cfbd5c500e
Make LDAP user group backends domain-aware
...
refs #2153
2017-06-12 13:31:07 +02:00
0cbec01743
Make auth via LDAP user backends domain-aware
...
refs #2153
2017-06-12 13:31:07 +02:00
05288e9bea
Add interface for user backends which are responsible for a specific domain
...
refs #2153
2017-06-12 13:31:07 +02:00
41acffdc24
Login: set the default domain if necessary
...
refs #2153
2017-06-12 13:31:07 +02:00
2b9e9bf2b3
User: split the username into localpart and domain (if given)
2017-06-12 13:31:07 +02:00
181e2ef05c
Swag: Fix swag (aka a whole bunch of code style issues..)
2017-01-27 14:48:59 +01:00
08a82daea3
Update to icinga.com
...
refs #2687
2017-01-18 12:04:43 +01:00
0716f87852
Update german translation
2016-12-13 13:57:27 +01:00
648f088564
Conform to coding guidelines
...
refs #12598
2016-12-07 17:45:50 +01:00
59f1a70d5e
Add support for nested AD groups resolved from the user
...
This will make sure that nested groups also work with roles.
Signed-off-by: Alexander A. Klimov <alexander.klimov@icinga.com>
refs #12598
2016-12-07 17:15:59 +01:00
4eb61c2bcf
Revert breaking change in Auth::isAuthenticated()
...
refs #12580
fixes #13281
2016-12-06 12:41:22 +01:00
78be71bc92
Merge branch 'bugfix/evaluate-redirect_remote_user-12164'
...
fixes #12164
2016-11-21 08:53:35 +01:00
f7e5cd3b71
Check the correct return type in case preg_replace fails in ExternalBackend.php
2016-11-16 14:10:31 +01:00
3a816ce0f7
ExternalBackend: Don't throw an error if it's not possible to clean usernames
2016-11-16 12:04:46 +01:00
0bd00ba3d0
ExternalBackend: Simplify how remote users are identified
...
refs #12164
2016-11-16 11:55:54 +01:00
f7a8524dce
DbUserGroupBackend: Group by group.id when joining group memberships
...
Prevents duplicate results in case a group has multiple members.
2016-11-11 09:19:59 +01:00
2b060d9bd4
Challenge API requests only if the controller requires auth
...
fixes #12580
2016-11-07 10:40:38 +01:00
d9330486e9
Replace ExternalBackend::getRemoteUserEnvvars() with an attribute
...
refs #12164
2016-11-04 17:27:36 +01:00
d6ac6c8374
setup/AuthenticationPage: don't show the warning about external backend configuration if REDIRECT_REMOTE_USER is set
...
refs #12164
2016-10-18 15:19:13 +02:00
4d6160d987
ExternalBackend::getRemoteUser(): restore previous default behavior
...
refs #12164
2016-10-18 10:22:06 +02:00
ab01d2f915
ExternalBackend: don't reference more than necessary from the config
...
refs #12164
2016-10-18 10:17:21 +02:00
ce951295d3
ExternalBackend: make the variable a webserver assigns a username to configurable
...
refs #12164
2016-10-17 18:46:00 +02:00
29c221418b
External authentication: respect REDIRECT_REMOTE_USER as well
...
refs #12164
2016-10-17 16:19:26 +02:00
e62d94209f
Allow users to change their password if backend is db
...
refs #10616
2016-07-21 17:38:19 +02:00
99d08bf03b
Get remote user from $_SERVER if env does not have it in external auth
...
refs #11391
2016-04-11 14:09:04 +02:00
2ac54d7c3e
lib: Add ExternalBackend::getRemoteUser()
...
If the user is authenticated via the web server, this method should be used to retrieve the user because
it supports both reading the user from the environment or from the $_SERVER variable as fallback.
refs #11391
2016-04-11 14:01:36 +02:00
c803ec64c5
lib: Move getters before setters in ExternalBackend
2016-04-11 10:57:01 +02:00
e0781cf8b5
Fix PHPDoc of AdmissionLoader::applyRoles()
...
refs #10887
2016-03-29 11:26:00 +02:00
5b5978787b
Move permission and restriction initialization in AdmissionLoader
...
refs #10887
2016-03-29 11:25:55 +02:00
32c6a03000
Remove Role::addPermission()
...
Method is not used.
refs #10887
2016-03-29 11:25:53 +02:00
123488cfc0
Remove Role::addRestriction()
...
Method is not used.
refs #10887
2016-03-29 11:25:51 +02:00
08b70267cd
Move setters after getter in Role.php
...
refs #10887
2016-03-29 11:25:47 +02:00
df0d3aaf1e
AdmissionLoader: set the roles of the user
...
refs #10887
2016-03-24 16:24:24 +01:00
57ce39834d
Role: implement setPermissions() and setRestrictions()
...
refs #10887
2016-03-24 16:11:31 +01:00
f1f4cdc3cb
lib: Use AdmissionLoader::applyRoles() in Auth
...
refs #10887
2016-03-24 15:30:30 +01:00
6ec1878977
lib: Add Authentication/Role
...
refs #10887
2016-03-24 15:29:39 +01:00
2699d2c9ed
lib: Rename AdmissionLoader::applyPerm... to applyRoles()
...
refs #10887
2016-03-24 15:28:21 +01:00
929f45deea
Fix session resume for external auths
...
When REMOTE_USER is not available from _SERVER (PHP internal webserver)
fixes #11277
2016-03-02 17:39:05 +01:00
9d5e21e71e
Remove IniUserGroupBackend.php
...
Does not conform to its interface anymore and is not in use.
2016-02-26 10:32:13 +01:00
c78a7912e7
Fix parse error in Auth.php
2016-02-15 14:50:33 +01:00
74b4c344d6
Shorten check for empty auth header
...
refs #11151
2016-02-15 14:22:36 +01:00
8a4f15d32c
Don't redirect unauthenticated API requests to the login page
...
refs #11151
2016-02-15 13:36:29 +01:00
a464e74aa4
Allow basic auth for API requests only
...
refs #11151
2016-02-15 10:53:32 +01:00
dc9cfc1c81
Call getRequest() only once in Auth::authHttp()
...
refs #11151
2016-02-15 10:44:33 +01:00
4c97fb7d01
Don't request basic auth if auth scheme isn't basic
...
fixes #10506
2016-02-15 10:39:18 +01:00
32876ca8ae
LdapUserGroupBackend: respect config option group_filter
...
refs #11142
2016-02-11 15:49:28 +01:00
474803fee4
Change all license headers to only reflect a file's year of creation
...
refs #11000
2016-02-08 15:41:00 +01:00
7fd575080e
PHP7: Rename String to StringHelper
...
refs #10251
2016-01-27 16:46:55 +01:00
9968fb9011
Reload CSS after login because the user may have a different theme (WIP)
...
This is just a quick fix.
refs #10957
2016-01-18 12:56:02 +01:00
fc8873ec0a
Use getenv() instead of $_SERVER to get REMOTE_USER
...
refs #10488
2015-12-18 13:46:34 +01:00
Eric Lippmann
Alexander A. Klimov
Johannes Meyer
Michael Friedrich
Johannes Meyer
Rune Darrud
Eric Lippmann
Alexander A. Klimov
Markus Frosch