tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,463 Commits 121 Branches 71 Tags 80 MiB
Commit Graph

374 Commits

Author SHA1 Message Date
Alexander A. Klimov d9330486e9 Replace ExternalBackend::getRemoteUserEnvvars() with an attribute 
refs #12164
 2016-11-04 17:27:36 +01:00
Alexander A. Klimov d6ac6c8374 setup/AuthenticationPage: don't show the warning about external backend configuration if REDIRECT_REMOTE_USER is set 
refs #12164
 2016-10-18 15:19:13 +02:00
Alexander A. Klimov 4d6160d987 ExternalBackend::getRemoteUser(): restore previous default behavior 
refs #12164
 2016-10-18 10:22:06 +02:00
Alexander A. Klimov ab01d2f915 ExternalBackend: don't reference more than necessary from the config 
refs #12164
 2016-10-18 10:17:21 +02:00
Alexander A. Klimov ce951295d3 ExternalBackend: make the variable a webserver assigns a username to configurable 
refs #12164
 2016-10-17 18:46:00 +02:00
Alexander A. Klimov 29c221418b External authentication: respect REDIRECT_REMOTE_USER as well 
refs #12164
 2016-10-17 16:19:26 +02:00
Eric Lippmann e62d94209f Allow users to change their password if backend is db 
refs #10616
 2016-07-21 17:38:19 +02:00
Eric Lippmann 99d08bf03b Get remote user from $_SERVER if env does not have it in external auth 
refs #11391
 2016-04-11 14:09:04 +02:00
Eric Lippmann 2ac54d7c3e lib: Add ExternalBackend::getRemoteUser() 
If the user is authenticated via the web server, this method should be used to retrieve the user because
it supports both reading the user from the environment or from the $_SERVER variable as fallback.

refs #11391
 2016-04-11 14:01:36 +02:00
Eric Lippmann c803ec64c5 lib: Move getters before setters in ExternalBackend 2016-04-11 10:57:01 +02:00
Eric Lippmann e0781cf8b5 Fix PHPDoc of AdmissionLoader::applyRoles() 
refs #10887
 2016-03-29 11:26:00 +02:00
Eric Lippmann 5b5978787b Move permission and restriction initialization in AdmissionLoader 
refs #10887
 2016-03-29 11:25:55 +02:00
Eric Lippmann 32c6a03000 Remove Role::addPermission() 
Method is not used.

refs #10887
 2016-03-29 11:25:53 +02:00
Eric Lippmann 123488cfc0 Remove Role::addRestriction() 
Method is not used.

refs #10887
 2016-03-29 11:25:51 +02:00
Eric Lippmann 08b70267cd Move setters after getter in Role.php 
refs #10887
 2016-03-29 11:25:47 +02:00
Alexander A. Klimov df0d3aaf1e AdmissionLoader: set the roles of the user 
refs #10887
 2016-03-24 16:24:24 +01:00
Alexander A. Klimov 57ce39834d Role: implement setPermissions() and setRestrictions() 
refs #10887
 2016-03-24 16:11:31 +01:00
Eric Lippmann f1f4cdc3cb lib: Use AdmissionLoader::applyRoles() in Auth 
refs #10887
 2016-03-24 15:30:30 +01:00
Eric Lippmann 6ec1878977 lib: Add Authentication/Role 
refs #10887
 2016-03-24 15:29:39 +01:00
Eric Lippmann 2699d2c9ed lib: Rename AdmissionLoader::applyPerm... to applyRoles() 
refs #10887
 2016-03-24 15:28:21 +01:00
Markus Frosch 929f45deea Fix session resume for external auths 
When REMOTE_USER is not available from _SERVER (PHP internal webserver)

fixes #11277
 2016-03-02 17:39:05 +01:00
Eric Lippmann 9d5e21e71e Remove IniUserGroupBackend.php 
Does not conform to its interface anymore and is not in use.
 2016-02-26 10:32:13 +01:00
Alexander A. Klimov c78a7912e7 Fix parse error in Auth.php 2016-02-15 14:50:33 +01:00
Alexander A. Klimov 74b4c344d6 Shorten check for empty auth header 
refs #11151
 2016-02-15 14:22:36 +01:00
Alexander A. Klimov 8a4f15d32c Don't redirect unauthenticated API requests to the login page 
refs #11151
 2016-02-15 13:36:29 +01:00
Alexander A. Klimov a464e74aa4 Allow basic auth for API requests only 
refs #11151
 2016-02-15 10:53:32 +01:00
Alexander A. Klimov dc9cfc1c81 Call getRequest() only once in Auth::authHttp() 
refs #11151
 2016-02-15 10:44:33 +01:00
Alexander A. Klimov 4c97fb7d01 Don't request basic auth if auth scheme isn't basic 
fixes #10506
 2016-02-15 10:39:18 +01:00
Alexander A. Klimov 32876ca8ae LdapUserGroupBackend: respect config option group_filter 
refs #11142
 2016-02-11 15:49:28 +01:00
Alexander A. Klimov 474803fee4 Change all license headers to only reflect a file's year of creation 
refs #11000
 2016-02-08 15:41:00 +01:00
Eric Lippmann 7fd575080e PHP7: Rename String to StringHelper 
refs #10251
 2016-01-27 16:46:55 +01:00
Eric Lippmann 9968fb9011 Reload CSS after login because the user may have a different theme (WIP) 
This is just a quick fix.

refs #10957
 2016-01-18 12:56:02 +01:00
Alexander A. Klimov fc8873ec0a Use getenv() instead of $_SERVER to get REMOTE_USER 
refs #10488
 2015-12-18 13:46:34 +01:00
Johannes Meyer 916c417666 LdapUserGroupBackend: Avoid inspecting a group with no members 
fixes #10659
 2015-11-24 09:45:49 +01:00
Eric Lippmann 0cc54ce34b Refresh session every 10 minutes 
Quick and dirty fix.

fixes #10229
 2015-11-16 14:19:33 +01:00
Johannes Meyer d2cc854a61 LdapUserBackend: Set a query's base DN when a table gets required 
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.

refs #10567
 2015-11-11 12:55:17 +01:00
Johannes Meyer 8bf4e8d217 LdapUserGroupBackend: Set a query's base DN when a table gets required 
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.

refs #10567
 2015-11-11 12:54:49 +01:00
Johannes Meyer 2917f352b5 Merge branch 'master' into bugfix/unreliable-attribute-ambiguity-check-10567 
Conflicts:
	library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
	library/Icinga/Protocol/Ldap/LdapConnection.php
 2015-11-11 11:53:19 +01:00
Johannes Meyer 453aa864cc LdapUserGroupBackend: Set the appropriate base dn when resolving dns 
refs #10567
 2015-11-11 11:38:32 +01:00
Johannes Meyer 72f3ba1161 LdapUserGroupBackend: Offer "user_name" as filter column instead of "user" 
refs #10370
 2015-11-10 11:52:06 +01:00
Johannes Meyer d56056bba7 LdapUserGroupBackend: Utilize $virtualTables 2015-11-10 09:56:58 +01:00
Johannes Meyer 505f5902c7 LdapUserBackend: Utilize $virtualTables 2015-11-10 09:56:27 +01:00
Johannes Meyer c416216822 LdapUserGroupBackend: Fix typo in method requireTable() 
refs #10370
 2015-11-09 16:00:55 +01:00
Johannes Meyer ffcc2ed56b LdapUserGroupBackend: Fix exception when searching for single chars 
refs #10370
 2015-11-09 16:00:24 +01:00
Johannes Meyer 9b826e6e5f Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter 
I'm about to add support for our Data\Filter implementation, since it cannot
parse native LDAP filters and a user may have configured such, we need to
differentiate the two types of filter.

refs #10370
 2015-11-09 13:04:02 +01:00
Johannes Meyer cfb26e22b3 LdapUserGroupBackend: Dynamically verify member attribute ambiguity 
refs #10567
 2015-11-09 11:41:11 +01:00
Johannes Meyer 99719bec7d Merge branch 'master' into bugfix/broken-user-and-group-management-10367 
Conflicts:
	library/Icinga/Authentication/User/LdapUserBackend.php
	library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
 2015-10-29 08:52:07 +01:00
Johannes Meyer 36340aafa6 Repository: Ensure that we'll internally only work with virtual table names 
refs #10367
 2015-10-27 13:31:47 +01:00
Johannes Meyer 0b9a141591 LdapUserGroupBackend: Use the group_base_dn as user_base_dn.. 
..if neither the config nor the defaults provide a value.

refs #10402
 2015-10-20 11:28:18 +02:00
Markus Frosch 33956e02f8 Fix collection of user_base_dn from the UserBackend 
Currently the group_base_dn is used, unless a user_base_dn is configured in the group backend.

refs #10402
 2015-10-20 10:02:42 +02:00