IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • a53c4f107f Add a per-user re-configuration script rename browsersetup.sh to globalsetup.sh rcritten@redhat.com 2007-09-24 15:50:38 -04:00
  • cf29177901 First crack at automated browser configuration. Requires running a script to set things up on the client machine. rcritten@redhat.com 2007-09-24 15:26:35 -04:00
  • 337f0cf853 Install the error web pages rcritten@redhat.com 2007-09-24 15:25:44 -04:00
  • e606ad5606 Show (hopefully) useful information if the Kerberos connection fails. rcritten@redhat.com 2007-09-24 15:20:34 -04:00
  • a1196902aa Print the request environment for debugging purposes. rcritten@redhat.com 2007-09-24 15:24:44 -04:00
  • 2fec56d679 Enable LDAP debugging using the mod_python Apache configuration directive PythonOption IPADebug On/Off rcritten@redhat.com 2007-09-21 14:39:52 -04:00
  • 7b96973711 Give ipa-adduser, ipa-addgroup and ipa-usermod an interactive mode Add ipa-passwd tool Add simple field validation package This patch adds a package requirement, python-krbV. This is needed to determine the current user based on their kerberos ticket. rcritten@redhat.com 2007-09-21 10:24:36 -04:00
  • 919d037189 Add a failed login page. In theory it should never been seen but it makes things nicer Remove the login page Remove the login link from master.kid rcritten@redhat.com 2007-09-21 10:58:40 -04:00
  • e41bb1d6fe Don't fall back on proxy authentication. We don't generate the certificates anymore and that failure just causes more confusion. rcritten@redhat.com 2007-09-24 15:23:50 -04:00
  • 2035297e22 Add a missing exception catcher rcritten@redhat.com 2007-09-24 15:22:17 -04:00
  • 5cdfc5bd3b Add set_krbccache() calls to new controller methods. Small fix to proxyprovider for anonymous case. Kevin McCarthy 2007-09-20 14:53:23 -07:00
  • 370500ab1a Remove support for LDAP proxy connections rcritten@redhat.com 2007-09-20 09:01:23 -04:00
  • e16e215cdd Merge with upstream Simo Sorce 2007-09-20 17:11:01 -04:00
  • fbfefe6b0e Merge conflicts between rob and kevin patches Simo Sorce 2007-09-20 16:58:54 -04:00
  • 3fd4b9ba2c Initial support for confiuguring a DNS Server during installation. It's not perfect yet but good enough to include it. Simo Sorce 2007-09-20 15:10:21 -04:00
  • 4e79c37c60 Add password changing call to web gui. Kevin McCarthy 2007-09-19 15:59:01 -07:00
  • 036cf58042 Handle add/remove failures a little bit better. Still some refinements that can be done, but at least it shows the failures now. Kevin McCarthy 2007-09-19 13:43:52 -07:00
  • f17071533a Implement asynchronous search for groups. Use the filter generation code to search on multiple fields. Kevin McCarthy 2007-09-19 08:42:34 -07:00
  • 6b3d1e85da Add client-side search limit parameter for user search. Limit editgroup user ajax search. Minor UI cleanup for editgroup. Kevin McCarthy 2007-09-18 14:58:30 -07:00
  • c4998d3902 Fixes to the edit protected checkbox. - Make checkbox sticky on round trips - Make required fields validate when checkbox is checked. Kevin McCarthy 2007-09-18 10:54:53 -07:00
  • 8190404706 Prevent members from being added added twice. Display search message while in progress. Correctly calculate number of search results after filtering. Kevin McCarthy 2007-09-17 15:24:11 -07:00
  • cc1585daff Persist adds and removes on a server round trip. Kevin McCarthy 2007-09-17 11:46:48 -07:00
  • 65e4d27e99 patch queue: groupmember.patch Kevin McCarthy 2007-09-14 15:20:09 -07:00
  • b85668579e Use ticket forwarding with TurboGears. mod_proxy forwards the principal name and location of the keytab. In order for this keytab to be usable TurboGears and Apache will need to run as the same user. We will also need to listen only on localhost in TG. rcritten@redhat.com 2007-09-14 17:19:02 -04:00
  • a809d44429 Adding sort images. Kevin McCarthy 2007-09-13 10:40:50 -07:00
  • 7633abb9e4 Better we do not fiddle with /etc/hosts, make sure to abort and let the admin fix it. Simo Sorce 2007-09-13 12:10:55 -04:00
  • 0e355a734f Group edit page Kevin McCarthy 2007-09-12 10:40:31 -07:00
  • c4ab64cabc Add group screen. More to come... Kevin McCarthy 2007-09-11 14:51:51 -07:00
  • b4297caa8b Small fixes to proxyprovider. Kevin McCarthy 2007-09-11 14:45:53 -07:00
  • 5ef768484a Adds javascript table sorting for user results Adds tablekit: http://www.millstream.com.au/view/code/tablekit/ licensed under MIT. Kevin McCarthy 2007-09-13 10:26:35 -07:00
  • ed6ab17c9c Add function to allow user's to set/reset their kerberos password Remove some unused calls to retrieve the current realm rcritten@redhat.com 2007-09-11 02:48:53 -04:00
  • 2ca655980b Better way to ask for the Realm name, with implicit default Simo Sorce 2007-09-12 18:58:56 -04:00
  • 533044903d Add confirmation when asking un-echoed passwords Simo Sorce 2007-09-12 13:20:57 -04:00
  • fd61df06c5 Avoid showing passwords. Patch from William Jon McCann <mccann@jhu.edu> Simo Sorce 2007-09-12 11:55:19 -04:00
  • 5898ae527a In the TCP case there is an extra (redundant) lenght field before the packet data, address the problem. Simo Sorce 2007-09-12 11:51:16 -04:00
  • 182fbe3094 Enable mod_proxy to sit in front of TurboGears and pass along the kerberos principal name Add an identity an visit class to TurboGears that can handle the user without requiring a database Update the UI to show the user correctly. Note that this is currently disabled. It is hardcoded to always return the principal test@FREEIPA.ORG in proxyprovider.py It doesn't handle an unauthorized request because that can never happen. rcritten 2007-09-10 16:33:01 -04:00
  • 37d10e0c51 Edit protected fields checkbox on user edit page. (Password updating still doesn't work due to ACI though) Kevin McCarthy 2007-09-10 10:02:33 -07:00
  • ab0f69891d Overwrite ldappwd file to fix bug when reinstalling IPA. Karl MacMillan 2007-09-11 14:24:47 -04:00
  • d0c856d547 Reset version numbers for next milestone. Karl MacMillan 2007-09-10 10:05:28 -04:00
  • b690ccd795 Added tag milestone_3 for changeset d3a37950495c Karl MacMillan 2007-09-10 10:03:14 -04:00
  • d15ad0f26a Update version numbers for release. Karl MacMillan 2007-09-10 09:43:56 -04:00
  • 903e11631c Fix duplicate entry error to be more descriptive. Add TurboGears to required package list Clear password on Edit Person page. Change uidnumber/gidnumber on Add Person to say 'Generated by server' Kevin McCarthy 2007-09-07 16:53:34 -07:00
  • 9bb9dbae42 Add required packages to README Kevin McCarthy 2007-09-07 15:18:51 -07:00
  • e7cb308e06 Reference the interactive method by default Simo Sorce 2007-09-07 16:38:30 -04:00
  • 873bbbd2de Merging with upstream Simo Sorce 2007-09-07 14:26:26 -04:00
  • 2377e8bcb0 Add group command-line tools to the Makefile Updated installation instructions rcritten@redhat.com 2007-09-07 17:49:44 -04:00
  • 78bcc22c40 small release fixes: - Make password not required for add person - Fix for searching on '*' or '' Kevin McCarthy 2007-09-07 11:07:59 -07:00
  • 566018f4d4 Better file parsing routines, also switch to recreate ldap.conf and krb5.conf from scratch on clients, avoid nasty failures in case the original files contained strange directives Simo Sorce 2007-09-06 17:57:54 -04:00
  • c821699b64 Password changes: - remove password generator button - add confirm password field Kevin McCarthy 2007-09-06 14:28:21 -07:00
  • 450e2661d5 Better file parsing routines, also switch to recreate ldap.conf and krb5.conf from scratch on clients, avoid nasty failures in case the original files contained strange directives Simo Sorce 2007-09-06 17:57:54 -04:00
  • 438b548f19 Correct installation path for dna plugin. Karl MacMillan 2007-09-07 13:34:29 -04:00
  • 2adeed3029 Add search box in header. Change account status to use select list and 'active'/'inactive' values. Improve autosuggest to keep suggesting unless you overwrite a suggestion (if you correct the name, it will re-suggest). Kevin McCarthy 2007-09-06 11:09:12 -07:00
  • 268dd829df Added dna plugin to spec. Karl MacMillan 2007-09-07 13:30:22 -04:00
  • 4e242b5dc1 Small UI tweeks - Rename buttons - Add fake "logged in as" text - Increase font size and spacing for sidebar - Fix search messages for no results - Open ipa footer link in new window Kevin McCarthy 2007-09-05 16:59:55 -07:00
  • d036eb0ac9 Add password expiration messages to user show/edit pages. Add userhelper module to provide ui logic. Fix uid/email suggest to lowercase first. Kevin McCarthy 2007-09-05 15:54:04 -07:00
  • 945713ca30 Fix dsinstance.py and krbinstance.py imports Kevin McCarthy 2007-09-06 16:21:07 -07:00
  • 9b30f46744 Enable LDAP SASL authentication using a forwarded kerberos ticket Handle both SASL auth and proxied authentication Refactor LDAP connection code to be simpler Other small bug fixes rcritten@redhat.com 2007-09-05 13:14:23 -04:00
  • 82943c31de Initial commit of dna plugin - origin: FDS with fix ups Pete Rowley 2007-09-04 15:39:53 -07:00
  • 3afd023c3a Generalized Time parser and tests, for use in krbPasswordExpiration Kevin McCarthy 2007-09-04 13:44:59 -07:00
  • 584baa7ee2 merge ipa-server/ipaserver/util.py into ipa-python/ipautil.py this way freeipa-client does not depend on freeipa-server Simo Sorce 2007-09-04 16:13:15 -04:00
  • 48e70a4bf0 Merge with upstream Simo Sorce 2007-09-04 15:40:24 -04:00
  • abeda55e34 Add password request for admin user Set password for admin user using the Directory Mangaer account and the mozldapldappaswd binary to get and SSL connection Fix some timeout problems with deploying keytabs Fix ipa_pwd_extop to actuallt correctly detect an SSL connection Do not ask for the user to use for the directory unless 'dirsrv' is an existing user which may clash, create it silently Simo Sorce 2007-08-31 18:40:01 -04:00
  • 7a0629ea55 More DIT fixes discovered after testing Simo Sorce 2007-08-31 18:36:54 -04:00
  • 00e299467c Add account deactivation checkbox. Fix genModList to lowercase all keys and use CIDict. Kevin McCarthy 2007-08-31 10:59:26 -07:00
  • c85c8eede3 Add 'test' target to makefiles. Hook up ipautil tests to run. Kevin McCarthy 2007-09-04 10:22:45 -07:00
  • de96b9a9da Megre in form upstream Simo Sorce 2007-08-30 19:42:39 -04:00
  • 12b46527c6 Complete autodiscovery with autoconfiguration The code is still not perfect and rely on a yet unreleased nss_ldap package that fix dns discovery problems within nss_ldap itself. Also the manipulation of krb5.conf need to be improved Simo Sorce 2007-08-30 19:40:54 -04:00
  • 90a34f3865 Add auto-suggest for uid and email fields. Kevin McCarthy 2007-08-30 15:10:48 -07:00
  • 59f843517d Add scriptaculous effects library (will add more if they become necessary). Scriptaculous <http://script.aculo.us/> is released under an MIT license. Kevin McCarthy 2007-08-30 15:05:12 -07:00
  • a9b9a55392 Fix copy&paste error, its not the conf files we need access to, we need to access the generated keytabs Simo Sorce 2007-08-30 15:31:27 -04:00
  • a8fe485065 Integrate corrections pointed out on the list Simo Sorce 2007-08-30 12:23:39 -04:00
  • bebc413366 Finalize DIT, this is waht we are probably going to have in the end, or something very close to this one Add default groups and admin user Simo Sorce 2007-08-29 18:07:05 -04:00
  • 46eeca740e Merge in with upstream Simo Sorce 2007-08-28 10:46:03 -04:00
  • 4702eb9075 Initial configuration library import Simo Sorce 2007-08-28 10:44:43 -04:00
  • 09621f1319 Added freeipa logo. Karl MacMillan 2007-08-30 17:38:25 -04:00
  • f0ebdce024 Fix copy&paste error, its not the conf files we need access to, we need to access the generated keytabs Simo Sorce 2007-08-30 15:31:27 -04:00
  • a57fe697a7 Fix python-ldap attribution for cidict. Kevin McCarthy 2007-08-27 09:49:35 -07:00
  • 50450d6acb UI cleanup Kevin McCarthy 2007-08-29 16:49:46 -07:00
  • e9bd8dee3b Change user search to be asynchronous. This way it returns results even if the search times out. The find_users() search now returns a counter as the first result, which is set to -1 if the results are partial. Kevin McCarthy 2007-08-28 16:01:07 -07:00
  • ef2dc5cefa Changes for larger data demo. Add fields to search results Put result() call inside try block - it's throwing an exception Trap ADMINLIMIT and SIZELIMIT exceptions Kevin McCarthy 2007-08-28 09:20:12 -07:00
  • eebaa73d3d Implement delete users and groups Implement adding a group to a group Some other small fixups Add new cmd-line tool ipa-delgroup rcritten@redhat.com 2007-08-28 13:52:08 -04:00
  • 6eea6664e0 This patch wraps binary data in an xmlrpclib Binary object. This removes the need for LDIF conversion. It will make TurboGears direct code faster, but should keep xmlrpc about the same speed. Karl MacMillan 2007-08-28 09:58:10 -04:00
  • e31b526c81 Enhanced user search: - "configurable" fields to search on - tokenize search words - prioritize exact matches over partial matches - split match filter generation into a re-usable function. Other updates: - use finally block to return ldap connections - update web gui to use new get_user methods Kevin McCarthy 2007-08-27 11:30:26 -07:00
  • f437ecfad1 Fix minor error in previous patch. Karl MacMillan 2007-08-28 09:50:43 -04:00
  • a5b7e3f56b Include any LDAP error strings in XML-RPC Fault exceptions Put a try/except around attempts to determine user uniqueness rcritten@redhat.com 2007-08-27 13:45:28 -04:00
  • c7c8aa0926 Add ipautil, which contains CIDict - a case insensitive dict. This version of the cidict extends the dict class, which allows it to play nicely with turbogears. Also includes extensive tests. Kevin McCarthy 2007-08-24 10:31:45 -07:00
  • 861cda3cb5 Initial support for Groups Create separate object for Users and Groups (using same base class) Check for uniqueness before adding new users and groups Remove user_container from everything but add operations Abstract out a number of functions that are common across users and groups Make sure all strings passed in to be in a filter are checked Add new error message: No modifications specified rcritten@redhat.com 2007-08-24 15:42:56 -04:00
  • 240a99b6f3 Move add user logic to the server side rcritten@redhat.com 2007-08-23 11:57:25 -04:00
  • 8879ee173e Handle optional arguments by using the value __NONE__ over XML-RPC. rpcclient.py must call XML-RPC functions with all arguments. Removed encode_args and decode_args. They were the source of most of the argument pain. Now opts is alwyas appended to the end of the arguments so MUST be the last argument in any server-side function (can be None) Allow the User object to handle unicode data Small fixes to command-line tools to be friendlier Broke out get_user() into get_user_by_dn() and get_user_by_uid() Need to request more than just 'nsAccountLock' attribute when trying to see if a user is already marked deleted. If it is blank the record coming back is empty. Add 'uid' to the list to guarantee something coming back (dn is handled specially) Added user_container attribute to get_user_* and add_user so the caller can specify where in the tree the user will be searched for/added. Added global default value for user_container rcritten@redhat.com 2007-08-23 09:44:00 -04:00
  • 23508d33b5 Add DS task to fix up memberof, turn debug build back on Pete Rowley 2007-08-21 12:41:32 -07:00
  • 7691653c0a Create ipaerror module. Move LDAPError trapping/conversion into the ipaldap module. Fix xmlrpc layer to encode/decode ipaerrors properly. Also, implement mid-air collision exception for updates. Kevin McCarthy 2007-08-22 10:30:51 -07:00
  • a8f302aa9f Move ldap search filter escaping into the funcs.py layer. Kevin McCarthy 2007-08-21 14:26:36 -07:00
  • ac926646ea Fix escaping code, missing "unicode" string identifier in one of the value comparisons Simo Sorce 2007-08-21 16:25:02 -04:00
  • f5e30866d1 Escape search input. Search by uid and cn. Kevin McCarthy 2007-08-20 14:23:23 -07:00
  • 6b69d9cc46 Remove auto-wildcarding of uid search. Remove list users link. Kevin McCarthy 2007-08-20 13:14:00 -07:00
  • 4c8f2346a0 Improved modlist generator. Kevin McCarthy 2007-08-20 16:18:12 -07:00
  • cb03961ff1 Convert add_user to take a user instead of a dict. Kevin McCarthy 2007-08-20 12:10:50 -07:00
  • c113d932b1 Move utf-8 conversion inside user.py (for updates). Kevin McCarthy 2007-08-20 11:39:04 -07:00
  • 66d3f1e730 Embed origiginal values inside user, and have update_user pass in a user object. Based on rcrit's original patch. Push scalar to list value conversion inside funcs.py. Kevin McCarthy 2007-08-20 10:50:11 -07:00
  • 5f0f192ae3 change strings to be encoded using value.encode("utf-8"). fix update to set 'cn' instead of 'sn'. remove str() in funcs.add_user(). Kevin McCarthy 2007-08-17 15:32:05 -07:00