The if condition for revoking authentication if the username changed relied on having the `$_SERVER' variable set which was used for authentication.
Authentication is now revoked if the username changed or external authentication is no longer in effect.
refs #6462
This reverts commit 64954e99244f26cc6b6dccc7d60a253c105bd550.
If the strip_username_regex is configured on the autologin backend and applies on a user's name,
the authenticated user's username does never match the REMOTE_USER server variable.
Thus the application will logout/login on every request which results in a redirect loop.
refs #6462
Remove methods from manager because autologin
is now handled with special backends (AutoLoginBackend).
The session is used to store the status about a remote
user authentication to send a 401 header to the client
upon logout.
refs #6461
Add authentication backend type msldap with default values for user_class
and user_name_attribute. Backend type ldap now logs an error when user_class
and user_name_attribute ist not configured. Rename membership.ini to
memberships.ini since all our INI configuration files are in the plurar
where it makes sense. The AuthenticationController now handles
authentication
refs #5685
refs #5638fixes#5218
Provide a new settings authenticationMode and delegate the
authentication handling to the webserver when the external authentication mode
is set. Add a new view 'logout' that will be shown after logout from external
authentication as the regular redirect to login is not possible.
refs #5405
This reverts commit 226eb4eded6aa098ad268edc8fba5ddec09b423b.
Conflicts:
library/Icinga/Authentication/Manager.php
This fix is not appropriate
refs #5506
The authentication manager should only try to set up all backends when
necessary. Remove the backend setup from the constructor and call it only when it is actually needed.
fixes#5506
Store messages in the current user session to be able to fetch messages from
other controllers, so that the use can be redirected back to the index, instead
of staying in the original action
refs #5100
Authentication/Session.php and its Subclasses do not have a open/closed -state
anymore. Read will refresh the session, write will always write the changes,
and opening/closing will be handled internally.
refs #5101
Remove the old calls to DbAdapterFactory and use ResourceFactory instead. Remove
the DbAdapterFactory and fix all unit tests that have been broken due to the changes.
Change the functionality of the ResourceFactory to also handle LdapConnections
resolves#4587
Fix coding standards in database schemes. Use DbAdapterFactory in all unit
tests instead of creating own adapters. Fix DbUserBackend and DbStore to use
FETCH_OBJ, instead of FETCH_ASSOC, to handle it consistently in the whole
application. Remove unnecessary table columns from the "account" scheme.
refs #4577
refs #4578
refs #4596
refs #4599
refs #4627
Change the StoreFactory configuration to reference to a resource instead of
defining the whole database. Additionally fix docstrings, fix imports and fix
function calls to comply to coding style standards.
refs #4503
Create the DbAdapterFactory to instanciate db adapters, add resources.ini to configure resources, change
the authentication Manager to fall back to backends with lower priority in case
of errors, update the current UserBackends to the changed environment. Also
adjust the documentation and existing unit tests.
resolves#4503
