505f5902c7
LdapUserBackend: Utilize $virtualTables
2015-11-10 09:56:27 +01:00
c416216822
LdapUserGroupBackend: Fix typo in method requireTable()
...
refs #10370
2015-11-09 16:00:55 +01:00
ffcc2ed56b
LdapUserGroupBackend: Fix exception when searching for single chars
...
refs #10370
2015-11-09 16:00:24 +01:00
9b826e6e5f
Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter
...
I'm about to add support for our Data\Filter implementation, since it cannot
parse native LDAP filters and a user may have configured such, we need to
differentiate the two types of filter.
refs #10370
2015-11-09 13:04:02 +01:00
99719bec7d
Merge branch 'master' into bugfix/broken-user-and-group-management-10367
...
Conflicts:
library/Icinga/Authentication/User/LdapUserBackend.php
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
2015-10-29 08:52:07 +01:00
36340aafa6
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-27 13:31:47 +01:00
0b9a141591
LdapUserGroupBackend: Use the group_base_dn as user_base_dn..
...
..if neither the config nor the defaults provide a value.
refs #10402
2015-10-20 11:28:18 +02:00
33956e02f8
Fix collection of user_base_dn from the UserBackend
...
Currently the group_base_dn is used, unless a user_base_dn is configured in the group backend.
refs #10402
2015-10-20 10:02:42 +02:00
878bd78587
LdapUserBackend: Unfold the user_name_attribute automatically
...
This is.. the currently easiest solution. As long as attribute unfolding
is not very performance intensive this solution suffices.
refs #10367
refs #10332
2015-10-16 17:25:42 +02:00
8ed489c637
LdapUserGroupBackend: Add method persistUserName()
...
refs #10367
refs #10370
2015-10-16 15:28:44 +02:00
58fc87b2e5
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-16 14:46:44 +02:00
1b7dc1098c
DbUserGroupBackend: Use LEFT JOIN to join the group_membership table
...
Fixes the issue that groups are not found if they do not have any members
even though they meet the where clause
2015-10-16 13:10:39 +02:00
7ef76932d4
DbRepository: Validate the table when inserting, updating and deleting
2015-10-16 12:36:47 +02:00
33037eebbb
Revert "Fix group base DN is erroneously used in place of user base DN"
...
This reverts commit ac7546d9f2
2015-10-16 10:08:14 +02:00
34bf0c3cb0
Add method getUserBackendName() to UserGroupBackendInterface
...
refs #10367
refs #10373
2015-10-15 15:28:03 +02:00
331822ad15
Merge pull request #47 from anenviousguest/master
2015-10-15 12:53:10 +02:00
ac7546d9f2
Fix group base DN is erroneously used in place of user base DN
...
refs #10340
refs #10367
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-10-15 12:52:17 +02:00
d6432cd881
LdapUserGroupBackend: Fix invalid query column initialization, again
...
I've mistakenly reverted a change from Aaron Collins that would have
prevented this issue from occuring.
fixes #10318
2015-10-09 03:53:22 +02:00
8358f82885
LdapUserGroupBackend: Do not consider every "member" as a "user"
...
Not all members of a group are actual user objects. I would have liked to
actually only show real users, but this is currently not possible.
refs #9772
2015-09-29 11:29:05 +02:00
d33b1954aa
LdapUserGroupBackend: Fetch the uid for a member's DN
...
refs #9772
2015-09-29 09:48:57 +02:00
ef1a81897b
LdapUserGroupBackend: Automatically unfold the user_name attribute
...
refs #9772
2015-09-29 09:48:22 +02:00
b7ddb6e4c2
LdapUserGroupBackend: Register the user backend for later use
...
refs #9772
2015-09-29 09:44:01 +02:00
e7e3520375
LdapUserGroupBackend: Fix method getMemberships()
...
refs #9950
2015-09-28 10:57:17 +02:00
e5f2174c1e
LdapUserGroupBackend: Restore method requireTable()
...
refs #9950
2015-09-25 16:24:16 +02:00
fe9ee48d65
LdapUserGroupBackend: Fix incorrect table name initialization
...
refs #9950
2015-09-25 16:23:13 +02:00
b19ecbfb43
LdapUserGroupBackend: Remove the remaining code duplicates
...
refs #9950
refs #9772
2015-09-25 16:21:33 +02:00
23631c8f39
changed order of posix check
...
refs #9950
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-25 14:35:08 +02:00
73715c94b1
Fixes for ldap group auth
...
The current LdapUserGroupBackend was incomplete and suffered from a little over zealous copy pasta. It had over written certain functions that where unnecessary such as the constructor and a table validator. This patch aims to clean those up. Additionally it also makes this group auth work with posixGroup that use the username as the member identifier and not just inetGroups that use the full dn
refs #9950
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-25 14:34:33 +02:00
b69311165c
Conform to coding guidelines
2015-09-22 14:53:29 +02:00
42fb1a174b
Do not crash when ldap_dn is defined in additional variables
...
refs #9950
2015-09-22 14:08:15 +02:00
46f2f71c57
Improve logging of membership queries
...
refs #9950
2015-09-22 13:02:08 +02:00
84554d245d
Conform to coding guidelines
...
refs #9950
2015-09-22 12:51:00 +02:00
f3df1f228d
Fix for support issue 9950, do lookups properly on posixGroup group classes
2015-09-18 13:37:04 -07:00
17e8f01d24
Use the DN to fetch group memberships from LDAP
...
fixes #9901
2015-09-18 15:34:12 +02:00
056ab0c96c
Fix that DbUserBackend::inspect() reports 0 users when only one exists
...
refs #9739
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-01 23:08:24 +02:00
d2a4b880b1
Revert "Accept DbUserBackends with only one single user"
...
This reverts commit c8d065b3e0#9739
2015-09-01 23:05:34 +02:00
1e6c394693
Controller: Create the filter editor in setupFilterControl() ...
...
...instead of demanding a concrete controller to do so.
We still have to decide how to handle parameter preservation
properly.
refs #9029
2015-08-13 17:05:13 +02:00
4b6849eea7
Repository: Introduce query column blacklists
...
We can no longer use $filterColumns to blacklist query columns so
there is now another set of column names required to achieve this.
refs #9029
2015-08-13 14:06:27 +02:00
316a4d8b82
Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609
2015-07-30 16:16:04 +02:00
a234852f32
Merge branch 'feature/basic-auth-9660'
...
resolves #9660
2015-07-30 15:05:07 +02:00
feed927fd2
Let external auth win over session auth and session auth over http auth
...
refs #9660
2015-07-30 14:50:05 +02:00
55ad2dd65f
Don't fail if password contains a colon on basic auth
...
refs #9660
2015-07-30 13:59:47 +02:00
c594d6db33
Challenge client on invalid basic access auth credentials
...
refs #9660
2015-07-30 13:59:18 +02:00
3aae37aff3
Don't redirect on external auth
...
refs #9660
2015-07-30 12:02:42 +02:00
36ff2d8914
lib: Set User::$isHttpUser in Auth
...
refs #9660
2015-07-30 09:32:24 +02:00
cf8c680482
lib: Add basic access authentication (WIP)
...
refs #9660
2015-07-29 17:22:55 +02:00
fb7666e6bd
LdapUserGroupBackend: Adjust usage of LdapCapabilities::hasAdOid()
...
Usage search ftw..
2015-07-29 16:26:39 +02:00
c3a057dbdb
lib: Add AuthChain::setSkipExternalBackends() in favor of setIteratorMode()
...
There's only one mode.
refs #9660
2015-07-29 16:18:30 +02:00
3ca85f9daa
lib: Add Auth::getRequest()
...
Basic auth will require the request.
refs #9660
2015-07-29 15:56:45 +02:00
96e3111f58
lib: Reorder functions in Auth
...
refs #9660
2015-07-29 15:52:56 +02:00
Johannes Meyer
Markus Frosch
Eric Lippmann
Vladislav Ponomarev
Aaron Collins
Matthias Jentsch
Jo Rhett
Alexander A. Klimov
Russell Kubik