Commit Graph

345 Commits

Author SHA1 Message Date
Johannes Meyer 4b6849eea7 Repository: Introduce query column blacklists
We can no longer use $filterColumns to blacklist query columns so
there is now another set of column names required to achieve this.

refs #9029
2015-08-13 14:06:27 +02:00
Johannes Meyer 316a4d8b82 Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609 2015-07-30 16:16:04 +02:00
Eric Lippmann a234852f32 Merge branch 'feature/basic-auth-9660'
resolves #9660
2015-07-30 15:05:07 +02:00
Eric Lippmann feed927fd2 Let external auth win over session auth and session auth over http auth
refs #9660
2015-07-30 14:50:05 +02:00
Eric Lippmann 55ad2dd65f Don't fail if password contains a colon on basic auth
refs #9660
2015-07-30 13:59:47 +02:00
Eric Lippmann c594d6db33 Challenge client on invalid basic access auth credentials
refs #9660
2015-07-30 13:59:18 +02:00
Eric Lippmann 3aae37aff3 Don't redirect on external auth
refs #9660
2015-07-30 12:02:42 +02:00
Eric Lippmann 36ff2d8914 lib: Set User::$isHttpUser in Auth
refs #9660
2015-07-30 09:32:24 +02:00
Eric Lippmann cf8c680482 lib: Add basic access authentication (WIP)
refs #9660
2015-07-29 17:22:55 +02:00
Johannes Meyer fb7666e6bd LdapUserGroupBackend: Adjust usage of LdapCapabilities::hasAdOid()
Usage search ftw..
2015-07-29 16:26:39 +02:00
Eric Lippmann c3a057dbdb lib: Add AuthChain::setSkipExternalBackends() in favor of setIteratorMode()
There's only one mode.

refs #9660
2015-07-29 16:18:30 +02:00
Eric Lippmann 3ca85f9daa lib: Add Auth::getRequest()
Basic auth will require the request.

refs #9660
2015-07-29 15:56:45 +02:00
Eric Lippmann 96e3111f58 lib: Reorder functions in Auth
refs #9660
2015-07-29 15:52:56 +02:00
Eric Lippmann 37ef87b9ab lib: Fix PHPDoc in ExternalBackend
refs #9660
2015-07-29 15:46:40 +02:00
Eric Lippmann 1b5c5deace lib: Rename remote user to external user
We renamed our backend. Code now reflects this.

refs #9660
2015-07-29 15:44:32 +02:00
Johannes Meyer 3f7081296b Merge branch 'master' into bugfix/allow-to-configure-how-to-manage-groups-9609 2015-07-29 15:02:20 +02:00
Eric Lippmann ae4b7144cd lib: Implement Auth::getAuthChain()
Saves one use statement for auth chain usages.

refs #9660
2015-07-29 14:14:19 +02:00
Eric Lippmann 745e30259d lib: Implement AuthChain::authenticate()
Right now the LoginController has all the authentication which is kind of a mess. Further, the upcoming basic access authentication has to reuse this code.
Thus AuthChain::authenticate() is introduced to handle both cases.

refs #9660
2015-07-29 14:11:54 +02:00
Johannes Meyer 13edbf901d UserBackend: Implement interface ConfigAwareFactory
refs #9609
2015-07-29 13:44:26 +02:00
Johannes Meyer 83aafe8cda Allow to discover LDAP connections in the wizard as well
...
2015-07-29 09:26:53 +02:00
Eric Lippmann 4d44a0625c lib: Move UserBackendInterface::authenticate() to new interface Authenticatable
refs #9660
2015-07-29 09:25:14 +02:00
Eric Lippmann 2a4e614b5e Fix code style in AuthChain
refs #9660
2015-07-28 19:55:26 +02:00
Eric Lippmann 07849e0fea lib: Rename Authentication/Manager to Authentication/Auth
refs #9660
2015-07-28 17:08:55 +02:00
Matthias Jentsch c8d065b3e0 Accept DbUserBackends with only one single user
fixes #9739
2015-07-28 12:41:08 +02:00
Matthias Jentsch 5478027855 Bring back user count in ldap backend inspection
We already use count later in the wizard anyways.

refs #9630
2015-07-16 16:52:56 +02:00
Matthias Jentsch e357960d1e Add Inspection API to DB backend
refs #9641
2015-07-16 16:16:55 +02:00
Matthias Jentsch ffe672c252 Improve message texts and scalabillity
Always start uppercase and don't use count() function until we've got a more scalable implementation in the LdapConnection.

refs #9630
2015-07-16 13:51:26 +02:00
Matthias Jentsch 6b8e5da76d Move all assertion functions into the inspect functions
Reduce code duplication and add class Inspection

refs #9630
2015-07-16 12:21:11 +02:00
Matthias Jentsch 59c4f8d056 Use Inspection API in User Backend Form
refs #9630
2015-07-15 19:35:25 +02:00
Matthias Jentsch 3ddb8ca1bd Add abillity to discover AD version and vendor name to discovery
refs #9605
2015-07-14 18:32:44 +02:00
Johannes Meyer f5089dab1a DbUserGroupBackend: Use is_numeric() instead of is_int()
Using MySQL fetchColumn() returns integers for id fields, using MariaDB
though, fetchColumn() returns strings..

fixes #9572
2015-07-07 14:07:55 +02:00
Johannes Meyer 066b3d9e28 ApplicationConfigForm: Make preference options be global options
refs #8709
2015-07-01 15:41:45 +02:00
Johannes Meyer 3dddee8b7d Setup: Fix authentication backend validation
This is a ridiculous dirty fix. We'll definitely need to
improve how we create authentication backends...

fixes #9509
2015-06-25 14:36:51 +02:00
Johannes Meyer 3c47ef6826 Ldap\Exception: Rename to LdapException
refs #8954
2015-06-24 09:19:41 +02:00
Johannes Meyer 6d8c56a12f Ldap\Connection: Return false if nothing is found for fetchRow()
This should behave like DbConnection::fetchRow().

refs #8954
2015-06-23 10:49:51 +02:00
Johannes Meyer 15220da645 Automatically strip unnecessary parentheses from custom ldap filters
fixes #9348
2015-06-23 10:32:45 +02:00
Johannes Meyer 5688f0cb85 Allow to configure user group backends of type LDAP
refs #7343
2015-06-05 14:53:29 +02:00
Johannes Meyer cacd97fb46 LdapUserGroupBackend: Make default configuration providers public
I'd like to access these when preparing a config form.

refs #7343
2015-06-05 11:09:31 +02:00
Johannes Meyer 02d2ea682e LdapUserGroupBackend: Do not permit to link different directories
I cannot think of a valid usecase right now. In case someone got one,
revert this commit and make use of the backend itself and not only
its configuration.

refs #7343
2015-06-05 10:51:54 +02:00
Johannes Meyer 0ab192cd1f LdapUserGroupBackend: Allow to link a user backend
refs #7343
2015-06-05 10:41:47 +02:00
Johannes Meyer 127489ca20 UserBackend: Allow to only pass a backend's name 2015-06-05 10:40:47 +02:00
Johannes Meyer ee2462a6b2 LdapUserGroupBackend: Let the backend decide which defaults to use
refs #7343
2015-06-05 10:19:28 +02:00
Johannes Meyer 3fd0d99db2 LdapUserGroupBackend: Add support for custom query filters
refs #7343
2015-06-05 09:57:40 +02:00
Johannes Meyer 90d946f149 LdapUserGroupBackend: We need a datasource, actually
Forgot to add this when disabling LdapRepository inheritance...

refs #7343
2015-06-03 16:40:14 +02:00
Johannes Meyer d9eb8f9e8d LdapUserGroupBackend: Do not extend LdapRepository
Selecting groups works, but not memberships. Does not make sense
until both things work...

refs #7343
2015-06-03 16:33:22 +02:00
Johannes Meyer 89d992278b Introduce class LdapUserGroupBackend
refs #743
2015-06-03 16:27:50 +02:00
Johannes Meyer 86c63ec913 Introduce class LdapRepository
refs #7343
2015-06-03 15:28:07 +02:00
Johannes Meyer 96f5f8fd49 LdapUserBackend: Do not fetch a user's groups
refs #7343
2015-06-03 15:16:54 +02:00
Johannes Meyer e0c0e9c874 LdapUserBackend: Move function retrieveGeneralizedTime into its parent
refs #7343
2015-06-03 14:36:46 +02:00
Johannes Meyer cd0c418854 Merge branch 'master' into feature/user-and-group-management-8826 2015-06-02 10:44:13 +02:00
Johannes Meyer e936c76ca9 DbUserGroupBackend: Really clear memberships and parent relations...
...when removing a group.

refs #8826
2015-06-01 15:34:38 +02:00
Johannes Meyer 1385295e4e DbUserGroupBackend: Properly handle sequences of group names
refs #8826
2015-06-01 15:33:35 +02:00
Johannes Meyer 62fff94808 DbUserGroupBackend: Do not try to fetch a group id for null
refs #8826
2015-06-01 15:16:03 +02:00
Johannes Meyer beb5bd7370 Repository: Clone a filter implicitly in self::requireFilter($clone = true)
refs #8826
2015-06-01 15:03:08 +02:00
Johannes Meyer 601b720a03 LdapUserBackend: Fetch and interpret the correct attributes (OpenLDAP)
refs #8826
2015-06-01 14:05:44 +02:00
Johannes Meyer d1a5321d02 LdapUserBackend: Fetch and interpret the correct attributes (ActiveDirectory)
refs #8826
2015-06-01 12:23:16 +02:00
Johannes Meyer a88037f45d DbUserGroupBackend: Fetch and persist a group's id when it's name is given
refs #8826
2015-05-29 11:33:35 +02:00
Johannes Meyer bb285db05b Differentiate the source or destination of a column when converting values
refs #8826
2015-05-29 11:32:15 +02:00
Johannes Meyer 60ce78c958 DbUserGroupBackend: Adjust how to load the name of a group's parent
refs #8826
2015-05-29 08:57:49 +02:00
Johannes Meyer c94e6a3292 Db/IniUserGroupBackend: Drop column parent_name, it's not a name anymore
refs #8826
2015-05-29 08:56:58 +02:00
Johannes Meyer 32b99be8ab DbUserGroupBackend: Adjust to fit the new database schema
refs #8826
2015-05-28 15:22:15 +02:00
Alexander A. Klimov cba36ec017 Ignore the preferences' loadability during authentication
fixes #8956
2015-05-27 15:13:53 +02:00
Johannes Meyer 10b158a182 LdapUserBackend: Fix sorting when sorting by user_name
refs #8826
2015-05-21 13:53:27 +02:00
Johannes Meyer 4d79731646 DbUserBackend: Fix sorting when sorting by user_name
refs #8826
2015-05-21 13:53:18 +02:00
Johannes Meyer 9278d708d7 IniUserGroupBackend: Do not sort by parent when sorting by group_name
refs #8826
2015-05-21 13:51:24 +02:00
Johannes Meyer 6369643145 DbUserGroupBackend: Do not sort by parent when sorting by group_name
refs #8826
2015-05-21 13:51:15 +02:00
Johannes Meyer 0a387573f3 Logger: Fix substitution of exception messages 2015-05-13 10:46:34 +02:00
Johannes Meyer f93c2de6be UserGroupBackend: Disable default backend type `ini'
We're not going to support this until a proper membership implementation
exists (or is required at all).

refs #8826
2015-05-13 10:45:54 +02:00
Johannes Meyer 223ecab991 DbUserGroupBackend: Make it possible to handle memberships
refs #8826
2015-05-13 10:34:39 +02:00
Johannes Meyer 47dfcf5e1d DbUserGroupBackend: Do not use the repository abstraction internally
That's overhead which is not necessary.

refs #8826
2015-05-13 10:34:00 +02:00
Johannes Meyer 104c1c6bba DbUserBackend: Utilize Zend_Db_Select when fetching the password hash 2015-05-13 09:16:24 +02:00
Johannes Meyer 7d08dd2765 DbConnection: Adjust insert and update to support custom type definitions
This strips the custom insert and update implementataions in
DbUserBackend down so that it does not need to do such low level stuff...

refs #8826
2015-05-13 09:15:18 +02:00
Johannes Meyer 053c9cdcb3 Repository: Check whether a column is queried from the correct table
refs #8826
2015-05-12 15:38:29 +02:00
Johannes Meyer 44bbd93cbc DbUserBackend: Provide a custom insert and update implementation
As we're transmitting password hashes which may contain special chars
and the like, we need to utilize prepared statements with explicit types.

refs #8826
2015-05-11 16:00:24 +02:00
Matthias Jentsch 25f397042b Merge branch 'master' into feature/improve-multi-select-view-8565
Conflicts:
	modules/monitoring/application/controllers/HostsController.php
	modules/monitoring/application/controllers/ServicesController.php
	modules/monitoring/application/views/scripts/hosts/show.phtml
	modules/monitoring/application/views/scripts/list/hosts.phtml
	modules/monitoring/application/views/scripts/partials/host/objects-header.phtml
	modules/monitoring/application/views/scripts/partials/service/objects-header.phtml
	modules/monitoring/application/views/scripts/services/show.phtml
	modules/monitoring/public/css/module.less
	public/js/icinga/behavior/tooltip.js
2015-05-11 13:28:43 +02:00
Johannes Meyer b3957c556b DbUserGroupBackend: Properly utilize the insert and update capability
refs #8826
2015-05-11 13:28:01 +02:00
Johannes Meyer f1c82fc318 IniUserGroupBackend: Convert timestamps and arrays...
...to formatted datetime strings and comma separated strings respectively

refs #8826
2015-05-08 15:28:10 +02:00
Johannes Meyer 59ec11f047 IniUserGroupBackend: Extend IniRepository
We are now able to insert, update and delete user groups stored in INI files

refs #8826
2015-05-08 15:26:35 +02:00
Johannes Meyer 99be358714 Repository: Make it possible to initialize column properties lazily
refs #8826
2015-05-07 08:28:32 +02:00
Johannes Meyer 4d83b2f93d Authentication\Manager: Fix invalid class path in use statement
refs #8826
2015-05-06 12:18:57 +02:00
Johannes Meyer 4044e56a03 LdapUserBackend: Provide filter column `user'
refs #8826
2015-05-06 10:27:26 +02:00
Johannes Meyer 9c799dca22 IniUserGroupBackend: Automatically set section names on column `name'
refs #8826
2015-05-06 08:41:54 +02:00
Johannes Meyer 89029308ef IniUserGroupBackend: Extend Repository and implement UserGroupBackendInterface
Note that it was necessary to change the structure of ini files providing
the membership information. They need to be structured like our db
table rows now.

refs #8826
2015-05-05 15:24:18 +02:00
Johannes Meyer de68d78938 DbUserGroupBackend: Add case insensitive filter columns `group' and `parent'
refs #8826
2015-05-05 09:34:49 +02:00
Johannes Meyer 37e47f0d3f DbUserBackend: Add case insensitive filter column `user'
refs #8826
2015-05-05 09:34:23 +02:00
Johannes Meyer 58233b0072 DbUserGroupBackend: Extend DbRepository and implement UserGroupBackendInterface
refs #8826
2015-05-05 09:23:29 +02:00
Johannes Meyer b1454c199a Introduce interface UserGroupBackendInterface
refs #8826
2015-05-05 08:27:11 +02:00
Johannes Meyer 7b2fc1ba41 Make class UserGroupBackend being just a factory for user group backends
refs #8826
2015-05-05 08:26:38 +02:00
Johannes Meyer 842b043f7f LdapUserBackend: Use is_active as well as a default sort column
refs #8826
2015-05-04 15:56:13 +02:00
Johannes Meyer b86a0024c3 DbUserBackend: Use is_active as well as a default sort column
refs #8826
2015-05-04 15:55:36 +02:00
Johannes Meyer c441117324 LdapUserBackend: Extend Repository and implement UserBackendInterface
refs #8826
2015-05-04 12:18:25 +02:00
Johannes Meyer e74194c18e ExternalBackend: Implement UserBackendInterface
refs #8826
2015-05-04 12:15:50 +02:00
Johannes Meyer 99ac0b78ea DbUserBackend: Extend DbRepository and implement UserBackendInterface
refs #8826
2015-05-04 12:15:05 +02:00
Johannes Meyer 7b41fc020a AuthChain: Yield UserBackendInterface instead of UserBackend
refs #8826
2015-05-04 11:44:41 +02:00
Johannes Meyer 1824eb9c3b Make class UserBackend being just a factory for user backends
refs #8826
2015-05-04 11:43:53 +02:00
Johannes Meyer 68657c02ee Introduce interface Icinga\Authentication\User\UserBackendInterface
refs #8826
2015-05-04 11:40:17 +02:00
Johannes Meyer 7960e911a6 UserGroupBackend: Add support for custom backends to fetch user groups
refs #8826
refs #9122
2015-04-22 09:52:08 +02:00
Johannes Meyer a2cd5d63f1 UserBackend: Wrap config directives as part of errors in single quotes 2015-04-22 09:36:45 +02:00
Johannes Meyer a1d8ed6e8f UserBackend: Utilize ResourceFactory::create 2015-04-22 09:35:41 +02:00
Johannes Meyer c9dcddb134 UserGroupBackend: Add missing and fix existing method documentation 2015-04-22 09:35:06 +02:00