tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,199 Commits 117 Branches 71 Tags 80 MiB
Commit Graph

82 Commits

Author SHA1 Message Date
Thomas Gelf 7b1b5b9b40 Authentication\Manager: do not override user groups 
Needs more care, but this way we are at least able to fetch groups
unless we get out improved implementation.
 2015-02-09 15:27:50 +01:00
Eric Lippmann 6bae2e0a53 Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL 2015-02-04 10:52:27 +01:00
Eric Lippmann 5b4fab0750 Add license header 
This time without syntax errors hopefully :)
 2015-02-03 16:27:59 +01:00
Eric Lippmann 5fa2e3cfdc Revert "Add license header" 
This reverts commit 338d067aba.
 2015-02-03 16:16:26 +01:00
Eric Lippmann 6517f8e2be security: Activate permissions 2015-02-03 16:08:35 +01:00
Eric Lippmann 338d067aba Add license header 
fixes #7788
 2015-02-03 15:51:04 +01:00
Johannes Meyer d452f3218d Use "ini" as preferences store in case preferences are not configured 
refs #8234
 2015-01-23 16:25:24 +01:00
Johannes Meyer 14a4aaeb77 Revert "Fix that when chosing to not to store preferences an invalid config is created" 
This reverts commit 6284da451e.
 2015-01-23 15:23:43 +01:00
Johannes Meyer 6284da451e Fix that when chosing to not to store preferences an invalid config is created 
fixes #8234
 2015-01-23 14:42:09 +01:00
Eric Lippmann 44de790cc9 Security: Temporary grant all permissions 2015-01-22 17:12:49 +01:00
Eric Lippmann bed11ebb60 Security: Load user permissions and restrictions from roles.ini 
refs #5647
 2014-11-19 15:11:14 +01:00
Johannes Meyer 7621f6642d Adjust usages of Icinga\Application\Config 
refs #7147
 2014-11-18 13:11:52 +01:00
Johannes Meyer 9d292269b1 Merge branch 'master' into feature/setup-wizard-7163 
Conflicts:
	application/forms/Config/Resource/LdapResourceForm.php
	test/php/application/forms/Config/Authentication/LdapBackendFormTest.php
 2014-11-11 09:44:11 +01:00
Johannes Meyer 7b99b74ae1 Prefer Icinga\Application\Config instead of Zend_Config 
refs #7147
 2014-11-07 13:53:03 +01:00
Johannes Meyer 170ded6510 Merge branch 'master' into feature/setup-wizard-7163 
Conflicts:
	library/Icinga/Authentication/Backend/LdapUserBackend.php
	library/Icinga/File/Ini/IniWriter.php
 2014-11-04 14:22:53 +01:00
Eric Lippmann 16352fc10c Move Logger to the Application namespace 
fixes #7148
 2014-10-31 10:27:17 +01:00
Johannes Meyer c1bff9a26e Merge branch 'master' into feature/setup-wizard-7163 2014-10-30 10:38:21 +01:00
Eric Lippmann 424cee6b4a Auth: Load user groups using the new user group backends 2014-10-20 13:43:40 +02:00
Johannes Meyer c00dbf9f46 Write session on response 
There should not be any necessity to write the session once changes are
being made to it. We now track whether changes were made and write
the session when responding to the user's request if so.
 2014-09-24 10:46:35 +02:00
Eric Lippmann f1d3b72f05 autologin: Fix externally-authenticated users still being authenticated after external authentication is disabled 
The if condition for revoking authentication if the username changed relied on having the `$_SERVER' variable set which was used for authentication.
Authentication is now revoked if the username changed or external authentication is no longer in effect.

refs #6462
 2014-09-18 15:20:46 +02:00
Eric Lippmann 794910256a Use `User::can()' in `hasPermission()' of the authentication manager 2014-09-18 14:57:24 +02:00
Alexander Klimov 45638b218c Throw IcingaException rather than Exception 
fixes #7014
 2014-08-27 16:03:15 +02:00
Marius Hein 56a29354d3 AutoLogin: Check the remote username against logged in user 
fixes #6462
 2014-07-30 12:54:08 +02:00
Marius Hein e2c761a7aa AutoLogin/Logout: Remove own session namespace 
Store data in the user and implement interface to left
backends store remote information.

fixes #6461
 2014-07-30 12:35:55 +02:00
Eric Lippmann 294728ac47 Revert "Autologin: Test logged session against remote user" 
This reverts commit 64954e9924.

If the strip_username_regex is configured on the autologin backend and applies on a user's name,
the authenticated user's username does never match the REMOTE_USER server variable.
Thus the application will logout/login on every request which results in a redirect loop.

refs #6462
 2014-07-29 17:50:44 +02:00
Marius Hein 64954e9924 Autologin: Test logged session against remote user 
fixes #6462
 2014-07-29 12:06:43 +02:00
Marius Hein 8b9d446d2e Autologin: Remove deprecated autologin methods 
Remove methods from manager because autologin
is now handled with special backends (AutoLoginBackend).

The session is used to store the status about a remote
user authentication to send a 401 header to the client
upon logout.

refs #6461
 2014-07-29 10:48:57 +02:00
Johannes Meyer b40027b6c7 Purge session when logging out 
fixes #6739
 2014-07-16 09:55:22 +02:00
Johannes Meyer 19f05256a0 Only call session_start() when reading from session 
fixes #6383
 2014-07-16 09:55:22 +02:00
Johannes Meyer 3105c2059e Remove license headers from all files 
refs #6309
 2014-07-15 13:43:52 +02:00
Thomas Gelf 4bada86731 Authentication\Manager: fix fromRemoteUser boolean 
This used to be always true in case an autologin backend was enabled.
We only have a REMOTE_USER if there is such.
 2014-06-20 12:58:17 +02:00
Eric Lippmann 07d04628cf Merge branch 'feature/installation-and-configuration-cleanup-5638' 
Conflicts:
	config/config.ini.in
	library/Icinga/Application/ApplicationBootstrap.php
	library/Icinga/Application/Cli.php
	library/Icinga/Application/EmbeddedWeb.php
	library/Icinga/Application/Logger.php
	library/Icinga/Application/Modules/Manager.php
	library/Icinga/Application/Web.php
	library/Icinga/Authentication/Backend/DbUserBackend.php
	library/Icinga/Authentication/Manager.php
	library/Icinga/User/Preferences/IniStore.php
	test/php/library/Icinga/Application/LoggerTest.php
 2014-03-03 19:03:39 +01:00
Eric Lippmann 39c80dccaf Decouple authentication backend creation from Icinga\Authentication\Manager 
Add authentication backend type msldap with default values for user_class
and user_name_attribute. Backend type ldap now logs an error when user_class
and user_name_attribute ist not configured. Rename membership.ini to
memberships.ini since all our INI configuration files are in the plurar
where it makes sense. The AuthenticationController now handles
authentication

refs #5685
refs #5638
fixes #5218
 2014-03-03 17:21:17 +01:00
Matthias Jentsch 99668e87e5 Refresh session id on Authentication 
To prevent session fixation, create a new session id each time authenticate is
called.

refs #5625
 2014-02-26 19:23:34 +01:00
Matthias Jentsch b118e9679d When webserver setting is missing regular authentication will be used 
Check if the remote user is set and use regular authentication when the key is missing.

refs #5405
 2014-02-26 18:08:48 +01:00
Matthias Jentsch a8f765fa3b Add extern authentication 
Provide a new settings authenticationMode and delegate the
authentication handling to the webserver when the external authentication mode
is set. Add a new view 'logout' that will be shown after logout from external
authentication as the regular redirect to login is not possible.

refs #5405
 2014-02-26 18:08:48 +01:00
Johannes Meyer 3555e66018 Make IcingaWeb using the new log wrapper 
refs #5683
 2014-02-26 11:19:52 +01:00
Eric Lippmann 25665dec24 Vagrant: Add authentication.ini and resources.ini to /etc/icingaweb 
refs #5638
 2014-02-21 10:16:16 +01:00
Eric Lippmann 7fa6668b64 Make Icinga Web 2 work without any config file 
refs #5638
fixes #5523
 2014-02-20 13:53:28 +01:00
Eric Lippmann 8edf421c45 Replace debug log with respecting log priorities 
refs #5638
fixes #5522
 2014-02-18 14:46:15 +01:00
Eric Lippmann 69a482d106 Auth: Connect only when a authentication backend is used. Fix log in error messages 
refs #5506
refs #5638
fixes #4931
 2014-02-18 09:33:33 +01:00
Eric Lippmann 08d7edebfc Decouple (automatic) preferences storage from user preferences (WIP) 
DbStore, persisting preferences and tests not yet reworked.
 2014-02-14 17:28:11 +01:00
Eric Lippmann 41ffa1d7c2 Fix PHP Fatal error: Class 'Icinga\Authentication\Membership' not found in ManagerTest.php 2014-02-14 12:11:49 +01:00
Eric Lippmann d6768872c7 Revert "Change setup behavior of the AuthenticationManager to a lazy approach" 
This reverts commit 226eb4eded.

Conflicts:
	library/Icinga/Authentication/Manager.php

This fix is not appropriate

refs #5506
 2014-02-14 11:20:33 +01:00
Marius Hein 8a604f1c2c Implement structures for permissions, restrictions and membership 
refs #4624
 2014-02-12 17:03:18 +01:00
Johannes Meyer ac0b041523 Remove session handling from the authentication manager 
refs #5510
 2014-01-24 14:44:19 +01:00
Thomas Gelf 0f565aae6a Added permission handlers and related sample config reader 
Please see feature #4108 for sample usage

refs #4108
 2014-01-22 13:06:59 +00:00
Matthias Jentsch 226eb4eded Change setup behavior of the AuthenticationManager to a lazy approach 
The authentication manager should only try to set up all backends when
necessary. Remove the backend setup from the constructor and call it only when it is actually needed.

fixes #5506
 2014-01-22 13:04:11 +01:00
Matthias Jentsch 85dbd86e5b Change all UserBackends to a lazy connection-behavior 
refs #5506
 2014-01-22 13:04:11 +01:00
Matthias Jentsch 2a0add3ec3 Fix messages in ConfigController 
Store messages in the current user session to be able to fetch messages from
other controllers, so that the use can be redirected back to the index, instead
of staying in the original action

refs #5100
 2013-11-20 19:10:38 +01:00