9d5e21e71e
Remove IniUserGroupBackend.php
...
Does not conform to its interface anymore and is not in use.
2016-02-26 10:32:13 +01:00
c78a7912e7
Fix parse error in Auth.php
2016-02-15 14:50:33 +01:00
74b4c344d6
Shorten check for empty auth header
...
refs #11151
2016-02-15 14:22:36 +01:00
8a4f15d32c
Don't redirect unauthenticated API requests to the login page
...
refs #11151
2016-02-15 13:36:29 +01:00
a464e74aa4
Allow basic auth for API requests only
...
refs #11151
2016-02-15 10:53:32 +01:00
dc9cfc1c81
Call getRequest() only once in Auth::authHttp()
...
refs #11151
2016-02-15 10:44:33 +01:00
4c97fb7d01
Don't request basic auth if auth scheme isn't basic
...
fixes #10506
2016-02-15 10:39:18 +01:00
32876ca8ae
LdapUserGroupBackend: respect config option group_filter
...
refs #11142
2016-02-11 15:49:28 +01:00
474803fee4
Change all license headers to only reflect a file's year of creation
...
refs #11000
2016-02-08 15:41:00 +01:00
7fd575080e
PHP7: Rename String to StringHelper
...
refs #10251
2016-01-27 16:46:55 +01:00
9968fb9011
Reload CSS after login because the user may have a different theme (WIP)
...
This is just a quick fix.
refs #10957
2016-01-18 12:56:02 +01:00
fc8873ec0a
Use getenv() instead of $_SERVER to get REMOTE_USER
...
refs #10488
2015-12-18 13:46:34 +01:00
916c417666
LdapUserGroupBackend: Avoid inspecting a group with no members
...
fixes #10659
2015-11-24 09:45:49 +01:00
0cc54ce34b
Refresh session every 10 minutes
...
Quick and dirty fix.
fixes #10229
2015-11-16 14:19:33 +01:00
d2cc854a61
LdapUserBackend: Set a query's base DN when a table gets required
...
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.
refs #10567
2015-11-11 12:55:17 +01:00
8bf4e8d217
LdapUserGroupBackend: Set a query's base DN when a table gets required
...
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.
refs #10567
2015-11-11 12:54:49 +01:00
2917f352b5
Merge branch 'master' into bugfix/unreliable-attribute-ambiguity-check-10567
...
Conflicts:
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
library/Icinga/Protocol/Ldap/LdapConnection.php
2015-11-11 11:53:19 +01:00
453aa864cc
LdapUserGroupBackend: Set the appropriate base dn when resolving dns
...
refs #10567
2015-11-11 11:38:32 +01:00
72f3ba1161
LdapUserGroupBackend: Offer "user_name" as filter column instead of "user"
...
refs #10370
2015-11-10 11:52:06 +01:00
d56056bba7
LdapUserGroupBackend: Utilize $virtualTables
2015-11-10 09:56:58 +01:00
505f5902c7
LdapUserBackend: Utilize $virtualTables
2015-11-10 09:56:27 +01:00
c416216822
LdapUserGroupBackend: Fix typo in method requireTable()
...
refs #10370
2015-11-09 16:00:55 +01:00
ffcc2ed56b
LdapUserGroupBackend: Fix exception when searching for single chars
...
refs #10370
2015-11-09 16:00:24 +01:00
9b826e6e5f
Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter
...
I'm about to add support for our Data\Filter implementation, since it cannot
parse native LDAP filters and a user may have configured such, we need to
differentiate the two types of filter.
refs #10370
2015-11-09 13:04:02 +01:00
cfb26e22b3
LdapUserGroupBackend: Dynamically verify member attribute ambiguity
...
refs #10567
2015-11-09 11:41:11 +01:00
99719bec7d
Merge branch 'master' into bugfix/broken-user-and-group-management-10367
...
Conflicts:
library/Icinga/Authentication/User/LdapUserBackend.php
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
2015-10-29 08:52:07 +01:00
36340aafa6
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-27 13:31:47 +01:00
0b9a141591
LdapUserGroupBackend: Use the group_base_dn as user_base_dn..
...
..if neither the config nor the defaults provide a value.
refs #10402
2015-10-20 11:28:18 +02:00
33956e02f8
Fix collection of user_base_dn from the UserBackend
...
Currently the group_base_dn is used, unless a user_base_dn is configured in the group backend.
refs #10402
2015-10-20 10:02:42 +02:00
878bd78587
LdapUserBackend: Unfold the user_name_attribute automatically
...
This is.. the currently easiest solution. As long as attribute unfolding
is not very performance intensive this solution suffices.
refs #10367
refs #10332
2015-10-16 17:25:42 +02:00
8ed489c637
LdapUserGroupBackend: Add method persistUserName()
...
refs #10367
refs #10370
2015-10-16 15:28:44 +02:00
58fc87b2e5
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-16 14:46:44 +02:00
1b7dc1098c
DbUserGroupBackend: Use LEFT JOIN to join the group_membership table
...
Fixes the issue that groups are not found if they do not have any members
even though they meet the where clause
2015-10-16 13:10:39 +02:00
7ef76932d4
DbRepository: Validate the table when inserting, updating and deleting
2015-10-16 12:36:47 +02:00
33037eebbb
Revert "Fix group base DN is erroneously used in place of user base DN"
...
This reverts commit ac7546d9f2
2015-10-16 10:08:14 +02:00
34bf0c3cb0
Add method getUserBackendName() to UserGroupBackendInterface
...
refs #10367
refs #10373
2015-10-15 15:28:03 +02:00
331822ad15
Merge pull request #47 from anenviousguest/master
2015-10-15 12:53:10 +02:00
ac7546d9f2
Fix group base DN is erroneously used in place of user base DN
...
refs #10340
refs #10367
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-10-15 12:52:17 +02:00
d6432cd881
LdapUserGroupBackend: Fix invalid query column initialization, again
...
I've mistakenly reverted a change from Aaron Collins that would have
prevented this issue from occuring.
fixes #10318
2015-10-09 03:53:22 +02:00
8358f82885
LdapUserGroupBackend: Do not consider every "member" as a "user"
...
Not all members of a group are actual user objects. I would have liked to
actually only show real users, but this is currently not possible.
refs #9772
2015-09-29 11:29:05 +02:00
d33b1954aa
LdapUserGroupBackend: Fetch the uid for a member's DN
...
refs #9772
2015-09-29 09:48:57 +02:00
ef1a81897b
LdapUserGroupBackend: Automatically unfold the user_name attribute
...
refs #9772
2015-09-29 09:48:22 +02:00
b7ddb6e4c2
LdapUserGroupBackend: Register the user backend for later use
...
refs #9772
2015-09-29 09:44:01 +02:00
e7e3520375
LdapUserGroupBackend: Fix method getMemberships()
...
refs #9950
2015-09-28 10:57:17 +02:00
e5f2174c1e
LdapUserGroupBackend: Restore method requireTable()
...
refs #9950
2015-09-25 16:24:16 +02:00
fe9ee48d65
LdapUserGroupBackend: Fix incorrect table name initialization
...
refs #9950
2015-09-25 16:23:13 +02:00
b19ecbfb43
LdapUserGroupBackend: Remove the remaining code duplicates
...
refs #9950
refs #9772
2015-09-25 16:21:33 +02:00
23631c8f39
changed order of posix check
...
refs #9950
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-25 14:35:08 +02:00
73715c94b1
Fixes for ldap group auth
...
The current LdapUserGroupBackend was incomplete and suffered from a little over zealous copy pasta. It had over written certain functions that where unnecessary such as the constructor and a table validator. This patch aims to clean those up. Additionally it also makes this group auth work with posixGroup that use the username as the member identifier and not just inetGroups that use the full dn
refs #9950
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-25 14:34:33 +02:00
b69311165c
Conform to coding guidelines
2015-09-22 14:53:29 +02:00
Eric Lippmann
Alexander A. Klimov
Johannes Meyer
Markus Frosch
Vladislav Ponomarev
Aaron Collins
Matthias Jentsch