icingaweb2

mirror of https://github.com/Icinga/icingaweb2.git synced 2025-04-08 17:15:08 +02:00

Author	SHA1	Message	Date
Sukhwinder Dhillon	1b1eb3436f	sql: Change charset to `utf8mb4` fixes https://github.com/Icinga/icingaweb2/issues/4680	2022-05-02 15:36:31 +02:00
Johannes Meyer	3dc384fb58	Avoid passing `null` to non-nullable arguments	2022-03-24 12:29:06 +01:00
Johannes Meyer	0b6f71c446	If enforcing a charset, DO IT ONLY IF THE DB TYPE IS CORRECT	2021-07-28 09:04:28 +02:00
Johannes Meyer	7ce3778378	UserBackend: Always use `utf8` as db connection charset	2021-07-26 16:37:35 +02:00
Gianluca Piccolo	1e7f700102	Make configuration of custom user backends possible refs Icinga/icingaweb2#2840	2021-06-18 10:28:35 +02:00
Johannes Meyer	4d173e6746	DbUserBackend: Lowercase usernames before fetching password hashes The BINARY cast to make trailing spaces significant (#4030) also made these queries case-sensitive. This wasn't identified at the time because the query itself wasn't case-insensitive, but the default collation on the `name` column. (Tests sometimes are the perfect mitigation for this...) fixes #4184	2020-06-24 14:08:30 +02:00
Johannes Meyer	f63dfa5294	DbUserBackend: Use binary string comparison if it's a mysql db	2019-12-11 10:15:05 +01:00
Johannes Meyer	668ae38497	ExternalBackend: Don't authenticate a user if `REMOTE_USER` is empty	2019-12-05 15:13:02 +01:00
Eric Lippmann	d6c4df7a5d	Use password_hash and password_verify	2018-07-03 13:08:06 +02:00
Alexander A. Klimov	72ec132f25	Correct interfaces to conform to PHP 7.2+	2018-01-24 11:50:10 +01:00
Alexander A. Klimov	8c7ccce4a7	Make multi-domain authn working w/ upper-case domains in user names refs #3232	2018-01-16 10:36:22 +01:00
Markus Frosch	1aae1eab23	DBUserBackend: Replace internal crypt handling with PasswordHelper refs #2954	2017-11-21 08:26:24 +01:00
ss23	c196a7c7c4	Modify authentication function to support alternative algorithms The existing usage of crypt() was borderline incorrect. This simplified function will allow hashes of other types (e.g. bcrypt) and thus mitigate #2954 (use password_hash) until this can be implemented. The getSalt protected method was also removed as this is no longer required, though this can be added again in future.	2017-11-06 22:48:42 +13:00
Eric Lippmann	4b11afe7d5	Remove unused method LdapUserBackend::setConfig()	2017-07-11 17:08:16 +02:00
Eric Lippmann	bd23d008ca	Auth: Make sure to set the configured domain on LDAP/MSAD user backends	2017-07-11 17:02:32 +02:00
Eric Lippmann	cbde758fc6	Remove unused domain-aware auth related functions from UserBackend These functions made it into the master branch accidentally.	2017-07-11 17:01:06 +02:00
Eric Lippmann	686d022987	Merge pull request #2863 from Icinga/feature/domain-support-for-authn-authz-2153	2017-06-21 13:16:36 +02:00
Eric Lippmann	0cbec01743	Make auth via LDAP user backends domain-aware refs #2153	2017-06-12 13:31:07 +02:00
Eric Lippmann	05288e9bea	Add interface for user backends which are responsible for a specific domain refs #2153	2017-06-12 13:31:07 +02:00
Alexander A. Klimov	2b9e9bf2b3	User: split the username into localpart and domain (if given)	2017-06-12 13:31:07 +02:00
Alexander A. Klimov	f323310174	DbUserBackend: don't fail at validation if there aren't any active users refs #2598	2017-02-24 15:29:05 +01:00
Johannes Meyer	0716f87852	Update german translation	2016-12-13 13:57:27 +01:00
Johannes Meyer	3a816ce0f7	ExternalBackend: Don't throw an error if it's not possible to clean usernames	2016-11-16 12:04:46 +01:00
Johannes Meyer	0bd00ba3d0	ExternalBackend: Simplify how remote users are identified refs #12164	2016-11-16 11:55:54 +01:00
Alexander A. Klimov	d9330486e9	Replace ExternalBackend::getRemoteUserEnvvars() with an attribute refs #12164	2016-11-04 17:27:36 +01:00
Alexander A. Klimov	d6ac6c8374	setup/AuthenticationPage: don't show the warning about external backend configuration if REDIRECT_REMOTE_USER is set refs #12164	2016-10-18 15:19:13 +02:00
Alexander A. Klimov	4d6160d987	ExternalBackend::getRemoteUser(): restore previous default behavior refs #12164	2016-10-18 10:22:06 +02:00
Alexander A. Klimov	ab01d2f915	ExternalBackend: don't reference more than necessary from the config refs #12164	2016-10-18 10:17:21 +02:00
Alexander A. Klimov	ce951295d3	ExternalBackend: make the variable a webserver assigns a username to configurable refs #12164	2016-10-17 18:46:00 +02:00
Alexander A. Klimov	29c221418b	External authentication: respect REDIRECT_REMOTE_USER as well refs #12164	2016-10-17 16:19:26 +02:00
Eric Lippmann	99d08bf03b	Get remote user from $_SERVER if env does not have it in external auth refs #11391	2016-04-11 14:09:04 +02:00
Eric Lippmann	2ac54d7c3e	lib: Add ExternalBackend::getRemoteUser() If the user is authenticated via the web server, this method should be used to retrieve the user because it supports both reading the user from the environment or from the $_SERVER variable as fallback. refs #11391	2016-04-11 14:01:36 +02:00
Eric Lippmann	c803ec64c5	lib: Move getters before setters in ExternalBackend	2016-04-11 10:57:01 +02:00
Alexander A. Klimov	474803fee4	Change all license headers to only reflect a file's year of creation refs #11000	2016-02-08 15:41:00 +01:00
Alexander A. Klimov	fc8873ec0a	Use getenv() instead of $_SERVER to get REMOTE_USER refs #10488	2015-12-18 13:46:34 +01:00
Johannes Meyer	d2cc854a61	LdapUserBackend: Set a query's base DN when a table gets required This ensures that the query receives the correct base DN even if the table gets adjusted by calling from() subsequently. refs #10567	2015-11-11 12:55:17 +01:00
Johannes Meyer	505f5902c7	LdapUserBackend: Utilize $virtualTables	2015-11-10 09:56:27 +01:00
Johannes Meyer	9b826e6e5f	Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter I'm about to add support for our Data\Filter implementation, since it cannot parse native LDAP filters and a user may have configured such, we need to differentiate the two types of filter. refs #10370	2015-11-09 13:04:02 +01:00
Johannes Meyer	878bd78587	LdapUserBackend: Unfold the user_name_attribute automatically This is.. the currently easiest solution. As long as attribute unfolding is not very performance intensive this solution suffices. refs #10367 refs #10332	2015-10-16 17:25:42 +02:00
Johannes Meyer	58fc87b2e5	Repository: Ensure that we'll internally only work with virtual table names refs #10367	2015-10-16 14:46:44 +02:00
Johannes Meyer	7ef76932d4	DbRepository: Validate the table when inserting, updating and deleting	2015-10-16 12:36:47 +02:00
Alexander A. Klimov	17e8f01d24	Use the DN to fetch group memberships from LDAP fixes #9901	2015-09-18 15:34:12 +02:00
Russell Kubik	056ab0c96c	Fix that DbUserBackend::inspect() reports 0 users when only one exists refs #9739 Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>	2015-09-01 23:08:24 +02:00
Eric Lippmann	d2a4b880b1	Revert "Accept DbUserBackends with only one single user" This reverts commit c8d065b3e0197b8c96dba436a5c04cebca704568. There's a PR on GitHub open that was contributed earlier than this fix. Thus giving credit to the PR's author. refs #9739	2015-09-01 23:05:34 +02:00
Johannes Meyer	1e6c394693	Controller: Create the filter editor in setupFilterControl() ... ...instead of demanding a concrete controller to do so. We still have to decide how to handle parameter preservation properly. refs #9029	2015-08-13 17:05:13 +02:00
Johannes Meyer	4b6849eea7	Repository: Introduce query column blacklists We can no longer use $filterColumns to blacklist query columns so there is now another set of column names required to achieve this. refs #9029	2015-08-13 14:06:27 +02:00
Johannes Meyer	316a4d8b82	Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609	2015-07-30 16:16:04 +02:00
Eric Lippmann	a234852f32	Merge branch 'feature/basic-auth-9660' resolves #9660	2015-07-30 15:05:07 +02:00
Eric Lippmann	37ef87b9ab	lib: Fix PHPDoc in ExternalBackend refs #9660	2015-07-29 15:46:40 +02:00
Eric Lippmann	1b5c5deace	lib: Rename remote user to external user We renamed our backend. Code now reflects this. refs #9660	2015-07-29 15:44:32 +02:00

1 2

100 Commits