4a000d0098
Revert "Merge branch 'bugfix/domain-aware-auth-non-domain-ldap-group-backend-3250'"
...
This reverts commit 5cb7deda2002391e648b#3324
2018-03-19 13:10:47 +01:00
72ec132f25
Correct interfaces to conform to PHP 7.2+
2018-01-24 11:50:10 +01:00
7106de5aa2
DbUserGroupBackend: implement Inspectable
...
refs #3233
2018-01-19 16:31:24 +01:00
7227e10824
LdapUserGroupBackend: implement Inspectable
...
refs #3233
2018-01-19 16:31:24 +01:00
ddfafb27f6
Merge pull request #3256 from Icinga/bugfix/multi-domain-support-broken-3232
...
Make multi-domain authn working w/ upper-case domains in user names
2018-01-17 11:57:48 +01:00
8c7ccce4a7
Make multi-domain authn working w/ upper-case domains in user names
...
refs #3232
2018-01-16 10:36:22 +01:00
c806099e1b
Avoid including domain users in a group not belonging to a domain
...
Signed-off-by: Alexander A. Klimov <alexander.klimov@icinga.com>
refs #3250
2018-01-15 11:19:35 +01:00
f65759ace8
LdapUserGroupBackend: Base ambiguity decision based on isDN
...
Problem was: When a DN did not contain the same base DN, the check failed
This happens when you have an entry referencing a DN of another domain.
(And this value is tested as a sample)
2017-10-20 15:17:11 +02:00
ab7fa9f925
Add domain part to user groups if the user group backend is reponsible for a domain
2017-07-31 09:03:40 +02:00
b13c38b65b
Auth/Groups: Prefer the domain from the LDAP/MSAD user backend
...
If a LDAP/MSAD user group backend is linked w/ a user backend, the domain from the user backend is preferred over the domain configured for the user group backend.
2017-07-11 17:09:24 +02:00
cfbd5c500e
Make LDAP user group backends domain-aware
...
refs #2153
2017-06-12 13:31:07 +02:00
181e2ef05c
Swag: Fix swag (aka a whole bunch of code style issues..)
2017-01-27 14:48:59 +01:00
0716f87852
Update german translation
2016-12-13 13:57:27 +01:00
648f088564
Conform to coding guidelines
...
refs #12598
2016-12-07 17:45:50 +01:00
59f1a70d5e
Add support for nested AD groups resolved from the user
...
This will make sure that nested groups also work with roles.
Signed-off-by: Alexander A. Klimov <alexander.klimov@icinga.com>
refs #12598
2016-12-07 17:15:59 +01:00
f7a8524dce
DbUserGroupBackend: Group by group.id when joining group memberships
...
Prevents duplicate results in case a group has multiple members.
2016-11-11 09:19:59 +01:00
9d5e21e71e
Remove IniUserGroupBackend.php
...
Does not conform to its interface anymore and is not in use.
2016-02-26 10:32:13 +01:00
32876ca8ae
LdapUserGroupBackend: respect config option group_filter
...
refs #11142
2016-02-11 15:49:28 +01:00
474803fee4
Change all license headers to only reflect a file's year of creation
...
refs #11000
2016-02-08 15:41:00 +01:00
7fd575080e
PHP7: Rename String to StringHelper
...
refs #10251
2016-01-27 16:46:55 +01:00
916c417666
LdapUserGroupBackend: Avoid inspecting a group with no members
...
fixes #10659
2015-11-24 09:45:49 +01:00
8bf4e8d217
LdapUserGroupBackend: Set a query's base DN when a table gets required
...
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.
refs #10567
2015-11-11 12:54:49 +01:00
2917f352b5
Merge branch 'master' into bugfix/unreliable-attribute-ambiguity-check-10567
...
Conflicts:
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
library/Icinga/Protocol/Ldap/LdapConnection.php
2015-11-11 11:53:19 +01:00
453aa864cc
LdapUserGroupBackend: Set the appropriate base dn when resolving dns
...
refs #10567
2015-11-11 11:38:32 +01:00
72f3ba1161
LdapUserGroupBackend: Offer "user_name" as filter column instead of "user"
...
refs #10370
2015-11-10 11:52:06 +01:00
d56056bba7
LdapUserGroupBackend: Utilize $virtualTables
2015-11-10 09:56:58 +01:00
c416216822
LdapUserGroupBackend: Fix typo in method requireTable()
...
refs #10370
2015-11-09 16:00:55 +01:00
ffcc2ed56b
LdapUserGroupBackend: Fix exception when searching for single chars
...
refs #10370
2015-11-09 16:00:24 +01:00
9b826e6e5f
Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter
...
I'm about to add support for our Data\Filter implementation, since it cannot
parse native LDAP filters and a user may have configured such, we need to
differentiate the two types of filter.
refs #10370
2015-11-09 13:04:02 +01:00
cfb26e22b3
LdapUserGroupBackend: Dynamically verify member attribute ambiguity
...
refs #10567
2015-11-09 11:41:11 +01:00
99719bec7d
Merge branch 'master' into bugfix/broken-user-and-group-management-10367
...
Conflicts:
library/Icinga/Authentication/User/LdapUserBackend.php
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
2015-10-29 08:52:07 +01:00
36340aafa6
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-27 13:31:47 +01:00
0b9a141591
LdapUserGroupBackend: Use the group_base_dn as user_base_dn..
...
..if neither the config nor the defaults provide a value.
refs #10402
2015-10-20 11:28:18 +02:00
33956e02f8
Fix collection of user_base_dn from the UserBackend
...
Currently the group_base_dn is used, unless a user_base_dn is configured in the group backend.
refs #10402
2015-10-20 10:02:42 +02:00
8ed489c637
LdapUserGroupBackend: Add method persistUserName()
...
refs #10367
refs #10370
2015-10-16 15:28:44 +02:00
58fc87b2e5
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-16 14:46:44 +02:00
1b7dc1098c
DbUserGroupBackend: Use LEFT JOIN to join the group_membership table
...
Fixes the issue that groups are not found if they do not have any members
even though they meet the where clause
2015-10-16 13:10:39 +02:00
33037eebbb
Revert "Fix group base DN is erroneously used in place of user base DN"
...
This reverts commit ac7546d9f2
2015-10-16 10:08:14 +02:00
34bf0c3cb0
Add method getUserBackendName() to UserGroupBackendInterface
...
refs #10367
refs #10373
2015-10-15 15:28:03 +02:00
331822ad15
Merge pull request #47 from anenviousguest/master
2015-10-15 12:53:10 +02:00
ac7546d9f2
Fix group base DN is erroneously used in place of user base DN
...
refs #10340
refs #10367
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-10-15 12:52:17 +02:00
d6432cd881
LdapUserGroupBackend: Fix invalid query column initialization, again
...
I've mistakenly reverted a change from Aaron Collins that would have
prevented this issue from occuring.
fixes #10318
2015-10-09 03:53:22 +02:00
8358f82885
LdapUserGroupBackend: Do not consider every "member" as a "user"
...
Not all members of a group are actual user objects. I would have liked to
actually only show real users, but this is currently not possible.
refs #9772
2015-09-29 11:29:05 +02:00
d33b1954aa
LdapUserGroupBackend: Fetch the uid for a member's DN
...
refs #9772
2015-09-29 09:48:57 +02:00
ef1a81897b
LdapUserGroupBackend: Automatically unfold the user_name attribute
...
refs #9772
2015-09-29 09:48:22 +02:00
b7ddb6e4c2
LdapUserGroupBackend: Register the user backend for later use
...
refs #9772
2015-09-29 09:44:01 +02:00
e7e3520375
LdapUserGroupBackend: Fix method getMemberships()
...
refs #9950
2015-09-28 10:57:17 +02:00
e5f2174c1e
LdapUserGroupBackend: Restore method requireTable()
...
refs #9950
2015-09-25 16:24:16 +02:00
fe9ee48d65
LdapUserGroupBackend: Fix incorrect table name initialization
...
refs #9950
2015-09-25 16:23:13 +02:00
b19ecbfb43
LdapUserGroupBackend: Remove the remaining code duplicates
...
refs #9950
refs #9772
2015-09-25 16:21:33 +02:00
Eric Lippmann
Alexander A. Klimov
lippserd
Paolo Schiro
Markus Frosch
Johannes Meyer
Johannes Meyer
Rune Darrud
Eric Lippmann
Alexander A. Klimov
Markus Frosch
Vladislav Ponomarev