mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
14,150 Commits 47 Branches 151 Tags
f1b50737bbfed138063b5e8f9e9a31d88fc14a8b
Commit Graph

52 Commits

Author SHA1 Message Date
Neil Lathwood f97b0b87a3 refactor: Updated ldap auth to allow configurable uidnumber field (#7302) 2017-09-08 12:04:59 -05:00
Tony Murray 20b08cf595 refactor: finish logic and definition separation (#6883) 
Clean up rewrites to only have function definitions
Move authentication initialization into a function
 2017-07-03 15:38:58 -05:00
Tony Murray 683a10e723 fix: Improve authentication load time and security (#6615) 
* fix: minimize session open time
page/graphs speedup part 2

Write close the session as soon as we no longer need to write to it. Prevents the session from blocking other requests.
Do not run through full authentication functions if the session is already authenticated.
Removes password from the session as well as some items to prevent session fixation from #4608.

WARNING: This will cause issues for ad/ldap users who do not have a bind user configured!

* Do no erase username when using cookie auth.
Properly close the session in ajax_setresolution.php

* write close the session as soon as possible in ajax_setresolution.php

* Remove session regeneration. It is not compatible with the current code and would require more changes.

* Totally refactor authentication.  Extract code to functions for re-use and improved readability

* Use exceptions for authentication and error logging
Tested: mysql, ad_auth with and without bind user

* fix a couple scrutinizer issues

* fix reauthenticate in radius
 2017-05-15 22:18:23 -05:00
Joachim Tingvold 505e6516b0 fix: Fixed setting userlevel for LDAP auth #5090 2016-12-01 19:50:08 +00:00
jonathon-k ba9672b986 fix: Prevent accidental anonymous binds (#4784) 
* Prevent ldap and Active Directory authentication from allowing anonymous binds

* fix style
 2016-10-13 10:19:36 -05:00
Neil Lathwood a8efda8f30 Revert "Updated to remove passwords from sessions" (#4422) 2016-09-13 09:10:42 -05:00
Neil Lathwood deb4b74bc9 webui: remove passwords from sessions, 'remember me' works for all auth types (#4134) 
* Updated to remove passwords from sessions

* Remove users sessions when user deleted

* Updated when cookies are set

* Updated setcookies to always contain a value

* Added destroy_cookies() to remove users cookies on failed login

* Removed debug line

* Fixed graph issues
 2016-09-12 21:41:19 -05:00
Neil Lathwood 9e85f24b00 fix: Make irc bot to use authentication module for user info (#4372) 2016-09-12 11:24:22 -05:00
Tony Murray 8c639aa5a4 PSR2 Cleanup: /html edition 
Travis tests for code conformance. Ignore warnings for now.
Fixed all errors, left most warnings.
 2016-08-18 21:29:30 -05:00
Tony Murray bf471698ef Change the rest of the $ds variables to $ldap_connection 2016-06-03 22:16:10 -05:00
Tony Murray 9b0bd4c15a Rename $ds to $ldap_connection 
$ds is a global variable, there are many name collisions in the code.  Rename it to avoid the collisions.
 2016-06-03 10:56:42 -05:00
Ultra2D 322053c827 API access when using LDAP authentication 2016-03-07 14:07:51 +01:00
Mike Rostermund 5369112d48 Fix some scrutinizer coding style issues 2015-08-04 18:36:03 +02:00
root 0a88c386b0 Add 'puredn' ldap authentication 2015-07-21 20:56:48 +03:00
Job Snijders d8693f05ae Fix coding style part 2 2015-07-15 11:04:22 +02:00
Ultra2D 6f299a9679 Merge remote-tracking branch 'upstream/master' into issue-714 
Conflicts:
	html/includes/authentication/ldap.inc.php
 2015-04-08 08:43:24 +02:00
Tyler Christiansen 1663b743db remove array_push is inefficient and we dont care about its return value 2015-04-07 14:03:30 -07:00
Tyler Christiansen d4f472e9cb stop ldap_compare() from running against ldap_comparison, which would result in an error 2015-04-07 13:58:31 -07:00
Tyler Christiansen b41605a13a clean up code and add more detection 2015-04-07 12:30:02 -07:00
Tyler Christiansen cb5a62087e make code more backward-compatible 2015-04-07 12:21:52 -07:00
Tyler Christiansen 2e233e0d5c add global config, fix get_userlist 2015-04-07 12:10:55 -07:00
Tyler Christiansen 00f77f8bdf add feature to loop all groups for auth 2015-04-07 11:48:29 -07:00
Ultra2D 3eaaac4ce4 Add email address for LDAP users. 2015-04-07 09:52:21 +02:00
Ultra2D 0ab454fefc Add support for LDAP directories using member in stead of memberUid and dn in stead of username for group members. 
Used the same variables as Observium, see http://www.observium.org/wiki/Authentication_modules#OpenLDAP
 2015-04-01 16:10:50 +02:00
Neil Lathwood a4d3c8709d Fixed the scrut coding style issues 2015-02-22 16:45:40 +00:00
laf dc9c4308e8 Update ldap.inc.php 2014-03-29 11:38:04 +00:00
laf dff43f78f2 Update ldap.inc.php 2014-03-14 00:46:44 +00:00
laf 8cf255072c Updated edit user screen so you can now update details 2014-03-10 23:50:16 +00:00
laf 005504ae6d Updated session / cookie support 2014-02-03 22:39:37 +00:00
Adam Amstrong b273e04241 /// -> // 
git-svn-id: http://www.observium.org/svn/observer/trunk@3240 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-05-25 12:24:34 +00:00
Adam Amstrong cacf913a55 # -> / for phpdoc 
git-svn-id: http://www.observium.org/svn/observer/trunk@3239 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-05-25 11:29:53 +00:00
Tom Laermans 08d09b71ae don't show ldap error when empty form is submitted 
git-svn-id: http://www.observium.org/svn/observer/trunk@3067 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-04-20 13:34:52 +00:00
Tom Laermans 764cb72cd5 fixes and cleanups 
git-svn-id: http://www.observium.org/svn/observer/trunk@3018 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-04-10 15:53:10 +00:00
Adam Amstrong ee1517e38b ldap tls support 
git-svn-id: http://www.observium.org/svn/observer/trunk@2880 61d68cd4-352d-0410-923a-c4978735b2b8
 2012-02-27 23:36:19 +00:00
Tom Laermans 6b8cba3d24 syntaxer run 
git-svn-id: http://www.observium.org/svn/observer/trunk@2580 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-26 16:06:18 +00:00
Tom Laermans ff895f96a0 add get_userlist function, pull from LDAP in case of LDAP backend -- now awaiting fix of edituser page 
git-svn-id: http://www.observium.org/svn/observer/trunk@2545 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-22 16:46:30 +00:00
Tom Laermans f1ce87d34d syntaxer run 
git-svn-id: http://www.observium.org/svn/observer/trunk@2542 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-22 15:05:11 +00:00
Tom Laermans 838617100c get ldap userlevel and user id from ldap now, configure the ldap groups levels in the config file; please note if you assigned rights to certain users they might have vanished as the userid is now the uidnumber from ldap 
git-svn-id: http://www.observium.org/svn/observer/trunk@2539 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-21 22:04:05 +00:00
Tom Laermans b862c91618 fix ldap auth plugin, broke a lot of userlevel stuff a long time ago due to mysql layer changes 
git-svn-id: http://www.observium.org/svn/observer/trunk@2482 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-09-16 10:08:05 +00:00
Adam Amstrong 6bcc4f4e48 fix some stuff, break some stuff (ports disaply is missing some stuff atm) 
git-svn-id: http://www.observium.org/svn/observer/trunk@2290 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-05-12 22:14:56 +00:00
Tom Laermans f55a30f744 some formatting cleanups, introduce some more FIXMEs to look at, plus replace mysql_fetch_array by mysql_fetch_assoc, for great justice 
git-svn-id: http://www.observium.org/svn/observer/trunk@2029 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-04-06 13:54:50 +00:00
Tom Laermans 2be7bfe497 r1984: BIG BROTHER RELEASE // Move user deletion code into authentication module 
git-svn-id: http://www.observium.org/svn/observer/trunk@1984 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-03-28 10:48:43 +00:00
Tom Laermans c6428480bc remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) 
git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8
 2011-03-12 08:50:47 +00:00
Tom Laermans 30bdd952ee Minor fixes, some cleanups, and standardising on echo("x") instead of echo "x" 
git-svn-id: http://www.observium.org/svn/observer/trunk@1728 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-11-20 14:04:07 +00:00
Tom Laermans f5c7d989f6 Add support for Ingrasys iPoMan 1201 + minor fixes 
git-svn-id: http://www.observium.org/svn/observer/trunk@1726 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-11-19 22:46:24 +00:00
Tom Laermans c0620baddc more working less sucking 
git-svn-id: http://www.observium.org/svn/observer/trunk@994 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:22:09 +00:00
Tom Laermans 1900cbb309 can has working pages? NO CAN HAS :( 
git-svn-id: http://www.observium.org/svn/observer/trunk@993 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:19:06 +00:00
Tom Laermans 71bcc3abe4 userlevel via authmodule 
git-svn-id: http://www.observium.org/svn/observer/trunk@992 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:15:52 +00:00
Tom Laermans eed5f0c3c3 MOAR AUTHMODULE, with some parts left to do... 
git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 01:10:05 +00:00
Tom Laermans cb7c59505f change password option in the auth modules, not used in the webinterface yet 
git-svn-id: http://www.observium.org/svn/observer/trunk@990 61d68cd4-352d-0410-923a-c4978735b2b8
 2010-03-06 00:00:05 +00:00