tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-10-18 05:54:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,666 Commits 136 Branches 76 Tags
Commit Graph

382 Commits

Author SHA1 Message Date
Rune Darrud
59f1a70d5e Add support for nested AD groups resolved from the user 
This will make sure that nested groups also work with roles.

Signed-off-by: Alexander A. Klimov <alexander.klimov@icinga.com>

refs #12598
 2016-12-07 17:15:59 +01:00
Eric Lippmann
4eb61c2bcf Revert breaking change in Auth::isAuthenticated() 
refs #12580
fixes #13281
 2016-12-06 12:41:22 +01:00
Johannes Meyer
78be71bc92 Merge branch 'bugfix/evaluate-redirect_remote_user-12164' 
fixes #12164
 2016-11-21 08:53:35 +01:00
Eric Lippmann
f7e5cd3b71 Check the correct return type in case preg_replace fails in ExternalBackend.php 2016-11-16 14:10:31 +01:00
Johannes Meyer
3a816ce0f7 ExternalBackend: Don't throw an error if it's not possible to clean usernames 2016-11-16 12:04:46 +01:00
Johannes Meyer
0bd00ba3d0 ExternalBackend: Simplify how remote users are identified 
refs #12164
 2016-11-16 11:55:54 +01:00
Johannes Meyer
f7a8524dce DbUserGroupBackend: Group by group.id when joining group memberships 
Prevents duplicate results in case a group has multiple members.
 2016-11-11 09:19:59 +01:00
Eric Lippmann
2b060d9bd4 Challenge API requests only if the controller requires auth 
fixes #12580
 2016-11-07 10:40:38 +01:00
Alexander A. Klimov
d9330486e9 Replace ExternalBackend::getRemoteUserEnvvars() with an attribute 
refs #12164
 2016-11-04 17:27:36 +01:00
Alexander A. Klimov
d6ac6c8374 setup/AuthenticationPage: don't show the warning about external backend configuration if REDIRECT_REMOTE_USER is set 
refs #12164
 2016-10-18 15:19:13 +02:00
Alexander A. Klimov
4d6160d987 ExternalBackend::getRemoteUser(): restore previous default behavior 
refs #12164
 2016-10-18 10:22:06 +02:00
Alexander A. Klimov
ab01d2f915 ExternalBackend: don't reference more than necessary from the config 
refs #12164
 2016-10-18 10:17:21 +02:00
Alexander A. Klimov
ce951295d3 ExternalBackend: make the variable a webserver assigns a username to configurable 
refs #12164
 2016-10-17 18:46:00 +02:00
Alexander A. Klimov
29c221418b External authentication: respect REDIRECT_REMOTE_USER as well 
refs #12164
 2016-10-17 16:19:26 +02:00
Eric Lippmann
e62d94209f Allow users to change their password if backend is db 
refs #10616
 2016-07-21 17:38:19 +02:00
Eric Lippmann
99d08bf03b Get remote user from $_SERVER if env does not have it in external auth 
refs #11391
 2016-04-11 14:09:04 +02:00
Eric Lippmann
2ac54d7c3e lib: Add ExternalBackend::getRemoteUser() 
If the user is authenticated via the web server, this method should be used to retrieve the user because
it supports both reading the user from the environment or from the $_SERVER variable as fallback.

refs #11391
 2016-04-11 14:01:36 +02:00
Eric Lippmann
c803ec64c5 lib: Move getters before setters in ExternalBackend 2016-04-11 10:57:01 +02:00
Eric Lippmann
e0781cf8b5 Fix PHPDoc of AdmissionLoader::applyRoles() 
refs #10887
 2016-03-29 11:26:00 +02:00
Eric Lippmann
5b5978787b Move permission and restriction initialization in AdmissionLoader 
refs #10887
 2016-03-29 11:25:55 +02:00
Eric Lippmann
32c6a03000 Remove Role::addPermission() 
Method is not used.

refs #10887
 2016-03-29 11:25:53 +02:00
Eric Lippmann
123488cfc0 Remove Role::addRestriction() 
Method is not used.

refs #10887
 2016-03-29 11:25:51 +02:00
Eric Lippmann
08b70267cd Move setters after getter in Role.php 
refs #10887
 2016-03-29 11:25:47 +02:00
Alexander A. Klimov
df0d3aaf1e AdmissionLoader: set the roles of the user 
refs #10887
 2016-03-24 16:24:24 +01:00
Alexander A. Klimov
57ce39834d Role: implement setPermissions() and setRestrictions() 
refs #10887
 2016-03-24 16:11:31 +01:00
Eric Lippmann
f1f4cdc3cb lib: Use AdmissionLoader::applyRoles() in Auth 
refs #10887
 2016-03-24 15:30:30 +01:00
Eric Lippmann
6ec1878977 lib: Add Authentication/Role 
refs #10887
 2016-03-24 15:29:39 +01:00
Eric Lippmann
2699d2c9ed lib: Rename AdmissionLoader::applyPerm... to applyRoles() 
refs #10887
 2016-03-24 15:28:21 +01:00
Markus Frosch
929f45deea Fix session resume for external auths 
When REMOTE_USER is not available from _SERVER (PHP internal webserver)

fixes #11277
 2016-03-02 17:39:05 +01:00
Eric Lippmann
9d5e21e71e Remove IniUserGroupBackend.php 
Does not conform to its interface anymore and is not in use.
 2016-02-26 10:32:13 +01:00
Alexander A. Klimov
c78a7912e7 Fix parse error in Auth.php 2016-02-15 14:50:33 +01:00
Alexander A. Klimov
74b4c344d6 Shorten check for empty auth header 
refs #11151
 2016-02-15 14:22:36 +01:00
Alexander A. Klimov
8a4f15d32c Don't redirect unauthenticated API requests to the login page 
refs #11151
 2016-02-15 13:36:29 +01:00
Alexander A. Klimov
a464e74aa4 Allow basic auth for API requests only 
refs #11151
 2016-02-15 10:53:32 +01:00
Alexander A. Klimov
dc9cfc1c81 Call getRequest() only once in Auth::authHttp() 
refs #11151
 2016-02-15 10:44:33 +01:00
Alexander A. Klimov
4c97fb7d01 Don't request basic auth if auth scheme isn't basic 
fixes #10506
 2016-02-15 10:39:18 +01:00
Alexander A. Klimov
32876ca8ae LdapUserGroupBackend: respect config option group_filter 
refs #11142
 2016-02-11 15:49:28 +01:00
Alexander A. Klimov
474803fee4 Change all license headers to only reflect a file's year of creation 
refs #11000
 2016-02-08 15:41:00 +01:00
Eric Lippmann
7fd575080e PHP7: Rename String to StringHelper 
refs #10251
 2016-01-27 16:46:55 +01:00
Eric Lippmann
9968fb9011 Reload CSS after login because the user may have a different theme (WIP) 
This is just a quick fix.

refs #10957
 2016-01-18 12:56:02 +01:00
Alexander A. Klimov
fc8873ec0a Use getenv() instead of $_SERVER to get REMOTE_USER 
refs #10488
 2015-12-18 13:46:34 +01:00
Johannes Meyer
916c417666 LdapUserGroupBackend: Avoid inspecting a group with no members 
fixes #10659
 2015-11-24 09:45:49 +01:00
Eric Lippmann
0cc54ce34b Refresh session every 10 minutes 
Quick and dirty fix.

fixes #10229
 2015-11-16 14:19:33 +01:00
Johannes Meyer
d2cc854a61 LdapUserBackend: Set a query's base DN when a table gets required 
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.

refs #10567
 2015-11-11 12:55:17 +01:00
Johannes Meyer
8bf4e8d217 LdapUserGroupBackend: Set a query's base DN when a table gets required 
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.

refs #10567
 2015-11-11 12:54:49 +01:00
Johannes Meyer
2917f352b5 Merge branch 'master' into bugfix/unreliable-attribute-ambiguity-check-10567 
Conflicts:
	library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
	library/Icinga/Protocol/Ldap/LdapConnection.php
 2015-11-11 11:53:19 +01:00
Johannes Meyer
453aa864cc LdapUserGroupBackend: Set the appropriate base dn when resolving dns 
refs #10567
 2015-11-11 11:38:32 +01:00
Johannes Meyer
72f3ba1161 LdapUserGroupBackend: Offer "user_name" as filter column instead of "user" 
refs #10370
 2015-11-10 11:52:06 +01:00
Johannes Meyer
d56056bba7 LdapUserGroupBackend: Utilize $virtualTables 2015-11-10 09:56:58 +01:00
Johannes Meyer
505f5902c7 LdapUserBackend: Utilize $virtualTables 2015-11-10 09:56:27 +01:00