mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
13,845 Commits 47 Branches 151 Tags
20b08cf595925a64a62c358f0c94128ea0933ad4
Commit Graph

51 Commits

Author SHA1 Message Date
Tony Murray
20b08cf595 refactor: finish logic and definition separation (#6883) 
Clean up rewrites to only have function definitions
Move authentication initialization into a function
 2017-07-03 15:38:58 -05:00
Tony Murray
683a10e723 fix: Improve authentication load time and security (#6615) 
* fix: minimize session open time
page/graphs speedup part 2

Write close the session as soon as we no longer need to write to it. Prevents the session from blocking other requests.
Do not run through full authentication functions if the session is already authenticated.
Removes password from the session as well as some items to prevent session fixation from #4608.

WARNING: This will cause issues for ad/ldap users who do not have a bind user configured!

* Do no erase username when using cookie auth.
Properly close the session in ajax_setresolution.php

* write close the session as soon as possible in ajax_setresolution.php

* Remove session regeneration. It is not compatible with the current code and would require more changes.

* Totally refactor authentication.  Extract code to functions for re-use and improved readability

* Use exceptions for authentication and error logging
Tested: mysql, ad_auth with and without bind user

* fix a couple scrutinizer issues

* fix reauthenticate in radius
 2017-05-15 22:18:23 -05:00
Joachim Tingvold
505e6516b0 fix: Fixed setting userlevel for LDAP auth #5090 2016-12-01 19:50:08 +00:00
jonathon-k
ba9672b986 fix: Prevent accidental anonymous binds (#4784) 
* Prevent ldap and Active Directory authentication from allowing anonymous binds

* fix style
 2016-10-13 10:19:36 -05:00
Neil Lathwood
a8efda8f30 Revert "Updated to remove passwords from sessions" (#4422) 2016-09-13 09:10:42 -05:00
Neil Lathwood
deb4b74bc9 webui: remove passwords from sessions, 'remember me' works for all auth types (#4134) 
* Updated to remove passwords from sessions

* Remove users sessions when user deleted

* Updated when cookies are set

* Updated setcookies to always contain a value

* Added destroy_cookies() to remove users cookies on failed login

* Removed debug line

* Fixed graph issues
 2016-09-12 21:41:19 -05:00
Neil Lathwood
9e85f24b00 fix: Make irc bot to use authentication module for user info (#4372) 2016-09-12 11:24:22 -05:00
Tony Murray
8c639aa5a4 PSR2 Cleanup: /html edition 
Travis tests for code conformance. Ignore warnings for now.
Fixed all errors, left most warnings.
 2016-08-18 21:29:30 -05:00
Tony Murray
bf471698ef Change the rest of the $ds variables to $ldap_connection 2016-06-03 22:16:10 -05:00
Tony Murray
9b0bd4c15a Rename $ds to $ldap_connection 
$ds is a global variable, there are many name collisions in the code.  Rename it to avoid the collisions.
 2016-06-03 10:56:42 -05:00
Ultra2D
322053c827 API access when using LDAP authentication 2016-03-07 14:07:51 +01:00
Mike Rostermund
5369112d48 Fix some scrutinizer coding style issues 2015-08-04 18:36:03 +02:00
root
0a88c386b0 Add 'puredn' ldap authentication 2015-07-21 20:56:48 +03:00
Job Snijders
d8693f05ae Fix coding style part 2 2015-07-15 11:04:22 +02:00
Ultra2D
6f299a9679 Merge remote-tracking branch 'upstream/master' into issue-714 
Conflicts:
	html/includes/authentication/ldap.inc.php
 2015-04-08 08:43:24 +02:00
Tyler Christiansen
1663b743db remove array_push is inefficient and we dont care about its return value 2015-04-07 14:03:30 -07:00
Tyler Christiansen
d4f472e9cb stop ldap_compare() from running against ldap_comparison, which would result in an error 2015-04-07 13:58:31 -07:00
Tyler Christiansen
b41605a13a clean up code and add more detection 2015-04-07 12:30:02 -07:00
Tyler Christiansen
cb5a62087e make code more backward-compatible 2015-04-07 12:21:52 -07:00
Tyler Christiansen
2e233e0d5c add global config, fix get_userlist 2015-04-07 12:10:55 -07:00
Tyler Christiansen
00f77f8bdf add feature to loop all groups for auth 2015-04-07 11:48:29 -07:00
Ultra2D
3eaaac4ce4 Add email address for LDAP users. 2015-04-07 09:52:21 +02:00
Ultra2D
0ab454fefc Add support for LDAP directories using member in stead of memberUid and dn in stead of username for group members. 
Used the same variables as Observium, see http://www.observium.org/wiki/Authentication_modules#OpenLDAP
 2015-04-01 16:10:50 +02:00
Neil Lathwood
a4d3c8709d Fixed the scrut coding style issues 2015-02-22 16:45:40 +00:00
laf
dc9c4308e8 Update ldap.inc.php 2014-03-29 11:38:04 +00:00
laf
dff43f78f2 Update ldap.inc.php 2014-03-14 00:46:44 +00:00
laf
8cf255072c Updated edit user screen so you can now update details 2014-03-10 23:50:16 +00:00
laf
005504ae6d Updated session / cookie support 2014-02-03 22:39:37 +00:00
Adam Amstrong
b273e04241 /// -> // 
git-svn-id: http://www.observium.org/svn/observer/trunk@3240 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-05-25 12:24:34 +00:00
Adam Amstrong
cacf913a55 # -> / for phpdoc 
git-svn-id: http://www.observium.org/svn/observer/trunk@3239 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-05-25 11:29:53 +00:00
Tom Laermans
08d09b71ae don't show ldap error when empty form is submitted 
git-svn-id: http://www.observium.org/svn/observer/trunk@3067 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-04-20 13:34:52 +00:00
Tom Laermans
764cb72cd5 fixes and cleanups 
git-svn-id: http://www.observium.org/svn/observer/trunk@3018 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-04-10 15:53:10 +00:00
Adam Amstrong
ee1517e38b ldap tls support 
git-svn-id: http://www.observium.org/svn/observer/trunk@2880 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-02-27 23:36:19 +00:00
Tom Laermans
6b8cba3d24 syntaxer run 
git-svn-id: http://www.observium.org/svn/observer/trunk@2580 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-26 16:06:18 +00:00
Tom Laermans
ff895f96a0 add get_userlist function, pull from LDAP in case of LDAP backend -- now awaiting fix of edituser page 
git-svn-id: http://www.observium.org/svn/observer/trunk@2545 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-22 16:46:30 +00:00
Tom Laermans
f1ce87d34d syntaxer run 
git-svn-id: http://www.observium.org/svn/observer/trunk@2542 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-22 15:05:11 +00:00
Tom Laermans
838617100c get ldap userlevel and user id from ldap now, configure the ldap groups levels in the config file; please note if you assigned rights to certain users they might have vanished as the userid is now the uidnumber from ldap 
git-svn-id: http://www.observium.org/svn/observer/trunk@2539 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-21 22:04:05 +00:00
Tom Laermans
b862c91618 fix ldap auth plugin, broke a lot of userlevel stuff a long time ago due to mysql layer changes 
git-svn-id: http://www.observium.org/svn/observer/trunk@2482 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-16 10:08:05 +00:00
Adam Amstrong
6bcc4f4e48 fix some stuff, break some stuff (ports disaply is missing some stuff atm) 
git-svn-id: http://www.observium.org/svn/observer/trunk@2290 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-05-12 22:14:56 +00:00
Tom Laermans
f55a30f744 some formatting cleanups, introduce some more FIXMEs to look at, plus replace mysql_fetch_array by mysql_fetch_assoc, for great justice 
git-svn-id: http://www.observium.org/svn/observer/trunk@2029 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-04-06 13:54:50 +00:00
Tom Laermans
2be7bfe497 r1984: BIG BROTHER RELEASE // Move user deletion code into authentication module 
git-svn-id: http://www.observium.org/svn/observer/trunk@1984 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-03-28 10:48:43 +00:00
Tom Laermans
c6428480bc remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) 
git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-03-12 08:50:47 +00:00
Tom Laermans
30bdd952ee Minor fixes, some cleanups, and standardising on echo("x") instead of echo "x" 
git-svn-id: http://www.observium.org/svn/observer/trunk@1728 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-11-20 14:04:07 +00:00
Tom Laermans
f5c7d989f6 Add support for Ingrasys iPoMan 1201 + minor fixes 
git-svn-id: http://www.observium.org/svn/observer/trunk@1726 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-11-19 22:46:24 +00:00
Tom Laermans
c0620baddc more working less sucking 
git-svn-id: http://www.observium.org/svn/observer/trunk@994 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:22:09 +00:00
Tom Laermans
1900cbb309 can has working pages? NO CAN HAS :( 
git-svn-id: http://www.observium.org/svn/observer/trunk@993 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:19:06 +00:00
Tom Laermans
71bcc3abe4 userlevel via authmodule 
git-svn-id: http://www.observium.org/svn/observer/trunk@992 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:15:52 +00:00
Tom Laermans
eed5f0c3c3 MOAR AUTHMODULE, with some parts left to do... 
git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:10:05 +00:00
Tom Laermans
cb7c59505f change password option in the auth modules, not used in the webinterface yet 
git-svn-id: http://www.observium.org/svn/observer/trunk@990 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 00:00:05 +00:00
Tom Laermans
5c15e4ec95 allow specifying LDAP version 2 or 3 in the config 
git-svn-id: http://www.observium.org/svn/observer/trunk@978 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-01 01:23:37 +00:00