d8d0d88c95
Rename Capability::hasStartTLS to Capability::hasStartTls()
2015-03-13 00:29:00 +01:00
db08ccad4b
Fix encryption setting written to a LDAP reource's INI configuration
...
Use starttls for STARTTLS and ldaps for LDAPS.
2015-03-12 23:56:25 +01:00
86f3ce9133
Rename Ldap\Connetion::SSL to ::LDAPS
...
The SSL constant was used to denote LDAP over TLS/SSL. In fact both STARTTLS and LDAPS use encrypted TLS/SSL communication
w/ STARTTLS upgrading a plain text connection and LDAPS using a separate port. Thus speaking of SSL only for LDAPS and TLS only for STARTTLS
is not correct.
2015-03-12 23:56:08 +01:00
1b9ddaacac
Add PHPDoc to Ldap\Connection's encryption consts
2015-03-12 23:35:38 +01:00
17393a7b41
Remove unnecessary PHPDoc tags from Ldap\Connection
2015-03-12 23:30:04 +01:00
8295d6d9b0
Do not require the `connection' directive when creating a LDAP resource
2015-03-12 15:36:52 +01:00
5de5a65df0
Do not suppress errors when a LDAP capability query fails
2015-03-12 15:18:00 +01:00
1b440a4f1b
Make SSL/TLS configurable for LDAP resources
...
refs #7771
2015-03-12 15:17:19 +01:00
2cf09ebc48
Revert "LdapResourceForm: Validate the host field and do not require a port"
...
This reverts commit a34d6026b3#7990
2015-03-11 08:00:20 +01:00
a34d6026b3
LdapResourceForm: Validate the host field and do not require a port
...
fixes #7990
2015-03-10 15:03:48 +01:00
36d2d31035
Do not use page control unless explicitly announced
...
refs #8490
2015-02-27 17:10:55 +01:00
65821863fa
Don't crash on single ldap capability entries
...
refs #8490
2015-02-27 17:10:21 +01:00
e93a5f16d9
Move capability-related code of the ldap connection into a separate class
...
Achieve a better separation between the different concerns, more readable code and get rid of unused dead code.
2015-02-27 17:10:21 +01:00
bc950a855d
Surpress warnings when ldap page control is not available
2015-02-25 18:39:03 +01:00
d4dc0177c0
Sort LDAP user list
...
fixes #7693
2015-02-24 12:50:57 +01:00
b70cda77d4
Fail gracefully if the page control is not available
...
Execute the runPagedQuery without pagination instead of throwing an exception.
fixes #8490
2015-02-24 12:22:29 +01:00
b828f8b13a
Fix ldap authentication when authenticating against ActiveDirectory
...
Unlike OpenLDAP, ActiveDirectory does not seem to react on the size limit
passed to ldap_search() in global manner causing it to not to respond with
LDAP_SIZELIMIT_EXCEEDED (4) in case a requested page contains more
entries than the requested maximum.
fixes #7993
2015-02-06 16:37:35 +01:00
c49f723f05
Let Icinga\Protocol\Ldap\Exception inherit from IcingaException
2015-02-06 16:31:03 +01:00
6bae2e0a53
Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL
2015-02-04 10:52:27 +01:00
12497749fc
Do not log when using a limited query for a paged search operation
2015-02-04 10:51:49 +01:00
5f624e42fd
Fix minor mistakes in Ldap/Connection
...
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2015-02-04 09:44:17 +01:00
5b4fab0750
Add license header
...
This time without syntax errors hopefully :)
2015-02-03 16:27:59 +01:00
5fa2e3cfdc
Revert "Add license header"
...
This reverts commit 338d067aba
2015-02-03 16:16:26 +01:00
338d067aba
Add license header
...
fixes #7788
2015-02-03 15:51:04 +01:00
7989b48248
Fix ldap auth when the userNameAttribute holds multiple values
...
fixes #8246
2015-02-03 10:15:54 +01:00
3e128732b8
Apply a limit to results fetched via Ldap\Connection::fetchRow()
...
fixes #7993
2015-01-29 17:29:11 +01:00
6e533f223e
Log warnings emitted by ldap_control_paged_result_response() as debug
...
Such a warning is emitted as well in case it's not critical. That is passing
an alternative overall result limit using ldap_search() to the server causes
it being applied across pages so ldap_control_paged_result_response()
does not indicate the "end" of the resultset just by adjusting the cookie
but by emitting the warning as well.
2015-01-29 17:12:59 +01:00
9ff0bbcfc0
Fix that Icinga\Protocol\Ldap\Connection does not correctly apply limits
2015-01-29 17:07:58 +01:00
97cc37b99c
Move php version check from ...\Ldap\Query to ...\Ldap\Connection
...
refs #8261
refs #6176
2015-01-29 15:59:03 +01:00
2a115e71d4
Add support for paged LDAP search results
...
fixes #8261
refs #6176
2015-01-29 15:53:15 +01:00
c288a68ed5
Merge branch 'master' into bugfix/drop-zend-config-7147
...
Conflicts:
application/forms/LdapDiscoveryForm.php
2014-11-18 13:21:18 +01:00
7621f6642d
Adjust usages of Icinga\Application\Config
...
refs #7147
2014-11-18 13:11:52 +01:00
5f8fcf4005
Fix Ldap server discovery
...
Add a new connection member that stores whether settings were guessed or product of a discovery, move discovery methods into seperate class.
fixes #7691
2014-11-18 09:45:54 +01:00
124f64ad89
Merge branch 'master' into bugfix/drop-zend-config-7147
2014-11-07 14:07:15 +01:00
7b99b74ae1
Prefer Icinga\Application\Config instead of Zend_Config
...
refs #7147
2014-11-07 13:53:03 +01:00
54eda31633
Allow connect to hosts with no anonymous access
...
Do not throw exceptions on failed ldap connects during capability discovery
fixes #7325
2014-11-06 17:04:56 +01:00
16352fc10c
Move Logger to the Application namespace
...
fixes #7148
2014-10-31 10:27:17 +01:00
ee6145a173
Ldap/Query: Remove __toString()
...
This is needed because of exception handling. Exceptions can now bubble
up for default handling. Method render() was renamed to create() because
the method create a query. Adjust the test for method create().
refs #5536
2014-09-02 10:17:01 +02:00
7ff51caed0
Remove leading backslashes from the targets of use statements
...
- use \Exception;
+ use Exception;
2014-08-27 15:51:49 +02:00
1dea19504f
Revert "Remove leading backslashes from the targets of use statements"
...
This reverts commit 87a5967501
2014-08-27 12:24:11 +02:00
87a5967501
Remove leading backslashes from the targets of use statements
...
- use \Exception;
+ use Exception;
2014-08-27 11:16:44 +02:00
3105c2059e
Remove license headers from all files
...
refs #6309
2014-07-15 13:43:52 +02:00
c18b6f26f0
Throw Ldap\Exception when something goes wrong in a Ldap connection
2014-06-25 12:41:17 +02:00
77a9dd1e6e
Throw exception on fetchDN, when no row exists
...
Instead of fetchDN, authentication now uses hasUser to check if the user
exists before querying the password, to prevent the exception from messing
up the whole authentication process
2014-06-23 14:02:45 +02:00
521cc0cac4
Refactor Ldap and Dns utility functions and conform to coding guidelines
...
refs #6507
2014-06-18 14:38:44 +02:00
bca166c644
Do not throw an exception when the username does not exist
...
refs #6457
2014-06-11 15:08:05 +02:00
305a025e7a
Detect ldap default naming context
...
Read the entries in the RootDTS of the given ldap server, to discover
its default naming context and capabilities
refs #6097
refs #6096
2014-06-06 18:18:58 +02:00
efe67377a8
Move dns discovery functions into separate class
...
Add functions to lookup and reverse-lookup domain names and move the ldap
discovery function into a separate class
refs #6093
2014-06-06 17:49:55 +02:00
953d22244a
Add host discovery to authentication page
...
Find all domains for a given hostname.
refs #6093
Conflicts:
application/forms/Install/AuthenticationPage.php
2014-06-06 17:49:55 +02:00
aed6d74ecd
Add recursive delete support to LDAP Connection
2014-03-20 15:46:10 +00:00
Eric Lippmann
Johannes Meyer
Matthias Jentsch
Marcus Cobden
Marius Hein
Alexander Klimov
Thomas Gelf