Instead of fetchDN, authentication now uses hasUser to check if the user
exists before querying the password, to prevent the exception from messing
up the whole authentication process
It's not safe to rely on PHP_AUTH_USER and PHP_AUTH_TYPE because
PHP cgi handlers (fgcid for example) only set the REMOTE_USER environment variable
and the authentication type for negogiation methods (Kerberos for example) is neither
Basic nor Digest.
We may have to add REDIRECT_REMOTE_USER for authentication for proxy setups.
Check if authentication is possible during authentication, to generate more
useful error and log messages, in case the backend configuration is wrong
ref #6457
Class names in namespaces should not be chosen as once we didn't have
such. The fact that we already did "use Db\Connection as DbConnection"
is the best hint that naming was wrong.
So this patch renames Db\Connection to Db\DbConnection and does the
same with DbQuery. DbQuery has been adjusted to fit our new SimpleQuery
and to handle the new Filter implementation.
Drop external auth configuration from config.ini and move
implementation into a single backend provider named
'autologin'. This provider can strip realm names from
username with a custom regexp.
fixes#6081
Add authentication backend type msldap with default values for user_class
and user_name_attribute. Backend type ldap now logs an error when user_class
and user_name_attribute ist not configured. Rename membership.ini to
memberships.ini since all our INI configuration files are in the plurar
where it makes sense. The AuthenticationController now handles
authentication
refs #5685
refs #5638fixes#5218
Remove the old calls to DbAdapterFactory and use ResourceFactory instead. Remove
the DbAdapterFactory and fix all unit tests that have been broken due to the changes.
Change the functionality of the ResourceFactory to also handle LdapConnections
resolves#4587
Fix coding standards in database schemes. Use DbAdapterFactory in all unit
tests instead of creating own adapters. Fix DbUserBackend and DbStore to use
FETCH_OBJ, instead of FETCH_ASSOC, to handle it consistently in the whole
application. Remove unnecessary table columns from the "account" scheme.
refs #4577
refs #4578
refs #4596
refs #4599
refs #4627
Change the StoreFactory configuration to reference to a resource instead of
defining the whole database. Additionally fix docstrings, fix imports and fix
function calls to comply to coding style standards.
refs #4503
Create the DbAdapterFactory to instanciate db adapters, add resources.ini to configure resources, change
the authentication Manager to fall back to backends with lower priority in case
of errors, update the current UserBackends to the changed environment. Also
adjust the documentation and existing unit tests.
resolves#4503
Add an ini writer that respects the file structure and the comments that may be
already present in the config file. Move Application/Config.php into
Config/Config.php.
refs #4352
Fix installation instructions for postgresql, the user table is now
'account', as user is a keyword in some rdbms, now catching exceptions
and returning auth failed while logging errors
refs #3769
Set the default database and user to "icingaweb" in the authentication.ini. Add
instructions about how to set up the databases to authentication.ini.
refs #3769
Matthias Jentsch
Thomas Gelf
Eric Lippmann
Marius Hein
Johannes Meyer
Jannis Moßhammer