Benjamin Dauvergne
ba7609030e
[root] mail to simple users should be synchronous
2011-05-06 14:32:01 +00:00
Benjamin Dauvergne
782ec52702
[translations] revert commit @msgmerge e0279bc3e0d3902
2011-05-06 14:31:58 +00:00
Benjamin Dauvergne
7aad678255
[publisher] add a DEFAULT_CHARSET variable which can be overriden from the Defaults module
...
This commit also work-around bugs consequent to the change of default
charset in quixote 2.7.
2011-05-06 14:31:56 +00:00
Benjamin Dauvergne
78d30c6efd
[saml2] keep a reference to the last logged user after slo (for pr@tic)
2011-05-06 14:31:54 +00:00
Benjamin Dauvergne
f63fceb142
[debian] append new release to changelog
2011-05-06 14:31:51 +00:00
Benjamin Dauvergne
8458653135
[packaging] include ldap/ in the source tarball
2011-05-06 14:31:47 +00:00
Benjamin Dauvergne
c9b29c5d25
[publisher] do not dump absent requests
2011-05-06 14:31:45 +00:00
Benjamin Dauvergne
fa1eb2ae22
[ldap] change LDAP schema base OID for EO oid
2011-05-06 14:31:42 +00:00
Benjamin Dauvergne
8dd6edb824
[translation] synchronize with source code
2011-05-06 14:31:38 +00:00
Benjamin Dauvergne
33e537a57d
[doc] suppress warnings from the clean target
2011-05-06 14:31:35 +00:00
Benjamin Dauvergne
bd7a7b3156
[session] do not clean the after_url session attribute
...
The attribute is still used by the AccessError exceptions to store the
continuation URL when redirecting to the login page.
2011-05-06 14:31:32 +00:00
Benjamin Dauvergne
5e731089ee
[lost_password] when a new password is generated state it in the lost password view
2011-02-01 12:58:34 +00:00
Benjamin Dauvergne
3a73f548e9
[sessions] when cleaning the session data, setup the ssl flag
2011-01-31 13:42:27 +00:00
Benjamin Dauvergne
8c65f982d0
[root] redirect user to homepage when trying to access the login page
...
To see the login page, one of theses conditions must be met:
- no user logged
- a LoginToken is present in the URL and the corresponding object
exists
2011-01-28 13:46:36 +00:00
Benjamin Dauvergne
1ac95186ed
Remove debugging print statement
2011-01-28 13:46:33 +00:00
Benjamin Dauvergne
d59a8349e7
[session] adapt session expiration to authentic
...
Allows to keep data from old sessions when expiring them. The session
object is kept, fields are reset or deleted. The session file is deleted
from storage. It allows the 'service' to survive logout, so that we can
keep the currently activated theme.
2011-01-27 13:41:00 +00:00
Benjamin Dauvergne
3f29e2430b
[root] expire session when logging in
...
This prevent session fixation attacks. To make it work we had to move
the call to the method init_session() from the identity store backend.
2011-01-27 13:40:57 +00:00
Benjamin Dauvergne
ab9e981d03
[saml2] set the service session variable on logout requests
2011-01-27 13:40:55 +00:00
Benjamin Dauvergne
9385fd3d3d
[root] add service to the field passed to email templates
...
Now you can personnalize email notifications with respect to the
requesting service.
2011-01-27 13:40:51 +00:00
Benjamin Dauvergne
57faf703cb
[session[ add a service field
...
Service will keep the reference to the last service the IdP interacted
with. It can be used to personalize themes and email content.
2011-01-27 13:40:48 +00:00
Benjamin Dauvergne
3b26ca2b0b
[ssl] fix error message in the login_ssl view
2011-01-14 21:46:28 +00:00
Benjamin Dauvergne
150b657a4e
[admin logger] use the new parser for logfiles
2011-01-13 10:15:58 +00:00
Benjamin Dauvergne
c73d4a2923
[admin setting] catch invalid provider id and return 404
2011-01-13 09:51:23 +00:00
Benjamin Dauvergne
b52f66596f
Fix double password generation
2011-01-01 09:25:28 +00:00
Benjamin Dauvergne
db97540f16
[saml2] move initialization of the NameID format before validateRequest
...
Validate request needs to know the name id format as it creates the
federation in the case of a persistent NameID.
2010-12-23 14:08:05 +00:00
Benjamin Dauvergne
1fa8c97910
[saml2] in build_assertion handle UNSPECIFIED NameID format as default
2010-12-23 13:11:07 +00:00
Benjamin Dauvergne
ce5574738b
[saml2] in build_assertion fix unexisting NameID format NONE
2010-12-23 13:11:03 +00:00
Benjamin Dauvergne
5ff334f367
[saml2] in SpUI does not make "persistent" the default NameID format, fix unexisting format NONE
2010-12-23 13:10:59 +00:00
Benjamin Dauvergne
79595a493c
[saml2] fix build_assertion when NameID format is email
2010-12-23 13:10:55 +00:00
Benjamin Dauvergne
c0f951eef5
[saml2] for AuthnRequest without a NameIDPolicy format use default from settings
2010-12-23 13:10:51 +00:00
Benjamin Dauvergne
83c247900c
[saml2] in SpUI() cache the providers settings in the constructor
2010-12-23 13:10:46 +00:00
Benjamin Dauvergne
2f8d4d14a0
[settings providers] add a default_name_id_format setting for service providers
2010-12-23 13:10:42 +00:00
Benjamin Dauvergne
eb5b864091
[saml] add support for POST-ed SAMLv2 AuthnRequest
2010-12-21 08:46:04 +00:00
Benjamin Dauvergne
b7b57ae0ee
[saml2] when moving to singleLogoutFinish, force method to HTTP-Redirect
2010-12-17 14:56:01 +00:00
Benjamin Dauvergne
7de58e65fb
[form] remove subclass of qommon.form.Form
2010-12-17 14:55:57 +00:00
Benjamin Dauvergne
7601187c0b
[data] add check_off.png image
2010-12-17 14:55:54 +00:00
Benjamin Dauvergne
1887f41eab
[sessions] make persistent session keys customizable
2010-12-17 10:21:53 +00:00
Benjamin Dauvergne
32d7bb41fd
[root] verify that the password is not hashed before sending it
2010-12-17 09:18:41 +00:00
Benjamin Dauvergne
bea70b1164
[configuration] add default value for the admin-email option
2010-12-17 09:18:38 +00:00
Benjamin Dauvergne
5baa48e316
Fix typo
2010-12-17 09:06:46 +00:00
Benjamin Dauvergne
ebb54be5ac
[admin configuration] add an admin-email option
2010-12-17 09:05:59 +00:00
Benjamin Dauvergne
a6c33a724b
[identities] in IdentityLdapStore.administrators() add missing return statement
2010-12-16 15:18:32 +00:00
Benjamin Dauvergne
f80a05f938
[identities] fix typo
2010-12-16 15:18:29 +00:00
Benjamin Dauvergne
1bef58394a
[identities] allows digits 1-9, point and caret in usernames
2010-12-16 15:05:13 +00:00
Benjamin Dauvergne
5a05f87b3e
[identities ldap] protect agains problem when retrieving one of the administrators accounts
...
Problem came from the removal of an account, and the corresponding
MiniIdentityLdap being not deleted. This problem has also been fixed in
a previous commit.
2010-12-16 13:37:24 +00:00
Benjamin Dauvergne
53765842ac
[identities ldap] when removing an LDAP user, remove also the MiniIdentityLdap object
2010-12-16 13:37:21 +00:00
Benjamin Dauvergne
8e0c374991
[admin identities] fix logout of admin user when deleting himself
2010-12-16 13:37:17 +00:00
Benjamin Dauvergne
ac4fa4609f
[admin identities] add more explicit message for user creation by admin
2010-12-16 13:37:14 +00:00
Benjamin Dauvergne
f1459a276a
[misc] translate all exception to KeyError when trying to load a metadata file
2010-12-16 13:37:10 +00:00
Benjamin Dauvergne
f57122df04
Add a $ character so that the username regexp does not always match
2010-12-10 09:37:03 +00:00