Commit Graph

753 Commits

Author SHA1 Message Date
Martin Stockhammer 4e4e3428c4 Fixing X-Forwarded-Host header handling 2017-05-10 22:59:51 +02:00
olivier lamy 396694765f formatting
Signed-off-by: olivier lamy <olamy@apache.org>
2017-05-08 21:18:13 +10:00
olivier lamy 69c41ad38b add some logs
Signed-off-by: olivier lamy <olamy@apache.org>
2017-05-08 21:17:54 +10:00
Martin Stockhammer 1b13cbd019 Changing to list based request validation configuration 2017-04-28 00:29:50 +02:00
olivier lamy 99a075f25f last parent snapshot
Signed-off-by: olivier lamy <olamy@apache.org>
2017-04-26 09:30:43 +10:00
olivier lamy c46c26948d a bit more details for debug
Signed-off-by: olivier lamy <olamy@apache.org>
2017-04-25 21:43:37 +10:00
olivier lamy 91cc4675a1 exclude Jenkinsfile from rat
Signed-off-by: olivier lamy <olamy@apache.org>
2017-04-25 09:53:33 +10:00
olivier lamy 28234b5ef8 display maven error
Signed-off-by: olivier lamy <olamy@apache.org>
2017-04-25 09:53:33 +10:00
olivier lamy 25056909d6 add simple Jenkinsfile
Signed-off-by: olivier lamy <olamy@apache.org>
2017-04-25 09:53:33 +10:00
Martin Stockhammer 53d0ccaaf3 [maven-release-plugin] prepare for next development iteration 2017-04-20 21:04:30 +02:00
Martin Stockhammer 966bb86695 [maven-release-plugin] prepare release redback-2.5 2017-04-20 21:04:21 +02:00
Martin Stockhammer f09d251960 Changing to new parent pom version 17 2017-04-20 20:58:12 +02:00
Martin Stockhammer a3ee32699b [MRM-1937] Prevent creation of wrong initial admin
Throws a error, if the admin user has the wrong name.
2017-04-14 21:01:39 +02:00
Martin Stockhammer db185cb79d Adding some information about redback configuration settings 2017-03-18 18:33:14 +01:00
Martin Stockhammer a6ee0f8770 Fixing tests for rest services 2017-03-11 11:12:59 +01:00
Martin Stockhammer d9146ce8ab Fixing bad import 2017-03-09 20:07:03 +01:00
Martin Stockhammer 6a6b7bb939 Adding token validation to interceptor 2017-02-12 20:47:14 +01:00
Martin Stockhammer 98c98b3979 Adding log statements 2017-02-12 18:44:55 +01:00
Martin Stockhammer 461b7e98f8 Adding validationToken to toString method 2017-02-12 17:12:41 +01:00
Martin Stockhammer a6ceb38469 Using random iv vector to generate unique tokens for each login 2017-02-12 17:09:15 +01:00
Martin Stockhammer de5816adf0 Adding validation token generator got login 2017-02-12 14:02:01 +01:00
Martin Stockhammer e9bc481884 Adding port check for Referer header 2017-01-30 22:42:33 +01:00
Martin Stockhammer 95f1b3e430 Implementing Header verification for REST API calls
Implementing header verification techniques mentioned in:
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Verifying_Same_Origin_with_Standard_Headers
2017-01-30 20:37:15 +01:00
Martin Stockhammer 78d822d145 Fixing validation error in unit tests 2016-10-16 17:18:42 +02:00
Martin Stockhammer 2aa6cdf6c6 Adding flag for authenticator to avoid autowiring exceptions
Adds a isValid() method to the authenticator to avoid exceptions during
initialization.
2016-10-16 17:18:42 +02:00
Ciprian Ciubotariu c9ca73b94c Use NamingManager instead of LdapCtxFactory
Fixes deprecation warnings on LdapCtxFactory
2016-10-03 18:32:52 +03:00
olivier lamy c49cb230eb unused imports
Signed-off-by: olivier lamy <olamy@apache.org>
2016-09-28 12:44:40 +10:00
olivier lamy d17c6ffb9d use last parent snapshot
Signed-off-by: olivier lamy <olamy@apache.org>
2016-09-14 22:00:41 +10:00
olivier lamy 11b2cdbae0 Merge branch 'pr/10'
[MRM-1923] merge pr
2016-09-13 10:55:00 +10:00
olivier lamy 8e98a8aa9e Merge branch 'pr/9'
closed #9
[MRM-1908] Logged on users can write any repository
2016-09-13 10:49:27 +10:00
olivier lamy 87e1950057 Merge branch 'pr/7'
close #7
2016-09-09 21:47:52 +10:00
olivier lamy 780b1b7bb7 Merge branch 'pr/6' #6
close #6
2016-09-09 21:46:39 +10:00
Martin Stockhammer 5ce2714a37 Fixing bind issue with certain ldap servers, when user not found
Subsequent calls of NamingResult#hasMoreElements returns different values in some
environments and situations.
e.g. it occured on IBM JDK 7 with Windows Active Directory LDAP when the first value of 'hasMoreElements'
was false.
The first value is cached now.
2016-09-09 10:03:27 +02:00
Martin Stockhammer 796af57be2 Adding parameter references in authorization resource
In certain cases the resource must be dynamically set by parameter values.
This patch allows to add a reference into the resource field of the redback
annotation '{parameterName}' that fills the resource of the permission dynamically
with the parameter value, if found.
2016-09-09 09:40:29 +02:00
Ciprian Ciubotariu 3ef0e5931e Beautify case of default ldap group attribute
More of a style issue, since attribute descriptions are case insensitive
according to RFC4512.
2016-09-07 16:28:04 +03:00
Ciprian Ciubotariu 0dc00492ed Ignore Netbeans artifacts 2016-09-07 00:30:14 +03:00
olivier lamy c02519d5a6 change target back to 1.6 2016-07-20 23:54:43 +02:00
olivier lamy e2909f2956 [MRM-1827] Redback core fail with jdk 1.7 (compiler target 1.7) use new bcel 6.0 2016-07-20 23:37:47 +02:00
olivier lamy 3d266df48d [maven-release-plugin] prepare for next development iteration 2016-05-20 12:55:38 +10:00
olivier lamy 530fa8a468 [maven-release-plugin] prepare release redback-2.4 2016-05-20 12:55:09 +10:00
olivier lamy f012c5608a fix javadoc error
Signed-off-by: olivier lamy <olamy@apache.org>
2016-05-20 12:44:56 +10:00
olivier lamy 68e3f318b7 use staged released parent pom
Signed-off-by: olivier lamy <olamy@apache.org>
2016-05-20 12:02:21 +10:00
Eric Barboni 4e378769a8 change style and template to have a kind of enunciate 1.x style that we can use 2015-11-13 18:25:40 +01:00
Mat Jaggard ae4d7f775e Fixed issue with syntax for filter 2015-10-23 13:35:31 +01:00
Mat Jaggard e546fe3bc0 Allowing filtering of LDAP groups 2015-10-23 11:01:44 +01:00
Olivier Lamy 7142138dcc disable travis build with 1.8 as does not work 2015-09-25 16:03:56 +10:00
Olivier Lamy 108e8b9476 last parent with bundle plugin last version 2015-09-25 15:51:27 +10:00
Olivier Lamy 070bc64fb0 rat ignore travis file 2015-09-25 15:33:45 +10:00
Olivier Lamy 8de53f5165 add travis file 2015-09-25 15:26:43 +10:00
Olivier Lamy fe76316f2d slf4j upgrade 2015-09-08 21:02:11 +10:00