tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,151 Commits 121 Branches 71 Tags 80 MiB
Commit Graph

165 Commits

Author SHA1 Message Date
Johannes Meyer 2a115e71d4 Add support for paged LDAP search results 
fixes #8261
refs #6176
 2015-01-29 15:53:15 +01:00
Johannes Meyer 50fc85d7ff Rename authentication type "autologin" to "external" 
refs #8274
 2015-01-27 09:49:36 +01:00
Johannes Meyer d452f3218d Use "ini" as preferences store in case preferences are not configured 
refs #8234
 2015-01-23 16:25:24 +01:00
Johannes Meyer 14a4aaeb77 Revert "Fix that when chosing to not to store preferences an invalid config is created" 
This reverts commit 6284da451e.
 2015-01-23 15:23:43 +01:00
Johannes Meyer 6284da451e Fix that when chosing to not to store preferences an invalid config is created 
fixes #8234
 2015-01-23 14:42:09 +01:00
Eric Lippmann 44de790cc9 Security: Temporary grant all permissions 2015-01-22 17:12:49 +01:00
Eric Lippmann 2bd2f32b2e postgresql/auth: Fix that users cannot login when using PostgreSQL >= version 9.0 
fixes #8251
 2015-01-19 16:43:19 +01:00
Tom Ford dc0f396fbf Check LDAP username in case insensitive way 
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>

refs #7991
 2014-12-10 16:00:39 +01:00
Eric Lippmann 3e1583ca40 Security: Remove getPermissions and getRestrictions from the AdmissionLoader 
These funtctions are superseded by getRestrictionsAndPermissions.

refs #5647
 2014-11-19 15:13:45 +01:00
Eric Lippmann bed11ebb60 Security: Load user permissions and restrictions from roles.ini 
refs #5647
 2014-11-19 15:11:14 +01:00
Eric Lippmann b01a9a65e0 Security: Introduce AdmissionLoader::getPermissionsAndRestrictions() for loading permissins and restrictions from roles.ini 
When loading from roles.ini there's currently an empty permission added which is of course a bug and will be fixed asap.

refs #5647
 2014-11-19 15:10:09 +01:00
Johannes Meyer 7621f6642d Adjust usages of Icinga\Application\Config 
refs #7147
 2014-11-18 13:11:52 +01:00
Johannes Meyer eb4672923f Require the OpenSSL module instead of providing an unsafe fallback 
refs #7163
 2014-11-11 10:19:09 +01:00
Johannes Meyer 9d292269b1 Merge branch 'master' into feature/setup-wizard-7163 
Conflicts:
	application/forms/Config/Resource/LdapResourceForm.php
	test/php/application/forms/Config/Authentication/LdapBackendFormTest.php
 2014-11-11 09:44:11 +01:00
Johannes Meyer 2bb7217d04 Do not require the openssl extension 2014-11-10 11:20:02 +01:00
Johannes Meyer 124f64ad89 Merge branch 'master' into bugfix/drop-zend-config-7147 2014-11-07 14:07:15 +01:00
Johannes Meyer 7b99b74ae1 Prefer Icinga\Application\Config instead of Zend_Config 
refs #7147
 2014-11-07 13:53:03 +01:00
Matthias Jentsch d0706a55ea Chain exceptions in LdapUserBackend instead of printing the message 2014-11-06 16:32:43 +01:00
Johannes Meyer 7569c55796 Fix how password hashes are stored and retrieved in DbUserBackend 2014-11-04 15:52:09 +01:00
Johannes Meyer 170ded6510 Merge branch 'master' into feature/setup-wizard-7163 
Conflicts:
	library/Icinga/Authentication/Backend/LdapUserBackend.php
	library/Icinga/File/Ini/IniWriter.php
 2014-11-04 14:22:53 +01:00
Johannes Meyer 8913bf53c9 Fix salt extraction 2014-11-04 13:03:36 +01:00
Johannes Meyer 99277383b9 Fix retrieving a user's data from the database 2014-11-04 13:03:12 +01:00
Johannes Meyer cad8f7538e Leave it up to the database to decide what is the current time 2014-11-04 12:42:39 +01:00
Matthias Jentsch f9fee2df70 Do not interrupt authentication chain on invalid ldap connection infos 
Catch LdapExceptions and throw AuthenticationException to not interrupt authentication chain

fixes #7497
 2014-11-04 12:35:41 +01:00
Eric Lippmann 16352fc10c Move Logger to the Application namespace 
fixes #7148
 2014-10-31 10:27:17 +01:00
Johannes Meyer 4f1e1ddb6f Adjust the DbUserBackend to reflect the new database schema 2014-10-30 15:40:07 +01:00
Johannes Meyer c1bff9a26e Merge branch 'master' into feature/setup-wizard-7163 2014-10-30 10:38:21 +01:00
Eric Lippmann f68c591a46 LDAP Auth: Make group loading really optional 
fixes #7432
 2014-10-23 03:50:03 +02:00
Johannes Meyer 8c62c66a4e Make regular expression pattern in autologin backend being fully optional 2014-10-20 15:14:14 +02:00
Eric Lippmann 424cee6b4a Auth: Load user groups using the new user group backends 2014-10-20 13:43:40 +02:00
Eric Lippmann aa56f3010c lib: Add DbUserGroupBackend 2014-10-20 13:42:33 +02:00
Eric Lippmann d170cf0c9d lib: Replace Membership with IniUserGroupBackend 2014-10-20 13:42:15 +02:00
Eric Lippmann d1228deef2 lib: Add UserGroupBackend as base class and factory for user group backends 2014-10-20 13:41:33 +02:00
Eric Lippmann cee261bf7e Use lowercase username and user groups for loading user permissions and restrictions 2014-10-20 13:36:37 +02:00
Matthias Jentsch 9a9aa84e23 Respect base_dn in LdapUserBackend 2014-10-14 14:37:21 +02:00
Matthias Jentsch dd21b7b5d1 Make sure that we work only with arrays when handling LDAP groups 2014-10-09 10:14:42 +02:00
Matthias Jentsch 04e83a53c5 Add `base_dn' directive to LDAP backend config 2014-10-09 10:10:09 +02:00
Johannes Meyer 1cbe2451a8 Merge branch 'master' into feature/setup-wizard-7163 
Conflicts:
	application/forms/Config/Resource/StatusdatResourceForm.php
 2014-10-08 16:34:31 +02:00
Johannes Meyer 96ba45d896 Convert password salt to ASCII to avoid encoding issues with PostgreSQL 2014-10-08 15:26:42 +02:00
Johannes Meyer 393191ced1 Add admin creation routine 
refs #7163
 2014-10-08 10:26:12 +02:00
Alexander Fuhr 421263af00 Make LDAP Groups optional 
refs #7343
 2014-10-06 13:35:17 +02:00
Alexander Fuhr 017d4b8c9d Introduce Groups from LDAP to User Object 2014-10-01 16:03:42 +02:00
Eric Lippmann 74bd9b319d restrictions: Include restriction's section name in user restrictions 2014-10-01 14:08:21 +02:00
Eric Lippmann 084691570e permissions: Use a comma-separated list as config instead of the `permission_*' directives 
Permissions are now set using a comma-separated list of permissions using the `permissions' config because
the `users' and `groups' are comma-separated lists too.
 2014-10-01 08:14:03 +02:00
Johannes Meyer 8fcf21a6b8 Make it possible to retrieve a list of available users for authentication 
refs #7163
 2014-09-29 11:21:40 +02:00
Johannes Meyer c00dbf9f46 Write session on response 
There should not be any necessity to write the session once changes are
being made to it. We now track whether changes were made and write
the session when responding to the user's request if so.
 2014-09-24 10:46:35 +02:00
Eric Lippmann f1d3b72f05 autologin: Fix externally-authenticated users still being authenticated after external authentication is disabled 
The if condition for revoking authentication if the username changed relied on having the `$_SERVER' variable set which was used for authentication.
Authentication is now revoked if the username changed or external authentication is no longer in effect.

refs #6462
 2014-09-18 15:20:46 +02:00
Eric Lippmann 794910256a Use `User::can()' in `hasPermission()' of the authentication manager 2014-09-18 14:57:24 +02:00
Alexander Klimov 45638b218c Throw IcingaException rather than Exception 
fixes #7014
 2014-08-27 16:03:15 +02:00
Alexander Klimov 9c5878cbbe ConfigurationError: extend IcingaException 
refs #6931
 2014-08-22 11:46:11 +02:00