icingaweb2

Commit Graph

Author	SHA1	Message	Date
ss23	c196a7c7c4	Modify authentication function to support alternative algorithms The existing usage of crypt() was borderline incorrect. This simplified function will allow hashes of other types (e.g. bcrypt) and thus mitigate #2954 (use password_hash) until this can be implemented. The getSalt protected method was also removed as this is no longer required, though this can be added again in future.	2017-11-06 22:48:42 +13:00
Eric Lippmann	4b11afe7d5	Remove unused method LdapUserBackend::setConfig()	2017-07-11 17:08:16 +02:00
Eric Lippmann	bd23d008ca	Auth: Make sure to set the configured domain on LDAP/MSAD user backends	2017-07-11 17:02:32 +02:00
Eric Lippmann	cbde758fc6	Remove unused domain-aware auth related functions from UserBackend These functions made it into the master branch accidentally.	2017-07-11 17:01:06 +02:00
Eric Lippmann	686d022987	Merge pull request #2863 from Icinga/feature/domain-support-for-authn-authz-2153	2017-06-21 13:16:36 +02:00
Eric Lippmann	0cbec01743	Make auth via LDAP user backends domain-aware refs #2153	2017-06-12 13:31:07 +02:00
Eric Lippmann	05288e9bea	Add interface for user backends which are responsible for a specific domain refs #2153	2017-06-12 13:31:07 +02:00
Alexander A. Klimov	2b9e9bf2b3	User: split the username into localpart and domain (if given)	2017-06-12 13:31:07 +02:00
Alexander A. Klimov	f323310174	DbUserBackend: don't fail at validation if there aren't any active users refs #2598	2017-02-24 15:29:05 +01:00
Johannes Meyer	0716f87852	Update german translation	2016-12-13 13:57:27 +01:00
Johannes Meyer	3a816ce0f7	ExternalBackend: Don't throw an error if it's not possible to clean usernames	2016-11-16 12:04:46 +01:00
Johannes Meyer	0bd00ba3d0	ExternalBackend: Simplify how remote users are identified refs #12164	2016-11-16 11:55:54 +01:00
Alexander A. Klimov	d9330486e9	Replace ExternalBackend::getRemoteUserEnvvars() with an attribute refs #12164	2016-11-04 17:27:36 +01:00
Alexander A. Klimov	d6ac6c8374	setup/AuthenticationPage: don't show the warning about external backend configuration if REDIRECT_REMOTE_USER is set refs #12164	2016-10-18 15:19:13 +02:00
Alexander A. Klimov	4d6160d987	ExternalBackend::getRemoteUser(): restore previous default behavior refs #12164	2016-10-18 10:22:06 +02:00
Alexander A. Klimov	ab01d2f915	ExternalBackend: don't reference more than necessary from the config refs #12164	2016-10-18 10:17:21 +02:00
Alexander A. Klimov	ce951295d3	ExternalBackend: make the variable a webserver assigns a username to configurable refs #12164	2016-10-17 18:46:00 +02:00
Alexander A. Klimov	29c221418b	External authentication: respect REDIRECT_REMOTE_USER as well refs #12164	2016-10-17 16:19:26 +02:00
Eric Lippmann	99d08bf03b	Get remote user from $_SERVER if env does not have it in external auth refs #11391	2016-04-11 14:09:04 +02:00
Eric Lippmann	2ac54d7c3e	lib: Add ExternalBackend::getRemoteUser() If the user is authenticated via the web server, this method should be used to retrieve the user because it supports both reading the user from the environment or from the $_SERVER variable as fallback. refs #11391	2016-04-11 14:01:36 +02:00
Eric Lippmann	c803ec64c5	lib: Move getters before setters in ExternalBackend	2016-04-11 10:57:01 +02:00
Alexander A. Klimov	474803fee4	Change all license headers to only reflect a file's year of creation refs #11000	2016-02-08 15:41:00 +01:00
Alexander A. Klimov	fc8873ec0a	Use getenv() instead of $_SERVER to get REMOTE_USER refs #10488	2015-12-18 13:46:34 +01:00
Johannes Meyer	d2cc854a61	LdapUserBackend: Set a query's base DN when a table gets required This ensures that the query receives the correct base DN even if the table gets adjusted by calling from() subsequently. refs #10567	2015-11-11 12:55:17 +01:00
Johannes Meyer	505f5902c7	LdapUserBackend: Utilize $virtualTables	2015-11-10 09:56:27 +01:00
Johannes Meyer	9b826e6e5f	Drop class Ldap\Expression and introduce LdapQuery::$nativeFilter I'm about to add support for our Data\Filter implementation, since it cannot parse native LDAP filters and a user may have configured such, we need to differentiate the two types of filter. refs #10370	2015-11-09 13:04:02 +01:00
Johannes Meyer	878bd78587	LdapUserBackend: Unfold the user_name_attribute automatically This is.. the currently easiest solution. As long as attribute unfolding is not very performance intensive this solution suffices. refs #10367 refs #10332	2015-10-16 17:25:42 +02:00
Johannes Meyer	58fc87b2e5	Repository: Ensure that we'll internally only work with virtual table names refs #10367	2015-10-16 14:46:44 +02:00
Johannes Meyer	7ef76932d4	DbRepository: Validate the table when inserting, updating and deleting	2015-10-16 12:36:47 +02:00
Alexander A. Klimov	17e8f01d24	Use the DN to fetch group memberships from LDAP fixes #9901	2015-09-18 15:34:12 +02:00
Russell Kubik	056ab0c96c	Fix that DbUserBackend::inspect() reports 0 users when only one exists refs #9739 Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>	2015-09-01 23:08:24 +02:00
Eric Lippmann	d2a4b880b1	Revert "Accept DbUserBackends with only one single user" This reverts commit `c8d065b3e0`. There's a PR on GitHub open that was contributed earlier than this fix. Thus giving credit to the PR's author. refs #9739	2015-09-01 23:05:34 +02:00
Johannes Meyer	1e6c394693	Controller: Create the filter editor in setupFilterControl() ... ...instead of demanding a concrete controller to do so. We still have to decide how to handle parameter preservation properly. refs #9029	2015-08-13 17:05:13 +02:00
Johannes Meyer	4b6849eea7	Repository: Introduce query column blacklists We can no longer use $filterColumns to blacklist query columns so there is now another set of column names required to achieve this. refs #9029	2015-08-13 14:06:27 +02:00
Johannes Meyer	316a4d8b82	Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609	2015-07-30 16:16:04 +02:00
Eric Lippmann	a234852f32	Merge branch 'feature/basic-auth-9660' resolves #9660	2015-07-30 15:05:07 +02:00
Eric Lippmann	37ef87b9ab	lib: Fix PHPDoc in ExternalBackend refs #9660	2015-07-29 15:46:40 +02:00
Eric Lippmann	1b5c5deace	lib: Rename remote user to external user We renamed our backend. Code now reflects this. refs #9660	2015-07-29 15:44:32 +02:00
Johannes Meyer	3f7081296b	Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609	2015-07-29 15:02:20 +02:00
Johannes Meyer	13edbf901d	UserBackend: Implement interface ConfigAwareFactory refs #9609	2015-07-29 13:44:26 +02:00
Johannes Meyer	83aafe8cda	Allow to discover LDAP connections in the wizard as well ...	2015-07-29 09:26:53 +02:00
Eric Lippmann	4d44a0625c	lib: Move UserBackendInterface::authenticate() to new interface Authenticatable refs #9660	2015-07-29 09:25:14 +02:00
Matthias Jentsch	c8d065b3e0	Accept DbUserBackends with only one single user fixes #9739	2015-07-28 12:41:08 +02:00
Matthias Jentsch	5478027855	Bring back user count in ldap backend inspection We already use count later in the wizard anyways. refs #9630	2015-07-16 16:52:56 +02:00
Matthias Jentsch	e357960d1e	Add Inspection API to DB backend refs #9641	2015-07-16 16:16:55 +02:00
Matthias Jentsch	ffe672c252	Improve message texts and scalabillity Always start uppercase and don't use count() function until we've got a more scalable implementation in the LdapConnection. refs #9630	2015-07-16 13:51:26 +02:00
Matthias Jentsch	6b8e5da76d	Move all assertion functions into the inspect functions Reduce code duplication and add class Inspection refs #9630	2015-07-16 12:21:11 +02:00
Matthias Jentsch	59c4f8d056	Use Inspection API in User Backend Form refs #9630	2015-07-15 19:35:25 +02:00
Matthias Jentsch	3ddb8ca1bd	Add abillity to discover AD version and vendor name to discovery refs #9605	2015-07-14 18:32:44 +02:00
Johannes Meyer	3dddee8b7d	Setup: Fix authentication backend validation This is a ridiculous dirty fix. We'll definitely need to improve how we create authentication backends... fixes #9509	2015-06-25 14:36:51 +02:00

1 2

88 Commits