Strenghten default Security options in IDP

Always deny access to the IDP if not using SSL by default.
Always turn on secure/httponly cookies by default.
Add a switch to disable all security options for testing.

Signed-off-by: Simo Sorce <simo@redhat.com>

diff --git a/ipsilon/install/ipsilon-server-install b/ipsilon/install/ipsilon-server-install
index d570282..a4410fa 100755 (executable)
--- a/ipsilon/install/ipsilon-server-install
+++ b/ipsilon/install/ipsilon-server-install
@@ -103,7 +103,14 @@ def install(plugins, args):
                 'sysuser': args['system_user'],
                 'ipsilondir': BINDIR,
                 'staticdir': STATICDIR,
+                'secure': "False" if args['secure'] == "no" else "True",
                 'debugging': "True" if args['server_debugging'] else "False"}
+    if args['secure'] == 'no':
+        confopts['secure'] = "False"
+        confopts['sslrequiressl'] = ""
+    else:
+        confopts['secure'] = "True"
+        confopts['sslrequiressl'] = "   SSLRequireSSL"
     if WSGI_SOCKET_PREFIX:
         confopts['wsgi_socket'] = 'WSGISocketPrefix %s' % WSGI_SOCKET_PREFIX
     else:
@@ -217,6 +224,8 @@ def parse_args(plugins):
                         help="User account used to run the server")
     parser.add_argument('--admin-user', default='admin',
                         help="User account that is assigned admin privileges")
+    parser.add_argument('--secure', choices=['yes', 'no'], default='yes',
+                        help="Turn on all security checks")
     parser.add_argument('--config-profile', default=None,
                         help="File containing install options")
     parser.add_argument('--server-debugging', action='store_true',

diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index e89fe0c..a94a0a4 100755 (executable)
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -246,9 +246,6 @@ class Installer(object):
     def install_args(self, group):
         group.add_argument('--saml2', choices=['yes', 'no'], default='yes',
                            help='Configure SAML2 Provider')
-        group.add_argument('--saml2-secure',
-                           choices=['yes', 'no'], default='yes',
-                           help='Configure SAML2 Provider')
 
     def configure(self, opts):
         if opts['saml2'] != 'yes':
@@ -265,7 +262,7 @@ class Installer(object):
 
         # Generate Idp Metadata
         proto = 'https'
-        if opts['saml2_secure'].lower() == 'no':
+        if opts['secure'].lower() == 'no':
             proto = 'http'
         url = '%s://%s/%s/saml2' % (proto, opts['hostname'], opts['instance'])
         meta = metadata.Metadata(metadata.IDP_ROLE)

diff --git a/templates/install/idp.conf b/templates/install/idp.conf
index c49992b..19af096 100644 (file)
--- a/templates/install/idp.conf
+++ b/templates/install/idp.conf
@@ -5,6 +5,7 @@ ${wsgi_socket}
 
 <Location /${instance}>
     WSGIProcessGroup ${instance}
+${sslrequiressl}
 </Location>
 
 <Directory ${ipsilondir}>

diff --git a/templates/install/ipsilon.conf b/templates/install/ipsilon.conf
index 357a3a7..8ab17d1 100644 (file)
--- a/templates/install/ipsilon.conf
+++ b/templates/install/ipsilon.conf
@@ -11,4 +11,6 @@ tools.sessions.on = True
 tools.sessions.storage_type = "file"
 tools.sessions.storage_path = "${datadir}/sessions"
 tools.sessions.timeout = 60
+tools.sessions.httponly = ${secure}
+tools.sessions.secure = ${secure}
 tools.protect.on = True

diff --git a/tests/test1.cfg b/tests/test1.cfg
index bd592a2..01402f5 100644 (file)
--- a/tests/test1.cfg
+++ b/tests/test1.cfg
@@ -16,7 +16,7 @@ hostname=127.0.0.10:45080
 admin_user=${TEST_USER}
 system_user=${TEST_USER}
 instance=idp1
-saml2_secure=no
+secure=no
 testauth=yes
 pam=no
 krb=no