32876ca8ae
LdapUserGroupBackend: respect config option group_filter
...
refs #11142
2016-02-11 15:49:28 +01:00
474803fee4
Change all license headers to only reflect a file's year of creation
...
refs #11000
2016-02-08 15:41:00 +01:00
916c417666
LdapUserGroupBackend: Avoid inspecting a group with no members
...
fixes #10659
2015-11-24 09:45:49 +01:00
8bf4e8d217
LdapUserGroupBackend: Set a query's base DN when a table gets required
...
This ensures that the query receives the correct base DN even if the table
gets adjusted by calling from() subsequently.
refs #10567
2015-11-11 12:54:49 +01:00
2917f352b5
Merge branch 'master' into bugfix/unreliable-attribute-ambiguity-check-10567
...
Conflicts:
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
library/Icinga/Protocol/Ldap/LdapConnection.php
2015-11-11 11:53:19 +01:00
453aa864cc
LdapUserGroupBackend: Set the appropriate base dn when resolving dns
...
refs #10567
2015-11-11 11:38:32 +01:00
72f3ba1161
LdapUserGroupBackend: Offer "user_name" as filter column instead of "user"
...
refs #10370
2015-11-10 11:52:06 +01:00
d56056bba7
LdapUserGroupBackend: Utilize $virtualTables
2015-11-10 09:56:58 +01:00
c416216822
LdapUserGroupBackend: Fix typo in method requireTable()
...
refs #10370
2015-11-09 16:00:55 +01:00
ffcc2ed56b
LdapUserGroupBackend: Fix exception when searching for single chars
...
refs #10370
2015-11-09 16:00:24 +01:00
9b826e6e5f
Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter
...
I'm about to add support for our Data\Filter implementation, since it cannot
parse native LDAP filters and a user may have configured such, we need to
differentiate the two types of filter.
refs #10370
2015-11-09 13:04:02 +01:00
cfb26e22b3
LdapUserGroupBackend: Dynamically verify member attribute ambiguity
...
refs #10567
2015-11-09 11:41:11 +01:00
99719bec7d
Merge branch 'master' into bugfix/broken-user-and-group-management-10367
...
Conflicts:
library/Icinga/Authentication/User/LdapUserBackend.php
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
2015-10-29 08:52:07 +01:00
36340aafa6
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-27 13:31:47 +01:00
0b9a141591
LdapUserGroupBackend: Use the group_base_dn as user_base_dn..
...
..if neither the config nor the defaults provide a value.
refs #10402
2015-10-20 11:28:18 +02:00
33956e02f8
Fix collection of user_base_dn from the UserBackend
...
Currently the group_base_dn is used, unless a user_base_dn is configured in the group backend.
refs #10402
2015-10-20 10:02:42 +02:00
8ed489c637
LdapUserGroupBackend: Add method persistUserName()
...
refs #10367
refs #10370
2015-10-16 15:28:44 +02:00
58fc87b2e5
Repository: Ensure that we'll internally only work with virtual table names
...
refs #10367
2015-10-16 14:46:44 +02:00
33037eebbb
Revert "Fix group base DN is erroneously used in place of user base DN"
...
This reverts commit ac7546d9f2
2015-10-16 10:08:14 +02:00
34bf0c3cb0
Add method getUserBackendName() to UserGroupBackendInterface
...
refs #10367
refs #10373
2015-10-15 15:28:03 +02:00
331822ad15
Merge pull request #47 from anenviousguest/master
2015-10-15 12:53:10 +02:00
ac7546d9f2
Fix group base DN is erroneously used in place of user base DN
...
refs #10340
refs #10367
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-10-15 12:52:17 +02:00
d6432cd881
LdapUserGroupBackend: Fix invalid query column initialization, again
...
I've mistakenly reverted a change from Aaron Collins that would have
prevented this issue from occuring.
fixes #10318
2015-10-09 03:53:22 +02:00
8358f82885
LdapUserGroupBackend: Do not consider every "member" as a "user"
...
Not all members of a group are actual user objects. I would have liked to
actually only show real users, but this is currently not possible.
refs #9772
2015-09-29 11:29:05 +02:00
d33b1954aa
LdapUserGroupBackend: Fetch the uid for a member's DN
...
refs #9772
2015-09-29 09:48:57 +02:00
ef1a81897b
LdapUserGroupBackend: Automatically unfold the user_name attribute
...
refs #9772
2015-09-29 09:48:22 +02:00
b7ddb6e4c2
LdapUserGroupBackend: Register the user backend for later use
...
refs #9772
2015-09-29 09:44:01 +02:00
e7e3520375
LdapUserGroupBackend: Fix method getMemberships()
...
refs #9950
2015-09-28 10:57:17 +02:00
e5f2174c1e
LdapUserGroupBackend: Restore method requireTable()
...
refs #9950
2015-09-25 16:24:16 +02:00
fe9ee48d65
LdapUserGroupBackend: Fix incorrect table name initialization
...
refs #9950
2015-09-25 16:23:13 +02:00
b19ecbfb43
LdapUserGroupBackend: Remove the remaining code duplicates
...
refs #9950
refs #9772
2015-09-25 16:21:33 +02:00
23631c8f39
changed order of posix check
...
refs #9950
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-25 14:35:08 +02:00
73715c94b1
Fixes for ldap group auth
...
The current LdapUserGroupBackend was incomplete and suffered from a little over zealous copy pasta. It had over written certain functions that where unnecessary such as the constructor and a table validator. This patch aims to clean those up. Additionally it also makes this group auth work with posixGroup that use the username as the member identifier and not just inetGroups that use the full dn
refs #9950
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-09-25 14:34:33 +02:00
b69311165c
Conform to coding guidelines
2015-09-22 14:53:29 +02:00
42fb1a174b
Do not crash when ldap_dn is defined in additional variables
...
refs #9950
2015-09-22 14:08:15 +02:00
46f2f71c57
Improve logging of membership queries
...
refs #9950
2015-09-22 13:02:08 +02:00
84554d245d
Conform to coding guidelines
...
refs #9950
2015-09-22 12:51:00 +02:00
f3df1f228d
Fix for support issue 9950, do lookups properly on posixGroup group classes
2015-09-18 13:37:04 -07:00
17e8f01d24
Use the DN to fetch group memberships from LDAP
...
fixes #9901
2015-09-18 15:34:12 +02:00
1e6c394693
Controller: Create the filter editor in setupFilterControl() ...
...
...instead of demanding a concrete controller to do so.
We still have to decide how to handle parameter preservation
properly.
refs #9029
2015-08-13 17:05:13 +02:00
fb7666e6bd
LdapUserGroupBackend: Adjust usage of LdapCapabilities::hasAdOid()
...
Usage search ftw..
2015-07-29 16:26:39 +02:00
15220da645
Automatically strip unnecessary parentheses from custom ldap filters
...
fixes #9348
2015-06-23 10:32:45 +02:00
5688f0cb85
Allow to configure user group backends of type LDAP
...
refs #7343
2015-06-05 14:53:29 +02:00
cacd97fb46
LdapUserGroupBackend: Make default configuration providers public
...
I'd like to access these when preparing a config form.
refs #7343
2015-06-05 11:09:31 +02:00
02d2ea682e
LdapUserGroupBackend: Do not permit to link different directories
...
I cannot think of a valid usecase right now. In case someone got one,
revert this commit and make use of the backend itself and not only
its configuration.
refs #7343
2015-06-05 10:51:54 +02:00
0ab192cd1f
LdapUserGroupBackend: Allow to link a user backend
...
refs #7343
2015-06-05 10:41:47 +02:00
ee2462a6b2
LdapUserGroupBackend: Let the backend decide which defaults to use
...
refs #7343
2015-06-05 10:19:28 +02:00
3fd0d99db2
LdapUserGroupBackend: Add support for custom query filters
...
refs #7343
2015-06-05 09:57:40 +02:00
90d946f149
LdapUserGroupBackend: We need a datasource, actually
...
Forgot to add this when disabling LdapRepository inheritance...
refs #7343
2015-06-03 16:40:14 +02:00
d9eb8f9e8d
LdapUserGroupBackend: Do not extend LdapRepository
...
Selecting groups works, but not memberships. Does not make sense
until both things work...
refs #7343
2015-06-03 16:33:22 +02:00
Alexander A. Klimov
Johannes Meyer
Markus Frosch
Eric Lippmann
Vladislav Ponomarev
Aaron Collins
Matthias Jentsch
Jo Rhett