:
|
|||
|
||||
urlpatterns += not_homepage_patterns
|
||||
|
||||
urlpatterns += patterns('',
|
||||
(r'^authsaml2/', include('authentic2.authsaml2.urls')),
|
||||
)
|
||||
|
||||
try:
|
||||
if settings.DISCO_SERVICE:
|
||||
urlpatterns += patterns('',
|
||||
|
|
|
@ -310,9 +310,7 @@ def homepage(request):
|
|||
def _homepage(request):
|
||||
'''Homepage of the IdP'''
|
||||
tpl_parameters = {}
|
||||
# FIXME: we should not refer to a specific authentication module here
|
||||
from authentic2.authsaml2.models import SAML2TransientUser
|
||||
if not isinstance(request.user, SAML2TransientUser):
|
||||
if not decorators.is_transient_user(request.user):
|
||||
tpl_parameters['account_management'] = 'account_management'
|
||||
tpl_parameters['authorized_services'] = service_list(request)
|
||||
return render_to_response('idp/homepage.html',
|
||||
|
|
|
@ -61,16 +61,6 @@ Values:
|
|||
* False: deactivate SSL authentication
|
||||
* True: activate SSL authentication
|
||||
|
||||
Activate or deactivate SAML2 authentication, Authentic 2 is a SAML2 service provider
|
||||
====================================================================================
|
||||
|
||||
Variable: AUTH_SAML2
|
||||
|
||||
Values:
|
||||
|
||||
* False: deactivate SAML2 authentication
|
||||
* True: activate SAML2 authentication
|
||||
|
||||
Activate or deactivate OpenID authentication, Authentic 2 is an OpenID relying party
|
||||
====================================================================================
|
||||
|
||||
|
|
Loading…
Reference in New Issue